login
Search
In 2001 during the 2.4 kernel development cycle, a MODULE_LICENSE macro was introduced which allows a module to explicitly declare how it is licensed. Currently there are five supported types of free software modules, "GPL", "GPL v2", "GPL and additional rights", "Dual BSD/GPL", and "Dual MPL/GPL", otherwise the kernel is considered "tainted". The include/linux/module.h header file lists three reasons for this macro: to allow users to review their license info to verify that they have a free setup, so the development community can ignore bug reports that include proprietary modules which don't release their source code, and so that vendors can do as is defined by their own policies. Further information is available in the lkml FAQ, as well as this earlier thread.
Carl Daniel Hailfinger recently reported abuse of this macro by the Linuxant consulting company. It was reported that in their modules they have defined MODULE_LICENSE as "GPL\0for files in the \"GPL\" directory; for others, only LICENSE file applies". The \0 after the word GPL was obviously added to fool the existing MODULE_LICENSE macro into thinking that this is a GPL'd module, thus allowing the module to be loaded without "tainting" the kernel.
A brief discussion followed debating how to solve for these types of abuses. Linux creator Linus Torvalds provided his own solution, also commenting, "Hey, that is interesting in itself, since playing the above kinds of games makes it pretty clear to everybody that any infringement was done wilfully. They should be talking to their lawyers about things like that."
Module support maintainer Rusty Russell [interview] acknowledged Linus' patch, however replied, "I'd prefer not to do that. Since they want to circumvent this, almost anything we want to do is a waste of time." He too offered a patch, adding to it the byline, "Arms race forces bloat upon module users."
From: Carl-Daniel Hailfinger [email blocked]
To: Rusty Russell [email blocked]
Subject: [PATCH] Blacklist binary-only modules lying about their license
Date: Tue, 27 Apr 2004 04:09:36 +0200
Hi,
LinuxAnt offers binary only modules without any sources. To circumvent our
MODULE_LICENSE checks LinuxAnt has inserted a "\0" into their declaration:
MODULE_LICENSE("GPL\0for files in the \"GPL\" directory; for others, only
LICENSE file applies");
Since string comparisons stop at the first "\0" character, the kernel is
tricked into thinking the modules are GPL. Btw, the "GPL" directory they
are speaking about is empty.
The attached patch blacklists all modules having "Linuxant" or "Conexant"
in their author string. This may seem a bit broad, but AFAIK both
companies never have released anything under the GPL and have a strong
history of binary-only modules.
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
[patch]
From: Linus Torvalds [email blocked]
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
Date: Mon, 26 Apr 2004 21:31:52 -0700 (PDT)
On Tue, 27 Apr 2004, Carl-Daniel Hailfinger wrote:
>
> LinuxAnt offers binary only modules without any sources. To circumvent our
> MODULE_LICENSE checks LinuxAnt has inserted a "\0" into their declaration:
>
> MODULE_LICENSE("GPL\0for files in the \"GPL\" directory; for others, only
> LICENSE file applies");
Hey, that is interesting in itself, since playing the above kinds of games
makes it pretty clear to everybody that any infringement was done
wilfully. They should be talking to their lawyers about things like that.
Anyway, I suspect that rather than blacklist bad people, I'd much prefer
to have the module tags be done as counted strings instead. It should be
easy enough to do by just having the macro prepend a "sizeof(xxxx)"
thing or something.
Hmm. At least with -sdt=c99 it should be trivial, with something like
#define __MODULE_INFO(tag, name, info) \
static struct { int len; const char value[] } \
__module_cat(name,__LINE__) __attribute_used__ \
__attribute__((section(".modinfo"),unused)) = \
{ sizeof(__stringify(tag) "=" info), \
__stringify(tag) "=" info }
doing the job.
That should make it pretty easy to parse the .modinfo section too.
Linus
From: Rusty Russell [email blocked]
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
Date: Tue, 27 Apr 2004 16:04:06 +1000
On Tue, 2004-04-27 at 14:31, Linus Torvalds wrote:
> Anyway, I suspect that rather than blacklist bad people, I'd much prefer
> to have the module tags be done as counted strings instead. It should be
> easy enough to do by just having the macro prepend a "sizeof(xxxx)"
> thing or something.
>
> Hmm. At least with -sdt=c99 it should be trivial, with something like
>
> #define __MODULE_INFO(tag, name, info) \
> static struct { int len; const char value[] } \
> __module_cat(name,__LINE__) __attribute_used__ \
> __attribute__((section(".modinfo"),unused)) = \
> { sizeof(__stringify(tag) "=" info), \
> __stringify(tag) "=" info }
>
> doing the job.
Cute, but breaks the "modinfo" tool unfortunately. I'd prefer not to do
that. Since they want to circumvent this, almost anything we want to do
is a waste of time.
Rusty.
Name: Stop most obvious abuse of MODULE_LICENSE
Status: Tested on 2.6.6-rc2-bk4
Arms race forces bloat upon module users.
[patch]
--
Anyone who quotes me in their signature is an idiot -- Rusty Russell
From: Jan-Benedict Glaw <jbglaw@lug-owl.de>
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
Date: Tue, 27 Apr 2004 11:21:59 +0200
Erm, that's a pure compile-time check, which the companies can remove.
So they can still put their fucked up license string into the module,
customer's kernel won't detect it.
So I'm full for embedding the supplied string's size into the module, or
some compile-time generated checksum. We need something that can be
checked at module load time, not at compile time, or do I misread the
code?
MfG, JBG
--
Jan-Benedict Glaw jbglaw@lug-owl.de . +49-172-7608481
"Eine Freie Meinung in einem Freien Kopf | Gegen Zensur | Gegen Krieg
fuer einen Freien Staat voll Freier Bürger" | im Internet! | im Irak!
ret = do_actions((curr | FREE_SPEECH) & ~(NEW_COPYRIGHT_LAW | DRM | TCPA));
From: Carl-Daniel Hailfinger <c-d.hailfinger.kernel.2004@gmx.net>
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
Date: Tue, 27 Apr 2004 12:37:13 +0200
Jan-Benedict Glaw wrote:
>
> Erm, that's a pure compile-time check, which the companies can remove.
> So they can still put their fucked up license string into the module,
> customer's kernel won't detect it.
>
> So I'm full for embedding the supplied string's size into the module, or
> some compile-time generated checksum. We need something that can be
> checked at module load time, not at compile time, or do I misread the
> code?
# objdump -t forcedeth.ko |grep '\.modinfo'|sort
00000000 l d .modinfo 00000000
00000000 l O .modinfo 0000000c __mod_license1618
00000020 l O .modinfo 00000036 __mod_description1617
00000060 l O .modinfo 00000031 __mod_author1616
000000a0 l O .modinfo 00000047 __mod_max_interrupt_work1614
00000100 l O .modinfo 0000002b __mod_alias58
00000140 l O .modinfo 0000002b __mod_alias57
00000180 l O .modinfo 0000002b __mod_alias56
000001ab l O .modinfo 00000009 __module_depends
000001c0 l O .modinfo 0000002d __mod_vermagic5
Wouldn't it be possible to check the length info from the module symbol
table and compare it with the strlen for the corresponding symbol? If that
gives us a mismatch, refuse to load the module (or mark it as
proprietary). Additionally, check that nothing but NULLs is used as
padding between the strings.
This way, the module format doesn't change, but we can do additional
verification in the loader.
Regards,
Carl-Daniel
--
http://www.hailfinger.org/
From: Paulo Marques [email blocked]
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
Date: Tue, 27 Apr 2004 13:59:48 +0100
Carl-Daniel Hailfinger wrote:
>
> This way, the module format doesn't change, but we can do additional
> verification in the loader.
>
I agree with Rusty Russell. Anything that we do can be circunvented.
If they are really into it, they can build a small tool to change the symbol
information from the module.
The way I see it, they know a C string ends with a '\0'. This is like saying
that a English sentence ends with a dot. If they wrote "GPL\0" they are
effectively saying that the license *is* GPL period.
So, where the source code? :)
--
Paulo Marques - www.grupopie.com
"In a world without walls and fences who needs windows and gates?"
