[PATCH] crypto: vmx: Remove dubiously licensed crypto code
Michael Ellerman
mpe at ellerman.id.au
Thu Mar 30 11:17:33 AEDT 2017
Michal Suchanek <msuchanek at suse.de> writes:
> While reviewing commit 11c6e16ee13a ("crypto: vmx - Adding asm
> subroutines for XTS") which adds the OpenSSL license header to
> drivers/crypto/vmx/aesp8-ppc.pl licensing of this driver came into
> qestion. The whole license reads:
>
> # Licensed under the OpenSSL license (the "License"). You may not use
> # this file except in compliance with the License. You can obtain a
> # copy
> # in the file LICENSE in the source distribution or at
> # https://www.openssl.org/source/license.html
>
> #
> # ====================================================================
> # Written by Andy Polyakov <appro at openssl.org> for the OpenSSL
> # project. The module is, however, dual licensed under OpenSSL and
> # CRYPTOGAMS licenses depending on where you obtain it. For further
> # details see http://www.openssl.org/~appro/cryptogams/.
> # ====================================================================
>
> After seeking legal advice it is still not clear that this driver can be
> legally used in Linux. In particular the "depending on where you obtain
> it" part does not make it clear when you can apply the GPL and when the
> OpenSSL license.
It seems pretty clear to me that the intention is that the CRYPTOGAM
license applies.
If you visit it's URL it includes:
ALTERNATIVELY, provided that this notice is retained in full, this
product may be distributed under the terms of the GNU General Public
License (GPL), in which case the provisions of the GPL apply INSTEAD OF
those given above.
I agree that the text in the file is not sufficiently clear about what
license applies, but I'm unconvinced that there is any code here that is
actually being distributed incorrectly.
Getting the text in the header changed to be clearer seems like the
obvious solution.
> I tried contacting the author of the code for clarification but did not
> hear back. In absence of clear licensing the only solution I see is
> removing this code.
Did you try contacting anyone else? Like perhaps the powerpc or crypto
maintainers, or anyone else who's worked on the driver?
Sending a patch to delete all the code clearly works to get people's
attention, I'll give you that.
More information about the Linuxppc-dev
mailing list