! ! !
Merge
Bradley Kuhn (bkuhn) - 13 months ago 2019-10-07 23:47:49
bkuhn@ebb.org
Merge branch 'update-faq-to-esxi-6' of https://k.sfconservancy.org/website-denver
308 files changed with 47 insertions and 44 deletions:
↑ Collapse Diff ↑
...
 
@@ -179,7 +179,7 @@
179 179
 
  component in ESXi that the lawsuit alleges violates the GPL?</dt>
180 180
 
<dd>
181 181
 
    <p>The GPL violation at issue involves VMware's ESXi product.
182
 
    Conservancy independently reviewed ESXi 5.5 and its incomplete
182
 
    Conservancy independently reviewed ESXi and its incomplete
183 183
 
      <abbr title="complete, corresponding source">CCS</abbr>
184 184
 
    release as part of our GPL enforcement efforts described above.</p>
185 185
 

	
...
 
@@ -243,12 +243,12 @@ Code, and for which (at least some) source code is provided.
243 243
 
       good, since the court documents discuss the specifics of alleged
244 244
 
         infringement on Hellwig's copyrights.</p>
245 245
 

	
246
 
       <p>However, Conservancy examined VMware's ESXi 5.5 product in detail
246
 
       <p>However, Conservancy examined VMware's ESXi product in detail
247 247
 
       even before Hellwig's enforcement action began.  Below is one example
248 248
 
       among many where VMware's CCS was incomplete per GPLv2&sect;2(c) and
249 249
 
       GPLv2&sect;3(a).  (One can verify these results by
250 250
 
       <a href="#verify">downloading and installing the binary and source
251
 
       packages for VMware's ESXi 5.5 Update 2</a>.)  Note that this
251
 
       packages for VMware's ESXi 6.0</a>.)  Note that this
252 252
 
       example below is not necessarily regarding
253 253
 
       Hellwig's copyrights; VMware incorporated Linux code copyrighted by
254 254
 
       many others as well into their kernel.</p>
...
 
@@ -257,7 +257,7 @@ Code, and for which (at least some) source code is provided.
257 257
 
       <p>Our example begins with examination of the file
258 258
 
           called <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>,
259 259
 
           which can be found in the &ldquo;Open Source&rdquo; release for
260
 
           ESXi 5.5.0 Update 2 (5.5U2).  A small excerpt from that file, found in the
260
 
           ESXi 6.0.  A small excerpt from that file, found in the
261 261
 
           function <code>LinuxPCIDeviceRemoved()</code>, reads as follows:</p>
262 262
 

	
263 263
 
<pre>
...
 
@@ -279,8 +279,8 @@ LinuxPCIDeviceRemoved(vmk_PCIDevice vmkDev)
279 279
 
      vmkDevName[0] = 0;
280 280
 
  }
281 281
 
[...]
282
 
VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
283
 
                        linuxDev->driver->remove,
282
 
VMKAPI_MODULE_CALL_VOID(pciDevExt-&gt;moduleID,
283
 
                        linuxDev-&gt;driver-&gt;remove,
284 284
 
                        linuxDev);
285 285
 
</pre>        
286 286
 

	
...
 
@@ -288,8 +288,8 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
288 288
 

	
289 289
 
<p>The function, <code>vmk_PCIGetDeviceName()</code> must be defined, with an
290 290
 
      implementation, for this code above to work, or even compile.
291
 
      Inside <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code>,
292
 
      found in the <code>vmkdrivers</code> package of ESXi 5.5U2, shows a
291
 
      Inside <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/hardware/vmkapi_pci_incompat.h</code>,
292
 
      found in the <code>vmkdrivers</code> package of ESXi 6.0, shows a
293 293
 
      function header definition for <code>vmk_PCIGetDeviceName()</code>.
294 294
 
      However, the source of its implementation is not provided there or
295 295
 
      anywhere in the source release.</p>
...
 
@@ -309,10 +309,10 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
309 309
 
</p>
310 310
 

	
311 311
 
<pre>
312
 
00000000000327ff R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
313
 
0000000000035318 R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
314
 
00000000000387e1 R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
315
 
000000000003cf40 R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
312
 
0000000000032db3 R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
313
 
00000000000333ea R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
314
 
0000000000036644 R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
315
 
000000000003986a R_X86_64_PC32     vmk_PCIGetDeviceName+0xfffffffffffffffc
316 316
 
</pre>
317 317
 

	
318 318
 
<p>The above two properties both suggest that the <code>vmklinux_9</code>
...
 
