[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: please release sarge instead of removing binary firmware

On Tue, Apr 13, 2004 at 10:07:43PM +0200, Jos? Luis Tall?n wrote:
> Sorry, i know i'm about to get flamed probably but....
> - Upstream authors have put their drivers in Linux, under the GPL
> - The preferred distribution form of several of such BLOBs is really binary 
> (we are speaking of machine code, nonetheless)

What matters is the preferred form of modification. The preferred
form of distribution of programs is often compiled code even for non
firmware things -- see the contents of most .debs, eg -- but it'd be
a GPL violation if we did that for GPLed code without also making the
source code available.

> - Everybody else is using them

The same notion applied to KDE and to a range of GPLed apps that use(d)
the OpenSSL libraries. That's nice, and it's great that the community
in general is amicable enough to let lapses like this slide rather than
constantly enforcing their rights in court, but it's not something we
let slide, either historically or currently.

> ...so, are we really infringing the GPL?

Hrm. I guess in a climate where SCO is possible, it'd probably be a bad
idea to give an unqualified "yes" to that. Hrm.

Given the lack of complaints to upstream or clear claims by upstream
Linux hackers that this is definitely inappropriate, in spite of it being
a well known issue that has been brought to the awareness of upstream
authors in a variety of ways, I invoke the magic of estoppel to support
my belief that our distribution of the kernel is legal and doesn't violate
the rights, moral or otherwise, of the linux-kernel authors.

That said, I don't think we should be relying on the good will of the
upstream maintainers forever, and I think we should continue our policy
of ensuring that we do follow the letter of the GPL, even when that's
not the easy course of action.

> If that is the case, it really belongs in Upstream to get these problems 
> sorted. We should probably just offer as much help as possible....

In the end, every problem in every piece of software needs to get resolved
by upstream. That doesn't remove our responsibility from fixing the problem
ourselves in the meantime.

> ... and try to get Sarge released ! :)

And rhetorical flourishes don't change that.

> I don't know if debian-legal have been consulted (have they?), but i 
> certainly think it is them who are most capable of properly addressing this 
> issue.

debian-legal is a mailing list, not a law firm. It's neither the final
authority on what's legally acceptable within Debian, nor does it have
reliable procedures to ensure correct and reliable conclusions are drawn
on questions about the law. It's a good place to go for advice on its
subject matter and for explanations on policies that've been around
a while, just as -devel or linux-kernel are, but that doesn't make
the advice any more reliable or binding than what you see on -devel
or linux-kernel.

That said, debian-legal has discussed the firmware issue repeatedly,
since at least 2001 [0], and we've had a loose policy of removing drivers
with these problems for a while [1] too.

Given this issue has been thought about for years, the hotplug
infrastructure's able to handle it, and there are plenty of people worked
up enough about this issue to complain on both sides, I can't see any
reason to continue being indifferent to the license violation here.

Though, again, I'm happy to be advised by competent legal experts that
there isn't, in fact, a problem. I'm not sure that should or would change
our long term plan of action: moving firmware into userspace seems the
best way of complying with our social contract, and it seems unlikely
that upstream will take much interest if we don't; but it would mean
that the choice about making it a release critical issue would be one
of policy, rather than legal obligation.


[0] http://lists.debian.org/debian-legal/2001/debian-legal-200104/msg00130.html

[1] http://lists.debian.org/debian-devel/2004/debian-devel-200403/msg01664.html

Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
Don't assume I speak for anyone but myself. GPG signed mail preferred.

Protect Open Source in Australia from over-reaching changes to IP law
http://www.petitiononline.com/auftaip/ & http://www.linux.org.au/fta/

Attachment: signature.asc
Description: Digital signature

Reply to: