Re: [patch 18/25] treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 43

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 22 May 2019, J Lovejoy wrote:
> > On May 21, 2019, at 1:29 AM, Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> > 
> > can you please have a look how to handle that GPL + BSD disclaimer
> > abomination SPDX wise?
> > 
> 
> Yes, I have started a new list for this special version of messiness,
> namely anything in these batches that you all are tagging as adding
> something “extra” to the standard GPL license notice.  I’m not going to
> start bringing this to SPDX until we have a more complete list - that way
> we know how many variations there are, etc.

> If/when we do reach out to copyright holders in these cases, I think it’d
> be helpful to specifically ask them if they could remove the extra text
> and confirm that the license is just plain old GPL-2.0-only or
> GPL-2.0-or-later. From Richard’s earlier comments, Philippe’s bit of
> research, and the copyright years in the notices from the actual files -
> it sounds like this additional-warranty thing was in vogue a long time go
> (and hopefully not something people think they need to do today!) - so,
> trying to clean it up where possible would be ideal.

You wish. The bulk is indeed from around 2000m but the cargo cult
disclaimer in drivers/scsi/usf/ was newly added 7 years ago and 2 years ago
a new file was added with the same crap copied. That kind of stuff is still
proliferated for whatever reasons.

Now coming back to the issue with disclaimers in general. We need a way to
deal with it as there are at least two files where there is no trace of the
company anymore. Plus GPLV3 (not relevant for the kernel, but for SPDX)
explicitely says that you can add magic disclaimers. And of course people
will do so.

While walking the dogs I thought more about this.

  1) The random disclaimer (new or old) is not necessarily forming a new
     license as long as the GPL (version) reference is unambiguous.

     It's an (for GPLv2 tolerated and for GPLv3 documented) add on.

  2) With a very quick scan (not complete and accurate) I found more than
     20 variants of disclaimers bolted on a GPLv2 reference/boilerplate.
     I fear there are more.

So it's pretty unrealistic to create 20+ disclaimer IDs or 20+ new license
IDs for those and either of these things would just help to proliferate
that nonsense and create yet another mess in the SPDX realm.

I rather suggest to do the following:

  1) Create a SPDX id 'CUSTOM_DISCLAIMER' and make the license identifier:

     SPDX-License-Identifier: GPL-2.0-or-later AND CUSTOM_DISCLAIMER

  2) Remove the GPL2.0 reference/boilerplate but keep the diclaimer in the
     comment

  3) Wrap the disclaimer into

     DISCLAIMER_BEGIN
     
      Random made up lawyerese

     DISCLAIMER_END

That gives us the following useful properties:

     1) Avoid to go through the tedious process of creating disclaimer IDs
     	or new licenses and go through all the instances of SPDX/OSI and
     	whatever.

     2) Allows to proceed with the cleanup

     3) Precicely marks the custom disclaimer for compliance tools. Even a
     	halfways trivial awk script can extract them that way.

We still can go after the copyright holders who added that mess at the same
time, but we do not depend on their willingness, availability ...

Thoughts?

Thanks,

	tglx

[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux