From torvalds@transmeta.com Thu Oct 17 13:59:02 2002 Path: post-office.corp.redhat.com!not-for-mail From: Linus Torvalds Newsgroups: rhat.general.linux-kernel Subject: Re: [PATCH] make LSM register functions GPLonly exports Date: Thu, 17 Oct 2002 10:08:19 -0700 (PDT) Organization: Red Hat Inc. Internal News Lines: 49 Message-ID: NNTP-Posting-Host: post-office.corp.redhat.com Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII NNTP-Posting-Date: Thu, 17 Oct 2002 17:21:18 +0000 (UTC) In-Reply-To: <20021017175403.A32516@infradead.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org Errors-To: linux-kernel2news-admin@redhat.com X-BeenThere: linux-kernel2news@redhat.com X-Mailman-Version: 2.0.11 X-BeenThere: linux-kernel2news@redhat.com X-Original-Cc: crispin@wirex.com X-Original-Cc: greg@kroah.com X-Original-Cc: linux-kernel@vger.kernel.org X-Original-To: hch@infradead.org Xref: post-office.corp.redhat.com rhat.general.linux-kernel:24847 Note that if this fight ends up being a major issue, I'm just going to remove LSM and let the security vendors do their own thing. So far - I have not seen a lot of actual usage of the hooks - seen a number of people who still worry that the hooks degrade performance in critical areas - the worry that people use it for non-GPL'd modules is apparently real, considering Crispin's reply. I will re-iterate my stance on the GPL and kernel modules: There is NOTHING in the kernel license that allows modules to be non-GPL'd. The _only_ thing that allows for non-GPL modules is copyright law, and in particular the "derived work" issue. A vendor who distributes non-GPL modules is _not_ protected by the module interface per se, and should feel very confident that they can show in a court of law that the code is not derived. The module interface has NEVER been documented or meant to be a GPL barrier. The COPYING clearly states that the system call layer is such a barrier, so if you do your work in user land you're not in any way beholden to the GPL. The module interfaces are not system calls: there are system calls used to _install_ them, but the actual interfaces are not. The original binary-only modules were for things that were pre-existing works of code, ie drivers and filesystems ported from other operating systems, which thus could clearly be argued to not be derived works, and the original limited export table also acted somewhat as a barrier to show a level of distance. In short, Crispin: I'm going to apply the patch, and if you as a copyright holder of that file disagree, I will simply remove all of he LSM code from the kernel. I think it's very clear that a LSM module is a derived work, and thus copyright law and the GPL are not in any way unclear about it. If people think they can avoid the GPL by using function pointers, they are WRONG. And they have always been wrong. Linus - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/