Interview: Eben Moglen [LWN.net]

August 11, 2005

This article was contributed by Joe 'Zonker' Brockmeier.

Attending Linux trade shows is a lot of hassle, particularly when you have to drive a couple of states to make it to the location. However, this is greatly mitigated by the fact that one has the opportunity to speak face to face with some of the more interesting people in the Linux community. This week at Linux World Conference & Expo, I had the chance to speak with Eben Moglen, President and Executive Director of the Software Freedom Law Center. The interview touched on the Software Freedom Law Center, the revision process for the GPL version 3 and several other topics.

LWN: What's the status of the Software Freedom Law Center, what kind of activities are going on, and its funding?

The status is making a law firm is an interesting activity, particularly if you're building a small business on Manhattan island. I've spent more time on real estate and physical details of making it work than I thought we would, but we're successfully housed and we're hiring lawyers and we've been recruiting clients and releasing some press about the clients we've recruited and that process is scaling up, we expect Dan Ravicher my junior partner and I to have at least two more lawyers, maybe three more hired during the next few months and we will be looking to hire some young people, freshly graduating from law school this coming spring and entertaining our first international fellows starting this year.

As for funding, we've received now two rounds of funding from OSDL, which has been acting as our agent for collecting from a number of vendors, they have been gratifyingly reliable in the funding of our firm, and I have no reason to believe that there will be any difficulty. I think the principle that better support for developers is good for business is now firmly in everybody's mind and we have been very graciously entrusted with the task of making that happen.

LWN: A while back, you said something about getting an answer from Linus on the Linux kernel license. Since there is a COPYING file that makes it clear that the kernel is governed under the GPL, where's the uncertainty?

If the kernel is pure GPL, then I think we would all agree that non-GPL, non-free loadable kernel modules represent GPL violations. Nonetheless, we all know that there are a large number of such modules and their existence is tolerated or even to some degree encouraged by the kernel maintainers, and I take that to mean that as an indication that there is some exception for those modules.

The kernel also maintains a technical mechanism, namely the GPL-only symbols and tainting structure, which seems to suggest an API for the connection of non-GPL'ed code to the kernel, which also seems to me a strong indication of the presence of an exception. The difficulty as a lawyer, even a lawyer that is reasonably knowledgeable about these matters, is that I don't understand what the terms of that exception are.

So, say I want to audit a system, say an embedded product, in which I find non-GPL loadable kernel modules present, how do I know whether that fits within an exception which is legitimately available to third parties and when it is not?

Linus has said over the years a number of things about how he would not object to anything that was not in obvious bad taste, or ugly, or awkward or unacceptable and I understood, I think, what he meant at each of those particular times. But it would be helpful in applying an analysis from a lawyer's point of view, and think about the problem.

One very important area is the problem faced by people who make software-controlled radios, which they want to run in systems which make use of the Linux kernel and other GNU and free software. Those parties may feel they're under regulatory orders not to release source code modules, because regulators in Japan and Europe and the United States have all, to differing degrees, made clear to manufacturers of radio transmission hardware that if they allow after-market modification that violates spectrum control regulations they may be in trouble. The Japanese in particular have been very strong in their wording.

So then there are parties in the world who think they are in legal trouble on one side with the regulators if they do release source code for loadable kernel modules that drive their software-controlled radios, and they don't know if they're in legal trouble on the other side if they don't release source code. For those parties, in particular, it would be very helpful if the kernel developers had decided to formalize the nature of their exceptions, and the Free Software Foundation and I have made a few attempts to discuss that matter with kernel developers. I had conversations with Ted Ts'o, I talked to Linus about it and I understood there were some reluctances to clarify, in a full and complete way, what was going on. There may have even been disagreements among kernel developers about that, I wouldn't know. But I continue to think that it would be useful, for a whole variety of people who are trying in good faith to do the very best they can, and who may be navigating some dodgy legal territory, for them to be able to refer to something beyond the COPYING file which -- with all due respect -- I think probably doesn't contain all the terms that are relevant to the use of the kernel.

LWN: So, if the kernel is covered solely by the GPL, you would see proprietary modules as an infringement?

Yes. I think we would all accept that. I think that the degree of interpenetration between kernel modules and the remainder of the kernel is very great, I think it's clear that a kernel with some modules loaded is a "a work" and because any module that is dynamically loaded could be statically linked into the kernel, and because I'm sure that the mere method of linkage is not what determines what violates the GPL, I think it would be very clear analytically that non-GPL loadable kernel modules would violate the license if it's pure GPL.

LWN: Should distributors of proprietary modules then be worried about infringement?

As a matter of fact, I think they are worried about it, and that's why I think that clarifying the license terms would be helpful. If there are no exceptions and that were stated very clearly then they would know that's not the way to do what they're doing. If there are some exceptions available, for example for people who have no legal choice, they'd like to know what those rules are and I'm sure lots of other lawyers around the community would too.

LWN: The Free Software Foundation put out a press release about a year ago saying that the reason that SCO was attacking the Linux kernel and not attacking GNU was because of the FSF copyright assignment policies of the FSF, do you still see it that way, and why is the kernel vulnerable when GNU is not, in that case?

I think what I said then was not that the reason was, because I truly didn't know what the reason was why Mr. McBride did anything at all. I think what I said was, I took from the fact that they were fulminating a great deal about the illegality of the GPL and the badness of the Free Software Foundation, and yet weren't objecting to our code was because they knew it would be particularly easy to show that they were wrong.

I think that what I said was, that a process of taking a copyright assignment process from each contributor, accompanied by a legal indemnity, promising that the code was the code of the contributor and that there was nobody else with a dominating interest in it and doing so at the point of an indemnification promise to the Free Software Foundation produced a very strong chain link fence between us and claims of the kind that SCO was throwing around and I thought that constituted an indication of a cautious and prudent model of how to put free software together which Stallman had been following since long before I worked with him in the construction of the GNU Project. That didn't mean I think, that it was the only way to put together code that is strong, but where it works, it's a highly desirable model to pursue.

Linus eventually found another formula, which suited his view of the way the kernel development process works for introducing some accountability in the contributions process, and I thought that was a very good idea, and I said so. I think that if all the free software in the world were assembled in the most prudent and conservative fashion, that Mr. McBride and his colleagues would have found no place to even begin with the FUD with which they began. I think it's also important to point out that we all thought those accusations were baseless to start with and had good reasons to think they were baseless to start with. There wasn't anything wrong with how the kernel is put together. If there was a statement to make, it was simply the way the kernel is put together doesn't prove on its face the cleanliness of how it was put together with the degree of strength that otherwise could have been mustered.

I would advise clients of the Software Freedom Law Center, in light of SCO and many other things to begin their projects in ways that document and protect more carefully that structure of how free software is put together. But I understand completely how Linus Torvalds, living in Finland as a University of Helsinki undergraduate, unadvised by counsel, would not have chosen what I would now recommend to my clients to choose.

LWN: You made a comment about patent holders shaking down users of free software for royalties. I haven't heard of any situations where this is happening, can you tell us how bad the problem is, why it's not being made public when it happens?

Well, I think I can say why it isn't being made public, when a manufacturer of products with embedded free software, or user on a large scale of free software is the subject of claims such as this, from a company such as Microsoft, if they take a license and pay it's because they want peace and quiet. If what they want is peace and quiet, they'll be quiet about how they procured peace. The result of which, we won't hear except in an indirect way. That's why it's not public.

Why it's not a good idea is that each one of those parties that procures peace and quiet for itself is doing harm to the others in the ecology. Each one that takes a license strengthens the apparent patent claim that they are paying tribute on. The result of which is to strengthen the hand by which the troll tends to pick somebody else up later on. From an ecological point of view, we're concerned about the health of the entire community. You'd like to say to such people, before you pay that license fee, can you talk to about why that patent FUD may be just FUD? Could we discuss what we know about the patents held by the parties shaking you down? Could we present to you why maybe those patents aren't very strong and maybe not an appropriate basis for the payment of tribute. In other words, could we maintain a united, consolidated front.

