On 15/03/2022 14.33, Alexandru Elisei wrote:
Hi,
Arm is planning to upstream tests that are being developed as part of the
Confidential Compute Architecture [1]. Some of the tests target the
attestation part of creating and managing a confidential compute VM, which
requires the manipulation of messages in the Concise Binary Object
Representation (CBOR) format [2].
I would like to ask if it would be acceptable from a license perspective to
include the QCBOR library [3] into kvm-unit-tests, which will be used for
encoding and decoding of CBOR messages.
The library is licensed under the 3-Clause BSD license, which is compatible
with GPLv2 [4]. Some of the files that were created inside Qualcomm before
the library was open-sourced have a slightly modified 3-Clause BSD license,
where a NON-INFRINGMENT clause is added to the disclaimer:
"THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE **AND NON-INFRINGEMENT**
ARE DISCLAIMED" (emphasis by me on the added clause).
The files in question include the core files that implement the
encode/decode functionality, and thus would have to be included in
kvm-unit-tests. I believe that the above modification does not affect the
compatibility with GPLv2.
IANAL, but I think it should be ok to add those files to the kvm-unit-tests.
With regards to the "non-infringement" extension, it seems to be the one
mentioned here: https://enterprise.dejacode.com/licenses/public/bsd-x11/ ...
and on the "license condition" tab they mention that it is compatible with
the GPL. On gnu.org, they list e.g. the
https://www.gnu.org/licenses/license-list.html#X11License which also
contains a "non-infringement" statement, so that should really be compatible.
Thomas
_______________________________________________
kvmarm mailing list
[email protected]
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm