xref: /linux/Documentation/process/license-rules.rst (revision 24168c5e6dfbdd5b414f048f47f75d64533296ca)
1.. SPDX-License-Identifier: GPL-2.0
2
3.. _kernel_licensing:
4
5Linux kernel licensing rules
6============================
7
8The Linux Kernel is provided under the terms of the GNU General Public
9License version 2 only (GPL-2.0), as provided in LICENSES/preferred/GPL-2.0,
10with an explicit syscall exception described in
11LICENSES/exceptions/Linux-syscall-note, as described in the COPYING file.
12
13This documentation file provides a description of how each source file
14should be annotated to make its license clear and unambiguous.
15It doesn't replace the Kernel's license.
16
17The license described in the COPYING file applies to the kernel source
18as a whole, though individual source files can have a different license
19which is required to be compatible with the GPL-2.0::
20
21    GPL-1.0+  :  GNU General Public License v1.0 or later
22    GPL-2.0+  :  GNU General Public License v2.0 or later
23    LGPL-2.0  :  GNU Library General Public License v2 only
24    LGPL-2.0+ :  GNU Library General Public License v2 or later
25    LGPL-2.1  :  GNU Lesser General Public License v2.1 only
26    LGPL-2.1+ :  GNU Lesser General Public License v2.1 or later
27
28Aside from that, individual files can be provided under a dual license,
29e.g. one of the compatible GPL variants and alternatively under a
30permissive license like BSD, MIT etc.
31
32The User-space API (UAPI) header files, which describe the interface of
33user-space programs to the kernel are a special case.  According to the
34note in the kernel COPYING file, the syscall interface is a clear boundary,
35which does not extend the GPL requirements to any software which uses it to
36communicate with the kernel.  Because the UAPI headers must be includable
37into any source files which create an executable running on the Linux
38kernel, the exception must be documented by a special license expression.
39
40The common way of expressing the license of a source file is to add the
41matching boilerplate text into the top comment of the file.  Due to
42formatting, typos etc. these "boilerplates" are hard to validate for
43tools which are used in the context of license compliance.
44
45An alternative to boilerplate text is the use of Software Package Data
46Exchange (SPDX) license identifiers in each source file.  SPDX license
47identifiers are machine parsable and precise shorthands for the license
48under which the content of the file is contributed.  SPDX license
49identifiers are managed by the SPDX Workgroup at the Linux Foundation and
50have been agreed on by partners throughout the industry, tool vendors, and
51legal teams.  For further information see https://spdx.org/
52
53The Linux kernel requires the precise SPDX identifier in all source files.
54The valid identifiers used in the kernel are explained in the section
55`License identifiers`_ and have been retrieved from the official SPDX
56license list at https://spdx.org/licenses/ along with the license texts.
57
58License identifier syntax
59-------------------------
60
611. Placement:
62
63   The SPDX license identifier in kernel files shall be added at the first
64   possible line in a file which can contain a comment.  For the majority
65   of files this is the first line, except for scripts which require the
66   '#!PATH_TO_INTERPRETER' in the first line.  For those scripts the SPDX
67   identifier goes into the second line.
68
69|
70
712. Style:
72
73   The SPDX license identifier is added in form of a comment.  The comment
74   style depends on the file type::
75
76      C source:	// SPDX-License-Identifier: <SPDX License Expression>
77      C header:	/* SPDX-License-Identifier: <SPDX License Expression> */
78      ASM:	/* SPDX-License-Identifier: <SPDX License Expression> */
79      scripts:	# SPDX-License-Identifier: <SPDX License Expression>
80      .rst:	.. SPDX-License-Identifier: <SPDX License Expression>
81      .dts{i}:	// SPDX-License-Identifier: <SPDX License Expression>
82
83   If a specific tool cannot handle the standard comment style, then the
84   appropriate comment mechanism which the tool accepts shall be used. This
85   is the reason for having the "/\* \*/" style comment in C header
86   files. There was build breakage observed with generated .lds files where
87   'ld' failed to parse the C++ comment. This has been fixed by now, but
88   there are still older assembler tools which cannot handle C++ style
89   comments.
90
91|
92
933. Syntax:
94
95   A <SPDX License Expression> is either an SPDX short form license
96   identifier found on the SPDX License List, or the combination of two
97   SPDX short form license identifiers separated by "WITH" when a license
98   exception applies. When multiple licenses apply, an expression consists
99   of keywords "AND", "OR" separating sub-expressions and surrounded by
100   "(", ")" .
