Slashdot Mirror
Linux: the GPL and Binary Modules
An anonymous reader writes "When first made available in September of 1991, the Linux kernel source code was released under a very restrictive non-GPL license requiring that the source code must always be available, and that no money could be made off of it. Several months later Linus changed the copyright to the GPL, or GNU General Public License, under which the kernel source code has remained ever since. Thanks to the GPL, any source code derived from the Linux kernel source code must also be freely released under the GPL. This has led many to question the legality of 'binary only' kernel modules, for which no source code is released. Linux creator Linus Torvalds talks about this issue in a recent thread on the lkml."
Maybe I'm wrong here but perhaps this is a way to look at it. If I wrote a story that was derived from the LOTR then it would not be a derived work in the legal sense it would be copyright by me. Although I'd have to get permission to use the trademarked names etc. Isn't this a bit like the linux kernel issue? The module is not directly derived from the kernel it is an extension that uses the hooks that were created in the previous "story". Maybe I'm on crack here....
I have a theory that the truth is never told during the nine-to-five hours. - Hunter S. Thompson
A certain amount of pragmatism has to prevail here -- were binary modules disallowed, the phrase 'shoot yourself in the foot' jumps to mind. Linux is probably better off with them, as it lowers the entry barrier to companys wishing to contribute. And that's rarely a bad thing.
((lambda x ((x))) (lambda x ((x))))
Thanks to the GPL, any source code derived from the Linux kernel source code must also be freely released under the GPL.
I believe this is wrong. The GPL doesn't say anything about having to release things for free. You could charge a million bucks. You just have to give the source.
This "grey area" exists because there is no clearly defined boundary defining the seperation between the kernel and the drivers. Modules are parts of the kernel which have not been linked yet. When they're required, they are loaded and linked with the kernel.
The fact that Linus states that there is no exception must worry a lot of companies out there who are producing binary drivers for Linux E.g. nVidia, or SciTech (Who started the LKML thread, after all!) Are nVidia's kernel modules under the GPL? If the possibility exists that they are then I would expect them to suddenly get cold feet over Linux.
If the kernel had a proper boundary with E.g. a set of API's that the kernel and drivers can use to communicate with each other then it would help to solve the issue of what is and isn't "the kernel". For example in Syllable drivers are ELF images which are loaded by the kernel ELF loader. The drivers are loaded under the kernels memory space but there is a very well defined API between the two, and a very clear seperation between them. Under this model I can argue that the kernel is actually being linked to the driver, so the driver can be under any licence while the kernel remains under the GPL. There is no "cross pollenation" between the driver and the kernel. Which is a good thing IMHO, if it avoids issues like the ones being raised on the LKML.
Syllable : It's an Operating System
Linus talks all about linking source with the kernel and stuff like this. But guess what: With most binary modules this part is done by the user, not by the distributor, and this is clearly your right - you just cannot distribute the binary.
See for example stuff like driverloader (the ndis-wrapper around windows wlan drivers for the centrino and other cards): They are shipping a source which you can compile against the kernel headers (which are provided by YOU!) and will form a kernel module which can be loaded (by YOU!) against the kernel.
I really can't see how linus can claim copyright to the distribution of any source which happens to run with the linux kernel - but does not contain any part of it. And the enduser is free to compile and link this sources against the kernel, as the GPL allows modifications for own use without any restriction.
I guess the whole discussion is politics. Linus dislikes binary only drivers (for good reasons: they are unflexible, hard to debug and can cause user confusion and problems) and would like to have them not happen. But i don't think it is helpful to take a extreme shaky legal position (and downright confusing the users by making legal statements which simply do not apply here) to achieve this goal.
Although i dislike binary-only drivers in general, i came to the understanding that sometimes this might be the best you can get. In the business software world copyright is often a diverse field, and even companies who would like to release the source might be barred from that through NDAs and copyrights of third companies. So some companies have no choice but releasing binary drivers and i'm happy that they do at least that. If all would adhere to linus position we would just keep some users alone out in the rain. I'm all for helping users getting their hardware running. They might have made the wrong purchase in the first (getting a hardware with open sourced drivers would have been wiser), but just saying "tough stuff, you have lost, now go away" won't help them.
