xref: /linux/Documentation/process/license-rules.rst (revision 4ca07b9239bd0478ae586632a2ed72be37ed8407) 
1.. SPDX-License-Identifier: GPL-2.0
2
3.. _kernel_licensing:
4
5Linux kernel licensing rules
6============================
7
8The Linux Kernel is provided under the terms of the GNU General Public
9License version 2 only (GPL-2.0), as provided in LICENSES/preferred/GPL-2.0,
10with an explicit syscall exception described in
11LICENSES/exceptions/Linux-syscall-note, as described in the COPYING file.
12
13This documentation file provides a description of how each source file
14should be annotated to make its license clear and unambiguous.
15It doesn't replace the Kernel's license.
16
17The license described in the COPYING file applies to the kernel source
18as a whole, though individual source files can have a different license
19which is required to be compatible with the GPL-2.0::
20
21    GPL-1.0+  :  GNU General Public License v1.0 or later
22    GPL-2.0+  :  GNU General Public License v2.0 or later
23    LGPL-2.0  :  GNU Library General Public License v2 only
24    LGPL-2.0+ :  GNU Library General Public License v2 or later
25    LGPL-2.1  :  GNU Lesser General Public License v2.1 only
26    LGPL-2.1+ :  GNU Lesser General Public License v2.1 or later
27
28Aside from that, individual files can be provided under a dual license,
29e.g. one of the compatible GPL variants and alternatively under a
30permissive license like BSD, MIT etc.
31
32The User-space API (UAPI) header files, which describe the interface of
33user-space programs to the kernel are a special case.  According to the
34note in the kernel COPYING file, the syscall interface is a clear boundary,
35which does not extend the GPL requirements to any software which uses it to
36communicate with the kernel.  Because the UAPI headers must be includable
37into any source files which create an executable running on the Linux
38kernel, the exception must be documented by a special license expression.
39
40The common way of expressing the license of a source file is to add the
41matching boilerplate text into the top comment of the file.  Due to
42formatting, typos etc. these "boilerplates" are hard to validate for
43tools which are used in the context of license compliance.
44
45An alternative to boilerplate text is the use of Software Package Data
46Exchange (SPDX) license identifiers in each source file.  SPDX license
47identifiers are machine parsable and precise shorthands for the license
48under which the content of the file is contributed.  SPDX license
49identifiers are managed by the SPDX Workgroup at the Linux Foundation and
50have been agreed on by partners throughout the industry, tool vendors, and
51legal teams.  For further information see https://spdx.org/
52
53The Linux kernel requires the precise SPDX identifier in all source files.
54The valid identifiers used in the kernel are explained in the section
55`License identifiers`_ and have been retrieved from the official SPDX
56license list at https://spdx.org/licenses/ along with the license texts.
57
58License identifier syntax
59-------------------------
60
611. Placement:
62
63   The SPDX license identifier in kernel files shall be added at the first
64   possible line in a file which can contain a comment.  For the majority
65   of files this is the first line, except for scripts which require the
66   '#!PATH_TO_INTERPRETER' in the first line.  For those scripts, the SPDX
67   license identifier goes into the second line.
68
69   The license identifier line can then be followed by one or multiple
70   SPDX-FileCopyrightText lines if desired.
71
72|
73
742. Style:
75
76   The SPDX license identifier is added in form of a comment.  The comment
77   style depends on the file type::
78
79      C source:	// SPDX-License-Identifier: <SPDX License Expression>
80      C header:	/* SPDX-License-Identifier: <SPDX License Expression> */
81      ASM:	/* SPDX-License-Identifier: <SPDX License Expression> */
82      scripts:	# SPDX-License-Identifier: <SPDX License Expression>
83      .rst:	.. SPDX-License-Identifier: <SPDX License Expression>
84      .dts{i}:	// SPDX-License-Identifier: <SPDX License Expression>
85
86   If a specific tool cannot handle the standard comment style, then the
87   appropriate comment mechanism which the tool accepts shall be used. This
88   is the reason for having the "/\* \*/" style comment in C header
89   files. There was build breakage observed with generated .lds files where
90   'ld' failed to parse the C++ comment. This has been fixed by now, but
91   there are still older assembler tools which cannot handle C++ style
92   comments.
93
94|
95
963. Syntax:
97
98   A <SPDX License Expression> is either an SPDX short form license
99   identifier found on the SPDX License List, or the combination of two
100   SPDX short form license identifiers separated by "WITH" when a license
101   exception applies. When multiple licenses apply, an expression consists
102   of keywords "AND", "OR" separating sub-expressions and surrounded by
103   "(", ")" .
