compressed data, was ‘vmvisor64-vmkernel.stripped’”.
These findings strongly suggests this is an image of the
“vmkernel” component. An <code>objdump -x</code> yields this
“SYMBOL TABLE” section:
<pre>
000041800036a408 g F .text 0000000000000137 vmk_PCIGetDeviceName
</pre>
… which indicated these binary file contains the function body
for <code>vmk_PCIGetDeviceName</code>.</p>
<p>Finally, after detailed searching, Conservancy found no evidence that any
other code (other than modified Linux code) makes calls
to <code>vmk_PCIGetDeviceName</code>. This provides a strong indication
that this function's primary purpose is to combine Linux code with
“vmkernel”. Conservancy also found other functions where similar analysis
yields similar results as above.</p>
<p>Given this evidence and related contextual clues, the only logical
conclusions are:
<ul><li><code>vmklinux_9</code>, as a binary object, dynamically links
with <code>k.b00</code>, another binary object, to form a single running
binary.</li>
<li>That binary contains code licensed under the GPLv2, and can be
distributed in binary form only under permissions provided under
GPLv2 — in particular <a href="https://gnu.org/licenses/gpl-2.0.html#section2">GPLv2§2</a> and <a href="https://gnu.org/licenses/gpl-2.0.html#section3">GPLv2§3</a>.</li>
<li>GPLv2§3(a–b) requires that <q>complete corresponding
machine-readable source code</q> must accompany binary
distributions such as these. GPLv2§3 further states
that <q>for an executable work, complete source code means all the
source code for all modules it contains</q>.</li>
<li>The binary work in question contains modules from <code>k.b00</code> and
<code>vmlinux_9</code>.</li>
<li>VMware did not provide source code for any modules found in
<code>k.b00</code>.</li>
<li>Therefore, VMware failed to comply with the GPLv2, as such
compliance requires source code (or an offer therefor) for the material
in <code>k.b00</code>.</li>
</ul>
</p>
<p>The above is but one piece of evidence among many, but hopefully it helps
to explain the types of “combined work” violations found in
VMware's ESXi product.</p>
<dt id="verify">How can I verify Conservancy's technical findings above?</dt>
<dd><p>The binary and source packages mentioned above are available
on VMware's website. These packages contain the
previously-mentioned <code>linux_pci.c</code>,
<code>vmkapi_pci_incompat.h</code>, and <code>k.b00</code> files, as well as
<code>vmklinux_9</code> and the source code that builds the latter.</p>
<p>To obtain the source components, follow these steps (no login is required):
<li>Find the <code>k.b00</code> file in the root directory. Extract it
using <code>zcat k.b00 > vmvisor64-vmkernel</code> (or a similar command).
Repeat the steps described above using <code>objdump -x
vmvisor64-vmkernel</code>.</li>
<li id="vmklinux">To retrieve <code>vmklinux_9</code> you will need to install
ESXi on your system by booting the ISO and following the instructions. Once
booted, you can then enable SSH access using “Customize System/View Logs ->
Troubleshooting Options -> Enable SSH”. Login to the system with SSH
and then run <code>find /vmfs -name misc_dri.v00 -print</code>. On the
resulting file, run <code>zcat misc_dri.v00 > misc_dri.vmtar</code> then
<code>vmtar -x misc_dri.vmtar -o misc_dri.tar</code>. You can then extract
<code>misc_dri.tar</code> using the usual <code>tar</code> to extract
<code>usr/lib/vmware/vmkmod/vmklinux_9</code>. The <code>misc_dri.v00</code>
file is also available next to <code>k.b00</code> in the root directory of
the ISO (mentioned above), but the <code>vmtar</code> command itself is only
available when logged into an ESXi system. <code>vmtar</code> can be found
at <code>bin/vmtar</code> inside
<code>sb.v00</code> on the ISO, but one needs <code>vmtar</code> to open
<code>sb.v00</code>, similar to <code>misc_dri.v00</code> above.</li>
</ol>
</p>
<p>Note that VMware may present you with <acronym title="End User Licensing Agreement">EULA</acronym>s and <acronym title="Terms of Service">ToS</acronym> when you download
software from VMware's website. Conservancy strongly suggests that you review these
terms in great detail with the assistance of your own legal counsel before
downloading the software and/or engaging in the process that Conservancy
discusses above.</p>
<dt>Have others issued statements of support about this action?</dt>
<dd>Various individuals and groups have publicly stated their support for
Conservancy's and Hellwig's actions in this matter. They include: