ltib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ltib] LTIB for Raspberry Pi

From: Stuart Hughes
Subject: Re: [Ltib] LTIB for Raspberry Pi
Date: Thu, 04 Oct 2012 08:55:30 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.28) Gecko/20120313 Lightning/1.0b2 Thunderbird/3.1.20
On 04/10/12 05:42, Sean Malloy wrote:
>> Is it sufficient to include those config files along with a pointer to
>> crosstool-ng in the platforms/rpi directory?
>
> Possibly, but I consider it shaky ground.

We have a few options, I suppose.

I could build my own toolchain using crosstool-ng and the config files as posted on github.  We'd be assured that we could archive the packages used by crosstool in making these toolchains, and include the licenses (which are all probably GPL).   We could choose to package someone else's ARM toolchain that has better licensing information included.  We could include no toolchain at all for RPi, and write up directions for how to download the official ones from github.

I can see that all of these might have some merit from a please-don't-sue-us standpoint, but I don't like any of them.  The purist in me says that we should use the exact toolchains supplied by the RPi Foundation to build the kernel and packages for the RPi.


> I did just notice one problem with binary tar of the toolchain from
> github.  It seems to be devoid of any license. 

These binaries obtained from github print a copyright/license notice when executed with --version:

address@hidden 1 $ ./arm-bcm2708hardfp-linux-gnueabi-gcc --version
arm-bcm2708hardfp-linux-gnueabi-gcc (crosstool-NG 1.15.2) 4.7.1 20120402 (prerelease)
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

If that is not sufficient to satisfy the terms of the GPL, I could add a LICENSE.TXT file detailing where and when we obtained these binaries, and that they must be subject to the GPL, if not directly, than as derivative works.  Pointing the interested user to gnu.org for source seems reasonable to me.  It is the canonical site for all things GNU, and is unlikely to go anywhere anytime soon.

I am no lawyer, thank God, but I believe that we have made a good-faith effort to be very clear where we have obtained these packages, and to include only free software, and comply with the GPL.

Please let me know if I should write up a LICENSE.TXT file for the toolchains.  If not, please let me know which alternative approach will be acceptable, and I will make that happen.

Thanks again for the feedback.

-Sean


Hi Sean,

From a legal standpoint, if we host the binaries on the GPP, as the distributor, we'd then need to make all sources that compose the binary available.

I agree with your point regarding the official RPi toolchains.  It's better to use them unmodified, as even a seemingly innocent re-build could change things.  A rebuild certainly invalidates anytesting they've done on the original binary.  Another benefit of using the original is that as the user is downloading directly from another site (not the GPP), that site has the legal responsibility to supply the sources.

Given this, I think the best thing to do is to add a mechanism to LTIB so that you can specify a direct download URL for the toolchain.  The main issue I can see for this is whether or not you will be prompted to click through pages and agree to a license (what happens for the RPi toolchain)?  If there are click throughs, it would mean having to pass control back to the user "some how".

I'm open to discussion here.

Regards, Stuart







reply via email to
[Prev in Thread] Current Thread [Next in Thread]