| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Apr 2023 17:20:32 -0500
From: Rob Herring <robh@...nel.org>
To: Dmitry Rokosov <ddrokosov@...rdevices.ru>
Cc: krzysztof.kozlowski@...aro.org, apw@...onical.com, joe@...ches.com,
dwaipayanray1@...il.com, lukas.bulwahn@...il.com,
kernel@...rdevices.ru, linux-kernel@...r.kernel.org,
rockosov@...il.com
Subject: Re: [PATCH v4] checkpatch: introduce proper bindings license check
On Fri, Mar 31, 2023 at 7:10 AM Dmitry Rokosov <ddrokosov@...rdevices.ru> wrote:
>
> All headers from 'include/dt-bindings/' must be verified by checkpatch
> together with Documentation bindings, because all of them are part of
> the whole DT bindings system.
>
> The requirement is dual licensed and matching patterns:
> * Schemas:
> /GPL-2\.0(?:-only)? (?:OR|or) BSD-2-Clause/
> * Headers:
> /GPL-2\.0(?:-only)? (?:OR|or) \S+/
>
> Above patterns suggested by Rob at:
> https://lore.kernel.org/all/CAL_Jsq+-YJsBO+LuPJ=ZQ=eb-monrwzuCppvReH+af7hYZzNaQ@mail.gmail.com
>
> The issue was found during patch review:
> https://lore.kernel.org/all/20230313201259.19998-4-ddrokosov@sberdevices.ru/
>
> Signed-off-by: Dmitry Rokosov <ddrokosov@...rdevices.ru>
> ---
> Changes v4 since v3 at [3]:
> - introduce separate pattern for dt-bindings headers following Rob's
> suggestion
>
> Changes v3 since v2 at [2]:
> - replace 'not =~' expression with '!~' to be aligned with other
> checkpatch lines
>
> Changes v2 since v1 at [1]:
> - include/dt-bindings check is aligned to open parens
> - introduce more strict pattern for bindings license:
> /GPL-2\.0(?:-only|-or-later|\+)? (?:OR|or) BSD-2-Clause/
>
> Links:
> [1] https://lore.kernel.org/all/20230317201621.15518-1-ddrokosov@sberdevices.ru/
> [2] https://lore.kernel.org/all/20230320100027.27788-1-ddrokosov@sberdevices.ru/
> [3] https://lore.kernel.org/all/20230320203350.13696-1-ddrokosov@sberdevices.ru/
> ---
> scripts/checkpatch.pl | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index 78cc595b98ce..31f49bbe5458 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -3710,7 +3710,7 @@ sub process {
> "'$spdx_license' is not supported in LICENSES/...\n" . $herecurr);
> }
> if ($realfile =~ m@...cumentation/devicetree/bindings/@ &&
> - not $spdx_license =~ /GPL-2\.0.*BSD-2-Clause/) {
> + $spdx_license !~ /GPL-2\.0(?:-only)? (?:OR|or) BSD-2-Clause/) {
I think SPDX expects capital OR only. Even if not, I don't think we
need to allow either.
> my $msg_level = \&WARN;
> $msg_level = \&CHK if ($file);
> if (&{$msg_level}("SPDX_LICENSE_TAG",
> @@ -3720,6 +3720,11 @@ sub process {
> $fixed[$fixlinenr] =~ s/SPDX-License-Identifier: .*/SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)/;
> }
> }
> + if ($realfile =~ m@...clude/dt-bindings/@ &&
> + $spdx_license !~ /GPL-2\.0(?:-only)? (?:OR|or) \S+/) {
> + WARN("SPDX_LICENSE_TAG",
> + "DT binding headers should be licensed (GPL-2.0-only OR .*)\n" . $herecurr);
> + }
> }
> }
> }
> --
> 2.36.0
>
Powered by blists - more mailing lists