lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <uedhiz7luybtelifxooii5efesmpuot3bsoifdutsvt4axyror@zq37gl3x7je2>
Date: Fri, 15 Nov 2024 17:40:14 +0100
From: Uwe Kleine-König <u.kleine-koenig@...libre.com>
To: Werner Sembach <wse@...edocomputers.com>
Cc: mcgrof@...nel.org, petr.pavlu@...e.com, samitolvanen@...gle.com, 
	da.gomez@...sung.com, linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux@...mhuis.info, vv@...edocomputers.com, cs@...edo.de
Subject: Re: [PATCH v3 0/2] module: Block some modules by TUXEDO from
 accessing

Hello Werner,

On Fri, Nov 15, 2024 at 02:03:27PM +0100, Werner Sembach wrote:
> Am 15.11.24 um 13:58 schrieb Werner Sembach:
> > Following the meeting I wrote about yesterday, I now changed the license
> > of what we could change spontaniously to prove good faith.
> > 
> > I still hope that the rest can be sorted out before anything gets merged.
> > We are working on it. A clear time window would still be helpfull.
> > 
> > At Uwe. I don't know how it works if you modifiy someone elses code. I
> > removed the Signed-off-by: line and I guess you have to add it again?

The more usual thing would have been to reply to my mail saying
something like:

	All the code in tuxedo-drivers.git that Tuxedo owns the complete
	copyright for was relicensed to GPLv2+ now. (See $link)
	For the remaining code I'm working in the background towards
	relicensing.

	So please drop

		$modulelist

	from your patch of modules to block.

I'm sure with that feedback you don't risk that the original patch is
applied.

If you take someone else's patch and rework it (which IMHO should only
be done when the original submitter dropped following up to prevent
duplication of work), it's good style to explicitly mention the changes
you implemented since the patch was initially posted. And then don't
remove the S-o-b line. See 7602ffd1d5e8927fadd5187cb4aed2fdc9c47143 for
an example. I think this is (at least partly) also described in
Documentation/ somewhere.

Looking at
https://gitlab.com/tuxedocomputers/development/packages/tuxedo-drivers/-/commit/dd34594ab880ed477bb75725176c3fb9352a07eb
(which would be $link mentioned above): If you switch to GPLv2, using
the SPDX-License-Identifier should be good enough (but INAL). For sure
don't put "51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA"
in your files,
https://www.fsf.org/blogs/community/fsf-office-closing-party. Just keep

	You should have received a copy of the GNU General Public License
	along with this program; if not, see <https://www.gnu.org/licenses/>.

which is also the current suggestion by the FSF,
https://www.gnu.org/licenses/old-licenses/gpl-2.0.html.

Thanks for working on this!
Uwe

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