LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Front page

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Holiday cheer from the SCO Group

[Posted December 22, 2003 by corbet]

The SCO Group has kicked off the holiday season with a couple of new press releases, some interesting disclosures of which code it is claiming, its fourth quarter results, and, of course, the inevitable conference call. This article will look at all of the above, with an emphasis on the company's new copyright claims. Those claims look to be on shaky ground, to say the least.

We'll start with the quarterly results, as described in this press release. The company lost $1.6 million on revenue of $24.3 million. Of that, $10.3 million came from licensing agreements - all from Microsoft and Sun. It would appear that there are still no other paying licensees. In the conference call, SCO management stated that license revenue in the next quarter would be "minimal." Some direct questions were asked about just what sort of revenue was being received by other licensees, but the answers were, to put it charitably, evasive.

The more interesting part of today's activity is a view into the claims SCO plans to make in the coming months. To that end, there has been another press release, and a new letter being sent to Linux users. What the letter makes clear is that SCO now considers part of the Unix application binary interface (ABI) to be its property. Linux implements the Unix ABI, so SCO has picked out several dozen files which, it claims, violate its copyright. The full list is in the letter, but what it comes down to is each architecture's version of errno.h, signal.h, ioctl.h, plus a few others.

These include files all have the same form: they are really just long lists of #define statements assigning values to symbols. They define the various error codes returned by the kernel, the numbers associated with signals, and the numbers for ioctl() commands. Many of these numbers have nothing in common with any version of Unix, but many others do. So, if you compare the first part of the definitions in the 32V version of user.h with a 2.4 errno.h, you see:

32V version2.4.x version
#define EPERM   1
#define ENOENT  2
#define ESRCH   3
#define EINTR   4
#define EIO     5
#define ENXIO   6
#define E2BIG   7
#define ENOEXEC 8
#define EBADF   9
#define ECHILD  10
#define EAGAIN  11
#define ENOMEM  12
#define EACCES  13
#define EFAULT  14
#define ENOTBLK 15
#define EBUSY   16
#define EEXIST  17
#define EXDEV   18
#define ENODEV  19
#define ENOTDIR 20
...
      
#define EPERM            1
#define ENOENT           2
#define ESRCH            3
#define EINTR            4
#define EIO              5
#define ENXIO            6
#define E2BIG            7
#define ENOEXEC          8
#define EBADF            9
#define ECHILD          10
#define EAGAIN          11
#define ENOMEM          12
#define EACCES          13
#define EFAULT          14
#define ENOTBLK         15
#define EBUSY           16
#define EEXIST          17
#define EXDEV           18
#define ENODEV          19
#define ENOTDIR         20
...

The 2.4 version has comments on each line which have been removed in the above listing, but, even taking those into account, there is clearly a high degree of similarity between the two. The definitions in Linux are obviously taken from older Unix systems. That is not surprising; Linux was intended to implement the same interface. Linux is not alone in having reproduced the Unix error numbers; if you look at the Minix version of errno.h, you see the same interface used. Microsoft uses the same numbers. Modern BSD systems also use the same definitions, of course. The basic Unix numbers for errors and signals have been widely reproduced, to say the least.

If the files in question were, indeed, copied from an ancient Unix distribution, then the Linux developers have arguably violated the associated BSD license by leaving out the copyright headers. This is a copyright violation, but it is also easy to fix by simply restoring those headers. There are enough other sources for these numbers, however, that proving that they came into Linux via any particular path could be hard.

There are a couple of things that one should keep in mind, however, when evaluating SCO's new claims. One is that the copyright status of ancient Unix is uncertain at best, as has been reported many times. The judge in the BSDI case came to the conclusion that USL's chances of enforcing its copyrights were poor. SCO will not have improved those chances. Novell's recent reassertion of its claim to still own the Unix copyrights could also complicate matters for SCO.

The truly important issue, however, is that the old Unix ABI is exactly that: a well established ABI. Copyright law allows for the protection of expressions of an idea, but not the idea itself. Concepts used in an ABI, like "the number 12 means no memory is available," can be very difficult to copyright. If there is only one way to express an idea, you cannot get copyright protection for that expression. In this case, there are truly few alternatives to: 

    #define ENOMEM 12

SCO will have a hard time convincing a judge anywhere that copyrights can protect this sort of code - especially given that the error names (but not the associated numbers) are part of the POSIX standard.

SCO seemingly intends to try, however - at least for as long as it takes to shake down some nervous users. To that end, the company is taking two approaches. One is to threaten anybody who distributes Linux with the offending files; that is what the letter was sent out for. From statements made in the conference call, one could conclude that SCO thinks it has users in a bind; constants like error and signal numbers cannot be changed without breaking binary applications. By claiming something that cannot be easily removed, SCO apparently hopes to inspire companies to pay up instead.

