A position statement on closed-source kernel modules
| From: | Greg KH <greg-AT-kroah.com> | |
| To: | linux-kernel-AT-vger.kernel.org | |
| Subject: | [ANNOUNCE] Position Statement on Linux Kernel Modules | |
| Date: | Sun, 22 Jun 2008 22:01:18 -0700 | |
| Message-ID: | <20080623050118.GA22852@kroah.com> |
Hi, As part of the Linux Foundation Technical board, we confront the issue of closed source Linux kernel modules all the time, and we wanted to do something that could be seen as a general "public statement" about them that is easy to understand and point to when people have questions. So, after working on this for a while, and asking some of the other major contributors and maintainers of the kernel, what we have is below. There is also a site at: http://www.linuxfoundation.org/en/Device_driver_statement that contains a link to a statement from the Linux Foundation about this topic, as well as some more descriptions and background information, and a copy of the full statement as well. I've also put a pretty pdf version at: http://www.kernel.org/pub/linux/kernel/people/gregkh/lkm_... in case people want to print it out :) If there are any kernel developers who want to add their names to this statement, please let me know by private email and I will be glad to add it. thanks, greg k-h ------------------------------ Position Statement on Linux Kernel Modules June 2008 We, the undersigned Linux kernel developers, consider any closed-source Linux kernel module or driver to be harmful and undesirable. We have repeatedly found them to be detrimental to Linux users, businesses, and the greater Linux ecosystem. Such modules negate the openness, stability, flexibility, and maintainability of the Linux development model and shut their users off from the expertise of the Linux community. Vendors that provide closed-source kernel modules force their customers to give up key Linux advantages or choose new vendors. Therefore, in order to take full advantage of the cost savings and shared support benefits open source has to offer, we urge vendors to adopt a policy of supporting their customers on Linux with open-source kernel code. We speak only for ourselves, and not for any company we might work for today, have in the past, or will in the future. Dave Airlie Jens Axboe Ralf Baechle Arnd Bergmann Vitaly Bordug James Bottomley Josh Boyer Neil Brown Mark Brown David Brownell Michael Buesch Franck Bui-Huu Adrian Bunk Ralph Campbell Mauro Carvalho Chehab Denis Cheng Jonathan Corbet Glauber Costa Alan Cox Magnus Damm Ahmed S. Darwish Robert P. J. Day Helge Deller Jean Delvare Mathieu Desnoyers Alexey Dobriyan Daniel Drake Alex Dubov Randy Dunlap Michael Ellerman Jan Engelhardt Mark Fasheh J. Bruce Fields Larry Finger Jeremy Fitzhardinge Mike Frysinger Kumar Gala Robin Getz Liam Girdwood Thomas Gleixner Brice Goglin Cyrill Gorcunov Andy Gospodarek Thomas Graf Harvey Harrison Stephen Hemminger Michael Hennerich Tejun Heo Benjamin Herrenschmidt Kristian Høgsberg Henrique de Moraes Holschuh Marcel Holtmann Mike Isely Takashi Iwai Olof Johansson Dave Jones Jesper Juhl Matthias Kaehlcke Kenji Kaneshige Jan Kara Jeremy Kerr Russell King Olaf Kirch Roel Kluin Hans-JÃ?rgen Koch Auke Kok Jiri Kosina Mariusz Kozlowski Greg Kroah-Hartman Michael Krufky Aneesh Kumar Clemens Ladisch Christoph Lameter Grant Likely John W. Linville Yinghai Lu Tony Luck Pavel Machek Matt Mackall Roland McGrath Patrick McHardy Kyle McMartin Paul Menage Thierry Merle Eric Miao Akinobu Mita Ingo Molnar Andrew Morton Paul Mundt Oleg Nesterov Luca Olivetti Pierre Ossman Venkatesh Pallipadi Nick Piggin Nicolas Pitre Richard Purdie Mike Rapoport Sam Ravnborg Gerrit Renker Stefan Richter David Rientjes Stefan Roese Francois Romieu Stephen Rothwell Maciej W. Rozycki Mark Salyzyn Yoshinori Sato Holger Schurig Yoshihiro Shimoda Sergei Shtylyov Kay Sievers Alexey Starikovskiy Alan Stern Hirokazu Takata Eliezer Tamir Doug Thompson FUJITA Tomonori Dmitry Torokhov Marcelo Tosatti Steven Toth