The problem with the private license deals, they affect our solidarity and our ability to act defensively as a community together. And whether they're done publicly or not by the party who took the license, there's always a risk they'll be trumpeted by the patent holder as a sign of the strength of its patent and the degree to which other people should be afraid. So, when I have some reason to believe that some such situation is in progress, I often make an attempt to communicate with the party taking out a license, and often they won't talk and they prefer peace and quiet. I think that more respect for the needs of the community would be an appropriate leaven in their decision-making process?

LWN: How bad is the problem? Is this happening a great deal?

Well, I'm not in a position to say how often it's happened of course, since I'm sure I only know about a fraction of when it's going on. It's pure chance when we discover it, sometimes. I think it's bad for the reason I have suggested, that everybody knows... the patent problem is a real problem, and it needs a real solution. And you see people like the Open Source Development Labs stepping up and trying to create collaborative means to address the problem. Everything that subtracts energy from that attempt to collaborate to solve the problem, is in itself making the problem worse.

Without unduly criticizing businesses that are making business decisions, they're paying money to have peace, which is perfectly understandable to do and may be culturally particularly appropriate in certain national settings, I think that overall it creates difficulty for us, it aggravates the problem of patents overall.

LWN: There's a draft bill in the House right now, that would restructure the patent system, would it be good for free software?

It would not be bad for free software if it passes. That is to say there's nothing in that bill that aggravates the problem. Many things that were originally proposed in that bill that would have been good have been removed in the process of discussion.

My particular analysis is that, at the moment, the legislative process is stalled. I do not expect any movement in that legislative process. I think that, for the moment, that initiative is in the deep freeze. My analysis is that the power of pharma to control what happens to patents in the United States Congress is nearly absolute. The Princeton health economist, Uva Rinehart, who was a major advisor to the Clinton task force and is one of the most knowledgeable health care economists in the United States referred recently in a National Public Radio report I was listening to, to the pharmaceutical companies' "substantial equity stake in the United States Congress," and I thought that was a very elegant way of putting it.

My belief is that until such time as there is a deal which includes the pharmaceutical companies, there is very little enthusiasm in the United States Congress for meaningful patent reform.

I must say, as a person who represent parties who are very afraid of what patents can do to them, I think that this operation is very largely a sideshow. I think it was intended to give the impression that things were being done, and I think that people, in good faith, who want good outcomes, nobly put their shoulders to the wheel and tried to turn it. But I do not believe it will turn this time. I don't think it's going to turn until we make some serious attempt either to disengage the interests of pharma from IT and pursue sector-based relief from the patent problem or until we step up to the problem that the patent system doesn't work very well under 21st century conditions and no matter what the pharmaceutical companies think it needs serious reform.

LWN: You've encouraged free software developers to get patents on unique ideas. Is that happening much, and what resources are there for developers who want to obtain patents?

The grave difficulty in operating in this direction, which Mr. Stallman and I have been thinking about for years now, in order to be efficient in obtaining patents, you need to associate patent lawyers with patent agents with engineers in the very early stages of design and development of inventions.

You need to have people there right along, it's very inefficient to try after a project is over to develop the patent applications. Moreover, in the United States patent law, once you have gone on sale, which includes public distribution of free software, you have a year to file a patent application and after that you may not file at all.

The consequence of which is that there are both resource constraints and deadlines, which are very serious given the way that the free software development process works. Having patent agents and lawyers working along side developers is not a possibility. It's not efficient and it's not the way our community operates.

The result is that the process of getting patents for free software, to build a pool, is almost impracticable while the developer community is spread very thin and very little of it works for large technology businesses with established processes for the getting of patents.

On the other hand, resources may flow towards that in the same way that they have flowed towards the Software Freedom Law Center. I think that one of the most important things said in the OSDL announcement yesterday is that there would be resources for patent prosecution, that is for getting patents, available to developers who came forward and wanted their patents to go into the patent commons. That represents the first significant movement behind patent prosecution, behind getting patents. It's one of the things I hope people will notice about what OSDL has said, because I think it's an important strategic advance.

