lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 9 Nov 2017 09:16:59 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Dave Chinner <david@...morbit.com>
Cc:     "Darrick J. Wong" <darrick.wong@...cle.com>,
        Christoph Hellwig <hch@...radead.org>,
        Eric Sandeen <sandeen@...hat.com>,
        xfs <linux-xfs@...r.kernel.org>, linux-kernel@...r.kernel.org
Subject: Re: WTF? Re: [PATCH] License cleanup: add SPDX GPL-2.0 license
 identifier to files with no license

On Thu, Nov 09, 2017 at 10:47:04AM +1100, Dave Chinner wrote:
> On Tue, Nov 07, 2017 at 07:29:03PM +0100, Greg Kroah-Hartman wrote:
> > On Tue, Nov 07, 2017 at 09:20:42AM -0800, Darrick J. Wong wrote:
> > > On Tue, Nov 07, 2017 at 08:39:40AM +0100, Greg Kroah-Hartman wrote:
> > > > On Mon, Nov 06, 2017 at 11:20:40PM -0800, Christoph Hellwig wrote:
> > > > > NAK, for both the libxfs patch and the kernel one.
> > > > 
> > > > What libxfs patch?  And what "kernel one" are you referring to here?
> > > > 
> > > > > I wrote the file and it has no copyright header because it conatians
> > > > > trivial, non-copyrightable code.
> > > > 
> > > > What file exactly?
> > > > 
> > > > And from what I know, there is nothing that is "non-copyrightable".
> > > > 
> > > > And this isn't changing the copyright of _ANYTHING_ it is just putting
> > > > the explicit license of the file, on each file in the kernel, because it
> > > > needs to be tracked.
> > > > 
> > > > > I don't know why people think they can touch license information on
> > > > > files I've written without even asking me.
> > > > 
> > > > Nothing was changed, the license should be the exact same as it was
> > > > before.  But as I don't know what file you are referring to here, it's a
> > > > bit hard to determine what you are talking about exactly :(
> > > 
> > > fs/xfs/libxfs/xfs_cksum.h
> > 
> > Given that it had no license text on it at all, it "defaults" to GPLv2,
> > so the GPLv2 SPDX identifier was added to it.
> 
> I'll point out here that this file is shared with a userspace
> package that has a mixed LGPL/GPL code base, so even if we disregard
> what Christoph says, this file could actually be LGPL (like
> fs/xfs/libxfs/xfs_fs.h) and not GPL. So from that perspective alone,
> your process on deciding what license tag should be used is
> flawed and these changes needed, at minimum, maintainer review.
> 
> IMO, unannounced, unreviewed tree wide change via a back-door
> commits sent straight to Linus reek of an attempt to avoid review
> and oversight.

This was not unannounced, it was posted to lkml and discussed at the
kernel summit ahead of time.

> And that is *completely unacceptible* when making claims about
> important details like licenses for *code you do not know anything
> about*. 

When a file does not have a license, again, all lawyers I have worked
with said it is implicitly GPLv2, so we did the best we knew how at the
time.  If we got a few files wrong, please fix them up, I hit 11k files
at once here.

And how an internal file is shared with userspace is, to be fair,
completely strange, you have to agree :)

> We have a documented process for a reason: to stop shit like this
> from happening. 
> 
> > No copyright was changed, nothing at all happened except we explicitly
> > list the license of the file, instead of it being "implicit" before.
> 
> You keep saying "no copyright has changed", despite being given an
> explicit statement by the code author that this is *exactly what you
> have done*.

Again, no, the copyright was not changed.  Whom ever held the original
copyright still holds it today.

thanks,

greg k-h

Powered by blists - more mailing lists