Google CodeSeacrh for
MODULE_LICENSE.*0
and you'll see
hsfmodem-7.47.00.03x86_64full/modules/cnxthwusb_common.c - 6 identical
15: MODULE_DESCRIPTION("Conexant low-level hardware driver");
MODULE_LICENSE("GPL\0for files in the \"GPL\" directory; for others, only LICENSE file applies");
MODULE_INFO(supported, "yes");
gentoo.osuosl.org/.../hsfmodem-7.47.00.03x86_64full.tar.gz - Unknown License - C - More from hsfmodem-7.47.00.03x86_64full.tar.gz ?
It seems, hcfpcimodem-1.10full.tar.gz from
http://www.linuxant.com/drivers/hcf/full/downloads.php
also uses GPL\0 trick.
Patch is obviously not tested (and I'm not sure name is right, got it from
Ubuntu forums and tarball filename),
Does someone know internal contact so we can weed out all names and
blacklist them in bulk?
P.S.: Curiously enough, binary parts are *.O , not *.o .
Presumably, .o suffix scares their developers, while tainting
messages are busy scaring their users.
Signed-off-by: Alexey Dobriyan <[email protected]>
---
kernel/module.c | 3 +++
1 file changed, 3 insertions(+)
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1721,6 +1721,9 @@ #endif
add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
if (strcmp(mod->name, "driverloader") == 0)
add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
+ /* LinuxAnt is politely asked to stop GPL\0 idiocy. */
+ if (strcmp(mod->name, "hsfmodem") == 0)
+ add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
/* Set up MODINFO_ATTR fields */
setup_modinfo(mod, sechdrs, infoindex);
>It seems, hcfpcimodem-1.10full.tar.gz from
>http://www.linuxant.com/drivers/hcf/full/downloads.php
>also uses GPL\0 trick.
>
>Patch is obviously not tested (and I'm not sure name is right, got it from
>Ubuntu forums and tarball filename),
>
>Does someone know internal contact so we can weed out all names and
>blacklist them in bulk?
Could not we introduce some compile-time magic that makes sure no extra
NULs are present? Like...
Consider
MODULE_LICENSE("GPL\0foobar");
generating an extra symbol
static const __rodata int __module_license_length = sizeof("GPL\0foobar");
And in the module loader, check:
if(strcmp(__module_license, "GPL") == 0 &&
__module_license_length == sizeof("GPL"))
{
allow;
}
That should weed out all those pesky GPL-override attempts, without needing to
blacklist every single module. After all, HSF (or whoever else is blacklisted)
could just change their module's name from hsfmodem.ko to hsf_modem.ko, for
example.
linux/license.h could look like this:
<<<
#ifndef __LICENSE_H
#define __LICENSE_H
#define strcmpexact(given, required, length) \
(strcmp((given), (required)) == 0 && (length) == sizeof(required))
static inline int license_is_gpl_compatible(const char *license, int len)
{
return strcmpexact(license, "GPL", len) ||
strcmpexact(license, "GPL v2", len) ||
strcmpexact(license, "GPL and additional rights", len) ||
strcmpexact(license, "Dual BSD/GPL", len) ||
strcmpexact(license, "Dual MIT/GPL", len) ||
strcmpexact(license, "Dual MPL/GPL", len);
}
#undef strcmpexact
#endif
>>>
-`J'
--
Hello Ccs, hello list,
Finally a follow-up to the thread http://lkml.org/lkml/2006/11/1/170
___Abstract___
Proposed patch to prohibit loading modules that use early C string
termination ("GPL\0 for nothing, folks!") to trick the kernel believing
it is loading a GPL driver.
___Implementation___
Modules have an ELF section called ".modinfo" which is made up of a
concatenation of NUL-terminated strings (tags) of the form
"keyword=contents". When a vendor with bad intent uses
MODULE_LICENSE("GPL\0 for nothing"), the resulting modinfo data that
will be written to the object file will be "license=GPL\0for nothing\0".
When this is interpreted back again in the kernel module loader, it is
read as "license=GPL", having circumvented the loading mechanism and
having wrongfully access to GPL symbols. According to Alexey [
http://lkml.org/lkml/2006/10/27/233 ], LinuxAnt is one vendor to use
this trick.
To work against this problem, we must store the length of the actual
string as the compiler knows it. This will become really cumbersome if
implemented as a new tag inside the modinfo section. Hence I chose the
way of adding a new section called ".modlicense". The length of the new
section's header will automatically be the string length [including
trailing NUL]. The module loading code then just has to compare the
section length with the string length as returned by strlen().
A side effect of this patch will be that having multiple
MODULE_LICENSE() in a kernel module will break, since all the strings
that are specified with MODULE_LICENSE() get concatenated into the
modlicense section. This would lead to section data that could look like
"foo\0bar\0", and hence fails the section_length vs strlen check.
Putting multiple MODULE_LICENSE() in a module (.ko) does not make sense
either, because if there is at least one GPL component, it becomes a
combined work, [insert more GPL interpretation here]. So it is better to
just deny loading such strange modules too.
A separate patch is required for module-init-tools (m-i-t) to make the
"modinfo" userspace utility understand the new modlicense section. I do
not think the world will explode if someone runs an unpatched m-i-t with
a patched kernel. The m-i-t patch will be posted as a reply to this
message containing the kernel patch.
___The kernel patch___
Just a few notes here.
* The patch moves MODULE_LICENSE() from module.h to moduleparam.h
because __module_cat is needed. Not strictly, but having __LINE__ as
part of the symbol name seems nice.
* The set_license() function in kernel/module.c has
been changed to use the section. If no such section exists, i.e. no
MODULE_LICENSE() was present in any of the .c files that make up a
module, the behavior is the same as usual, i.e. "unspecified" license,
leading to a tainted kernel.
* strnlen() is used in case someone gets the naughty idea to produce a
faulty module that does not have the section data NUL-terminated.
* I was not sure what error code to return. -EPERM would have been cool
("You are not allowed to load a module that plays source tricks"), but
I went with a more neutral -EINVAL for now.
* I hope the "goto cleanup" is the right jump target.
Comments welcome.
Signed-off-by: Jan Engelhardt <[email protected]>
# modlicense-kernel.diff
Index: linux-2.6.20-rc7/include/linux/module.h
===================================================================
--- linux-2.6.20-rc7.orig/include/linux/module.h
+++ linux-2.6.20-rc7/include/linux/module.h
@@ -95,36 +95,6 @@ extern struct module __this_module;
/* For userspace: you can also call me... */
#define MODULE_ALIAS(_alias) MODULE_INFO(alias, _alias)
-/*
- * The following license idents are currently accepted as indicating free
- * software modules
- *
- * "GPL" [GNU Public License v2 or later]
- * "GPL v2" [GNU Public License v2]
- * "GPL and additional rights" [GNU Public License v2 rights and more]
- * "Dual BSD/GPL" [GNU Public License v2
- * or BSD license choice]
- * "Dual MIT/GPL" [GNU Public License v2
- * or MIT license choice]
- * "Dual MPL/GPL" [GNU Public License v2
- * or Mozilla license choice]
- *
- * The following other idents are available
- *
- * "Proprietary" [Non free products]
- *
- * There are dual licensed components, but when running with Linux it is the
- * GPL that is relevant so this is a non issue. Similarly LGPL linked with GPL
- * is a GPL combined work.
- *
- * This exists for several reasons
- * 1. So modinfo can show license info for users wanting to vet their setup
- * is free
- * 2. So the community can ignore bug reports including proprietary modules
- * 3. So vendors can do likewise based on their own policies
- */
-#define MODULE_LICENSE(_license) MODULE_INFO(license, _license)
-
/* Author, ideally of form NAME <EMAIL>[, NAME <EMAIL>]*[ and NAME <EMAIL>] */
#define MODULE_AUTHOR(_author) MODULE_INFO(author, _author)
Index: linux-2.6.20-rc7/include/linux/moduleparam.h
===================================================================
--- linux-2.6.20-rc7.orig/include/linux/moduleparam.h
+++ linux-2.6.20-rc7/include/linux/moduleparam.h
@@ -20,8 +20,44 @@
static const char __module_cat(name,__LINE__)[] \
__attribute_used__ \
__attribute__((section(".modinfo"),unused)) = __stringify(tag) "=" info
+
+/*
+ * The following license idents are currently accepted as indicating free
+ * software modules
+ *
+ * "GPL" [GNU Public License v2 or later]
+ * "GPL v2" [GNU Public License v2]
+ * "GPL and additional rights" [GNU Public License v2 rights and more]
+ * "Dual BSD/GPL" [GNU Public License v2
+ * or BSD license choice]
+ * "Dual MIT/GPL" [GNU Public License v2
+ * or MIT license choice]
+ * "Dual MPL/GPL" [GNU Public License v2
+ * or Mozilla license choice]
+ *
+ * The following other idents are available
+ *
+ * "Proprietary" [Non free products]
+ *
+ * There are dual licensed components, but when running with Linux it is the
+ * GPL that is relevant so this is a non issue. Similarly LGPL linked with GPL
+ * is a GPL combined work.