I know some people just hate the idea of binary drivers to begin with, and if that is your stance, fine; I don't agree, but I understand where you're coming from. But if you're going to allow binary modules (as Linux does), why do it in such a half-assed fashion that a company that might provide a Linux driver can't be sure one way or another how you're going to view their code (exempt from GPL or bound by it)? Either do it right and enforce a clear boundary or just stick with source only drivers.
Er, yeah, that's a little warped.
It might make sense to take that position, if such a thing as a "module vendor" existed. As it happens, it doesn't, and no one is out trying to sell binary modules for Linux. The creators of binary modules are *hardware vendors* and they are "contributing" by making their hardware compatible with the free system.
This is not parasitic; if they want, they can just not bother, and you can just not use that hardware in Linux. Let's not forget, it's not like you wrote the driver; why would you want to keep people from making their hardware usable on your system? If a manufacturer says "well, sorry, I want to support linux, but not if it means letting the competition get a sneak peak at this crazy technology in my drivers" you would just say, "ok, parasite, we don't need your stupid hardware."
When the manufacturer in question is a leading producer of video boards, such fanaticism is extremely foolish.
Given a choice between free speech and free beer, most people will take the beer.
The huge problem pertaining to graphic cards is that they probably are, on PCs, the item that is replaced /upgraded most often and are developed at the highest pace immediately after CPUs.
While CPUs are well documented and a critical resource well looked after by developers, GPUs are in contrast shrouded in mystery and buried in patents. Also most kernel developers, I'd wager, don't care one bit about dual screens and accelerated OpenGL.
Before NVidia came on the scene with their drivers the high-quality multi-screen 3D Linux desktop was very very hard to come by. It think it is still true today that you cannot have accelerated 3D and xinerama together under XFree. This causes no problem with the NVidia drivers.
So yeah, it's bad, and the NVidia stuff does cause mountains of weird problems still (I still can have my USB webcam running with the combination of NVidia drivers, dual-head and SMP, not that this is crucial, mind you, but it is annoying). OSS drivers only give you 2D.
Meanwhile I'd like to know how are things with the ATI camp, probably not much better.
Paradoxically, if NVidia had not come forward with binary-only drivers, the situation would probably be a bit better even with their hardware: it would have been reverse-engineered to some extent.
However the pool of available talented OSS developer is finite, and some other project would have suffered almost certainly.
The original purpose of restricting derived works was to make it so that authors (companies or not) could not copy code from the public domain and claim it as private work, No?
Kernel Modules cannot exist without the Linux Kernel. This dependancy means that any part of the Kernel Module that depends on the kernel for *module* interface purposes is not derived work. It is when authors base their code off of other code that is in the GPL that they must in turn release thier code under the GPL.
So in short, if the module could have been written entirely with Manpages and documentation, it is not derived work. If the author views the code of other modules, then it is derived work.
Deriving functions and invoking them are two very different things.
This is some seriously deranged logic. This is how your post reads to me:
I make a video card which I expect to be used with Windows. Some of my users beg me to support Linux. I make a Linux driver. Now I'm a parasite?
An open sourced driver would be nice but not supplying one is now a crime? What am I missing here?
beauty is only a light switch away
I never understood why companies are so reluctant to provide the source codes. The reason I hear usually is that such source codes would help competitors to design similar hardwares. Is this just urban legend and the real reason is more an habit of secret, or does this argument is real (i.e. seeing APIs implementation helps you design hardware) ?
--
Go Debian!
OK, I've wondered about this since the dawn of PCs, and wonder about it every time I have to install nVidia drivers: Why do this? Onceupponatime, you bought hardware and drivers were just kinda there with it. Then they started putting copyright callouts on 'em. Now they're treating 'em as if they were standalone programs - doesn't an nVidia card kind of function as a dongle for the nVidia drivers, if they're so worried about copying?
