Slashdot Log In
Kernel Modules that Lie About Their Licenses
Posted by
CmdrTaco
on Tue Apr 27, 2004 11:00 AM
from the why-can't-we-just-get-along dept.
from the why-can't-we-just-get-along dept.
jon787 writes "An email to LKML about the Linuxant's HSF Modem drivers lying to the kernel about their license has prompted some interesting replies. Lots of talk about how to effectively blacklist these kind of things; a patch is here. One of the more interesting is this one. Linus as always has his $0.02."
This discussion has been archived.
No new comments can be posted.
Kernel Modules that Lie About Their Licenses
|
Log In/Create an Account
| Top
| 587 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
/0 is like a period, it ends the statement. (Score:5, Funny)
Linuxant's explanation (Score:5, Informative)
Re:/0 is like a period, it ends the statement. (Score:5, Informative)
(http://www.imsa.edu/~kamikaze/)
\0 is like a period.
Re:/0 is like a period, it ends the statement. (Score:5, Insightful)
(http://blog.jrock.us/ | Last Journal: Sunday October 10 2004, @04:11AM)
LinuxAnt is really screwed here, as their drivers obviously won't work anymore
Re:/0 is like a period, it ends the statement. (Score:5, Interesting)
WRONG: It's about support.... (Score:5, Interesting)
If a kernel oops or panic occurs in a driver, it's important for the kernel developers to quickly know if it's a GPL driver (or a 3rd party binary only driver that they shouldn't even waste their time looking at). Too much noise is generated on LKML for broken binary drivers that just can't be fixed or troubleshooted.
Zealotry has it's hand in that Open Source people really only want to fix Open Source drivers.
Your clever circumvention idea is well known, it will not save you in getting kernel developer support, however.
Re:LinuxAnt is really screwed? (Score:5, Informative)
Re:LinuxAnt is really screwed? (Score:4, Informative)
Good Luck (Score:5, Interesting)
(http://slashdot.org/)
The court rightly ruled that the console designer caused the code to display the trademark and that they were responsible for any confusion that resulted.
Putting MODULE_LICENSE("GPL\0... in their code could be viewed by the courts as using a method of operation to accomplish a module load. It is very unlikely that they would view it as a grant of a GP License to someone who received the code.
Re:Good Luck (Score:5, Insightful)
(http://www.cityofhope.org/microseq)
The problem with the compatibility argument is that it's wrong. The primary purpose of the license string is to track whether the kernel has loaded a closed-source module. Many kernel hackers choose to ignore bug reports from systems that have loaded closed-source modules since there's a very good chance that the bug is in code that they can't access and fix. But failing to export a GPL compatible license string doesn't have any effect on the kernel's ability to load and run a module, so there's no compatibility reason to export a dishonest description of the module's license.
Re:Good Luck (Score:5, Interesting)
(http://www.biglumber.com/ | Last Journal: Tuesday November 27, @12:44PM)
Now I kind of like that justice, but that's because I happen to fucking hate winmodems even more than I hate closed drivers. It's still a pretty good reason, though, to have your driver lie to the kernel. Maybe, just maybe, you're sure your driver is ok, and don't want its closed-ness to get in the way of people getting bug reports for completely different parts of the kernel.
Re:Good Luck (Score:4, Insightful)
(http://www.gh-sts.com/HOWTO | Last Journal: Tuesday November 01 2005, @09:39PM)
It's not just a political issue, but I guess if you have political issues with operating systems, that's a conveniently ignorant view to take of the situation. This driver is surreptitiously loading itself as non-GPL code while telling us that it is GPL. This effects the way Linux hackers treat bug reports that are tainted with this module. This is accomplished by loading that "GPL" flag and enabling helpers that prevent bugs reports from being flagged as tainted.
Therefore, not only does it complicate bug reports, it complicates bug reports by loading pieces of code that it's not allowed to. I'd say that makes it malware, rather than a political issue.
Re:Good Luck (Score:5, Informative)
(http://slashdot.org/)
- to "taint" the kernel so that anyone posting an oops to the lkml will get ignored.
- to deny certain interfaces marked as GPL-only to the module.
Modules don't need to be GPL (Score:5, Informative)
(http://slashdot.org/)
However it isn't, you can load code with any license you wish, therefore this is not required for interoperability, and such a defense wouldn't be valid.
Re:Good Luck (Score:5, Informative)
(http://slashdot.org/~gmack/journal)
Re:Good Luck (Score:5, Insightful)
1. That's a trademark, this is copyright. Very different.
2. There is no real reason why they _have_ to have "GPL" at the start there. Their code will work without it, it will just cause a message to the effect that there are non-GPL drivers loaded to be displayed.
3. In the case you site it _is_ the console's integral code that displays the trademark. In this case it is the module code in question that includes the text "GPL", followed by a string termination character, in a space reserved for the module's license.
OTOH, I would note that the letters GPL do not in themselves constitue a license grant; they are merely an abbreviation that is usually used to refer to a specific license. In this case, however, they could just as easily stand for "Greg's Private License" (under which you don't get any rights whatsoever).
Thought experiment (Score:5, Insightful)
(http://www.biglumber.com/ | Last Journal: Tuesday November 27, @12:44PM)
Suppose that Lexmark made a printer that looked for a certain string in a ROM on an ink cartridge. Let's say the string was "The manufacturer of this cartridge agrees to the terms of the ELL (Evil Lexmark License)." If the string is present, the printer works great; if the string is not present, the printer has undesirable behavior of some kind.
Further suppose you want to make an ink cartridge for your Lexmark printer, and thus for the purposes of optimum interoperability, you imbed into the ROM: "The manufacturer of this cartridge agrees to the terms of the ELL (Evil Lexmark License).\0Just kidding. Of course I don't REALLY agree to the Evil Lexmark License, because after all, IT'S EVIL!! It even has \"Evil\" right there in the name, what more proof do you need?!? Sheesh, people!"
Are you bound to the ELL?
Re:Thought experiment (Score:5, Insightful)
(Last Journal: Thursday May 24 2007, @01:08AM)
Re:Thought experiment (Score:4, Insightful)
(http://slashdot.org/)
I seem to remember this from the early days of IE....
Re:Thought experiment (Score:5, Informative)
(Last Journal: Thursday May 24 2007, @01:08AM)
For example, here's one sample of a possible Netscape 2 user agent string:
Mozilla/2.02 [fr] (WinNT; I)
Then Microsoft developed Internet Explorer. IE versions shared similar user agent strings, but this is one for IE4.0:
Mozilla/4.0 (compatible; MSIE 4.0; Windows 95)
Now, most open source browsers allow you to copy Internet Explorer and have a user agent such as:
Mozilla/5.0 (compatible; MSIE 5.5; Windows XP) Gecko/whatever
So we have Mozilla/Firefox/etc. which copied Internet Explorer which copied (closed source) Netscape. Clear as mud!
Re:Thought experiment (Score:4, Insightful)
> great; if the string is not present, the printer
> has undesirable behavior of some kind.
But there is where you analogy breaks down. If all the printer did was log in it's memory somewhere that a non-lexmark ink cart had been used so they could void your warranty for any printhead damage there would be no objection. But printers refuse to print without the secret knock and linux will load a module without the GPL tag.
Re:Thought experiment (Score:4, Insightful)
(Last Journal: Thursday October 04, @07:15AM)
The fact is, the kernel doesn't arbitarily malfunction when it's tainted. Instead, the taintedness is a great sign to tell the user that they really need to go to the original authors for help since no one else is able to properly debug their proper (and of course, two different modules from two different companies which each taint the kernel creates a problem which no single entity can resolve). Faking the string to not cause taintedness helps no one (in the short term it might help the company, but it might not in the long run; people might pay support money to get bugs fixed in one tainted module). Faking a string in a printer cartridge helps the user to get cheaper ink. It also helps create competition (always a good thing).
Ironically, Lexmark's cases against various clone ink cartridge makers might decide the result of this same type of deception. Faking a string to make some program behave the way you want might be unhelpful and possibly unethical (by misleading users into believing they're using only GPLed code or wasting developers time on problems they can't solve thanks to code they can't see), but it's hard to see how it could be made illegal. Now getting such companies for false advertising...
Re:Is there a command that lists the licenses? (Score:5, Informative)
Of course Linus has something to say. (Score:5, Insightful)
My modem driver must be broken... (Score:3, Funny)
Squashing... (Score:5, Insightful)
Great idea, for this hack, anyway. Problem is, they'll come up with something else next time. I think this one really is up to the lawyers, unfortunately.
When it's acceptable to lie (Score:4, Funny)
Re:When it's acceptable to lie (Score:4, Funny)
(http://www.kabewm.com/)
Then weigh the resulting print job! EZ Huh?
Get over it (Score:4, Insightful)
BUT... the linux kernel developers need to get over their fanaticism about open-source drivers. There are many reasons companies cannot or will not make their driver source public. For wireless cards, the FCC effectively prohibits it. For video cards and others, much of the value of the card is in fact in the driver and companies have a right to keep that under wraps.
Can't get over it (Score:5, Interesting)
(http://www.rotworm.com/ | Last Journal: Tuesday April 27 2004, @11:14AM)
Re:Can't get over it (Score:5, Insightful)
Re:Can't get over it (Score:4, Interesting)
(http://www.rotworm.com/ | Last Journal: Tuesday April 27 2004, @11:14AM)
Give more credit than that.
I realize they won't work, but firmware should not be a core component of a hardware company, they should work on their hardware first, and not consider firmware a company-breaking secret technology.
For instance, open firmware makes this possible [techtv.com].
ObDMCA reference (Score:4, Insightful)
(http://knoppixquake.webhop.net/)
And with the DMCA firmly in place, it will be illegal to hack YOUR hardware.
Jeez, I used to think I might be a little paranoid, but not any more...
Re:Can't get over it (Score:5, Insightful)
The hell you say. A Cisco router is just a CPU and some RAM with a few IO ports thrown in. Its the IOS firmware and software that makes it do its thing.
Re:Can't get over it (Score:5, Insightful)
Neither do the kernel developers; the -great-great-etc-grandparent's assertion that they actively refuse to allow all things closed source was a straw man. All the kernel developers want to be able to do is have the kernel note when it is running a closed-source driver, so that they can easily filter out bug reports that would require them to have access to sources they don't have. They don't want to get blamed for problems caused by someone else's code whom they can't do anything about. Who in the hell can fault them for that?
But then its MY choice, not the kernel nazis. I thought that is what Linux was all about, Free as in speech, not as in beer.
It is your choice. The "kernel nazis" are in whole hearted agreement. They just want to be able to mark kernel dumps from kernels they can't fix. Their choice. Comprende?
Re:Can't get over it (Score:4, Insightful)
When you buy a router, you're buying the function of routing. That's nearly 100% implemented in the firmware (for consumer-level routers, probably IS 100%). The hardware is just there to support the firmware's function.
Re:Get over it (Score:4, Insightful)
That is a hard requirement for Linux success, in the past, now, and in the future.
For example if 3D desktops becomes the standard open source 3D driver will need to be developed, if the gfx companies don't like that we need to take our money someplace else.
For the record I do run nvidia binary driver today.
Excuse me, but... (Score:5, Insightful)
Yes, but the kernel is not a person, right? In fact lying to hardware/software is a well-accepted practice for interoperability, emulation and fair use. If we want it to be illegal, we might as well defend DMCA.
Re:Get over it (Score:5, Insightful)
(http://www.stupids.org/ | Last Journal: Thursday July 03 2003, @11:37AM)
No, the FCC says the card cannot do certain things. Putting these restrictions in the drivers of each individual OS is not a good plan. The restrictions belong in the firmware. This is a safer way to ensure FCC compliance at the same time as allowing open source drivers.
The linux kernel developers need to get over their fanaticism about open-source drivers.
Who the hell are you to tell the kernel developers what they should care about? The kernel is licensed and written the way it is because the developers want it like that. If 3rd parties aren't prepared to play along, then they don't have to release linux drivers. They can't have it both ways.
Re:Get over it (Score:5, Informative)
(http://slashdot.org/ | Last Journal: Sunday December 25 2005, @01:35PM)
The kernel will happily load any modules you tell it to, binary or not, licensed or not. The reason this tag exists is so the loading of a binary driver will "taint" your kernel. That way when you submit a bug report, the kernel developers know that you had a binary only module loaded.
In that case, they'll ask you to reproduce the produce without the binary module loaded. If the problem doesn't happen, it's the vendor's problem, and not Linux's. And rightly so.
What's wrong with this?
Re:Get over it (Score:5, Insightful)
Freedom means diffrent things to different people, but for most of us, I suspect, freedom is not ultimately defined by anything so trivial as access to the source code for a video driver.
I am freed from the whims of the developer
Then we can safely assume you are a master coder whose word is law in GNU/Linux?
Re:Get over it (Score:5, Interesting)
To be clear, this is just as much a choice of the manufacturer who decides to put sufficient amount of the driver into software such that the device has to be certified as a "hardware and software" combination, not just "hardware" itself.
I have participated in ETSI conformance testing: when you test the product against a known hardware and software combination, you are _held_ to that known hardware and software combination. If you alter the software (e.g. a new build), you need to recertify.
This is entirely fair IMHO, otherwise a dodgy bug in the new version of the software causes RF splatter and destroys the spectrum.
The issue here for the open source community is to either (a) convince the manufactures to put it all into hardware/firmware so that software is not part of the certification, or (b) separately certify the linux driver with the hardware.
Re:Get over it (Score:5, Insightful)
(http://moonbase.rydia.net/)
Regardless of why it was proposed, the reason Linus finally accepted the MODULE_LICENSE stuff was that everyone was wasting a LOT of time trying to track down bugs that ended up being caused caused by binary-only drivers.
The effect of MODULE_LICENSE is mostly just to mark the kernel as "tainted" -- its internal state affected by code which isn't available for the kernel developers to consult when debugging.
This shows up in crash dumps, so if someone posts dump of a crash in which binary drivers were involved, the kernel developers know upfront not to bother (the bug has "crossed the county line", so to speak).
Linuxant's excuse is that the tainted message was too confusing for users (they don't appear to have any qualms about wasting kernel developer time).
Of course Linuxant's proprietary code which they can't let anyone see is pristine and perfect, and could never, ever be the cause of a bug...
Poor processes (Score:4, Insightful)
(Last Journal: Saturday May 01 2004, @04:37AM)
(And if the answer to the question is: "people will cheat and we can't stop them", then there is little point in playing legislator.)
Are they really 'lying'? (Score:5, Interesting)
Personally, I dont use linux and as such, this doesnt directly affect me. But still, it raises interesting questions about how far removed code has to be to be able to be licensed differently. The kernel module API is a publically available API, and Linus does not consider this to be far enough removed. So what is? Does the kernel have to adhere to the CPUs or Motherboards firmware license, because its using a publically available API just like kernel modules are?
Interesting. Very interesting!
Re:Binary modules, licensing, and module strings (Score:4, Interesting)
It's a moot point; a proprietary module that uses GPL symbols is an unauthorized derivative.
But how can some symbols be GPL and some not, considering that, as it stands, the entirety of the core kernel code is licensed under the GPL, and the GPL does not allow exceptions to that licensing? Im not trying to flame, its just not that clear to me! :)
Linus' take (Score:2, Funny)
If we wait in this pumpkin patch long enough, the Great Pumpkin will rise up and give out toys. It will then float to the offices of the evil developers and smite them.
Creative null character? (Score:4, Insightful)
(http://zzz.zggg.com/)
Obviously, this is the wrong approach entirely (Score:1)
(http://slashdot.org/ | Last Journal: Sunday July 29, @04:31PM)
Meaning, the kernel devs should focus on writing up a white list; not a black list.
But why? (Score:5, Insightful)
I think a more appropriate way of handling things would be have a message explaining _why_ the tainted message is coming up, and why they can't GPL the driver. Work with the system, not against it.
-Erwos
Re:But why? (Score:5, Informative)
(http://www.stupids.org/ | Last Journal: Thursday July 03 2003, @11:37AM)
For developers _YES_
How many times have you tried to debug the kernel? And how namy times have you done to without access to all the source code? (ie, with modules loaded for which you don't have the source.)
For more info, read LKML archives.
Re:But why? (Score:5, Informative)
Why are they doing this? (Score:1, Interesting)
(Last Journal: Tuesday October 12 2004, @03:36PM)
I assume it's to allow them to access some 'GPL only' functionality.
This reminds me of the court case where a console game maker was allowed by the court to insert some copyrighted text because it was the only way to make a game that would work.
Is there any similarity, lawyers of
Now I'm waiting until the
I don't see what the big deal is (Score:1, Interesting)
Could someone explain to me why this is an issue? The web page where you download the drivers reads:
Most files in this package are released under terms described in the LICENSE file. Some distinct components, located in the modules/GPL directory however are covered by the GNU General Public License. See the files LICENSE and modules/GPL/COPYING for details.
It doesn't sound like they're trying to hide anything ("LICENSE" above is linked to their license) yet everyone is running around claiming evil intent. What would they gain by this ruse, if it was intentional? Has anyone contacted the company directly to get their take on it?
nonGPL modules (Score:4, Informative)
(http://slashdot.org/)
One way to note this is have each module announce its license to the kernel, and a method exists for this.
I think the intent is clearly to try and fool people into supporting this module, even if that person wishes to avoid supporting non GPL code.
I think this is very underhanded, and going to create significant ill will with some developers.
Does that thing actually work? (Score:3, Insightful)
(Last Journal: Tuesday November 27, @03:27PM)
My God! (Score:5, Funny)
Insubordination at its worst! Lying to the kernel!
Private Function, get Corporal Punishement on the phone and have them admonished immediatley!
So what's it going to be? (Score:4, Insightful)
If /. has no respect for other people's choice in licenses and cheers people ignoring the license, then it must also cheer on people breaking the license in Linux. You can't have it both ways.
Re:So what's it going to be? (Score:4, Insightful)
(http://www.timewarp.org/ | Last Journal: Monday September 30 2002, @08:49AM)
There's no reason you need to do this. The kernel happily loads any license. They are lying for the sake of misleading users. There's nothing to circumvent. This is like Pizza Hut advertising that they are giving out Free Pizza, and then cutting off the edge of the coupon that says "$15 per pie charge". There is no technical reason for this; this is simply lying to the end users.
--
Evan
I know! (Score:5, Funny)
I'm sure this hans't been done [microsoft.com] before.
linus's comment mirrored (Score:1)
(http://www.kwasar.biz/)
Spend a penny (Score:4, Funny)
(Last Journal: Friday November 03 2006, @03:51PM)
Lying should be OK... (Score:5, Insightful)
(http://slashdot.org/ | Last Journal: Wednesday October 02 2002, @10:14PM)
If Office 2003 started asking the Win32 API - areYouReallyMicrosoftWindows(). Then MS Windows would return true...
What would Wine get to return?
This is a settled question... (Score:5, Informative)
(http://ottodestruct.com/)
What would Wine get to return?
Wine would get to return true as well, if answering true was essential to get the software to work.
Take the case of the gameboy (I think). One of the checks the thing did when loading a game was to look for the Nintendo logo in the header of the game. If it wasn't there, it wouldn't run it. Someone else put the logo in their games to get it to run, Nintendo sued for trademark infringement. Nintendo lost, because they had made it absolutely necessary to include that logo in order for third parties to achieve interoperability with the product. Instead of preventing third parties from developing games (which was what they wanted), they lost control of their trademark to some degree. Not good.
However, this case is different. You don't need to lie to the kernel about your license to achieve interoperability. It'll load the module regardless of what you put in the license string. The only thing the license string does is to signal to the kernel developers that non-free modules are loaded into the kernel. It's been "tainted", and then they can choose to not support problems with tainted kernels.
This isn't lying to the kernel so much as it is lying to the kernel developers.
What is MODULE_LICENSE? (Score:2)
-Alan
DMCA (Score:1)
The system makes you lie (Score:4, Informative)
(http://inglorion.net/ | Last Journal: Thursday October 06 2005, @07:17AM)
I prefer to develop my modules under the revised BSD license, so that others can port them to the BSDs without running into licensing issues. However, Linux will mark the kernel as tainted when a BSD-licensed module is inserted. So I mark them as Dual GPL/BSD, so that they can be loaded without complaints, although I really don't want to release them under GPL, as that would pose a risk that others add code under GPL that could then not be used in the BSDs.
Ok, that may sound confusing as I typed it in a hurry, but you can make sense of it if you try.
Here goes my karma... (Score:2, Insightful)
This ain't flamebait, but a rather trenchant commentary on the hypocrisy that I see.
(off-topic) regarding the patch (Score:2)
Now please excuse me for never having done any kernel hacking before (although I would be interested in trying it some day, as I've been telling myself for years).
But wasn't it considered "a bad thing" (as in: potentially confusing) to use double negatives in one's source code?
Wouldn't it be a lot clearer to name the function "author_is_blacklisted" and having it simply return the result of the string comparison?
Why bother - driver limited to 14kbps (Score:4, Informative)
(http://trolltalk.com/ | Last Journal: Saturday November 24, @08:16AM)
From the license [linuxant.com]:
I mean, even RFC 1149 (TCP/IP over Carrier Pigeon) would be better :-)
This is crippleware.
Request the source (Score:3, Insightful)
(http://www.dweasel.com/)
wilful infringement (Score:2)
To show wilful infringement, you do need to show "intention"; although we interpret the worst that the '\0' was placed in the string specifically to evade kernel tainting, this may not hold up as "on the balance of probabilities" in a court of law without other evidence to show that it wasn't just a mistake or so on.
Trusting the data???? (Score:2, Interesting)
Why do i care? (Score:3, Insightful)
(http://slashdot.org/~nurb432/ | Last Journal: Friday August 27 2004, @03:24PM)
I have a kernel. I have a device. With out said driver the kernel is useless to me.
So the driver is closed and propitiatory, as long as it works with my kernel why should I care. ( all religious OSS arguments aside.. I'm taking for a *real* reason )
The alternative seems to be no driver, and the kernel becomes a useless lump of code. We cant demand that companies that produce hardware support anything they don't want too, be happy they at least give us closed drivers... 5 years ago they didnt even do that, unless it was for a Microsoft kernel.
Re:Why do i care? (Score:4, Insightful)
Dinivin
Re:Why do i care? (Score:5, Informative)
A)By faking a GPL license to avoid "tainting" the kernel, the company has made your life more difficult. Problems you have with the kernel won't be supported by developers unless you can recreate the problem without any closed-source modules loaded(otherwise the bug is likely in code they can't fix). Since the module is not marked by the kernel as closed source, unless you remember it is months or years down the road, you may forget that you need to unload it.
B)It wastes time the developers could otherwise be using to improve the kernel. Given a kernel dump that claims to be untainted, they could end up spending days hunting down a bug only to discover that it ultimately lies in a module they can't find source for. If the tainting mechanism had been allowed to work properly, the developer would have asked for a resubmission of the bug without any closed-source modules loaded, to ensure the bug is fixable by them, saving themself days of wasted effort.
What you, and a lot of other people seem to not be understanding is that, if this company hadn't faked the "GPL" line, the modules would still have loaded and worked perfectly. The developers aren't trying to keep closed source drivers from running (far from it), they just want to mark a kernel so that if there's a problem with it, they can save time by having a way to immediately identify whether they are capable of debugging it or not. That benefits everyone.
Change the kernel to remove module check (Score:2)
(Last Journal: Friday March 05 2004, @06:47PM)
But, one thing that would work is to modify the core kernel to remove the module license check, or remove warning messages so it didn't matter. The code is GPL'd, which means anyone is free to modify it to suit their needs, as long as they release their mods. So, this would be completely within their rights.
Of course, they are then dealing with their own kernel, which they would need to support. So, I think this takes care of the main gripe from the GPL/kernel people - of not being able to provide support for binary modules.
Linuxant's president responds. (Score:1)
These people wanted $15 for a Linux driver (Score:3, Insightful)
I just went and bought a serial port external modem for $13 (shipped). Works like a charm.
Linuxant Responds and explains themselves. (Score:5, Informative)
On the otherhand I think everyone's eyes are open to possible malicious use of this and simular tricks.
I'm a bit confused. (Score:1)
hmmm (Score:2)
Thanks,
Leabre
...circumvention of an access control... (Score:1)
(http://slashdot.org/ | Last Journal: Monday October 18 2004, @03:17PM)
Linuxant Explains (Score:2)
(http://virtualthreads.blogspot.com/)
Actually, we also have no desire nor purpose to prevent tainting. The purpose of the workaround is to avoid repetitive warning messages generated when multiple modules belonging to a single logical "driver" are loaded (even when a module is only probed but not used due to the hardware not being present). Although the issue may sound trivial/harmless to people on the lkml, it was a frequent cause of confusion for the average person.
Read the entire email for the whole picture. Whether you agree or not, it is important to understand why they partially circumvented the license check.
Linuxant's Response to this matter! (Score:2, Interesting)
(http://www.digitalhobo.com/)
Anybody use this driver? (Score:2)
(http://www.indistinct.net)
If so, then this is franky just obnoxious behavior.
If not, then in fact their non GPL module is using GPL-only kernel internals, meeting at least Linus's definition (I think?) of a derived work, which would constitute actual infringement.
Something I discovered that you may not know (Score:1)
7. Performance. V.92 modems are designed to be capable of receiving data at up to 56Kbps with compatible phone line and server equipment, and transmitting data at up to 31.2Kbps. V.90 modems are designed to be capable of receiving data at up to 56 Kbps from a compatible service provider and transmitting data at up to about 28.8 Kbps. Public networks currently limit download speeds to about 53Kbps. The free version of the drivers is limited to 14.4Kbps. Actual speeds vary and are often less than the maximum possible.
I mean WTF!!! Give us a break. I wouldn't use their crap if I had to spend a zillion dollars on a new modem. I think we need put pressure on all involved (Linus, the disto companies, etc.) to remove this companies crap. It will make the inexperienced user think just what M$ wants them to, that Linux is inferior to WinBlows.
Original purpose wasn't to deny, but to allow (Score:3, Interesting)
(http://www.michaelnygard.com/)
In fact, the reverse is true. Many device vendors were hesitant to release drivers for Linux because of the binary linkage created when the driver gets loaded. Under a strict interpretation of the GPL, that would consitute enough of a linkage to make the drivers a derivative work.
Some vendors did not want their drivers to automatically fall under the GPL just because of dynamic loading.
The GPL flag was created to let non-GPL drivers clearly indicate that they were not derivatives and would not be GPL-licensed.
This is an example of a vendor that wants to eat its cake and have it too.
Hey, I have those! (Score:1)
License silliness (Score:2)
(http://www.usermode.org/ | Last Journal: Tuesday April 17 2007, @09:13PM)
Let me use another kernel in an attempt to explain why. The FreeBSD kernel is licensed under the BSD license. But the ext2fs code is under the GPL since it directly derived from the GPL code in Linux. Building a FreeBSD kernel with the ext2fs option will "taint" the kernel. While this is generally known and understood, the FreeBSD kernel does not tell the user that they have been tainted. Such a move would be decried by those on the GPL side of the fence as cheap license politicking. But this is what Linux does. I call it cheap license politicking.
Some kernel developers say that this is necessary so that they can debug the kernel. Source code is necessary for debugging. Nonsense! The license tag marks all non-GPL modules as tainted. It is the license that matters, and not the availability of source code. Is a kernel developer going to tell a user "sorry, I can't fix your problem because you're using the X11 license"? That would be truly silly. Should the developer run across a binary-only module that prevents debugging, a simple message to the user saying so will suffice.
The license tag is also used to limit access to certain private kernel routines. In essence, it makes private kernel APIs public, but only for GPL modules. It's tying the license to the API, which is quite strange (and silly). Use license A and you get one API. Use license B instead and you get another. Huh? Either the API is public or it is not. This "members only" crap has to go. It's license politicking of the lowest sort.
A (Sort-of) User Perspective (Score:2, Interesting)
You see, these drivers are almost worthless. They make the kernel unstable when loaded. They create an OOM error with pci hotplugging. I've had to reboot 5+ times in one day.
The only way I was able to track it to the drivers was by blacklisting the mods with hotplug and reading log messages.
Now, they may or may not crash on all systems, but I personally was close to filing bug reports complete with dumps. If it's true that this change doesn't show up in the dumps, the kernel developers would be busy tracking down bugs that weren't a result of their code.
How much time do you think would have been wasted on these reports (assuming that I am not alone in having kernel panics from these drivers?)
As for the whole "the tainted messages were confusing the customer" schtick: There are about 6 different modules that get loaded, so there would be 6 different tainted messages (which can be spooky...) but I can't even remember the last time I saw a "tainted kernel" message. Nowadays, most modules are being loaded in the background with any messages going to a log somewhere on the system. Besides, a one line explanation would be enough to not bother the user ("It's for kernel developers. You don't need to worry about it." or "It's to help people fix your computer if something goes horribly wrong."
Blacklisting is extreme (Score:4, Interesting)
FWIW IMHO the string ends at the \0 I don't care what garbage in memory exists after this, this is not a subtle issue or grey area, \0 ends the string, subsequent information is irrelevant.
But back to my subject, blacklisting is a bit heavy handed. Hmm... we have a company that provides drivers for Linux, yup they're proprietary winmodem drivers but they're there. To *suppress warnings* they have unfortunately chosen to prematurely end their string with a \0, that's really nasty and foolish but blacklisting them as a company from installing kernel modules is way frikin OTT.
How does this help joe public get his winmodem working?
How does this encourage any corporation from releasing proprietary drivers for in Linux? (Which are better than no drivers IMHO)
There are other drivers (particularly audio and graphics) that use proprietary code implemented by private companies and these are used every day by many thousands of Linux users.
what's the difference between... (Score:2)
What if NVidia stuck an extra flash chip on their card, loaded the common part of the driver into there at manufacturing time, or via a flash update and had the 'open sourced' part of the driver access it? This would be no more or less GPL compliant than any 'normal' driver, as linux does this with the BIOS, and with ide and scsi cards all the time, by calling proprietry code via an open sourced interface.
It seems to me that the GPL is differentiating between the delivery method, which is just silly (imho). Until everything on a computer is free (as in speech) then compromises are going to have to be made.
If this sounds like a troll then sorry, but i don't mean for it to be.
Stop the Whining, the clueless do not deserve... (Score:3, Insightful)
(http://www.pobox.com/~rwhite)
Doing these things honestly and functionally isn't all that difficult.
For instance, my company makes a sweet little device that, among other things, has a bunch of FPGAs (Field Programmable Gate Arrays). There is some language (I have never seen) that creates, via a source file (I will never possess) and a compiler (we license for a nut), to create a byte-stream (I have sitting around in a file) that gives the FPGAs their personality.
When my boss came in and started whining about the GPL I pointed out that the three modules were GPL-able and that distributing them under the GPL was about as "wanton with our intellectual property" as sunday school.
The drivers are just not that interesting. From one (the one that loads the FPGA images) you could learn how to copy a byte string into a single register. e.g. "for (int counter = 0; counter image_size; ++counter) { *FPGA_Personality_Register = image_buffer[counter]; }"
Oh yea, there is a lot of boiler-plate around this, and I actually do that inside a fpgaflash_write() etc. But this is *not* rocket science.
In point of fact, virtually all of the "Intellectual Property Issues" people have with respect to software are, frankly, crap.
A bunch of people doing a lot of truely marginal work have created a mythology of value. Somehow the way _*THEY*_ increment an integer is so much more fascinating than the way the rest of us do it. "But Boss," they say, "if everybody out there figures out that we put *our* serial uart at 0x2df instead of 0x2f0 then nobody will need us any more."
Bull.
If you provide a good product at a reasonable rate then people will pay you for it.
Every year I spend $20 to $50 to pay my taxes with one or another tax prepration software product. I do this *despite* the fact that all the forms and things are there and (obfuscated 8-) open source. (And I actually buy the software instead of pirate it, since to steal software when that is how I make my living would be hypocritical.)
The only people who have to worry about Open Source are the people who make crappy software.
Trust me, nobody wants your job. Nobody wants sneak in and rewrite comercial drivers *IF* *THEY* *WORK*. Nobody cares about your "proprietary register mapping" *IF* *IT* *WORKS*. The people who are going to make a nockoff of your board are just going to trace out your hardware if they want to clone it, and its is going to take them how long to disassemble your Windows driver to make their compatable device?
Gee, if they want to compete, they could just make their clone to one of the already-existing drivers they have source too anyway.
There is *NOTHING* *OF* *VALUE* in your drivers. Really. Get over yourselves and start harvesting all that free money by making a product and having the OS community improve your products' drivers for free.
It boggles the mind that people like nVidia and ATI want to keep their drivers closed when their real value is in the chipsets themselves. Everybody knows how Direct-X and OpenGL is going to present the data at that level. Why do they even *care* if someone knows that the data buffers are reformatted and their addresses are crammed into a doorbell register at a particular address. Do they think we can't possibly fathom the concept of laying out data and putting addresses into doorbell registers? Do they expect us to be supprised when it turns out that the eight hardware rendering pipelines they brag about on the box are backed up by eight separate linked lists (or whatever) in the driver?
And you just know that on the flip side, there is someone at each of these companies trying to outsource the driver development even as the first team of idiots are jealously garding their source code.
Back to the example, all the "value" in our product is in the complex and subtle control of state *below* the driver in the hardware, and in the complex and robust interractions of the applications and protocols
Re:Linus' E-mail in case of slashdotting (Score:1)
(http://evilempire.ath.cx/)
Careful guys, body text troll.
Re:Linus' E-mail in case of slashdotting (Score:1, Troll)
I sure hope they cut it out and stop trying to hack their way around the gpl.
Re:circumcise?! HELLO, MCFLY?! (Score:2)
(http://www.nikola.novak.net/)
Mods, read the whole thing please... (Score:3, Informative)
(http://www.ratcrow.com/)
"...rather than blacklist Black people..." (emphasis added)
Linus was referring to "bad" people. This should be something other than Informative.
Re:circumcise?! HELLO, MCFLY?! (Score:1, Funny)
Re:Linus' E-mail in case of slashdotting (Score:1, Informative)
Re:Real world vs. fanboy fantasies (Score:1)
(http://people.cs.uchicago.edu/~bwthomas)
you're statements are facetious. If your comment isn't modded down as flamebait and/or offtopic, then someone made a mistake.
I am what most people would consider a highly trained technical professional. Unlike most people who spout off at this site, I have the certificates to prove this, and furthermore they're issued by the biggest software company in existence.
yes, because most people consider an MCSE to be better than a PSE or a CCNP. That's the way it is on the street, is it? I'll take a free software zealot over you any day, at least they know what they're talking about, even if their opinions are far left.
Re:Someone explain to me again how modules "taint" (Score:1)
(http://evilempire.ath.cx/)
Real copy, without troll-ness (Score:1, Informative)
>
> LinuxAnt offers binary only modules without any sources. To circumvent our
> MODULE_LICENSE checks LinuxAnt has inserted a "\0" into their declaration:
>
> MODULE_LICENSE("GPL\0for files in the \"GPL\" directory; for others, only
> LICENSE file applies");
Hey, that is interesting in itself, since playing the above kinds of games
makes it pretty clear to everybody that any infringement was done
wilfully. They should be talking to their lawyers about things like that.
