Conservancy/website
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'update-faq-to-esxi-6' of https://k.sfconservancy.org/website-denver

Browse source
This commit is contained in:
Bradley M. Kuhn 2019-10-07 16:47:49 -07:00
commit 5c01d8b1e5
1 changed files with 49 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

95
www/conservancy/static/copyleft-compliance/vmware-lawsuit-faq.html
View file

@ -179,7 +179,7 @@
component in ESXi that the lawsuit alleges violates the GPL?</dt> component in ESXi that the lawsuit alleges violates the GPL?</dt>
<dd> <dd>
<p>The GPL violation at issue involves VMware's ESXi product. <p>The GPL violation at issue involves VMware's ESXi product.
Conservancy independently reviewed ESXi 5.5 and its incomplete Conservancy independently reviewed ESXi and its incomplete
<abbr title="complete, corresponding source">CCS</abbr> <abbr title="complete, corresponding source">CCS</abbr>
release as part of our GPL enforcement efforts described above.</p> release as part of our GPL enforcement efforts described above.</p>
@ -243,12 +243,12 @@ Code, and for which (at least some) source code is provided.
good, since the court documents discuss the specifics of alleged good, since the court documents discuss the specifics of alleged
infringement on Hellwig's copyrights.</p> infringement on Hellwig's copyrights.</p>
<p>However, Conservancy examined VMware's ESXi 5.5 product in detail <p>However, Conservancy examined VMware's ESXi product in detail
even before Hellwig's enforcement action began. Below is one example even before Hellwig's enforcement action began. Below is one example
among many where VMware's CCS was incomplete per GPLv2&sect;2(c) and among many where VMware's CCS was incomplete per GPLv2&sect;2(c) and
GPLv2&sect;3(a). (One can verify these results by GPLv2&sect;3(a). (One can verify these results by
<a href="#verify">downloading and installing the binary and source <a href="#verify">downloading and installing the binary and source
packages for VMware's ESXi 5.5 Update 2</a>.) Note that this packages for VMware's ESXi 6.0</a>.) Note that this
example below is not necessarily regarding example below is not necessarily regarding
Hellwig's copyrights; VMware incorporated Linux code copyrighted by Hellwig's copyrights; VMware incorporated Linux code copyrighted by
many others as well into their kernel.</p> many others as well into their kernel.</p>
@ -257,7 +257,7 @@ Code, and for which (at least some) source code is provided.
<p>Our example begins with examination of the file <p>Our example begins with examination of the file
called <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>, called <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>,
which can be found in the &ldquo;Open Source&rdquo; release for which can be found in the &ldquo;Open Source&rdquo; release for
ESXi 5.5.0 Update 2 (5.5U2). A small excerpt from that file, found in the ESXi 6.0. A small excerpt from that file, found in the
function <code>LinuxPCIDeviceRemoved()</code>, reads as follows:</p> function <code>LinuxPCIDeviceRemoved()</code>, reads as follows:</p>
<pre> <pre>
@ -279,8 +279,8 @@ LinuxPCIDeviceRemoved(vmk_PCIDevice vmkDev)
vmkDevName[0] = 0; vmkDevName[0] = 0;
} }
[...] [...]
VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID, VMKAPI_MODULE_CALL_VOID(pciDevExt-&gt;moduleID,
linuxDev->driver->remove, linuxDev-&gt;driver-&gt;remove,
linuxDev); linuxDev);
</pre> </pre>
@ -288,8 +288,8 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
<p>The function, <code>vmk_PCIGetDeviceName()</code> must be defined, with an <p>The function, <code>vmk_PCIGetDeviceName()</code> must be defined, with an
implementation, for this code above to work, or even compile. implementation, for this code above to work, or even compile.
Inside <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code>, Inside <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/hardware/vmkapi_pci_incompat.h</code>,
found in the <code>vmkdrivers</code> package of ESXi 5.5U2, shows a found in the <code>vmkdrivers</code> package of ESXi 6.0, shows a
function header definition for <code>vmk_PCIGetDeviceName()</code>. function header definition for <code>vmk_PCIGetDeviceName()</code>.
