lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.21.1811121048400.14703@nanos.tec.linutronix.de>
Date:   Mon, 12 Nov 2018 11:06:43 -0800 (PST)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Mauro Carvalho Chehab <mchehab@...nel.org>
cc:     linux-media@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
        Alexandre Courbot <acourbot@...omium.org>,
        Hans Verkuil <hverkuil@...all.nl>,
        Hans Verkuil <hans.verkuil@...co.com>,
        Greg KH <gregkh@...uxfoundation.org>,
        Kate Stewart <kstewart@...uxfoundation.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCHv18 01/35] Documentation: v4l: document request API

Folks,

On Tue, 14 Aug 2018, Hans Verkuil wrote:
> From: Alexandre Courbot <acourbot@...omium.org>
> 
> Document the request API for V4L2 devices, and amend the documentation
> of system calls influenced by it.
> 
> Signed-off-by: Alexandre Courbot <acourbot@...omium.org>
> Signed-off-by: Hans Verkuil <hans.verkuil@...co.com>
> Reviewed-by: Mauro Carvalho Chehab <mchehab+samsung@...nel.org>

> @@ -0,0 +1,65 @@
> +.. SPDX-License-Identifier: GPL-2.0 OR GFDL-1.1-or-later WITH no-invariant-sections

It's nice that you try to use SPDX identifiers, but this is absolutely not
how it works.

We went great length to document how SPDX identifiers are to be used and
checkpatch emits a warning on this patch as well.

   WARNING: 'SPDX-License-Identifier: GPL-2.0 OR GFDL-1.1-or-later WITH no-invariant-sections' is not supported in LICENSES/...

It's well documented that the license text including metadata needs to be
available in LICENSES.

What you are doing here is just counterproductive. The SPDX work is done to
help automated license compliance. But the SPDX id above is broken and will
let tools fail.

Even if we add the GFDL1.1 to LICENSES, it's still broken because there is
no such exception 'no-invariant-section' and no, we are not going to create
it just in the kernel without having sorted that with the SPDX folks first.

Mauro, you wrote yourself in a reply to this patch:

  > Mental note: we'll need to push the no-invariant-sections upstream
  > before merging this there.

and then you went and applied it nevertheless without talking to anyone who
is involved with that SPDX effort of cleaning up the kernels licensing mess.

I'm grumpy about that particularly because you are the first person who
complains about legal implications which might affect you.

But then you go and just ignore process and legal implications and push the
crap into mainline.

Please get this sorted ASAP.

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