@@ -321,9 +321,9 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
321 321
 
 inside <code>vmklinux_9</code> itself.</p>
322 322
 

	
323 323
 
<p>The definition can however be found in binary-only software provided in
324
 
  ESXi 5.5U2 &mdash; specifically, inside a file named <code>k.b00</code>,
324
 
  ESXi 6.0 &mdash; specifically, inside a file named <code>k.b00</code>,
325 325
 
  which is located in partition 5 on a disk where ESXi has been installed (or
326
 
  in the ESXi 5.5U2 installer ISO image).  Running <code>file</code>
326
 
  in the ESXi 6.0 installer ISO image).  Running <code>file</code>
327 327
 
  after <code>gunzip</code> on this file yields &ldquo;ELF 64-bit LSB shared
328 328
 
  object&rdquo;.  Meanwhile, <code>file k.b00</code> reports &ldquo;gzip
329 329
 
  compressed data, was &lsquo;vmvisor64-vmkernel.stripped&rsquo;&rdquo;.
...
 
@@ -332,7 +332,7 @@ VMKAPI_MODULE_CALL_VOID(pciDevExt->moduleID,
332 332
 
  &ldquo;SYMBOL TABLE&rdquo; section:</p>
333 333
 

	
334 334
 
<pre>
335
 
000041800036a408 g     F .text  0000000000000137 vmk_PCIGetDeviceName
335
 
000041800033193c g     F .text  000000000000012e vmk_PCIGetDeviceName
336 336
 
</pre>
337 337
 

	
338 338
 
<p>&hellip; which indicated these binary file contains the function body
...
 
@@ -359,24 +359,26 @@ for  <code>vmk_PCIGetDeviceName</code>.</p>
359 359
 
  <pre>
360 360
 
struct pci_dev {
361 361
 
[...]
362
 
#if defined(__VMKLNX__)
363
 
        /* 2008: Update from Linux source */
364
 
        u8              revision;       /* PCI revision, low byte of class word */
365
 
#endif /* defined(__VMKLNX__) */
366
 
[...]
362 367
 
       struct pci_driver *driver;      /* which driver has allocated this device */
363 368
 
[...]
364
 
truct pci_driver {
369
 
struct pci_driver {
370
 
        struct list_head node;
365 371
 
        char *name;
366 372
 
[...]
367 373
 
        void (*remove) (struct pci_dev *dev);   /* Device removed (NULL if not a hot-plug capable driver) */
368 374
 
[...]
369
 
#if defined(__VMKLNX__)
370
 
        /* 2008: Update from Linux source */
371
 
        u8              revision;       /* PCI revision, low byte of class word */
372
 
#endif /* defined(__VMKLNX__) */
373 375
 
  };
374 376
 
</pre>
375 377
 

	
376 378
 
<p>These structures, and based on those from Linux itself
377 379
 
  (<a href="http://lxr.free-electrons.com/source/include/linux/pci.h?v=2.6.24">a
378 380
 
    similar version of this file can be seen in Linux 2.6.24</a>), and as can
379
 
  be seen above, have been modified to work with &ldquo;vmkernel&rdquo;</p>
381
 
  be seen above, have been modified to work with &ldquo;vmkernel&rdquo;.</p>
380 382
 

	
381 383
 
<p>In <code>LinuxPCIDeviceRemoved()</code>, we saw a macro called with a
382 384
 
  variable, <code>linuxDev</code> which was of type <code>struct pci</code>.
...
 
@@ -387,7 +389,7 @@ truct pci_driver {
387 389
 
<h4><code>VMKAPI_MODULE_CALL_VOID</code> macro calls driver's code</h4>
388 390
 

	
389 391
 
<p>The
390
 
  file <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/base/vmkapi_module.h</code>
392
 
  file <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/base/vmkapi_module.h</code>
391 393
 
  contains the macro definition of  <code>VMKAPI_MODULE_CALL_VOID</code>,
392 394
 
  which is quoted below (with debug lines removed):
393 395
 
<pre>
...
 
