linux-hardened/usr/Kconfig
Greg Kroah-Hartman b24413180f License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.

By default all files without license information are under the default
license of the kernel, which is GPL version 2.

Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier.  The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.

This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.

How this work was done:

Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
 - file had no licensing information it it.
 - file was a */uapi/* one with no licensing information in it,
 - file was a */uapi/* one with existing licensing information,

Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.

The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne.  Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.

The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed.  Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.

Criteria used to select files for SPDX license identifier tagging was:
 - Files considered eligible had to be source code files.
 - Make and config files were included as candidates if they contained >5
   lines of source
 - File already had some variant of a license header in it (even if <5
   lines).

All documentation files were explicitly excluded.

The following heuristics were used to determine which SPDX license
identifiers to apply.

 - when both scanners couldn't find any license traces, file was
   considered to have no license information in it, and the top level
   COPYING file license applied.

   For non */uapi/* files that summary was:

   SPDX license identifier                            # files
   ---------------------------------------------------|-------
   GPL-2.0                                              11139

   and resulted in the first patch in this series.

   If that file was a */uapi/* path one, it was "GPL-2.0 WITH
   Linux-syscall-note" otherwise it was "GPL-2.0".  Results of that was:

   SPDX license identifier                            # files
   ---------------------------------------------------|-------
   GPL-2.0 WITH Linux-syscall-note                        930

   and resulted in the second patch in this series.

 - if a file had some form of licensing information in it, and was one
   of the */uapi/* ones, it was denoted with the Linux-syscall-note if
   any GPL family license was found in the file or had no licensing in
   it (per prior point).  Results summary:

   SPDX license identifier                            # files
   ---------------------------------------------------|------
   GPL-2.0 WITH Linux-syscall-note                       270
   GPL-2.0+ WITH Linux-syscall-note                      169
   ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause)    21
   ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)    17
   LGPL-2.1+ WITH Linux-syscall-note                      15
   GPL-1.0+ WITH Linux-syscall-note                       14
   ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause)    5
   LGPL-2.0+ WITH Linux-syscall-note                       4
   LGPL-2.1 WITH Linux-syscall-note                        3
   ((GPL-2.0 WITH Linux-syscall-note) OR MIT)              3
   ((GPL-2.0 WITH Linux-syscall-note) AND MIT)             1

   and that resulted in the third patch in this series.

 - when the two scanners agreed on the detected license(s), that became
   the concluded license(s).

 - when there was disagreement between the two scanners (one detected a
   license but the other didn't, or they both detected different
   licenses) a manual inspection of the file occurred.

 - In most cases a manual inspection of the information in the file
   resulted in a clear resolution of the license that should apply (and
   which scanner probably needed to revisit its heuristics).

 - When it was not immediately clear, the license identifier was
   confirmed with lawyers working with the Linux Foundation.

 - If there was any question as to the appropriate license identifier,
   the file was flagged for further research and to be revisited later
   in time.

In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.

Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights.  The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.

Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.

In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.

Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
 - a full scancode scan run, collecting the matched texts, detected
   license ids and scores
 - reviewing anything where there was a license detected (about 500+
   files) to ensure that the applied SPDX license was correct
 - reviewing anything where there was no detection but the patch license
   was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
   SPDX license was correct

This produced a worksheet with 20 files needing minor correction.  This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.

These .csv files were then reviewed by Greg.  Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected.  This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.)  Finally Greg ran the script using the .csv files to
generate the patches.

Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-02 11:10:55 +01:00

235 lines
7.8 KiB
Text

# SPDX-License-Identifier: GPL-2.0
#
# Configuration for initramfs
#
config INITRAMFS_SOURCE
string "Initramfs source file(s)"
default ""
help
This can be either a single cpio archive with a .cpio suffix or a
space-separated list of directories and files for building the
initramfs image. A cpio archive should contain a filesystem archive
to be used as an initramfs image. Directories should contain a
filesystem layout to be included in the initramfs image. Files
should contain entries according to the format described by the
"usr/gen_init_cpio" program in the kernel tree.
When multiple directories and files are specified then the
initramfs image will be the aggregate of all of them.
See <file:Documentation/early-userspace/README> for more details.
If you are not sure, leave it blank.
config INITRAMFS_FORCE
bool "Ignore the initramfs passed by the bootloader"
depends on CMDLINE_EXTEND || CMDLINE_FORCE
help
This option causes the kernel to ignore the initramfs image
(or initrd image) passed to it by the bootloader. This is
analogous to CMDLINE_FORCE, which is found on some architectures,
and is useful if you cannot or don't want to change the image
your bootloader passes to the kernel.
config INITRAMFS_ROOT_UID
int "User ID to map to 0 (user root)"
depends on INITRAMFS_SOURCE!=""
default "0"
help
If INITRAMFS_SOURCE points to a directory, files owned by this UID
(-1 = current user) will be owned by root in the resulting image.
If you are not sure, leave it set to "0".
config INITRAMFS_ROOT_GID
int "Group ID to map to 0 (group root)"
depends on INITRAMFS_SOURCE!=""
default "0"
help
If INITRAMFS_SOURCE points to a directory, files owned by this GID
(-1 = current group) will be owned by root in the resulting image.
If you are not sure, leave it set to "0".
config RD_GZIP
bool "Support initial ramdisk/ramfs compressed using gzip"
depends on BLK_DEV_INITRD
default y
select DECOMPRESS_GZIP
help
Support loading of a gzip encoded initial ramdisk or cpio buffer.
If unsure, say Y.
config RD_BZIP2
bool "Support initial ramdisk/ramfs compressed using bzip2"
default y
depends on BLK_DEV_INITRD
select DECOMPRESS_BZIP2
help
Support loading of a bzip2 encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_LZMA
bool "Support initial ramdisk/ramfs compressed using LZMA"
default y
depends on BLK_DEV_INITRD
select DECOMPRESS_LZMA
help
Support loading of a LZMA encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_XZ
bool "Support initial ramdisk/ramfs compressed using XZ"
depends on BLK_DEV_INITRD
default y
select DECOMPRESS_XZ
help
Support loading of a XZ encoded initial ramdisk or cpio buffer.
If unsure, say N.
config RD_LZO
bool "Support initial ramdisk/ramfs compressed using LZO"
default y
depends on BLK_DEV_INITRD
select DECOMPRESS_LZO
help
Support loading of a LZO encoded initial ramdisk or cpio buffer
If unsure, say N.
config RD_LZ4
bool "Support initial ramdisk/ramfs compressed using LZ4"
default y
depends on BLK_DEV_INITRD
select DECOMPRESS_LZ4
help
Support loading of a LZ4 encoded initial ramdisk or cpio buffer
If unsure, say N.
choice
prompt "Built-in initramfs compression mode"
depends on INITRAMFS_SOURCE!=""
optional
help
This option allows you to decide by which algorithm the builtin
initramfs will be compressed. Several compression algorithms are
available, which differ in efficiency, compression and
decompression speed. Compression speed is only relevant
when building a kernel. Decompression speed is relevant at
each boot. Also the memory usage during decompression may become
relevant on memory constrained systems. This is usually based on the
dictionary size of the algorithm with algorithms like XZ and LZMA
featuring large dictionary sizes.
High compression options are mostly useful for users who are
low on RAM, since it reduces the memory consumption during
boot.
Keep in mind that your build system needs to provide the appropriate
compression tool to compress the generated initram cpio file for
embedding.
If in doubt, select 'None'
config INITRAMFS_COMPRESSION_NONE
bool "None"
help
Do not compress the built-in initramfs at all. This may sound wasteful
in space, but, you should be aware that the built-in initramfs will be
compressed at a later stage anyways along with the rest of the kernel,
on those architectures that support this. However, not compressing the
initramfs may lead to slightly higher memory consumption during a
short time at boot, while both the cpio image and the unpacked
filesystem image will be present in memory simultaneously
config INITRAMFS_COMPRESSION_GZIP
bool "Gzip"
depends on RD_GZIP
help
Use the old and well tested gzip compression algorithm. Gzip provides
a good balance between compression ratio and decompression speed and
has a reasonable compression speed. It is also more likely to be
supported by your build system as the gzip tool is present by default
on most distros.
config INITRAMFS_COMPRESSION_BZIP2
bool "Bzip2"
depends on RD_BZIP2
help
It's compression ratio and speed is intermediate. Decompression speed
is slowest among the choices. The initramfs size is about 10% smaller
with bzip2, in comparison to gzip. Bzip2 uses a large amount of
memory. For modern kernels you will need at least 8MB RAM or more for
booting.
If you choose this, keep in mind that you need to have the bzip2 tool
available to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZMA
bool "LZMA"
depends on RD_LZMA
help
This algorithm's compression ratio is best but has a large dictionary
size which might cause issues in memory constrained systems.
Decompression speed is between the other choices. Compression is
slowest. The initramfs size is about 33% smaller with LZMA in
comparison to gzip.
If you choose this, keep in mind that you may need to install the xz
or lzma tools to be able to compress the initram.
config INITRAMFS_COMPRESSION_XZ
bool "XZ"
depends on RD_XZ
help
XZ uses the LZMA2 algorithm and has a large dictionary which may cause
problems on memory constrained systems. The initramfs size is about
30% smaller with XZ in comparison to gzip. Decompression speed is
better than that of bzip2 but worse than gzip and LZO. Compression is
slow.
If you choose this, keep in mind that you may need to install the xz
tool to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZO
bool "LZO"
depends on RD_LZO
help
It's compression ratio is the second poorest amongst the choices. The
kernel size is about 10% bigger than gzip. Despite that, it's
decompression speed is the second fastest and it's compression speed
is quite fast too.
If you choose this, keep in mind that you may need to install the lzop
tool to be able to compress the initram.
config INITRAMFS_COMPRESSION_LZ4
bool "LZ4"
depends on RD_LZ4
help
It's compression ratio is the poorest amongst the choices. The kernel
size is about 15% bigger than gzip; however its decompression speed
is the fastest.
If you choose this, keep in mind that most distros don't provide lz4
by default which could cause a build failure.
endchoice
config INITRAMFS_COMPRESSION
depends on INITRAMFS_SOURCE!=""
string
default "" if INITRAMFS_COMPRESSION_NONE
default ".gz" if INITRAMFS_COMPRESSION_GZIP
default ".bz2" if INITRAMFS_COMPRESSION_BZIP2
default ".lzma" if INITRAMFS_COMPRESSION_LZMA
default ".xz" if INITRAMFS_COMPRESSION_XZ
default ".lzo" if INITRAMFS_COMPRESSION_LZO
default ".lz4" if INITRAMFS_COMPRESSION_LZ4
default ".gz" if RD_GZIP
default ".lz4" if RD_LZ4
default ".lzo" if RD_LZO
default ".xz" if RD_XZ
default ".lzma" if RD_LZMA
default ".bz2" if RD_BZIP2
default ""