+ *
+ * This exists for several reasons
+ * 1. So modinfo can show license info for users wanting to vet their setup
+ * is free
+ * 2. So the community can ignore bug reports including proprietary modules
+ * 3. So vendors can do likewise based on their own policies
+ */
+#define MODULE_LICENSE(_license) \
+ static const char __module_cat(name, __LINE__)[] \
+ __attribute_used__ \
+ __attribute__((section(".modlicense"), unused)) = \
+ (_license)
+
#else /* !MODULE */
#define __MODULE_INFO(tag, name, info)
+#define MODULE_LICENSE(_license)
#endif
#define __MODULE_PARM_TYPE(name, _type) \
__MODULE_INFO(parmtype, name##type, #name ":" _type)
Index: linux-2.6.20-rc7/kernel/module.c
===================================================================
--- linux-2.6.20-rc7.orig/kernel/module.c
+++ linux-2.6.20-rc7/kernel/module.c
@@ -1389,10 +1389,21 @@ static void layout_sections(struct modul
}
}
-static void set_license(struct module *mod, const char *license)
+static int set_license(struct module *mod, Elf_Shdr *sechdr)
{
- if (!license)
- license = "unspecified";
+ const char *license = "unspecified";
+
+ if(sechdr != NULL) {
+ license = (const char *)sechdr->sh_addr;
+
+ /* Allow both non-terminated strings and NUL-terminated
+ strings, as long as no string termination trick is done. */
+ if(strnlen(license, sechdr->sh_size) + 1 != sechdr->sh_size) {
+ printk(KERN_WARNING "Module \"%s\" has invalid "
+ ".modlicense section\n", mod->name);
+ return -EINVAL;
+ }
+ }
if (!license_is_gpl_compatible(license)) {
if (!(tainted & TAINT_PROPRIETARY_MODULE))
@@ -1400,6 +1411,8 @@ static void set_license(struct module *m
"kernel.\n", mod->name, license);
add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
}
+
+ return 0;
}
/* Parse tag=value strings from .modinfo section */
@@ -1549,6 +1562,7 @@ static struct module *load_module(void _
unsigned int modindex;
unsigned int obsparmindex;
unsigned int infoindex;
+ unsigned int license_index;
unsigned int gplindex;
unsigned int crcindex;
unsigned int gplcrcindex;
@@ -1653,6 +1667,7 @@ static struct module *load_module(void _
obsparmindex = find_sec(hdr, sechdrs, secstrings, "__obsparm");
versindex = find_sec(hdr, sechdrs, secstrings, "__versions");
infoindex = find_sec(hdr, sechdrs, secstrings, ".modinfo");
+ license_index = find_sec(hdr, sechdrs, secstrings, ".modlicense");
pcpuindex = find_pcpusec(hdr, sechdrs, secstrings);
#ifdef ARCH_UNWIND_SECTION_NAME
unwindex = find_sec(hdr, sechdrs, secstrings, ARCH_UNWIND_SECTION_NAME);
@@ -1660,6 +1675,8 @@ static struct module *load_module(void _
/* Don't keep modinfo section */
sechdrs[infoindex].sh_flags &= ~(unsigned long)SHF_ALLOC;
+ if(license_index)
+ sechdrs[license_index].sh_flags &= ~SHF_ALLOC;
#ifdef CONFIG_KALLSYMS
/* Keep symbol and string tables for decoding later. */
sechdrs[symindex].sh_flags |= SHF_ALLOC;
@@ -1769,7 +1786,10 @@ static struct module *load_module(void _
module_unload_init(mod);
/* Set up license info based on the info section */
- set_license(mod, get_modinfo(sechdrs, infoindex, "license"));
+ err = set_license(mod, (license_index != 0) ?
+ &sechdrs[license_index] : NULL);
+ if(err)
+ goto cleanup;
if (strcmp(mod->name, "ndiswrapper") == 0)
add_taint(TAINT_PROPRIETARY_MODULE);
#<EOF>
Hello Ccs, hello list,
The m-i-t list subscription is foobared today, so no Cc. To compensate,
Jon has been Cced.
jengelh wrote:
>
>Proposed patch to prohibit loading modules that use early C string
>termination ("GPL\0 for nothing, folks!") to trick the kernel believing
>it is loading a GPL driver.
>[...]
>To work against this problem, we must store the length of the actual
>string as the compiler knows it. This will become really cumbersome if
>implemented as a new tag inside the modinfo section. Hence I chose the
>way of adding a new section called ".modlicense". The length of the new
>section's header will automatically be the string length [including
>trailing NUL]. The module loading code then just has to compare the
>section length with the string length as returned by strlen().
>[...]
>A separate patch is required for module-init-tools (m-i-t) to make the
>"modinfo" userspace utility understand the new modlicense section. I do
>not think the world will explode if someone runs an unpatched m-i-t with
>a patched kernel.
Signed-off-by: Jan Engelhardt <[email protected]>
# modlicense-MIT.diff
Index: module-init-tools-3.2.2/modinfo.c
===================================================================
--- module-init-tools-3.2.2.orig/modinfo.c
+++ module-init-tools-3.2.2/modinfo.c
@@ -376,12 +376,22 @@ int main(int argc, char *argv[])
}
info = get_section(mod, modulesize, &infosize, ".modinfo");
- if (!info)
- continue;
- if (field)
- print_tag(field, info, infosize, filename, sep);
- else
- print_all(info, infosize, filename, sep);
+ if (info) {
+ if (field)
+ print_tag(field, info, infosize, filename, sep);
+ else
+ print_all(info, infosize, filename, sep);
+ }
+
+ info = get_section(mod, modulesize, &infosize, ".modlicense");
+ if(info != NULL && strnlen(info, infosize) + 1 == infosize) {
+ if(field != NULL && streq(field, "license"))
+ printf("%s%c", (const char *)info, sep);
+ else
+ printf("%-16s%s%c", "license:",
+ (const char *)info, sep);
+ }
+
free(filename);
}
return ret;
#<EOF>
On Thu, 1 Feb 2007 22:20:09 +0100 (MET) Jan Engelhardt wrote:
> ___The kernel patch___
>
> Just a few notes here.
>
>
> Comments welcome.
Good idea.
A diffstat summary would have been nice.
(See Documentation/SubmittingPatches)
Use a space between "if" and "(" below (multiple times):
see Documentation/CodingStyle.
> Index: linux-2.6.20-rc7/kernel/module.c
> ===================================================================
> --- linux-2.6.20-rc7.orig/kernel/module.c
> +++ linux-2.6.20-rc7/kernel/module.c
> @@ -1389,10 +1389,21 @@ static void layout_sections(struct modul
> }
> }
>
> -static void set_license(struct module *mod, const char *license)
> +static int set_license(struct module *mod, Elf_Shdr *sechdr)
> {
> - if (!license)
> - license = "unspecified";
> + const char *license = "unspecified";
> +
> + if(sechdr != NULL) {
> + license = (const char *)sechdr->sh_addr;
> +
> + /* Allow both non-terminated strings and NUL-terminated
> + strings, as long as no string termination trick is done. */
> + if(strnlen(license, sechdr->sh_size) + 1 != sechdr->sh_size) {
> + printk(KERN_WARNING "Module \"%s\" has invalid "
> + ".modlicense section\n", mod->name);
> + return -EINVAL;
> + }
> + }
>
> if (!license_is_gpl_compatible(license)) {
> if (!(tainted & TAINT_PROPRIETARY_MODULE))
> @@ -1400,6 +1411,8 @@ static void set_license(struct module *m
> "kernel.\n", mod->name, license);
> add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> }
> +
> + return 0;
> }
>
> /* Parse tag=value strings from .modinfo section */
> @@ -1549,6 +1562,7 @@ static struct module *load_module(void _
> unsigned int modindex;
> unsigned int obsparmindex;
> unsigned int infoindex;
> + unsigned int license_index;
> unsigned int gplindex;
> unsigned int crcindex;
> unsigned int gplcrcindex;
> @@ -1653,6 +1667,7 @@ static struct module *load_module(void _
> obsparmindex = find_sec(hdr, sechdrs, secstrings, "__obsparm");
> versindex = find_sec(hdr, sechdrs, secstrings, "__versions");
> infoindex = find_sec(hdr, sechdrs, secstrings, ".modinfo");
> + license_index = find_sec(hdr, sechdrs, secstrings, ".modlicense");
> pcpuindex = find_pcpusec(hdr, sechdrs, secstrings);
> #ifdef ARCH_UNWIND_SECTION_NAME
> unwindex = find_sec(hdr, sechdrs, secstrings, ARCH_UNWIND_SECTION_NAME);
> @@ -1660,6 +1675,8 @@ static struct module *load_module(void _
>
> /* Don't keep modinfo section */
> sechdrs[infoindex].sh_flags &= ~(unsigned long)SHF_ALLOC;
> + if(license_index)
> + sechdrs[license_index].sh_flags &= ~SHF_ALLOC;
> #ifdef CONFIG_KALLSYMS
> /* Keep symbol and string tables for decoding later. */
> sechdrs[symindex].sh_flags |= SHF_ALLOC;
> @@ -1769,7 +1786,10 @@ static struct module *load_module(void _
> module_unload_init(mod);
>
> /* Set up license info based on the info section */
> - set_license(mod, get_modinfo(sechdrs, infoindex, "license"));
> + err = set_license(mod, (license_index != 0) ?