The other approach is described in the second press release: SCO is sending notices to its Unix licensees requiring them to "certify" that they are in compliance with the Unix agreement. The letter requires a long list of promises from Unix licensees, including:

The company is not running Linux binary code that was compiled from any version of Linux that contains SCO's copyrighted application binary interface code ("ABI Code") specifically identified in the attached notification letter.

It has long been clear that signing a contract with the SCO Group is a Bad Idea. The SCO Group is using its contracts to go after its customers - something which does not generally inspire those customers to buy anything else. The Unix contract is being used as a lever to force those customers to "certify" that they are not running Linux. Needless to say, at this point, few of these customers will be in a position to do that. They are now in a bit of a difficult situation; they can refuse to certify, pay SCO, or claim that Linux does not actually contain any copyrighted ABI code.

As a short-term strategy for SCO, this move must look pretty good. The use of the existing contracts in this way may well succeed in applying enough pressure to make some customers give in. None of those customers are going to appreciate this behavior, however; one would assume that many of them will decide (if they have not already) that entering into any other agreements with the SCO Group is not in their best interests. SCO is destroying whatever future business it may have still had to expedite a short-term shakedown.

A couple of other notes from the conference call are in order. It began with a statement that the call is copyrighted by SCO, and any reproduction ("in whole or in part") is prohibited. Transcripts will certainly be posted; it will be interesting to see if SCO tries to get them taken down. Analyst Dion Cornett (Decatur Jones Equity) appears to be getting a clue: he asked SCO whether it really believed it had a valid license to distribute Samba. Strangely enough, SCO's answer did not address that question at all. Finally, Darl McBride presented the SCO litigation scheme as "a model many companies will adopt" in the near future. If SCO succeeds in its attempts, that statement could well come true. The foundation of SCO's new claims appears weak at best, however. SCO is more likely to become a very different sort of example.

(Log in to post comments)

Court cases

Posted Dec 22, 2003 20:13 UTC (Mon) by jamienk (guest, #1144) [Link]

Will any of the current court cases (against IBM, IBM against SCO, Red Hat against SCO) relevent here? If SCO loses all of them, do they lose on the legal questions raised here? (If losing those cases bankrupts them, that's one thing, but in terms of the legal questions raised...?)

Holiday cheer from the SCO Group

Posted Dec 22, 2003 20:15 UTC (Mon) by ncm (subscriber, #165) [Link]

About the loss... a posting on Groklaw claimed that SCO executive bonuses depended on achieving four consecutive profitable quarters, making this loss a major setback for the individuals involved.

32V basically declared public domain by USL-BSD judge

Posted Dec 22, 2003 20:46 UTC (Mon) by freeio (guest, #9622) [Link]

Dennis Ritchie's web site has the following link to the 1994 USL-BSD judgement:

http://cm.bell-labs.com/cm/cs/who/dmr/bsdi/930303.ruling.txt

Note that the judge, in essence, stated that 32V was neither copyrighted, nor could it contain any trade secrets, due to the mishandling of the licensing and labelling by AT&T. As such, anything which is identical to the files in 32V is quite legal to use or copy, without any attribution whatsoever.

From a legal standpoint, SCO has an impossibly high barrier to overcome in the face of the 1994 ruling.

32V basically declared public domain by USL-BSD judge

Posted Dec 24, 2003 14:07 UTC (Wed) by tseaver (subscriber, #1544) [Link]

I particularly like this quote from the opinion, which seems eerily like
what Linus had already done:

> There is an enormous difference between an expert
> programmer sitting down with a pile of textbooks and disjointed
> segments of code to write out an operating system from scratch, and
> that same programmer downloading the operating system intact from a
> public network. In the first case, the programmer could expend
> large amounts of time writing, testing, and debugging the
> newly-created system, with an uncertain prospect of immediate
> success. But in the second case, immediate success would be
> virtually assured. Thus, even if all of the pieces of the 32V code
> had been thoroughly revealed in publicly available literature, the
> overall organization of the code might remain a trade secret unless
> it too had been disclosed.

Holiday cheer from the SCO Group

Posted Dec 22, 2003 22:03 UTC (Mon) by simlo (subscriber, #10866) [Link]

I checked the errno.h on three Unix systems I just happened to have accounts on, OSF1 V4.0, SunOS 5.8 and IRIX 6.5.
On the two latter the identation was (not suprisingly) as in SysV5 as stated above and the comments the same to those of Linux's. The comments seems to be identical to the definitions in POSIX though, so there is no proof that the guy doing the Linux version copied from a SysV5 derived Unix and changed the
identation.
In OSF1 the identation was one less than in Linux's but the comments were different.

Holiday cheer from the SCO Group

Posted Dec 24, 2003 5:25 UTC (Wed) by iabervon (subscriber, #722) [Link]

Linus says he generated errno.h with a simple C program, so the file
itself is his work. The comments in the file, however, come from libc
2.2.2's list of strings to implement strerror(). Nobody has yet reported
where J H Lu got those strings, but it probably was from POSIX.

