Re: [mpd-devel] Roon RAAT SDK license
Thanks, I did an independent analysis of their firmware yesterday night and
have a clear picture.
I explained my findings to the non-technical people at Cary. They
understand the situation and that it cannot be ignored.
I expect that they will want to discuss this with their developers next. I
will remind them to get in touch with you.
On Wed, Jan 31, 2018 at 2:25 AM, Max Kellermann wrote:
> Thanks so far, Brian; I contacted Cary Audio last week, but did not
> get a reply. All they did was switch off the server which had
> firmware downloads, but I was able to pull a mirror of it.
>
> It looks like Cary Audio outsourced the MPD related work to a Chinese
> contractor who didn't know or care about copyright.
>
> On 2018/01/31 03:33, Brian Luczkiewicz wrote:
> > It was a surprise to me to learn that our code was being statically
> linked
> > into mpd
>
> Just in case Cary Audio denies it, here's an excerpt from "objdump -d
> usr/bin/mpd":
>
> 0019d32c :
>19d32c: e2403d5dsub r3, r0, #5952 ; 0x1740
>19d330: e92d4010push{r4, lr}
>19d334: e2433030sub r3, r3, #48 ; 0x30
>19d338: e3530ffacmp r3, #1000 ; 0x3e8
>19d33c: 2a1abcs 19d3ac string@@Base+0x80>
>19d340: e3013771movwr3, #6001 ; 0x1771
>19d344: e153cmp r0, r3
>19d348: 0a14beq 19d3a0 string@@Base+0x74>
>19d34c: e3013772movwr3, #6002 ; 0x1772
>19d350: e153cmp r0, r3
>19d354: 0a0bbeq 19d388 string@@Base+0x5c>
>19d358: e3013770movwr3, #6000 ; 0x1770
>19d35c: e153cmp r0, r3
>19d360: 0a0bbeq 19d394 string@@Base+0x68>
>19d364: e59f3064ldr r3, [pc, #100] ; 19d3d0
>
>19d368: e300221amovwr2, #538 ; 0x21a
>19d36c: e59f1060ldr r1, [pc, #96] ; 19d3d4
>
>19d370: e59f0060ldr r0, [pc, #96] ; 19d3d8
>
>19d374: e08f3003add r3, pc, r3
>19d378: e08f1001add r1, pc, r1
>19d37c: e28330c0add r3, r3, #192; 0xc0
>19d380: e08fadd r0, pc, r0
>19d384: ebfa0e4cbl 20cbc <__assert_fail@plt>
>19d388: e59f004cldr r0, [pc, #76] ; 19d3dc
>
>19d38c: e08fadd r0, pc, r0
>19d390: e8bd8010pop {r4, pc}
>19d394: e59f0044ldr r0, [pc, #68] ; 19d3e0
>
>19d398: e08fadd r0, pc, r0
>19d39c: e8bd8010pop {r4, pc}
>19d3a0: e59f003cldr r0, [pc, #60] ; 19d3e4
>
>19d3a4: e08fadd r0, pc, r0
>19d3a8: e8bd8010pop {r4, pc}
>19d3ac: e59f3034ldr r3, [pc, #52] ; 19d3e8
>
>19d3b0: e3a02f85mov r2, #532 ; 0x214
>19d3b4: e59f1030ldr r1, [pc, #48] ; 19d3ec
>
>19d3b8: e59f0030ldr r0, [pc, #48] ; 19d3f0
>
>19d3bc: e08f3003add r3, pc, r3
>19d3c0: e08f1001add r1, pc, r1
>19d3c4: e28330c0add r3, r3, #192; 0xc0
>19d3c8: e08fadd r0, pc, r0
>19d3cc: ebfa0e3abl 20cbc <__assert_fail@plt>
>
>
> This matches the source code in your SDK's raat/raat_client.c.
> 0x1770, 0x1771 and 0x1772 are RAAT__CLIENT_STATUS_NETWORK_ERROR and so
> on.
>
> The contractor forgot to disable assertions for the release build, and
> it looks like compiler optimizations were disabled.
>
--
Brian Luczkiewicz
CTO, Roon Labs
___
mpd-devel mailing list
mpd-devel@musicpd.org
http://mailman.blarg.de/listinfo/mpd-devel
Re: [mpd-devel] Roon RAAT SDK license
Thanks so far, Brian; I contacted Cary Audio last week, but did not
get a reply. All they did was switch off the server which had
firmware downloads, but I was able to pull a mirror of it.
It looks like Cary Audio outsourced the MPD related work to a Chinese
contractor who didn't know or care about copyright.