> + &sechdrs[license_index] : NULL);
> + if(err)
> + goto cleanup;
>
> if (strcmp(mod->name, "ndiswrapper") == 0)
> add_taint(TAINT_PROPRIETARY_MODULE);
---
~Randy
Jan Engelhardt wrote:
> Proposed patch to prohibit loading modules that use early C string
> termination ("GPL\0 for nothing, folks!") to trick the kernel believing
> it is loading a GPL driver.
Ok. I totally dig the *idea* here - I mean, this issue has been ongoing
for a long time now. But I'd like to see a few comments as to whether we
need a technological mechanism here to enforce the obvious. To me, it
just seems totally obvious (any legal comment?) that early C string
termination is undermining the intent of the MODULE_LICENSE tag.
The m-i-t patch seems ok and also cleans up the existing logic.
Jon.
P.S. Someone's fooling around with mailman on that box, I'll get the
mailing list sorted out between now and the weekend or somesuch.
On 2/2/07, Jon Masters <[email protected]> wrote:
> Ok. I totally dig the *idea* here - I mean, this issue has been ongoing
> for a long time now. But I'd like to see a few comments as to whether we
> need a technological mechanism here to enforce the obvious. To me, it
> just seems totally obvious (any legal comment?) that early C string
> termination is undermining the intent of the MODULE_LICENSE tag.
I'm not a lawyer, but I can tell you exactly what a lawyer would say:
"well, ya know, it's hard to say when it comes to these issues"
that's the answer to *any* copyright question. :)
Trent
Trent Waddington wrote:
> On 2/2/07, Jon Masters <[email protected]> wrote:
>> Ok. I totally dig the *idea* here - I mean, this issue has been ongoing
>> for a long time now. But I'd like to see a few comments as to whether we
>> need a technological mechanism here to enforce the obvious. To me, it
>> just seems totally obvious (any legal comment?) that early C string
>> termination is undermining the intent of the MODULE_LICENSE tag.
>
> I'm not a lawyer, but I can tell you exactly what a lawyer would say:
>
> "well, ya know, it's hard to say when it comes to these issues"
>
> that's the answer to *any* copyright question. :)
to me it even screams "bypassing or a digital copyright enforcement system".
that sounds really close to "D.M.C.A. violation" :)
thank goodness I'm not a laywer...
Auke
Jon Masters wrote:
> need a technological mechanism here to enforce the obvious. To me, it
> just seems totally obvious (any legal comment?) that early C string
> termination is undermining the intent of the MODULE_LICENSE tag.
>
I completely agree with that. It's like I sign a contract and the other
party later makes claims and says: Well, you sure you read the whole
contract? 'Coz in the part that was written with special ink, only
visible under special light, it clearly states that ...
Can't you put this somewhere into the documentation: it's our kernel,
play by our rules, and our rules are, the license is what is visible in
'printf(license)'?
tom
On 2/2/07, Tomas Carnecky <[email protected]> wrote:
> Can't you put this somewhere into the documentation: it's our kernel,
> play by our rules, and our rules are, the license is what is visible in
> 'printf(license)'?
Here I was thinking the rules were: all modules must be GPL and the
jerks who make proprietary modules are just blatantly breaking the
law. But you're right, the MODULE_LICENSE tag really does imply that
licenses other than the GPL are ok.
Trent
On Fri, 02 Feb 2007 10:51:23 +1000, Trent Waddington said:
> On 2/2/07, Tomas Carnecky <[email protected]> wrote:
> > Can't you put this somewhere into the documentation: it's our kernel,
> > play by our rules, and our rules are, the license is what is visible in
> > 'printf(license)'?
>
> Here I was thinking the rules were: all modules must be GPL and the
> jerks who make proprietary modules are just blatantly breaking the
> law. But you're right, the MODULE_LICENSE tag really does imply that
> licenses other than the GPL are ok.
Given that the definition of "derived work" in the software world is still
quite squishy and not firmed up, it's not at all clear that proprietary
modules are "blatantly" breaking the law. In particular, feel free to
cite actual statute or case law that proves unequivocally that modules that
have a GPL shim that interface between the kernel and a binary blob are
breaking the law.
Hint: first you have to prove that the kernel API doesn't qualify as 'scenes
a faire' - a tough job when calling a function in any way but the one approved
one will cause an oops. ;)
> But you're right, the MODULE_LICENSE tag really does imply that
> licenses other than the GPL are ok.
yup.. BSD licensed modules are clearly ok as well..
Arjan van de Ven wrote:
>> But you're right, the MODULE_LICENSE tag really does imply that
>> licenses other than the GPL are ok.
>
> yup.. BSD licensed modules are clearly ok as well..
So I guess we're going to go with Jan's change then.
I just wanted to discuss this briefly since I'm very keen for the kernel
not to enforce legal/DRM type policy at all - this isn't quite the same
discussion as we've had previously but the point remains: it should be
for people to realize when they are violating a license as software
unfortunately cannot ever be intelligent to catch all the baddies.
Personally, I am less worried if people use an obvious "PROPRIETARY"
label because they're at least admitting and saying it how it is - then
if later it can be shown that they are in fact violating kernel
copyright, they've helped to sign their own death warrant :-)
Jon.
> to me it even screams "bypassing or a digital copyright
> enforcement system".
> that sounds really close to "D.M.C.A. violation" :)
>
> thank goodness I'm not a laywer...
It is not. GPL export is *not* a copyright enforcement scheme. (See the many
times when this was discussed on this list.) The GPL prohibits the use of
copyright enforcement schemes in sections 6 and 7.
Suppose there were some law that said that if I put "do not modify this
line" in a piece of code, you could not modify that line. The GPL would
clearly prohibit putting such a thing in a work, as that would remove from
recipients their right to modify the code -- a right guaranteed to them
under the GPL.
Same with GPL export. If it is a copyright enforcement scheme and it
prevented people from modifying the code to include the license tag
termination trick, they would not have the right to modify the code that way
which the GPL says they are supposed to have. So *if* EXPORT_GPL were a
copyright enforcement scheme, the Linux kernel containing it could not be
distributed.
The consensus view, as I understand it, is that the GPL export is a
warning/notification scheme to alert people that their use of these symbols
in non-GPL code is believed to violate the GPL *if* that code is distributed
(which the GPL export logic has no way to determine has happened or will
ever happen). It is no different than refusing a command to change the time
of day from a non-superuser.
In any event, even if you assume it is a copyright enforcement scheme, it is
not circumvention to remove or disable such a scheme with the permission of
the copyright holder. Section 2 of the GPL grants just such permission.
DS
David Schwartz wrote:
> In any event, even if you assume it is a copyright enforcement scheme, it is
> not circumvention to remove or disable such a scheme with the permission of
> the copyright holder. Section 2 of the GPL grants just such permission.
>
The way I see this:
There is a copyright enforcement scheme. (A simple test for
the word GPL.) Trivial, but still an enforcement scheme.
You are of course allowed to remove the test completely,
as the GPL lets you change the kernel source in any way you wish.
But you are still not allowed to circumvent the scheme as long as
it is in place - in those parts of the world were circumventing is
illegal.
So a vendor using the \0 trick is on very shaky ground.
He has another option - to patch out the test. But he
don't want that, for then he have to distribute a kernel,
not only a module.