If the driver spec is floating around in the open, that's a value-add for me as a comsumer (the company can't force-obsolete the cards by yanking drivers away, easier to switch OSes) and for the company (it makes the devices marketable to more people, and they get free optimizations and ports from the OSS community). On embedded devices it's even sillier, I mean, what good does PalmOS do me if I don't have a Palm? If I were trying to reverse-engineer an nVidia card or a Palm, wouldn't I start with the hardware? And if I did make a 100% Palm-compatible, I could just sponge off Palm's binaries then... ditto nVidia...
So, why be all grabby about drivers anyway? The cavalier something-for-nothing closed-source approach to open-source support seems vaguely dishonest to me somehow - it just makes me uneasy, and affects my purchasing decisions. If they're so happy to rip off the OSS community, won't they also be happy to rip me off, I ask myself.
IMO, binary-only is a trap: All it takes is closed-source drivers for motherboard devices, the manufacturer doesn't make a new version of the drivers to support a new kernel, and you're stuck buying a new computer or using Windows. A trap. Since an open driver spec is a value-add for both the consumer and the hardware company, I am very suspicious of proprietary drivers and the motives behind them. Trap. Linux is better off without binary-only taps. I mean drivers.
I think you've missed the point, the problem is to define what does "based upon" means.
When you compile a binary, you have to compile with some header files which are GPLed. So you are "based upon" GPL code right?
IIRC Linus argued that this wasn't sufficient. He stated that for a module needed to be written with Linux in mind (ie targeted at it), accessing particular data structures, then it would have to be GPLed.
My second printer was a Citizen 120-D 9-pin mono dot matrix, and it was also very Epson-compatible. It had a beautiful programmer's manual replete with examples of how to access each feature, from simple double width text to high-density image graphics, and even went so far as to provide timing details for the Centronics interface. {Hey, you might be plugging the thing into some device of your own construction}. It was even known for owners of EPROM burners to patch the charsets to match certain manufacturers' non-strict interpretation of ASCII {the BBC model B, for example, had a pound sign at CHR$(96) instead of a backtick, so it could keep the comment mark at CHR$(35) - a comment in BASIC is denoted by REM, but the # was used to specify immediate mode in assembler}.
..... you get a Quick Start guide which says "Plug the printer into your computer. Do exactly what Windows tells you to do" and a huge manual, replete this time not with useful programming information but with dire warnings about attempting to do anything "unauthorised" with the printer, and it probably illegal to examine the printout with a magnifier to see how the fonts are made up.
Compare and contrast that with today
IMHO the lawful owner of an instrument has the right to know everything about that instrument. My property can, by definition, contain no secrets from me {though I might reasonably be bound to keep any secret I discover}. It's time that this was enshrined into law. If you can't handle the concept of people knowing how to write drivers for your hardware then you perhaps shouldn't be selling it. Mandatory Full Disclosure would put an end to this argument once and for all.
Je fume. Tu fumes. Nous fûmes!
By his definition, if X was created primarily to work with the linux kernel, then it is a derived work, and therefore falls under his copyright regimen of choice (GPL). this is like saying that if you make a super efficient oil filter that was clearly designed exclusively for mercedes engines, then mercedes can tell you how to sell it.
while mercedes clearly has the right to protect its trademarks and copyrights, as long as the oil filter maker doesn't pass it off as anything but an aftermarket job, his business is secure. this is true whether the aftermarket add-on fits onto an easily identifiable interface (the little bit that the oil filter screws on to) or not (those places that hack up a whole mercedes and turn it into a stretch limousine or something - though the latter may well run into trademark issues if they are not careful).
yes, software is not like physical items in many instances. but, in this one, it is.
An even better alternative would be for the proprietary part of the driver to be a provider of a public, documented API, so that anyone could write a driver for it for any OS, instead of it being a consumer of some particular OS driver API. This would completely eliminate the need to use any GPL'd code in the proprietary driver binary.
Such an API could (and in many cases should) conceal proprietary aspects of the associated hardware, and in so doing perhaps remain stable for more than one generation of the hardware. Also, such an API could (but in most cases should not) have hidden functionality (e.g. "reserved" arguments to functions) that could be transparently used by proprietary application code (assuming the driver for a particular OS passes the arguments through unchanged).
