lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 2 Nov 2017 18:25:10 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Masahiro Yamada <yamada.masahiro@...ionext.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Kate Stewart <kstewart@...uxfoundation.org>,
        Philippe Ombredanne <pombredanne@...b.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [GIT PULL] License cleanup: add SPDX license identifiers to some
 kernel files

On Fri, Nov 03, 2017 at 02:09:02AM +0900, Masahiro Yamada wrote:
> Hi.
> 
> 
> 2017-11-03 0:16 GMT+09:00 Greg KH <gregkh@...uxfoundation.org>:
> > [resend without the full diffstat as lkml and some email systems didn't
> >  like to see emails with 12k lines...]
> >
> > Hi,
> >
> > As discussed at the Maintainers Summit last week, here is a pull request
> > that adds some SPDX license identifiers to three different classes of
> > files:
> >         - files with no license identifiers at all, but not uapi files
> >         - uapi files with no license identifiers at all
> >         - uapi files with existing license identifiers
> >
> > This "only" touched 1/6 of the files in the tree.  The remaining files
> > will be dealt with on a subsystem-by-subsystem basis over the next few
> > kernel releases.
> >
> > The full methodology of how these files were determined, and how the
> > work was done is down below in the signed tag, and in the first commit
> > of the series.
> >
> > These patches have a "new" timestamp, a few hours old, only because we
> > have revised and rewritten the changelog text many times based on lots
> > of people's inputs (lawyers included.)  The patches themselves are not
> > "new" at all and were auto-generated as described below and are based on
> > 4.14-rc6.
> >
> > Note, we had to use /* */ as the comment marker for the .h files, as
> > there are just too many .h files being included into .S files to be able
> > to try to identify which is which, so we could not use //, unlike the .c
> > files.
> 
> Please let me ask some questions.
> 
> Sorry, I am completely missing the discussion other people have had.
> 
> I dug the ML, and I was able to find some parts of
> the process of the discussion.
> 
> 
> [1]
> First, I wondered why *.c files differentiated by //.
> 
> According to the following, it is what Linus suggested to make it stand out.
> https://patchwork.kernel.org/patch/10016201/

Yes, that is why.

> [2]
> In the first patch for USB file conversion,
> https://patchwork.kernel.org/patch/10016189/
> it embedded the SPDX tag in the comment block.
> 
> In later version of the tool,
> the tag line was moved to the top of each file.
> So, probably this is the preferred style... Correct?

Right now, it doesn't really matter, the scanning tools can handle it
anywhere.  I just tried to make it more "nicer looking" for the USB
files.

For the automatic-conversion scripts, putting it at the top of the file
was the easiest thing to do.  We do have scripts to put it at the end of
the original comment block, but that can happen later for those files
that do have licenses already.  For those that don't (like this patchset
addresses), putting it at the top is the easiest.

> I am happy to follow the preferred style if any
> for my future patches.  I just want to be sure.
> 
> 
> Several DT files use SPDX.  For example,
> https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/mediatek/mt7622.dtsi
> 
> If SPDX tag at the top line is preferred, should existing files be fixed?

It doesn't really matter.

> Some projects already adopted SPDX, and the tag in the copyright block
> looks nice (at least to me)...
> https://github.com/u-boot/u-boot/blob/master/common/board_f.c
> https://github.com/ARM-software/arm-trusted-firmware/blob/master/bl31/bl31_main.c

Yes, it looks "nicer" there as well, feel free to put it anywhere in
files that you maintain, and I'll be happy :)

thanks,

greg k-h

Powered by blists - more mailing lists