Re: Binary only module overview

Crispin Cowan (
Wed, 26 Sep 2001 17:22:52 -0700

Alan Cox wrote:

>>I'm really trying to be constructive here. There is a real licensing
>>problem over whether binary modules are legitimate at all, and the issue
>>is not special to LSM. I'm trying to get LSM out of the way so that the
>>advocates of either side can fight it out without smushing LSM in the
>>middle :-)
>Yes - I agree. The question is "can you be using the LSM module" not
>the headers - since LSM is GPL and your work relies on it
I'm confused as to which question Alan is asking, so I'll answer several :-)

* "What is the licensing on the LSM module?" Crispin's pedantic
response: there is no "the" LSM module. LSM is a patch to enrich
the existing Linux loadable kernel module interface to allow
access control modules. These modules do exist:
* There is a dummy module (useful as a template) which just
does the superuser check ("UID==0" and access is granted)
and it is GPL'd.
* There is a module that embodies the guts of POSIX
capabilities, and it is GPL'd.
* There is a port of SELinux to LSM (produced by the SELinux
team) and it is GPL'd.
* "Can you use the LSM interface with a non-GPL module, if you
eschew GPL'd .h files?" Crispin's opinion: I dunnow, but the
answer is the same as the answer for current Linux loadble kernel
modules. If loading a module is "linking", then all modules &
device drivers must be GPL'd.
* "Can a non-GPL LSM module #include a GPL'd .h?" Crispin's opinion:
I dunnow, but the answer is the same as the answer for many
current Linux applications. I know, this is the question Alan did
not ask :-)

Crispin is not a lawyer/judge, so his opinion doesn't matter anyway :-)


Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Security Hardened Linux Distribution:
Available for purchase:

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to More majordomo info at Please read the FAQ at