Theodore Tso Geert Uytterhoeven Arjan van de Ven Ivo van Doorn Wim Van Sebroeck Hans Verkuil Anton Vorontsov Daniel Walker Dan J. Williams Darrick J. Wong David Woodhouse Chris Wright Bryan Wu Rafael J. Wysocki Herbert Xu Vlad Yasevich Peter Zijlstra Bartlomiej Zolnierkiewicz -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Posted Jun 23, 2008 13:54 UTC (Mon) by tnoo (subscriber, #20427) [Link] (6 responses) Posted Jun 23, 2008 14:17 UTC (Mon) by Duncan (guest, #6647) [Link] (1 responses) Posted Jun 23, 2008 15:04 UTC (Mon) by dmarti (subscriber, #11625) [Link] Posted Jun 23, 2008 14:36 UTC (Mon) by ctg (guest, #3459) [Link] (1 responses) Posted Jun 23, 2008 14:55 UTC (Mon) by ctg (guest, #3459) [Link] Posted Jun 23, 2008 15:28 UTC (Mon) by rsidd (subscriber, #2582) [Link] Posted Jun 23, 2008 15:30 UTC (Mon) by dankamongmen (subscriber, #35141) [Link] Posted Jun 23, 2008 14:40 UTC (Mon) by mattdm (subscriber, #18) [Link] Posted Jun 23, 2008 14:48 UTC (Mon) by dcoutts (subscriber, #5387) [Link] (1 responses) Posted Jun 23, 2008 15:26 UTC (Mon) by hmh (subscriber, #3838) [Link] Posted Jun 23, 2008 14:58 UTC (Mon) by endecotp (guest, #36428) [Link] (7 responses) Posted Jun 23, 2008 15:23 UTC (Mon) by foo (guest, #1117) [Link] (1 responses) Posted Jun 23, 2008 21:53 UTC (Mon) by grahammm (guest, #773) [Link] Posted Jun 23, 2008 17:17 UTC (Mon) by iabervon (subscriber, #722) [Link] Posted Jun 23, 2008 19:27 UTC (Mon) by sepreece (guest, #19270) [Link] (1 responses) Posted Jun 23, 2008 22:58 UTC (Mon) by mmarsh (subscriber, #17029) [Link] Posted Jun 26, 2008 12:44 UTC (Thu) by mkflint (guest, #50223) [Link] (1 responses) Posted Jun 27, 2008 15:09 UTC (Fri) by shane (subscriber, #3335) [Link] Well, since in the video card world you are basically only talking about Nvidia, and most modern wireless devices support open source, I think it is more of a matter of time (years, admittedly) rather than "never". Posted Jun 23, 2008 19:45 UTC (Mon) by lrosen (guest, #31972) [Link] (27 responses) Posted Jun 23, 2008 21:31 UTC (Mon) by Tet (subscriber, #5433) [Link] (1 responses) My understanding is that's not strictly true either. Copyright law (indeed, all law) works the way a given judge deems it to work. Lawyers can have varying opinions on which way a judge is likely to rule in any given area, and advise their clients accordingly. The FSF have one view on that here, and you have another. Since both you and the Eben Moglen et al are far better versed in legal matters than I am, I'll defer to your judgement. But given that you appear to have differing opinions here, whose do I trust? Surely ultimately it comes down to how the judge rules when the issue gets its day in court? Isn't anything else just (informed) opinion? Posted Jun 24, 2008 0:11 UTC (Tue) by lrosen (guest, #31972) [Link] Posted Jun 23, 2008 21:44 UTC (Mon) by chromatic (guest, #26207) [Link] (3 responses) Posted Jun 24, 2008 2:22 UTC (Tue) by lrosen (guest, #31972) [Link] (1 responses) Posted Jun 24, 2008 12:26 UTC (Tue) by grantingram (guest, #18390) [Link] Posted Jun 24, 2008 8:17 UTC (Tue) by ekj (guest, #1524) [Link] Posted Jun 23, 2008 21:48 UTC (Mon) by dmarti (subscriber, #11625) [Link] (1 responses) Posted Jun 24, 2008 0:15 UTC (Tue) by lrosen (guest, #31972) [Link] Posted Jun 23, 2008 22:32 UTC (Mon) by man_ls (guest, #15091) [Link] (8 responses) It follows that the business models of QT and MySQL, to give two known examples, are utterly flawed. They distribute their software under the GPL, so anyone linking to it (even in utterly proprietary software) ought to be safe. Shouldn't they be worried? Posted Jun 24, 2008 0:23 UTC (Tue) by lrosen (guest, #31972) [Link] (7 responses) Posted Jun 24, 2008 4:05 UTC (Tue) by rahulsundaram (subscriber, #21946) [Link] Posted Jun 24, 2008 5:34 UTC (Tue) by frazier (guest, #3060) [Link] Posted Jun 24, 2008 7:35 UTC (Tue) by mjthayer (guest, #39183) [Link] (2 responses) Posted Jun 24, 2008 15:43 UTC (Tue) by tetromino (guest, #33846) [Link] (1 