@@ -402,8 +404,8 @@ do {                                                    \
402 404
 
</pre>
403 405
 

	
404 406
 
<p>When the macro is expanded, it means that <code>(function)(args)</code> is
405
 
  actually expanded to <code>linuxDev->driver->remove(linuxDev)</code>.
406
 
  Therefore, we see <code>LinuxPCIDeviceRemoved()</code>, makes directs calls
407
 
  actually expanded to <code>linuxDev-&gt;driver-&gt;remove(linuxDev)</code>.
408
 
  Therefore, we see <code>LinuxPCIDeviceRemoved()</code> makes directs calls
407 409
 
  to a driver's remove() function, by combining with Linux's <code>struct
408 410
 
  pci</code>, and by VMware's introduction of this new calling code.
409 411
 
  Conservancy has confirmed many drivers from Linux are incorporated via
...
 
@@ -423,8 +425,8 @@ static struct pci_driver tg3_driver = {
423 425
 
</pre>
424 426
 

	
425 427
 
<p>Therefore, when the code in <code>LinuxPCIDeviceRemoved()</code>
426
 
  calls <code>linuxDev->driver->remove(linuxDev)</code>, the code ultimately
427
 
  called (in the case where a tg3 card is driven by the kernel)
428
 
  calls <code>linuxDev-&gt;driver-&gt;remove(linuxDev)</code>, the code
429
 
  ultimately called (in the case where a tg3 card is driven by the kernel)
428 430
 
  is <code>tg3_remove_one()</code>, which is found in <code>tg3.c</code> and
429 431
 
  comes directly from Linux.</p>
430 432
 

	
...
 
@@ -435,11 +437,11 @@ static struct pci_driver tg3_driver = {
435 437
 

	
436 438
 
<h4>VMware distribution of binary version of <code>tg3.c</code></h4>
437 439
 

	
438
 
<p>VMware furthermore distributes a modified version of <code>tg.c</code> in
440
 
<p>VMware furthermore distributes a modified version of <code>tg3.c</code> in
439 441
 
  binary form.  This can be found in <code>usr/lib/vmware/vmkmod/tg3</code>,
440 442
 
  which is extracted by un-vmtar'ing the file <code>net_tg3.v00</code> (found
441
 
  on the ESXi 5.5U2 installer ISO image).  Conservancy has confirmed that
442
 
  file is a compiled version of <code>tg3.c</code></p>
443
 
  on the ESXi 6.0 installer ISO image).  Conservancy has confirmed that
444
 
  file is a compiled version of <code>tg3.c</code>.</p>
443 445
 

	
444 446
 
<h4>Conclusions</h4>
445 447
 

	
...
 
@@ -472,7 +474,8 @@ static struct pci_driver tg3_driver = {
472 474
 
    </ul>
473 475
 
<p>The above is but one piece of evidence among many, but hopefully it helps
474 476
 
  to explain some of the &ldquo;combined work&rdquo; violations found in
475
 
  VMware's ESXi product.</p>
477
 
  VMware's ESXi product.  Conservancy did a similar analysis for ESXi 5.0
478
 
  as well as ESXi 5.5 Update 2 and found nearly identical results.</p>
476 479
 

	
477 480
 
<dt id="verify">How can I verify Conservancy's technical findings above?</dt>
478 481
 

	
...
 
@@ -490,20 +493,20 @@ previously-mentioned <code>linux_pci.c</code>,
490 493
 
  these steps (no login is required):</p>
491 494
 

	
492 495
 
<ol>
493
 
<li>Visit <a href="https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353">https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U2_OSS&productId=353</a>.</li>
496
 
<li>Visit <a href="https://my.vmware.com/web/vmware/details?downloadGroup=ESXI600_OSS&productId=491">https://my.vmware.com/web/vmware/details?downloadGroup=ESXI600_OSS&productId=491</a>.</li>
494 497
 

	
495 498
 
<li>Click the &ldquo;Download&rdquo; button beside the text that reads
496
 
&ldquo;Open Source Code for VMware vSphere ESXi 5.5 Update 2&rdquo;.</li>
499
 
&ldquo;Open source software accompanying ESXi&rdquo;.</li>
497 500
 

	
498 501
 
<li>Confirm that the SHA-1 hash matches the published one
499
 
  (d121634668a137ec808b63679fd941cef9a59715), found under &ldquo;Read
502
 
  (35811b981470abe8b606d8a7a97c9795ce570597), found under &ldquo;Read
500 503
 
  More&rdquo; on that web page.</li>
501 504
 

	
502 505
 
<li>Mount (or otherwise open) the
503
 
  downloaded <code>VMware-ESX-550U2-ODP.iso</code>.</li>
506
 
  downloaded <code>VMware-ESXI-600-ODP.iso</code>.</li>
504 507
 

	
505 508
 
<li>Extract <code>vmkdrivers/src_92/vmklinux_92/vmware/linux_pci.c</code>
506
 
  and <code>BLD/build/HEADERS/vmkapi-current-all-public/vmkernel64/release/device/vmkapi_pci_incompat.h</code>
509
 
  and <code>BLD/build/HEADERS/vmkapi-current-all-public/generic/release/hardware/vmkapi_pci_incompat.h</code>
507 510
 
  from <code>vmkdrivers-gpl/vmkdrivers-gpl.tgz</code> with tar and gzip.</li>
508 511
 

	
509 512
 
<li>Generate <code>vmklinux_9</code> by following the steps
...
 
