lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Feb 2019 17:27:44 +1100 From: Ben Finney <bignose@...ian.org> To: Martin Steigerwald <Martin.Steigerwald@...act.de> Cc: Domenico Andreoli <cavok@...ian.org>, 919356@...s.debian.org, Kristian Fiskerstrand <k_f@...too.org>, Ben Finney <bignose@...ian.org>, Nadia Yvette Chambers <nyc@...omorphy.com>, Arnaldo Carvalho de Melo <acme@...hat.com>, "debian-legal\@lists.debian.org" <debian-legal@...ts.debian.org>, "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>, Jens Axboe <jens.axboe@...cle.com>, Jens Axboe <axboe@...nel.dk> Subject: Re: Bug#919356: Licensing of include/linux/hash.h Martin Steigerwald <Martin.Steigerwald@...act.de> writes: > Well the file has in its header: > > /* Fast hashing routine for a long. > (C) 2002 William Lee Irwin III, IBM */ > > /* > * Knuth recommends primes in approximately golden ratio to the maximum > * integer representable by a machine word for multiplicative hashing. > * Chuck Lever verified the effectiveness of this technique: > * http://www.citi.umich.edu/techreports/reports/citi-tr-00-1.pdf > * > * These primes are chosen to be bit-sparse, that is operations on > * them can use shifts and additions instead of multiplications for > * machines where multiplications are slow. > */ > > It has been quite a while ago. I bet back then I did not regard this > as license information since it does not specify a license. Thus I > assumed it to be GPL-2 as the other files which have no license boiler > plate. I.e.: Check file is it has different license, if not, then > assume it has license as specified in COPYING. > > Not specifying a license can however also mean in this context that it > has no license as the file contains copyright information from another > author. If a work (even one file) “has no license”, that means no special permissions are granted and normal copyright applies: All rights reserved, i.e. not redistributable. So, no license is grounds to consider a work non-free and non-redistributable. If, on the other hand, the file is to be free software, there would need to be a clear grant of some free software license to that work. Given the confusion over this file, I would consider it a significant risk to just assume we have GPLv2 permissions without being told that explicitly by the copyright holder. Rather, the reason we are seeking a clearly-granted free license for this one file, is because we are trying to replace a probably non-free file with the same code in it. It seems we need to keep looking, and in the meantime assume we have no free license in this file. -- \ “If the desire to kill and the opportunity to kill came always | `\ together, who would escape hanging?” —Mark Twain, _Following | _o__) the Equator_ | Ben Finney <bignose@...ian.org>
Powered by blists - more mailing lists