lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 3 Nov 2017 02:09:02 +0900
From:   Masahiro Yamada <>
To:     Greg KH <>
Cc:     Linus Torvalds <>,
        Andrew Morton <>,
        Kate Stewart <>,
        Philippe Ombredanne <>,
        Thomas Gleixner <>,
        Linux Kernel Mailing List <>
Subject: Re: [GIT PULL] License cleanup: add SPDX license identifiers to some
 kernel files


2017-11-03 0:16 GMT+09:00 Greg KH <>:
> [resend without the full diffstat as lkml and some email systems didn't
>  like to see emails with 12k lines...]
> Hi,
> As discussed at the Maintainers Summit last week, here is a pull request
> that adds some SPDX license identifiers to three different classes of
> files:
>         - files with no license identifiers at all, but not uapi files
>         - uapi files with no license identifiers at all
>         - uapi files with existing license identifiers
> This "only" touched 1/6 of the files in the tree.  The remaining files
> will be dealt with on a subsystem-by-subsystem basis over the next few
> kernel releases.
> The full methodology of how these files were determined, and how the
> work was done is down below in the signed tag, and in the first commit
> of the series.
> These patches have a "new" timestamp, a few hours old, only because we
> have revised and rewritten the changelog text many times based on lots
> of people's inputs (lawyers included.)  The patches themselves are not
> "new" at all and were auto-generated as described below and are based on
> 4.14-rc6.
> Note, we had to use /* */ as the comment marker for the .h files, as
> there are just too many .h files being included into .S files to be able
> to try to identify which is which, so we could not use //, unlike the .c
> files.

Please let me ask some questions.

Sorry, I am completely missing the discussion other people have had.

I dug the ML, and I was able to find some parts of
the process of the discussion.

First, I wondered why *.c files differentiated by //.

According to the following, it is what Linus suggested to make it stand out.

In the first patch for USB file conversion,
it embedded the SPDX tag in the comment block.

In later version of the tool,
the tag line was moved to the top of each file.
So, probably this is the preferred style... Correct?

I am happy to follow the preferred style if any
for my future patches.  I just want to be sure.

Several DT files use SPDX.  For example,

If SPDX tag at the top line is preferred, should existing files be fixed?

Some projects already adopted SPDX, and the tag in the copyright block
looks nice (at least to me)...

Best Regards
Masahiro Yamada

Powered by blists - more mailing lists