| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Feb 2019 17:27:44 +1100
From: Ben Finney <bignose@...ian.org>
To: Martin Steigerwald <Martin.Steigerwald@...act.de>
Cc: Domenico Andreoli <cavok@...ian.org>, 919356@...s.debian.org,
Kristian Fiskerstrand <k_f@...too.org>,
Ben Finney <bignose@...ian.org>,
Nadia Yvette Chambers <nyc@...omorphy.com>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
"debian-legal\@lists.debian.org" <debian-legal@...ts.debian.org>,
"linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
Jens Axboe <jens.axboe@...cle.com>,
Jens Axboe <axboe@...nel.dk>
Subject: Re: Bug#919356: Licensing of include/linux/hash.h
Martin Steigerwald <Martin.Steigerwald@...act.de> writes:
> Well the file has in its header:
>
> /* Fast hashing routine for a long.
> (C) 2002 William Lee Irwin III, IBM */
>
> /*
> * Knuth recommends primes in approximately golden ratio to the maximum
> * integer representable by a machine word for multiplicative hashing.
> * Chuck Lever verified the effectiveness of this technique:
> * http://www.citi.umich.edu/techreports/reports/citi-tr-00-1.pdf
> *
> * These primes are chosen to be bit-sparse, that is operations on
> * them can use shifts and additions instead of multiplications for
> * machines where multiplications are slow.
> */
>
> It has been quite a while ago. I bet back then I did not regard this
> as license information since it does not specify a license. Thus I
> assumed it to be GPL-2 as the other files which have no license boiler
> plate. I.e.: Check file is it has different license, if not, then
> assume it has license as specified in COPYING.
>
> Not specifying a license can however also mean in this context that it
> has no license as the file contains copyright information from another
> author.
If a work (even one file) “has no license”, that means no special
permissions are granted and normal copyright applies: All rights
reserved, i.e. not redistributable. So, no license is grounds to
consider a work non-free and non-redistributable.
If, on the other hand, the file is to be free software, there would need
to be a clear grant of some free software license to that work.
Given the confusion over this file, I would consider it a significant
risk to just assume we have GPLv2 permissions without being told that
explicitly by the copyright holder. Rather, the reason we are seeking a
clearly-granted free license for this one file, is because we are trying
to replace a probably non-free file with the same code in it.
It seems we need to keep looking, and in the meantime assume we have no
free license in this file.
--
\ “If the desire to kill and the opportunity to kill came always |
`\ together, who would escape hanging?” —Mark Twain, _Following |
_o__) the Equator_ |
Ben Finney <bignose@...ian.org>
Powered by blists - more mailing lists