101
102   License identifiers for licenses like [L]GPL with the 'or later' option
103   are constructed by using a "+" for indicating the 'or later' option.::
104
105      // SPDX-License-Identifier: GPL-2.0+
106      // SPDX-License-Identifier: LGPL-2.1+
107
108   WITH should be used when there is a modifier to a license needed.
109   For example, the linux kernel UAPI files use the expression::
110
111      // SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note
112      // SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note
113
114   Other examples using WITH exceptions found in the kernel are::
115
116      // SPDX-License-Identifier: GPL-2.0 WITH mif-exception
117      // SPDX-License-Identifier: GPL-2.0+ WITH GCC-exception-2.0
118
119   Exceptions can only be used with particular License identifiers. The
120   valid License identifiers are listed in the tags of the exception text
121   file. For details see the point `Exceptions`_ in the chapter `License
122   identifiers`_.
123
124   OR should be used if the file is dual licensed and only one license is
125   to be selected.  For example, some dtsi files are available under dual
126   licenses::
127
128      // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
129
130   Examples from the kernel for license expressions in dual licensed files::
131
132      // SPDX-License-Identifier: GPL-2.0 OR MIT
133      // SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
134      // SPDX-License-Identifier: GPL-2.0 OR Apache-2.0
135      // SPDX-License-Identifier: GPL-2.0 OR MPL-1.1
136      // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) OR MIT
137      // SPDX-License-Identifier: GPL-1.0+ OR BSD-3-Clause OR OpenSSL
138
139   AND should be used if the file has multiple licenses whose terms all
140   apply to use the file. For example, if code is inherited from another
141   project and permission has been given to put it in the kernel, but the
142   original license terms need to remain in effect::
143
144      // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) AND MIT
145
146   Another other example where both sets of license terms need to be
147   adhered to is::
148
149      // SPDX-License-Identifier: GPL-1.0+ AND LGPL-2.1+
150
151License identifiers
152-------------------
153
154The licenses currently used, as well as the licenses for code added to the
155kernel, can be broken down into:
156
1571. _`Preferred licenses`:
158
159   Whenever possible these licenses should be used as they are known to be
160   fully compatible and widely used.  These licenses are available from the
161   directory::
162
163      LICENSES/preferred/
164
165   in the kernel source tree.
166
167   The files in this directory contain the full license text and
168   `Metatags`_.  The file names are identical to the SPDX license
169   identifier which shall be used for the license in source files.
170
171   Examples::
172
173      LICENSES/preferred/GPL-2.0
174
175   Contains the GPL version 2 license text and the required metatags::
176
177      LICENSES/preferred/MIT
178
179   Contains the MIT license text and the required metatags
180
181   _`Metatags`:
182
183   The following meta tags must be available in a license file:
184
185   - Valid-License-Identifier:
186
187     One or more lines which declare which License Identifiers are valid
188     inside the project to reference this particular license text.  Usually
189     this is a single valid identifier, but e.g. for licenses with the 'or
190     later' options two identifiers are valid.
191
192   - SPDX-URL:
193
194     The URL of the SPDX page which contains additional information related
195     to the license.
196
197   - Usage-Guidance:
198
199     Freeform text for usage advice. The text must include correct examples
200     for the SPDX license identifiers as they should be put into source
201     files according to the `License identifier syntax`_ guidelines.
202
203   - License-Text:
204
205     All text after this tag is treated as the original license text
206
207   File format examples::
208
209      Valid-License-Identifier: GPL-2.0
210      Valid-License-Identifier: GPL-2.0+
211      SPDX-URL: https://spdx.org/licenses/GPL-2.0.html
212      Usage-Guide:
213        To use this license in source code, put one of the following SPDX
214	tag/value pairs into a comment according to the placement
215	guidelines in the licensing rules documentation.
216	For 'GNU General Public License (GPL) version 2 only' use:
217	  SPDX-License-Identifier: GPL-2.0
218	For 'GNU General Public License (GPL) version 2 or any later version' use:
219	  SPDX-License-Identifier: GPL-2.0+
220      License-Text:
221        Full license text
222
223   ::
224
225      SPDX-License-Identifier: MIT
226      SPDX-URL: https://spdx.org/licenses/MIT.html
227      Usage-Guide:
228	To use this license in source code, put the following SPDX
229	tag/value pair into a comment according to the placement
230	guidelines in the licensing rules documentation.
