Slashdot Mirror
Linux: the GPL and Binary Modules
An anonymous reader writes "When first made available in September of 1991, the Linux kernel source code was released under a very restrictive non-GPL license requiring that the source code must always be available, and that no money could be made off of it. Several months later Linus changed the copyright to the GPL, or GNU General Public License, under which the kernel source code has remained ever since. Thanks to the GPL, any source code derived from the Linux kernel source code must also be freely released under the GPL. This has led many to question the legality of 'binary only' kernel modules, for which no source code is released. Linux creator Linus Torvalds talks about this issue in a recent thread on the lkml."
Maybe I'm wrong here but perhaps this is a way to look at it. If I wrote a story that was derived from the LOTR then it would not be a derived work in the legal sense it would be copyright by me. Although I'd have to get permission to use the trademarked names etc. Isn't this a bit like the linux kernel issue? The module is not directly derived from the kernel it is an extension that uses the hooks that were created in the previous "story". Maybe I'm on crack here....
I have a theory that the truth is never told during the nine-to-five hours. - Hunter S. Thompson
A certain amount of pragmatism has to prevail here -- were binary modules disallowed, the phrase 'shoot yourself in the foot' jumps to mind. Linux is probably better off with them, as it lowers the entry barrier to companys wishing to contribute. And that's rarely a bad thing.
((lambda x ((x))) (lambda x ((x))))
This "grey area" exists because there is no clearly defined boundary defining the seperation between the kernel and the drivers. Modules are parts of the kernel which have not been linked yet. When they're required, they are loaded and linked with the kernel.
The fact that Linus states that there is no exception must worry a lot of companies out there who are producing binary drivers for Linux E.g. nVidia, or SciTech (Who started the LKML thread, after all!) Are nVidia's kernel modules under the GPL? If the possibility exists that they are then I would expect them to suddenly get cold feet over Linux.
If the kernel had a proper boundary with E.g. a set of API's that the kernel and drivers can use to communicate with each other then it would help to solve the issue of what is and isn't "the kernel". For example in Syllable drivers are ELF images which are loaded by the kernel ELF loader. The drivers are loaded under the kernels memory space but there is a very well defined API between the two, and a very clear seperation between them. Under this model I can argue that the kernel is actually being linked to the driver, so the driver can be under any licence while the kernel remains under the GPL. There is no "cross pollenation" between the driver and the kernel. Which is a good thing IMHO, if it avoids issues like the ones being raised on the LKML.
Syllable : It's an Operating System
LWN.net do some great coverage of this issue in these articles:
http://lwn.net/Articles/53780/
http://lwn.net/Articles/51561/
These two articles are in relation to Linksys, but they cover the general issue. There have been some other great GPL-related articles on LWN.net if anyone wants to search the site.
Expert in software patents or patent law? Contribute to the ESP wiki!
Linus talks all about linking source with the kernel and stuff like this. But guess what: With most binary modules this part is done by the user, not by the distributor, and this is clearly your right - you just cannot distribute the binary.
See for example stuff like driverloader (the ndis-wrapper around windows wlan drivers for the centrino and other cards): They are shipping a source which you can compile against the kernel headers (which are provided by YOU!) and will form a kernel module which can be loaded (by YOU!) against the kernel.
I really can't see how linus can claim copyright to the distribution of any source which happens to run with the linux kernel - but does not contain any part of it. And the enduser is free to compile and link this sources against the kernel, as the GPL allows modifications for own use without any restriction.
I guess the whole discussion is politics. Linus dislikes binary only drivers (for good reasons: they are unflexible, hard to debug and can cause user confusion and problems) and would like to have them not happen. But i don't think it is helpful to take a extreme shaky legal position (and downright confusing the users by making legal statements which simply do not apply here) to achieve this goal.
Although i dislike binary-only drivers in general, i came to the understanding that sometimes this might be the best you can get. In the business software world copyright is often a diverse field, and even companies who would like to release the source might be barred from that through NDAs and copyrights of third companies. So some companies have no choice but releasing binary drivers and i'm happy that they do at least that. If all would adhere to linus position we would just keep some users alone out in the rain. I'm all for helping users getting their hardware running. They might have made the wrong purchase in the first (getting a hardware with open sourced drivers would have been wiser), but just saying "tough stuff, you have lost, now go away" won't help them.
Linus really calls it the way he sees it, doesn't he?
Your logic is fundamentally flawed, and/or your reading skills are deficient.
You are a weasel, and you are trying to make the world look the way you want it to, rather than the way it _is_.
Wow. I hope someday I'm enough of a badass to be able to flame people like that and get away with it. (That said, it's particularly impressive how Linus can fling these barbs at people and still come off as a reasonable guy, unlike quite a few open-source "leaders". Having a sense of humor seems to help quite a bit.)
