1#!/usr/bin/env perl 2 3# SPDX-License-Identifier: MIT 4# 5# Copyright (c) 2025, Rob Norris <robn@despairlabs.com> 6# 7# Permission is hereby granted, free of charge, to any person obtaining a copy 8# of this software and associated documentation files (the "Software"), to 9# deal in the Software without restriction, including without limitation the 10# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 11# sell copies of the Software, and to permit persons to whom the Software is 12# furnished to do so, subject to the following conditions: 13# 14# The above copyright notice and this permission notice shall be included in 15# all copies or substantial portions of the Software. 16# 17# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 22# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 23# IN THE SOFTWARE. 24 25use 5.010; 26use warnings; 27use strict; 28 29# All files known to git are either "tagged" or "untagged". Tagged files are 30# expected to have a license tag, while untagged files are expected to _not_ 31# have a license tag. There is no "optional" tag; all files are either "tagged" 32# or "untagged". 33# 34# Whether or not a file is tagged or untagged is determined using the patterns 35# in $tagged_patterns and $untagged_patterns and the following sequence: 36# 37# - if the file's full path is explicity listed in $tagged_patterns, then the 38# file is tagged. 39# 40# - if the file's full path is explicitly listed in $untagged_patterns, then 41# file is untagged. 42# 43# - if the filename matches a pattern in $tagged_patterns, and does not match a 44# pattern in $untagged_patterns, then the file is tagged 45# 46# - otherwise, the file is untagged. 47# 48# The patterns do a simple glob-like match over the entire path relative to the 49# root of the git repo (no leading /). '*' matches as anything at that point, 50# across path fragments. '?' matches a single character. 51 52my $tagged_patterns = q( 53 # Compiled source files 54 *.c 55 *.h 56 *.S 57 58 # Python files, eg test suite drivers, libzfs bindings 59 *.py 60 *.py.in 61 62 # Various support scripts 63 *.sh 64 *.pl 65 66 # Test suite 67 *.ksh 68 *.ksh.in 69 *.kshlib 70 *.kshlib.in 71 *.shlib 72 73 # Test suite data files 74 *.run 75 *.cfg 76 *.cfg.in 77 *.fio 78 *.lua 79 *.zcp 80 81 # Manpages 82 man/man?/*.? 83 man/man?/*.?.in 84 85 # Build system 86 *.ac 87 *.am 88 *.m4 89 90 # Unsuffixed programs (or generated of same) 91 cmd/zarcstat.in 92 cmd/zarcsummary 93 cmd/dbufstat.in 94 cmd/zilstat.in 95 cmd/zpool/zpool.d/* 96 etc/init.d/zfs-import.in 97 etc/init.d/zfs-load-key.in 98 etc/init.d/zfs-mount.in 99 etc/init.d/zfs-share.in 100 etc/init.d/zfs-zed.in 101 etc/zfs/zfs-functions.in 102 scripts/objtool-wrapper.in 103 104 # Misc items that have clear licensing info but aren't easily matched, 105 # or are the first of a class that we aren't ready to match yet. 106 module/lua/README.zfs 107 scripts/kmodtool 108 tests/zfs-tests/tests/functional/inheritance/README.config 109 tests/zfs-tests/tests/functional/inheritance/README.state 110 cmd/zed/zed.d/statechange-notify.sh 111); 112 113my $untagged_patterns = q( 114 # Exclude CI tooling as it's not interesting for overall project 115 # licensing. 