Helge Hafting
On Feb 2 2007 15:53, Paul Rolland wrote:
>
>If that is really one important point, why not simply adding a :
>MODULE_IS_UNDER_GPL_LICENSE("yes|no")
>and a
>MODULE_IS_UNDER_GPL_LIKE_LICENSE("yes|no")
>
>or use 0 and 1 instead of yes and no, and thus clearly avoid all the
>C string mess ?
MODULE_IS_UNDER_GPL_LICENSE("yes\0 but only this .c file");
Jan
--
ft: http://freshmeat.net/p/chaostables/
Hello,
> will be written to the object file will be "license=GPL\0for
> nothing\0".
> When this is interpreted back again in the kernel module
> loader, it is
> read as "license=GPL", having circumvented the loading mechanism and
> having wrongfully access to GPL symbols. According to Alexey [
> http://lkml.org/lkml/2006/10/27/233 ], LinuxAnt is one vendor to use
> this trick.
If that is really one important point, why not simply adding a :
MODULE_IS_UNDER_GPL_LICENSE("yes|no")
and a
MODULE_IS_UNDER_GPL_LIKE_LICENSE("yes|no")
or use 0 and 1 instead of yes and no, and thus clearly avoid all the
C string mess ?
Regards,
Paul
On Fri, 2 Feb 2007 16:11:11 +0100 (MET) Jan Engelhardt wrote:
>
> On Feb 2 2007 15:53, Paul Rolland wrote:
> >
> >If that is really one important point, why not simply adding a :
> >MODULE_IS_UNDER_GPL_LICENSE("yes|no")
> >and a
> >MODULE_IS_UNDER_GPL_LIKE_LICENSE("yes|no")
> >
> >or use 0 and 1 instead of yes and no, and thus clearly avoid all the
> >C string mess ?
>
> MODULE_IS_UNDER_GPL_LICENSE("yes\0 but only this .c file");
if (MODULE_LICENSE_contains_null(license))
printk(KERN_WARNING "this module's license is suspicious\n");
---
~Randy
On Feb 2 2007 08:53, Randy Dunlap wrote:
>
>if (MODULE_LICENSE_contains_null(license))
> printk(KERN_WARNING "this module's license is suspicious\n");
Try to code that macro.
Jan
--
ft: http://freshmeat.net/p/chaostables/
On Fri, 2 Feb 2007 18:41:02 +0100 (MET) Jan Engelhardt wrote:
>
> On Feb 2 2007 08:53, Randy Dunlap wrote:
> >
> >if (MODULE_LICENSE_contains_null(license))
> > printk(KERN_WARNING "this module's license is suspicious\n");
>
> Try to code that macro.
It's not a macro afaict.
---
~Randy
> MODULE_IS_UNDER_GPL_LICENSE("yes\0 but only this .c file");
>
MODULE_IS_UNDER_GPL_LICENSE(0)
(integer, not string).
Paul
On Feb 2 2007 09:49, Randy Dunlap wrote:
>On Fri, 2 Feb 2007 18:41:02 +0100 (MET) Jan Engelhardt wrote:
>> On Feb 2 2007 08:53, Randy Dunlap wrote:
>> >
>> >if (MODULE_LICENSE_contains_null(license))
>> > printk(KERN_WARNING "this module's license is suspicious\n");
>>
>> Try to code that macro.
>
>It's not a macro afaict.
Whatever, I just want to see how you are going to implement
MODULE_LICENSE_contains_null.
Jan
--
On Feb 2 2007 19:37, Paul Rolland wrote:
>> MODULE_IS_UNDER_GPL_LICENSE("yes\0 but only this .c file");
>>
>
>MODULE_IS_UNDER_GPL_LICENSE(0)
>(integer, not string).
So what (legally) happens when someone does
MODULE_IS_UNDER_GPL_LICENSE(2), (~0) or (-1)? Does the judge get confused?
Then better use strings and an appropriate check.
Jan
--
On Fri, 2 Feb 2007 20:06:42 +0100 (MET) Jan Engelhardt wrote:
>
> On Feb 2 2007 09:49, Randy Dunlap wrote:
> >On Fri, 2 Feb 2007 18:41:02 +0100 (MET) Jan Engelhardt wrote:
> >> On Feb 2 2007 08:53, Randy Dunlap wrote:
> >> >
> >> >if (MODULE_LICENSE_contains_null(license))
> >> > printk(KERN_WARNING "this module's license is suspicious\n");
> >>
> >> Try to code that macro.
> >
> >It's not a macro afaict.
>
> Whatever, I just want to see how you are going to implement
> MODULE_LICENSE_contains_null.
I was busy on other things this morning (my time).
Now I have looked and I see what you mean. ;)
I think it's possible, but it requires digging/learning about
Elf headers.
---
~Randy
On Feb 2 2007 17:12, Randy Dunlap wrote:
>> >> >if (MODULE_LICENSE_contains_null(license))
>> >> > printk(KERN_WARNING "this module's license is suspicious\n");
>>
>> Whatever, I just want to see how you are going to implement
>> MODULE_LICENSE_contains_null.
>
>I was busy on other things this morning (my time).
>Now I have looked and I see what you mean. ;)
>
>I think it's possible, but it requires digging/learning about
>Elf headers.
That's what I did...
Jan
--
ft: http://freshmeat.net/p/chaostables/
> The way I see this:
> There is a copyright enforcement scheme. (A simple test for
> the word GPL.) Trivial, but still an enforcement scheme.
If this were true, then the Linux kernel with it could not be distributed.
If it were a legal mechanism to prevent people from modifying modules, then it's a further restriction. Whoever distributes a Linux kernel with a copyright enforcement scheme (assuming it includes at least one module) is violating section 6 of the GPL.
Adding a copyright enforcement scheme to the kernel, and then distributing it with modules that cannot be modified in some ways because of that scheme, is imposing a "further restriction". (Since the GPL does not contain the restriction.)
> You are of course allowed to remove the test completely,
> as the GPL lets you change the kernel source in any way you wish.
It also lets you change the modules in any way you wish. I can't see how you can have it both ways. How is removing an enforcement scheme not circumventing it?
> But you are still not allowed to circumvent the scheme as long as
> it is in place - in those parts of the world were circumventing is
> illegal.
If that's true, then the Linux kernel cannot be distributed in those parts of the world where circumventing is illegal. The GPL does not prohibit circumventing anything, so the DMCA (as invoked by those who added copyright enforcement schemes to the kernel) would be them imposing a further restriction on our right to modify the modules included with the kernel.
> So a vendor using the \0 trick is on very shaky ground.
> He has another option - to patch out the test. But he
> don't want that, for then he have to distribute a kernel,
> not only a module.
The GPL does not permit you to (ab)use the law to prevent people from modifying GPL'd works. If a law prevents people from modifying GPL'd works, then those works cannot be distributed where that law applies.
You can certainly argue that this doesn't make sense if the law is not deliberately invoked. For example, some countries have a law against denying the Holocaust. I don't think you can rationally argue that no works are disrtibutable under the GPL there because someone can't legally modify those works to deny the Holocaust.
But the assumption that the GPL linkage code is a copyright enforcement scheme would mean that the Linux kernel would have been deliberately modified so as to invoke a law that prevents people from modifying GPL'd works -- including the modules included with the kernel itself. If that doesn't make the kernel undistributable, the GPL clause 7 doesn't mean anything.
" For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. "
It seems to me that another example would be if the DMCA does not permit modification of portions of the Program, then you cannot distribute the program.
This is the way the GPL's "self destruct" mechanism is supposed to work. For example, if someone claims there's a patent that prevents some piece of the Linux kernel from being used freely, the GPL is designed to force Linux developers and distributors to hack that piece out of the kernel so that the program can remain free to distribute and modify. It actually *fixes* legal problems by prohibiting distribution until the distributors can figure out how to get people's GPL rights back.
The way out of the GPL problem is to make clear that it is *not* a copyright enforcement scheme, it's simply a notification scheme. Claims and actions in another direction threaten the distributability of the Linux kernel, and frankly violate the intent, spirit, and precise language of the GPL.
DS
On Feb 3 2007 10:31, David Schwartz wrote:
>
>The way out of the GPL problem is to make clear that it is *not* a
>copyright enforcement scheme
So why do we have EXPORT_SYMBOL_GPL then, if
- there shall be no enforcement (such as requiring modules to carry
exactly one MODULE_LICENSE, and it be GPL to access GPL symbols)
- EXPORT_SYMBOL_GPL can be circumvented by having multiple
MODULE_LICENSE and one of those MODULE_LICENSE is ("GPL")
[see Bodo's patch]
I think Linus has made a stance on the purpose of _GPL [yup,
http://lkml.org/lkml/2003/12/4/84 ], and I interpret his words "if you
need this export, you're clearly doing something that requires the GPL"
being in conflict with [X].
[X]: """obj-combo += proprietary.o gpldummy.o""" and allowing
proprietary.c to use GPL symbols just because the combo.ko file contains
at least one MODULE_LICENSE("GPL").
Note IANAL, more a developer, so please don't flame too much.
Jan
--
On Sat, 3 Feb 2007 21:47:36 +0100 (MET)
Jan Engelhardt <[email protected]> wrote:
>
> On Feb 3 2007 10:31, David Schwartz wrote:
> >
> >The way out of the GPL problem is to make clear that it is *not* a
> >copyright enforcement scheme
>
> So why do we have EXPORT_SYMBOL_GPL then, if
Because if you go around modifying code to get around it then regardless
of the DMCA question you are actively doing it and there is very clear
intent to do other than the right holder intended. In some ways its the
difference between walking through an open archway into a private area
and kicking the door down to get in.
Alan wrote:
> On Sat, 3 Feb 2007 21:47:36 +0100 (MET)
> Jan Engelhardt <[email protected]> wrote:
>
>> On Feb 3 2007 10:31, David Schwartz wrote:
>>> The way out of the GPL problem is to make clear that it is *not* a
>>> copyright enforcement scheme
>> So why do we have EXPORT_SYMBOL_GPL then, if
>
> Because if you go around modifying code to get around it then regardless
> of the DMCA question you are actively doing it and there is very clear
> intent to do other than the right holder intended. In some ways its the
> difference between walking through an open archway into a private area
> and kicking the door down to get in.
It's a sign, a notice, and the reason I brought up this discussion is
precisely because I don't think the kernel has any business being an
enforcement mechanism - that's not what the spirit of our community is
really about, we're about openness (as much as is possible).
If I go into an airport, open my laptop and connect to a network called
"Free WiFi network", then I might have a good case to argue that I
expected the WiFi to be free. If I connect to a network called "Not
Free, Don't Use" then...I think the intent of the wording is clear.
Anyway. Are we doing this or not - the more I think about it, the more
I'm kinda "happy" to just leave things as they are. Yes, bad people will
continuing doing bad things no matter what we do. Do we really want to
change stuff just to work around obvious abuse? Alan?
Jon.
> Anyway. Are we doing this or not - the more I think about it, the more
> I'm kinda "happy" to just leave things as they are. Yes, bad people will
> continuing doing bad things no matter what we do. Do we really want to
> change stuff just to work around obvious abuse? Alan?
Actually checking the ELF sections does make the loader more robust and
we need to fix up the off by one as well so I think so yes. When I
thought about this I was happy I'd have said yes without modules doing
GPL\0
> On Feb 3 2007 10:31, David Schwartz wrote:
> >
> >The way out of the GPL problem is to make clear that it is *not* a
> >copyright enforcement scheme
>
> So why do we have EXPORT_SYMBOL_GPL then, if
>
> - there shall be no enforcement (such as requiring modules to carry
> exactly one MODULE_LICENSE, and it be GPL to access GPL symbols)
>
> - EXPORT_SYMBOL_GPL can be circumvented by having multiple
> MODULE_LICENSE and one of those MODULE_LICENSE is ("GPL")
> [see Bodo's patch]
The same reason we do any other checks. Why don't we let a normal use list
the contents of any directory they want to? Because we believe that allowing
people to do that, in the default shipping configuration, has disadvantages
that outweight the benefits. If someone disagrees, they are free to remove
the check or bypass it or whatever, by then they take those risks.
> I think Linus has made a stance on the purpose of _GPL [yup,
> http://lkml.org/lkml/2003/12/4/84 ], and I interpret his words "if you
> need this export, you're clearly doing something that requires the GPL"
> being in conflict with [X].
Exactly. It conveys the opinion of whoever set the tag that they believe it
is difficult to impossible to use that symbol in anything other than a
derived work. It is, to some extent, misnamed because the GPL does not
require all derived work to be placed under the GPL. (For example, a derived
work that is never distributed need not be placed under the GPL.)
> Note IANAL, more a developer, so please don't flame too much.
No, you're dead on.
Why don't we allow a normal user to unlink any file? Because the person who
put in the check to prevent that believes that that's not something you
should be doing. If you *want* to do it, it's your right. But it is also
their right to put in the code that stops you, so that you have to *want* to
do it in order to do it.
The GPL allows me to add code and distribute and it allows you to remove
that same code if you want. If you disagree with my judgment, you may bypass
it at your own risk.
DS
> So what (legally) happens when someone does
> MODULE_IS_UNDER_GPL_LICENSE(2), (~0) or (-1)? Does the judge
> get confused?
> Then better use strings and an appropriate check.
Please let me not believe it's not possible to have a compilation test
on that that would issue a #error if param is not one of the acceptable
value...
Paul
David Schwartz wrote:
>> The way I see this:
>> There is a copyright enforcement scheme. (A simple test for
>> the word GPL.) Trivial, but still an enforcement scheme.
>>
>
> If this were true, then the Linux kernel with it could not be distributed.
>
> If it were a legal mechanism to prevent people from modifying modules, then it's a further restriction. Whoever distributes a Linux kernel with a copyright enforcement scheme (assuming it includes at least one module) is violating section 6 of the GPL.
>
> Adding a copyright enforcement scheme to the kernel, and then distributing it with modules that cannot be modified in some ways because of that scheme, is imposing a "further restriction". (Since the GPL does not contain the restriction.)
>
You _can_ modify the modules any way you wish - you just won't
be able to load one with a "GPL\0more text" version string.
This is not a "further restriction" precisely because the GPL
allow you to patch out this copyright enforcing scheme.
>> You are of course allowed to remove the test completely,
>> as the GPL lets you change the kernel source in any way you wish.
>>
>
> It also lets you change the modules in any way you wish. I can't see how you can have it both ways. How is removing an enforcement scheme not circumventing it?
>
Microsoft make copies of windows - how is this _not_ circumventing
the copy-protection on windows installation media? How come
movie studios are _not_ circumventing the encryption on DVDs?
How come you don't circumvent the protection system when you
install windows, typing in the key unique to your CD set?
In all cases, because they have the _keys_ to these copyright
protection systems. Using your legally obtained key is not
circumventing. The key to the kernels copyright protection is
the source, which you can change at will.
So, I think it is possible to both have an enforceable copyright
protection system (in places that recognise such enforceability),
and also distribute under the GPL because the key to this
copyright protection system is provided.
I don't know if a lawyer will see this the same way, but it
makes sense to me.
Similiar example - Microsoft could theoretically sell the keys to
the system protecting windows along with a licence to make copies.
>> But you are still not allowed to circumvent the scheme as long as
>> it is in place - in those parts of the world were circumventing is
>> illegal.
>>
Indeed, but using the provided key is not circumventing. Loading a
non-GPL module that uses GPL symbols anyway is prevented, so
forcibly loading such a module "the rootkit way" by patching /dev/mem
is a circumvention. Catch one of the script kiddies inside the US, and
you can
theoretically nail him with the DMCA these days.
Changing the source (allowed by the GPL) is not circumvention.
Just as using your door key does not circumvent the door lock even
though you open it. You might call this weak protection indeed,
seeing how easy it is. Still, it means that a vendor of closed-source
modules that use GPL symbols now must distribute a kernel of
their own instead of just a module. Such rouge modules will no longer
load. Alternatively, they can set the licence string to GPL but
then they must live up to it and provide source.
>
> If that's true, then the Linux kernel cannot be distributed in those parts of the world where circumventing is illegal. The GPL does not prohibit circumventing anything, so the DMCA (as invoked by those who added copyright enforcement schemes to the kernel) would be them imposing a further restriction on our right to modify the modules included with the kernel.
>
>
>> So a vendor using the \0 trick is on very shaky ground.
>> He has another option - to patch out the test. But he
>> don't want that, for then he have to distribute a kernel,
>> not only a module.
>>
>
> The GPL does not permit you to (ab)use the law to prevent people from modifying GPL'd works. If a law prevents people from modifying GPL'd works, then those works cannot be distributed where that law applies.
>
> You can certainly argue that this doesn't make sense if the law is not deliberately invoked. For example, some countries have a law against denying the Holocaust. I don't think you can rationally argue that no works are disrtibutable under the GPL there because someone can't legally modify those works to deny the Holocaust.
>
The "copyright protection" stuff works the same way, I think. You can't
deny distributing under the GPL just because someone could alter the
source so it breaks other law. The GPL allow circumvention, it is only the
DMCA that doesn't. Just like that holocaust law - the GPL allows
such denial too.
