lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <m3bl7v6er0.fsf@t19.piap.pl>
Date:   Thu, 24 Jun 2021 06:57:55 +0200
From:   Krzysztof Hałasa <khalasa@...p.pl>
To:     Kieran Bingham <kieran.bingham@...asonboard.com>
Cc:     Mauro Carvalho Chehab <mchehab@...nel.org>,
        linux-media@...r.kernel.org, linux-kernel@...r.kernel.org,
        Laurent Pinchart <laurent.pinchart@...asonboard.com>
Subject: Re: [RFC v2] MEDIA: Driver for ON Semi AR0521 camera sensor

Hi Kieran, and others,

Kieran Bingham <kieran.bingham@...asonboard.com> writes:

>>> The work is not published under GPL.
>
> This seems like an odd thing to say when your patch explicitly contains:
>
>> +++ b/drivers/media/i2c/ar0521.c
>> @@ -0,0 +1,1060 @@
>> +// SPDX-License-Identifier: GPL-2.0

Such tags have meaning only in the kernel context, when signed-off etc.
Alone, they aren't legal statements, especially when I explicitly state
that it's not signed-off-by me yet. Nevertheless...

Obviously, this code was always meant to be GPLed and it seems really
crazy to me that we even have to have such conversations - about
a non issue, at least from my POV.

The fact is that 6 years ago I wrote driver for a SDTV frame grabber -
and another developer "took" the development from me, and published as
his own. This wasn't probably illegal - after all my driver was covered
by the GPL from the start. But was it really how we all want things to
work in Linux? With such experience, is anybody surprised I want to
avoid this history repeating itself?

For other patches I don't care about such formalities, but this driver
is a work paid by an external entity and it would be unfortunate to
end up the same way as the tw686x driver.


I stated multiple times I will sign this code off when it's accepted.
Is it really a problem? Really?

If so... perhaps there is some other way?

I'd hate to think that the next time I'm to keep my code unpublished.
-- 
Krzysztof Hałasa

Sieć Badawcza Łukasiewicz
Przemysłowy Instytut Automatyki i Pomiarów PIAP
Al. Jerozolimskie 202, 02-486 Warszawa

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