688 lines
36 KiB
HTML
688 lines
36 KiB
HTML
{% extends "base_compliance.html" %}
|
|
{% block subtitle %}Copyleft Compliance Projects - {% endblock %}
|
|
{% block submenuselection %}VMwareLawsuitFAQ{% endblock %}
|
|
{% block content %}
|
|
<h1>Frequently Asked Questions about Christoph Hellwig's VMware Lawsuit</h1>
|
|
|
|
<p><strong>Update 2019-04-02:</strong> Please
|
|
see <a href="https://sfconservancy.org/news/2019/apr/02/vmware-no-appeal/">this
|
|
announcement regarding conclusion of the VMware suit in Germany</a>. Since the suit has
|
|
concluded, any funds you donate here will support our ongoing compliance efforts. The
|
|
remaining material below is left as it was before that announcement:</p>
|
|
|
|
|
|
<p>Conservancy maintains this
|
|
<abbr title="Frequently Asked Questions">FAQ</abbr> list regarding
|
|
<a href="/news/2015/mar/05/vmware-lawsuit/">Christoph Hellwig's lawsuit against VMware
|
|
in Germany over alleged GPL violations on Linux</a> as a service to the
|
|
Free Software community, and in particular, the copyleft community. Conservancy
|
|
realizes this lawsuit generates many questions and interest
|
|
from the community. Legal counsel (both Conservancy's own, and
|
|
Christoph's lawyer, Till Jaeger) correctly advise us to limit our public
|
|
comments regarding specific details of the case while litigation remains
|
|
pending in court. Nevertheless, Conservancy, as a
|
|
non-profit charity serving the public good, seeks to be as transparent as
|
|
possible. If you have additional questions you'd like to see answered
|
|
here, please <a href="mailto:info@sfconservancy.org">email
|
|
<info@sfconservancy.org></a>, but understand that we may often need
|
|
to answer: <q>We cannot comment on this while litigation is pending</q>.</p>
|
|
|
|
<dl>
|
|
<dt>Who is the Plaintiff in the lawsuit?</dt>
|
|
|
|
<dd>Christoph is one of most active developers of the Linux kernel. He has
|
|
contributed 279,653 lines of code to the latest Linux 3.19 kernel, and
|
|
thus ranks 20th among the 1,340 developers involved in that release.
|
|
Christoph also ranks 4th among those who have reviewed third-party source
|
|
code, and he has tirelessly corrected and commented on other developers'
|
|
contributions.</dd>
|
|
|
|
<dt id="court-documents">Are the court documents released?</dt>
|
|
|
|
<dd>Not currently. Court proceedings are not public by default in Germany
|
|
(unlike in the USA). Conservancy will continue to update this FAQ with
|
|
information that Conservancy knows about the case. We would all also
|
|
welcome an agreement with VMware whereby both sides would agree to publish
|
|
all Court documents. Unfortunately, VMware has explicitly asked for the
|
|
filings not to be published. Accordingly, Conservancy itself has not
|
|
even been able to review VMware's statement of defense nor Christoph's
|
|
response to that statement of defense.</dd>
|
|
|
|
<dt id="funding">Who's funding this lawsuit?</dt>
|
|
|
|
<dd>Conservancy has engaged in a grant agreement with Christoph Hellwig for
|
|
the purposes of pursuing this specific legal action in Germany.
|
|
Conservancy is funding this legal action specifically as part of
|
|
Conservancy's program activity in
|
|
its <a href="/copyleft-compliance/about.html">GPL Compliance
|
|
Project for Linux Developers</a>.</dd>
|
|
|
|
<dt id="combined-and-derivative-works">Is this the Great Test Case of Combined / Derivative Works?</dt>
|
|
|
|
<dd>This case is specifically regarding a combined work that VMware
|
|
allegedly created by combining their own code (“vmkernel”) with
|
|
portions of Linux's code, which was licensed only under GPLv2. As such,
|
|
this, to our knowledge, marks the first time an enforcement case is
|
|
exclusively focused on this type of legal question relating to GPL.
