[PATCH] Taint kernel when lve module is loaded

[PATCH] Taint kernel when lve module is loaded

[Matthew Garrett]

Cloudlinux have a product called lve that includes a kernel module. This
was previously GPLed but is now under a proprietary license, but the
module continues to declare MODULE_LICENSE("GPL") and makes use of some
EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.

Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Cc: Alex Lyashkov <umka@cloudlinux.com>
---
 kernel/module.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/kernel/module.c b/kernel/module.c
index 4edbd9c..9ad9ee9 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2730,6 +2730,10 @@ static int check_module_license_and_versions(struct module *mod)
 	if (strcmp(mod->name, "driverloader") == 0)
 		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
 
+	/* lve claims to be GPL but upstream won't provide source */
+	if (strcmp(mod->name, "lve") == 0)
+		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
+
 #ifdef CONFIG_MODVERSIONS
 	if ((mod->num_syms && !mod->crcs)
 	    || (mod->num_gpl_syms && !mod->gpl_crcs)
-- 
1.7.10.4

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Fri, Jun 22, 2012 at 01:49:31PM -0400, Matthew Garrett wrote:
> Cloudlinux have a product called lve that includes a kernel module. This
> was previously GPLed but is now under a proprietary license, but the
> module continues to declare MODULE_LICENSE("GPL") and makes use of some
> EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.
> 
> Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
> Cc: Alex Lyashkov <umka@cloudlinux.com>
> ---
>  kernel/module.c |    4 ++++
>  1 file changed, 4 insertions(+)

Do you have a pointer to this code anywhere?  Lying about the license to
the kernel is a pretty blatent thing to do and I'd like to have some
people follow up on that issue.

thanks,

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[Matthew Garrett]

On Fri, Jun 22, 2012 at 11:43:59AM -0700, Greg KH wrote:

> Do you have a pointer to this code anywhere?  Lying about the license to
> the kernel is a pretty blatent thing to do and I'd like to have some
> people follow up on that issue.

http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/x86_64/RPMS/kmod-lve-2.6.18-408.el5.lve1.1.64.2-1.1-10.7.3.el5.x86_64.rpm 
- there's no corresponding SRPM in 
http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/ and 
upstream apparently refuse to provide source. Alex Lyashkov (Cc:ed) is 
listed as module author in the metadata.

-- 
Matthew Garrett | mjg59@srcf.ucam.org

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Fri, Jun 22, 2012 at 07:51:42PM +0100, Matthew Garrett wrote:
> On Fri, Jun 22, 2012 at 11:43:59AM -0700, Greg KH wrote:
> 
> > Do you have a pointer to this code anywhere?  Lying about the license to
> > the kernel is a pretty blatent thing to do and I'd like to have some
> > people follow up on that issue.
> 
> http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/x86_64/RPMS/kmod-lve-2.6.18-408.el5.lve1.1.64.2-1.1-10.7.3.el5.x86_64.rpm 
> - there's no corresponding SRPM in 
> http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/ and 
> upstream apparently refuse to provide source. Alex Lyashkov (Cc:ed) is 
> listed as module author in the metadata.

Hm, and at least one reason it needs to be GPL is due to it using
symbols I created, no fun.

Alex, can you please provide the source code for this module?  Or is the
license that the code is saying it is, somehow incorrect?  If so, can
you please fix it?  If you can't do this, is there someone else I should
be contacting?

thanks,

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Fri, Jun 22, 2012 at 12:22:22PM -0700, Greg KH wrote:
> On Fri, Jun 22, 2012 at 07:51:42PM +0100, Matthew Garrett wrote:
> > On Fri, Jun 22, 2012 at 11:43:59AM -0700, Greg KH wrote:
> > 
> > > Do you have a pointer to this code anywhere?  Lying about the license to
> > > the kernel is a pretty blatent thing to do and I'd like to have some
> > > people follow up on that issue.
> > 
> > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/x86_64/RPMS/kmod-lve-2.6.18-408.el5.lve1.1.64.2-1.1-10.7.3.el5.x86_64.rpm 
> > - there's no corresponding SRPM in 
> > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/ and 
> > upstream apparently refuse to provide source. Alex Lyashkov (Cc:ed) is 
> > listed as module author in the metadata.
> 
> Hm, and at least one reason it needs to be GPL is due to it using
> symbols I created, no fun.
> 
> Alex, can you please provide the source code for this module?  Or is the
> license that the code is saying it is, somehow incorrect?  If so, can
> you please fix it?  If you can't do this, is there someone else I should
> be contacting?

Also, I almost hate to ask this, but why in the world are you creating
sysfs binary files?  I really don't think you should be doing this, as
those are only for firmware and other "pass-through" things the kernel
uses to have userspace talk directly to hardware.

Odds are you can remove these files, and use the "correct" user/kernel
interface which will result in much better speed and handle things
properly for you, instead of abusing this interface.

Unless you really are talking directly to hardware, in which case, I'm
kind of interested to see what you are doing here, so the source code
would be greatly appreciated.

thanks,

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[richard -rw- weinberger]

On Fri, Jun 22, 2012 at 7:49 PM, Matthew Garrett <mjg59@srcf.ucam.org> wrote:
> Cloudlinux have a product called lve that includes a kernel module. This
> was previously GPLed but is now under a proprietary license, but the
> module continues to declare MODULE_LICENSE("GPL") and makes use of some
> EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.
>
> Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
> Cc: Alex Lyashkov <umka@cloudlinux.com>
> ---
>  kernel/module.c |    4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 4edbd9c..9ad9ee9 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2730,6 +2730,10 @@ static int check_module_license_and_versions(struct module *mod)
>        if (strcmp(mod->name, "driverloader") == 0)
>                add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
>
> +       /* lve claims to be GPL but upstream won't provide source */
> +       if (strcmp(mod->name, "lve") == 0)
> +               add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> +

If this kernel module is really lying to us the kernel should simply
refuse to load it and
call a lawyer.

-- 
Thanks,
//richard

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Fri, Jun 22, 2012 at 09:09:22PM +0200, richard -rw- weinberger wrote:
> On Fri, Jun 22, 2012 at 7:49 PM, Matthew Garrett <mjg59@srcf.ucam.org> wrote:
> > Cloudlinux have a product called lve that includes a kernel module. This
> > was previously GPLed but is now under a proprietary license, but the
> > module continues to declare MODULE_LICENSE("GPL") and makes use of some
> > EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.
> >
> > Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
> > Cc: Alex Lyashkov <umka@cloudlinux.com>
> > ---
> >  kernel/module.c |    4 ++++
> >  1 file changed, 4 insertions(+)
> >
> > diff --git a/kernel/module.c b/kernel/module.c
> > index 4edbd9c..9ad9ee9 100644
> > --- a/kernel/module.c
> > +++ b/kernel/module.c
> > @@ -2730,6 +2730,10 @@ static int check_module_license_and_versions(struct module *mod)
> >        if (strcmp(mod->name, "driverloader") == 0)
> >                add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> >
> > +       /* lve claims to be GPL but upstream won't provide source */
> > +       if (strcmp(mod->name, "lve") == 0)
> > +               add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> > +
> 
> If this kernel module is really lying to us the kernel should simply
> refuse to load it and
> call a lawyer.

The kernel can't call a lawyer, but other than that, this change does
prevent the module from being loaded.

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[Rusty Russell]

On Fri, 22 Jun 2012 13:49:31 -0400, Matthew Garrett <mjg59@srcf.ucam.org> wrote:
> Cloudlinux have a product called lve that includes a kernel module. This
> was previously GPLed but is now under a proprietary license, but the
> module continues to declare MODULE_LICENSE("GPL") and makes use of some
> EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.
> 
> Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
> Cc: Alex Lyashkov <umka@cloudlinux.com>
> ---
>  kernel/module.c |    4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/kernel/module.c b/kernel/module.c
> index 4edbd9c..9ad9ee9 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2730,6 +2730,10 @@ static int check_module_license_and_versions(struct module *mod)
>  	if (strcmp(mod->name, "driverloader") == 0)
>  		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
>  
> +	/* lve claims to be GPL but upstream won't provide source */
> +	if (strcmp(mod->name, "lve") == 0)
> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> +
>  #ifdef CONFIG_MODVERSIONS
>  	if ((mod->num_syms && !mod->crcs)
>  	    || (mod->num_gpl_syms && !mod->gpl_crcs)

Applied, and CC'd -stable.

