[PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Yann Dirson]

From: Yann Dirson <yann@blade-group.com>

The rationale here is that if the user can only whitelist "commercial"
to use any part of ffmpeg, even it the list of features is carefully
reviewed when switching the whitelisting on, there was nothing to
guard from inadvertently activating a new feature that would not have
been reviewed.

This patch adds one LICENSE_FLAGS value for each feature, except for
those that bring no codec, trying to be on the same level of legal
safety - but then I may miss something.

I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
anything that brings a codec, notably libavcodec.  I also did not look
at non-default features yet.

There may still be a problem if any feature in ffmpeg gets activated
by default upstream and not registed as a PACKAGECONFIG feature.  At
least any of those that depend on another lib would not be enabled,
that could be seen as a sufficient safeguard.
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
index 08be38ca50..3a36c95151 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
@@ -16,7 +16,17 @@ LICENSE_libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
 LICENSE_libpostproc = "GPLv2+"
 LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
 LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
-LICENSE_FLAGS = "commercial"
+
+# PACKAGECONFIG features that do not pull codecs
+NONCOMMERCIAL_PACKAGECONFIGS = " \
+ alsa bzlib drm gpl lzma zlib xcb xv \
+ avdevice avfilter avformat swresample swscale postproc avresample \
+"
+# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be explicitly whitelisted.
+# See https://ffmpeg.org/legal.html
+LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
+                             for cfg in '${PACKAGECONFIG}'.split() \
+                             if cfg not in '${NONCOMMERCIAL_PACKAGECONFIGS}'.split())}"
 
 LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
                     file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
-- 
2.30.2

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Alexander Kanavin]

[-- Attachment #1: Type: text/plain, Size: 2778 bytes --]

Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones
that are enabled and disabled, and use the former in PACKAGECONFIG itself?

Alex

On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com>
wrote:

> From: Yann Dirson <yann@blade-group.com>
>
> The rationale here is that if the user can only whitelist "commercial"
> to use any part of ffmpeg, even it the list of features is carefully
> reviewed when switching the whitelisting on, there was nothing to
> guard from inadvertently activating a new feature that would not have
> been reviewed.
>
> This patch adds one LICENSE_FLAGS value for each feature, except for
> those that bring no codec, trying to be on the same level of legal
> safety - but then I may miss something.
>
> I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
> anything that brings a codec, notably libavcodec.  I also did not look
> at non-default features yet.
>
> There may still be a problem if any feature in ffmpeg gets activated
> by default upstream and not registed as a PACKAGECONFIG feature.  At
> least any of those that depend on another lib would not be enabled,
> that could be seen as a sufficient safeguard.
> ---
>  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
>
> diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> index 08be38ca50..3a36c95151 100644
> --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> @@ -16,7 +16,17 @@ LICENSE_libavutil =
> "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
>  LICENSE_libpostproc = "GPLv2+"
>  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> 'GPLv2+', 'LGPLv2.1+', d)}"
>  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> 'GPLv2+', 'LGPLv2.1+', d)}"
> -LICENSE_FLAGS = "commercial"
> +
> +# PACKAGECONFIG features that do not pull codecs
> +NONCOMMERCIAL_PACKAGECONFIGS = " \
> + alsa bzlib drm gpl lzma zlib xcb xv \
> + avdevice avfilter avformat swresample swscale postproc avresample \
> +"
> +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be
> explicitly whitelisted.
> +# See https://ffmpeg.org/legal.html
> +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
> +                             for cfg in '${PACKAGECONFIG}'.split() \
> +                             if cfg not in
> '${NONCOMMERCIAL_PACKAGECONFIGS}'.split())}"
>
>  LIC_FILES_CHKSUM =
> "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
>
>  file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
> --
> 2.30.2
>
>
> 
>
>

[-- Attachment #2: Type: text/html, Size: 3949 bytes --]

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Quentin Schulz]