However, the source of its implementation is not provided there or However, the source of its implementation is not provided there or
anywhere in the source release.</p> anywhere in the source release.</p>
@ -309,10 +309,10 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
</p> </p>
<pre> <pre>
00000000000327ff R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc 0000000000032db3 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
0000000000035318 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc 00000000000333ea R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
00000000000387e1 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc 0000000000036644 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
000000000003cf40 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc 000000000003986a R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
</pre> </pre>
<p>The above two properties both suggest that the <code>vmklinux_9</code> <p>The above two properties both suggest that the <code>vmklinux_9</code>
@ -321,9 +321,9 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
inside <code>vmklinux_9</code> itself.</p> inside <code>vmklinux_9</code> itself.</p>
<p>The definition can however be found in binary-only software provided in <p>The definition can however be found in binary-only software provided in
ESXi 5.5U2 &mdash; specifically, inside a file named <code>k.b00</code>, ESXi 6.0 &mdash; specifically, inside a file named <code>k.b00</code>,
which is located in partition 5 on a disk where ESXi has been installed (or which is located in partition 5 on a disk where ESXi has been installed (or
in the ESXi 5.5U2 installer ISO image). Running <code>file</code> in the ESXi 6.0 installer ISO image). Running <code>file</code>
after <code>gunzip</code> on this file yields &ldquo;ELF 64-bit LSB shared after <code>gunzip</code> on this file yields &ldquo;ELF 64-bit LSB shared
object&rdquo;. Meanwhile, <code>file k.b00</code> reports &ldquo;gzip object&rdquo;. Meanwhile, <code>file k.b00</code> reports &ldquo;gzip
compressed data, was &lsquo;vmvisor64-vmkernel.stripped&rsquo;&rdquo;. compressed data, was &lsquo;vmvisor64-vmkernel.stripped&rsquo;&rdquo;.
@ -332,7 +332,7 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
&ldquo;SYMBOL TABLE&rdquo; section:</p> &ldquo;SYMBOL TABLE&rdquo; section:</p>
<pre> <pre>
000041800036a408 g F .text 0000000000000137 vmk_PCIGetDeviceName 000041800033193c g F .text 000000000000012e vmk_PCIGetDeviceName
</pre> </pre>
<p>&hellip; which indicated these binary file contains the function body <p>&hellip; which indicated these binary file contains the function body
@ -358,25 +358,27 @@ for <code>vmk_PCIGetDeviceName</code>.</p>
<pre> <pre>
struct pci_dev { struct pci_dev {
[...]
struct pci_driver *driver; /* which driver has allocated this device */
[...]
truct pci_driver {
char *name;
[...]
void (*remove) (struct pci_dev *dev); /* Device removed (NULL if not a hot-plug capable driver) */
[...] [...]
#if defined(__VMKLNX__) #if defined(__VMKLNX__)
/* 2008: Update from Linux source */ /* 2008: Update from Linux source */
u8 revision; /* PCI revision, low byte of class word */ u8 revision; /* PCI revision, low byte of class word */
#endif /* defined(__VMKLNX__) */ #endif /* defined(__VMKLNX__) */
[...]
struct pci_driver *driver; /* which driver has allocated this device */
[...]
struct pci_driver {
struct list_head node;
char *name;
[...]
void (*remove) (struct pci_dev *dev); /* Device removed (NULL if not a hot-plug capable driver) */
[...]
}; };
</pre> </pre>
<p>These structures, and based on those from Linux itself <p>These structures, and based on those from Linux itself
(<a href="http://lxr.free-electrons.com/source/include/linux/pci.h?v=2.6.24">a (<a href="http://lxr.free-electrons.com/source/include/linux/pci.h?v=2.6.24">a
similar version of this file can be seen in Linux 2.6.24</a>), and as can similar version of this file can be seen in Linux 2.6.24</a>), and as can
be seen above, have been modified to work with &ldquo;vmkernel&rdquo;</p> be seen above, have been modified to work with &ldquo;vmkernel&rdquo;.</p>
<p>In <code>LinuxPCIDeviceRemoved()</code>, we saw a macro called with a <p>In <code>LinuxPCIDeviceRemoved()</code>, we saw a macro called with a
variable, <code>linuxDev</code> which was of type <code>struct pci</code>. variable, <code>linuxDev</code> which was of type <code>struct pci</code>.
@ -387,7 +389,7 @@ truct pci_driver {
<h4><code>VMKAPI_MODULE_CALL_VOID</code> macro calls driver's code</h4> <h4><code>VMKAPI_MODULE_CALL_VOID</code> macro calls driver's code</h4>
<p>The <p>The
file <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/base/vmkapi_module.h</code> file <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/base/vmkapi_module.h</code>
contains the macro definition of <code>VMKAPI_MODULE_CALL_VOID</code>, contains the macro definition of <code>VMKAPI_MODULE_CALL_VOID</code>,
which is quoted below (with debug lines removed): which is quoted below (with debug lines removed):
<pre> <pre>
@ -402,8 +404,8 @@ do { \
</pre> </pre>
<p>When the macro is expanded, it means that <code>(function)(args)</code> is <p>When the macro is expanded, it means that <code>(function)(args)</code> is
actually expanded to <code>linuxDev->driver->remove(linuxDev)</code>. actually expanded to <code>linuxDev-&gt;driver-&gt;remove(linuxDev)</code>.
Therefore, we see <code>LinuxPCIDeviceRemoved()</code>, makes directs calls Therefore, we see <code>LinuxPCIDeviceRemoved()</code> makes directs calls
to a driver's remove() function, by combining with Linux's <code>struct to a driver's remove() function, by combining with Linux's <code>struct
pci</code>, and by VMware's introduction of this new calling code. pci</code>, and by VMware's introduction of this new calling code.
Conservancy has confirmed many drivers from Linux are incorporated via Conservancy has confirmed many drivers from Linux are incorporated via
@ -423,8 +425,8 @@ static struct pci_driver tg3_driver = {
</pre> </pre>
<p>Therefore, when the code in <code>LinuxPCIDeviceRemoved()</code> <p>Therefore, when the code in <code>LinuxPCIDeviceRemoved()</code>
calls <code>linuxDev->driver->remove(linuxDev)</code>, the code ultimately calls <code>linuxDev-&gt;driver-&gt;remove(linuxDev)</code>, the code
called (in the case where a tg3 card is driven by the kernel) ultimately called (in the case where a tg3 card is driven by the kernel)
is <code>tg3_remove_one()</code>, which is found in <code>tg3.c</code> and is <code>tg3_remove_one()</code>, which is found in <code>tg3.c</code> and
comes directly from Linux.</p> comes directly from Linux.</p>
@ -435,11 +437,11 @@ static struct pci_driver tg3_driver = {
<h4>VMware distribution of binary version of <code>tg3.c</code></h4> <h4>VMware distribution of binary version of <code>tg3.c</code></h4>
<p>VMware furthermore distributes a modified version of <code>tg.c</code> in <p>VMware furthermore distributes a modified version of <code>tg3.c</code> in
binary form. This can be found in <code>usr/lib/vmware/vmkmod/tg3</code>, binary form. This can be found in <code>usr/lib/vmware/vmkmod/tg3</code>,
which is extracted by un-vmtar'ing the file <code>net_tg3.v00</code> (found which is extracted by un-vmtar'ing the file <code>net_tg3.v00</code> (found
on the ESXi 5.5U2 installer ISO image). Conservancy has confirmed that on the ESXi 6.0 installer ISO image). Conservancy has confirmed that
file is a compiled version of <code>tg3.c</code></p> file is a compiled version of <code>tg3.c</code>.</p>
<h4>Conclusions</h4> <h4>Conclusions</h4>
@ -472,7 +474,8 @@ static struct pci_driver tg3_driver = {
</ul> </ul>
<p>The above is but one piece of evidence among many, but hopefully it helps <p>The above is but one piece of evidence among many, but hopefully it helps
to explain some of the &ldquo;combined work&rdquo; violations found in to explain some of the &ldquo;combined work&rdquo; violations found in
VMware's ESXi product.</p> VMware's ESXi product. Conservancy did a similar analysis for ESXi 5.0
as well as ESXi 5.5 Update 2 and found nearly identical results.</p>
<dt id="verify">How can I verify Conservancy's technical findings above?</dt> <dt id="verify">How can I verify Conservancy's technical findings above?</dt>
@ -490,20 +493,20 @@ previously-mentioned <code>linux_pci.c</code>,
these steps (no login is required):</p> these steps (no login is required):</p>
<ol> <ol>
<li>Visit <a href="https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353">https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353</a>.</li> <li>Visit <a href="https://my.vmware.com/web/vmware/details?downloadGroup=ESXI600_OSS&productId=491">https://my.vmware.com/web/vmware/details?downloadGroup=ESXI600_OSS&productId=491</a>.</li>
<li>Click the &ldquo;Download&rdquo; button beside the text that reads <li>Click the &ldquo;Download&rdquo; button beside the text that reads
&ldquo;Open Source Code for VMware vSphere ESXi 5.5 Update 2&rdquo;.</li> &ldquo;Open source software accompanying ESXi&rdquo;.</li>
<li>Confirm that the SHA-1 hash matches the published one <li>Confirm that the SHA-1 hash matches the published one
(d121634668a137ec808b63679fd941cef9a59715), found under &ldquo;Read (35811b981470abe8b606d8a7a97c9795ce570597), found under &ldquo;Read
More&rdquo; on that web page.</li> More&rdquo; on that web page.</li>
<li>Mount (or otherwise open) the <li>Mount (or otherwise open) the
downloaded <code>VMware-ESX-550U2-ODP.iso</code>.</li> downloaded <code>VMware-ESXI-600-ODP.iso</code>.</li>
<li>Extract <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code> <li>Extract <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>
and <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code> and <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/hardware/vmkapi_pci_incompat.h</code>
from <code>vmkdrivers-gpl/vmkdrivers-gpl.tgz</code> with tar and gzip.</li> from <code>vmkdrivers-gpl/vmkdrivers-gpl.tgz</code> with tar and gzip.</li>
<li>Generate <code>vmklinux_9</code> by following the steps <li>Generate <code>vmklinux_9</code> by following the steps
@ -511,11 +514,11 @@ previously-mentioned <code>linux_pci.c</code>,
(Note: <code>vmklinux_9</code> is also available pre-built on a running (Note: <code>vmklinux_9</code> is also available pre-built on a running
ESXi system; <a href="#vmklinux">see below for instructions on how to access it</a>).</li> ESXi system; <a href="#vmklinux">see below for instructions on how to access it</a>).</li>
<li>You may need the &ldquo;Supporting Toolchain packages for VMware <li>You may need the &ldquo;Open source software disclosure package for
vSphere ESXi 5.5.0 Update 2&rdquo; file from the above download page to toolchain&rdquo; file from the above download page to
complete the build &mdash; upon downloading you will find it is named complete the build &mdash; upon downloading you will find it is named
<code>VMware-TOOLCHAIN-550u2-ODP.iso</code> and has a SHA-1 hash of <code>VMware-TOOLCHAIN-600-ODP.iso</code> and has a SHA-1 hash of
f679e81ffb2f92729917bbc64c2d541cf75b5b94.</li> 9a68df4cbeb645c25002a02f11b1923f98d3d5b5.</li>
</ol> </ol>
@ -527,7 +530,7 @@ previously-mentioned <code>linux_pci.c</code>,
<li>Click the &ldquo;Activate Now&rdquo; link in the follow-up email. Enter <li>Click the &ldquo;Activate Now&rdquo; link in the follow-up email. Enter
the password used at registration time. Click &ldquo;Continue&rdquo;.</li> the password used at registration time. Click &ldquo;Continue&rdquo;.</li>
<li>Visit <a href="https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5">https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5</a>.</li> <li>Visit <a href="https://my.vmware.com/web/vmware/evalcenter?p=free-esxi6">https://my.vmware.com/web/vmware/evalcenter?p=free-esxi6</a>.</li>
<li>Click &ldquo;Register&rdquo; (under the text that reads &ldquo;You have <li>Click &ldquo;Register&rdquo; (under the text that reads &ldquo;You have
not registered for this product&rdquo;).</li> not registered for this product&rdquo;).</li>
@ -535,16 +538,16 @@ previously-mentioned <code>linux_pci.c</code>,
<li>Enter the number of servers you plan to install on (e.g., 1). Click <li>Enter the number of servers you plan to install on (e.g., 1). Click
&ldquo;Continue&rdquo;.</li> &ldquo;Continue&rdquo;.</li>
<li>If the &ldquo;VMware vSphere Hypervisor 5.5 Update 2 &ndash; <li>If the &ldquo;VMware vSphere Hypervisor 6.0 &ndash;
Binaries&rdquo; section is not expanded, click the plus sign next to it.</li> Binaries&rdquo; section is not expanded, click the plus sign next to it.</li>
<li>Click the &ldquo;Manually Download&rdquo; link that's beside &ldquo;ESXi <li>Click the &ldquo;Manually Download&rdquo; link that's beside &ldquo;ESXi
5.5 Update 2 ISO image (Includes VMware Tools)&rdquo;.</li> ISO image (Includes VMware Tools)&rdquo;.</li>
<li>Confirm that the SHA-1 hash matches the published one (9475938b51cafc86c8b17d09f2493cb6b4fae927).</li> <li>Confirm that the SHA-1 hash matches the published one (a38a9d37ea529329338de049679c1dd1687d3860).</li>
<li>Mount (or open via some other means) the <li>Mount (or open via some other means) the
downloaded <code>VMware-VMvisor-Installer-5.5.0.update02-2068190.x86_64.iso</code>.</li> downloaded <code>VMware-VMvisor-Installer-6.0.0-2494585.x86_64.iso</code>.</li>
<li>Find the <code>k.b00</code> file in the root directory. Extract it <li>Find the <code>k.b00</code> file in the root directory. Extract it
using <code>zcat k.b00 &gt; vmvisor64-vmkernel</code> (or a similar command). using <code>zcat k.b00 &gt; vmvisor64-vmkernel</code> (or a similar command).