Will it work in that sense across the enormous range of free software projects? No, I don't think so, we're just at the beginning, we'd have to scale that in many different directions. But, in some crucial projects, important to our commercial partners in this process, and large numbers of users, and tightly coordinated development teams that have worked in large technology companies and know how the patent-getting processes work, in a range of conditions that are satisfied only in some parts of our community, I think there will be some real progress. I think you will see our inventions patented and there will be some cross-licensing negotiations that will be effective for us in gaining some use of other people's patent claims free of legal difficulty.

LWN: In the framework you talked about, these patents would be assigned to the commons, so that they couldn't decide to abuse them.

One of the things we need to do is arrange all of the legal infrastructure so that it works well for everybody. Yes, I think that's a reasonable thing to expect, there will be safeguards to prevent that kind of change of heart...

LWN: Let's talk about DRM. If the GPL requires distribution of scripts that control compilation and installation of an executable, does that extend to the binary keys for DRM?

I think the answer to that question is no. Under the existing GPL 2, the better argument would be that those are not covered by the definition of complete and corresponding source code under section 3 of the license. One could change that definition in a future version of the GPL, and say, for example, it's a straightforward idea, you could say the encryption keys that make it possible to run this software on the hardware on which you are receiving the software.

It is a possible approach. I think there are very significant difficulties with it, including the possibility we would pinch off a whole system of hardware in the world and say "free software doesn't run there." I think that might be a strategic mistake for the free software world, to say "we are going to write off a whole generation and form of hardware and not even attempt to bring freedom there..." I think we would risk leaving a whole lot of people in a condition of unfreedom for a long time.

I think unless we are prepared to be more sophisticated in our approach to this -- this is a very ham-fisted approach, the idea that you buy a computer and are not allowed to be in charge of it. It's a very anti-consumer thing to do. Instead of building an electric fence around it, as though it were some kind of bad place we don't want to go. I think we have a duty to bring freedom there if we can, and we need to empower consumers to reject such hardware and my hope is that in a future version of the GPL, we will devise something elegant and effective at using the gravitational force of freedom to unlock that place over there, and not just seal it off.

LWN: You talked a bit at the beginning about software-controlled radios and why they're important, do you want to add to that?

I've published pieces about that. If we are interested in freedom, generally, one of the things that we have to recognize about the 20th century is that there was a great degree of unfreedom that was generated by control over spectrum. Governments around the world either controlled spectrum themselves or delegated control to a small number of powerful people, and that affected 20th century politics very, very deeply.

It was also a technical response to a problem that doesn't exist with intelligent devices that exist in the 21st century... the technical rationale for the concentration of spectrum in a few hands is gone, and there never was a social rationale for that concentration of spectrum. It was never the case that the public trust that held the common property of the airwaves needed to be dealt with in a concentrated fashion for social or political reasons, the only justification ever given was a technical one.

So from my point of view, the world of devices that know about the spectrum and deal with it intelligently can promise more democracy in media than we ever had before, just as the web did for publication of text and is now doing for video. We need to be alert to the fact that the way we deal with software-controlled radios and the ability for people to use the spectrum themselves the way they want to, is a very important political and social issue in the 21st century. That's why I pay very close attention to how the free software world interacts with the world of spectrum control and regulation. 15 years from now, that's where the action is and I want to get the early stuff right if it's at all possible to do so.

LWN: Can we talk a little about the GPL revision process? When you did the GFDL process, some people thought they weren't listened to. What did you learn from the process?

I don't disagree with you that the process that was applied to the publication and modification of the GNU Free Documentation License would not work very well for the GPL version 3. And I think you've given reason, there's a very small group of people who need to be satisfied by and to use the license and in the other case, there's everybody on Earth... The GPL involves affecting a much broader community of stakeholders, much more various and much more complicated, we need to be in touch with that community as much as we can, and I think the process on that scale is a much different process.