From: Jan-Benedict Glaw [email blocked]
Subject: Re: [PATCH] Blacklist binary-only modules lying about their license
(-> possible GPL violation :)
Date: Tue, 27 Apr 2004 15:12:57 +0200
On Tue, 2004-04-27 13:59:48 +0100, Paulo Marques [email blocked]
wrote in message <408E5944.8090807@grupopie.com>:
> Carl-Daniel Hailfinger wrote:
> >This way, the module format doesn't change, but we can do additional
> >verification in the loader.
>
> The way I see it, they know a C string ends with a '\0'. This is like
> saying that a English sentence ends with a dot. If they wrote "GPL\0" they
> are effectively saying that the license *is* GPL period.
>
> So, where the source code? :)
That's another (quite amusing:) point of view. Anybody willing to ask a
lawyer?
MfG, JBG
--
Jan-Benedict Glaw jbglaw@lug-owl.de . +49-172-7608481
"Eine Freie Meinung in einem Freien Kopf | Gegen Zensur | Gegen Krieg
fuer einen Freien Staat voll Freier Bürger" | im Internet! | im Irak!
ret = do_actions((curr | FREE_SPEECH) & ~(NEW_COPYRIGHT_LAW | DRM | TCPA));
A question for any lawyer who has a LinuxAnt module
Does modinfo show the licence as 'GPL' rather than 'GPL\0for files in the "GPL" directory; for others, only LICENSE file applies' or similar? If it does, would that declaration be enough to indicate that the module is released to you under the terms of the GPL and give you the necessary power to ask for source, or (given a helpful copyright holder) threaten LinuxAnt with a copyright infringment suit?
It could get very messy for LinuxAnt if it turns out that common tools declare their own binary modules to be GPL'd, and force them to either relicence and fix the MODULE_LICENSE macro, or face death by copyright infringment suit.
Linuxant's driverloader plays by the rules
$ modinfo driverloader
filename: /usr/lib/driverloader/modules/binaries/i686/fdr/linux-2.4.22-1.2188.nptl/driverloader.odescription: "Linuxant DriverLoader for Wireless LAN devices"
author: "Copyright (C) 2003-2004 Linuxant inc."
license: "see LICENSE file; Copyright (c)2003-2004 Linuxant inc."
parm: suppress_linkstatus int
[/var/log/messages]
Apr 26 13:05:08 ezra insmod: Warning: loading /usr/lib/driverloader/modules/binaries/i686/fdr/linux-2.4.22-1.2188.nptl/driverloader.o will taint the kernel: non-GPL license - see LICENSE file; Copyright (c)2003-2004 Linuxant inc.
Apr 26 13:05:08 ezra insmod: See http://www.tux.org/lkml/#export-tainted for information about tainted modules
Apr 26 13:05:08 ezra insmod: Module driverloader loaded, with warnings
--- Vladimir
vladimir@acm.org
re: Linuxant's driverloader plays by the rules
You are correct, driverloader is not the issue. See Marc Boucher's recent reply to the lkml regarding this issue (which he refers to as a "workaround")... He explains that the \0 was indeed intentional:
(According to his signature, Marc is the president of Linuxant inc.)
Sounds like cheating to me
So where does this go? I find it confusing and inconvenient that Microsoft Windows XP wishes to phone home before it stops nagging me to activate it; does this give me the right to bypass activation?
I find it confusing that LinuxAnt's driver costs money; should I be allowed to get it for free like I got the kernel?
Linux's copyright holders have set rules about what you can and cannot do with their code; you're trying to break them, and you shouldn't be surprised if people don't like it. Following the rules causes trouble for you, yes. Not following them can result in trouble for the copyright holders.
their explanation is inadequate
And also a cop-out. Bottom line is that they are intentionally bypassing the kernel's license checks. They don't dispute this. Their rationalization is that the warning messages emitted by the kernel when loading proprietary modules are "repetitive" and an "inconvenience" that is "confusing" to their user base. This is exactly the purpose of the tainting code, to make it 100% clear to the user that they are using proprietary code that has a significant chance of screwing up their system or causing instability.
This Linuxant situation is not tolerable, frankly, and needs to be addressed so that other proprietary vendors do not think the kernel dev team will accept this type of behavior.
re: Linuxant's driverloader plays by the rules
Marc's explanation sounds reasonable to me. I am not put off by the appearance of the scare word "tainted" in my log files, but I can believe that other people might be.
