lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 1 Aug 2012 22:43:42 +0100
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	dmarkh@....rr.com
Cc:	linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: MODULE_LICENSE("GPL")??

On Wed, 01 Aug 2012 17:24:33 -0400
Mark Hounschell <dmarkh@....rr.com> wrote:

> What would happen if NVIDIA used this define in their proprietary driver? I 

Ask a lawyer but I believe Nvidia has more sense than that both
politically and legally. They walk a very fine line as it is (and IMHO
the wrong side of it but one day I guess a court will figure out where
the line actually is).

> ask because I am currently in a situation where I believe I may be about to 
> use a product that may be doing this very thing. We had to sign a license 
> agreement to get the kernel driver source for this product. What we 
> received contained the kernel driver source and user land library stuff. 
> The source code for the kernel driver has MODULE_LICENSE("GPL") defined. 
> The only license info in the package received was NOT the GPL license.

You cannot combine GPL and non GPL code, and since you are aware of the
fact there is a problem then you are probably a knowing infringer, which
is not a good situation to be in (triple damages in the US). If the module
license tag says it is GPL then I would talk to your lawyer about
it - you might actually be able to argue that it is therefore GPL
but I'm not a lawyer and you *really* don't want to try that stunt without
advice!

> On this particular vendors web site they offer unrestricted downloads of 
> binary packages for their product/s that are for specific DIST kernels. But 
> to get the source requires signing a license agreement that is NOT GPL.

Talk to the Free Software Conservancy and gpl-violations.org.

Beyond that have a detailed discussion with your lawyer on the licence,
on "knowing infringment" and in particular check your insurance as most
legal insurance won't cover you in such a situation. If you redistribute
such material you are likely to also be liable, which can be very
expensive.

All of this comes down to one thing - you need to ask a lawyer legal
questions. I think you can already answer the "what happens if you get
caught" political questions. Given that maybe you don't need to ask a
lawyer but just say no ?

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