Week 12, Nov 11 and 13
Android: is it open source or not?
GPL v "Permissive" Licenses, recap
Permissive for whom? The GPL family is the only class of open-source licenses that prevent contributors from being taken advantage of. Typically, a "permissive" license is defined as being open-source but not copyleft.
There are now quite a few anti-Amazon licenses, but pretty much all of them are either based on AGPL, or are not really "open" as that term is generally understood. That is, they come with serious usage restrictions.
Basically every other license fails to offer protections against being taken advantage of. In this sense, the GPL licenses are the only "protective" ones.
Here are a few links, typically describing the GPL as "restrictive". Why use this word? Why focus on "restriction" as opposed to "keeping the software free"?
reddit (quoting): "folks started calling out GPL as "viral" and "infecting" of their downstream works"
Wikipedia: "Permissive licenses offer more extensive license compatibility than copyleft licenses, which cannot generally be freely combined and mixed, because their reciprocity requirements conflict with each other.". But this is not really true; pretty much any mix of code licensed under GPL and permissive licenses can be released under the GPL. Later the same article states "some older permissive licenses, such as the 4-clause BSD license, the PHP License, and the OpenSSL License, have clauses requiring advertising materials to credit the copyright holder, which made them incompatible with copyleft licenses." Incompatible with some specific term of the GPL, maybe, but the GPL doesn't mention trademarks and the legal theory behind this incompatibility idea is obscure. (The Apache license patent rules may be incompatible with the GPL patent rules.)
Endor Labs: The GPL "is considered a restrictive license, as it requires that any changes made to the code must be released under the same GPL license, and any software that uses the code must also be released under the same GPL license" Why call this restrictive though? Yes, it limits your ability to compile and sell the program, but it does not restrict your use of the software in any way.
Snyk.io: "The most popular copyleft open source licenses, in [decreasing] order of restrictiveness, are AGPL, GPL, LGPL, EPL, and Mozilla". Why focus on "restrictive"?
Forums.freebsd.org, user "Deleted": "I do prefer the permissive licenses since its truly free software, i.e you can choose to share or not to share if you ever made changes." The second part is a bit misleading; the GPL only requires you to share source code if you choose to distribute something with your changes.
user "mer", same forum: "Is the Freedom of Richard Stallman , real freedom? My opinion only, no. Because he is binding you (your changes) to something you were not a party to in the beginning". An interesting idea.
Nicholas Johnson blog post: "The reason I choose the GPL is I don’t believe in the freedom to restrict others’ freedom. The GPL says “you are free to use this software for any purpose except to restrict others’ freedoms”. Permissive licenses say “you are free to use this software for any purpose including restricting others’ freedoms”." Again, an interesting take on the issue.
Stack Exchange: Permissive license that prevents copyleft. First, this seems impossible, since the license would have to restrict future licenses applied to the code, and that is copyleft. But the bigger question is why would anyone ever want this?
The Mozilla Public License (MPL)
How is this different from the GPL?
See clause 3.3, but exactly what constitutes a "Larger Work" is critical. Here's what the definitions section says:
1.7. “Larger Work” means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software.
This is where the "file level" But the courts usually reserve for themselves the responsibility to interpret the word "work" in copyright law.
softwareengineering.stackexchange.com:
MPL is a file-level copyleft license. It means that if somebody embed it in a larger project (statically or dynamically) and make a change to your file, he only has to release the change made to this particular file
Maybe.
Drew DeVault, Seriously, don't sign a CLA
DeVault is the founder of SourceHut, a GitHub alternative, and contributor to a large number of projects, including Linux. He writes:
Make no mistake: a CLA is a promise that a open source software project will one day become non-free. Don’t sign them.
But CLAs are also used to support dual licensing. What do you think of the argument? DeVault does agree with a "release of liability" type of CLA. Just no copyright assignment.
See this: https://drewdevault.com/2023/04/11/2023-04-11-The-FSF-is-dying.html
Start with af_inet.c::tcp_protocol() and tcp_ipv4.c::tcp_v4_rcv
=> __inet_lookup_skb => __inet_lookup()
=> tcp_v4_do_rcv [tcp_ipv4.c]
=>
tcp_rcv_established() | tcp_v4_hnd_req(sk, skb) | tcp_child_process
=>
tcp_input.c::tcp_rcv_state_process()
->
icsk->icsk_af_ops->conn_request(sk, skb)
==
tcp_v4_conn_request() // see
table at tcp_ipv4.c::line 1758
Note module interface at start of tcp_ipv4.c
Arriving data packet:
tcp_v4_do_rcv()
tcp_rcv_established() [tcp_input.c] # note
comment on fast path v slow path, and reference to "30 instruction TCP
receive"
The latter eventually puts the data into a set of buffers that the receiving application, when it wakes up, can retrieve.
tcp_v4_hnd_req():
inet_csk_search_req: this is looking for the "request
socket", a mini-socket with additional info
tcp_check_req: checks if there is space in the accept
queue
inet_lookup_established: we *did* just call this:
same as __inet_lookup_established with hnum=dport
main path: ends up returning sk
Caller is tcp_v4_do_rcv();
caller falls through to tcp_rcv_state_process
->
icsk->icsk_af_ops->conn_request(sk, skb)
==
tcp_v4_conn_request() // see table
at tcp_ipv4.c::line 1758
tcp_v4_conn_request(): // handles
incoming SYN
// error cases first
tcp_clear_options();
tcp_parse_options;
tcp_openreq_init
save saddr/daddr in ireq, which is a cast of req,
which is a struct request_sock.
saves req using inet_csk_reqsk_queue_hash_add(sk,
req, TCP_TIMEOUT_INIT); // csk = Connected SocKet
see also inet_csk_search_req
calls __tcp_v4_send_synack
tcp_input.c:
int tcp_rcv_state_process(struct
sock *sk, struct sk_buff *skb) // called by
tcp_v4_do_rcv for states besides ESTABLISHED, LISTEN
ESTABLISHED: tcp_data_queue()
HTB is useful for, say, handling multiple customers and giving each of them a pre-configured amount of bandwidth.
Token Bucket is a rate limiter. HTB combines this with fair queuing, which allows excess bandwidth to be shared among currently active users.
First, why is this in the kernel? Mainly to avoid kernel->userland copying. Otherwise it makes sense to put this kind of code in userspace. VXworks (based on BSD) has packet "handles" that are small, can be easily copied to userspace, and which can be used to trigger the sending of the underlying packet at a later point.
Most of the code is in net/sched/sch_htb.c
struct htb_class (line 74): tree of traffic classes.
note rb_root and rb_node fields
see lib/rbtree.c
htb_classify()
jiffies
htb_dequeue_tree()
Note the use of unlikely()