Re: [PATCH 2/2] module: Block modules by Tuxedo from accessing GPL symbols

[Greg KH <gregkh@linuxfoundation.org>]

On Thu, Nov 14, 2024 at 12:56:20PM +0100, Daniel Gomez wrote:
> On Thu Nov 14, 2024 at 11:31 AM CET, Uwe Kleine-König wrote:
> > Tuxedo licenses the modules used on their hardware under GPLv3+, to
> > "keep control of the upstream pacing" – and want to re-license the code
> > while upstreaming.
> >
> > They were asked to then at least not use MODULE_LICENSE("GPL") which
> > declares compatibility to the kernel's GPLv2. They accepted the pull
> > request and shortly after reverted the change and so continue to lie
> > about the license.
> >
> > So teach the module loader that these modules are proprietary despite
> > their declaration to be GPLv2 compatible "until the legal stuff is
> > sorted out".
> >
> > Link: https://protect2.fireeye.com/v1/url?k=02b4686b-633f7d5d-02b5e324-74fe485cbff1-8cd9af635fd1f7c7&q=1&e=5f0a08bc-f529-4e41-a7a1-5aa45c54b8d9&u=https%3A%2F%2Fgitlab.com%2Ftuxedocomputers%2Fdevelopment%2Fpackages%2Ftuxedo-drivers%2F-%2Fcommit%2Fa8c09b6c2ce6393fe39d8652d133af9f06cfb427
> > Signed-off-by: Uwe Kleine-König <ukleinek@kernel.org>
> > ---
> >  kernel/module/main.c | 33 +++++++++++++++++++++++++++++++++
> >  1 file changed, 33 insertions(+)
> >
> > diff --git a/kernel/module/main.c b/kernel/module/main.c
> > index 878191c65efc..46badbb09d5e 100644
> > --- a/kernel/module/main.c
> > +++ b/kernel/module/main.c
> > @@ -2338,6 +2338,39 @@ static const char *module_license_offenders[] = {
> >  
> >  	/* lve claims to be GPL but upstream won't provide source */
> >  	"lve",
> > +
> > +	/*
> > +	 * Tuxedo distributes their kernel modules under GPLv3, but intentially
> Typo here.
> > +	 * lies in their MODULE_LICENSE() calls.
> > +	 * See https://protect2.fireeye.com/v1/url?k=60e8a9e4-0163bcd2-60e922ab-74fe485cbff1-eff87fdcdb83953a&q=1&e=5f0a08bc-f529-4e41-a7a1-5aa45c54b8d9&u=https%3A%2F%2Fgitlab.com%2Ftuxedocomputers%2Fdevelopment%2Fpackages%2Ftuxedo-drivers%2F-%2Fcommit%2Fa8c09b6c2ce6393fe39d8652d133af9f06cfb427
> > +	 */
> > +	"gxtp7380",
> > +	"ite_8291",
> > +	"ite_8291_lb",
> > +	"ite_8297",
> > +	"ite_829x",
> > +	"stk8321",
> > +	"tuxedo_compatibility_check",
> > +	"tuxedo_io",
> > +	"tuxedo_nb02_nvidia_power_ctrl",
> > +	"tuxedo_nb04_keyboard",
> > +	"tuxedo_nb04_wmi_ab",
> > +	"tuxedo_nb04_wmi_bs",
> > +	"tuxedo_nb04_sensors",
> > +	"tuxedo_nb04_power_profiles",
> > +	"tuxedo_nb04_kbd_backlight",
> > +	"tuxedo_nb05_keyboard",
> > +	"tuxedo_nb05_kbd_backlight",
> > +	"tuxedo_nb05_power_profiles",
> > +	"tuxedo_nb05_ec",
> > +	"tuxedo_nb05_sensors",
> > +	"tuxedo_nb05_fan_control",
> > +	"tuxi_acpi",
> > +	"tuxedo_tuxi_fan_control",
> > +	"clevo_wmi",
> > +	"tuxedo_keyboard",
> > +	"clevo_acpi",
> > +	"uniwill_wmi",
> >  };
> 
> This does not prevent module rename on their side and still bypass the
> module license taint check right?

Intent matters.  If people rename their modules just to try to work
around a check like this, and do not actually properly change the
license of the code, it's obvious what they are doing is against the
wishes of the project.

thanks,

greg k-h