104
105   License identifiers for licenses like [L]GPL with the 'or later' option
106   are constructed by using a "+" for indicating the 'or later' option.::
107
108      // SPDX-License-Identifier: GPL-2.0+
109      // SPDX-License-Identifier: LGPL-2.1+
110
111   WITH should be used when there is a modifier to a license needed.
112   For example, the linux kernel UAPI files use the expression::
113
114      // SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note
115      // SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note
116
117   Other examples using WITH exceptions found in the kernel are::
118
119      // SPDX-License-Identifier: GPL-2.0 WITH mif-exception
120      // SPDX-License-Identifier: GPL-2.0+ WITH GCC-exception-2.0
121
122   Exceptions can only be used with particular License identifiers. The
123   valid License identifiers are listed in the tags of the exception text
124   file. For details see the point `Exceptions`_ in the chapter `License
125   identifiers`_.
126
127   OR should be used if the file is dual licensed and only one license is
128   to be selected.  For example, some dtsi files are available under dual
129   licenses::
130
131      // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
132
133   Examples from the kernel for license expressions in dual licensed files::
134
135      // SPDX-License-Identifier: GPL-2.0 OR MIT
136      // SPDX-License-Identifier: GPL-2.0 OR BSD-2-Clause
137      // SPDX-License-Identifier: GPL-2.0 OR Apache-2.0
138      // SPDX-License-Identifier: GPL-2.0 OR MPL-1.1
139      // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) OR MIT
140      // SPDX-License-Identifier: GPL-1.0+ OR BSD-3-Clause OR OpenSSL
141
142   AND should be used if the file has multiple licenses whose terms all
143   apply to use the file. For example, if code is inherited from another
144   project and permission has been given to put it in the kernel, but the
145   original license terms need to remain in effect::
146
147      // SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) AND MIT
148
149   Another other example where both sets of license terms need to be
150   adhered to is::
151
152      // SPDX-License-Identifier: GPL-1.0+ AND LGPL-2.1+
153
154License identifiers
155-------------------
156
157The licenses currently used, as well as the licenses for code added to the
158kernel, can be broken down into:
159
1601. _`Preferred licenses`:
161
162   Whenever possible these licenses should be used as they are known to be
163   fully compatible and widely used.  These licenses are available from the
164   directory::
165
166      LICENSES/preferred/
167
168   in the kernel source tree.
169
170   The files in this directory contain the full license text and
171   `Metatags`_.  The file names are identical to the SPDX license
172   identifier which shall be used for the license in source files.
173
174   Examples::
175
176      LICENSES/preferred/GPL-2.0
177
178   Contains the GPL version 2 license text and the required metatags::
179
180      LICENSES/preferred/MIT
181
182   Contains the MIT license text and the required metatags
183
184   _`Metatags`:
185
186   The following meta tags must be available in a license file:
187
188   - Valid-License-Identifier:
189
190     One or more lines which declare which License Identifiers are valid
191     inside the project to reference this particular license text.  Usually
192     this is a single valid identifier, but e.g. for licenses with the 'or
193     later' options two identifiers are valid.
194
195   - SPDX-URL:
196
197     The URL of the SPDX page which contains additional information related
198     to the license.
199
200   - Usage-Guidance:
201
202     Freeform text for usage advice. The text must include correct examples
203     for the SPDX license identifiers as they should be put into source
204     files according to the `License identifier syntax`_ guidelines.
205
206   - License-Text:
207
208     All text after this tag is treated as the original license text
209
210   File format examples::
211
212      Valid-License-Identifier: GPL-2.0
213      Valid-License-Identifier: GPL-2.0+
214      SPDX-URL: https://spdx.org/licenses/GPL-2.0.html
215      Usage-Guide:
216        To use this license in source code, put one of the following SPDX
217	tag/value pairs into a comment according to the placement
218	guidelines in the licensing rules documentation.
219	For 'GNU General Public License (GPL) version 2 only' use:
220	  SPDX-License-Identifier: GPL-2.0
221	For 'GNU General Public License (GPL) version 2 or any later version' use:
222	  SPDX-License-Identifier: GPL-2.0+
223      License-Text:
224        Full license text
225
226   ::
227
228      SPDX-License-Identifier: MIT
229      SPDX-URL: https://spdx.org/licenses/MIT.html
230      Usage-Guide:
231	To use this license in source code, put the following SPDX
232	tag/value pair into a comment according to the placement
233	guidelines in the licensing rules documentation.