On 2018/01/31 03:33, Brian Luczkiewicz wrote:
> It was a surprise to me to learn that our code was being statically linked
> into mpd
Just in case Cary Audio denies it, here's an excerpt from "objdump -d
usr/bin/mpd":
0019d32c :
19d32c: e2403d5dsub r3, r0, #5952 ; 0x1740
19d330: e92d4010push{r4, lr}
19d334: e2433030sub r3, r3, #48 ; 0x30
19d338: e3530ffacmp r3, #1000 ; 0x3e8
19d33c: 2a1abcs 19d3ac
19d340: e3013771movwr3, #6001 ; 0x1771
19d344: e153cmp r0, r3
19d348: 0a14beq 19d3a0
19d34c: e3013772movwr3, #6002 ; 0x1772
19d350: e153cmp r0, r3
19d354: 0a0bbeq 19d388
19d358: e3013770movwr3, #6000 ; 0x1770
19d35c: e153cmp r0, r3
19d360: 0a0bbeq 19d394
19d364: e59f3064ldr r3, [pc, #100] ; 19d3d0
19d368: e300221amovwr2, #538 ; 0x21a
19d36c: e59f1060ldr r1, [pc, #96] ; 19d3d4
19d370: e59f0060ldr r0, [pc, #96] ; 19d3d8
19d374: e08f3003add r3, pc, r3
19d378: e08f1001add r1, pc, r1
19d37c: e28330c0add r3, r3, #192; 0xc0
19d380: e08fadd r0, pc, r0
19d384: ebfa0e4cbl 20cbc <__assert_fail@plt>
19d388: e59f004cldr r0, [pc, #76] ; 19d3dc
19d38c: e08fadd r0, pc, r0
19d390: e8bd8010pop {r4, pc}
19d394: e59f0044ldr r0, [pc, #68] ; 19d3e0
19d398: e08fadd r0, pc, r0
19d39c: e8bd8010pop {r4, pc}
19d3a0: e59f003cldr r0, [pc, #60] ; 19d3e4
19d3a4: e08fadd r0, pc, r0
19d3a8: e8bd8010pop {r4, pc}
19d3ac: e59f3034ldr r3, [pc, #52] ; 19d3e8
19d3b0: e3a02f85mov r2, #532 ; 0x214
19d3b4: e59f1030ldr r1, [pc, #48] ; 19d3ec
19d3b8: e59f0030ldr r0, [pc, #48] ; 19d3f0
19d3bc: e08f3003add r3, pc, r3
19d3c0: e08f1001add r1, pc, r1
19d3c4: e28330c0add r3, r3, #192; 0xc0
19d3c8: e08fadd r0, pc, r0
19d3cc: ebfa0e3abl 20cbc <__assert_fail@plt>
This matches the source code in your SDK's raat/raat_client.c.
0x1770, 0x1771 and 0x1772 are RAAT__CLIENT_STATUS_NETWORK_ERROR and so
on.
The contractor forgot to disable assertions for the release build, and
it looks like compiler optimizations were disabled.
___
mpd-devel mailing list
mpd-devel@musicpd.org
http://mailman.blarg.de/listinfo/mpd-devel
Re: [mpd-devel] Roon RAAT SDK license
Hi Max, Thanks for getting in touch with us. Proper use of open source software is something that we take seriously, and linking our SDK libraries against GPL licensed software is as much a violation of our license agreement as it is yours. We do not condone or support this behavior. It was a surprise to me to learn that our code was being statically linked into mpd, since this is not our intent, nor a technical necessity. Our SDK is designed to run as a standalone daemon with limited dependencies. Typically IPC is used to communicate with other processes on the system instead of directly linking with them. It's possible to accomplish a complete integration in this manner without violating any licenses. We have been in touch with the people at Cary Audio today to help educate them about open source licensing, their obligations, and to assist them with remedying any violations as rapidly as possible. I'm aware that several of our other partners integrate mpd in their products. If you find that anyone else is making mistakes involving our SDK, please let us know so that we can assist in a similar manner. I suspect that some are not fully aware of the implications of using open source licenses in their products. That is no excuse for this sort of behavior, but it is something that we are happy to help with if other violations arise. Thanks, Brian Luczkiewicz CTO, Roon Labs ___ mpd-devel mailing list mpd-devel@musicpd.org http://mailman.blarg.de/listinfo/mpd-devel
[mpd-devel] Roon RAAT SDK license
Hi Roon Labs, I'm the lead developer (and major copyright holder) of the Music Player Daemon (MPD), a free music player software which you may have heard of. I found out that Cary Audio ships your RAAT SDK code with their PMS-500 product (https://www.caryaudio.com/products/dms-500-network-audio-player/). Your code is linked statically into MPD. MPD is licensed under the terms of the GPL, which means Cary Audio has put themselves into the difficult situation that they must release your SDK under the GPL. I bet you don't like that. You may want to contact Cary Audio to discuss the situation. Regards, Max Kellermann ___ mpd-devel mailing list mpd-devel@musicpd.org http://mailman.blarg.de/listinfo/mpd-devel