> But the assumption that the GPL linkage code is a copyright enforcement scheme would mean that the Linux kernel would have been deliberately modified so as to invoke a law that prevents people from modifying GPL'd works -- including the modules included with the kernel itself. If that doesn't make the kernel undistributable, the GPL clause 7 doesn't mean anything.
>
This don't happen because it doesn't prevent distribution of GPL'd works.
The enforcement scheme don't prevent any kind of distribution.
It prevents people from _legally_ loading some non-GPL modules
(those that use GPL symbols) unless they change this part of the source.
They are allowed to make that change, but it is too much hassle for
the masses who prefer a straight binary distro kernel.
> " For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. "
>
It is still royalty-free.
> It seems to me that another example would be if the DMCA does not permit modification of portions of the Program, then you cannot distribute the program.
>
> This is the way the GPL's "self destruct" mechanism is supposed to work. For example, if someone claims there's a patent that prevents some piece of the Linux kernel from being used freely, the GPL is designed to force Linux developers and distributors to hack that piece out of the kernel so that the program can remain free to distribute and modify. It actually *fixes* legal problems by prohibiting distribution until the distributors can figure out how to get people's GPL rights back.
>
> The way out of the GPL problem is to make clear that it is *not* a copyright enforcement scheme, it's simply a notification scheme. Claims and actions in another direction threaten the distributability of the Linux kernel, and frankly violate the intent, spirit, and precise language of the GPL.
>
I am not so sure that a copyright protection scheme violates even
the spirit of the GPL, as long as the keys are _always_ provided?
Because then the option of using they keys are always there,
so you can indeed make all the changes you want - and redistribute.
Which is also a reason why this scheme never will get
sophisticated - after all, it is always both legal and possible to
patch it out of the sources.
Note that this particular scheme doesn't even try to prevent copying.
It tries to protect the GPL by making it harder to erode it by
getting into a situation where 90% of the drivers necessary to
run a linux kernel are proprietary. It does so by ensuring that the
proprietary vendors access a limited API, unless they take
a lot of cumbersome extra steps like maintaining their own
"protection-free" kernel. Which they certainly can do under
the GPL, but most prefer being compatible with distro kernels
and stock kernels.
Helge Hafting
> Indeed, but using the provided key is not circumventing. Loading a
> non-GPL module that uses GPL symbols anyway is prevented, so
> forcibly loading such a module "the rootkit way" by patching /dev/mem
> is a circumvention. Catch one of the script kiddies inside the US, and
> you can
> theoretically nail him with the DMCA these days.
The greater has to include the lesser. If you have the authority to remove or modify a copyright enforcement scheme, you cannot be circumventing it.
In any event, if your argument were correct, the Linux kernel would not be distributable. The license enforcement scheme in the kernel makes it unlawful to modify the modules in a particular way, and they are both distributed under the GPL. This would be a "further restriction" since the restriction is not found in the GPL itself.
> Changing the source (allowed by the GPL) is not circumvention.
Then you can change the module source to include a null in the license tag.
> Just as using your door key does not circumvent the door lock even
> though you open it.
And neither is breaking down your own door. If you have the right to remove the door, you have the right to break it down. The greater includes the lesser.
> You might call this weak protection indeed,
> seeing how easy it is. Still, it means that a vendor of closed-source
> modules that use GPL symbols now must distribute a kernel of
> their own instead of just a module. Such rouge modules will no longer
> load. Alternatively, they can set the licence string to GPL but
> then they must live up to it and provide source.
Sounds like a further restriction to me. This is a restriction on how the modules can be modified, it's not found in the GPL, and it was imposed by people who modified the kernel. This is exactly what the GPL was designed to force people to remove before they could distribute a work.
> The "copyright protection" stuff works the same way, I think. You can't
> deny distributing under the GPL just because someone could alter the
> source so it breaks other law. The GPL allow circumvention, it
> is only the
> DMCA that doesn't. Just like that holocaust law - the GPL allows
> such denial too.
Right, but you can't put something into your source such that someone removing it or modifying it is breaking the law. If there was a law that said a file could not be modified if someone put the words "DO NOT MODIFY" in it, then you could *not* put such words in a GPL'd work. If you did, such a work would not be distributable because the law imposes a further restriction.
The DMCA is no different. It's a law that says if you put a copyright enforcement scheme in a work, then someone can't circumvent it. Since there are no anti-circumvention rules in the GPL itself, it's a further restriction.
Simply put, if you assume this is a license enforcement scheme, then the Linux kernel together with some modules contains a further restriction that prohibits you from modifying the modules in ways allowed by the GPL. This is precisely what the GPL prohibits.
> " For example, if a patent license would not permit
> royalty-free redistribution of the Program by all those who
> receive copies directly or indirectly through you, then the only
> way you could satisfy both it and this License would be to
> refrain entirely from distribution of the Program. "
> It is still royalty-free.
You are missing the point of the example. This is an example of what happens when some kind of legal process not found in the GPL operates to restrict the rights guaranteed by the GPL.
> I am not so sure that a copyright protection scheme violates even
> the spirit of the GPL, as long as the keys are _always_ provided?
> Because then the option of using they keys are always there,
> so you can indeed make all the changes you want - and redistribute.
> Which is also a reason why this scheme never will get
> sophisticated - after all, it is always both legal and possible to
> patch it out of the sources.
I cannot see any rational way you can have the right to modify all the involved code, the right to remove the scheme, and yet you can be "circumventing" it.
> Note that this particular scheme doesn't even try to prevent copying.
That's simply not true. It makes some proprietary modules unusable on mainstream kernels, thus decreasing the value of them if they're distributed. This is exactly what many anti-copying schemes do.
How is this scheme (which makes mainstream kernels unable to work with modules that are not GPL-licensed) different from the DVD scheme (that makes unlicensed players unable to play mainstream DVDs)? Engineered incompatability restricts the distribution value of the items made incompatible.
> It tries to protect the GPL by making it harder to erode it by
> getting into a situation where 90% of the drivers necessary to
> run a linux kernel are proprietary.
If you choose the GPL, you lose the right to "make it harder" for people to distribute and modify code. The GPL sets the terms and is carefully constructed so that nobody can later change them.
> It does so by ensuring that the
> proprietary vendors access a limited API, unless they take
> a lot of cumbersome extra steps like maintaining their own
> "protection-free" kernel. Which they certainly can do under
> the GPL, but most prefer being compatible with distro kernels
> and stock kernels.
This is precisely the type of thing the GPL was designed to prohibit. You are not supposed to be able to abuse copyright to retain control over a GPL'd work.
DS
David Schwartz wrote:
>> Indeed, but using the provided key is not circumventing. Loading a
>> non-GPL module that uses GPL symbols anyway is prevented, so
>> forcibly loading such a module "the rootkit way" by patching /dev/mem
>> is a circumvention. Catch one of the script kiddies inside the US, and
>> you can
>> theoretically nail him with the DMCA these days.
>>
>
> The greater has to include the lesser. If you have the authority to remove or modify a copyright enforcement scheme, you cannot be circumventing it.
>
I have a key to my office door that I am authorized to use.
That don't mean it is ok for me to circumvent the lock with a crowbar too.
> In any event, if your argument were correct, the Linux kernel would not be distributable. The license enforcement scheme in the kernel makes it unlawful to modify the modules in a particular way, and they are both distributed under the GPL. This would be a "further restriction" since the restriction is not found in the GPL itself.
>
No, it is not a licence restriction. It is a law. Modifying the
kernel to send holocaust-denying messages (or other illegal
stuff like printing money) is illegal too, but not an
additional restriction.
The copyright protection scheme does _not_ change the licence,
and the licence lets you remove it. So - no problem with the GPL.
The law says "don't circumvent", so you can't hack /dev/mem
to forcibly load a strange module. This is not a restriction
on (re)distribution of the kernel - but on the running. And it
is a law, not an additional clause in the licence.
>> Changing the source (allowed by the GPL) is not circumvention.
>>
>
> Then you can change the module source to include a null in the license tag.
>
Yes. And then the distro kernels will refuse to load it, which is the
whole point. Sure - it is possible to get around this (in a legal way)
by distributing an altered kernel. But that is troublesome extra work for
module vendors who want to do such tricks. They can do it
because of the GPL, but they won't enjoy it. They just want to
distribute their driver. Their binary driver will become less popular if it
forces users to recompile the kernel - and especially if the patch
collides with patches for every other closed-source driver that
try to use the same trick.
So yes - they can get around the enforcement system, but they
won't enjoy it. They won't enjoy being incompatible with distro kernels.
>
>> Just as using your door key does not circumvent the door lock even
>> though you open it.
>>
>
> And neither is breaking down your own door. If you have the right to remove the door, you have the right to break it down. The greater includes the lesser.
>
Nope. I am authorized to open and enter many doors that I don't own.
I have no right to open them by other means, just as I have
no right to relicence the linux kernel even if I may modify &
redistribute it.
>> You might call this weak protection indeed,
>> seeing how easy it is. Still, it means that a vendor of closed-source
>> modules that use GPL symbols now must distribute a kernel of
>> their own instead of just a module. Such rouge modules will no longer
>> load. Alternatively, they can set the licence string to GPL but
>> then they must live up to it and provide source.
>>
>
> Sounds like a further restriction to me. This is a restriction on how the modules can be modified, it's not found in the GPL, and it was imposed by people who modified the kernel. This is exactly what the GPL was designed to force people to remove before they could distribute a work.
>
It is not about modifying the modules - the vendor already released
the module under a non-gpl licence. (If it is gpl - no problem)
It is about the kernel. The _can_ modify the kernel, but it'd be
more work!
Are you talking about modifying the running kernel through
loading a module via /dev/mem hacking?
The GPL does of course not prevent that either, but
the DMCA might. Even if it doesn't - people relying on this
will see no end of breakage as this "interface" surely won't
be preserved. Somehow, I think it will be actively broken
in every release if closed-source vendors try to go down this path.
>> The "copyright protection" stuff works the same way, I think. You can't
>> deny distributing under the GPL just because someone could alter the
>> source so it breaks other law. The GPL allow circumvention, it
>> is only the
>> DMCA that doesn't. Just like that holocaust law - the GPL allows
>> such denial too.
>>
>
> Right, but you can't put something into your source such that someone removing it or modifying it is breaking the law.
Then the kernel is undistributable and has always been. The kernel
prints it version string as it boots up, it is easy enough to add
illegal stuff to that. Holocaust denail, slander, state secrets, . . .
So someone can indeed modify the kernel and ending up breaking the law.
Does it matter whether they break the DMCA or another law?
> If there was a law that said a file could not be modified if someone put the words "DO NOT MODIFY" in it, then you could *not* put such words in a GPL'd work. If you did, such a work would not be distributable because the law imposes a further restriction.
>
> The DMCA is no different. It's a law that says if you put a copyright enforcement scheme in a work, then someone can't circumvent it. Since there are no anti-circumvention rules in the GPL itself, it's a further restriction.
>
> Simply put, if you assume this is a license enforcement scheme, then the Linux kernel together with some modules contains a further restriction that prohibits you from modifying the modules in ways allowed by the GPL. This is precisely what the GPL prohibits.
>
>
>> " For example, if a patent license would not permit
>> royalty-free redistribution of the Program by all those who
>> receive copies directly or indirectly through you, then the only
>> way you could satisfy both it and this License would be to
>> refrain entirely from distribution of the Program. "
>>
>
>
>> It is still royalty-free.
>>
>
> You are missing the point of the example. This is an example of what happens when some kind of legal process not found in the GPL operates to restrict the rights guaranteed by the GPL.
>
>
>> I am not so sure that a copyright protection scheme violates even
>> the spirit of the GPL, as long as the keys are _always_ provided?
>> Because then the option of using they keys are always there,
>> so you can indeed make all the changes you want - and redistribute.
>> Which is also a reason why this scheme never will get
>> sophisticated - after all, it is always both legal and possible to
>> patch it out of the sources.
>>
>
> I cannot see any rational way you can have the right to modify all the involved code, the right to remove the scheme, and yet you can be "circumventing" it.
>
>
>> Note that this particular scheme doesn't even try to prevent copying.
>>
>
> That's simply not true. It makes some proprietary modules unusable on mainstream kernels, thus decreasing the value of them if they're distributed. This is exactly what many anti-copying schemes do.
>
Copying is only "prevented" by reducing the incentive. Any copies
made & distributed are still legal copies. Not so with a copy of a DVD.
The value of the modules might decrease because they are useless, but
that is ok. The modules wasn't GPLed anyway - only the kernel.
> How is this scheme (which makes mainstream kernels unable to work with modules that are not GPL-licensed) different from the DVD scheme (that makes unlicensed players unable to play mainstream DVDs)? Engineered incompatability restricts the distribution value of the items made incompatible.
>
There is the difference that copying the DVD is illegal anyway - it doesn't
matter if you bypass copy-protection or not. (You can trivially copy
a DVD without breaking the encryption - you can then sell
it on the black market to people who have working DVD players.)
You can legally copy the kernel though. Or modify it.
Removing the copyright enforcing with a patch is perfectly ok.
A vendor doing this will have the added work if supporting that patch
though.
Defeating the protection while it is up and running is what might
be illegal. It is unusual that you are actually allowed to remove the
scheme by a patch. I assume this don't change how the DMCA works,
bit of course this will depend on the exact wording.
Using your provided key is not circumventing - smashing the lock is.
What if you buy a copy of windows, then binary patch the install DVD
so it don't ask for the registration code, then install it on your own
PC (without redistributing the cracked DVD?)
The end result is no different from a normal install, you paid for the
software,
you didn't circulate any cracks. You just prefer this way of installing
rather than typing in lots of numbers from a piece of paper. Perhaps
it really is easier - with some highly automated cracking software.
It is legal here where the DMCA doesn't apply - How about the U.S.?
>> It tries to protect the GPL by making it harder to erode it by
>> getting into a situation where 90% of the drivers necessary to
>> run a linux kernel are proprietary.
>>
>
> If you choose the GPL, you lose the right to "make it harder" for people to distribute and modify code. The GPL sets the terms and is carefully constructed so that nobody can later change them.
>
And this scheme doesn't make it harder to distribute and modify
kernel code. It might make it harder to get a closed-source
module working, or to make it work without the GPL symbols
it really would like to use.
Many changes in the kernel makes it harder to make things work,
the kernel is getting bigger and more complicated all the time.
"Hardness" can't possibly matter. A more complicated (but also
more efficient) VM makes it harder to make a useful patch. Only
the useless ones are as easy as always.
>> It does so by ensuring that the
>> proprietary vendors access a limited API, unless they take
>> a lot of cumbersome extra steps like maintaining their own
>> "protection-free" kernel. Which they certainly can do under
>> the GPL, but most prefer being compatible with distro kernels
>> and stock kernels.
>>
>
> This is precisely the type of thing the GPL was designed to prohibit. You are not supposed to be able to abuse copyright to retain control over a GPL'd work.
>
I always had the impression that the GPL was made to prevent
closed distribution of something that started out free. So you
can't add non-gpl stuff into the kernel, or distribute
binary while holding back source.
This copyright enforcement scheme don't prevent any of that,
precisely because it can be removed from the _source_ legally.
Tampering with it while it runs might be illegal some places,
just as printing certain strings might be illegal.
Closed modules are allowed only because an exception was made
in the licencing. That didn't have to happen at all. Closed modules
only get a limited interface, so that they won't be derived works.
Circumventing that creates a non-GPL derived work - which is illegal
to redistribute regardless of protection schemes.
The sceme just makes this harder
to do for those who wish to try anyway. The DMCA might be
useable for making it even harder. An interesting irony - turning the
DMCA against the sort of people who wanted it in the first place.
DMCA or not - copyrigth law prevents distributing a closed derived work.
Unfortunately, that don't stop people from trying - it is hard to
see what's going on in a closed module. Now if breaking the law
this way can be made more difficult then that is a good thing. Fewer
vendors will then try. They will make closed modules hampered by
no access to GPL symbols - or open-source modules, or none at all.
Helge Hafting
> Closed modules are allowed only because an exception was made
> in the licencing. That didn't have to happen at all. Closed modules
This statement is false. Sorry but the law and my legal advice recommend
that I jump in and repeat the correction every time people repeat this
myth. As one of the major kernel copyright holders I have never given
people at large specific rights outside of the GPL to distribute non free
derivative works of the kernel in violation of the GPL. Anyone who does
binary modules, does so at their peril and on the advice of their lawyers
as to whether what they are doing is permissible in local law.
Alan
> David Schwartz wrote:
> >> Indeed, but using the provided key is not circumventing. Loading a
> >> non-GPL module that uses GPL symbols anyway is prevented, so
> >> forcibly loading such a module "the rootkit way" by patching /dev/mem
> >> is a circumvention. Catch one of the script kiddies inside the US, and
> >> you can
> >> theoretically nail him with the DMCA these days.
> > The greater has to include the lesser. If you have the
> > authority to remove or modify a copyright enforcement scheme, you
> > cannot be circumventing it.
> I have a key to my office door that I am authorized to use.
