On Wed, 10 Jul 2019, Zavras, Alexios wrote: > J Lovejoy wrote: > >> On Jul 10, 2019, at 3:38 AM, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > >> On Tue, Jul 09, 2019 at 10:28:59PM -0600, J Lovejoy wrote: > >>> - the MODULE_LICENSE info was never meant to be definitive license > >>> info, but seemingly more of an approximation. I’m wondering if > >>> others have a different view? > [...] > >> MODULE_LICENSE predated SPDX by a decade or so, and was designed to > >> solve a totally different use case. I would not try to mix the two, > >> or infer one from the other. > [...] > > yes. And I can understand the different use case, I guess my concern/question > > is does the existence of MODULE_LICENSE info that sort of contradicts > > the actual license info for the file (when looking just at that file, > > not the combined/resulting image) frustrate the goal of having clean licensing > > info for when people run scans over the kernel? > > > > or maybe the answer is yes, in a strict scanning sense, but because > > MODULE_LICENSE is used for a different purpose, so be it… scanners > > are going to pick it up and people will just have to understand the above? > > > > mostly, I want to confirm that the SPDX identifier for a file in this case > > can simply be: ISC (not BSD, or GPL) > > I think we should all agree that MODULE_LICENSE was never intended > to actually record the exact license -- only to give some information > on the "GPL-ness" of a module. The naming is unfortunate, but that's > historical decisions for you and we have to live with it. > > Scanning tools should not rely on it (and its limited set of possible values) > to determine actual licenses of modules not integrated in the kernel -- > and an SPDX line with "ISC" (or whatever) should always be the determining input. > > Do we need to document this anywhere to be absolutely clear? The kernel Documentation of license rules, which also defines the usage of SPDX identifiers has a section about Module License: https://www.kernel.org/doc/html/latest/process/license-rules.html#id1 Is that clear enough? Thanks, tglx