Hi all,

On Tue, Mar 23, 2021 at 05:42:20PM +0100, Alexander Kanavin wrote:
> Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones
> that are enabled and disabled, and use the former in PACKAGECONFIG itself?
> 
> Alex
> 
> On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com>
> wrote:
> 
> > From: Yann Dirson <yann@blade-group.com>
> >
> > The rationale here is that if the user can only whitelist "commercial"
> > to use any part of ffmpeg, even it the list of features is carefully
> > reviewed when switching the whitelisting on, there was nothing to
> > guard from inadvertently activating a new feature that would not have
> > been reviewed.
> >
> > This patch adds one LICENSE_FLAGS value for each feature, except for
> > those that bring no codec, trying to be on the same level of legal
> > safety - but then I may miss something.
> >
> > I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
> > anything that brings a codec, notably libavcodec.  I also did not look
> > at non-default features yet.
> >
> > There may still be a problem if any feature in ffmpeg gets activated
> > by default upstream and not registed as a PACKAGECONFIG feature.  At
> > least any of those that depend on another lib would not be enabled,
> > that could be seen as a sufficient safeguard.
> > ---
> >  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
> >  1 file changed, 11 insertions(+), 1 deletion(-)
> >
> > diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > index 08be38ca50..3a36c95151 100644
> > --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > @@ -16,7 +16,17 @@ LICENSE_libavutil =
> > "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
> >  LICENSE_libpostproc = "GPLv2+"
> >  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > 'GPLv2+', 'LGPLv2.1+', d)}"
> >  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > 'GPLv2+', 'LGPLv2.1+', d)}"
> > -LICENSE_FLAGS = "commercial"
> > +
> > +# PACKAGECONFIG features that do not pull codecs
> > +NONCOMMERCIAL_PACKAGECONFIGS = " \
> > + alsa bzlib drm gpl lzma zlib xcb xv \
> > + avdevice avfilter avformat swresample swscale postproc avresample \
> > +"
> > +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be
> > explicitly whitelisted.
> > +# See https://ffmpeg.org/legal.html
> > +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
> > +                             for cfg in '${PACKAGECONFIG}'.split() \

I would at least make it commercial_ffmpeg- + cfg. To make it obvious
that it belongs to ffmpeg recipe/packages.

I guess it breaks backward compatibility, which IMO is fine unless there
is a possibility someone who blacklisted this commercial license in some
way now has it enabled. I don't know enough about the inner workings of
LICENSE_FLAGS so cannot say if this is covered or not.

Quentin

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Yann Dirson]

Le mar. 23 mars 2021 à 18:27, Quentin Schulz
<quentin.schulz@streamunlimited.com> a écrit :
>
> Hi all,
>
> On Tue, Mar 23, 2021 at 05:42:20PM +0100, Alexander Kanavin wrote:
> > Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones
> > that are enabled and disabled, and use the former in PACKAGECONFIG itself?
> >
> > Alex
> >
> > On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com>
> > wrote:
> >
> > > From: Yann Dirson <yann@blade-group.com>
> > >
> > > The rationale here is that if the user can only whitelist "commercial"
> > > to use any part of ffmpeg, even it the list of features is carefully
> > > reviewed when switching the whitelisting on, there was nothing to
> > > guard from inadvertently activating a new feature that would not have
> > > been reviewed.
> > >
> > > This patch adds one LICENSE_FLAGS value for each feature, except for
> > > those that bring no codec, trying to be on the same level of legal
> > > safety - but then I may miss something.
> > >
> > > I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
> > > anything that brings a codec, notably libavcodec.  I also did not look
> > > at non-default features yet.
> > >
> > > There may still be a problem if any feature in ffmpeg gets activated
> > > by default upstream and not registed as a PACKAGECONFIG feature.  At
> > > least any of those that depend on another lib would not be enabled,
> > > that could be seen as a sufficient safeguard.
> > > ---
> > >  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
> > >  1 file changed, 11 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > index 08be38ca50..3a36c95151 100644
> > > --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > @@ -16,7 +16,17 @@ LICENSE_libavutil =
> > > "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
> > >  LICENSE_libpostproc = "GPLv2+"
> > >  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > > 'GPLv2+', 'LGPLv2.1+', d)}"
> > >  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > > 'GPLv2+', 'LGPLv2.1+', d)}"
> > > -LICENSE_FLAGS = "commercial"
> > > +
> > > +# PACKAGECONFIG features that do not pull codecs
> > > +NONCOMMERCIAL_PACKAGECONFIGS = " \
> > > + alsa bzlib drm gpl lzma zlib xcb xv \
> > > + avdevice avfilter avformat swresample swscale postproc avresample \
> > > +"
> > > +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be
> > > explicitly whitelisted.
> > > +# See https://ffmpeg.org/legal.html
> > > +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
> > > +                             for cfg in '${PACKAGECONFIG}'.split() \
>
> I would at least make it commercial_ffmpeg- + cfg. To make it obvious
> that it belongs to ffmpeg recipe/packages.