OK, from the article it seems that merely writing a device driver which uses the kernel module interface automatically makes the code a derived work. Also, building programs which include the kernel header files automatically makes those programs GPL.
Now, what if someone wrote another standard driver interface, separate from the kernel interface, wrote a device driver which implemented that and then wrote a GPL'd interface wrapper which translated the Linux module interface to that of the new standard?
Obviously, the wrapper interface code is now a derived work. However, does it also mean that because the new driver which uses a code interface which the GPL'd wrapper implements now is tainted by the GPL?
Also, does the driver become a derived work if the person who writes it initially does so to get some hardware working on his Linux box, rather than his other box which runs ObsureOS which also implements this standard device driver interface but the person hasn't installed the hardware on that machine yet?
Agrajag: "Oh no, not again!"
it lowers the entry barrier to companys wishing to contribute
I see it as encouraging companies *not* to contribute. Why give people Free code when you don't have to?
A binary file is not a contribution, it's just a marketing tactic exploiting our free platform. Since the Linux hackers have written an entire kernel, I don't think it's unreasonable for them to ask for module source code in return. Otherwise the module vendor is a parasite.
Expert in software patents or patent law? Contribute to the ESP wiki!
The SCO case will have some far reaching effects if a sufficiently bone-headed judge rules in certain ways. One of the cornerstones of SCO's "case" is their theory on derivative works: notably, JFS. JFS is in the same category of kernel module as AFS which Linus references. SCO claims that JFS is a derivative work of Unix and therefore falls under IBM's contract obligations and SCO's copyright. Were SCO's theory to be accepted, it would be theoretically possible to try to force AFS to be GPL'd under the same theory.
An even more interesting stretch of the theorem would depend on how this "derivativeness" would be defined. Why is JFS a derivative work? If it's because it has substantial similarities to other Unix file systems (tree structured directories, permissions) there's an interesting case against MS for NTFS and DOS FAT, as these both have tree-structured directories and MS has been a Unix licensee. Now, wouldn't that be fun. Unfortunately the only entity that could bring that case would be our good friends Darl and SCO at this time.
So, I think there's lots of things to quibble about here, and appended is part of the law that might prove relevent. I'll try to make a case for a driver company attempting to create a non-GPL driver that uses snippets of GPL'd code in a 'fair use' way.
.h files), is what matters, and not all of the compilable code even in the subset of files referenced are used to create the .obj.
The key I think is if you can convince a judge that what they are doing is furthering 'research'. But the rest of the tests obtain:
1) Binary Linux drivers are generally release with a non-commercial nature - people don't charge for the software (although the opposite case, that you have to buy the hardware, could be argued to contradict this) - specifically, note that the word "including" modifies the two called out styles of use (commercial and non-profit eduacation) - thus other things might very well cause this section to obtain.
2) The copyrighted work is humungus and designed to be used in explicitly this manner
3) The portion of the whole is miniscule - it could be characterized as a 'quote' from an original source
4) The effect on the market value of the copyrighted work can be argued (successfully, I think) to be _positive_.
One other thing: I am under the impression that you can't copyright tables of raw data (such as names and their numeric mappings), so with Linus, I'd argue the #defines and such don't count for these calculations. The comments can't be said to contribute to the (binary) final work, even if someone read them once. Linus noted, and I agree, the compilable code (macros, subs defined in
I think I've made a (albeit shakey) case for 'Fair Use' in this way.
(ObSCO: I wouldn't be _at all_ surprised if SCO is going to attempt to argue that the overwhelming weight of the detrimental effect of #4 on SCOnix's value will outweigh the relatively trivial amount of infringement of #1, #2, #3 should IBM attempt to suggest fair-use of a couple of lines here and there)
------
Title 17, Chapter 1, Section 107
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is a fair use the factors to be considered shall include --
(1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
(2) the nature of the copyrighted work;
(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
(4) the effect of the use upon the potential market for or value of the copyrighted work.
The fact that a work is unpublished shall not itself bar a finding of fair use if such finding is made upon consideration of all the above factors.
I hate binary-only kernel modules, and all kernel modules should be available as source.
I recently purchased an IDE Raid controller, and naturally I chose one where the box said "Yes! Works with Linux!".
Sounds great so far, doesn't it? Problem was that the drivers turned out to be precompiled binaries for the kernel shipped with the following distributions: SuSe 7.1-8.0 and RedHat 7.2-9.0.
I returned the controller and demanded my money back.
First of all, I ran Debian with a kernel not supported by the binary drivers.