A few plusses just for maintenance come to mind, there are likely more for maintenance and other reasons such as good PR;
There's not much of a benifit to binary-only modules for the vendor except;
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
Binary drivers are a load of braindamage, and should be make as difficult as
possible.
With binary drivers the whole point of Open Source is lost, and you could as
well have a proprietary kernel.
As you very well know, most BSOD in windoze are mainly caused by faulty
drivers, do we want the same "feature" in Linux? what about other OSes like
*BSD, what should they do? and other arches like PPC or Alpha? should they all
give up their OSes and systems and follow the "one true way of Linux proprietary
drivers"?
And don't even tell me about those "cross-platform-driver-interfaces", what a
joke... FYI, that didn't work for M$, and it wont work for anyone else, M$
tried to make a "standard" driver interface to allow win9x drivers to work on NT,
it was a *DISASTER*; there are loads of hardware out there that didn't make the
transition and has *no* drivers for WinNT/2k/xp, because the manufacturers were
bankrupt, because they were clueless, because they wanted you to buy new
hardware; do you want the same to happen with Linux?
What we *need* is for hardware vendors to get a fucking clue and start
releasing documentation about the crap they sell, that is the only way for a
stable and open system. Hardware vendors that refuse to document their hardware
are just too stupid to be dealt with.
If I buy something, I have a *right* to know how it works and how I can use it
in any OS I like.
Best wishes
uriel
"When in doubt, use brute force." Ken Thompson
You clearly missed the point in my signature. It has nothing to do with pessimism. Karl Popper (famous natural philosopher) wrote a book after WW2 called "The Open Society and its enemies" as a defence of democracy and a critique of totalitarian rule (including fascism, communism and various religious ways to rule).
In the book he argues that democracy has an incremental approach to society building whereas e.g. communism (and political islam for that sake) has a "revolutionary" approach. The point is that those who promise us paradise on Earth after we have made the society in whatever way they would like us to - they have always ended up giving us hell on Earth (Soviet Union, Iran, Afghanistan and so on).
The manufacturer is selling hardware. Anything they want to protect from being exposed in the module means little to other hardware companies who have competent developers. The details of how the hardware is controlled and any setup and tables can be discovered using the Windows drivers and debuggers.
Contrary example: In Nvidia's case, they don't own everything they ship so unless they convince other companies to opening those parts (unlikely) Nvidia has to either drop those parts or replace them.
The motivations of different companies are important. Server-grade hardware companies fall all over themselves supporting Linux in the main kernel source tree. If Linux becomes popular on the desktop -- even if modestly so -- the kernel modules that support desktop software will likely be open. Nvidia might even change (though this is speculation on my part).
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
You're mistaking the GPL for the LGPL. The API would not be subject to copyrights, but any sources compiled against it would be GPL because the license of the GPL does not allow for abstraction layers like that.
"[We'll be] really getting inside your head and making it an unpleasant place to be" -- Trent Reznor
That's not true, they might lose money...
The IDE Raid controller you're talking about uses some functionality which I have a patent on. To make this functionality work the driver includes some code which of course I wrote and are the copyright owner.
I see no point in releasing any of my code as that would lower my income, because none of the manufacturers would need to buy my code anymore...
Ok, I admit, I'm not holding any patents and didn't write any driver code that's included in any RAID driver (not that I know of, at least)...
But I think you get the picture here... It doesn't have to be the actual hardware manufacturer who's responsible for the drivers not to be released in source form. They might be restricted by other parties....
that sometimes there is no other choice.
For example, try to find a combination of GPU and drivers that is good enough to play linux games like Neverwinter and Unreal or emulated games through WINE that is 100% open.
You cant.
I suspect that even if you were able to completly Reverse Engineer (through disassembly or otherwise) the windows or linux Binary-Only drivers and/or the interface and hardware APIs for and from that, make an open source driver, you would probobly be violating several patents or other IP thingos and would have your ass sued by the makers of . Also, the makers of would probobly state that using the code means you get no tech support, no warranty, no nothing. Plus, the makers of would get some kind of court order to state that since the open source driver violates the patents etc that distributing, using or working with it is illegal and have all the copies in existance removed.