responses) Posted Jun 25, 2008 10:23 UTC (Wed) by dwmw2 (subscriber, #2063) [Link] §2 of the the GPL (v2) explicitly states that it applies to collective works — and collective works are aggregation, by definition. The GPL goes on to make an exception for "mere aggregation on a volume of a storage or distribution medium". That's not a particularly specific definition, and people could argue about precisely what it means for ever — although that argument would be fairly pointless because there is no "right" answer until/unless a court has ruled on it. In your particular jurisdiction. However, what we can manage for ourselves, as laypeople, is to eliminate the interpretations which are meaningless and contradictory. For example, if that "mere aggregation on a volume of a storage or distribution medium" paragraph actually excuses all forms of aggregation, which includes all collective works, then the two preceding paragraphs of the GPL — the ones which talk about the GPL applying to sections of a collective work which, if distributed separately, would be considered independent and separate works in themselves — would be a particularly verbose no-op. I don't particularly want to get into a long discussion about precisely what would count as "mere aggregation on a volume of a storage or distribution medium", but I think it's a fairly safe bet to assume that a court isn't going to rule that the GPL is self-contradictory and it actually means to except all forms of aggregation from its terms. Posted Jun 24, 2008 21:11 UTC (Tue) by man_ls (guest, #15091) [Link] (1 responses) Of course linking is not the concern of copyright, just as compiling isn't; as tialaramex explains below, it is writing code and distributing it (or a derived work such as the compiled binary) that can be doubtful. But is it the joint distribution of the linked code that makes software a derived work, or is it using internal interfaces, or what specifically? The MySQL and Qt examples would point to joint distribution, since those writing proprietary packages based on them usually rely on published interfaces (such as SQL); in which case the "received wisdom" on the Linux kernel about published vs internal interfaces and GPL-only symbols does not hold. But of course this is just hearsay; a qualified opinion would be most interesting. Posted Jun 27, 2008 16:12 UTC (Fri) by giraffedata (guest, #1954) [Link] I had the same thought that Larry missed the point when he implied people are saying linking is a copyright infringement. It is, instead, the preparation of and distribution of a derivative work that is thought by some to be a copyright infringement. But the derivative work argument I have seen does not talk about distributing a linked combination. The derivative work is the Nvidia driver all by itself. That would mean distributing the driver alone, or even creating it in the first place is controlled by copyright law (so requires the permission of the authors of Linux). Though this seems strange, the analog that is apparently well accepted in classic copyright is writing of a sequel to someone else's book. If you use the same characters, settings, etc., you need the permission of the author of the original. Extending that to loadable kernel modules, the argument I've seen considers it significant that the module's entire purpose is to extend that one work -- just like a book sequel. Posted Jun 23, 2008 23:01 UTC (Mon) by arjan (subscriber, #36785) [Link] (1 responses) Posted Jun 24, 2008 0:26 UTC (Tue) by lrosen (guest, #31972) [Link] Posted Jun 24, 2008 10:02 UTC (Tue) by tialaramex (subscriber, #21167) [Link] (6 responses) Posted Jun 25, 2008 21:18 UTC (Wed) by lrosen (guest, #31972) [Link] (5 responses) Posted Jun 26, 2008 10:29 UTC (Thu) by tialaramex (subscriber, #21167) [Link] (4 responses) Posted Jun 27, 2008 20:48 UTC (Fri) by Tet (subscriber, #5433) [Link] (3 responses) As a complete aside, anyone wanting to know how ld works is unlikely to do better than reading Levine's excellent "Linkers and loaders" book. Posted Jun 27, 2008 22:12 UTC (Fri) by nix (subscriber, #2304) [Link] (2 responses) Posted Jul 2, 2008 4:18 UTC (Wed) by roelofs (guest, #2599) [Link] (1 responses) Here you go. I didn't bookmark the LWN article, but it would have been from late March--probably either the 20 March or the 27 March edition. Greg Posted Jul 2, 2008 19:25 UTC (Wed) by nix (subscriber, #2304) [Link] Posted Jun 24, 2008 11:10 UTC (Tue) by Zack (guest, #37335) [Link] Posted Jun 26, 2008 12:37 UTC (Thu) by mkflint (guest, #50223) [Link] A position statement on closed-source kernel modules
Most prominently one name is missing here (*): Dmitry Torokhov (*) Marcelo Tosatti
A position statement on closed-source kernel modules
I noticed that as well. Based on past statements, I think he's rather more willing to deal with closed modules than some, and probably doesn't consider them so flatly "harmful and undesirable" under all conditions, at least not to the point he was willing to sign the statement. Duncan
"I'm a complete non-believer in binary modules" -- Linus TorvaldsA position statement on closed-source kernel modules
A position statement on closed-source kernel modules
It's quite undermining of the whole position - after all, it is _his_ kernel (or a least, commonly viewed as such).
A position statement on closed-source kernel modules
I meant to add: If you are aiming this at "corporates" (after all, who else develops closed source drivers) it should, ideally, be the statement of the Linux Foundation itself, as this would have far more weight that what, to the uninitiated, looks like a load of pseudo-random individuals.
A position statement on closed-source kernel modules
Other notable missing names I noticed: Al Viro, David Miller. In Linus's case, it could be that he doesn't want to take an official position (which could be construed as being "on behalf of" the project), regardless of his own opinions. This could be because binary modules aren't being outlawed anytime soon...
doomed without the mad russian
Nothing worth doing gets done without Alexey Kuznetsov! or garzik. or rusty.
In the interest of full disclosure
It's worth mentioning that the editor of this website is a signatory. On another note, it'd be interesting to compare the names here with some of the recent-ish articles about where kernel development comes from. What percentage of active kernel contributors (by various metrics) is accounted for here?
A position statement on closed-source kernel modules
I note there is no mention of the legal status.
A position statement on closed-source kernel modules
Yes, it lacks the legal status on purpose. Legal status varies depending on your local laws.
So What?
Without saying something like, "furthermore, we believe that the kernel license should be changed to prohibit such modules", or "furthermore, we believe that such modules are already prohibited by the kernel's license", this doesn't really say very much. The people supplying these modules are, on the whole, only really concerned with what they are legally allowed to do, and with what will make them money and what won't; not with what some people do or don't "urge them" to do.
So What?
It's a shot across the bow. Companies move slowly, and if the kernel folk were to do something drastic like say "no more binary modules", many companies would see at as a bolt from the blue and be looking prevent being vulnerable to such a thing again. With this formal heads-up, companies have time to react in ways they find acceptable.
So What?
Even if binary kernel modules were to be banned with immediate effect, it would not (or should not) be a 'bolt out of the blue'. Binary modules already taint any kernel which uses them, and the issue of EXPORT_SYMBOL_GPL is by no means new. So the complete ban of binary modules would just be an extension of the way things have been progressing for the last few years and not a 'bolt out of the blue'.
So What?
