lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMdYzYrNg39QmR3QDG4T5DTOht=8p4LvFon14M1J7HkEZo4KRQ@mail.gmail.com>
Date:   Wed, 7 Oct 2020 13:18:36 -0400
From:   Peter Geis <pgwipeout@...il.com>
To:     Stephen Warren <swarren@...dotorg.org>
Cc:     Dmitry Osipenko <digetx@...il.com>, Bob Ham <rah@...trans.net>,
        Stefan Agner <stefan@...er.ch>,
        Rob Herring <robh+dt@...nel.org>,
        Thierry Reding <thierry.reding@...il.com>,
        Jonathan Hunter <jonathanh@...dia.com>,
        Matt Merhar <mattmerhar@...tonmail.com>,
        Leonardo Bras <leobras.c@...il.com>,
        Michael Brougham <jusplainmike@...il.com>,
        linux-tegra@...r.kernel.org, devicetree@...r.kernel.org,
        linux-kernel@...r.kernel.org, Lukas Rusak <lorusak@...il.com>
Subject: Re: [PATCH v3 0/3] Support NVIDIA Tegra-based Ouya game console

On Wed, Oct 7, 2020 at 12:08 PM Stephen Warren <swarren@...dotorg.org> wrote:
>
>
> This definitely isn't the correct attitude to copyright.
>
> The facts[1] that Ouya published the code and that it used GPL-only
> symbols certainly does imply that they *should* have published under GPL
> or a compatible license, but doesn't mean that they definitely did. The
> only way to know that for sure is for there to be evidence in the file
> content or git history, such as license headers or Signed-off-by lines.
>
> When someone writes Signed-off-by in their code submission, which is
> required to contribute to upstream Linux, they are stating/warranting
> certain things about the code they're submitting. One aspect is that
> they definitely have the rights to submit the code under the given
> license. Without evidence to this effect, or having written the code
> themselves, nobody can state/warrant this. Take a look at the following
> link to see what you're stating/warranting when writing Signed-off-by in
> a code submission:
>
> https://developercertificate.org/
>
> [1] I haven't checked the facts.

Unfortunately the only source release I've been able to find is the
last release.
Ouya purposely purged the git history for the current source release,
it's also completely lacking in signoffs and commit history.
[1] is the commit that added this driver to their source.

Their original source release had the git history intact, but I never
got a copy of it before Ouya purged it from their repos.

[1] https://github.com/ouya/ouya_1_1-kernel/commit/407e72990e39d5c29d015e21110b9497aea2dfe3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