Also, 802.11* wireless network cards. I dont know of any 802.11* wireless network cards that have 100% open source drivers for linux except for 1 or 2 that have been Reverse Engineered by someone. For those, you dont get technical support, you may not get warranty service and the manufacturers would probobly shut down the Open Source driver projects if they had a way to do it.
Personally, I love Open Source and Open Specifications (i.e. Open file formats, Open APIs, Open network protocols, Open hardware interfaces etc) and push for such things wherever I can. (I was involved in a push to get Electronic Arts to release stuff connected with the gameplay scripts for Command & Conquer Renegade. They didnt release it. But in the end, I wrote my own DLL that sits between the game exe and the official DLL and allows one to implement ones own scripts but its still nowhere near as good as having the official stuff would have been)
It's dangerous because if Linus's argument actually holds, than Microsoft can legitimately claim that Mono is a "derived work" from
It is also unnecessary because the kernel falls under a license. A license can state under what conditions something can be used. Whether or not the GPL has enough teeth, you could certainly write an open source license under which any module developed using the Linux kernel must itself have an open source license. Or you could write an open source license that explicitly prohibits the linking of closed source modules into the kernel. That makes the question of whether something is a "derived work" or not irrelevant and still enforces the intent.
Now, we only need to figure out what the intent should be. Do we actually want closed source kernel modules?
This is not parasitic; if they want, they can just not bother, and you can just not use that hardware in Linux.
Yes, it is "parasitic". And the kernel license should be updated to put a stop to this. If we believe in free software, we want to support companies that support free software.
When the manufacturer in question is a leading producer of video boards, such fanaticism is extremely foolish.
No, it's not. It will give other companies a chance to get into the market, with Linux-friendly products with open source drivers.
You see, leading or not, nVidia doesn't really have anything that is so unique. Dozens of companies can put together decent 3D graphics cards. Maybe they aren't quite as fast or quite as cheap, but they are plenty good.
Companies like NVidia provide binary-only modules because they have to. Their code contains stuff that is patented and licensed from other companies, and they *cannot* legally release that code.
For example, NVidia's linux drivers contain S3TC tecxture compression algorithms, which is patented and licenssed. It is not theirs.
They CANNOT open source these drivers, nor could Linux developers create an implementation of them without being sued by the company who owns the rights.
And people just don' t seem to get this and it really really pisses me off. NVidia is just trying to do The Right Thing (tm), releasing Linux drivers at a LOSS nonetheless ( you think they make enough on Linux-owner sales of their cards ot cover these programmers salaries? I doubt it. ), and all the community does is flame them. No wonder hardware companies are so hesitant to support Linux in any shape or form.
I also need to throw this in to close... I don't know what people's problems with these drivers are. I have been using them since version 1043, and I have *NEVER* had a problem that wasnt fixed by reading the FAQ. And their feature and 3D support totally blows away any of the open source drivers (ATIs always lag 1-2 years behind the release of a card, and they still don't have all the features of the windows ones).
There's one other thing that the "I'm content with binary" people forget as well, DRM. Nvidia and any other "binary" release could have DRM introduced and no one would be the wiser until the switch was thrown. I also think the "I'm happy with binary" group don't fully understand that FOSS is about control. Control of your hardware that you bought. That must be important judging by all the "wining" that goes on whenever a RIAA/MPAA story comes up. "I bought this CD/DVD and the big, bad corporation is dictating to me what I can do with it", and yet no one see's the problem with hardware companies "dictating" what you should be able to do with your hardware. I also think that most haven't learned their lessons from the Windows side. How much finger pointing have we seen between OS and hardware manufacturers? How many times has a manufacturer "taken their time" with a driver release? Or "It's time to rake in some more money, lets get everyone with older hardware to upgrade".
Everyone with a binary driver, regardless of platform. Can you honestly say that you control your computer, in every sense of the word? Why not?
The reason most of these companies develop binary-only modules is to keep a leg up on their competition. Put simply, companies like nVidia don't want ATI or Matrox getting hold of their improvements. Some drivers include proprietary technology and speed or quality improvements that either can't or (in the interest of profit) shouldn't be open.