The people supplying these modules (and the people supplying a lot of open source ones, too) are only really concerns with what will make them money (what they're not legally allowed to do is simply something that has a high chance of future financial risk, so a special case). So the question they ask is: Will binary modules provide us enough income to cover the cost of developing them? That seems these days to mean: Will OEMs that care about Linux support use our hardware if there's a binary driver for it but no open source driver? Now, if hardware vendors think that OEMs will accept this letter as the basis for deciding whether hardware is suitable for inclusion in Linux-friendly systems, then it will have a huge effect: providing a binary driver won't get a vendor any new sales; it'll only make unhappy customers a bit less unhappy, but no more likely to buy from them again, and it will primarily benefit users who didn't make the purchasing decision anyway. The letter avoids the disputable question of whether you're allowed to write binary-only modules, in favor of the more clear and applicable question of whether there's any point to writing binary-only modules, to which the answer really is: nVidia can probably get some benefit out of it for the chipsets in the pipeline currently; otherwise, don't bother. (If it were only a question of legality, vendors would all switch to providing binary-only drivers for BSD, where it's obviously legal but just as obviously pointless; everybody who wants drivers for BSD doesn't want binary-only drivers)
So What?
I agree - the statement oddly without an operational conclusion. I suppose it does help to be on the record and that there probably are some companies that would be swayed by the authors' intentions. I suspect that a US lawyer could raise this statement ("it's a bad idea and bad for your customers") as a concession that such modules aren't prohibited by the license, simply because the developers argued against their use without arguing they are prohibited. On the other hand, it might be that in countries that observe authors' moral rights, this statement might have some weight [IANAL]. [Disclaimer: As a non-kernel developer, my opinion doesn't matter, but I'll share it anyway in the interests of full disclosure - I strongly support this statement and would advise anyone who asked to not create binary-only kernel modules, but I also believe that they are almost certainly fair use and not license violations.] So What?
Of course our opinions as non-kernel-developers matter. We're the mind-share; we're the customers. I returned a wireless card because the chipset on it wouldn't work with a Free driver. We demanded computers with Linux pre-installed, and there were enough of us that manufacturers provided computers with Linux pre-installed. We can choose distributions appropriately for our own use, and we can choose or reject devices running embedded Linux. How we, as the end users of Linux, view non-Free kernel modules matters a great deal.
Never happen...
"furthermore, we believe that the kernel license should be changed to prohibit such modules" It'll never happen. Breaking core functionality (graphics drivers, WiFi drivers, etc) on such a wide scale would hurt users and make the community look utterly stupid. Totally counter-productive.
It'll never happen. Breaking core functionality (graphics drivers, WiFi drivers, etc) on such a wide scale would hurt users and make the community look utterly stupid. Totally counter-productive.Never happen...
A position statement on closed-source kernel modules
If the Linux Foundation "Position Statement" is truly intended only to "urge vendors to adopt a policy of supporting their customers on Linux with open-source kernel code," then I can agree with that. But it is entirely another thing if they intend that vendors who don't disclose their driver source code be condemned as copyright infringers. The notion that linking of any sort produces a derivative work is nonsense. Copyright deals exclusively with *expressive* works, and only if a work is *expressively* derivative of another do we have a copyright infringement issue. Linking is a functional thing, necessary solely to effectuate a functional interworking between two programs. Functionality is not part of the copyright regime. 17 USC 102(a) contrasted with 17 USC 102(b). As long as a FOSS license expressly authorizes the making of verbatim copies of a work (and the GPL and all other FOSS licenses do that!) then the verbatim copying of a FOSS work to make it interwork with another program is NOT COPYRIGHT INFRINGEMENT. Such linking is within the scope of the license and the copyright law and hence authorized. This is the way copyright law works regardless of what Linux developers or the FSF might wish for. The fact is that the GPL and LGPL have the exact same effect on copyrighted works with respect to linking for functional purposes. I also argue that this is an appropriate result given the relative merits of copyright and patent. Copyright is essentially forever. We don't want authors--even responsible and generous Linux kernel developers--to lock up their technology for functional interworking simply by placing a copyright notice on it. The only way to lock up functionality is through patents, and those are temporary and ought to be hard-to-get. /Larry
This is the way copyright law works regardless of what Linux developers or the FSF might wish for.A position statement on closed-source kernel modules
A position statement on closed-source kernel modules
Perhaps Eben Moglen will speak up himself rather than be quoted (or perhaps misquoted)?