Holiday cheer from the SCO Group

Posted Dec 23, 2003 1:43 UTC (Tue) by error27 (subscriber, #8346) [Link]

If you look at the first version of Linux errno.h had a comment that sort
of says how the file was created.

include/errno.h:
/*
* ok, as I hadn't got any other source of information about
* possible error numbers, I was forced to use the same numbers
* as minix.
* Hopefully these are posix or something. I wouldn't know (and posix
* isn't telling me - they want $$$ for their f***ing standard).
*
* We don't use the _SIGN cludge of minix, so kernel returns must
* see to the sign by themselves.
*
* NOTE! Remember to change strerror() if you change this file!
*/

What timing!

Posted Dec 23, 2003 4:10 UTC (Tue) by jre (guest, #2807) [Link]

Wasn't it only yesterday that a LWN reader asked (about the RIAA subpoena ruling): "While I do find this interesting, what does it have to do with free software?"

Here's your answer, straight from the horse's [mouth]:

"DMCA liability extends to those who have reasonable grounds to know that a distribution (or re-distribution as required by the GPL) of the altered code or copyright information will induce, enable, facilitate, or conceal an infringement of any right under the DMCA."

I don't mean to disparage a perfectly innocent comment, only to point out that the DMCA is indeed a dangerous thing to leave lying around. When it falls into the wrong hands, free software likely will be affected.

Assumption

Posted Dec 23, 2003 7:07 UTC (Tue) by Ross (subscriber, #4065) [Link]

There is an assumption in this analysis that this list of #defines is
copyrightable. I'm not sure that is a safe assumption to make. How
exactly could another compatible implementation be made that didn't use
the same names and numbers? Would any order other than increasing
numeric value make much sense?

The only remaning possible differences are whitespace (including comments)
and unrelated code. I would hope that errno.h would not contain any
unrelated code. As for whitespace, that was actually different.

IANAL.

Oops: Ignore me

Posted Dec 23, 2003 7:31 UTC (Tue) by Ross (subscriber, #4065) [Link]

I somehow missed the paragraph with this sentence the first time I read the
article: "SCO will have a hard time convincing a judge anywhere that
copyrights can protect this sort of code".

SCO copyright claim over call transcript

Posted Dec 23, 2003 11:38 UTC (Tue) by gdt (subscriber, #6284) [Link]

How can SCO claim copyright on the analyst conference call?

Firstly, how does SCO gain copyright of the analysts' questions?

Secondly, how can SCO enforce such a claim without running foul of stock exchange listing rules on concurrent disclosure? (You'll need to forgive the lack of specifics here, since I'm from Australia and each exchange differs in detail. But essentially, the exchange rules require the same disclosures to be made to all stock holders reasonably simultaneously.) A question to the exchange which lists SCOX seems in order.

SCO copyright claim over call transcript

Posted Dec 24, 2003 17:39 UTC (Wed) by smoogen (subscriber, #97) [Link]

They will probably state that because they said this, by saying anything you were accepting their claim on copyright of the call and thus handed over your copyrights.. probably get them laughed out of court, but hey that will be 10 years from now after all the appeals just to get it listened to.

Just a thought about the headers...

Posted Dec 24, 2003 13:02 UTC (Wed) by flewellyn (subscriber, #5047) [Link]

The Linux headers COULD be changed so that the error and signal numbers are written in hex, instead of in decimal. :-) This would, after all, break absolutely nothing (a number is a number), but would make the headers LOOK different. And since SCO seems to be claiming that "anything which looks like ours is ours", the kernel developers could do this and say "nyah nyah, doesn't look like yours!"

Yes, I'm joking. :-)

Holiday cheer from the SCO Group

Posted Jan 6, 2004 8:59 UTC (Tue) by jrrk (guest, #18467) [Link]

/* error number .H version 2.8.x */

/* how about this version - to be sure to break K&R compilers */

#ifdef __STDC__
enum {ENOERR,EPERM,ENOENT,ESRCH,EINTR, <etc.> };
#else
#error "Be sure to compile with ansi-C for maximum political correctness */
#endif


Basics of copyright

Posted Jan 7, 2004 23:45 UTC (Wed) by bojan (subscriber, #14302) [Link]

Copyright protects "original works of authorship" that are fixed in a tangible form of expression.

This part seems to be escaping SCO all the time. You cannot copyright numbers, words, letters or anything like that. So, one could simply write:

#define ONE 1
#define TWO 2
#define THREE 3
...

#define EPERM ONE
#define ENOENT TWO
#define ESRCH THREE
...

And avoid copyright infringement altogether. That is providing any such header file can be copyrighted in the first place and Linus actually pinched those files, both of which seems not to be true.

Why do they even bother to come up with this kind of nonsense, I fail to understand.

Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds