usb: raw-gadget: upgrade license identifier

From: Andrey Konovalov <andreyknvl@gmail.com>

Most of the USB gadget modules are licensed as GPL-2.0+. There is no
reason not to allow using Raw Gadget code under a newer GPL version.

Change SPDX identifier from GPL-2.0 to GPL-2.0+.

Signed-off-by: Andrey Konovalov <andreyknvl@gmail.com>

---

I don't know whether such license change is possible and what it
requires.

Initially, when creating raw_gadget.c, I just copied GPL-2.0 from
somewhere as it didn't seem to matter. Recently, I was looking into
adding a license to a project that reuses both dummy_hcd.c and
raw_gadget.c, and I noticed the difference in licensing rules.

Hence this patch.
---
 drivers/usb/gadget/legacy/raw_gadget.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

On Sat, Dec 25, 2021 at 11:32:36PM +0100, andrey.konovalov@linux.dev wrote:
> From: Andrey Konovalov <andreyknvl@gmail.com>
> 
> Most of the USB gadget modules are licensed as GPL-2.0+. There is no
> reason not to allow using Raw Gadget code under a newer GPL version.
> 
> Change SPDX identifier from GPL-2.0 to GPL-2.0+.
> 
> Signed-off-by: Andrey Konovalov <andreyknvl@gmail.com>
> 
> ---
> 
> I don't know whether such license change is possible and what it
> requires.

It requires the copyright holder to agree to change the license, as well
as anyone who as contributed to it.  If you so desire to do this, please
work with them and get the lawyers for those entities to sign off on the
patch and I will be glad to take it.

thanks,

greg k-h

On Sun, Dec 26, 2021 at 9:08 AM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
>
> On Sat, Dec 25, 2021 at 11:32:36PM +0100, andrey.konovalov@linux.dev wrote:
> > From: Andrey Konovalov <andreyknvl@gmail.com>
> >
> > Most of the USB gadget modules are licensed as GPL-2.0+. There is no
> > reason not to allow using Raw Gadget code under a newer GPL version.
> >
> > Change SPDX identifier from GPL-2.0 to GPL-2.0+.
> >
> > Signed-off-by: Andrey Konovalov <andreyknvl@gmail.com>
> >
> > ---
> >
> > I don't know whether such license change is possible and what it
> > requires.
>
> It requires the copyright holder to agree to change the license, as well
> as anyone who as contributed to it.  If you so desire to do this, please
> work with them and get the lawyers for those entities to sign off on the
> patch and I will be glad to take it.

Ah, never mind this patch then. I don't care enough to bother with
this. I'm not even sure what the difference is, but having less
restrictions seems better.

I wonder if checkpatch could alert about considering GPL-2.0+ when
adding new files.

Thanks!

On Sun, 2021-12-26 at 14:19 +0100, Andrey Konovalov wrote:
> I wonder if checkpatch could alert about considering GPL-2.0+ when
> adding new files.

No. Licensing is up to the author/submitter.

One nit checkpatch could warn about is the use of MODULE_LICENSE("GPL v2")
rather than MODULE_LICENSE("GPL") as that's an unnecessary distinction.

See: https://lore.kernel.org/all/alpine.DEB.2.21.1901282105450.1669@nanos.tec.linutronix.de/

Given there are a several thousand existing uses of "GPL v2" in the
kernel, do this check only for new patches and not existing files.
---
 scripts/checkpatch.pl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index b01c36a15d9dd..5b00f1f491aff 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -7418,6 +7418,10 @@ sub process {
 				WARN("MODULE_LICENSE",
 				     "unknown module license " . $extracted_string . "\n" . $herecurr);
 			}
+			if (!$file && $extracted_string eq '"GPL v2"') {
+				WARN("MODULE_LICENSE",
+				     "Prefer \"GPL\" over \"GPL v2\" - see: https://lore.kernel.org/all/alpine.DEB.2.21.1901282105450.1669\@nanos.tec.linutronix.de/\n" . $herecurr);
+			}
 		}
 
 # check for sysctl duplicate constants

On Sun, Dec 26, 2021 at 3:02 PM Joe Perches <joe@perches.com> wrote:
>
> On Sun, 2021-12-26 at 14:19 +0100, Andrey Konovalov wrote:
> > I wonder if checkpatch could alert about considering GPL-2.0+ when
> > adding new files.
>
> No. Licensing is up to the author/submitter.

You're right. However, knowingly choosing a license requires that the
author doesn't forget to look into the difference and understand it.

When I contributed this code, I didn't realize that GPL-2.0 and
GPL-2.0+ are different things. I was focused on the excitement of
contributing a new USB gadget driver.

What would have allowed my to not overlook this, is that if throughout
the _process_ of contributing a new module, something would _ask_ me:
"Is this really the license you want to use?".

Within my process of submitting kernel patches, that could have been
either checkpatch or an email bot.

I don't insist that this must be done by checkpatch; this could be
done by another entity. However, it would be nice to see this as an
explicit step of a standardized contribution process.

Thanks!

On Sun, Dec 26, 2021 at 03:50:43PM +0100, Andrey Konovalov wrote:
> On Sun, Dec 26, 2021 at 3:02 PM Joe Perches <joe@perches.com> wrote:
> >
> > On Sun, 2021-12-26 at 14:19 +0100, Andrey Konovalov wrote:
> > > I wonder if checkpatch could alert about considering GPL-2.0+ when
> > > adding new files.
> >
> > No. Licensing is up to the author/submitter.
> 
> You're right. However, knowingly choosing a license requires that the
> author doesn't forget to look into the difference and understand it.
> 
> When I contributed this code, I didn't realize that GPL-2.0 and
> GPL-2.0+ are different things. I was focused on the excitement of
> contributing a new USB gadget driver.
> 
> What would have allowed my to not overlook this, is that if throughout
> the _process_ of contributing a new module, something would _ask_ me:
> "Is this really the license you want to use?".

I normally try to do that when I see GPL-2.0+, sorry I didn't do that
this time.

But really, your open-source training at your employer should have
covered all of that.  If not, then something went wrong there :(

thanks,

greg k-h

On Sun, Dec 26, 2021 at 4:18 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
>
> On Sun, Dec 26, 2021 at 03:50:43PM +0100, Andrey Konovalov wrote:
> > On Sun, Dec 26, 2021 at 3:02 PM Joe Perches <joe@perches.com> wrote:
> > >
> > > On Sun, 2021-12-26 at 14:19 +0100, Andrey Konovalov wrote:
> > > > I wonder if checkpatch could alert about considering GPL-2.0+ when
> > > > adding new files.
> > >
> > > No. Licensing is up to the author/submitter.
> >
> > You're right. However, knowingly choosing a license requires that the
> > author doesn't forget to look into the difference and understand it.
> >
> > When I contributed this code, I didn't realize that GPL-2.0 and
> > GPL-2.0+ are different things. I was focused on the excitement of
> > contributing a new USB gadget driver.
> >
> > What would have allowed my to not overlook this, is that if throughout
> > the _process_ of contributing a new module, something would _ask_ me:
> > "Is this really the license you want to use?".
>
> I normally try to do that when I see GPL-2.0+, sorry I didn't do that
> this time.

Do you mean GPL-2.0+ or GPL-2.0? The code wasn't under GPL-2.0+, so
you would not have said anything, AFAIU.

Anyway, no worries. The only reason I sent the SPDX change was because
of noticing that the tag doesn't match most of the other drivers.

> But really, your open-source training at your employer should have
> covered all of that.  If not, then something went wrong there :(

This is a weird statement for the general case.

Employers' processes exist to cover their legal bases. They have
nothing to do with the processes to guide Linux kernel contributors.

Legally, you're right: contributing requires accepting the rules under
which the contribution happens. Which means that contributors need to
read and understand all of the licensing documents before sending
patches. And it's on them, if they forget to do this or make a
mistake.

This is, however, poor from a contributor experience perspective.
Especially for independent contributors, who don't have a legal team
approving each of their actions.

On Sun, Dec 26, 2021 at 04:46:04PM +0100, Andrey Konovalov wrote:
> On Sun, Dec 26, 2021 at 4:18 PM Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > On Sun, Dec 26, 2021 at 03:50:43PM +0100, Andrey Konovalov wrote:
> > > On Sun, Dec 26, 2021 at 3:02 PM Joe Perches <joe@perches.com> wrote:
> > > >
> > > > On Sun, 2021-12-26 at 14:19 +0100, Andrey Konovalov wrote:
> > > > > I wonder if checkpatch could alert about considering GPL-2.0+ when
> > > > > adding new files.
> > > >
> > > > No. Licensing is up to the author/submitter.
> > >
> > > You're right. However, knowingly choosing a license requires that the
> > > author doesn't forget to look into the difference and understand it.
> > >
> > > When I contributed this code, I didn't realize that GPL-2.0 and
> > > GPL-2.0+ are different things. I was focused on the excitement of
> > > contributing a new USB gadget driver.
> > >
> > > What would have allowed my to not overlook this, is that if throughout
> > > the _process_ of contributing a new module, something would _ask_ me:
> > > "Is this really the license you want to use?".
> >
> > I normally try to do that when I see GPL-2.0+, sorry I didn't do that
> > this time.
> 
> Do you mean GPL-2.0+ or GPL-2.0? The code wasn't under GPL-2.0+, so
> you would not have said anything, AFAIU.

Ah, right, good, I didn't mess up then :)

> > But really, your open-source training at your employer should have
> > covered all of that.  If not, then something went wrong there :(
> 
> This is a weird statement for the general case.
> 
> Employers' processes exist to cover their legal bases. They have
> nothing to do with the processes to guide Linux kernel contributors.

Employers _BETTER_ be giving their developers who contribute to open
source projects basic legal training in licenses, copyrights, and other
related things.  If not they are very derelict in their duties.  I had
my first such training way back in 2001 or so, this is something that
most companies have been doing for decades and is nothing new.  Every
company I have worked at since has always had something like this in
place.

I would argue that any company that did NOT do this is not covering
their legal bases well at all, and that's a huge failure on their part.

Heck, the Linux Foundation even provides free training material for this
type of thing, online, if companies don't want to do it themselves.  I
recommend everyone at least glancing at this if they have to do any open
source work:
	https://training.linuxfoundation.org/training/open-source-licensing-basics-for-software-developers/

> Legally, you're right: contributing requires accepting the rules under
> which the contribution happens. Which means that contributors need to
> read and understand all of the licensing documents before sending
> patches. And it's on them, if they forget to do this or make a
> mistake.

That's what you agree with with the "Signed-off-by:" line that you added
to your patch.  You did read the Developer's Certificate of Origin (DCO)
that decribes this in our documentation, right?  The DCO is very simple
and should be easy to understand.

> This is, however, poor from a contributor experience perspective.
> Especially for independent contributors, who don't have a legal team
> approving each of their actions.

See the free course information above for what is there for independent
contributors if they are interested in it.

thanks,

greg k-h