From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1pO0cd-0006x9-LI for mharc-grub-devel@gnu.org; Fri, 03 Feb 2023 13:17:15 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pO0ca-0006we-Uy for grub-devel@gnu.org; Fri, 03 Feb 2023 13:17:13 -0500 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pO0cX-0002Aj-Lk for grub-devel@gnu.org; Fri, 03 Feb 2023 13:17:11 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1675448227; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=+vjJN2pJ1oQQdXn8XWRdmOD5ZYitQza07tYQCVb6j38=; b=MrysIjtbltuDc9PPvJfxfGDobv/ZNFYAkMJ+70cYVI95x8CI+4GpXBjitur2qUsb5a0Vq8 +SYxpx30fQ7hgoqXUGOQGGX+mK0EP3S/ddt0Z1UShIF7QEtSsA0dyz7QiI+w6DdRfS4Vdy wP79804vu8hnWvkoGjyRnde+EyWBR9w= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-639-9W0fOFIoMhiw9EB7PECmBw-1; Fri, 03 Feb 2023 13:17:06 -0500 X-MC-Unique: 9W0fOFIoMhiw9EB7PECmBw-1 Received: by mail-qt1-f197.google.com with SMTP id x16-20020ac87ed0000000b003b82d873b38so3058991qtj.13 for ; Fri, 03 Feb 2023 10:17:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:message-id:date:references:in-reply-to:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+vjJN2pJ1oQQdXn8XWRdmOD5ZYitQza07tYQCVb6j38=; b=lJAVHCk023mVGQhHodocMLDzr1BQ0sgojegx0xHcOebPrdK00tYxmrW5IG+DHxv14T KTJ1kO5lxlKf+R4wB7FYpN7CEvNz2MM9u9mFmjFgm9nSiPAqEPNSxAKKDn7iYvOvqiSx HE376jSH/ISiLj/O2S6D/g+8OQcqU/yyNzy20dCrVMbwfh+nBjZa1IfXxbCBh83cmhVh 2cRmHLy+l12d1sQ1zTN8i+pBwl4ySjGCo7umuJIWsXhSJgULj9yS2Q/SHevL1oA3ePHM r5JhxT351xV8QJNJXJIxwNjLYTa70uB5DUvHxOFOJEZhpUHNwNhNy5kVYcRjO90Edv+v i1Iw== X-Gm-Message-State: AO0yUKXNiCBAbCBozeytuttJ7k7uNf7lozPi+ZjQhS8MEEET7wOGC6Kv JkIDkDjNwTT9S1LUQ0tHFra83LSQ3OLaLOHR+94SAeJXZslqoe/gQu05Gxq93BJpHwPNJrnFuOV J/81WdGy+EZE= X-Received: by 2002:a05:622a:413:b0:3ba:807:99d9 with SMTP id n19-20020a05622a041300b003ba080799d9mr4073480qtx.6.1675448225501; Fri, 03 Feb 2023 10:17:05 -0800 (PST) X-Google-Smtp-Source: AK7set8yBmvTEcyvSoRFKcXo52mpkXF5lMjkKY4mRcR1am24sboHFkEzJYAAoeMwk4WH4gY2o5Jeew== X-Received: by 2002:a05:622a:413:b0:3ba:807:99d9 with SMTP id n19-20020a05622a041300b003ba080799d9mr4073428qtx.6.1675448224999; Fri, 03 Feb 2023 10:17:04 -0800 (PST) Received: from localhost ([2600:4040:520a:8800:7d1c:f0a7:5c44:ed0e]) by smtp.gmail.com with ESMTPSA id b19-20020a05620a271300b0071a291f0a4asm2323727qkp.27.2023.02.03.10.17.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Feb 2023 10:17:04 -0800 (PST) From: Robbie Harwood To: George Barrett , grub-devel@gnu.org Subject: Re: Question re correctness of module license check In-Reply-To: <-zojt/j-yt&0z68c5/phrphz9ia26t/4wk.588flsn360g41m01h@mail.bob131.so> References: <-zojt/j-yt&0z68c5/phrphz9ia26t/4wk.588flsn360g41m01h@mail.bob131.so> Date: Fri, 03 Feb 2023 13:17:01 -0500 Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=170.10.129.124; envelope-from=rharwood@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Feb 2023 18:17:13 -0000 --=-=-= Content-Type: text/plain George Barrett writes: > The module loader contains the following check:[1] > > /* Me, Vladimir Serbinenko, hereby I add this module check as per new > GNU module policy. Note that this license check is informative only. > Modules have to be licensed under GPLv3 or GPLv3+ (optionally > multi-licensed under other licences as well) independently of the > presence of this check and solely by linking (module loading in GRUB > constitutes linking) and GRUB core being licensed under GPLv3+. > Be sure to understand your license obligations. > */ > static grub_err_t > grub_dl_check_license (grub_dl_t mod, Elf_Ehdr *e) > { > Elf_Shdr *s = grub_dl_find_section (e, ".module_license"); > > if (s == NULL) > return grub_error (GRUB_ERR_BAD_MODULE, > "no license section in module %.63s", mod->name); > > if (grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3") == 0 > || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv3+") == 0 > || grub_strcmp ((char *) e + s->sh_offset, "LICENSE=GPLv2+") == 0) > return GRUB_ERR_NONE; > > return grub_error (GRUB_ERR_BAD_MODULE, > "incompatible license in module %.63s: %.63s", mod->name, > (char *) e + s->sh_offset); > } > > IANAL, but my understanding is that GRUB's license is complied with when > the loaded module is covered by a license that can be "subsumed"[2] by > the GPLv3 (or that can subsume the GPLv3, like a future GPLv4). As > noted by [2], this includes Apache, MPL, etc. > > As for the "GNU module policy", I could not find what this references: > - The commit introducing the check doesn't mention what this policy is, > where it comes from or where it was discussed.[3] > - Neither does the mailing list thread in which the GRUB change was > discussed.[4] > - Looking up variations of "GNU module licensing policy" didn't reveal > any clues either (only [5], which seems to further support the notion > that licenses other than GPL might be acceptable). > >>>From the above, it is my conclusion that > (a) usage of other compatible licenses for modules is legally > permissible, contrary to the suggestion of the quoted comment; and > (b) any such GNU policy mandating modules be GPL licensed is either > disused to the point of obscurity or never truly existed in the > first place (i.e. was the result of some ad-hoc process or > misunderstanding, etc, rather than some officially promulgated and > promoted policy. I don't intend to insinuate deliberate > untruthfulness). > > Is this fair/accurate? If so, can the check be relaxed to accept > compatible licenses and the comment clarified? > > [1]: https://git.savannah.gnu.org/cgit/grub.git/tree/grub-core/kern/dl.c?id=65bc45963014773e2062ccc63ff34a089d2e352e#n451 > [2]: https://www.gnu.org/licenses/license-compatibility.html#combining > [3]: https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e745cf0ca64f94fa072d777cde8186aca2b78c1f > [4]: https://lists.gnu.org/archive/html/grub-devel/2011-04/msg00089.html > [5]: https://www.gnu.org/licenses/gpl-faq.en.html#GPLModuleLicense Despite having patched this code, I don't understand what this license check is intended to accomplish. The usual caveats apply: I don't like proprietary software either, I'm not a lawyer, etc.. First, on secureboot platforms (which is "lots" of them), the modules have to be baked into grub at image creation time. There's no point in a license check there. That aside, theoretically grub modules can either come from within the grub source tree, or externally. If they're internal to the tree, then they must already have compatible copyright - else they would not have been committed. We're not aware of anyone trying to use external modules, and as discussed previously on the list that's fraught anyhow, but suppose they were. Even if the license on their module were maximally incompatible with grub's, all that does is render them non-redistributable. (This is akin to the situation ffmpeg can get into when certain GPL-incompatible pieces are built.) There's no basis for refusing to load the module outright. But even then, suppose there were. As your post points out, the process of deciding what's "compatible" is much more complicated than strcmp. We would need a list of acceptable licenses, which we keep updated somehow - and if we're being intellectually honest, the capability to parse and understand full SPDX expressions (or similar). I doubt any of us seriously want that in the bootloader. So to return to the start, if it's not generally going to do much as-is, then why do I care? Unfortunately, the module license checks is pretty much the first thing that handles a module. If either the module or its containing signed image is malformed, truncated, etc., then we can get errors in the license check. They're not helpful and an end-user certainly can't act on them properly. Be well, --Robbie --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEA5qc6hnelQjDaHWqJTL5F2qVpEIFAmPdT50UHHJoYXJ3b29k QHJlZGhhdC5jb20ACgkQJTL5F2qVpEIdLw/8Dz2P5tHJxNrmAmmhrsSOwXCkMPfS vT7lpjT4yMJoHKJOVGpknGfDUIBskeFd+nFiBo5GYiI4YQMyd/8dfpFVzAfi8UK/ Bs9xxpeN+G2qL/twNPB/o4LYSExFhl36yUOKnYhYnXFL70IkCWDa8RAS3ijiwbyu 1ZGTHEt9TMcqXunCNcfkl+EqWvwVvAmJopfkujXz0Oy4PrMFtiByKmriU13BgVTB c2Y0k2aYjsAb6YSZmTK6kTv/yzfJuoLOP/Op3e7QEDbmwPsXTD7DXp+SDyhICKub LHsdYQB1IfuyD8n3idGMMua6kF2LFX1Grkcf+0EXVtOctxkyV0MGvWZlqCtobiTq An9nJAZnjZ2+Ng74D3mPfxO50wx1F9eHUcyxFivDJNV5oTyWGKY8spE5oKz2hSu+ d3mH1z5wl447vSxtz4IM6FnyxyOOGj+M/mQPKo3/V8b1c3XR93HMS1qSKcmCqIz6 cVUcGSOS1f9rI436SHYI12eMNdDsAWW1U7z0rtBloFmTfxgHfI39QBzDDMCtEPkE Uf9rfCkP3aoT2gmfOfMS38sKpaACV4bxP6aDXj1Ty2M3uBHpRS8yvn51lphgFkik xFpIfjPYjNiH1ExhZbfv4/4Fii4VFlx3AN96JagYu0be5LMHQNswJemalFY8exBx mB97BKRPViwqzGI= =sDW8 -----END PGP SIGNATURE----- --=-=-=--