|
|
However, there are so many different ways to make combined and/or
|
|
derivative works that are covered by GPL that no single case could possibly
|
|
include all such issues. </dd>
|
|
|
|
<dt id="why-lawsuit">Why must you file a lawsuit? Isn't there any other way to convince
|
|
VMware to comply with GPL?</dt>
|
|
|
|
<dd><p>Neither Conservancy nor Christoph takes this action lightly nor without
|
|
exhausting every other possible alternative first. This lawsuit is the
|
|
outgrowth of years of effort to convince VMware to comply with GPL.</p>
|
|
|
|
<p>In October 2011, Conservancy received a GPL violation report on
|
|
BusyBox for VMware's ESXi products. Conservancy opened the matter in its
|
|
usual, friendly, and non-confrontational way. Nevertheless, VMware
|
|
immediately referred Conservancy to VMware's outside legal counsel in the
|
|
USA, and Conservancy negotiated with VMware's legal counsel throughout
|
|
late 2011, 2012 and 2013. We exchanged and reviewed
|
|
<a title="Complete, Corresponding Source" href="https://copyleft.org/guide/comprehensive-gpl-guidech6.html#x9-470005.2.1">CCS</a> candidates, and
|
|
admittedly, VMware made substantial and good efforts toward compliance on
|
|
BusyBox. However, VMware still refused to fix a few minor and one major
|
|
compliance problem that we discovered during the process. Namely, there
|
|
was a major violation regarding Linux itself that ultimately became
|
|
Christoph's key complaint in this lawsuit.</p>
|
|
|
|
<p>Meanwhile, when Conservancy realized in late 2012 there might be a major
|
|
Linux violation still present in VMware's ESXi products, Conservancy
|
|
representatives sought every industry contact we had for assistance,
|
|
including those from trade associations, companies (both competitors and
|
|
collaborators with VMware), and everyone else we could think of who might be
|
|
able to help us proceed with friendly negotiations that would achieve
|
|
compliance. While we cannot name publicly the people we asked for help
|
|
to convince VMware to comply, they include some of the most notable
|
|
executives, diplomats, and engineering managers in the Linux community. No
|
|
one was able to assist Conservancy in convincing VMware to comply with the
|
|
GPL. Then, in early 2014, VMware's outside legal counsel in the USA finally
|
|
took a clear and hard line with Conservancy stating that they would not
|
|
comply with the GPL on Linux and argued (in our view, incorrectly) that they
|
|
were already in compliance.</p>
|
|
|
|
<p>Conservancy in parallel informed Christoph fully of the details of the
|
|
Linux violation on Christoph's copyrights, and based on Conservancy's
|
|
findings, Christoph began his own investigation and confirmed
|
|
Conservancy's compliance conclusions. Christoph then began his own
|
|
enforcement effort with legal representation from Till Jaeger. Christoph has
|
|
been unable to achieve compliance, either, through his negotiations in
|
|
2014. VMware's last offer was a proposal for a settlement agreement that VMware would
|
|
only provide if Christoph signed an NDA, and Christoph chose (quite
|
|
reasonably) not to sign an NDA merely to look at the settlement offer.</p>
|
|
|
|
<p>Thus, this lawsuit comes after years of negotiations by Conservancy to
|
|
achieve compliance — negotiations that ended in an outright refusal by
|
|
VMware's lawyers to comply. Those events were then followed by a year of
|
|
work by Christoph and Till to achieve compliance in a separate action.</p>
|
|
|
|
<p>Simply put, Conservancy and Christoph fully exhausted every possible
|
|
non-litigation strategy and tactic to convince VMware to do the right thing
|
|
before filing this litigation.</p>
|
|
</dd>
|
|
|
|
<dt>What are VMware's primary defenses for their alleged copyright
|
|
infringement?</dt>
|
|
|
|
<dd>With the guidance of counsel, Christoph was able to provide Conservancy
|
|
with a high-level summary of VMware's statement of defense, which we share
|
|
in this FAQ. Specifically, VMware's statement of defense primarily focuses
|
|
on two issues. First, VMware questions Christoph's copyright interest in
|
|
the Linux kernel and his right to bring this action. Second, VMware claims
|
|
vmklinux is an “interoperability module” which communicates
|
|
through a stable interface called VMK API.</dd>
|
|
|
|
<dt>How did Christoph respond to VMware's statement of defense?</dt>
|
|
|
|
<dd>Christoph's response discusses his extensive contributions to the Linux
|
|
kernel and disputes the technical merits of VMware's assertions. The
|
|
response points out that vmklinux is <strong>not</strong> an
|
|
interoperability module, but rather an arbitrary separation of the Linux
|
|
derived module from vmkernel. Specifically, vmklinux is nonfunctional
|
|
with any non-ESX OS, and vmklinux is tied intimately to a specific version
|
|
of ESXi. Vmklinux does not allow reuse of unmodified Linux drivers in
|
|
binary or source form. Christoph further points out that if the Court
|
|
allows proprietarization of an arbitrary split portion of GPL'd computer
|
|
programs, it could allow redistributors to trivially bypass the strong
|
|
copyleft terms found in the GPL. Finally, the response explains that
|
|
vmkernel and vmklinux don't “communicate over an interface”,
|
|
rather they run in the same process as a single computer program. Thus,
|
|
VMK API, as used by vmklinux, is not an “interface” as set
|
|
forth in
|
|
the <a href="http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32009L0024&from=EN">EU
|
|
Directive 2009/24/EC</a>.</dd>
|
|
|
|
<dt id="tech">Can you explain further how VMware incorporated code from Linux into
|
|
their kernel?</dt>
|
|
|
|
<dd>
|
|
<p id="diagram">
|
|
Conservancy prepared this diagram to show the technical situation as we
|
|
understand it. The diagram compares the technical architecture of a full,
|
|
running Linux kernel with a full, running VMware kernel:
|
|
<p>
|
|
<a href="/copyleft-compliance/linux-vs-vmkernel_en.png">
|
|
<img class="inside-faq" alt="[Diagram of Linux and VMware running kernels]" src="/copyleft-compliance/linux-vs-vmkernel_en_scaled.png" /></a>
|
|
</p>
|
|
|
|
<p>If you want to download the diagram, it's available
|
|
in <a href="/copyleft-compliance/linux-vs-vmkernel_en.svg">SVG
|
|
(English)</a>, <a href="/copyleft-compliance/linux-vs-vmkernel_en.png">PNG
|
|
(English)</a>, <a href="/copyleft-compliance/linux-vs-vmkernel_de.svg">SVG
|
|
(German)</a>, and <a href="/copyleft-compliance/linux-vs-vmkernel_de.png">PNG
|
|
(German)</a>.</p>
|
|
</dd>
|
|
|
|
<dt>Can you explain further in words (rather than a picture) about the central
|
|
component in ESXi that the lawsuit alleges violates the GPL?</dt>
|
|
<dd>
|
|
<p>The GPL violation at issue involves VMware's ESXi product.
|
|
Conservancy independently reviewed ESXi 5.5 and its incomplete
|
|
<abbr title="complete, corresponding source">CCS</abbr>
|
|
release as part of our GPL enforcement efforts described above.</p>
|
|
|
|
<p>Conservancy's preliminary investigation indicated that the operating
|
|
system kernel of VMware ESXi product consists of three key components:
|
|
<ul>
|
|
<li> the proprietary component “vmkernel”, which is
|
|
released in binary form only,</li>
|
|
<li>the kernel module “vmklinux”, which contains modified Linux
|
|
Code, and for which (at least some) source code is provided.
|
|
<li>other kernel modules with device drivers, most of which are
|
|
modified Linux drivers, and for which (at least some) source code
|
|
is provided.</li>
|
|
</ul>
|
|
|
|
<p>Conservancy examined the incomplete CCS alongside the
|
|
binary “vmkernel” component. Such examination indicates that functions
|
|
in “vmkernel” do make function calls to Linux's kernel code
|
|
in the usual way for a single program written in C.</p></dd>
|
|
|
|
<dt>Doesn't VMware's “shim layer” insulate them from GPL
|
|
obligations and allow them to keep certain code in their kernel
|
|
proprietary?</dt>
|
|
|
|
<dd>
|
|
<p>Many in the media have talked about the possibility that VMware might
|
|
use some so-called “shim layer” between Linux code and
|
|
VMware's proprietary code. While, for decades, there has been much talk of
|
|
various mechanisms of GPL obligation avoidance, Conservancy believes that
|
|
merely modifying technical details of a combination's construction
|
|
does not typically influence the legal analysis in a combined or
|
|
derivative work scenario.</p>
|
|
|
|
<p>Furthermore, the technical details of VMware's alleged GPL violation
|
|
do not even mirror the typical scenarios that have usually been called
|
|
“shim layers”. Conservancy's analysis of VMware's ESXi
|
|
product, in fact, indicates that VMware rather flagrantly combined Linux
|
|
code in their own kernel, and evidence seems to indicate the work as a
|
|
whole was developed by modifying Linux code in tandem with
|
|
modifications to “vmkernel” in a tightly coupled manner.</p>
|
|
</dd>
|
|
<dt id="shim-meaningless">Is Conservancy proposing a “shim
|
|
layer” as a viable solution for GPL compliance?</dt>
|
|
|
|
<dd>No, in fact, as we say above, Conservancy doesn't think the phrase
|
|
“shim layer” has any meaning, despite regular use of that
|
|
phrase in the media. Conservancy generally doubts there is any
|
|
technological manipulation that changes the outcome of a
|
|
combined/derivative work analysis.</dd>
|
|
|
|
<dt id="example">Can you give a <em>specific</em> example, with code, showing how
|
|
VMware combined Linux source code with their binary-only components?</dt>
|
|
|
|
<dd><p>There are numerous examples available that show this. The
|
|
details of alleged infringement specifically relating to Hellwig's
|
|
contributions to Linux are of course the main matter of the
|
|
allegations in the litigation, and Conservancy
|
|
released <a href="#diagram">the diagram above</a> to exemplify that
|
|
issue. Conservancy continues to <a href="#court-documents">hope VMware will
|
|
agree to make public all court documents</a> as a matter of public
|
|
good, since the court documents discuss the specifics of alleged
|
|
infringement on Hellwig's copyrights.</p>
|
|
|
|
<p>However, Conservancy examined VMware's ESXi 5.5 product in detail
|
|
even before Hellwig's enforcement action began. Below is one example
|
|
among many where VMware's CCS was incomplete per GPLv2§2(c) and
|
|
GPLv2§3(a). (One can verify these results by
|
|
<a href="#verify">downloading and installing the binary and source
|
|
packages for VMware's ESXi 5.5 Update 2</a>.) Note that this
|
|
example below is not necessarily regarding
|
|
Hellwig's copyrights; VMware incorporated Linux code copyrighted by
|
|
many others as well into their kernel.</p>
|
|
|
|
<h3>Example of “vmkernel”'s combination with Linux code</h3>
|
|
<p>Our example begins with examination of the file
|
|
called <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>,
|
|
which can be found in the “Open Source” release for
|
|
ESXi 5.5.0 Update 2 (5.5U2). A small excerpt from that file, found in the
|
|
function <code>LinuxPCIDeviceRemoved()</code>, reads as follows:</p>
|
|
|
|
<pre>
|
|
#include <linux/pci.h>
|
|
[...]
