Re: [PATCH 1/2] Introducing SPDX License Identifiers

[Stephen Hemminger <stephen@networkplumber.org>]

On Mon, 27 Nov 2017 13:16:03 +0530
Hemant Agrawal <hemant.agrawal@nxp.com> wrote:

> The DPDK uses the Open Source BSD-3-Clause license for the core libraries
> and drivers. The kernel components are naturally GPLv2 licensed.
> 
> Many of the files in the DPDK source code contain the full text of the
> applicable license. For example, most of the BSD-3-Clause files contain a
> full copy of the BSD-3-Clause license text.
> 
> Including big blocks of License headers in all files blows up the source
> code with mostly redundant information.  An additional problem is that even
> the same licenses are referred to by a number of slightly varying text
> blocks (full, abbreviated, different indentation, line wrapping and/or
> white space, with obsolete address information, ...) which makes validation
> and automatic processing a nightmare.
> 
> To make this easier, DPDK is adpoting the use of a single line reference to
> Unique License Identifiers in source files as defined by the Linux
> Foundation's SPDX project [1].
> 
> Adding license information in this fashion, rather than adding full license
> text, can be more efficient for developers; decreases errors; and improves
> automated detection of licenses. The current set of valid, predefined SPDX
> identifiers is set forth on the SPDX License List[2]
> at https://spdx.org/licenses/.
> 
> For example, to label a file as subject to the BSD-3-Clause license,
> the following text would be used:
> 
> Copyright (C) [YEAR] NAME-OF-COPYRIGHT-HOLDER
> SPDX-License-Identifier:        BSD-3-Clause
> 
> To label a file as GPL-2.0 (e.g., for code that runs in the kernel), the
> following text would be used:
> 
> Copyright (C) [YEAR] NAME-OF-COPYRIGHT-HOLDER
> SPDX-License-Identifier:        GPL-2.0
> 
> To label a file as dual-licensed with BSD-3-Clause and GPL-2.0 (e.g., for
> code that is shared between the kernel and userspace), the following text
> would be used:
> 
> Copyright (C) [YEAR] NAME-OF-COPYRIGHT-HOLDER
> SPDX-License-Identifier:        BSD-3-Clause OR GPL-2.0
> 
> To label a file as dual-licensed with BSD-3-Clause and LGPL-2.1 (e.g., for
> code that is shared between the kernel and userspace), the following text
> would be used:
> 
> Copyright (C) [YEAR] NAME-OF-COPYRIGHT-HOLDER
> SPDX-License-Identifier:        BSD-3-Clause OR LGPL-2.1
> 
> Note: Any new file contributions in DPDK shall adhere to the above scheme.
> It is also being recommended to replace the existing license text in the
> code with SPDX-License-Identifiers.
> 
> Note 2: DPDK currently adhere to it's IP policies[3]. Any exception to this
> shall be approved by DPDK tech board and DPDK Governing Board. Steps for
> any exception approval:
> 1. Mention the appropriate license identifier form SPDX. If the license is
>    not listed in SPDX Licenses. It is the submitters responsibiliity to get
>    it fist listed.
        ^first

> 2. Get the required approval from the DPDK Technical Board. Technical board
>    may advise the author to check alternate means first. If no other
>    alternatives are found and the merit of the contributions are important
>    for DPDK's mission, it may decide on such exception with two-thirds vote
>    of the members.
> 3. Technical board then approach Governing board for such limited approval
>    for the given contribution only.
> 
> Any approvals shall be documented in "Licenses/exceptions.txt" with record
> dates.
> 
> Note 3: Projects like U-boot have been been using SPDX License Idenfiers
> successfully [2]. They have been referered in implementing SPDX based
> guidelines in DPDK.
> 
> Note 4: From the legal point of view, this patch is supposed to be only a
> change to the textual representation of the license information, but in no
> way any change to the actual license terms. With this patch applied, all
> files will still be licensed under the same terms they were before.
> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>


I like this, it adds clarity.
What the kernel did was run a license scan and add SPDX tags
to any file without an existing matching license text.
I just did the same thing to iproute2.

Also, the copyright holder is free to replace existing verbose text
with SPDX tag instead, if they so desire.

Acked-by: Stephen Hemminger <stephen@networkplumber.org>