I also should say that although it is true the number of people using the GNU FDL isn't that large, the number of people objecting to the FDL wasn't all that large either. There were a small number of people who wanted to say something and have their views heard. Whether they were heard or whether they thought they were heard is two different questions... I don't think there was a word written on that subject that I didn't read. Many words written on that subject I had no desire to respond to because I thought that response would only increase the intensity of the discussion... my goal in helping the Free Software Foundation construct a new GPL is to increase the lucidity without increasing the intensity. I hope there is a lot less shouting and a lot more thinking next time around by all parties.

LWN: Do you think that's likely?

I do. If you want to know what I think we've learned, I think we've learned some things about increasing the lucidity without increasing the intensity.

We'd like to thank Eben Moglen for taking the time to talk with LWN.

(Log in to post comments)

Interview: Eben Moglen

Posted Aug 11, 2005 18:50 UTC (Thu) by GreyWizard (guest, #1026) [Link]

a kernel module binary object couldn't be staticly linked into a kernel image, because it had the wrong entry points and such.

I don't think Moglen is thinking about statically linking the binary so much as the code itself. Surely code that can be linked with the rest of the kernel dynamically could also be linked statically without substantive changes. (Such changes might be substantial if the module interface is poorly desigined, but that doesn't mean they drastically alter the way the code works so they're not substantive.)

Furthermore, the common model is that the end user links the module into the kernel, creating a work that can't be legally distributed (but it can't really be moved out of RAM anyway). I don't see the runtime legal concerns as substantially legally different from userspace code.

This might make sense in technical terms, but not in a legal context. It's rather similar to the arguments Napster tried to use, isn't it? "We just tell the infringing users where to find one another. All the actual infringement is happening way over there, your honor." Grokster doesn't seem likely to get much further, even with a more technically interesting argument. As long as the law is sufficiently complex a judge who thinks you look naughty can usually find a way of arranging the legal furnature so that you lose.

GPL and Linux loadable kernel modules

Posted Aug 12, 2005 16:28 UTC (Fri) by giraffedata (subscriber, #1954) [Link]

... end user links the module into the kernel, creating a work that can't be legally distributed
It's rather similar to the arguments Napster tried to use,

Actually, it's simpler than that. Although I've never seen how it fits into copyright law, US copyright law gives the author the right to control "preparation of derivative works." Even if you prepare it just for your own use, apparently. Stallman thought that was one of the greater threats against software freedom. I remember the argument being used against a person who was editing people's personal copies of Titanic video tapes to remove the R rated content (but I don't know if it succeeded).

But I'm surprised that Moglen believes everyone agrees that GPL doesn't permit linking non-GPL modules dynamically. From reading LWN, I believe it's a well established fact that there's disagreement on that.

Of course, we don't actually know Moglen believes that. We just know that he said he does. At least one other place in the interview, he uses rhetoric over clarity. He says he didn't say anything about SCO's reasons for leaving GNU alone, then makes it clear in the next sentence, using the word "because" instead of "reason," that he did.

GPL and Linux loadable kernel modules

Posted Aug 12, 2005 17:22 UTC (Fri) by GreyWizard (guest, #1026) [Link]

Actually, it's simpler than that. Although I've never seen how it fits into copyright law, US copyright law gives the author the right to control "preparation of derivative works."

Simpler? That seems more complex to me because going after end users would be a nightmare, even if you're right about the law. (Are you sure you're not confusing copyright law with contracts in end user license agreements? Could you cite a source?) Why is that simpler than accusing the vendor who provides the module of inducing infringement, especially given that many have succeeded in similar actions?

Maybe, but the FSF has consistently explained their opinion that dynamic linking has the same effect as static linking for derivative works. A court ruling would be necessary to really settle the point. I don't know about you, but Moglen has a law degree and much relevant practice so his opinion on this is worth something. His position makes intuitive sense too, at least to me. The difference between dynamic and static linking is purely technical and doesn't seem to be relevant to whether something is a derivative work.

