Ksplice currently violates the GPL

I have lots of respect for Ksplice, Inc, and hold nothing personal against any of the people that work there. Their software is spectacularly awesome. The following is simply my opinion on a matter of principle, and respectfully state the facts as I see them.

I contacted Ksplice a few months ago and they basically told me that they will no longer be updating their git repository, yet be releasing updates in binary-form only. I had to ask myself; is Ksplice, Inc in violation of the GPL?

I eventually came to the conclusion that yes, they are, so this past week I’ve drafted the following email, and sent it this morning:

Hello,

This is a letter to inform you about the violations that Ksplice, Inc (and
now subsequently Oracle) are making to the GPLv2 via their business
practices with the ksplice software and the linux kernel.

These violations are easily resolved, and on behalf of the Ksplice/Oracle
customers, and the open source community at large, I urge that the
appropriate action to resolve these violations are made in a timely
manner.

The violations are as follows:

1) Updates to the linux kernel, which is licensed under the GPLv2, are
provided in binary-form only. The source code change that compiles to the
binary update is not included in the distribution, nor is it made
available. Quoting the GPLv2:

"You may copy and distribute the Program [...] in object code or
executable form [...] provided that you also do one of the following:"

It goes on to state the different methods of making the preferred form
(ie; source code) of the code available.

The correction here is very simple. Make available the source code change
(the .path file) along with the binary update. I understand that the tool
that compiles the binary update has the ability to include this inside the
compressed archive the update is distributed in.

2) The source code to the tool that compiles the binary update to the
Linux Kernel is not available. Since this makes changes to GPLv2 software,
it is also covered by the GPLv2, by the following section:

"For an executable work, complete source code means all the source code
for all modules it contains, plus any associated interface definition
files, plus the scripts used to control compilation and installation of
the executable."

This covers the ksplice tools used to compile the patch into its binary
form. This was at one time released, and I have a copy of that source code
here:

https://github.com/cormander/ksplice

However, this is an old copy and doesn't work on the currently supported
kernels that binary updates are released for. Ksplice/Oracle would need to
release their updated ksplice tools code in order to remain in compliance
with the GPLv2.

Regardless of what license the ksplice tools are placed under, they
compile code that makes changes to GPLv2 software, and are thus also bound
by the GPLv2, which means the source code of it needs to be made
available.

Thank you for your time, and I look forward to your prompt reply.

Best Regards,

Corey Henderson

I look forward to their reply.

2 thoughts on “Ksplice currently violates the GPL”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>