Greg KH wrote:
>On Thu, Oct 17, 2002 at 03:35:05PM +0100, Christoph Hellwig wrote:
>
>
>>These exports have the power to change the implementations of all
>>syscalls and I've seen people exploiting this "feature".
>>
>>Make the exports GPLonly (which some LSM folks agreed to
>>when it was merged initially to avoid that).
>>
>>
>I would really, really, really like to make this change. Unfortunatly,
>one of the current copyright holders of this file does not agree with
>it.
>
>Crispin, for the benifit of the lkml readers, can you explain why WireX
>does not want this change?
>
Here's the monster flame-war we had the last time this issue was debated
http://www.uwsg.iu.edu/hypermail/linux/kernel/0109.3/0102.html
My argument against the intent of this change is that no, I do not think
we should restrict LSM modules to be GPL-only. LSM is an API for loading
externally developed packages of software, similar to syscalls. There is
benefit in permitting proprietary modules (you get additional modules
that you would not get otherwise) just as there is benefit in permitting
proprietary applications (you get Oracle, DB2, and WordPerfect).
My argument against the implementation technique of dropping in these
export GPLonly symbols is that my read of the GPL itself means that they
have no legal impact. The crux of the matter is whether a *court* finds
that LSM is "linking" (in the GPL sense) or is an "interface":
* If it is "linking": then all LSM modules end up GPL'd, regardless
of what any of us want.
* If it is "an interface": then the GPL specifically *prohibits* you
from imposing additional restrictions, such as requiring someone
else's module to be GPL'd, to wit:
o Clause 4: "You may not copy, modify, sublicense, or
distribute the Program except as expressly provided under
this License."
o Clause 6: "... You may not impose any further restrictions
on the recipients' exercise of the rights granted herein."
Therefore, the EXPORT_SYMBOL_GPL is just a bunch of useless bloat, with
no legal standing what so ever. If kernel module interfaces are held by
a court to be linking, then export symbols are redundant. If kernel
module interfaces are held by a court to be an interface, then the
export symbols are just wrong.
Crispin
-- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
--------------enigF14B24A9121C81991429F048 Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE9ruqC5ZkfjX2CNDARAb9oAJ0Rfcs1AmzFcThwMu6LwjYk53kNFgCg3Pr7 ZRqO8UZlVjmiWuDqa1W7XUM= =5oBb -----END PGP SIGNATURE-----
--------------enigF14B24A9121C81991429F048--
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/