lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190430105130.24500-3-hch@lst.de>
Date:   Tue, 30 Apr 2019 06:51:29 -0400
From:   Christoph Hellwig <hch@....de>
To:     Jonathan Corbet <corbet@....net>,
        Thomas Gleixner <tglx@...utronix.de>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Kate Stewart <kstewart@...uxfoundation.org>,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 2/3] LICENSES: Clearly mark dual license only licenses

Just like the CDDL the Apache license and the MPL must only be used as
a choice in additional to an GPL2 compatible license.  Copy over the
boilerplate from the CDDL file to the other two after fixing it up to
make it clear the licenses need to be GPL2 compatible, not just the
more generic GPL compatible.  For example the Apache 2 license is GPL3
compatible, but that doesn't matter for the kernel.

Also move these licenses to a separate directory and document the rules
in license-rules.rst.

Signed-off-by: Christoph Hellwig <hch@....de>
---
 Documentation/process/license-rules.rst | 51 ++++++++++++++++++++++++-
 LICENSES/{other => dual}/Apache-2.0     |  4 ++
 LICENSES/{other => dual}/CDDL-1.0       |  4 +-
 LICENSES/{other => dual}/MPL-1.1        |  4 ++
 4 files changed, 60 insertions(+), 3 deletions(-)
 rename LICENSES/{other => dual}/Apache-2.0 (97%)
 rename LICENSES/{other => dual}/CDDL-1.0 (99%)
 rename LICENSES/{other => dual}/MPL-1.1 (99%)

diff --git a/Documentation/process/license-rules.rst b/Documentation/process/license-rules.rst
index ade495fe6811..507b695fa9da 100644
--- a/Documentation/process/license-rules.rst
+++ b/Documentation/process/license-rules.rst
@@ -281,7 +281,56 @@ kernel, can be broken down into:
 
 |
 
-3. _`Exceptions`:
+3. Dual Licensing Only
+
+   These licenses should only be used to dual license code with another
+   license in addition to a preferred license.  These licenses are available
+   from the directory::
+
+      LICENSES/dual/
+
+   in the kernel source tree.
+
+   The files in this directory contain the full license text and
+   `Metatags`_.  The file names are identical to the SPDX license
+   identifier which shall be used for the license in source files.
+
+   Examples::
+
+      LICENSES/dual/MPL-1.1
+
+   Contains the Mozilla Public License version 1.1 license text and the
+   required metatags::
+
+      LICENSES/dual/Apache-2.0
+
+   Contains the Apache License version 2.0 license text and the required
+   metatags.
+
+   Metatags:
+
+   The metatag requirements for 'other' licenses are identical to the
+   requirements of the `Preferred licenses`_.
+
+   File format example::
+
+      Valid-License-Identifier: MPL-1.1
+      SPDX-URL: https://spdx.org/licenses/MPL-1.1.html
+      Usage-Guide:
+        Do NOT use. The MPL-1.1 is not GPL2 compatible. It may only be used for
+        dual-licensed files where the other license is GPL2 compatible.
+        If you end up using this it MUST be used together with a GPL2 compatible
+        license using "OR".
+        To use the Mozilla Public License version 1.1 put the following SPDX
+        tag/value pair into a comment according to the placement guidelines in
+        the licensing rules documentation:
+      SPDX-License-Identifier: MPL-1.1
+      License-Text:
+        Full license text
+
+|
+
+4. _`Exceptions`:
 
    Some licenses can be amended with exceptions which grant certain rights
    which the original license does not.  These exceptions are available
diff --git a/LICENSES/other/Apache-2.0 b/LICENSES/dual/Apache-2.0
similarity index 97%
rename from LICENSES/other/Apache-2.0
rename to LICENSES/dual/Apache-2.0
index 7cd903f573e5..6e89ddeab187 100644
--- a/LICENSES/other/Apache-2.0
+++ b/LICENSES/dual/Apache-2.0
@@ -1,6 +1,10 @@
 Valid-License-Identifier: Apache-2.0
 SPDX-URL: https://spdx.org/licenses/Apache-2.0.html
 Usage-Guide:
+  Do NOT use. The Apache-2.0 is not GPL2 compatible. It may only be used
+  for dual-licensed files where the other license is GPL2 compatible.
+  If you end up using this it MUST be used together with a GPL2 compatible
+  license using "OR".
   To use the Apache License version 2.0 put the following SPDX tag/value
   pair into a comment according to the placement guidelines in the
   licensing rules documentation:
diff --git a/LICENSES/other/CDDL-1.0 b/LICENSES/dual/CDDL-1.0
similarity index 99%
rename from LICENSES/other/CDDL-1.0
rename to LICENSES/dual/CDDL-1.0
index 25f614276ddd..b0ca1016db79 100644
--- a/LICENSES/other/CDDL-1.0
+++ b/LICENSES/dual/CDDL-1.0
@@ -1,8 +1,8 @@
 Valid-License-Identifier: CDDL-1.0
 SPDX-URL: https://spdx.org/licenses/CDDL-1.0.html
 Usage-Guide:
-  Do NOT use. The CDDL-1.0 is not GPL compatible. It may only be used for
-  dual-licensed files where the other license is GPL compatible.
+  Do NOT use. The CDDL-1.0 is not GPL2 compatible. It may only be used for
+  dual-licensed files where the other license is GPL2 compatible.
   If you end up using this it MUST be used together with a GPL2 compatible
   license using "OR".
   To use the Common Development and Distribution License 1.0 put the
diff --git a/LICENSES/other/MPL-1.1 b/LICENSES/dual/MPL-1.1
similarity index 99%
rename from LICENSES/other/MPL-1.1
rename to LICENSES/dual/MPL-1.1
index 568b6049efe6..61706859e1b2 100644
--- a/LICENSES/other/MPL-1.1
+++ b/LICENSES/dual/MPL-1.1
@@ -1,6 +1,10 @@
 Valid-License-Identifier: MPL-1.1
 SPDX-URL: https://spdx.org/licenses/MPL-1.1.html
 Usage-Guide:
+  Do NOT use. The MPL-1.1 is not GPL2 compatible. It may only be used for
+  dual-licensed files where the other license is GPL2 compatible.
+  If you end up using this it MUST be used together with a GPL2 compatible
+  license using "OR".
   To use the Mozilla Public License version 1.1 put the following SPDX
   tag/value pair into a comment according to the placement guidelines in
   the licensing rules documentation:
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