What does seem to be relevant -- and this is the heart of the issue -- is what Linus Torvalds has pointed out. When code desinged and published independently of Linux is ported it is hard to determine whether this is a derivative work of the kernel, if only because Torvalds and other kernel copyright holders have said so. Will those copyright holders tolerate binary only modules that implement specifications that are independent of Linux and don't stray beyond the GPL-only boundaries established by the module system? They have so far but that doesn't mean they always will. Moglen seems to want a reliable answer one way or another.

GPL and Linux loadable kernel modules

Posted Aug 13, 2005 3:42 UTC (Sat) by giraffedata (subscriber, #1954) [Link]

I didn't read your post closely enough. Looking at it now, I see that you're not addressing the parent poster's claim that doing an insmod isn't a copyright violation. Instead, you're talking about the guy who supplied the LKM to insmod violating copyright. However, without establishing that doing the insmod is a copyright violation, I don't see how you could possibly argue that supplying the LKM violates copyright law by inducement.

In any case, there's nothing simple about making an inducement argument. This is fairly new law, and judge-made (that's why there was so much uncertainty about how Napster would turn out). By contrast, the derivative work law starts out in statute, and has been refined for about 100 years.

Check out the US Copyright statute, Title 17 of United States Code. (Just google "derivative work"). It lists the 6 exclusive rights that copyright law creates. #2 is "the right to prepare derivative works based on the copyrighted work." It is, of course still up in the air whether insmod qualifies as preparing a derivative work, but you can find plenty written on the idea that modifying a program for your own use qualifies. GPL enumerates preparing a derivative work as a specific right the licensee gets.

I agree that Eben Moglen and FSF believe and have always believed that insmodding is within those exclusive rights of the copyright holder. I only commented on what Moglen said about what everybody else believes.

By the way, Moglen's law degree doesn't mean squat here. A law degree from a US law school means you know the fundamental concepts of US law and have a broad overview of various areas of law -- all possibly as of 40 years ago. It doesn't mean you know the law of any particular jurisdiction or enough about any area of law to avoid embarrassing yourself in front of a judge. I know because I have one. BUT: I respect Eben Moglen's opinion because of his extensive study of copyright law and practice in the area. I have none (what I know about copyright law is mostly via LWN. I did learn some in law school, but have forgotten all that).

GPL and Linux loadable kernel modules

Posted Aug 13, 2005 20:09 UTC (Sat) by GreyWizard (guest, #1026) [Link]

Looking at it now, I see that you're not addressing the parent poster's claim that doing an insmod isn't a copyright violation.

Well, in fact I was though perhaps not clearly enough. My point was that attempting to push responsibility for binary modules from a vendor to end users, which is what we are doing when we reframe the problem in terms of insmod, is not likely to succeed. This is why I made the comparison to Napster and Grokster.

However, without establishing that doing the insmod is a copyright violation, I don't see how you could possibly argue that supplying the LKM violates copyright law by inducement.

If a binary kernel module is a derivative work of the kernel then distributing it is copyright infringement unless those who hold the kernel copyrights give permission, which they have not done by releasing under the GPL. Creating it in the first place is explicitly permitted by the GPL. So I guess I didn't read your post closely enough either: rather than calling your approach complex I ought to have said it was simply doomed. I also mispoke, perhaps still thinking of the comparison to Napster, when I mentioned inducing infringement. Distribution of derivate works is what I meant.

Perhaps now you understand why I think this is simpler than fretting about whether invoking insmod can be copyright infringement. Even without the GPL that hinges on strange questions about fair use and the way computers work -- not to mention the public relations problem suing potential customers represents. The distribution angle seems cut and dried by comparison. Both approaches require settling thorny questions about derived works which, not to put too fine a point on it, is the original topic here.

By the way, Moglen's law degree doesn't mean squat here. [...] BUT: I respect Eben Moglen's opinion because of his extensive study of copyright law and practice in the area.

Here is the text you are responding to: "I don't know about you, but Moglen has a law degree and much relevant practice so his opinion on this is worth something." The law degree is indeed important here, if only because without one such relevant practice would be illegal.