A position statement on closed-source kernel modules
> Copyright deals exclusively with *expressive* works, and only if a work> is *expressively* derivative of another do we have a copyright> infringement issue. Let's try a thought experiment. Take a kernel driver. Link it against two sets of headers. One is the standard set of Linux kernel headers from the most recent stable kernel release. Another is a complete clean-room reimplementation of the same kernel headers. If the two binary blobs produced differ by even one bit, then are the binary blobs not derivative works of the headers? The source code may not be derivative at all, but if your clients wanted to distribute source code and never a binary blob, this wouldn't be an issue.
A position statement on closed-source kernel modules
You'll enjoy reading SFLC's article on derivative works: http://www.softwarefreedom.org/resources/2007/originality....
A position statement on closed-source kernel modules
Well we might all enjoy the SFLC's article on derivative works but it is not the linked article! The linked article is about originality and as far as I can see says not very much about derivative works and it doesn't explicitly mention derivative works where you have two different authors.
A position statement on closed-source kernel modules
No. It's not automatically a "derivative" of Linux just because it has a single bit in its image changed by Linux. Copyright deals with creative works, thus merely being influenced in some mechanical fashion is not enough. The -content- matters, not the bits as such. For this reason, Harry Potter retold in your own words, in Sanskrit, would still be a derivative of the original, even if you took great care that not a single sentence is the same whereas another book very well could NOT be a derivative even if it DID happen to share a few dozen sentences with the harry potter books.
A position statement on closed-source kernel modules
Larry, imagine if it were something like, "We, the maintainers of the exampleware SMTP library, which is under the GPL, believe that email spam is bad." The maintainers aren't saying that they'll try to block spammers' right to use the library, or that a particular spammer is or isn't breaking the law -- just that if you get on the exampleware mailing list and ask for help using the library to send spam you're not likely to get far.
A position statement on closed-source kernel modules
As I tried to say, if the kernel developers are stating a desire, or even a policy with respect to their own involvement and support for non-open software, I welcome it and share that goal. My concern is only that some have translated that into a legal imperative, which it isn't.
So all I need to reuse your GPL software is to make it into a library (still under the GPL) and link to it. I can use as much of its functionality as I want, engrain it as deeply as I like, but as long as I just link to it I should be safe. For example I may take your painfully created GPL office software, use it as a huge GPL library, stick my proprietary user interface on it -- and the result is not a derivative work of the original package. I can have my cake and eat it. Is that so? Another counterexample?
Another counterexample?
If their business model is based upon misinformation about the reach of the GPL, then they ought to worry. But I have it on good authority that neither QT or MySQL are dependent upon that view of GPL.
Another counterexample?
I would be interested to hear about their view of GPL then.
Another counterexample?
Both MySQL (now part of Sun) and QT (unless Nokia has changed this) can be proprietary licensed from their respective companies: http://trolltech.com/products/qt/orderformhttp://www.mysql.com/about/legal/licensing/ How this is possible is that, unlike the Linux kernel which has a lots of copyright holders, or one of many free software projects that has the copyright assigned to the FSF, the copyright is owned and controlled by a single commercial entity. This allows them to offer two (or more) sets of terms that run parallel. In the case of QT and MySQL, this allows them to offer non-GPL compliant licenses for a fee.
Another counterexample?
Now you have got me interested - are you really saying (as an informal, non-legal statement of course) that I could legally distribute a closed-source binary that links against the GPL version of Qt?
Another counterexample?
Programmer A writes a Gtk+ emulation layer on top of Qt, and releases his result under the GPL. Programmer B writes a closed-source Gtk+ program, and links it to A's wrapper. A and B don't talk to each other. I am not a lawyer, but I am guessing that if you put A's library and B's program on one CD and sell it, you are not violating the GPL (since aggregation is not a derivative work, see article 2 of GPL-2).
Another counterexample?
I am not a lawyer, but I am guessing that if you put A's library and B's program on one CD and sell it, you are not violating the GPL (since aggregation is not a derivative work, see article 2 of GPL-2).
Putting two unrelated programs on a CD probably would count as "mere aggregation on a volume of a storage or distribution medium". But your reasoning in parentheses is a little suspect...