Perhaps the use of a less loaded word than "tainted" might be appropriate.
--- Vladimir
P.S. My purpose in bring up driverloader's behavior was simply to point out that in another one of their products, they play by the rules.
no legal issue but module effectively tainted
Hi,
there is a licence mentioned which comes with the module. This license file is important and only this license is legally binding. And though I don't know the content I am pretty sure it tells you about the non-GPL nature of the module.
The false output doesn't bind at all but IMO it's very bad habit to circumvent the check. This way they want a clean output and a proprietary module. It's really funny -- by falsely circumventing this output their module IS indeed tainted.
cb
Ask a Lawyer
I think this raises a couple of interesting issues.
The first is does the circumvention of the kernel integrity check modify the underlying licensing of the proprietary module. The original license from the vendor of the proprietary module will govern in the first instance. This is the license that you must agree to to install the module and will control at the start. The issue is does the circumvention of the the integrity check work a subsequent modification of that license converting it to GPL. I think that's a real stretch IMHO unless there is some clear legal precedent to the contrary. I haven't done the research, but I doubt such precedent exists.
The second and more interesting question is can the GPL be modified to prohibit this parctice. A manufacturer can write driver modules and distribute them under any type of license it chooses at first blush. An end user can download and install the driver but may be prohibited from redistributing the resulting tainted kernel to others under the GPL. The liability, if any, will rest with the party that redistributes the tainted kernel, not with the manufacturer unless it could be argued that the manufacturer induced the third party to breach the GPL by distributing the module for use with GPL code that would result in a breach of the GPL if redistributed with that module. As the GPL is currently drafted, it seems to me that the manufacturer could eliminate any risk of a claim of inducement to breach the GPL by having the appropriate disclaimers/cautions in its license. The only way out is to alter the GPL to make it a clear breach of the GPL for a module to circumvent the kernel itegrity check on GPL code. Then the end user would automatically be in breach of the GPL by installing the module and one who knowingly distributes a module for use with GPL code that indisputedly will result in a breach of the GPL could conceivably be held liable for inducement to breach.
IANAL, but I think it's already covered
The GPL explicitely says that you can't sublicense or add additional restrictions, and if you do the GPL is invalid (section 4).
I haven't seen the license file they refer to, but I think it's safe to assume that it's not GPL-compatible. Therefore, regardless of the legal implications of having GPL\0 at the start of the license string, it's invalidated by the presence of the other license. Here's the important part:
As long as they still have rights to all the code in the module after the GPL is invalidated, they're totally in the clear.
Yes, it's sleazy, but I see nothing illegal about it.
DMCA?
Isn't this illegal under the DMCA? Linuxant intentially circumvented the kernel's integerty mechanism.
Even if it is not illegal under the DMCA, I'm pretty sure it is illegal to this anyway... after all it appears to be an intential and public lie.
Perhaps somebody should approach them in good faith under the assumption that they intended to release everthing under GPL...
Lying == illegal?
Son, you're probably too young to realize this yet, but there's nothing illegal about lying in public or lying intentionally.
There's also no Easter bunny -- sorry.
Lying == illegal!
Unless of course, your name is Martha Stewart, and you lied to a federal investigator.
Perjury is more than just lyi
Perjury is more than just lying, just like a square is more than just a rhombus.
Lying
Unless you are lying to an authentication mechanism protecting access to or preventing duplication of a copyrighted work. At least according to the DMCA. It's called circumvention. It's even illegal if you have a right to access the work or your access would be considered fair use under copyright law.
Probably
I think that is true but which kernel developer would stoop to using such a hated law? Especially since the circumvention was only to avoid error messages and not to access GPL-only exports.
Isn't proprietary drivers counter productive?
I can't get my head around this binary-only thing. Going for proprietary drivers on a free operating system is against the developing model of the system as a whole.
You can't eat your cake and have it too. If all drivers went proprietary (choose any reasons from DMCA, quality certifications, anti competion measures etc.) the eco-system just woulnd't be there. There would be NDAs instead of drivers.
And look at the quality of these things. You never know if your shiny new kernel will work with your Nvidia drivers. It's like being back in MS Windows all over again, only with a much smaller market share. Yet, again and again I see Nvidia cards recommended to Linux users -- on Linux web sites! -- because they have so good drivers.
Eh?
Nvidia drivers
The huge problem with graphics cards at the moment is that afaik there is no competitive 3d cards with open drivers (and specifications). Until there is you have to use binary drivers anyway if you want resonable 3d performance. And the nvidia drivers are fearly good to be binary, wich means they are recommended by many users.
That's because your stupid.
That's because your stupid. Don't worry, this is a curable condition. The point isn't to be open source, the point is to allow me to do what I want with my computer. At the moment, if what I want to do is 3d and Linux, the only way is binary drivers. If that is what I want to do (and trust me, I know what I want to do), then Nvidia's card and driver is the best solution. If your response is "Use windows", well then you are stupid for trying to tell *me* what *I* want to do, and not listening to me. If what you want to do is open source 3d driver based, well then there are no options, as there are no open source drivers that do real 3d for widely available hardware (with an unlimited budget, anything is possible).
Wait...
At some point in time, weren't the ATI drivers open source? Did that change?
old ones
XFree86 has 2D-only ATI drivers for newer cards. Some older cards have 3D-capable drivers. Those 3D capable drivers are not nearly as fast as the ATI closed-source drivers that are available.
See here: http://xfree86.org/4.4.0/radeon.4.html
-molo
and you are wrong
There are free drivers available for up to Radeon 9200 from the DRI project.
The world is not all PC's and their devices
I've written a whole framework of Linux drivers for an embedded device whose source availability contributes nothing to the freedom of its users. Now I'd gladly GPL the lot and provide the source for compliance reasons, but the customer who paid for the development and therefore owns the source may decide otherwise.
To make matters worse, one of the drivers in the framework includes a whole tree of headers from a closed-source codebase that was purchased. Beyond a doubt, the licence prohibits re-releasing those headers as GPL.
Now, as no-one outside the company's support team can even see the tainted warning messages, and as the system has limited disk space that shouldn't be wasted by logging messages that will only be ignored, pray tell - what's the point?
And what's to stop anyone from chucking out the code that does the verification and logs the warning? The GPL grants me the freedom to do that.
Note that I'm playing devil's advocate. We've since changed our standard contract to give us and the customer dual copyright over any code we write, so we can go ahead and release anything we do as open source anyway. That's, if it's sensible, which it isn't in the example above.
The GPL
Now you had better just hope that none of those customers demand the source code of the software you distributed to them, because if you've linked in proprietry code that can't be released then you're stuck between a rock and a hard place. You could be forced to withdraw the product from the market or even be obliged to pay damages for breaching the copyright.
Uh-uh
I did point this out repeatedly to our customer, so if they really statically link that driver with the kernel when they ship it, I'll be washing my hands in smirking innocence. It was developed as a module, though.
As is the case in reality, though, odds are small that anyone will ever notice or care. Like I mentioned - in this particular case, nobody has anything to gain by having the source. This is different from the situation with device drivers to interface with or GPL code used in consumer hardware.
Re: Isn't [sic] proprietary drivers counter productive?
In my case (driverloader) my WiFi card would not work unless I used Linuxant's proprietary driver. I tried MadWiFI and NDISwrapper. MadWiFi would hang my laptop after a few hours of operation, requiring a reboot, and I never got NDISwrapper to work at all.
So, the choice for me was proprietary or nothing. I chose proprietary.
--- Vladimir
Other choice: FreeBSD
FreeBSD has a fully open-source NDIS wrapper that is well-supported and works for most cards. It will appear in stable form in 5.3-RELEASE.
Certification
What we need is some kind of Digital Certificates for modules. kernel.org (or whoever) could digitally sign modules that comply with the policies, and non-signed modules will require the user to type "Yes, I want to taint my kernel. Me evil." on module load.
Perhaps we could ask Microsoft for help with driver signing...
Note: It'a a joke. Don't get you panties all in a knot.
I don't know ... 8)
I don't know. It sounds like a good idea to me! (grinning, but deadly serious).
Concurrents new ver. of linux.
This might not have any bearing on modules,etc. Yet, some of the new stuff sound a lot like what is maybe in -mmX series of the kernel?
http://www.ccur.com/corp_news_pressrelease.asp?pressreleaseid=336