116 .github/* 117 118 # Everything below this has unclear licensing. Work is happening to 119 # identify and update them. Once one gains a tag it should be removed 120 # from this list. 121 122 cmd/zed/zed.d/*.sh 123 cmd/zpool/zpool.d/* 124 125 contrib/coverity/model.c 126 include/libzdb.h 127 include/os/freebsd/spl/sys/inttypes.h 128 include/os/freebsd/spl/sys/mode.h 129 include/os/freebsd/spl/sys/trace.h 130 include/os/freebsd/zfs/sys/trace_zfs.h 131 include/os/freebsd/zfs/sys/zpl.h 132 include/os/linux/kernel/linux/page_compat.h 133 lib/libspl/include/sys/string.h 134 lib/libzdb/libzdb.c 135 lib/libzpool/include/sys/trace_zfs.h 136 module/lua/setjmp/setjmp.S 137 module/lua/setjmp/setjmp_ppc.S 138 module/zstd/include/sparc_compat.h 139 module/zstd/zstd_sparc.c 140 tests/zfs-tests/cmd/cp_files.c 141 tests/zfs-tests/cmd/zed_fd_spill-zedlet.c 142 tests/zfs-tests/tests/functional/tmpfile/tmpfile_001_pos.c 143 tests/zfs-tests/tests/functional/tmpfile/tmpfile_002_pos.c 144 tests/zfs-tests/tests/functional/tmpfile/tmpfile_003_pos.c 145 tests/zfs-tests/tests/functional/tmpfile/tmpfile_test.c 146 147 contrib/bpftrace/zfs-trace.sh 148 contrib/pyzfs/docs/source/conf.py 149 contrib/pyzfs/libzfs_core/test/__init__.py 150 contrib/zcp/autosnap.lua 151 scripts/commitcheck.sh 152 scripts/man-dates.sh 153 scripts/mancheck.sh 154 scripts/paxcheck.sh 155 scripts/zfs-helpers.sh 156 scripts/zfs-tests-color.sh 157 scripts/zfs.sh 158 scripts/zimport.sh 159 tests/zfs-tests/callbacks/zfs_failsafe.ksh 160 tests/zfs-tests/include/commands.cfg 161 tests/zfs-tests/include/tunables.cfg 162 tests/zfs-tests/include/zpool_script.shlib 163 tests/zfs-tests/tests/functional/mv_files/random_creation.ksh 164); 165 166# For files expected to have a license tags, these are the acceptable tags by 167# path. A file in one of these paths with a tag not listed here must be in the 168# override list below. If the file is not in any of these paths, then 169# $default_license_tags is used. 170my $default_license_tags = [ 171 'CDDL-1.0', '0BSD', 'BSD-2-Clause', 'BSD-3-Clause', 'MIT' 172]; 173 174my @path_license_tags = ( 175 # Conventional wisdom is that the Linux SPL must be GPL2+ for 176 # kernel compatibility. 177 'module/os/linux/spl' => ['GPL-2.0-or-later'], 178 'include/os/linux/spl' => ['GPL-2.0-or-later'], 179 180 # Third-party code should keep it's original license 181 'module/zstd/lib' => ['BSD-3-Clause OR GPL-2.0-only'], 182 'module/lua' => ['MIT'], 183 184 # lua/setjmp is platform-specific code sourced from various places 185 'module/lua/setjmp' => $default_license_tags, 186 187 # Some of the fletcher modules are dual-licensed 188 'module/zcommon/zfs_fletcher' => 189 ['BSD-2-Clause OR GPL-2.0-only', 'CDDL-1.0'], 190 191 'module/icp' => ['Apache-2.0', 'CDDL-1.0'], 192 'contrib/icp' => ['Apache-2.0', 'CDDL-1.0'], 193 194 # Python bindings are always Apache-2.0; CDDL is available for build 195 # files in that dir. 196 'contrib/pyzfs' => ['Apache-2.0', 'CDDL-1.0'], 197 198 # Common licenses for autoconf macros; some of these are complex 199 # with exceptions, so we don't have a "generic" list as such, just 200 # a list of all the ones currently in use. 201 'config' => [ 202 'CDDL-1.0', 'LGPL-2.1-or-later', 'FSFAP', 'FSFULLR', 203 'GPL-2.0-or-later WITH Autoconf-exception-generic', 204 'GPL-3.0-or-later WITH Autoconf-exception-macro', 205 ], 206); 207 208# This is a list of "special case" license tags that are in use in the tree, 209# and the files where they occur. these exist for a variety of reasons, and 210# generally should not be used for new code. If you need to bring in code that 211# has a different license from the acceptable ones listed above, then you will 212# also need to add it here, with rationale provided and approval given in your 213# PR. 214my %override_file_license_tags = ( 215 216 # SPDX have repeatedly rejected the creation of a tag for a public 217 # domain dedication, as not all dedications are clear and unambiguious 218 # in their meaning and not all jurisdictions permit relinquishing a 219 # copyright anyway. 