GrSecurity brags about it's GCC plugins (which violate the GPL for the same reason it's kernel patch does) -- Is this not a threat to the gnu gpl system?

From: nipponmail
Date: Mon Nov 11 2019 - 14:07:59 EST


Is this not a threat to the whole GNU-GPL system?
grsecurity.org
grsecurity.net
Unlike the manual, ad-hoc approach to finding and fixing Spectre v1 vulnerabilities employed elsewhere, our much higher coverage Respectre compiler plugin discovers and automatically instruments the code with high-performance fixes.

Can you do something about this please? Does this not bother you?

I for one, was convinced to join the free software movement and program for it because of the promise of the GPL. But here, with their "access agreement" they blatantly violate it (version 2, section 6 for the kernel patch, I'm sure you know which section for GCC). They infact-and-indeed do add an additional restrictive term.

This is allowed to stand.

It is less likely that I myself would have contributed code if it were not for the promise of the GPL that others could not close derivative works to me. That promise is being shown to be a lie. I doubt I'm the only one who was attracted by the GPL, but now that it is shown to be a false promise: the spell likely is broken.

Can you please do something about this.
Why all the silence? Why is no one angry about this?
This is as blatant of a violation as they come: it cuts at the very root of the whole point of Free Software:
RMS you wanted the code to come back to you: you made it clear in your EMACS license/notice. GrSecurity (OpenSourceSecurity) have completely obliterated what you intended. And it is allowed to stand.

Why? Please will nothing be done? Will nothing be discussed?

GCC is your compiler: They're doing EXACTLY what you DID NOT WANT to happen regarding plugins: they have effectively created PROPRIETARY plugins. The lawyers told you it could not happen, so that you would agree to allow plugins. Now apparently it has happened.

Now you can only get GrSec, the patch, the compiler plugins, if you have 10k+, and you are not permitted to redistribute it (or else).

Yes this is a violation of section 6 of version 2 of the GPL (I know some programmers argue otherwise because programmers think they know everything about every field)

"UHHHHHMMMMM we put it in a SEPARATE writing, thus we can impose additional restrictive terms!"

UHHH, Punishing a recipient for breaking our additional negative covenant is not violating the license :^), they didn't HAVE to violate our restrictions! It was their choice!

Ahem
Although previous to our additional restriction, under the GPL the recipient is free to distribute the source to anyone without repercussion or harm.
Once we chose to add our access agreement, the recipient after paying us 10k, agrees to never freely distribute the work except to his own customers on demand: under penalty of forfeiting the remainder of his balance and no further updates (which he already paid for)
This is clearly not an additional restriction not-present in the licensing terms
:^)
We also don't tell the linux kernel team about the fixes we silently fix in our GPL-Respecting additional-restrictive terms derivative work.
We'll tell you though, unless you distribute the Work: then you're cut off. Better not redistribute
:^)

The federal copyright lawsuit would cost 600k to finance. OpenSourceSecurity makes 120k a year, off of government contract(s/ors).

GCC plugins have been part of GrSecurity for a very long time, I remember them writing about them in the early/mid 2000s