Re: Binary only module overview

Crispin Cowan (crispin@wirex.com)
Wed, 26 Sep 2001 17:22:52 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alex Cruise: "Re: apm suspend broken in 2.4.10"
Previous message: Randy.Dunlap: "Re: Question: Etherenet Link Detection"
Maybe in reply to: Arjan van de Ven: "Binary only module overview"
Next in thread: Valdis.Kletnieks@vt.edu: "Re: Binary only module overview"

Alan Cox wrote:

>>I'm really trying to be constructive here. There is a real licensing
>>problem over whether binary modules are legitimate at all, and the issue
>>is not special to LSM. I'm trying to get LSM out of the way so that the
>>advocates of either side can fight it out without smushing LSM in the
>>middle :-)
>>
>Yes - I agree. The question is "can you be using the LSM module" not
>the headers - since LSM is GPL and your work relies on it
>
I'm confused as to which question Alan is asking, so I'll answer several :-)

* "What is the licensing on the LSM module?" Crispin's pedantic
response: there is no "the" LSM module. LSM is a patch to enrich
the existing Linux loadable kernel module interface to allow
access control modules. These modules do exist:
* There is a dummy module (useful as a template) which just
does the superuser check ("UID==0" and access is granted)
and it is GPL'd.
* There is a module that embodies the guts of POSIX
capabilities, and it is GPL'd.
* There is a port of SELinux to LSM (produced by the SELinux
team) and it is GPL'd.
* "Can you use the LSM interface with a non-GPL module, if you
eschew GPL'd .h files?" Crispin's opinion: I dunnow, but the
answer is the same as the answer for current Linux loadble kernel
modules. If loading a module is "linking", then all modules &
device drivers must be GPL'd.
* "Can a non-GPL LSM module #include a GPL'd .h?" Crispin's opinion:
I dunnow, but the answer is the same as the answer for many
current Linux applications. I know, this is the question Alan did
not ask :-)

Crispin is not a lawyer/judge, so his opinion doesn't matter anyway :-)

Crispin

-- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Alex Cruise: "Re: apm suspend broken in 2.4.10"
Previous message: Randy.Dunlap: "Re: Question: Etherenet Link Detection"
Maybe in reply to: Arjan van de Ven: "Binary only module overview"
Next in thread: Valdis.Kletnieks@vt.edu: "Re: Binary only module overview"