| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241114103133.547032-6-ukleinek@kernel.org>
Date: Thu, 14 Nov 2024 11:31:34 +0100
From: Uwe Kleine-König <ukleinek@...nel.org>
To: Luis Chamberlain <mcgrof@...nel.org>
Cc: Werner Sembach <wse@...edocomputers.com>,
tux@...edocomputers.com,
Petr Pavlu <petr.pavlu@...e.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
Daniel Gomez <da.gomez@...sung.com>,
linux-modules@...r.kernel.org,
linux-kernel@...r.kernel.org,
Thorsten Leemhuis <linux@...mhuis.info>
Subject: [PATCH 2/2] module: Block modules by Tuxedo from accessing GPL symbols
Tuxedo licenses the modules used on their hardware under GPLv3+, to
"keep control of the upstream pacing" – and want to re-license the code
while upstreaming.
They were asked to then at least not use MODULE_LICENSE("GPL") which
declares compatibility to the kernel's GPLv2. They accepted the pull
request and shortly after reverted the change and so continue to lie
about the license.
So teach the module loader that these modules are proprietary despite
their declaration to be GPLv2 compatible "until the legal stuff is
sorted out".
Link: https://gitlab.com/tuxedocomputers/development/packages/tuxedo-drivers/-/commit/a8c09b6c2ce6393fe39d8652d133af9f06cfb427
Signed-off-by: Uwe Kleine-König <ukleinek@...nel.org>
---
kernel/module/main.c | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
diff --git a/kernel/module/main.c b/kernel/module/main.c
index 878191c65efc..46badbb09d5e 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -2338,6 +2338,39 @@ static const char *module_license_offenders[] = {
/* lve claims to be GPL but upstream won't provide source */
"lve",
+
+ /*
+ * Tuxedo distributes their kernel modules under GPLv3, but intentially
+ * lies in their MODULE_LICENSE() calls.
+ * See https://gitlab.com/tuxedocomputers/development/packages/tuxedo-drivers/-/commit/a8c09b6c2ce6393fe39d8652d133af9f06cfb427
+ */
+ "gxtp7380",
+ "ite_8291",
+ "ite_8291_lb",
+ "ite_8297",
+ "ite_829x",
+ "stk8321",
+ "tuxedo_compatibility_check",
+ "tuxedo_io",
+ "tuxedo_nb02_nvidia_power_ctrl",
+ "tuxedo_nb04_keyboard",
+ "tuxedo_nb04_wmi_ab",
+ "tuxedo_nb04_wmi_bs",
+ "tuxedo_nb04_sensors",
+ "tuxedo_nb04_power_profiles",
+ "tuxedo_nb04_kbd_backlight",
+ "tuxedo_nb05_keyboard",
+ "tuxedo_nb05_kbd_backlight",
+ "tuxedo_nb05_power_profiles",
+ "tuxedo_nb05_ec",
+ "tuxedo_nb05_sensors",
+ "tuxedo_nb05_fan_control",
+ "tuxi_acpi",
+ "tuxedo_tuxi_fan_control",
+ "clevo_wmi",
+ "tuxedo_keyboard",
+ "clevo_acpi",
+ "uniwill_wmi",
};
/*
--
2.45.2
Powered by blists - more mailing lists