Anyway, I suspect that rather than blacklist bad people, I'd much prefer
to have the module tags be done as counted strings instead. It should be
easy enough to do by just having the macro prepend a "sizeof(xxxx)"
thing or something.
Hmm. At least with -sdt=c99 it should be trivial, with something like
#define __MODULE_INFO(tag, name, info) \
static struct { int len; const char value[] } \
__module_cat(name,__LINE__) __attribute_used__ \
__attribute__((section(".modinfo"),unused)) = \
{ sizeof(__stringify(tag) "=" info), \
__stringify(tag) "=" info }
doing the job.
That should make it pretty easy to parse the
Linus
Re:Real world vs. fanboy fantasies (Score:1)
(http://www.angelfire...epublican/index.blog | Last Journal: Thursday July 27 2006, @12:00AM)
You've obviously never needed to use a driver with the 2.4 kernel that was written for the 2.2 kernel.
LK
On KernelTrap too (Score:2)
The creative one (Score:2)
(http://www.shockfamily.net/ | Last Journal: Thursday March 18 2004, @09:41PM)
wrote in message
> Carl-Daniel Hailfinger wrote:
> >This way, the module format doesn't change, but we can do additional
> >verification in the loader.
>
> The way I see it, they know a C string ends with a '\0'. This is like
> saying that a English sentence ends with a dot. If they wrote "GPL\0" they
> are effectively saying that the license *is* GPL period.
>
> So, where the source code?
That's another (quite amusing:) point of view. Anybody willing to ask a
lawyer?
MfG, JBG
--
Jan-Benedict Glaw jbglaw@lug-owl.de . +49-172-7608481
"Eine Freie Meinung in einem Freien Kopf | Gegen Zensur | Gegen Krieg
fuer einen Freien Staat voll Freier Bürger" | im Internet! | im Irak!
ret = do_actions((curr | FREE_SPEECH) & ~(NEW_COPYRIGHT_LAW | DRM | TCPA));
This has already been discussed in this thread
Re:hypocrites (Score:2)
(http://honeypot.net/ | Last Journal: Thursday November 15, @11:49AM)
Re:Real world vs. fanboy fantasies (Score:5, Informative)
(Last Journal: Sunday October 03 2004, @04:03AM)
Only clueless fanboys would give a damn about under which license their drivers are distributed. As long as they do what they're supposed, so what?
The kernel developers have a tainting system in place because they won't debug kernels that have drivers loaded that are closed-source. It's too hard for them to tell whether that driver might have been responsible, and very difficult for them to fix any problems.
Try seeing how interested Microsoft is with fixing problems in other people's proprietary drivers. It's not all that high.
This is different from something meaningful, like Microsoft's excellent WHLQ certification. I'm surprised that no other vendor, including LinuxOS Inc., has copied the idea of certified drivers yet. Microsoft has taken the initiative to take responsibility, this is something that the GPG/Linux community needs to copy.
WHQL is primarily a mechanism designed to give Microsoft strategic power in the software market. It has little to do with software quality, though it is billed as such (just as DRM is billed as an anti-virus/malware scheme by MS). It is intended to grant them ultimate authority over what software is released for their system -- they have the power to refuse to sign any driver release if they need to do so as a lever, which gives them tremendous power over device manufacturers. This is tremenously more powerful and intrusive than the Linux driver tainting system, which works on an honor system. WHQL ensures only basic functionality is in place -- WHQL testing does not involve audititing code, checking for corner cases, or do any of the things necessary to produce a good, bug-free driver.
Re:Real world vs. fanboy fantasies (Score:1)
Back when I was an intern we ran into a bug in the driver for a video card and reported it to the vendor. My supervisor's conversation with the vendor went something like this:
Us: "We need you to fix this bug."
Them: "Sorry, that card is considered obsolete and is no longer supported."
Us: "If you send us the source, we can fix it ourselves."
Them: "Sorry, we don't give out the source to our drivers. Driver source code is copyrighted and a valuable trade secret."
Us: "But you just said the card was obsolete." Them: "The code is still valuable, and we can't give it out." Us: "We're perfectly willing to sign an NDA."
Them: "I'm sorry, we can't give you the source."
By the way, if you're going to cite statistics please indicate the source of your numbers. I give little credence to anyone who rattles off a list of numbers that allegedly came from "SEVERAL INDEPENDENT RESEARCH INSTITUTES." Stats without information on versions, configurations, and testing methods are largely meaningless. Without access to the source studies, your claims are unverifiable and could very well be fictional. Access to the source is very important to many of us.
Re:hypocrites (Score:2, Interesting)
(http://www.ckaminski.com)
Re:Real world vs. fanboy fantasies (Score:1)
Heh. Would you like another nice billy goat up the rear?
Re:hypocrites (Score:2)
The problem with the creative license string is that it doesn't mark the kernel as "tainted", wich is a big deal for the people who debug the kernel and pore over kernel dumps. If you have a binary-only module loaded, you should try to reproduce your bug/crash without the binary module so that the kernel people are sure that your crash was due to the kernel and not the binary driver to wich they haven't got source to debug.
Re:hypocrites (Score:1)
(http://tyro.homelinux.com/)
Re:OT: Linmodem hacking question... (Score:2)
(http://slashdot.org/)