231	  SPDX-License-Identifier: MIT
232      License-Text:
233        Full license text
234
235|
236
2372. Deprecated licenses:
238
239   These licenses should only be used for existing code or for importing
240   code from a different project.  These licenses are available from the
241   directory::
242
243      LICENSES/deprecated/
244
245   in the kernel source tree.
246
247   The files in this directory contain the full license text and
248   `Metatags`_.  The file names are identical to the SPDX license
249   identifier which shall be used for the license in source files.
250
251   Examples::
252
253      LICENSES/deprecated/ISC
254
255   Contains the Internet Systems Consortium license text and the required
256   metatags::
257
258      LICENSES/deprecated/GPL-1.0
259
260   Contains the GPL version 1 license text and the required metatags.
261
262   Metatags:
263
264   The metatag requirements for 'other' licenses are identical to the
265   requirements of the `Preferred licenses`_.
266
267   File format example::
268
269      Valid-License-Identifier: ISC
270      SPDX-URL: https://spdx.org/licenses/ISC.html
271      Usage-Guide:
272        Usage of this license in the kernel for new code is discouraged
273	and it should solely be used for importing code from an already
274	existing project.
275        To use this license in source code, put the following SPDX
276	tag/value pair into a comment according to the placement
277	guidelines in the licensing rules documentation.
278	  SPDX-License-Identifier: ISC
279      License-Text:
280        Full license text
281
282|
283
2843. Dual Licensing Only
285
286   These licenses should only be used to dual license code with another
287   license in addition to a preferred license.  These licenses are available
288   from the directory::
289
290      LICENSES/dual/
291
292   in the kernel source tree.
293
294   The files in this directory contain the full license text and
295   `Metatags`_.  The file names are identical to the SPDX license
296   identifier which shall be used for the license in source files.
297
298   Examples::
299
300      LICENSES/dual/MPL-1.1
301
302   Contains the Mozilla Public License version 1.1 license text and the
303   required metatags::
304
305      LICENSES/dual/Apache-2.0
306
307   Contains the Apache License version 2.0 license text and the required
308   metatags.
309
310   Metatags:
311
312   The metatag requirements for 'other' licenses are identical to the
313   requirements of the `Preferred licenses`_.
314
315   File format example::
316
317      Valid-License-Identifier: MPL-1.1
318      SPDX-URL: https://spdx.org/licenses/MPL-1.1.html
319      Usage-Guide:
320        Do NOT use. The MPL-1.1 is not GPL2 compatible. It may only be used for
321        dual-licensed files where the other license is GPL2 compatible.
322        If you end up using this it MUST be used together with a GPL2 compatible
323        license using "OR".
324        To use the Mozilla Public License version 1.1 put the following SPDX
325        tag/value pair into a comment according to the placement guidelines in
326        the licensing rules documentation:
327      SPDX-License-Identifier: MPL-1.1
328      License-Text:
329        Full license text
330
331|
332
3334. _`Exceptions`:
334
335   Some licenses can be amended with exceptions which grant certain rights
336   which the original license does not.  These exceptions are available
337   from the directory::
338
339      LICENSES/exceptions/
340
341   in the kernel source tree.  The files in this directory contain the full
342   exception text and the required `Exception Metatags`_.
343
344   Examples::
345
346      LICENSES/exceptions/Linux-syscall-note
347
348   Contains the Linux syscall exception as documented in the COPYING
349   file of the Linux kernel, which is used for UAPI header files.
350   e.g. /\* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note \*/::
351
352      LICENSES/exceptions/GCC-exception-2.0
353
354   Contains the GCC 'linking exception' which allows to link any binary
355   independent of its license against the compiled version of a file marked
356   with this exception. This is required for creating runnable executables
357   from source code which is not compatible with the GPL.
358
359   _`Exception Metatags`:
360
361   The following meta tags must be available in an exception file:
362
363   - SPDX-Exception-Identifier:
364
365     One exception identifier which can be used with SPDX license
366     identifiers.
367
368   - SPDX-URL:
369
370     The URL of the SPDX page which contains additional information related
371     to the exception.
372
373   - SPDX-Licenses:
374
375     A comma separated list of SPDX license identifiers for which the
376     exception can be used.
377
378   - Usage-Guidance:
379
380     Freeform text for usage advice. The text must be followed by correct
381     examples for the SPDX license identifiers as they should be put into
382     source files according to the `License identifier syntax`_ guidelines.
383
384   - Exception-Text:
385
386     All text after this tag is treated as the original exception text
387
388   File format examples::
389
390      SPDX-Exception-Identifier: Linux-syscall-note
391      SPDX-URL: https://spdx.org/licenses/Linux-syscall-note.html
392      SPDX-Licenses: GPL-2.0, GPL-2.0+, GPL-1.0+, LGPL-2.0, LGPL-2.0+, LGPL-2.1, LGPL-2.1+
393      Usage-Guidance:
394        This exception is used together with one of the above SPDX-Licenses
395	to mark user-space API (uapi) header files so they can be included
396	into non GPL compliant user-space application code.
397        To use this exception add it with the keyword WITH to one of the
398	identifiers in the SPDX-Licenses tag:
399	  SPDX-License-Identifier: <SPDX-License> WITH Linux-syscall-note
400      Exception-Text:
401        Full exception text
402
403   ::
404
405      SPDX-Exception-Identifier: GCC-exception-2.0
406      SPDX-URL: https://spdx.org/licenses/GCC-exception-2.0.html
407      SPDX-Licenses: GPL-2.0, GPL-2.0+
408      Usage-Guidance:
409        The "GCC Runtime Library exception 2.0" is used together with one
410	of the above SPDX-Licenses for code imported from the GCC runtime
411	library.
412        To use this exception add it with the keyword WITH to one of the
413	identifiers in the SPDX-Licenses tag:
414	  SPDX-License-Identifier: <SPDX-License> WITH GCC-exception-2.0
415      Exception-Text:
416        Full exception text
417
418
419All SPDX license identifiers and exceptions must have a corresponding file
420in the LICENSES subdirectories. This is required to allow tool
421verification (e.g. checkpatch.pl) and to have the licenses ready to read
422and extract right from the source, which is recommended by various FOSS
423organizations, e.g. the `FSFE REUSE initiative <https://reuse.software/>`_.
424
425_`MODULE_LICENSE`
426-----------------
427
428   Loadable kernel modules also require a MODULE_LICENSE() tag. This tag is
429   neither a replacement for proper source code license information
430   (SPDX-License-Identifier) nor in any way relevant for expressing or
431   determining the exact license under which the source code of the module
432   is provided.
433
434   The sole purpose of this tag is to provide sufficient information
435   whether the module is free software or proprietary for the kernel
436   module loader and for user space tools.
437
438   The valid license strings for MODULE_LICENSE() are:
439
440    ============================= =============================================
441    "GPL"			  Module is licensed under GPL version 2. This
442				  does not express any distinction between
443				  GPL-2.0-only or GPL-2.0-or-later. The exact
444				  license information can only be determined
445				  via the license information in the
446				  corresponding source files.
447
448    "GPL v2"			  Same as "GPL". It exists for historic
449				  reasons.
450
451    "GPL and additional rights"   Historical variant of expressing that the
452				  module source is dual licensed under a
453				  GPL v2 variant and MIT license. Please do
454				  not use in new code.
455
456    "Dual MIT/GPL"		  The correct way of expressing that the
457				  module is dual licensed under a GPL v2
458				  variant or MIT license choice.
459
460    "Dual BSD/GPL"		  The module is dual licensed under a GPL v2
461				  variant or BSD license choice. The exact
462				  variant of the BSD license can only be
463				  determined via the license information
464				  in the corresponding source files.
465
466    "Dual MPL/GPL"		  The module is dual licensed under a GPL v2
467				  variant or Mozilla Public License (MPL)
468				  choice. The exact variant of the MPL
469				  license can only be determined via the
470				  license information in the corresponding
471				  source files.
472
473    "Proprietary"		  The module is under a proprietary license.
474				  This string is solely for proprietary third
475				  party modules and cannot be used for modules
476				  which have their source code in the kernel
477				  tree. Modules tagged that way are tainting
478				  the kernel with the 'P' flag when loaded and
479				  the kernel module loader refuses to link such
480				  modules against symbols which are exported
481				  with EXPORT_SYMBOL_GPL().
482    ============================= =============================================
483
484
485
486