|
|
/*
|
|
* This function [...] is modelled after pci_remove_device, the function which would
|
|
* be called in a linux system.
|
|
*/
|
|
static void
|
|
LinuxPCIDeviceRemoved(vmk_PCIDevice vmkDev)
|
|
{
|
|
LinuxPCIDevExt *pciDevExt;
|
|
struct pci_dev *linuxDev;
|
|
[...]
|
|
if (unlikely(
|
|
vmk_PCIGetDeviceName(vmkDev, vmkDevName, sizeof(vmkDevName)-1) != VMK_OK))
|
|
{
|
|
vmkDevName[0] = 0;
|
|
}
|
|
[...]
|
|
VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
|
|
linuxDev->driver->remove,
|
|
linuxDev);
|
|
</pre>
|
|
|
|
<h4>Combination of “vmkernel” code with “vmkdrivers”</h4>
|
|
|
|
<p>The function, <code>vmk_PCIGetDeviceName()</code> must be defined, with an
|
|
implementation, for this code above to work, or even compile.
|
|
Inside <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code>,
|
|
found in the <code>vmkdrivers</code> package of ESXi 5.5U2, shows a
|
|
function header definition for <code>vmk_PCIGetDeviceName()</code>.
|
|
However, the source of its implementation is not provided there or
|
|
anywhere in the source release.</p>
|
|
|
|
<p>Further evidence that the implementation of this function occurs elsewhere
|
|
can by found by running <code>objdump -x</code> on the un-vmtar'ed
|
|
<code>vmklinux_9</code> module. Note the following output in the “SYMBOL
|
|
TABLE” section:</p>
|
|
|
|
<pre>
|
|
0000000000000000 *UND* 0000000000000000 vmk_PCIGetDeviceName
|
|
</pre>
|
|
|
|
<p>
|
|
…and the following lines found in the “RELOCATION RECORDS FOR
|
|
[.text]” section:
|
|
</p>
|
|
|
|
<pre>
|
|
00000000000327ff R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
|
|
0000000000035318 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
|
|
00000000000387e1 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
|
|
000000000003cf40 R_X86_64_PC32 vmk_PCIGetDeviceName+0xfffffffffffffffc
|
|
</pre>
|
|
|
|
<p>The above two properties both suggest that the <code>vmklinux_9</code>
|
|
module requires: (a) a definition of the <code>vmk_PCIGetDeviceName()</code>
|
|
function to operate, but (b) that function is not defined
|
|
inside <code>vmklinux_9</code> itself.</p>
|
|
|
|
<p>The definition can however be found in binary-only software provided in
|
|
ESXi 5.5U2 — specifically, inside a file named <code>k.b00</code>,
|
|
which is located in partition 5 on a disk where ESXi has been installed (or
|
|
in the ESXi 5.5U2 installer ISO image). Running <code>file</code>
|
|
after <code>gunzip</code> on this file yields “ELF 64-bit LSB shared
|
|
object”. Meanwhile, <code>file k.b00</code> reports “gzip
|
|
compressed data, was ‘vmvisor64-vmkernel.stripped’”.
|
|
These findings strongly suggests this is an image of the
|
|
“vmkernel” component. An <code>objdump -x</code> yields this
|
|
“SYMBOL TABLE” section:</p>
|
|
|
|
<pre>
|
|
000041800036a408 g F .text 0000000000000137 vmk_PCIGetDeviceName
|
|
</pre>
|
|
|
|
<p>… which indicated these binary file contains the function body
|
|
for <code>vmk_PCIGetDeviceName</code>.</p>
|
|
|
|
<p>Furthermore, after detailed searching, Conservancy found no evidence that any
|
|
other code (other than modified Linux code) makes calls
|
|
to <code>vmk_PCIGetDeviceName</code>. This provides a strong indication
|
|
that this function's primary purpose is to combine Linux code with
|
|
“vmkernel”. Conservancy also found other functions where similar analysis
|
|
yields similar results as above.</p>
|
|
|
|
<h4>Linux's <code>struct pci</code> combined with <code>LinuxPCIDeviceRemoved()</code></h4>
|
|
|
|
<p>Having established the direct and close combination
|
|
of <code>vmk_PCIGetDeviceName</code>
|
|
and <code>LinuxPCIDeviceRemoved()</code>, focus now on the
|
|
quoted code from <code>LinuxPCIDeviceRemoved()</code>. That code, note
|
|
that one of the local variables is <code>struct pci_dev *linuxDev;</code>.
|
|
A definition of <code>pci_dev</code> is found in
|
|
<code>vmkdrivers/src_92/include/linux/pci.h</code> (which
|
|
is <code>#include</code>'d above) reads:</p>
|
|
|
|
<pre>
|
|
struct pci_dev {
|
|
[...]
