Documentation/process/license-rules.rst

   1 .. SPDX-License-Identifier: GPL-2.0
   2
   3 .. _kernel_licensing:
   4
   5 Linux kernel licensing rules
   6 ============================
   7
   8 The Linux Kernel is provided under the terms of the GNU General Public
   9 License version 2 only (GPL-2.0), as provided in LICENSES/preferred/GPL-2.0,
  10 with an explicit syscall exception described in
  11 LICENSES/exceptions/Linux-syscall-note, as described in the COPYING file.
  12
  13 This documentation file provides a description of how each source file
  14 should be annotated to make its license clear and unambiguous.
  15 It doesn't replace the Kernel's license.
  16
  17 The license described in the COPYING file applies to the kernel source
  18 as a whole, though individual source files can have a different license
  19 which is required to be compatible with the GPL-2.0::
  20
  21     GPL-1.0+  :  GNU General Public License v1.0 or later
  22     GPL-2.0+  :  GNU General Public License v2.0 or later
  23     LGPL-2.0  :  GNU Library General Public License v2 only
  24     LGPL-2.0+ :  GNU Library General Public License v2 or later
  25     LGPL-2.1  :  GNU Lesser General Public License v2.1 only
  26     LGPL-2.1+ :  GNU Lesser General Public License v2.1 or later
  27
  28 Aside from that, individual files can be provided under a dual license,
  29 e.g. one of the compatible GPL variants and alternatively under a
  30 permissive license like BSD, MIT etc.
  31
  32 The User-space API (UAPI) header files, which describe the interface of
  33 user-space programs to the kernel are a special case.  According to the
  34 note in the kernel COPYING file, the syscall interface is a clear boundary,
  35 which does not extend the GPL requirements to any software which uses it to
  36 communicate with the kernel.  Because the UAPI headers must be includable
  37 into any source files which create an executable running on the Linux
  38 kernel, the exception must be documented by a special license expression.
  39
  40 The common way of expressing the license of a source file is to add the
  41 matching boilerplate text into the top comment of the file.  Due to
  42 formatting, typos etc. these "boilerplates" are hard to validate for
  43 tools which are used in the context of license compliance.
  44
  45 An alternative to boilerplate text is the use of Software Package Data
  46 Exchange (SPDX) license identifiers in each source file.  SPDX license
  47 identifiers are machine parsable and precise shorthands for the license
  48 under which the content of the file is contributed.  SPDX license
  49 identifiers are managed by the SPDX Workgroup at the Linux Foundation and
  50 have been agreed on by partners throughout the industry, tool vendors, and
  51 legal teams.  For further information see https://spdx.org/
  52
  53 The Linux kernel requires the precise SPDX identifier in all source files.
  54 The valid identifiers used in the kernel are explained in the section
  55 `License identifiers`_ and have been retrieved from the official SPDX
  56 license list at https://spdx.org/licenses/ along with the license texts.
  57
  58 License identifier syntax
  59 -------------------------
  60
  61 1. Placement:
  62
  63    The SPDX license identifier in kernel files shall be added at the first
  64    possible line in a file which can contain a comment.  For the majority
  65    of files this is the first line, except for scripts which require the
  66    '#!PATH_TO_INTERPRETER' in the first line.  For those scripts the SPDX
  67    identifier goes into the second line.
  68
  69 |
  70
  71 2. Style:
  72
  73    The SPDX license identifier is added in form of a comment.  The comment
  74    style depends on the file type::
  75
  76       C source: // SPDX-License-Identifier: <SPDX License Expression>
  77       C header: /* SPDX-License-Identifier: <SPDX License Expression> */
  78       ASM:      /* SPDX-License-Identifier: <SPDX License Expression> */
  79       scripts:  # SPDX-License-Identifier: <SPDX License Expression>
  80       .rst:     .. SPDX-License-Identifier: <SPDX License Expression>
  81       .dts{i}:  // SPDX-License-Identifier: <SPDX License Expression>
  82
  83    If a specific tool cannot handle the standard comment style, then the
  84    appropriate comment mechanism which the tool accepts shall be used. This
  85    is the reason for having the "/\* \*/" style comment in C header
  86    files. There was build breakage observed with generated .lds files where
  87    'ld' failed to parse the C++ comment. This has been fixed by now, but
  88    there are still older assembler tools which cannot handle C++ style
  89    comments.
  90
  91 |
  92
  93 3. Syntax:
  94
  95    A <SPDX License Expression> is either an SPDX short form license
  96    identifier found on the SPDX License List, or the combination of two
  97    SPDX short form license identifiers separated by "WITH" when a license
  98    exception applies. When multiple licenses apply, an expression consists
  99    of keywords "AND", "OR" separating sub-expressions and surrounded by
 100    "(", ")" .