220 # 221 # A reasonably common workaround appears to be to create a local 222 # (project-specific) identifier to convey whatever meaning the project 223 # wishes it to. To cover OpenZFS' use of third-party code with a 224 # public domain dedication, we use this custom tag. 225 # 226 # Further reading: 227 # https://github.com/spdx/old-wiki/blob/main/Pages/Legal%20Team/Decisions/Dealing%20with%20Public%20Domain%20within%20SPDX%20Files.md 228 # https://spdx.github.io/spdx-spec/v2.3/other-licensing-information-detected/ 229 # https://cr.yp.to/spdx.html 230 # 231 'LicenseRef-OpenZFS-ThirdParty-PublicDomain' => [qw( 232 include/sys/skein.h 233 module/icp/algs/skein/skein_block.c 234 module/icp/algs/skein/skein.c 235 module/icp/algs/skein/skein_impl.h 236 module/icp/algs/skein/skein_iv.c 237 module/icp/algs/skein/skein_port.h 238 module/zfs/vdev_draid_rand.c 239 )], 240 241 # Legacy inclusions 242 'Brian-Gladman-3-Clause' => [qw( 243 module/icp/asm-x86_64/aes/aestab.h 244 module/icp/asm-x86_64/aes/aesopt.h 245 module/icp/asm-x86_64/aes/aeskey.c 246 module/icp/asm-x86_64/aes/aes_amd64.S 247 )], 248 'OpenSSL-standalone' => [qw( 249 module/icp/asm-x86_64/aes/aes_aesni.S 250 )], 251 252 # Legacy inclusions of BSD-2-Clause files in Linux SPL. 253 'BSD-2-Clause' => [qw( 254 include/os/linux/spl/sys/debug.h 255 module/os/linux/spl/spl-zone.c 256 )], 257 258 # Temporary overrides for things that have the wrong license for 259 # their path. Work is underway to understand and resolve these. 260 'GPL-2.0-or-later' => [qw( 261 include/os/freebsd/spl/sys/kstat.h 262 include/os/freebsd/spl/sys/sunddi.h 263 )], 264 'CDDL-1.0' => [qw( 265 include/os/linux/spl/sys/errno.h 266 include/os/linux/spl/sys/ia32/asm_linkage.h 267 include/os/linux/spl/sys/misc.h 268 include/os/linux/spl/sys/procfs_list.h 269 include/os/linux/spl/sys/trace.h 270 include/os/linux/spl/sys/trace_spl.h 271 include/os/linux/spl/sys/trace_taskq.h 272 include/os/linux/spl/sys/wmsum.h 273 module/os/linux/spl/spl-procfs-list.c 274 module/os/linux/spl/spl-trace.c 275 module/lua/README.zfs 276 )], 277); 278 279########## 280 281sub setup_patterns { 282 my ($patterns) = @_; 283 284 my @re; 285 my @files; 286 287 for my $pat (split "\n", $patterns) { 288 # remove leading/trailing whitespace and comments 289 $pat =~ s/(:?^\s*|\s*(:?#.*)?$)//g; 290 # skip (now-)empty lines 291 next if $pat eq ''; 292 293 # if the "pattern" has no metachars, then it's a literal file 294 # path and gets matched a bit more strongly 295 unless ($pat =~ m/[?*]/) { 296 push @files, $pat; 297 next; 298 } 299 300 # naive pattern to regex conversion 301 302 # escape simple metachars 303 $pat =~ s/([\.\(\[])/\Q$1\E/g; 304 305 $pat =~ s/\?/./g; # glob ? -> regex . 306 $pat =~ s/\*/.*/g; # glob * -> regex .* 307 308 push @re, $pat; 309 } 310 311 my $re = join '|', @re; 312 return (qr/^(?:$re)$/, { map { $_ => 1 } @files }); 313}; 314 315my ($tagged_re, $tagged_files) = setup_patterns($tagged_patterns); 316my ($untagged_re, $untagged_files) = setup_patterns($untagged_patterns); 317 318sub file_is_tagged { 319 my ($file) = @_; 320 321 # explicitly tagged 322 if ($tagged_files->{$file}) { 323 delete $tagged_files->{$file}; 324 return 1; 325 } 326 327 # explicitly untagged 328 if ($untagged_files->{$file}) { 329 delete $untagged_files->{$file}; 330 return 0; 331 } 332 333 # must match tagged patterns and not match untagged patterns 334 return ($file =~ $tagged_re) && !($file =~ $untagged_re); 335} 336 337my %override_tags = map { 338 my $tag = $_; 339 map { $_ => $tag } @{$override_file_license_tags{$_}}; 340} keys %override_file_license_tags; 341 342########## 343 344my $rc = 0; 345 346# Get a list of all files known to git. This is a crude way of avoiding any 347# build artifacts that have tags embedded in them. 348my @git_files = sort grep { chomp } qx(git ls-tree --name-only -r HEAD); 349 350# Scan all files and work out if their tags are correct. 351for my $file (@git_files) { 352 # Ignore non-files. git can store other types of objects (submodule 353 # dirs, symlinks, etc) that aren't interesting for licensing. 354 next unless -f $file && ! -l $file; 355 356 # Open the file, and extract its license tag. We only check the first 357 # 4K of each file because many of these files are large, binary, or 358 # both. For a typical source file that means the tag should be found 359 # within the first ~50 lines. 360 open my $fh, '<', $file or die "$0: couldn't open $file: $!\n"; 361 my $nbytes = read $fh, my $buf, 4096; 362 die "$0: couldn't read $file: $!\n" if !defined $nbytes; 363 364 my ($tag) = 365 $buf =~ m/\bSPDX-License-Identifier: ([A-Za-z0-9_\-\. ]+)$/smg; 366 367 close $fh; 368 369 # Decide if the file should have a tag at all 370 my $tagged = file_is_tagged($file); 371 372 # If no license tag is wanted, there's not much left to do 373 if (!$tagged) { 374 if (defined $tag) { 375 # untagged file has a tag, pattern change required 376 say "unexpected license tag: $file"; 377 $rc = 1; 378 } 379 next; 380 } 381 382 # If a tag is required, but doesn't have one, warn and loop. 383 if (!defined $tag) { 384 say "missing license tag: $file"; 385 $rc = 1; 386 next; 387 } 388 389 # Determine the set of valid license tags for this file. Start with 390 # the defaults. 391 my $tags = $default_license_tags; 392 393 if ($override_tags{$file}) { 394 # File has an explicit override, use it. 395 $tags = [delete $override_tags{$file}]; 396 } else { 397 # Work through the path tag sets, taking the set with the 398 # most precise match. If no sets match, we fall through and 399 # are left with the default set. 400 my $matchlen = 0; 401 for (my $n = 0; $n < @path_license_tags; $n += 2) { 402 my ($path, $t) = @path_license_tags[$n,$n+1]; 403 if (substr($file, 0, length($path)) eq $path && 404 length($path) > $matchlen) { 405 $tags = $t; 406 $matchlen = length($path); 407 } 408 } 409 } 410 411 # Confirm the file's tag is in the set, and warn if not. 412 my %tags = map { $_ => 1 } @$tags; 413 unless ($tags{$tag}) { 414 say "invalid license tag: $file"; 415 say " (got $tag; expected: @$tags)"; 416 $rc = 1; 417 next; 418 } 419} 420 421########## 422 423# List any files explicitly listed as tagged or untagged that we didn't see. 424# Likely the file was removed from the repo but not from our lists. 425 426for my $file (sort keys %$tagged_files) { 427 say "explicitly tagged file not on disk: $file"; 428 $rc = 1; 429} 430for my $file (sort keys %$untagged_files) { 431 say "explicitly untagged file not on disk: $file"; 432 $rc = 1; 433} 434for my $file (sort keys %override_tags) { 435 say "explicitly overridden file not on disk: $file"; 436 $rc = 1; 437} 438 439exit $rc; 440