Second, with these kernel-spesific drivers I would be unable to upgrade my kernel (what if an dangerous kernel exploit is found?)
Third, "Yes, works with Linux!" is a lie. What the label should say is "Yes, works with a couple of Linux kernels!"
Fuck the binary drivers. I don't see the point. It's not like they would loose money by giving away the source to the driver -- they'll sell the hardware anyways, won't they!?
I know some people just hate the idea of binary drivers to begin with, and if that is your stance, fine; I don't agree, but I understand where you're coming from. But if you're going to allow binary modules (as Linux does), why do it in such a half-assed fashion that a company that might provide a Linux driver can't be sure one way or another how you're going to view their code (exempt from GPL or bound by it)? Either do it right and enforce a clear boundary or just stick with source only drivers.
The original purpose of restricting derived works was to make it so that authors (companies or not) could not copy code from the public domain and claim it as private work, No?
Kernel Modules cannot exist without the Linux Kernel. This dependancy means that any part of the Kernel Module that depends on the kernel for *module* interface purposes is not derived work. It is when authors base their code off of other code that is in the GPL that they must in turn release thier code under the GPL.
So in short, if the module could have been written entirely with Manpages and documentation, it is not derived work. If the author views the code of other modules, then it is derived work.
Deriving functions and invoking them are two very different things.
My driver is a parody of their driver. :-)
I think you've missed the point, the problem is to define what does "based upon" means.
When you compile a binary, you have to compile with some header files which are GPLed. So you are "based upon" GPL code right?
IIRC Linus argued that this wasn't sufficient. He stated that for a module needed to be written with Linux in mind (ie targeted at it), accessing particular data structures, then it would have to be GPLed.
My second printer was a Citizen 120-D 9-pin mono dot matrix, and it was also very Epson-compatible. It had a beautiful programmer's manual replete with examples of how to access each feature, from simple double width text to high-density image graphics, and even went so far as to provide timing details for the Centronics interface. {Hey, you might be plugging the thing into some device of your own construction}. It was even known for owners of EPROM burners to patch the charsets to match certain manufacturers' non-strict interpretation of ASCII {the BBC model B, for example, had a pound sign at CHR$(96) instead of a backtick, so it could keep the comment mark at CHR$(35) - a comment in BASIC is denoted by REM, but the # was used to specify immediate mode in assembler}.
..... you get a Quick Start guide which says "Plug the printer into your computer. Do exactly what Windows tells you to do" and a huge manual, replete this time not with useful programming information but with dire warnings about attempting to do anything "unauthorised" with the printer, and it probably illegal to examine the printout with a magnifier to see how the fonts are made up.
Compare and contrast that with today
IMHO the lawful owner of an instrument has the right to know everything about that instrument. My property can, by definition, contain no secrets from me {though I might reasonably be bound to keep any secret I discover}. It's time that this was enshrined into law. If you can't handle the concept of people knowing how to write drivers for your hardware then you perhaps shouldn't be selling it. Mandatory Full Disclosure would put an end to this argument once and for all.
Je fume. Tu fumes. Nous fûmes!
You clearly missed the point in my signature. It has nothing to do with pessimism. Karl Popper (famous natural philosopher) wrote a book after WW2 called "The Open Society and its enemies" as a defence of democracy and a critique of totalitarian rule (including fascism, communism and various religious ways to rule).
In the book he argues that democracy has an incremental approach to society building whereas e.g. communism (and political islam for that sake) has a "revolutionary" approach. The point is that those who promise us paradise on Earth after we have made the society in whatever way they would like us to - they have always ended up giving us hell on Earth (Soviet Union, Iran, Afghanistan and so on).
Companies like NVidia provide binary-only modules because they have to. Their code contains stuff that is patented and licensed from other companies, and they *cannot* legally release that code.
For example, NVidia's linux drivers contain S3TC tecxture compression algorithms, which is patented and licenssed. It is not theirs.
They CANNOT open source these drivers, nor could Linux developers create an implementation of them without being sued by the company who owns the rights.
And people just don' t seem to get this and it really really pisses me off. NVidia is just trying to do The Right Thing (tm), releasing Linux drivers at a LOSS nonetheless ( you think they make enough on Linux-owner sales of their cards ot cover these programmers salaries? I doubt it. ), and all the community does is flame them. No wonder hardware companies are so hesitant to support Linux in any shape or form.
I also need to throw this in to close... I don't know what people's problems with these drivers are. I have been using them since version 1043 (3+ years), and I have *NEVER* had a problem that wasn't fixed by reading the FAQ. And their feature and 3D support totally blows away any of the open source drivers (ATIs always lag 1-2 years behind the release of a card, and they still don't have all the features of the windows ones like FSAA and anisotropic filtering, while NVidia has had them for years).
