| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Yo5f9nctTwHZqPbl@bombadil.infradead.org>
Date: Wed, 25 May 2022 09:57:26 -0700
From: Luis Chamberlain <mcgrof@...nel.org>
To: Thomas Gleixner <tglx@...utronix.de>,
Richard Fontana <fontana@...rpeleven.org>
Cc: tj@...nel.org, gregkh@...uxfoundation.org,
akpm@...ux-foundation.org, jeyu@...nel.org, shuah@...nel.org,
bvanassche@....org, dan.j.williams@...el.com, joe@...ches.com,
keescook@...omium.org, rostedt@...dmis.org, minchan@...nel.org,
linux-spdx@...r.kernel.org, linux-doc@...r.kernel.org,
linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org,
Goldwyn Rodrigues <rgoldwyn@...e.com>,
Kuno Woudt <kuno@...b.nl>,
copyleft-next@...ts.fedorahosted.org,
Ciaran Farrell <Ciaran.Farrell@...e.com>,
Christopher De Nicolo <Christopher.DeNicolo@...e.com>,
Christoph Hellwig <hch@....de>,
Jonathan Corbet <corbet@....net>,
Thorsten Leemhuis <linux@...mhuis.info>
Subject: Re: [PATCH v9 1/6] LICENSES: Add the copyleft-next-0.3.1 license
On Mon, May 23, 2022 at 11:22:36PM +0200, Thomas Gleixner wrote:
> On Fri, Oct 29 2021 at 11:44, Luis Chamberlain wrote:
> > --- /dev/null
> > +++ b/LICENSES/dual/copyleft-next-0.3.1
> > @@ -0,0 +1,237 @@
> > +Valid-License-Identifier: copyleft-next-0.3.1
> > +SPDX-URL: https://spdx.org/licenses/copyleft-next-0.3.1
> > +Usage-Guide:
> > + This license can be used in code, it has been found to be GPLv2 compatible
> > + by attorneys at Redhat and SUSE, however to air on the side of caution,
>
> air ?
Hehe, thanks I'll fix in the next spin.
> > + it's best to only use it together with a GPL2 compatible license using "OR".
>
> This paragraph is not really understandable for Joe Developer.
>
> copyleft-next-0.3.1 is explicitly compatible with GPLv2 (or later) and
> can therefore be used for kernel code. Though the best and recommended
> practice is to express this in the SPDX license identifier by
> licensing the code under both licenses expressed by the OR operator.
>
> Hmm?
Let me try clarifying this further, how about:
copyleft-next-0.3.1 is explicitly compatible with GPLv2 (or later) and
can therefore be used for kernel code. Despite this, if you use
copyleft-next-0.3.1 on Linux, the recommended practice is to express
dual licensing with GPL using in the SPDX license identifiers by
using by the OR operator.
> > + To use the copyleft-next-0.3.1 license put the following SPDX tag/value
> > + pair into a comment according to the placement guidelines in the
> > + licensing rules documentation:
> > + SPDX-License-Identifier: GPL-2.0 OR copyleft-next-0.3.1
> > + SPDX-License-Identifier: GPL-2.0-only OR copyleft-next 0.3.1
> > + SPDX-License-Identifier: GPL-2.0+ OR copyleft-next-0.3.1
> > + SPDX-License-Identifier: GPL-2.0-or-later OR copyleft-next-0.3.1
>
> Please don't propagate the GPL-2.0 and GPL-2.0+ tags. They are
> outdated (still valid) in the SPDX spec, which reminds me that I should
> update the relevant documentation...
OK thanks for the recommendation, I'll leave it at:
+ SPDX-License-Identifier: GPL-2.0 OR copyleft-next-0.3.1
+ SPDX-License-Identifier: GPL-2.0-or-later OR copyleft-next-0.3.1
Luis
Powered by blists - more mailing lists