Makes sense.

>
> I guess it breaks backward compatibility, which IMO is fine unless there
> is a possibility someone who blacklisted this commercial license in some
> way now has it enabled. I don't know enough about the inner workings of
> LICENSE_FLAGS so cannot say if this is covered or not.

You mean, that "commercial" would be whitelisted globally, but then
something would
exclude ffmpeg from that whitelist ?  I'm not aware of a way to do that.

If someone whitelisted it, it should be with one of "commercial",
"commercial_ffmpeg",
or "commercial_ffmpeg_${PV}".  It is likely hard to get the 3rd one to
work, but in any case
the compatibility breakage would result in an early build failure, so
I guess it will be
acceptable.

-- 
Yann Dirson <yann@blade-group.com>
Blade / Shadow -- http://shadow.techAFA

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Quentin Schulz]

On Tue, Mar 23, 2021 at 07:02:43PM +0100, Yann Dirson wrote:
> Le mar. 23 mars 2021 à 18:27, Quentin Schulz
> <quentin.schulz@streamunlimited.com> a écrit :
> >
> > Hi all,
> >
> > On Tue, Mar 23, 2021 at 05:42:20PM +0100, Alexander Kanavin wrote:
> > > Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones
> > > that are enabled and disabled, and use the former in PACKAGECONFIG itself?
> > >
> > > Alex
> > >
> > > On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com>
> > > wrote:
> > >
> > > > From: Yann Dirson <yann@blade-group.com>
> > > >
> > > > The rationale here is that if the user can only whitelist "commercial"
> > > > to use any part of ffmpeg, even it the list of features is carefully
> > > > reviewed when switching the whitelisting on, there was nothing to
> > > > guard from inadvertently activating a new feature that would not have
> > > > been reviewed.
> > > >
> > > > This patch adds one LICENSE_FLAGS value for each feature, except for
> > > > those that bring no codec, trying to be on the same level of legal
> > > > safety - but then I may miss something.
> > > >
> > > > I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
> > > > anything that brings a codec, notably libavcodec.  I also did not look
> > > > at non-default features yet.
> > > >
> > > > There may still be a problem if any feature in ffmpeg gets activated
> > > > by default upstream and not registed as a PACKAGECONFIG feature.  At
> > > > least any of those that depend on another lib would not be enabled,
> > > > that could be seen as a sufficient safeguard.
> > > > ---
> > > >  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
> > > >  1 file changed, 11 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > > b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > > index 08be38ca50..3a36c95151 100644
> > > > --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > > +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> > > > @@ -16,7 +16,17 @@ LICENSE_libavutil =
> > > > "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
> > > >  LICENSE_libpostproc = "GPLv2+"
> > > >  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > > > 'GPLv2+', 'LGPLv2.1+', d)}"
> > > >  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl',
> > > > 'GPLv2+', 'LGPLv2.1+', d)}"
> > > > -LICENSE_FLAGS = "commercial"
> > > > +
> > > > +# PACKAGECONFIG features that do not pull codecs
> > > > +NONCOMMERCIAL_PACKAGECONFIGS = " \
> > > > + alsa bzlib drm gpl lzma zlib xcb xv \
> > > > + avdevice avfilter avformat swresample swscale postproc avresample \
> > > > +"
> > > > +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be
> > > > explicitly whitelisted.
> > > > +# See https://ffmpeg.org/legal.html
> > > > +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
> > > > +                             for cfg in '${PACKAGECONFIG}'.split() \
> >
> > I would at least make it commercial_ffmpeg- + cfg. To make it obvious
> > that it belongs to ffmpeg recipe/packages.
> 
> Makes sense.
> 
> >
> > I guess it breaks backward compatibility, which IMO is fine unless there
> > is a possibility someone who blacklisted this commercial license in some
> > way now has it enabled. I don't know enough about the inner workings of
> > LICENSE_FLAGS so cannot say if this is covered or not.
> 
> You mean, that "commercial" would be whitelisted globally, but then
> something would
> exclude ffmpeg from that whitelist ?  I'm not aware of a way to do that.
> 

That was exactly what I meant. No idea either if such a mechanism
exists.

