From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 539D1C282CE for ; Wed, 22 May 2019 16:29:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3407321473 for ; Wed, 22 May 2019 16:29:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730013AbfEVQ3F (ORCPT ); Wed, 22 May 2019 12:29:05 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:37313 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729475AbfEVQ3F (ORCPT ); Wed, 22 May 2019 12:29:05 -0400 Received: from p5b06daab.dip0.t-ipconnect.de ([91.6.218.171] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hTU6t-0000Et-Ci; Wed, 22 May 2019 18:28:59 +0200 Date: Wed, 22 May 2019 18:28:53 +0200 (CEST) From: Thomas Gleixner To: J Lovejoy cc: Allison Randal , linux-spdx@vger.kernel.org Subject: Re: [patch 18/25] treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 43 In-Reply-To: <6B434678-D956-4E9B-BDFA-A57C834621A9@jilayne.com> Message-ID: References: <20190520170750.949430150@linutronix.de> <20190520170858.189153071@linutronix.de> <47151447-7297-13c4-a232-a0b567ab2886@lohutok.net> <6B434678-D956-4E9B-BDFA-A57C834621A9@jilayne.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: multipart/mixed; BOUNDARY="8323329-582626777-1558541112=:1770" Content-ID: X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-spdx-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-spdx@vger.kernel.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --8323329-582626777-1558541112=:1770 Content-Type: text/plain; CHARSET=UTF-8 Content-Transfer-Encoding: 8BIT Content-ID: On Wed, 22 May 2019, J Lovejoy wrote: > > On May 21, 2019, at 1:29 AM, Thomas Gleixner wrote: > > > > can you please have a look how to handle that GPL + BSD disclaimer > > abomination SPDX wise? > > > > Yes, I have started a new list for this special version of messiness, > namely anything in these batches that you all are tagging as adding > something “extra” to the standard GPL license notice. I’m not going to > start bringing this to SPDX until we have a more complete list - that way > we know how many variations there are, etc. > If/when we do reach out to copyright holders in these cases, I think it’d > be helpful to specifically ask them if they could remove the extra text > and confirm that the license is just plain old GPL-2.0-only or > GPL-2.0-or-later. From Richard’s earlier comments, Philippe’s bit of > research, and the copyright years in the notices from the actual files - > it sounds like this additional-warranty thing was in vogue a long time go > (and hopefully not something people think they need to do today!) - so, > trying to clean it up where possible would be ideal. You wish. The bulk is indeed from around 2000m but the cargo cult disclaimer in drivers/scsi/usf/ was newly added 7 years ago and 2 years ago a new file was added with the same crap copied. That kind of stuff is still proliferated for whatever reasons. Now coming back to the issue with disclaimers in general. We need a way to deal with it as there are at least two files where there is no trace of the company anymore. Plus GPLV3 (not relevant for the kernel, but for SPDX) explicitely says that you can add magic disclaimers. And of course people will do so. While walking the dogs I thought more about this. 1) The random disclaimer (new or old) is not necessarily forming a new license as long as the GPL (version) reference is unambiguous. It's an (for GPLv2 tolerated and for GPLv3 documented) add on. 2) With a very quick scan (not complete and accurate) I found more than 20 variants of disclaimers bolted on a GPLv2 reference/boilerplate. I fear there are more. So it's pretty unrealistic to create 20+ disclaimer IDs or 20+ new license IDs for those and either of these things would just help to proliferate that nonsense and create yet another mess in the SPDX realm. I rather suggest to do the following: 1) Create a SPDX id 'CUSTOM_DISCLAIMER' and make the license identifier: SPDX-License-Identifier: GPL-2.0-or-later AND CUSTOM_DISCLAIMER 2) Remove the GPL2.0 reference/boilerplate but keep the diclaimer in the comment 3) Wrap the disclaimer into DISCLAIMER_BEGIN Random made up lawyerese DISCLAIMER_END That gives us the following useful properties: 1) Avoid to go through the tedious process of creating disclaimer IDs or new licenses and go through all the instances of SPDX/OSI and whatever. 2) Allows to proceed with the cleanup 3) Precicely marks the custom disclaimer for compliance tools. Even a halfways trivial awk script can extract them that way. We still can go after the copyright holders who added that mess at the same time, but we do not depend on their willingness, availability ... Thoughts? Thanks, tglx --8323329-582626777-1558541112=:1770--