GPL and Linux loadable kernel modules

Posted Aug 13, 2005 20:32 UTC (Sat) by giraffedata (subscriber, #1954) [Link]

The law degree still isn't relevant because it isn't relevant to your argument whether the law practice of which you speak is legal.

There are cases of people practicing law illegally for long periods of time, and people generally admit that these people have, and have gained through the practice, expertise equivalent to what legal practitioners have.

Incidentally, there are still some states where there are ways to practice law legally without a degree. You always have to have a license (except in the case of some elected judgeships), but a degree isn't always a prerequisite to a license.

GPL and Linux loadable kernel modules

Posted Aug 15, 2005 14:25 UTC (Mon) by GreyWizard (guest, #1026) [Link]

The law degree still isn't relevant because it isn't relevant to yourargument whether the law practice of which you speak is legal.

I didn't know that one could get a license to pratice law without a law degree, so thank you for enlightening me on that point. Still, my error in conflating the two doesn't undermine the point I was making (since you start with "incidentally" I suppose you agree). Similarly, those who do practice law illegally probably have less experience on the whole than their licensed colleagues who are less likely to be jailed. At any rate claiming someone has credibility because they practice illegally probably isn't a useful argument.

I mentioned Moglen's law degree in the context of supporting his opinion on dynamic linking and derivative works. I did not say such support was absolute, that it should end the discussion or that people without law degrees cannot be right where he is wrong. I also accept that someone who practices law but works as, say, a divorce attorney or public defender might know less about copyright law than someone who reads LWN obsessively. Nevertheless it seems obvious that someone who spends time studying the law is in general more likely to have a correct opinion on a legal question than someone who doesn't, at least in the absence of more specific details. Thus a law degree lends legitimate credibility to opinions about the law, just as being any kind of trained professional lends credibility to opinions about that particular domain. I stand by my original statement.

GPL and Linux loadable kernel modules

Posted Aug 13, 2005 16:43 UTC (Sat) by Duncan (guest, #6647) [Link]

> But I'm surprised that Moglen believes
> everyone agrees that GPL doesn't permit
> linking non-GPL modules dynamically.
> From reading LWN, I believe it's a well
> established fact that there's
> disagreement on that.

First, not to be niggling, but as one who claims to have a law degree
(which I'm not disputing), you should know how much difference similar but
not identical words can make. Moglen did /not/ say he believes "everyone"
agrees... What he DID say is "I think we would all agree"... (That's a
direct select/paste.)

The significance of "we would all agree" vs. "everyone agrees" should be
quite apparent. One, "everyone", without a specific exception appended,
tends to paint one into a corner, because it's /very/ easy to disprove,
with even a /single/ exception. "We" is a plural pronoun, and even
modified by "all", remains vague enough to allow exceptions. In
particular, "we" implies a group of which he considers himself a part, but
the group isn't specifically defined within the interview. Within
context, particularly inclusive of the second factor below, I took the
"we ... all" to mean "informed involved parties." Specifically, that
would mean "kernel maintainers and other significant contributors who have
taken the time to become informed on the subject, together with legal
council." That specifically excludes "everyone", altho because "we"
wasn't specifically defined, that remains personal opinion, the way /I/
took it.

Still considering the phrase "we would all agree", there's the term
"would". Within context, that lends support to the above "informed"
interpretation. Specifically, "would" implies some qualification or
condition, that "we all agree" /if/ said qualification "would" be met.
Within context, the implication is that "we would all agree" ... /if/ we
all took the time to study the issues...

Together, then, the two parts of the phrase he chose do /not/ necessarily
imply the all-inclusive "everyone" that was your interpretation. Rather,
the phrasing used indicates a somewhat more selective group, and only then
conditionally, with the implied condition being that of having taken the
time to be informed on the subject. Being rather less all-inclusive, the
statement he made (as quoted), as opposed to the statement you attributed
to him, is significantly easier to defend, and to understand.

Second, and similar to you, from my reading of LWN (and other community
sources such as NewsForge), the "well established" disagreement appears to
me to be specifically with the conditions applied to the Linux
kernel, /not/ to the GPL in general.

Again, the distinction can be subtle, but it's quite important,
particularly so in understanding the point Moglen was (IMV) trying to
make. The Linux kernel is an exception in GPL licensed software, due to
the fact that its license, as contained within the COPYING file, contains
a preamble to the GPL. Go ahead and look it up. It's worth reading.

The point Moglen was making was this: The GPL, as applied to the kernel,
already has specific exception clauses (or clarifications, as the case may
be argued) applied, so it's /not/ /just/ the terms of the GPL that apply,
it's the GPL already modified. The "informed" as implied by the "we would
all agree" as discussed above, will already understand this Linux kernel
exception, and read his comments with it in mind.

Further to the point, there was honest debate as to whether userland was
covered by the code sharing requirements of the GPL, particularly where
such userland made use of kernel headers. Since glibc makes use of kernel
headers, and most of userland in turn links against it, one could argue
that nearly the entire Linux userland was subject to the terms of the GPL.
That didn't fit Linus' idea of the conditions he wanted for the kernel at
all, so he put an end to the debate with the GPL preamble in the COPYING
file, specifically allowing proprietary source userland applications.

It is within the context of this history that Moglen makes his comments to
the effect that were the license pure GPL /only/, without the preamble and
other to this day not specifically stated exceptions, he thinks "we would
all agree" that kernel linking, static or dynamic, would violate the GPL.
His argument is that such other exceptions need to be stated specifically,
allowed or disallowed with a clear delineation, as has already been made
with the preamble and with the GPL-only function declarations.

It is within that context that I read his arguments, and believe that he's
right, were the GPL /only/ to be applied, there'd be little controversy,
all closed kernel modules would be a violation of the license, period.
The reason there's controversy at all, is due to the very reasonable
exceptions already made, along with hints, both in Linus' remarks, and in
the written form of the specifically GPL-only kernel symbols, that other
not-specifically-delineated exceptions exist as well. Because these
exceptions apply specifically to the kernel, not to the GPL or other GPL
licensed software, the controversy isn't on the GPL itself, and I believe
his statement that "we would all agree", within the context outlined, is a
fairly safe statement to make.

All in my opinion as specifically NOT a lawyer, and NOT a kernel level
coder, either, just a (hopefully) astute consumer of legal opinion on the
topic at hand.

Duncan

exquisite precision deep-fried in a verbose batter, with a dash of lemon

Posted Aug 15, 2005 0:59 UTC (Mon) by xoddam (subscriber, #2322) [Link]

> All in my opinion as specifically NOT a lawyer

Oh, but you *should* be!

Interview: Eben Moglen

Posted Aug 18, 2005 11:18 UTC (Thu) by forthy (guest, #1525) [Link]

IMHO, and IANAL, my interpretation for the binary module is that:

Creating and distributing a binary module that directly links into the kernel is creating a derivative work, and distributing part of it (the linkable module). The fact that it is a derivative work can be seen immediately if you change the kernel version - the module won't link.
Creating a open source wrapper like ndiswrapper or the nVidia kernel driver and linking it to a binary module (windows driver, nVidia core) when compiled at the user side is not distributing a derivated work. The wrapper license however should be both compatible with the GPL and the linking to a binary module (not tough). You can see that this is ok, because if you change the kernel and recompile the wrapper, everything still works.

The obvious thing for radio driver writers is to go the ndiswrapper/nVidia route, and write their own wrappers, which live on a borderline license (allowing both mixing with GPL and mixing with binary modules), and have to be recompiled when installing a new kernel. It is not allowed to distribute them in any other form as the "mere aggregate", where the user initiates the compilation and module insertion.

It is obvious that any sort of modular interface can allow the insertion of proprietary parts without shipping linked or linkable modules. Remember that the GCC team refused to add a RTL-based intermediate format for exactly that reason: a proprietary backend (or frontend) could use this RTL output to generate code, and thereby bypass the GPL for this part of the compiler (basically using GCC as front-end, and having a proprietary backend. Having a proprietary front end is far easier, you can emit C code ;-).