Thanks,
Rusty.

Re: [PATCH] Taint kernel when lve module is loaded

[iseletsk]

Hello Everyone,

I am very sorry about this situation. It was my oversight. We planned to close source the module, and we will do it later on. Yet, it looks like one of our developers missed the point -- and did things incorrectly.

Please, give us two-three weeks to straighten things out. By the end of three weeks I plan to have source RPMs with the GPLed version of the modules available in our source repositories.

Later on we will have new module that is not GPL released.

Once again -- I am sorry about the incident. We haven't planned to deceive anyone. This was more of an internal miscommunication then anything else.


I appreciate your understanding,
Igor Seletskiy
CEO of CloudLinux

On Friday, June 22, 2012 1:50:24 PM UTC-4, Matthew Garrett wrote:
> Cloudlinux have a product called lve that includes a kernel module. This
> was previously GPLed but is now under a proprietary license, but the
> module continues to declare MODULE_LICENSE("GPL") and makes use of some
> EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this.
> 
> Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
> Cc: Alex Lyashkov <umka@cloudlinux.com>
> ---
>  kernel/module.c |    4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/kernel/module.c b/kernel/module.c
> index 4edbd9c..9ad9ee9 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2730,6 +2730,10 @@ static int check_module_license_and_versions(struct module *mod)
>  	if (strcmp(mod->name, "driverloader") == 0)
>  		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
>  
> +	/* lve claims to be GPL but upstream won't provide source */
> +	if (strcmp(mod->name, "lve") == 0)
> +		add_taint_module(mod, TAINT_PROPRIETARY_MODULE);
> +
>  #ifdef CONFIG_MODVERSIONS
>  	if ((mod->num_syms && !mod->crcs)
>  	    || (mod->num_gpl_syms && !mod->gpl_crcs)
> -- 
> 1.7.10.4
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Sat, Jun 23, 2012 at 08:07:12AM -0700, iseletsk@cloudlinux.com wrote:
> Hello Everyone,
> 
> I am very sorry about this situation. It was my oversight. We planned
> to close source the module, and we will do it later on. Yet, it looks
> like one of our developers missed the point -- and did things
> incorrectly.
> 
> Please, give us two-three weeks to straighten things out. By the end
> of three weeks I plan to have source RPMs with the GPLed version of
> the modules available in our source repositories.

As you built the binary from some codebase already, why not just post
the source for this code now?  There should not be any delay needed.

> Later on we will have new module that is not GPL released.

Why?  What is that going to provide to you?  You are aware of how the
Linux kernel community feels about closed source kernel modules, and how
your customers will be the ones dealing with the problems surrounding
that type of decision?

> Once again -- I am sorry about the incident. We haven't planned to
> deceive anyone. This was more of an internal miscommunication then
> anything else.

Understood about the miscommunication, but I don't understand any delay
as you do kind of have to provide the source now that we have asked for
it as per the license you released it to us.

thanks,

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[Mike Galbraith]

On Sat, 2012-06-23 at 08:07 -0700, iseletsk@cloudlinux.com wrote:

> Later on we will have new module that is not GPL released.

Too bad refusing to load conceptually alien modules is incompatible with
pragmatic/practical.  A decision to eradicate the things is highly
attractive excepting the "cut off your nose to spite your face" bits
contained therein.

Hohum, live long and prosper (possibly nose free) alien life form.

-Mike

Re: [PATCH] Taint kernel when lve module is loaded

[iseletsk]