234	  SPDX-License-Identifier: MIT
235      License-Text:
236        Full license text
237
238|
239
2402. Deprecated licenses:
241
242   These licenses should only be used for existing code or for importing
243   code from a different project.  These licenses are available from the
244   directory::
245
246      LICENSES/deprecated/
247
248   in the kernel source tree.
249
250   The files in this directory contain the full license text and
251   `Metatags`_.  The file names are identical to the SPDX license
252   identifier which shall be used for the license in source files.
253
254   Examples::
255
256      LICENSES/deprecated/ISC
257
258   Contains the Internet Systems Consortium license text and the required
259   metatags::
260
261      LICENSES/deprecated/GPL-1.0
262
263   Contains the GPL version 1 license text and the required metatags.
264
265   Metatags:
266
267   The metatag requirements for 'other' licenses are identical to the
268   requirements of the `Preferred licenses`_.
269
270   File format example::
271
272      Valid-License-Identifier: ISC
273      SPDX-URL: https://spdx.org/licenses/ISC.html
274      Usage-Guide:
275        Usage of this license in the kernel for new code is discouraged
276	and it should solely be used for importing code from an already
277	existing project.
278        To use this license in source code, put the following SPDX
279	tag/value pair into a comment according to the placement
280	guidelines in the licensing rules documentation.
281	  SPDX-License-Identifier: ISC
282      License-Text:
283        Full license text
284
285|
286
2873. Dual Licensing Only
288
289   These licenses should only be used to dual license code with another
290   license in addition to a preferred license.  These licenses are available
291   from the directory::
292
293      LICENSES/dual/
294
295   in the kernel source tree.
296
297   The files in this directory contain the full license text and
298   `Metatags`_.  The file names are identical to the SPDX license
299   identifier which shall be used for the license in source files.
300
301   Examples::
302
303      LICENSES/dual/MPL-1.1
304
305   Contains the Mozilla Public License version 1.1 license text and the
306   required metatags::
307
308      LICENSES/dual/Apache-2.0
309
310   Contains the Apache License version 2.0 license text and the required
311   metatags.
312
313   Metatags:
314
315   The metatag requirements for 'other' licenses are identical to the
316   requirements of the `Preferred licenses`_.
317
318   File format example::
319
320      Valid-License-Identifier: MPL-1.1
321      SPDX-URL: https://spdx.org/licenses/MPL-1.1.html
322      Usage-Guide:
323        Do NOT use. The MPL-1.1 is not GPL2 compatible. It may only be used for
324        dual-licensed files where the other license is GPL2 compatible.
325        If you end up using this it MUST be used together with a GPL2 compatible
326        license using "OR".
327        To use the Mozilla Public License version 1.1 put the following SPDX
328        tag/value pair into a comment according to the placement guidelines in
329        the licensing rules documentation:
330      SPDX-License-Identifier: MPL-1.1
331      License-Text:
332        Full license text
333
334|
335
3364. _`Exceptions`:
337
338   Some licenses can be amended with exceptions which grant certain rights
339   which the original license does not.  These exceptions are available
340   from the directory::
341
342      LICENSES/exceptions/
343
344   in the kernel source tree.  The files in this directory contain the full
345   exception text and the required `Exception Metatags`_.
346
347   Examples::
348
349      LICENSES/exceptions/Linux-syscall-note
350
351   Contains the Linux syscall exception as documented in the COPYING
352   file of the Linux kernel, which is used for UAPI header files.
353   e.g. /\* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note \*/::
354
355      LICENSES/exceptions/GCC-exception-2.0
356
357   Contains the GCC 'linking exception' which allows to link any binary
358   independent of its license against the compiled version of a file marked
359   with this exception. This is required for creating runnable executables
360   from source code which is not compatible with the GPL.
361
362   _`Exception Metatags`:
363
364   The following meta tags must be available in an exception file:
365
366   - SPDX-Exception-Identifier:
367
368     One exception identifier which can be used with SPDX license
369     identifiers.
370
371   - SPDX-URL:
372
373     The URL of the SPDX page which contains additional information related
374     to the exception.
375
376   - SPDX-Licenses:
377
378     A comma separated list of SPDX license identifiers for which the
379     exception can be used.
