lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 21 Jan 2011 21:32:36 -0500
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Daniel Walker <dwalker@...eaurora.org>
Cc:	Ted Ts'o <tytso@....edu>, Pekka Enberg <penberg@...nel.org>,
	Dima Zavin <dmitriyz@...gle.com>,
	Jesse Barnes <jbarnes@...tuousgeek.org>,
	Joe Perches <joe@...ches.com>, linux-arm-msm@...r.kernel.org,
	linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
	davidb@...eaurora.org
Subject: Re: [PATCH 0/7] Nexus One Support

On Fri, 2011-01-21 at 18:13 -0800, Daniel Walker wrote:
> On Fri, 2011-01-21 at 20:58 -0500, Steven Rostedt wrote:
> > On Fri, Jan 21, 2011 at 04:03:13PM -0800, Daniel Walker wrote:
> > > 
> > > right, but it wasn't a cherrypick which was explain in the thread. So
> > > there's no wrongs here ..
> > 
> > I'm sorry Daniel, but you are absolutely wrong!
> 
> This thread is getting way out of hand .. I think you really don't
> understand what has happened here.. That's fine tho, if you don't like
> what I've done then NAK, I'm not going to argue with any you.

Sorry for coming off a bit strong, but I've known you for a while, and
that is usually the best way to get you to understand.

I don't want to argue, but instead teach you that there is a process of
getting code into the kernel, and a etiquette (not to mention legal) way
of doing things.

If you take code from someone else, look at it, and make it work, or do
whatever changes to it. You must keep some form of authorship with the
original author. If you rewrote it completely so that it doesn't look
anything like what the original code was, then sure, its yours. But then
the copyright would belong to you.

But you stated that the copyright was not yours but googles. You are not
employed by google are you? The major problem I have with these patches
is that you got code from somewhere else but had no Signed-off-bys from
anyone. This is where legal comes in.

How do you know this code was attained legally?  Can you take sole
responsibility that the code was not stolen from non GPL code? The only
tag line in a change log that matters is that Signed-off-by. Its the one
with (sorta) legal powers. This is saying that you verify that this code
was given to you through legal means. Either that you wrote the code
yourself and are not under any contract to keep it from becoming GPL, or
you took it from someone that gave you their own Signed-off-by that you
can trust.

The biggest problem with your patch set is that it is missing the
necessary Signed-off-bys. Also, the only Signed-off-by that you can
write is your own. Someone can give you their Signed-off-by and you can
add it. There's been patches that I would not accept until the author
gave me (usually publicly) their Signed-off-by.


If you had those, I would not have written the email that I wrote.

-- Steve


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