Care to elaborate? Just an authority based on your authority (a second-hand authority if you will) is not a good argument on itself. Another counterexample?
Another counterexample?
A position statement on closed-source kernel modules
Larry, I know you're a lawyer so you think legal things... but this statement very deliberately is NOT about anything legal. It's about the consequences and effects that binary modules have for users and Linux.
A position statement on closed-source kernel modules
To that extent, I agree with the published position statement. (I already said so!) I'm merely making the point that theirs is not a legal statement about device drivers and Linux, and ought not to be treated as such. /Larry
Linking
(This is essentially a side-issue, because no-one seems to be talking about trying to send lawyers after the makers of binary modules, but it's worth addressing because it's about the GPL vs LGPL rules which, contrary to lrosen's claim, I believe are important and beneficial) The argument you've made for linking can be made about lots of processes in the production of a literary work. But no-one has successfully made these arguments to a court in all these long years, so either they don't believe it, or the judges don't. The "creativity" component of copyright is whitewash. Maybe you'd argue that it shouldn't be, but with courts content to determine arbitrary collections of information as "sufficiently" creative for copyright protection I don't think your argument will stand up. Actually I don't think we even need to go that far. You haven't mentioned distribution. Neither the GPL nor LGPL care what you do with the protected code so long as you don't distribute it. If you want to take a GPL'd program (say GCC) and re-factor it as a library for integration into your own software no-one gives a hoot. But if you distribute the resulting product under a proprietary license you are infringing even if you rely on a third party to do the actual linking. This is for two reasons. Firstly because the law doesn't only care who pulled the trigger (hiring someone else to kill your wife doesn't make you innocent of murder). But secondly because you have no choice but to copy "sufficiently" expressive/ creative elements like arbitrary human-readable identifiers from the GPL'd software into your own product to make it work. Only if the sufficiency barrier is raised considerably would it be a problem to meet it for external linking. So far as I can tell your argument revolves around the idea that linking software resembles binding two books together with cellophane for sales purposes. No copyright issue. This is what the GNU GPL calls "mere aggregation". But compiling your software against a dynamic library is not "mere aggregation". Let me suggest a different analogy... Suppose I write a book criticising a popular novel, ah, let's say "Moby Dick" just after it has been published. I am entitled to write whatever I like merely /about/ this book, and my lawyer might advise me that I can quote small extracts from the book to illustrate a point, so long as I'm not scared of going to court to argue fair use. But how about if I'd like to buy copies of Moby Dick and apply stickers to each page with my commentary as footnotes to the relevant parts of the story (ignore for a moment the logistical challenge, in an e-book this would certainly be trivially overcome) ? Well, if I want to do this just for my own amusement I'm protected by the First Sale doctrine (they're mine and I'll do as I please). However, if I want to subsequently sell or otherwise distribute these copies (maybe give them away to schools), they are clearly derived works and I think I will need permission from the copyright holder (author or publisher) of the original Moby Dick. So, Lawrence, would you advise me to proceed? Would you be happy to argue (on your own dollar) that the stickered version of Moby Dick is not a derived work but merely an aggregation of two separate works ?
Linking
You wrote: "Suppose I write a book criticising a popular novel, ah, let's say 'Moby Dick'...." That is your right. And you may copyright your book. My primary example, though, is this. Suppose you include in your new book a link that says "Go read 'Moby Dick' by Herman Melville and let it enrapture you, and return here for the rest of my comments." That's linking to a verbatim copy of Moby Dick. That's what most device drivers do with Linux. ***** You then wrote: "But how about if I'd like to buy copies of Moby Dick and apply stickers to each page with my commentary as footnotes...." I think I'm safe in saying, that's a derivative work. :-) ***** You wrote: "Well, if I want to do this just for my own amusement...." I'd rather put it this way: "If you do it just for your own amusement Herman Melville is unlikely to give a damn that you're infringing, but if you do it for commercial reasons he would probably sue you for copyright infringement." [Ignore the fact that Moby Dick is now public domain!] ***** You wrote: "However, if I want to subsequently sell or otherwise distribute these copies (maybe give them away to schools), they are clearly derived works...." We already decided they were derivative works. There is no need to raise that question again. It makes no difference that you want to sell them or give them away. What we are deciding is whether you are entitled to do so under the Fair Use doctrine, the First Sale doctrine, or 17 USC 102(b) (the Merger doctrine). As to which, I leave that as an exercise for the reader. But my own advice would be, don't try selling any of MY writings with your stickers and commentary all over every page--unless I authorized you to do so in my open source license.... :-) Copyright (C) 2008 Lawrence Rosen This email is licensed to the public under the Open Software License (OSL 3.0).