On Friday, June 22, 2012 3:43:23 PM UTC-4, Greg KH wrote:
> On Fri, Jun 22, 2012 at 12:22:22PM -0700, Greg KH wrote:
> > On Fri, Jun 22, 2012 at 07:51:42PM +0100, Matthew Garrett wrote:
> > > On Fri, Jun 22, 2012 at 11:43:59AM -0700, Greg KH wrote:
> > > 
> > > > Do you have a pointer to this code anywhere?  Lying about the license to
> > > > the kernel is a pretty blatent thing to do and I'd like to have some
> > > > people follow up on that issue.
> > > 
> > > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/x86_64/RPMS/kmod-lve-2.6.18-408.el5.lve1.1.64.2-1.1-10.7.3.el5.x86_64.rpm 
> > > - there's no corresponding SRPM in 
> > > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/ and 
> > > upstream apparently refuse to provide source. Alex Lyashkov (Cc:ed) is 
> > > listed as module author in the metadata.
> > 
> > Hm, and at least one reason it needs to be GPL is due to it using
> > symbols I created, no fun.
> > 
> > Alex, can you please provide the source code for this module?  Or is the
> > license that the code is saying it is, somehow incorrect?  If so, can
> > you please fix it?  If you can't do this, is there someone else I should
> > be contacting?
> 
> Also, I almost hate to ask this, but why in the world are you creating
> sysfs binary files?  I really don't think you should be doing this, as
> those are only for firmware and other "pass-through" things the kernel
> uses to have userspace talk directly to hardware.
> 
> Odds are you can remove these files, and use the "correct" user/kernel
> interface which will result in much better speed and handle things
> properly for you, instead of abusing this interface.
> 
> Unless you really are talking directly to hardware, in which case, I'm
> kind of interested to see what you are doing here, so the source code
> would be greatly appreciated.
> 
> thanks,
> 
> greg k-h
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Greg,

We do a "hack", which is not a pretty one, populating /sys with .htaccess files. This is really needed only by shared hosters, where one of the end users on the server, could be a hacker and could create symlinks that would later be followed by apache to read privileged information.
A better fix would be fixing the apache. Yet, surprisingly enough -- we control kernel on those servers -- but we don't control apache. So -- we tried to secure things for our customers in this particular way. Most likely we will through it out anyway.

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Sat, Jun 23, 2012 at 12:26:41PM -0700, iseletsk@cloudlinux.com wrote:
> On Friday, June 22, 2012 3:43:23 PM UTC-4, Greg KH wrote:
> > On Fri, Jun 22, 2012 at 12:22:22PM -0700, Greg KH wrote:
> > > On Fri, Jun 22, 2012 at 07:51:42PM +0100, Matthew Garrett wrote:
> > > > On Fri, Jun 22, 2012 at 11:43:59AM -0700, Greg KH wrote:
> > > > 
> > > > > Do you have a pointer to this code anywhere?  Lying about the license to
> > > > > the kernel is a pretty blatent thing to do and I'd like to have some
> > > > > people follow up on that issue.
> > > > 
> > > > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/x86_64/RPMS/kmod-lve-2.6.18-408.el5.lve1.1.64.2-1.1-10.7.3.el5.x86_64.rpm 
> > > > - there's no corresponding SRPM in 
> > > > http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/ and 
> > > > upstream apparently refuse to provide source. Alex Lyashkov (Cc:ed) is 
> > > > listed as module author in the metadata.
> > > 
> > > Hm, and at least one reason it needs to be GPL is due to it using
> > > symbols I created, no fun.
> > > 
> > > Alex, can you please provide the source code for this module?  Or is the
> > > license that the code is saying it is, somehow incorrect?  If so, can
> > > you please fix it?  If you can't do this, is there someone else I should
> > > be contacting?
> > 
> > Also, I almost hate to ask this, but why in the world are you creating
> > sysfs binary files?  I really don't think you should be doing this, as
> > those are only for firmware and other "pass-through" things the kernel
> > uses to have userspace talk directly to hardware.
> > 
> > Odds are you can remove these files, and use the "correct" user/kernel
> > interface which will result in much better speed and handle things
> > properly for you, instead of abusing this interface.
> > 
> > Unless you really are talking directly to hardware, in which case, I'm
> > kind of interested to see what you are doing here, so the source code
> > would be greatly appreciated.
> > 
> > thanks,
> > 
> > greg k-h
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at  http://www.tux.org/lkml/
> 
> Greg,
> 
> We do a "hack", which is not a pretty one, populating /sys with
> .htaccess files. This is really needed only by shared hosters, where
> one of the end users on the server, could be a hacker and could create
> symlinks that would later be followed by apache to read privileged
> information.

I don't understand how adding a .htaccess file would solve anything
here.  Are you also adding a .htaccess file to every directory in the
whole system?

> A better fix would be fixing the apache. Yet, surprisingly enough --
> we control kernel on those servers -- but we don't control apache. So
> -- we tried to secure things for our customers in this particular way.
> Most likely we will through it out anyway.