> That don't mean it is ok for me to circumvent the lock with a crowbar too.
Right, I'm not arging that the lesser includes the greater but that the greater includes the lesser. If you are authorized to remove the door, you can certainly open it with the key. If you don't have the key, and you are authorized to remove the door, you can certainly circumvent it with a crowbar in order to remove it.
Authorization to remove a security mechanism entirely makes it impossible to circumvent it. There is nothing you are not allowed to do that the security mechanism stops you from doing.
> > In any event, if your argument were correct, the Linux kernel
> > would not be distributable. The license enforcement scheme in the
> > kernel makes it unlawful to modify the modules in a particular
> > way, and they are both distributed under the GPL. This would be a
> > "further restriction" since the restriction is not found in the
> > GPL itself.
> No, it is not a licence restriction. It is a law. Modifying the
> kernel to send holocaust-denying messages (or other illegal
> stuff like printing money) is illegal too, but not an
> additional restriction.
Patents are not license restrictions either. The GPL is really clear, if a law restricts GPL rights, you have to modify the program so that the law doesn't apply. Otherwise, you can't distribute it.
There will always be laws that impose some restrictions on what you can do with software. You cannot modify the kernel to send death threats to elected officials of various governments. I don't think it's meaningful to compare this to a scheme specifically designed to invoke a law to make it difficult to do specific things that would otherwise not be difficult.
> >> Just as using your door key does not circumvent the door lock even
> >> though you open it.
> > And neither is breaking down your own door. If you have the
> > right to remove the door, you have the right to break it down.
> > The greater includes the lesser.
> Nope. I am authorized to open and enter many doors that I don't own.
> I have no right to open them by other means, just as I have
> no right to relicence the linux kernel even if I may modify &
> redistribute it.
You are showing an example where the lesser doesn't include the greater. Nobody is arguing that. I am arguing the greater includes the lesser. If you have the right to *remove* a door, you can pick the lock to get to the hinges.
If you are authorized to remove a security system, you cannot circumvent it.
> > That's simply not true. It makes some proprietary modules
> > unusable on mainstream kernels, thus decreasing the value of them
> > if they're distributed. This is exactly what many anti-copying schemes do.
> Copying is only "prevented" by reducing the incentive. Any copies
> made & distributed are still legal copies. Not so with a copy of a DVD.
> The value of the modules might decrease because they are useless, but
> that is ok. The modules wasn't GPLed anyway - only the kernel.
All DRM schemes just reduce the value of the copy. Some of the copies made might still be legal. That doesn't change anything.
> > How is this scheme (which makes mainstream kernels unable to
> > work with modules that are not GPL-licensed) different from the
> > DVD scheme (that makes unlicensed players unable to play
> > mainstream DVDs)? Engineered incompatability restricts the
> > distribution value of the items made incompatible.
> There is the difference that copying the DVD is illegal anyway -
> it doesn't
> matter if you bypass copy-protection or not. (You can trivially copy
> a DVD without breaking the encryption - you can then sell
> it on the black market to people who have working DVD players.)
No, no no. The whole point of these schemes is they affect legal copies as well. These schemes have no way to determine whether a particular copy is lawful or unlawful.
For example, suppose I download some music with DRM onto a USB flash key. I pay for the song, and the copy on the USB key is my only copy. If I take the key to another machine where I don't have any licenses, my breaking the DRM scheme to play the song is still circumvention. It has nothing whatsoever to do with the legal status of the copy.
> You can legally copy the kernel though. Or modify it.
You can legally copy or modify any work, under the right circumstances. The whole point of copyright enforcement schemes is that they don't care what's legal. No law prevents you from loading non-GPL'd modules into the kernel (assuming you don't distribute them).
> Defeating the protection while it is up and running is what might
> be illegal. It is unusual that you are actually allowed to remove the
> scheme by a patch. I assume this don't change how the DMCA works,
> bit of course this will depend on the exact wording.
> Using your provided key is not circumventing - smashing the lock is.
We are not talking about using a provided key but removing the lock entirely. If you can remove it, you can smash it if that's the best way to get it out of the way. The greater includes the lesser.
> What if you buy a copy of windows, then binary patch the install DVD
> so it don't ask for the registration code, then install it on your own
> PC (without redistributing the cracked DVD?)
> The end result is no different from a normal install, you paid for the
> software,
> you didn't circulate any cracks. You just prefer this way of installing
> rather than typing in lots of numbers from a piece of paper. Perhaps
> it really is easier - with some highly automated cracking software.
>
> It is legal here where the DMCA doesn't apply - How about the U.S.?
I think it's not clear as far as the DMCA goes. It would certainly be an EULA violation though. Whether there'd be any damages, though, is another question.
> > If you choose the GPL, you lose the right to "make it harder"
> > for people to distribute and modify code. The GPL sets the terms
> > and is carefully constructed so that nobody can later change them.
> And this scheme doesn't make it harder to distribute and modify
> kernel code. It might make it harder to get a closed-source
> module working, or to make it work without the GPL symbols
> it really would like to use.
It does make it harder to distribute and modify GPL'd modules though. For example, if you remove the 'GPL' license tag, they will refuse to load. And do not even try to claim this is a license notice the GPL prohibits you from removing. It is *functional* *code*. If you could make functional code that's also a license notice, you could totally bypass the GPL's requirements recipients be free to modify.
Now there's nothing inherently wrong with this. Any module loading sanity check in the kernel makes it harder to distibute and modify a GPL'd module that fails that sanity check. That can't mean that sanity checks somehow violate the GPL.
However, a "sanity check" that takes advantage of a *law*, rather than purely technical means, is another story. Then it's a deliberate invocation of a law to make the work harder to distribute and modify, and that's what the GPL prohibits. (This is no different from a patent that makes a work harder to distribute.)
> Many changes in the kernel makes it harder to make things work,
> the kernel is getting bigger and more complicated all the time.
> "Hardness" can't possibly matter. A more complicated (but also
> more efficient) VM makes it harder to make a useful patch. Only
> the useless ones are as easy as always.
Read the last part of paragraph 7. Here the GPL uses the example about a legal process that has the effect of making the kernel harder to distribute. It demands that you refrain from distributing at all in this case.
> > This is precisely the type of thing the GPL was designed to
> > prohibit. You are not supposed to be able to abuse copyright to
> > retain control over a GPL'd work.
> I always had the impression that the GPL was made to prevent
> closed distribution of something that started out free. So you
> can't add non-gpl stuff into the kernel, or distribute
> binary while holding back source.
Yes, that is what the GPL was made to prevent. However, this scheme tries to force even code that is not distributed to be placed under the GPL.
> This copyright enforcement scheme don't prevent any of that,
> precisely because it can be removed from the _source_ legally.
> Tampering with it while it runs might be illegal some places,
> just as printing certain strings might be illegal.
The analogy doesn't work for two reasons. First, nobody has done anything deliberate to make this "printing certain strings" restrict your ability to modify a particular work. Second, it conflates a positive with a negative. Your example is of specific things you can't do in any context which is not the same as specific things you must do in just this context.
> Closed modules are allowed only because an exception was made
> in the licencing. That didn't have to happen at all. Closed modules
> only get a limited interface, so that they won't be derived works.
I do not believe that this is the case. Closed modules are allowed because there is no legal authority to prevent them.
> Circumventing that creates a non-GPL derived work - which is illegal
> to redistribute regardless of protection schemes.
This is cleverly worded to hide the basic disconnect -- this change makes it harder to develop and use code which is illegal to dedistribute, but *not* illegal to develop and use.
> The sceme just makes this harder
> to do for those who wish to try anyway.
Nothing wrong with trying to develop code that can't be distributed. Or are you saying there's something wrong with this?!
> The DMCA might be
> useable for making it even harder. An interesting irony - turning the
> DMCA against the sort of people who wanted it in the first place.
Right, the people who want to develop modules they have no intent to distribute in the privacy of their own home.
> DMCA or not - copyrigth law prevents distributing a closed derived work.
> Unfortunately, that don't stop people from trying - it is hard to
> see what's going on in a closed module. Now if breaking the law
> this way can be made more difficult then that is a good thing. Fewer
> vendors will then try. They will make closed modules hampered by
> no access to GPL symbols - or open-source modules, or none at all.
Right, use copyright law to make it more difficult to develop and use certain works because it's illegal to distribute them. That sounds like the spirit of the GPL to me.
GPL advocates should be arguing that you can modify works you own to make them more useful to you however you want, not that copyright law should be twisted to make such modifications difficult or illegal.
Reality check -- this particular scheme has *nothing* to do with distribution and treats code that has not been distributed the same as code that has been.
DS