So far, most posts in here have been about binary only drivers provided directly by hardware vendors. My case is somewhat different, yet if I read everything correctly, I could still be affected by all this.
I am the author of the Linux Philips webcam driver, which supports a lot of Philips and Logitecht webcams, and a few others. This driver has been in development for nearly 4 years, has been formally introduced into kernel 2.4.5 and has been in continual support by yours truely ever since the first public release, some 3 years ago. Now here's the catch:
Part of the driver (PWC) is Open Source, even in the kernel under the GPL. With it, you have a functional webcam driver, but there are some limitations; you can't get the full resolution and not as high as framerate as is possible. For that, you need a binary only plugin, called PWCX. It contains decompression routines that allow you to use the cam at its full performance. These decompression routines fall under an NDA and are thus not public. Judging by the number of mails and webvisitors I think this driver has been quite a success. And now this may no longer be possible.
The point is, that by the strict interpretation held by Linus et al. I can no longer make this PWCX driver, thereby depriving a lot of users of a useful bit of hardware. Or at least make it quite a bit less enjoyable. I might as well remove the PWC driver altogether form the kernel then, hmm?
First off, I feel sorry for the thousands of Linux users that use my driver (PWC and/or PWCX) and may no longer be able to do so. Second, I'm getting pissed off beyond measure by this Open Source fundamentalism because it is my driver that may be turned into a worhtless piece of code.
It is my ass here that's on the line; I signed the NDA with Philips and if I goof up and accidently post the decompressor code or fail to protect it properly, I will be the one standing in court, not Linus. Second, I went through all the trouble of getting in contact with Philips, trying to convince them to help the Linux community and indeed they have, and I commend them on that. But they have their reasons to shield some parts from prying eyes (read: competition) and I can't blame them. So that's why there's and NDA and it's even fairly relaxed. Without the NDA there wouldn't even have been a driver.
BTW, Philips spent exactly 2 webcams and a couple of manhours on getting the paperwork done in order to get their product supported in Linux for 3 years across 3 major kernel versions, including online helpdesk. I think that's damn cheap. I cannot count the hours I spent on programming and debugging and tracing intractable bugs, not to mention the time spent in helping users by e-mail. I've also spent many an hour to get this PWCX module crosscompiled to various hardware platforms in order to extend it's Linux usage as much as possible. Now that may appearantly all have been a big waste of time. Thank you very much!
No, it is time to realize for anybody who thinks that the GPL is the Holy Grail of computing that this is not going to work. You cannot force anyone to oblige by a volountary license (because that's what the GPL is: nothing more, nothing less). As I wroting in my piece on tainting the kernel, if you make it any harder for (hardware) vendors to support their product in Linux, they'll drop it like a brick because they don't have to. This way Linux will never gain any real acceptance.
Finally, it's also not very wise to piss off people like me, who are doing their best, and made some small yet clearly apreciated contribution to Linux. I would also rather have a complete Open Source solution, but I'm realistic enough to know that is not possible in this Universe. So I think I've struck quite a good comprise. But if I am being told now: "well, that isn't good enough", I might just throw in the towel in the ring altogether.
- Nemosoft
"Fix it? It has been disintegrated, by definition it cannot be fixed!" - Gru in Despicable Me.
In ye olde days, drivers did nothing more thancanfigure and move data back and forth to a piece of hardware. They were fairly trivial pieces of software, and so no one cared if they were protected. Many types of drivers are still like this today. Network card drivers typically do nothing magical.
A few generations ago, hardware designers realized that they could offload some of the task traditionally done in hardware to the driver. Thus they could simplify the hardware and save money. The driver for a WinModem doesn't just configure and communicate with a hardware modem, it actually performs in software some tasks that were usually done in the modem hardware itself.
At this point, drivers aren't trivial programs, but represent substantial investment and competative edge for the hardware manufacturer. If WinModem company B could look at WinModem company A's driver, they would see the tricks that they used in order to reduce the part count that much further. Company B could immitate Company A, and match their price.
Video cards are like WinModems, although the competititon is not based price but performance. The card manufacturers are using tricks in the driver in order to boost the performance of their hardware. Those tricks may confer to them a competetive advantage, so they won't open source the drivers.
Smart companies are quick to release software as open source when the software doesn't give them a specific and compelling competitive advantage. Cisco released CUPS as OSS because they felt they would benefit far more from having a community enhance their internal printing system than the would be hurt because Bay Networks could reduce their overhead a few hundred thousand dollars. Cisco is not going to open source their routing software anytime soon, because other router manufacturers could use it to compete against Cisco.