As it's probably not solving anything real, please don't do that :)

greg k-h

Re: [PATCH] Taint kernel when lve module is loaded

[Greg KH]

On Sat, Jul 07, 2012 at 11:19:53PM -0400, Igor Seletskiy wrote:
> Greg,
> 
> I hope you don't mind -- I will respond to few other things / other question
> that were raised in this thread one email 
> 1. Source code for RPMs is out our source RPM repositories.
> Here is one for CL6 http://repo.cloudlinux.com/cloudlinux/6.3/updates-testing/SRPMS/
> And here is one for CL5 http://repo.cloudlinux.com/cloudlinux/5.8/updates-testing/SRPMS/
> We might be missing some older versions. If someone needs them -- please, give
> exact version.

Thank you for publishing this.  Unfortunatly your source code is still
lying about the license of the kernel module to the kernel, and as such,
I'm totally confused.  The package says it is covered under the
"CloudLinux Commercial License" which you include in the
lve-kmod-1.1-9.2.4.el6.src.rpm package, yet the code says it is released
under the GPL with the following lines:
	//MODULE_LICENSE("CloudLinux Commercial License");
	/* Temporary solution to use GPL-only symbol 'put_fs_struct' */
	MODULE_LICENSE("GPL");
and then you include the GPL v3 license in the tarball as well, which
makes no sense at all as the v3 license isn't compatible with the
kernel's v2 license, as you know.

So, what is the real license for the code you have published here?

> 2. The delay was due to a few things:
> a) We released many versions of RPMs for lve-kmod -- and it was my
> understanding that to comply with GPL, I have to release a source code for each
> version.

Yes, which should come directly from the tool you used to generate those
rpms, you had to create them somehow, right?  It should be simple to
just put them on the site as well, as you do have them.

> b) I didn't know the actual size of the work involved, and I wanted to make
> sure I can deliver in time specified.

There should not be any new work, it's just posting the same source you
used to build the binaries from.

> c) We had planned several major releases & have to prepare for the HostingCon
> in mid July which is stressing resources of our company as it is.

I don't understand how that has any relvance to the delay of posting the
code you already have.

> 3. We did originally put .htaccess in pretty much every directory, but that
> didn't work well, as it broke bunch of software. Right now we are putting those
> files in all the directories that we consider as "sensitive", like:
> /etc/httpd/conf/
> /etc/valiases/
> /etc/vdomainaliases
> /etc/vfilters
> etc...
> And we give our users a way to add more directories. We know it is not perfect,
> but we were protecting against real attacks happening at the moment.
> Maybe we went overboard with trying to protect /proc & /sys -- I don't know.
> Those were not targeted yet.
> Good, long term solution would be correcting apache module. Yet, once again --
> we don't control apache, and it is hard for us to push out new modules for
> apache. It would probably take us 6 to 12 months to get it into the hands of
> all our customers.
> We do control kernel (not just kernel module) -- and could deliver some
> protection right away.

It's easier to change the kernel than a userspace package?  Something is
really wrong with that model :)

> 4. This brings us to the 3rd part. We change the kernel, and anyone using our
> module also using our kernel. It just that regular kernel wouldn't work, and we
> use slightly patched kernel from OpenVZ. 

That's fine, nothing wrong with that.

> 5. The reason we want to keep our LVE module closed source is due to the market
> we serve.

So you are saying that somehow the market drives you to violate the
license of the product you are using to serve that market?  That seems
very odd, and should have been considered before deciding to enter that
market, right?

That argument is "interesting" it sounds like you have made a business
decision to assume this risk, which is fine.  But you do fully
understand the risk involved here, right?  Hopefully your customers and
investors also understand this, as it's a pretty huge risk to them as
well.

> 6. Once again, I want to re-iterate that even though we want to keep our module
> closed source, we still want to play things right, and if we will have to
> license anything as GPL -- we will. The issue with the module was internal
> mis-communication -- that I hope is corrected.

See the above license questions for why I don't think it is corrected.
Also, I do feel you need to release your code under the GPL, as that is
what you have told the kernel it is licensed under.  Please contact your
lawyer if you have further questions about the license issues involved
here, I'm sure they will be glad to straighten this out.

thanks,

greg k-h