Cheers,
Quentin

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Yann Dirson]

Hi Alex,

Le mar. 23 mars 2021 à 17:42, Alexander Kanavin
<alex.kanavin@gmail.com> a écrit :
>
> Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones that are enabled and disabled, and use the former in PACKAGECONFIG itself?

You mean something like this ?

# PACKAGECONFIG features that do not pull codecs
NONCOMMERCIAL_DEFAULT_PACKAGECONFIGS = " \
 avdevice avfilter avformat swresample swscale postproc avresample \
 alsa bzlib drm gpl lzma pic pthreads shared zlib \
 ${@bb.utils.contains('AVAILTUNES', 'mips32r2', 'mips32r2', '', d)} \
 ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xv xcb', '', d)} \
"
NONCOMMERCIAL_NONDEFAULT_PACKAGECONFIGS = " \
 altivec bzlib gsm jack openssl sdl2 \
"

PACKAGECONFIG ??= "avcodec theora \
                   ${NONCOMMERCIAL_DEFAULT_PACKAGECONFIGS}"

I admit I'm not completely sure about every feature's status.

I tend to think that if ffmpeg relies on a lib providing an
implementation, and there
are patent-related risks, it should that lib setting a LICENSE_FLAG.
Eg. x264 and others
already sets the "commercial" flag, so I'm tempted to not add a
duplicate flag in
ffmpeg (in the same spirit as my patches against gst-libav and mpv).
Would it be
good enough ?

>
>
> Alex
>
> On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com> wrote:
>>
>> From: Yann Dirson <yann@blade-group.com>
>>
>> The rationale here is that if the user can only whitelist "commercial"
>> to use any part of ffmpeg, even it the list of features is carefully
>> reviewed when switching the whitelisting on, there was nothing to
>> guard from inadvertently activating a new feature that would not have
>> been reviewed.
>>
>> This patch adds one LICENSE_FLAGS value for each feature, except for
>> those that bring no codec, trying to be on the same level of legal
>> safety - but then I may miss something.
>>
>> I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
>> anything that brings a codec, notably libavcodec.  I also did not look
>> at non-default features yet.
>>
>> There may still be a problem if any feature in ffmpeg gets activated
>> by default upstream and not registed as a PACKAGECONFIG feature.  At
>> least any of those that depend on another lib would not be enabled,
>> that could be seen as a sufficient safeguard.
>> ---
>>  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
>>  1 file changed, 11 insertions(+), 1 deletion(-)
>>
>> diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
>> index 08be38ca50..3a36c95151 100644
>> --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
>> +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
>> @@ -16,7 +16,17 @@ LICENSE_libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
>>  LICENSE_libpostproc = "GPLv2+"
>>  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
>>  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
>> -LICENSE_FLAGS = "commercial"
>> +
>> +# PACKAGECONFIG features that do not pull codecs
>> +NONCOMMERCIAL_PACKAGECONFIGS = " \
>> + alsa bzlib drm gpl lzma zlib xcb xv \
>> + avdevice avfilter avformat swresample swscale postproc avresample \
>> +"
>> +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be explicitly whitelisted.
>> +# See https://ffmpeg.org/legal.html
>> +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
>> +                             for cfg in '${PACKAGECONFIG}'.split() \
>> +                             if cfg not in '${NONCOMMERCIAL_PACKAGECONFIGS}'.split())}"
>>
>>  LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
>>                      file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
>> --
>> 2.30.2
>>
>>
>> 
>>


-- 
Yann Dirson <yann@blade-group.com>
Blade / Shadow -- http://shadow.tech

Re: [OE-core] [PATCH] [RFC] ffmpeg: make LICENSE_FLAGS fine-grained

[Yann Dirson]