@@ -511,11 +514,11 @@ previously-mentioned <code>linux_pci.c</code>,
511 514
 
  (Note: <code>vmklinux_9</code> is also available pre-built on a running
512 515
 
  ESXi system; <a href="#vmklinux">see below for instructions on how to access it</a>).</li>
513 516
 

	
514
 
<li>You may need the &ldquo;Supporting Toolchain packages for VMware
515
 
  vSphere ESXi 5.5.0 Update 2&rdquo; file from the above download page to
517
 
<li>You may need the &ldquo;Open source software disclosure package for
518
 
  toolchain&rdquo; file from the above download page to
516 519
 
  complete the build &mdash; upon downloading you will find it is named
517
 
  <code>VMware-TOOLCHAIN-550u2-ODP.iso</code> and has a SHA-1 hash of
518
 
  f679e81ffb2f92729917bbc64c2d541cf75b5b94.</li>
520
 
  <code>VMware-TOOLCHAIN-600-ODP.iso</code> and has a SHA-1 hash of
521
 
  9a68df4cbeb645c25002a02f11b1923f98d3d5b5.</li>
519 522
 

	
520 523
 
</ol>
521 524
 

	
...
 
@@ -527,7 +530,7 @@ previously-mentioned <code>linux_pci.c</code>,
527 530
 
<li>Click the &ldquo;Activate Now&rdquo; link in the follow-up email.  Enter
528 531
 
  the password used at registration time.  Click &ldquo;Continue&rdquo;.</li>
529 532
 

	
530
 
<li>Visit <a href="https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5">https://my.vmware.com/web/vmware/evalcenter?p=free-esxi5</a>.</li>
533
 
<li>Visit <a href="https://my.vmware.com/web/vmware/evalcenter?p=free-esxi6">https://my.vmware.com/web/vmware/evalcenter?p=free-esxi6</a>.</li>
531 534
 

	
532 535
 
<li>Click &ldquo;Register&rdquo; (under the text that reads &ldquo;You have
533 536
 
  not registered for this product&rdquo;).</li>
...
 
@@ -535,16 +538,16 @@ previously-mentioned <code>linux_pci.c</code>,
535 538
 
<li>Enter the number of servers you plan to install on (e.g., 1).  Click
536 539
 
  &ldquo;Continue&rdquo;.</li>
537 540
 

	
538
 
<li>If the &ldquo;VMware vSphere Hypervisor 5.5 Update 2 &ndash;
541
 
<li>If the &ldquo;VMware vSphere Hypervisor 6.0 &ndash;
539 542
 
  Binaries&rdquo; section is not expanded, click the plus sign next to it.</li>
540 543
 

	
541 544
 
<li>Click the &ldquo;Manually Download&rdquo; link that's beside &ldquo;ESXi
542
 
  5.5 Update 2 ISO image (Includes VMware Tools)&rdquo;.</li>
545
 
  ISO image (Includes VMware Tools)&rdquo;.</li>
543 546
 

	
544
 
<li>Confirm that the SHA-1 hash matches the published one (9475938b51cafc86c8b17d09f2493cb6b4fae927).</li>
547
 
<li>Confirm that the SHA-1 hash matches the published one (a38a9d37ea529329338de049679c1dd1687d3860).</li>
545 548
 

	
546 549
 
<li>Mount (or open via some other means) the
547
 
downloaded <code>VMware-VMvisor-Installer-5.5.0.update02-2068190.x86_64.iso</code>.</li>
550
 
downloaded <code>VMware-VMvisor-Installer-6.0.0-2494585.x86_64.iso</code>.</li>
548 551
 

	
549 552
 
<li>Find the <code>k.b00</code> file in the root directory.  Extract it
550 553
 
using <code>zcat k.b00 &gt; vmvisor64-vmkernel</code> (or a similar command).
0 comments (0 inline, 0 general)