lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 25 Nov 2017 20:12:23 +0100
From:   Pavel Machek <>
To:     Greg Kroah-Hartman <>,
        Linus Torvalds <>
Cc:     Philippe Ombredanne <>,
        Christoph Hellwig <>,
        Theodore Ts'o <>,
        Alan Cox <>,
        "Darrick J. Wong" <>,
        Eric Sandeen <>,
        xfs <>,
        LKML <>,
        Kate Stewart <>
Subject: Re: WTF? Re: [PATCH] License cleanup: add SPDX GPL-2.0 license
 identifier to files with no license


> > This would be even better:
> > 
> > /*
> >  * Driver for SMSC USB3503 USB 2.0 hub controller driver
> >  *
> >  * Copyright (c) 2012-2013 Dongjin Kim (
> >  */
> > ...
> > 
> > So yes, SPDX can be improvement. But in current implementation it is
> > not.
> Again, as people seem to keep still missing this point, Linus asked for
> the format to look like it does today, using // at the top.  Thomas and
> I originally did it first the way with the SPDX line in the big comment
> block.
> If you don't like the format, complain and convince him otherwise, you
> are not getting anywhere by responding to this old topic about it
> again.

Hey, Linus. This // SPDX at the begining of file looks really
ugly. Can we get something that looks less bad?

And BTW I responded to this uglyness before, but you just tried to
make me shut up, and then did not reply. Given what quality you
normally expect from patch submitters, you are doing pretty poor job

> Having it be the first line of the file is good, it's obvious, and
> stands out, which is the point, you want it to, it's a license :)

What is good about that? License is about the least interesting thing
about the file. Point of SPDX conversion (see the mail I was replying
to?) was to make license information _less_ intrusive, not more. Tools
can find SPDX anywhere in the file for the people that really care.

That's how it works in U-Boot, which people are using as example of
reasonable SPDX conversion:

 * Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 * Copyright (c) 2010-2011 NVIDIA Corporation
 *  NVIDIA Corporation <>
 * SPDX-License-Identifier:     GPL-2.0+

(cesky, pictures)

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists