> On May 22, 2019, at 10:28 AM, Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote: > > On Wed, 22 May 2019, J Lovejoy wrote: >>> On May 21, 2019, at 1:29 AM, Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote: >>> >>> can you please have a look how to handle that GPL + BSD disclaimer >>> abomination SPDX wise? >>> >> >> Yes, I have started a new list for this special version of messiness, >> namely anything in these batches that you all are tagging as adding >> something “extra” to the standard GPL license notice. I’m not going to >> start bringing this to SPDX until we have a more complete list - that way >> we know how many variations there are, etc. > >> If/when we do reach out to copyright holders in these cases, I think it’d >> be helpful to specifically ask them if they could remove the extra text >> and confirm that the license is just plain old GPL-2.0-only or >> GPL-2.0-or-later. From Richard’s earlier comments, Philippe’s bit of >> research, and the copyright years in the notices from the actual files - >> it sounds like this additional-warranty thing was in vogue a long time go >> (and hopefully not something people think they need to do today!) - so, >> trying to clean it up where possible would be ideal. > > You wish. The bulk is indeed from around 2000m but the cargo cult > disclaimer in drivers/scsi/usf/ was newly added 7 years ago and 2 years ago > a new file was added with the same crap copied. That kind of stuff is still > proliferated for whatever reasons. > *sigh* yeah, I just noticed something like that as well. So much for wishes ;) > Now coming back to the issue with disclaimers in general. We need a way to > deal with it as there are at least two files where there is no trace of the > company anymore. Plus GPLV3 (not relevant for the kernel, but for SPDX) > explicitely says that you can add magic disclaimers. And of course people > will do so. > > While walking the dogs I thought more about this. > > 1) The random disclaimer (new or old) is not necessarily forming a new > license as long as the GPL (version) reference is unambiguous. > > It's an (for GPLv2 tolerated and for GPLv3 documented) add on. > > 2) With a very quick scan (not complete and accurate) I found more than > 20 variants of disclaimers bolted on a GPLv2 reference/boilerplate. > I fear there are more. > > So it's pretty unrealistic to create 20+ disclaimer IDs or 20+ new license > IDs for those and either of these things would just help to proliferate > that nonsense and create yet another mess in the SPDX realm. > > I rather suggest to do the following: > > 1) Create a SPDX id 'CUSTOM_DISCLAIMER' and make the license identifier: > > SPDX-License-Identifier: GPL-2.0-or-later AND CUSTOM_DISCLAIMER > > 2) Remove the GPL2.0 reference/boilerplate but keep the diclaimer in the > comment > > 3) Wrap the disclaimer into > > DISCLAIMER_BEGIN > > Random made up lawyerese > > DISCLAIMER_END > > That gives us the following useful properties: > > 1) Avoid to go through the tedious process of creating disclaimer IDs > or new licenses and go through all the instances of SPDX/OSI and > whatever. > > 2) Allows to proceed with the cleanup > > 3) Precicely marks the custom disclaimer for compliance tools. Even a > halfways trivial awk script can extract them that way. > > We still can go after the copyright holders who added that mess at the same > time, but we do not depend on their willingness, availability ... > > Thoughts? That’s an interesting idea… I also am not sure there isn’t another option - once I have these variants of disclaimers collected, I’m wondering about doing a comparison to the actual disclaimer in GPL - if the variant doesn’t substantially change/add to what is there, then it may not be an issue to remove them as was originally planned. Need a bit more legal analysis there, I think. In the meantime, I’ll raise the general observation/issue of adding disclaimers on the SPDX legal list - more lawyers there, so might be good to get some other people thinking about the general question. And sorry if I seem to be treating this one as not urgent - I’ve got the list of files that Kate gave me to work through. And this additional-disclaimer issue is just adding on to the back of that list :) Thanks and walking the dogs seems too be a good activity - keep it up! ;) Thanks Thomas for all your work on this generally - if I haven’t said that recently. Jilayne > > Thanks, > > tglx
