On Mon, 2006-04-10 at 15:54 -0500, Anthony Liguori wrote:
> Ewan Mellor wrote:
> > On Mon, Apr 10, 2006 at 01:29:13PM -0500, Anthony Liguori wrote:
> >> Doesn't this need a Signed-off-by: Ross Maxfield <rmaxfiel@xxxxxxxxxx>?
> > People have been complaining that a patch should not retain the
> > Signed-off-by
> > line if the patch has been modified, because they do not sign-off the
> > modified
> > patch. If a patch needs minor changes before it can be committed, we can
> > either bounce it back to the author, which seems unnecessarily heavyweight,
> > or
> > do what Keir's done here, and sign-off the patch himself. The From: line
> > retains the audit trail, credit, and copyright, and it's clear that Keir
> > himself thinks that this patch is acceptable.
> I won't speak for Hollis (although I will CC him :-)) but my
> understanding is that the appropriate thing to do is check in the patch
> with the original Signed-off-by and then check in another patch on top
> of that with the necessary changes (this time, with just Keir's
> I think the intention is that the original submitter needs to have a
> Signed-off-by to signify that the origin of the code is kosher (which is
> something Keir cannot do on his own if the code didn't originate from
> him). Is this how other people understand it?
Actually, now I'm confused about the DCO
The terms seem to allow adding Signed-off-by lines when making
modifications, but that seems obviously in conflict point of the system.
See also Linus's mail at http://kerneltrap.org/node/3180:
It also allows middle parties to edit the patch without somehow
"losing" their names - quite often the patch that reaches the
final kernel is not exactly the same as the original one, as it
has gone through a few layers of people.
So in the Linux system, it is OK for Keir to modify (not rewrite) and
add his Signed-off-by after all.
The reason I don't like that is this example:
- Mary submits a clean patch with signed-off-by line
- Joe adds some bad IP to Mary's patch (e.g. some proprietary
copyrighted code), adds his signed-off-by line, and forwards on
- patch is checked in
- lawyers find the infringing patch, and look, there's Mary apparently
signing off on it
We could follow the Linux system, or something stronger (i.e. no
modifications to other people's patches allowed). I guess it's up to the
Whatever is chosen, it needs to be *documented* (beyond just the DCO URL
above) and adhered to.
IBM Linux Technology Center
Xen-devel mailing list