|
|
struct pci_driver *driver; /* which driver has allocated this device */
|
|
[...]
|
|
truct pci_driver {
|
|
char *name;
|
|
[...]
|
|
void (*remove) (struct pci_dev *dev); /* Device removed (NULL if not a hot-plug capable driver) */
|
|
[...]
|
|
#if defined(__VMKLNX__)
|
|
/* 2008: Update from Linux source */
|
|
u8 revision; /* PCI revision, low byte of class word */
|
|
#endif /* defined(__VMKLNX__) */
|
|
};
|
|
</pre>
|
|
|
|
<p>These structures, and based on those from Linux itself
|
|
(<a href="http://lxr.free-electrons.com/source/include/linux/pci.h?v=2.6.24">a
|
|
similar version of this file can be seen in Linux 2.6.24</a>), and as can
|
|
be seen above, have been modified to work with “vmkernel”</p>
|
|
|
|
<p>In <code>LinuxPCIDeviceRemoved()</code>, we saw a macro called with a
|
|
variable, <code>linuxDev</code> which was of type <code>struct pci</code>.
|
|
Thus, the combination of code from Linux's <code>pci.h</code>
|
|
and VMware's <code>vmware/linux_pci.c</code> is very tightly coupled and
|
|
interdependent.</p>
|
|
|
|
<h4><code>VMKAPI_MODULE_CALL_VOID</code> macro calls driver's code</h4>
|
|
|
|
<p>The
|
|
file <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/base/vmkapi_module.h</code>
|
|
contains the macro definition of <code>VMKAPI_MODULE_CALL_VOID</code>,
|
|
which is quoted below (with debug lines removed):
|
|
<pre>
|
|
#define VMKAPI_MODULE_CALL_VOID(moduleID, function, args...) \
|
|
do { \
|
|
vmk_ModInfoStack modStack; \
|
|
vmk_ModulePushId(moduleID, function, &modStack); \
|
|
(function)(args); \
|
|
) \
|
|
vmk_ModulePopId(); \
|
|
} while(0)
|
|
</pre>
|
|
|
|
<p>When the macro is expanded, it means that <code>(function)(args)</code> is
|
|
actually expanded to <code>linuxDev->driver->remove(linuxDev)</code>.
|
|
Therefore, we see <code>LinuxPCIDeviceRemoved()</code>, makes directs calls
|
|
to a driver's remove() function, by combining with Linux's <code>struct
|
|
pci</code>, and by VMware's introduction of this new calling code.
|
|
Conservancy has confirmed many drivers from Linux are incorporated via
|
|
these mechanisms; one specific example is discussed next.</p>
|
|
|
|
<h4>Combination of the tg3 driver with “vmkernel”</h4>
|
|
|
|
<p>VMware includes a file <code>vmkdrivers/src_9/drivers/net/tg3/tg3.c</code>
|
|
in their source release. This file appears to be Linux's tg3 driver. It
|
|
includes a definition of the <code>struct pci_dev</code> for this device,
|
|
which reads:</p>
|
|
|
|
<pre>
|
|
static struct pci_driver tg3_driver = {
|
|
[...]
|
|
.remove = __devexit_p(tg3_remove_one),
|
|
</pre>
|
|
|
|
<p>Therefore, when the code in <code>LinuxPCIDeviceRemoved()</code>
|
|
calls <code>linuxDev->driver->remove(linuxDev)</code>, the code ultimately
|
|
called (in the case where a tg3 card is driven by the kernel)
|
|
is <code>tg3_remove_one()</code>, which is found in <code>tg3.c</code> and
|
|
comes directly from Linux.</p>
|
|
|
|
<p>(Note: <code>__devexit_p</code> is a straightforward macro found
|
|
in <code>vmkdrivers/src_92/include/linux/init.h</code> (which also comes
|
|
from Linux) that will simply expand to its first argument in this
|
|
case.)</p>
|
|
|
|
<h4>VMware distribution of binary version of <code>tg3.c</code></h4>
|
|
|
|
<p>VMware furthermore distributes a modified version of <code>tg.c</code> in
|
|
binary form. This can be found in <code>usr/lib/vmware/vmkmod/tg3</code>,
|
|
which is extracted by un-vmtar'ing the file <code>net_tg3.v00</code> (found
|
|
on the ESXi 5.5U2 installer ISO image). Conservancy has confirmed that
|
|
file is a compiled version of <code>tg3.c</code></p>
|
|
|
|
<h4>Conclusions</h4>
|
|
|
|
<p>Given this evidence and related contextual clues, the only logical
|
|
conclusions are:</p>
|
|
<ul><li><code>vmklinux_9</code>, a binary object, dynamically links with
|
|
the binary objects: <code>k.b00</code> and <code>tg3</code> (the
|
|
driver built from <code>tg3.c</code>'s source). These three binary
|
|
objects together form a single running binary (likely along with many
|
|
other binary objects as well).</li>
|
|
<li>That single running binary contains code licensed under the GPLv2
|
|
— namely the code derived from <code>tg3.c</code>
|
|
and <code>pci.h</code>. Thus, the single running binary may be
|
|
distributed in binary form only under permissions provided under GPLv2
|
|
— in
|
|
particular <a href="https://gnu.org/licenses/gpl-2.0.html#section2">GPLv2§2</a>
|
|
and <a href="https://gnu.org/licenses/gpl-2.0.html#section3">GPLv2§3</a>.</li>
|
|
<li>GPLv2§3(a–b) requires that <q>complete corresponding
|
|
machine-readable source code</q> must accompany binary
|
|
distributions such as these. GPLv2§3 further states
|
|
that <q>for an executable work, complete source code means all the
|
|
source code for all modules it contains</q>.</li>
|
|
<li>The binary work in question contains modules from <code>k.b00</code>,
|
|
<code>vmlinux_9</code> and <code>tg3</code>.</li>
|
|
<li>VMware did not provide source code for any modules found in
|
|
<code>k.b00</code>.</li>
|
|
<li>Therefore, VMware failed to comply with the GPLv2, as such
|
|
compliance requires source code (or an offer therefor) for the material
|
|
in <code>k.b00</code>.</li>
|
|
</ul>
|
|
<p>The above is but one piece of evidence among many, but hopefully it helps
|
|
to explain some of the “combined work” violations found in
|
|
VMware's ESXi product.</p>
|
|
|
|
<dt id="verify">How can I verify Conservancy's technical findings above?</dt>
|
|
|
|
<dd><p>The binary and source packages mentioned above are available
|
|
on VMware's website. These packages contain the
|
|
previously-mentioned <code>linux_pci.c</code>,
|
|
<code>vmkapi_pci_incompat.h</code>, and <code>k.b00</code> files, as well as
|
|
<code>vmklinux_9</code> and the source code that builds the latter.</p>
|
|
|
|
<p>To speed up the process, Conservancy has provided
|
|
a <a href="https://git.sfconservancy.org/?p=vmkdrivers;a=summary">Git
|
|
repository that we built that includes the source components that VMware
|
|
released</a>, and which are discussed above in our examples. However, one
|
|
can also obtain the source components directly from VMware, by following
|
|
these steps (no login is required):</p>
|
|
|
|
<ol>
|
|
<li>Visit <a href="https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353">https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353</a>.</li>
|
|
|
|
<li>Click the “Download” button beside the text that reads
|
|
“Open Source Code for VMware vSphere ESXi 5.5 Update 2”.</li>
|
|
|
|
<li>Confirm that the SHA-1 hash matches the published one
|
|
(d121634668a137ec808b63679fd941cef9a59715), found under “Read
|
|
More” on that web page.</li>
|
|
|
|
<li>Mount (or otherwise open) the
|
|
downloaded <code>VMware-ESX-550U2-ODP.iso</code>.</li>
|
|
|
|
<li>Extract <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>
|
|
and <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code>
|
|
from <code>vmkdrivers-gpl/vmkdrivers-gpl.tgz</code> with tar and gzip.</li>
|
|
|
|
<li>Generate <code>vmklinux_9</code> by following the steps
|
|
in <code>vmkdrivers-gpl/BUILD.txt</code> in the ISO.
|
|
(Note: <code>vmklinux_9</code> is also available pre-built on a running
|
|
ESXi system; <a href="#vmklinux">see below for instructions on how to access it</a>).</li>
|
|
|
|
<li>You may need the “Supporting Toolchain packages for VMware
|
|
vSphere ESXi 5.5.0 Update 2” file from the above download page to
|
|
complete the build — upon downloading you will find it is named
|
|
<code>VMware-TOOLCHAIN-550u2-ODP.iso</code> and has a SHA-1 hash of
|
|
f679e81ffb2f92729917bbc64c2d541cf75b5b94.</li>
|
|
|
|
</ol>
|
|
|
|
<p>To obtain the binary components, follow these steps (a login is required):<p>
|
|
|
|
<ol>
|
|
<li>Register for an account at <a href="https://my.vmware.com/web/vmware/registration">https://my.vmware.com/web/vmware/registration</a>.</li>
|
|
|
|
<li>Click the “Activate Now” link in the follow-up email. Enter
|
|
the password used at registration time. Click “Continue”.</li>
|
|
|
|
<li>Visit <a href="https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5">https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5</a>.</li>
|
|
|
|
<li>Click “Register” (under the text that reads “You have
|
|
not registered for this product”).</li>
|
|
|
|
<li>Enter the number of servers you plan to install on (e.g., 1). Click
|
|
“Continue”.</li>
|
|
|
|
<li>If the “VMware vSphere Hypervisor 5.5 Update 2 –
|
|
Binaries” section is not expanded, click the plus sign next to it.</li>
|
|
|
|
<li>Click the “Manually Download” link that's beside “ESXi
|
|
5.5 Update 2 ISO image (Includes VMware Tools)”.</li>
|
|
|
|
<li>Confirm that the SHA-1 hash matches the published one (9475938b51cafc86c8b17d09f2493cb6b4fae927).</li>
|
|
|
|
<li>Mount (or open via some other means) the
|
|
downloaded <code>VMware-VMvisor-Installer-5.5.0.update02-2068190.x86_64.iso</code>.</li>
|
|
|
|
<li>Find the <code>k.b00</code> file in the root directory. Extract it
|
|
using <code>zcat k.b00 > vmvisor64-vmkernel</code> (or a similar command).