Hardware manufacturers have very little that sets them apart from each other. Their biggest concern is that the driver source code would give away how the hardware works and therefore would show their competitors how to implement their technologies.
Let the hardware manufacturers develop their binary only modules. It's better than what we've seen with the wireless market...which is what we would likely see if we started spouting "show us your source code" to all of the hardware manufacturers that choose to make binary only modules...
And of course the other reason for a binary module is to charge for it (like is being done with Linuxant's DriverLoader) but...just like anything else worthwhile, there is already an open sourced equivalent under development.
This has been more than paid for by the thousands of NVIDIA cards sold on the back of supposed "Linux support".
Well, this is precisely why, I and many others, buy nVidia cards. I use a dual boot Win2K/Mandrake box and I know I'm getting excellent drivers for each operating system.
I personally don't see any problems with closed source binary drivers. The kernel provides (or should provide) interface abstraction to a sensible level where it's possible for safe "black box" drivers to be written.
Then again, I don't understand anything about writing device drivers or how tightly integrated to an os kernel they need to be. As a layman, I would have thought that the kernel provides certain services to a driver module which are accessable through an interface?
Card manufacturers have trade secrets to protect - that's the nature of the world we live in. No matter how much you or I may wish that drivers are all open source, if an opensource driver reveals details about the hardware, manufacturers are not going to want to opensource the software.
Do all of us Linux users a favor, then. Please switch to Windows. Or better yet, Mac OSX. Linux should not change itself to support the needs of the consumer-gamer crowd; if you want your expensive hardware to 'just work' why are you running on a tinkerer's operating system?
=====================
Together, we will drive the rats from the tundra.
Wouldn't it be more productive to concentrate on finding a solution everyone can accept?
Quack, quack.
What pisses me off are the, as was said, hardheaded people who are of the immovable position that either a driver is open source or it's evil. Or worse, those who say that either it should be open source or not exist!
You correctly, finally someone did it, pointed out that even if nvidia wanted to release their drivers under the GPL they can't! The owners of S3TC would own them inside of a week.
And it is not a bloody solution to just say people with such hardware can just bite off. I want to see Linux on the desktop, not just relegated to the server room, and that is only going to happen with good driver support across the board.
I'm sorry, not everyone who makes a board wants to GPL their drivers. They all have their reasons, right or wrong.
I would rather see such drivers then have to tell someone when they ask me about linux,
"Yes, it's a great OS. It's stable, runs fast, isn't full of bloat, blah, blah, blah. But you can only buy a model blah video card, model blah sound card. Because those are the only ones there are drivers for." Keep in mind that model blah and blah would likely be pretty old and out of date.
And to those saying that nothing "important" would have to be released to OS their drivers, that would logically mean it should be pretty easy to write OS drivers that are just as good as the, in this example, Nvidia binary drivers. Why is it then I haven't seen such drivers? (I am not a programmer, so I am likely off base on this, feel free to reply if I'm wrong)
Thank you no, I'll take my fully working, yes with binary nvidia drivers, system anyday. bah!
I was raised on the command line, bitch
"Nemo me impune lacesset"
My employer has a product that includes an embedded Linux system. Some of the product code runs in user space, some is implemented as loadable modules. I can find no clear guideline anywhere that tells me whether the product can remain proprietary (i.e., closed source).
First problem: Nobody's *opinion* (not even Linux or Stallman) counts - only a legal interpretation of the GPL has any weight in the real world (i.e, with my employer). Such a legal opinion does not yet exist (though it probably will post-SCO).
Second problem: Does the fact that some code is a module mean it has to be GPL'd? (These aren't device drivers, BTW).
Third problem: How much does the use of header files "infect" the code with GPLness?
As much as I love Linux, using it in a litigation-shy big company is more complicated that most people realize.
I think it would be interesting to see the support for these two statements:
and Where's he getting this stuff? I have serious doubts that copyright law contains the words "user space" anywhere. So just what causes that distinction to exist? My guess is that he's making it up (with the best intentions and desire, of course).That one about "anything that was written with Linux in mind" is particularly amazing.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.