lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 3 Feb 2022 16:34:01 +0300
From:   Dan Carpenter <dan.carpenter@...cle.com>
To:     Krzysztof Kozlowski <krzk@...nel.org>
Cc:     Sui Jingfeng <15330273260@....cn>,
        Lucas Stach <l.stach@...gutronix.de>,
        Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
        Maxime Ripard <mripard@...nel.org>,
        Roland Scheidegger <sroland@...are.com>,
        Zack Rusin <zackr@...are.com>,
        Christian Gmeiner <christian.gmeiner@...il.com>,
        David Airlie <airlied@...ux.ie>,
        Daniel Vetter <daniel@...ll.ch>,
        Rob Herring <robh+dt@...nel.org>,
        Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
        Andrey Zhizhikin <andrey.zhizhikin@...ca-geosystems.com>,
        Sam Ravnborg <sam@...nborg.org>,
        suijingfeng <suijingfeng@...ngson.cn>,
        linux-mips@...r.kernel.org,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        dri-devel@...ts.freedesktop.org,
        Randy Dunlap <rdunlap@...radead.org>
Subject: Re: [PATCH v6 1/3] drm/lsdc: add drm driver for loongson display
 controller

On Thu, Feb 03, 2022 at 12:29:11PM +0100, Krzysztof Kozlowski wrote:
> On Thu, 3 Feb 2022 at 12:08, Dan Carpenter <dan.carpenter@...cle.com> wrote:
> > >
> > > This does not look like compliant with GPL-2.0. You cannot call a
> > > license GPL-2.0 and restrict it with some other provisions.
> >
> > That's the MIT license.  It's not the GPL-2.0 license but it is
> > compliant.
> 
> It's compliant when included as "OR" for example in SPDX tag. The
> current solution - SPDX and MIT license text - is not the proper way
> to describe this. Otherwise one could argue that both licenses apply
> at the same time and one has to fulfill both of them, which is
> ridiculous. There is a SPDX tag for the proper case - GPL or MIT.

You're saying a bunch of different things.

We both agree that the SPDX text is confusing because it says GPL-2.0+
but it has the text from the MIT license.

"This does not look like compliant with GPL-2.0."

Wrong.  The MIT license is compatible with the GPL-2.0.

"You cannot call a license GPL-2.0 and restrict it with some other
provisions."

Wrong.  The MIT license just says you have to include the No Warranty
text.  The GPL has it's own list of requirements.  But you can combine
MIT and GPL code and easily comply with both requirements.  That's what
"compatible" means in this context.

In the kernel we have MIT licensed code which is dual licensed.  This
means that someone can take that driver and release it as closed source
software if they want.

// SPDX-License-Identifier: GPL-2.0 OR MIT

Then we also have code which was originally MIT licensed but now you
have to comply with the GPL as well.

// SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) AND MIT

These examples were cut and paste from Documentation/process/license-rules.rst

regards,
dan carpenter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