 101
 102    License identifiers for licenses like [L]GPL with the 'or later' option
 103    are constructed by using a "+" for indicating the 'or later' option.::
 104
 105       // SPDX-License-Identifier: GPL-2.0+
 106       // SPDX-License-Identifier: LGPL-2.1+
 107
 108    WITH should be used when there is a modifier to a license needed.
 109    For example, the linux kernel UAPI files use the expression::
 110
 111       // SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note
 112       // SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note
 113
 114    Other examples using WITH exceptions found in the kernel are::
 115
 116       // SPDX-License-Identifier: GPL-2.0 WITH mif-exception
 117       // SPDX-License-Identifier: GPL-2.0+ WITH GCC-exception-2.0
 118
 119    Exceptions can only be used with particular License identifiers. The
 120    valid License identifiers are listed in the tags of the exception text
 121    file. For details see the point `Exceptions`_ in the chapter `License
 122    identifiers`_.
 123
 124    OR should be used if the file is dual licensed and only one license is
 125    to be selected.  For example, some dtsi files are available under dual
 126    licenses::
 127
 128       // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
 129
 130    Examples from the kernel for license expressions in dual licensed files::
 131
 132       // SPDX-License-Identifier: GPL-2.0 OR MIT
 133       // SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
 134       // SPDX-License-Identifier: GPL-2.0 OR Apache-2.0
 135       // SPDX-License-Identifier: GPL-2.0 OR MPL-1.1
 136       // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) OR MIT
 137       // SPDX-License-Identifier: GPL-1.0+ OR BSD-3-Clause OR OpenSSL
 138
 139    AND should be used if the file has multiple licenses whose terms all
 140    apply to use the file. For example, if code is inherited from another
 141    project and permission has been given to put it in the kernel, but the
 142    original license terms need to remain in effect::
 143
 144       // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) AND MIT
 145
 146    Another other example where both sets of license terms need to be
 147    adhered to is::
 148
 149       // SPDX-License-Identifier: GPL-1.0+ AND LGPL-2.1+
 150
 151 License identifiers
 152 -------------------
 153
 154 The licenses currently used, as well as the licenses for code added to the
 155 kernel, can be broken down into:
 156
 157 1. _`Preferred licenses`:
 158
 159    Whenever possible these licenses should be used as they are known to be
 160    fully compatible and widely used.  These licenses are available from the
 161    directory::
 162
 163       LICENSES/preferred/
 164
 165    in the kernel source tree.
 166
 167    The files in this directory contain the full license text and
 168    `Metatags`_.  The file names are identical to the SPDX license
 169    identifier which shall be used for the license in source files.
 170
 171    Examples::
 172
 173       LICENSES/preferred/GPL-2.0
 174
 175    Contains the GPL version 2 license text and the required metatags::
 176
 177       LICENSES/preferred/MIT
 178
 179    Contains the MIT license text and the required metatags
 180
 181    _`Metatags`:
 182
 183    The following meta tags must be available in a license file:
 184
 185    - Valid-License-Identifier:
 186
 187      One or more lines which declare which License Identifiers are valid
 188      inside the project to reference this particular license text.  Usually
 189      this is a single valid identifier, but e.g. for licenses with the 'or
 190      later' options two identifiers are valid.
 191
 192    - SPDX-URL:
 193
 194      The URL of the SPDX page which contains additional information related
 195      to the license.
 196
 197    - Usage-Guidance:
 198
 199      Freeform text for usage advice. The text must include correct examples
 200      for the SPDX license identifiers as they should be put into source
 201      files according to the `License identifier syntax`_ guidelines.
 202
 203    - License-Text:
 204
 205      All text after this tag is treated as the original license text
 206
 207    File format examples::
 208
 209       Valid-License-Identifier: GPL-2.0
 210       Valid-License-Identifier: GPL-2.0+
 211       SPDX-URL: https://spdx.org/licenses/GPL-2.0.html
 212       Usage-Guide:
 213         To use this license in source code, put one of the following SPDX
 214         tag/value pairs into a comment according to the placement
 215         guidelines in the licensing rules documentation.
 216         For 'GNU General Public License (GPL) version 2 only' use:
 217           SPDX-License-Identifier: GPL-2.0
 218         For 'GNU General Public License (GPL) version 2 or any later version' use:
 219           SPDX-License-Identifier: GPL-2.0+
 220       License-Text:
 221         Full license text
 222
 223    ::
 224
 225       SPDX-License-Identifier: MIT
 226       SPDX-URL: https://spdx.org/licenses/MIT.html
 227       Usage-Guide:
 228         To use this license in source code, put the following SPDX
 229         tag/value pair into a comment according to the placement
 230         guidelines in the licensing rules documentation.
 231           SPDX-License-Identifier: MIT
 232       License-Text:
 233         Full license text
 234
 235 |
 236
 237 2. Deprecated licenses:
 238
 239    These licenses should only be used for existing code or for importing
 240    code from a different project.  These licenses are available from the
 241    directory::
 242
 243       LICENSES/deprecated/
 244
 245    in the kernel source tree.
 246
 247    The files in this directory contain the full license text and
 248    `Metatags`_.  The file names are identical to the SPDX license
 249    identifier which shall be used for the license in source files.
 250
 251    Examples::
 252
 253       LICENSES/deprecated/ISC
 254
 255    Contains the Internet Systems Consortium license text and the required
 256    metatags::
 257
 258       LICENSES/deprecated/GPL-1.0
 259
 260    Contains the GPL version 1 license text and the required metatags.
 261
 262    Metatags:
 263
 264    The metatag requirements for 'other' licenses are identical to the
 265    requirements of the `Preferred licenses`_.
 266
 267    File format example::
 268
 269       Valid-License-Identifier: ISC
 270       SPDX-URL: https://spdx.org/licenses/ISC.html
 271       Usage-Guide:
 272         Usage of this license in the kernel for new code is discouraged
 273         and it should solely be used for importing code from an already
 274         existing project.
 275         To use this license in source code, put the following SPDX
 276         tag/value pair into a comment according to the placement
 277         guidelines in the licensing rules documentation.
 278           SPDX-License-Identifier: ISC
 279       License-Text:
 280         Full license text
 281
 282 |
 283
 284 3. Dual Licensing Only
 285
 286    These licenses should only be used to dual license code with another
 287    license in addition to a preferred license.  These licenses are available
 288    from the directory::
 289
 290       LICENSES/dual/
 291
 292    in the kernel source tree.
 293
 294    The files in this directory contain the full license text and
 295    `Metatags`_.  The file names are identical to the SPDX license
 296    identifier which shall be used for the license in source files.
 297
 298    Examples::
 299
 300       LICENSES/dual/MPL-1.1
 301
 302    Contains the Mozilla Public License version 1.1 license text and the
 303    required metatags::
 304
 305       LICENSES/dual/Apache-2.0
 306
 307    Contains the Apache License version 2.0 license text and the required
 308    metatags.
 309
 310    Metatags:
 311
 312    The metatag requirements for 'other' licenses are identical to the
 313    requirements of the `Preferred licenses`_.
 314
 315    File format example::
 316
 317       Valid-License-Identifier: MPL-1.1
 318       SPDX-URL: https://spdx.org/licenses/MPL-1.1.html
 319       Usage-Guide:
 320         Do NOT use. The MPL-1.1 is not GPL2 compatible. It may only be used for
 321         dual-licensed files where the other license is GPL2 compatible.
 322         If you end up using this it MUST be used together with a GPL2 compatible
 323         license using "OR".
 324         To use the Mozilla Public License version 1.1 put the following SPDX
 325         tag/value pair into a comment according to the placement guidelines in
 326         the licensing rules documentation:
 327       SPDX-License-Identifier: MPL-1.1
 328       License-Text:
 329         Full license text
 330
 331 |
 332
 333 4. _`Exceptions`:
 334
 335    Some licenses can be amended with exceptions which grant certain rights
 336    which the original license does not.  These exceptions are available
 337    from the directory::
 338
 339       LICENSES/exceptions/
 340
 341    in the kernel source tree.  The files in this directory contain the full
 342    exception text and the required `Exception Metatags`_.
 343
 344    Examples::
 345
 346       LICENSES/exceptions/Linux-syscall-note
 347
 348    Contains the Linux syscall exception as documented in the COPYING
 349    file of the Linux kernel, which is used for UAPI header files.
 350    e.g. /\* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note \*/::
 351
 352       LICENSES/exceptions/GCC-exception-2.0
 353
 354    Contains the GCC 'linking exception' which allows to link any binary
 355    independent of its license against the compiled version of a file marked
 356    with this exception. This is required for creating runnable executables
 357    from source code which is not compatible with the GPL.
 358
 359    _`Exception Metatags`:
 360
 361    The following meta tags must be available in an exception file:
 362
 363    - SPDX-Exception-Identifier:
 364
 365      One exception identifier which can be used with SPDX license
 366      identifiers.
 367
 368    - SPDX-URL:
 369
 370      The URL of the SPDX page which contains additional information related
 371      to the exception.
 372
 373    - SPDX-Licenses:
 374
 375      A comma separated list of SPDX license identifiers for which the
 376      exception can be used.
 377
 378    - Usage-Guidance:
 379
 380      Freeform text for usage advice. The text must be followed by correct
 381      examples for the SPDX license identifiers as they should be put into
 382      source files according to the `License identifier syntax`_ guidelines.
 383
 384    - Exception-Text:
 385
 386      All text after this tag is treated as the original exception text
 387
 388    File format examples::
 389
 390       SPDX-Exception-Identifier: Linux-syscall-note
 391       SPDX-URL: https://spdx.org/licenses/Linux-syscall-note.html
 392       SPDX-Licenses: GPL-2.0, GPL-2.0+, GPL-1.0+, LGPL-2.0, LGPL-2.0+, LGPL-2.1, LGPL-2.1+
 393       Usage-Guidance:
 394         This exception is used together with one of the above SPDX-Licenses
 395         to mark user-space API (uapi) header files so they can be included
 396         into non GPL compliant user-space application code.
 397         To use this exception add it with the keyword WITH to one of the
 398         identifiers in the SPDX-Licenses tag:
 399           SPDX-License-Identifier: <SPDX-License> WITH Linux-syscall-note
 400       Exception-Text:
 401         Full exception text
 402
 403    ::
 404
 405       SPDX-Exception-Identifier: GCC-exception-2.0
 406       SPDX-URL: https://spdx.org/licenses/GCC-exception-2.0.html
 407       SPDX-Licenses: GPL-2.0, GPL-2.0+
 408       Usage-Guidance:
 409         The "GCC Runtime Library exception 2.0" is used together with one
 410         of the above SPDX-Licenses for code imported from the GCC runtime
 411         library.
 412         To use this exception add it with the keyword WITH to one of the
 413         identifiers in the SPDX-Licenses tag:
 414           SPDX-License-Identifier: <SPDX-License> WITH GCC-exception-2.0
 415       Exception-Text:
 416         Full exception text
 417
 418
 419 All SPDX license identifiers and exceptions must have a corresponding file
 420 in the LICENSES subdirectories. This is required to allow tool
 421 verification (e.g. checkpatch.pl) and to have the licenses ready to read
 422 and extract right from the source, which is recommended by various FOSS
 423 organizations, e.g. the `FSFE REUSE initiative <https://reuse.software/>`_.
 424
 425 _`MODULE_LICENSE`
 426 -----------------
 427
 428    Loadable kernel modules also require a MODULE_LICENSE() tag. This tag is
 429    neither a replacement for proper source code license information
 430    (SPDX-License-Identifier) nor in any way relevant for expressing or
 431    determining the exact license under which the source code of the module
 432    is provided.
 433
 434    The sole purpose of this tag is to provide sufficient information
 435    whether the module is free software or proprietary for the kernel
 436    module loader and for user space tools.
 437
 438    The valid license strings for MODULE_LICENSE() are:
 439
 440     ============================= =============================================
 441     "GPL"                         Module is licensed under GPL version 2. This
 442                                   does not express any distinction between
 443                                   GPL-2.0-only or GPL-2.0-or-later. The exact
 444                                   license information can only be determined
 445                                   via the license information in the
 446                                   corresponding source files.
 447
 448     "GPL v2"                      Same as "GPL". It exists for historic
 449                                   reasons.
 450
 451     "GPL and additional rights"   Historical variant of expressing that the
 452                                   module source is dual licensed under a
 453                                   GPL v2 variant and MIT license. Please do
 454                                   not use in new code.
 455
 456     "Dual MIT/GPL"                The correct way of expressing that the
 457                                   module is dual licensed under a GPL v2
 458                                   variant or MIT license choice.
 459
 460     "Dual BSD/GPL"                The module is dual licensed under a GPL v2
 461                                   variant or BSD license choice. The exact
 462                                   variant of the BSD license can only be
 463                                   determined via the license information
 464                                   in the corresponding source files.
 465
 466     "Dual MPL/GPL"                The module is dual licensed under a GPL v2
 467                                   variant or Mozilla Public License (MPL)
 468                                   choice. The exact variant of the MPL
 469                                   license can only be determined via the
 470                                   license information in the corresponding
 471                                   source files.
 472
 473     "Proprietary"                 The module is under a proprietary license.
 474                                   This string is solely for proprietary third
 475                                   party modules and cannot be used for modules
 476                                   which have their source code in the kernel
 477                                   tree. Modules tagged that way are tainting
 478                                   the kernel with the 'P' flag when loaded and
 479                                   the kernel module loader refuses to link such
 480                                   modules against symbols which are exported
 481                                   with EXPORT_SYMBOL_GPL().
 482     ============================= =============================================
 483
 484
 485