lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 8 Jan 2023 19:45:18 -0500
From:   "Theodore Ts'o" <tytso@....edu>
To:     Pavel Machek <pavel@....cz>
Cc:     Geert Uytterhoeven <geert@...ux-m68k.org>,
        kernel list <linux-kernel@...r.kernel.org>,
        Andrew Morton <akpm@...l.org>
Subject: Re: Dhrystone -- userland version

On Sun, Jan 08, 2023 at 07:47:07PM +0100, Pavel Machek wrote:
> > However, as this is not Linux-specific, how hard can it be to convince
> > your distro to include https://github.com/qris/dhrystone-deb.git?
> > Usually, when I have a full userspace available, I just clone the above,
> > and debuild it myself.
> 
> Dunno. I'd not solve it if package was in Debian, but it is not.

I would suspect the better long-term solution would be to get the
package into Debian, since that will be easier for people to use.  I
suspect the reason why most distros don't include it is because it
really is a **terrible** benchmark for most use cases.

(I'm not even convinced that using it to try to auto-tune the schedule
by including a random dhrystone number in a device tree is reallty all
that useful, but hey, I'm not a scheduler expert.)

So I took a quick look at dhrystone-deb.git, as well as the original
version of the Dhrystone source code at [1], and I do see huge red
flag show-stopper that would prevent it from getting it into Debian.

There are no copyright license notices anywhere in the source code,
and from what I can tell, it was originally published in ACM's SIGPLAN
Notices --- which even today is behind a paywall, so I presume it's
under an ACM copyright.

Which makes me wonder --- did someone get copyright clearance from ACM
and/or the original authors before this was published in a linux git
tree?  And if not, we should get this clarified before someone sends a
pull request to Linus with a potential copyright licensing problem.

     	     	      	     	       		 - Ted

[1] https://netlib.org/benchmark/dhry-c

P.S.  This is problem is not unique to Dhrystone.  This is also one of
the reasons why xfstests will probably never be packaged in Debian ---
one of the file system exerciser code has been contaminated by code
copyrighted by Avadis Tevanian while he was at NeXT, which means that
the copyright is now with Apple.  There is a much older version of
fsx.c that is fully in the public domain if I remember correctly from
the last time I looked at it.  But someone would have to do a
clean-room reimplementation of the enhancements made by Avie from the
public domain version, and then layer on all of the changes made by
SGI, and Linux developers since then.  The last time I asked about
whether SGI had managed to get copyright clearance for fsx as I recall
there was a lot of mumbling and everyone has decided to let sleeping
dogs lie.

However, there are people who use the Linux kernel who are much
touchier about copyright concerns, so if we can't build a Linux kernel
without including lib/dhrystone.c, and we don't have copyright
permission from ACM, I suspect some corporate lawyers would
be.... uneasy.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