Le jeu. 25 mars 2021 à 14:44, Yann Dirson via lists.openembedded.org
<yann.dirson=blade-group.com@lists.openembedded.org> a écrit :
>
> Hi Alex,
>
> Le mar. 23 mars 2021 à 17:42, Alexander Kanavin
> <alex.kanavin@gmail.com> a écrit :
> >
> > Is it possible to further split the NONCOMMERCIAL_PACKAGECONFIGS into ones that are enabled and disabled, and use the former in PACKAGECONFIG itself?
>
> You mean something like this ?
>
> # PACKAGECONFIG features that do not pull codecs
> NONCOMMERCIAL_DEFAULT_PACKAGECONFIGS = " \
>  avdevice avfilter avformat swresample swscale postproc avresample \
>  alsa bzlib drm gpl lzma pic pthreads shared zlib \
>  ${@bb.utils.contains('AVAILTUNES', 'mips32r2', 'mips32r2', '', d)} \
>  ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xv xcb', '', d)} \
> "
> NONCOMMERCIAL_NONDEFAULT_PACKAGECONFIGS = " \
>  altivec bzlib gsm jack openssl sdl2 \
> "
>
> PACKAGECONFIG ??= "avcodec theora \
>                    ${NONCOMMERCIAL_DEFAULT_PACKAGECONFIGS}"
>
> I admit I'm not completely sure about every feature's status.
>
> I tend to think that if ffmpeg relies on a lib providing an
> implementation, and there
> are patent-related risks, it should that lib setting a LICENSE_FLAG.
> Eg. x264 and others
> already sets the "commercial" flag, so I'm tempted to not add a
> duplicate flag in
> ffmpeg (in the same spirit as my patches against gst-libav and mpv).
> Would it be
> good enough ?

On second thought, it appears the only PACKAGECONFIG feature bringing
codecs and not backed by a lib is just "avcodec".

Thus we could probably just use:

LICENSE_FLAGS = "${@bb.utils.contains('PACKAGECONFIG', 'avcodec',
'commercial', '', d)}"

We would possibly not even need to set EXCLUDE_FROM_WORLD on this one, since the
default PACKAGECONFIG would still set the "commercial" flag, right ?

>
> >
> >
> > Alex
> >
> > On Tue, 23 Mar 2021 at 17:38, Yann Dirson <yann.dirson@blade-group.com> wrote:
> >>
> >> From: Yann Dirson <yann@blade-group.com>
> >>
> >> The rationale here is that if the user can only whitelist "commercial"
> >> to use any part of ffmpeg, even it the list of features is carefully
> >> reviewed when switching the whitelisting on, there was nothing to
> >> guard from inadvertently activating a new feature that would not have
> >> been reviewed.
> >>
> >> This patch adds one LICENSE_FLAGS value for each feature, except for
> >> those that bring no codec, trying to be on the same level of legal
> >> safety - but then I may miss something.
> >>
> >> I tried to leave out of the safe NONCOMMERCIAL_PACKAGECONFIGS list
> >> anything that brings a codec, notably libavcodec.  I also did not look
> >> at non-default features yet.
> >>
> >> There may still be a problem if any feature in ffmpeg gets activated
> >> by default upstream and not registed as a PACKAGECONFIG feature.  At
> >> least any of those that depend on another lib would not be enabled,
> >> that could be seen as a sufficient safeguard.
> >> ---
> >>  meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb | 12 +++++++++++-
> >>  1 file changed, 11 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> >> index 08be38ca50..3a36c95151 100644
> >> --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> >> +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
> >> @@ -16,7 +16,17 @@ LICENSE_libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGP
> >>  LICENSE_libpostproc = "GPLv2+"
> >>  LICENSE_libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
> >>  LICENSE_libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPLv2+', 'LGPLv2.1+', d)}"
> >> -LICENSE_FLAGS = "commercial"
> >> +
> >> +# PACKAGECONFIG features that do not pull codecs
> >> +NONCOMMERCIAL_PACKAGECONFIGS = " \
> >> + alsa bzlib drm gpl lzma zlib xcb xv \
> >> + avdevice avfilter avformat swresample swscale postproc avresample \
> >> +"
> >> +# An ffmpeg feature not in NONCOMMERCIAL_PACKAGECONFIGS should be explicitly whitelisted.
> >> +# See https://ffmpeg.org/legal.html
> >> +LICENSE_FLAGS = "${@' '.join('commercial_' + cfg \
> >> +                             for cfg in '${PACKAGECONFIG}'.split() \
> >> +                             if cfg not in '${NONCOMMERCIAL_PACKAGECONFIGS}'.split())}"
> >>
> >>  LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
> >>                      file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
> >> --
> >> 2.30.2
> >>
> >>
> >>
> >>
>
>
> --
> Yann Dirson <yann@blade-group.com>
> Blade / Shadow -- http://shadow.tech
>
> 
>


-- 
Yann Dirson <yann@blade-group.com>
Blade / Shadow -- http://shadow.tech