|
|
Repeat the steps described above using <code>objdump -x
|
|
vmvisor64-vmkernel</code>.</li>
|
|
|
|
<li id="vmklinux">To retrieve <code>vmklinux_9</code> you will need to install
|
|
ESXi on your system by booting the ISO and following the instructions. Once
|
|
booted, you can then enable SSH access using “Customize System/View Logs ->
|
|
Troubleshooting Options -> Enable SSH”. Login to the system with SSH
|
|
and then run <code>find /vmfs -name misc_dri.v00 -print</code>. On the
|
|
resulting file, run <code>zcat misc_dri.v00 > misc_dri.vmtar</code> then
|
|
<code>vmtar -x misc_dri.vmtar -o misc_dri.tar</code>. You can then extract
|
|
<code>misc_dri.tar</code> using the usual <code>tar</code> to extract
|
|
<code>usr/lib/vmware/vmkmod/vmklinux_9</code>. The <code>misc_dri.v00</code>
|
|
file is also available next to <code>k.b00</code> in the root directory of
|
|
the ISO (mentioned above), but the <code>vmtar</code> command itself is only
|
|
available when logged into an ESXi system. <code>vmtar</code> can be found
|
|
at <code>bin/vmtar</code> inside
|
|
<code>sb.v00</code> on the ISO, but one needs <code>vmtar</code> to open
|
|
<code>sb.v00</code>, similar to <code>misc_dri.v00</code> above.</li>
|
|
|
|
</ol>
|
|
|
|
<p>Note that VMware may present you with <abbr title="End User Licensing Agreement">EULA</abbr>s and <abbr title="Terms of Service">ToS</abbr> when you download
|
|
software from VMware's website. Conservancy strongly suggests that you review these
|
|
terms in great detail with the assistance of your own legal counsel before
|
|
downloading the software and/or engaging in the process that Conservancy
|
|
discusses above.</p>
|
|
|
|
<dt id="similarity-analysis">How do you know Christoph's code is present in
|
|
VMware's work?</dt>
|
|
|
|
<dd>Conservancy
|
|
published <a href="/copyleft-compliance/vmware-code-similarity.html">its
|
|
comparison analysis between Christoph's code and VMware's code</a>. This
|
|
particular analysis uses a two step process: (a) use Linux's public Git logs
|
|
to find Christoph's contributions from Christoph, and (b) use a widely
|
|
accepted and heavily academically cited tool, CCFinderX, to show that VMware
|
|
copied Christoph's code into their product.</dd>
|
|
|
|
<dt id="appeal">I heard that Christoph's case was dismissed. Is that
|
|
true?</dt>
|
|
|
|
<dd>There was a ruling in July 2016 in the Hamburg District Court, which
|
|
dismissed Christoph's case against VMware. The ruling concerned German
|
|
evidence law and the Court did not rule on the merits of the case. The
|
|
ruling centered around German evidentary rules related to documenting
|
|
Christoph's contributions that appear in VMware's product.
|
|
In <a href="http://bombadil.infradead.org/~hch/vmware/2016-08-09.html">a
|
|
statement on his website</a>, Christoph Hellwig announced that he will
|
|
appeal the ruling. Christoph also published
|
|
(in <a href="http://bombadil.infradead.org/~hch/vmware/Urteil_2016-07-08.pdf">German</a>
|
|
and <a href="http://bombadil.infradead.org/~hch/vmware/Judgment_2016-07-08.pdf">English)
|
|
the Court's ruling</a> which explains why the materials submitted did not
|
|
satisfy German evidence rules — despite publicly available
|
|
information in Linux's Git repositories. In addition, the Court chose not
|
|
to seek expert testimony.</dd>
|
|
<dt id="statements-of-support">Have others issued statements of support about this action?</dt>
|
|
<dd>Various individuals and groups have publicly stated their support for
|
|
Conservancy's and Hellwig's actions in this matter. They include:
|
|
<ul>
|
|
<li><a href="http://www.april.org/en/statement-support-software-freedom-conservancy-and-christoph-hellwig-gpl-enforcement-lawsuit">APRIL</a></li>
|
|
<li><a href="https://fsf.org/news/conservancy-and-christoph-hellwig-gpl-enforcement-lawsuit">Free
|
|
Software Foundation</a></li>
|
|
<li><a href="https://fsfe.org/news/2015/news-20150331-01.en.html">Free
|
|
Software Foundation Europe</a></li>
|
|
<li><a href="https://www.gnome.org/news/2015/03/gnome-supports-gpl-compliance-through-vmware-suit-2/">GNOME Foundation</a></li>
|
|
<li><a href="http://opensource.org/node/739">Open Source Initiative</a></li>
|
|
<li><a href="https://samba.org/samba/news/announcements/2015-03-06_vmware_lawsuit.html">The
|
|
Samba Team</a></li>
|
|
<li><a href="http://sourceforge.net/p/swig/news/2015/03/defending-the-gpl/">The
|
|
SWIG Project</a></li>
|
|
<li><a href="https://web.archive.org/web/20170911061201/https://plus.google.com/104877287288155269055/posts/cHgyreA76yY">Dave Airlie, Linux Developer</a></li>
|
|
<li><a href="https://twitter.com/mjg59/status/573530001758294016">Matthew Garrett, Linux Developer</a></li>
|
|
<li><a href="/news/2015/mar/05/vmware-lawsuit/#glikely">Grant Likely, Linux Kernel Engineer</a></li>
|
|
<li><a href="http://mina86.com/2015/03/11/the-time-has-come-to-stand-up-for-the-gpl/">Michal Nazarewicz, Linux Developer</a></li>
|
|
<li><a href="http://lwn.net/Articles/635624/">Luis R. Rodriguez (aka mcgrof), Linux Developer</a></li>
|
|
<li><a href="http://lwn.net/Articles/635855/">Wolfram Sang, Linux Developer</a></li>
|
|
<li><a href="https://twitter.com/josh_triplett/status/573543072929198083">Josh
|
|
Triplett, Linux Developer</a></li>
|
|
<li><a href="https://lwn.net/Articles/635617/">Rik van Riel, Linux Developer</a></li>
|
|
</ul>
|
|
</dd>
|
|
|
|
<dt>I
|
|
see <a href="https://fsf.org/news/conservancy-and-christoph-hellwig-gpl-enforcement-lawsuit">FSF's
|
|
statement of support</a>, but why
|
|
isn't <a href="https://www.fsf.org/licensing/compliance">FSF enforcing</a> in
|
|
this case?</dt>
|
|
|
|
<dd>While FSF are the authors and license steward of the GNU GPL, it's up to
|
|
the copyright holder to enforce GPL. VMware created an operating system by
|
|
combining parts of the kernel named Linux with their own proprietary code,
|
|
and then added BusyBox to provide the userspace operating system components.
|
|
As such, ESXi is not
|
|
a <a href="https://www.gnu.org/gnu/linux-and-gnu.html">traditional GNU/Linux
|
|
system</a>. FSF has many copyrights of its own, but these are almost
|
|
exclusively on various parts of the GNU system, not on the kernel, Linux. As
|
|
such, FSF probably does not have copyright interests available to directly
|
|
enforce the GPL regarding the primary issue in this case.</dd>
|
|
|
|
<dt><em>I</em> care about copyleft and the GPL. How can I help?</dt>
|
|
|
|
<dd>Conservancy needs <a href="#donate-box" class="donate-now">your immediate financial
|
|
support to proceed with this litigation</a>. Litigation costs are
|
|
unpredictable, and this lawsuit may take years to resolve. Conservancy is
|
|
prepared to fund this case through its conclusion, but we can only do so
|
|
with <a href="/supporter/"><em>your</em> support</a>. If you are an
|
|
individual who supports copyleft and wants to see it defended, please
|
|
donate now. And, if you make a public statement of support, please email the
|
|
URL
|
|
to <a href="mailto:info@sfconservancy.org"><info@sfconservancy.org></a>,
|
|
as we'd like to include representative selection of supportive statements above.</dd>
|
|
|
|
<dt>Why is the case in Germany?</dt>
|
|
|
|
<dd>Copyright infringement claims can be brought anywhere that distribution
|
|
of the copyrighted works occur. VMware distributes ESXi throughout the
|
|
world, but Germany is close to Christoph's home and his lawyer was
|
|
available to do the litigation work there. Finally, historically,
|
|
Mr. Jaeger's cases in Germany have usually achieved worldwide compliance on
|
|
the products at issue in those cases.</dd>
|
|
|
|
</dl>
|
|
{% endblock %}
|
|
|
|
<!-- LocalWords: Christoph Hellwig VMware vmkernel Linux's GPLv VMware's
|
|
-->
|
|
<!-- LocalWords: ESXi CCS Christoph's Jaeger NDA SVG PNG vmklinux vmk un
|
|
-->
|
|
<!-- LocalWords: Hellwig's PCIGetDeviceName vmvisor vmkDev vmkDevName UND
|
|
-->
|
|
<!-- LocalWords: sizeof VMKAPI pciDevExt moduleID linuxDev vmtar'ed LSB ec
|
|
-->
|
|
<!-- LocalWords: xfffffffffffffffc gzip login vSphere SHA fd cef pre ffb
|
|
-->
|
|
<!-- LocalWords: Toolchain bbc Hypervisor cafc cb fae ToS Airlie mcgrof
|
|
-->
|
|
<!-- LocalWords: Rik userspace Jaeger's endblock
|
|
-->
|