Linking
Firstly congratulations on entirely avoiding an actual answer to my hypothetical, masterfully done. Still, I think you've made your position clear enough. You're in the situation of the lawyer who tells his client that of course it's OK for him to keep an alligator in his home, and then only subsequently finds out that alligators aren't the cute little furry things that go "Meow" but the big reptiles with the bad breath and the protected wildlife status. Whoops. In the light of this new information the alligator advice would be wrong. You seem to have confused "linking" in the sense meant by the distributed hypermedia community, where a link is just a machine readable "look at this" like your version of the Moby Dick book - with the "linking" needed to take a piece of software that's incomplete, non-functional or even meaningless and combine it with one or more other pieces of software into a whole. The linking process itself is purely mechanical, like assembling a car, but for it to be possible at all the creators of the two (or more) pieces of software must agree on a number of essentially arbitrary (as arbitrary as the choices of adjectives to describe a whale would be) decisions. In a very trivial piece of software this might be just one or two decisions, in a significant application like GCC it will be practically uncountable. In a GPL'd work these choices are incorporated into the work made available for licensees to copy and redistribute, but not without restriction. I don't know how technical you are, my guess is "Not very". But get someone to show you how 'ar' works. That's a piece of software which takes two object files and merely aggregates them into a single file, you can easily separate them again, even without specialist knowledge. Now, get them to show you how 'ld' works, that's the linker. This combines many pieces from several files into a single file, like my stickering process, interconnecting and changing them so that they work as a whole. This is effectively irreversible. After you've seen what's actually going on I think you might have a different opinion of whether it's "verbatim copying" or the creation of a derivative work. That would be your "alligator" moment. Yes, in theory you could sidestep the copying problem with clean room reverse engineering. But you ought to know enough about the history of IP to realise that it's not a cost-effective choice, it's the last resort. If I see that someone has used my GPL'd library to make a $10 shareware with a restrictive license, I'm not going to assume that they hired an army of people to reverse engineer the library, but that they're simply infringing.
But get someone to show you how 'ar' works [...] Now, get them to show you how 'ld' worksLinking
Linking
Ian Lance Taylor also wrote an excellent series on ELF linkers on his blog, which I seem to have mislaid the URL of (I think LWN linked to it at one point).
Ian Lance Taylor also wrote an excellent series on ELF linkers on his blog, which I seem to have mislaid the URL of (I think LWN linked to it at one point).Linking
Linking
Thanks! (akregator tends to randomly lose feeds you put into it, I think because it only saves its feed list at session save time...)
A position statement on closed-source kernel modules
>The notion that linking of any sort produces a derivative work is nonsense. The only thing that is clear is that anyone who claims there is a single clearcut way to a-priori distinguish between infringement and non-infringement when it comes to copyright applied to software (especially software covered by the GPL) is wrong. >Linking is a functional thing, necessary solely to effectuate a functional interworking between two programs. The old joke about smuggling an elephant with two slices of bread comes to mind.
But will it achieve anything?
This is all well and good (and I agree with every word), but it doesn't tackle the hardware manufacturer's three strong arguments against open-sourcing their drivers: 1. it's our intellectual property, open source drivers would reveal this valuable IP 2. why should we release open source drivers when there's a bunch of hippies writing open source drivers for our hardware for free? 3. open sourcing drivers won't increase our market share by any noticable amount The only way to influence them is to hit them in their balance sheet. This means: 1. the community stops writing open-source drivers for these companies if they don't offer significant assistance to the community 2. end-users buy hardware only from companies who do write open-source drivers and/or offer significant asssistance to the community
