> It seems you still don't explicitly clarify anywhere in the source itself that > the copyright holders of the code from OpenSSL have relicensed it under GPLv2. > I only see a GPLv2 license slapped on the files, yet no such license is presence > in the OpenSSL originals, at least in the one I checked. If you did receive > explicit permission, then you should include an explicit clarification in each > file like the one in arch/arm/crypto/sha1-armv4-large.S. Better yet, get the copyright holders to publicly send a signed-off-by: or acked-by: so it is clear they agree to this. Andrew