380
381   - Usage-Guidance:
382
383     Freeform text for usage advice. The text must be followed by correct
384     examples for the SPDX license identifiers as they should be put into
385     source files according to the `License identifier syntax`_ guidelines.
386
387   - Exception-Text:
388
389     All text after this tag is treated as the original exception text
390
391   File format examples::
392
393      SPDX-Exception-Identifier: Linux-syscall-note
394      SPDX-URL: https://spdx.org/licenses/Linux-syscall-note.html
395      SPDX-Licenses: GPL-2.0, GPL-2.0+, GPL-1.0+, LGPL-2.0, LGPL-2.0+, LGPL-2.1, LGPL-2.1+
396      Usage-Guidance:
397        This exception is used together with one of the above SPDX-Licenses
398	to mark user-space API (uapi) header files so they can be included
399	into non GPL compliant user-space application code.
400        To use this exception add it with the keyword WITH to one of the
401	identifiers in the SPDX-Licenses tag:
402	  SPDX-License-Identifier: <SPDX-License> WITH Linux-syscall-note
403      Exception-Text:
404        Full exception text
405
406   ::
407
408      SPDX-Exception-Identifier: GCC-exception-2.0
409      SPDX-URL: https://spdx.org/licenses/GCC-exception-2.0.html
410      SPDX-Licenses: GPL-2.0, GPL-2.0+
411      Usage-Guidance:
412        The "GCC Runtime Library exception 2.0" is used together with one
413	of the above SPDX-Licenses for code imported from the GCC runtime
414	library.
415        To use this exception add it with the keyword WITH to one of the
416	identifiers in the SPDX-Licenses tag:
417	  SPDX-License-Identifier: <SPDX-License> WITH GCC-exception-2.0
418      Exception-Text:
419        Full exception text
420
421
422All SPDX license identifiers and exceptions must have a corresponding file
423in the LICENSES subdirectories. This is required to allow tool
424verification (e.g. checkpatch.pl) and to have the licenses ready to read
425and extract right from the source, which is recommended by various FOSS
426organizations, e.g. the `FSFE REUSE initiative <https://reuse.software/>`_.
427
428_`MODULE_LICENSE`
429-----------------
430
431   Loadable kernel modules also require a MODULE_LICENSE() tag. This tag is
432   neither a replacement for proper source code license information
433   (SPDX-License-Identifier) nor in any way relevant for expressing or
434   determining the exact license under which the source code of the module
435   is provided.
436
437   The sole purpose of this tag is to provide sufficient information
438   whether the module is free software or proprietary for the kernel
439   module loader and for user space tools.
440
441   The valid license strings for MODULE_LICENSE() are:
442
443    ============================= =============================================
444    "GPL"			  Module is licensed under GPL version 2. This
445				  does not express any distinction between
446				  GPL-2.0-only or GPL-2.0-or-later. The exact
447				  license information can only be determined
448				  via the license information in the
449				  corresponding source files.
450
451    "GPL v2"			  Same as "GPL". It exists for historic
452				  reasons.
453
454    "GPL and additional rights"   Historical variant of expressing that the
455				  module source is dual licensed under a
456				  GPL v2 variant and MIT license. Please do
457				  not use in new code.
458
459    "Dual MIT/GPL"		  The correct way of expressing that the
460				  module is dual licensed under a GPL v2
461				  variant or MIT license choice.
462
463    "Dual BSD/GPL"		  The module is dual licensed under a GPL v2
464				  variant or BSD license choice. The exact
465				  variant of the BSD license can only be
466				  determined via the license information
467				  in the corresponding source files.
468
469    "Dual MPL/GPL"		  The module is dual licensed under a GPL v2
470				  variant or Mozilla Public License (MPL)
471				  choice. The exact variant of the MPL
472				  license can only be determined via the
473				  license information in the corresponding
474				  source files.
475
476    "Proprietary"		  The module is under a proprietary license.
477				  "Proprietary" is to be understood only as
478				  "The license is not compatible to GPLv2".
479                                  This string is solely for non-GPL2 compatible
480                                  third party modules and cannot be used for
481                                  modules which have their source code in the
482                                  kernel tree. Modules tagged that way are
483                                  tainting the kernel with the 'P' flag when
484                                  loaded and the kernel module loader refuses
485                                  to link such modules against symbols which
486                                  are exported with EXPORT_SYMBOL_GPL().
487    ============================= =============================================
488
489
490
491