lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 29 Mar 2020 09:24:32 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc:     Rajat Jain <rajatja@...gle.com>,
        "linux-input@...r.kernel.org" <linux-input@...r.kernel.org>,
        lkml <linux-kernel@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Rajat Jain <rajatxjain@...il.com>
Subject: Re: [PATCH] Input: input-event-codes.h: Update the deprecated license

On Sat, Mar 28, 2020 at 01:42:09PM -0700, Dmitry Torokhov wrote:
> Hi Greg,
> 
> On Sat, Mar 28, 2020 at 12:20 AM Greg Kroah-Hartman
> <gregkh@...uxfoundation.org> wrote:
> >
> > On Fri, Mar 27, 2020 at 05:48:32PM -0700, Rajat Jain wrote:
> > > >From https://spdx.org/licenses/
> > >
> > > "Release 3.0 replaced previous Identifiers for GNU licenses with more
> > > explicit Identifiers to reflect the "this version only" or "any later
> > > version" option specific to those licenses. As such, the previously used
> > > Identifiers for those licenses are deprecated as of v3.0."
> > >
> > > Replace the
> > > /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> > > with
> > > /* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
> > >
> > > Signed-off-by: Rajat Jain <rajatja@...gle.com>
> >
> > If you like reading documentation for stuff like this, how about reading
> > LICENSES/preferred/GPL-2.0 which shows that both examples are just fine
> > and we are going to stick with that for now as we don't want to do a
> > wholesale change at this point in time.
> >
> > In other words, we do not follow the 3.0 version of the SPDX spec as we
> > think it's pretty silly :)
> 
> coreboot however does follow SPDX 3.0 and would like to be able to
> consume this file without relaxing their license checks. I do not
> think we need wholesale update, but is there reason to not update this
> particular file? I am not following SPDX development, so that's why
> you got pulled in ;)

If you want to take this change because of sharing with other projects,
that's fine, but do not say that the reason you are making this change
is because it is somehow required by our use of SPDX and the updated
version.  Just say that you want to share it with other projects :)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