bpf_licensing.rst (3583B)
1============= 2BPF licensing 3============= 4 5Background 6========== 7 8* Classic BPF was BSD licensed 9 10"BPF" was originally introduced as BSD Packet Filter in 11http://www.tcpdump.org/papers/bpf-usenix93.pdf. The corresponding instruction 12set and its implementation came from BSD with BSD license. That original 13instruction set is now known as "classic BPF". 14 15However an instruction set is a specification for machine-language interaction, 16similar to a programming language. It is not a code. Therefore, the 17application of a BSD license may be misleading in a certain context, as the 18instruction set may enjoy no copyright protection. 19 20* eBPF (extended BPF) instruction set continues to be BSD 21 22In 2014, the classic BPF instruction set was significantly extended. We 23typically refer to this instruction set as eBPF to disambiguate it from cBPF. 24The eBPF instruction set is still BSD licensed. 25 26Implementations of eBPF 27======================= 28 29Using the eBPF instruction set requires implementing code in both kernel space 30and user space. 31 32In Linux Kernel 33--------------- 34 35The reference implementations of the eBPF interpreter and various just-in-time 36compilers are part of Linux and are GPLv2 licensed. The implementation of 37eBPF helper functions is also GPLv2 licensed. Interpreters, JITs, helpers, 38and verifiers are called eBPF runtime. 39 40In User Space 41------------- 42 43There are also implementations of eBPF runtime (interpreter, JITs, helper 44functions) under 45Apache2 (https://github.com/iovisor/ubpf), 46MIT (https://github.com/qmonnet/rbpf), and 47BSD (https://github.com/DPDK/dpdk/blob/main/lib/librte_bpf). 48 49In HW 50----- 51 52The HW can choose to execute eBPF instruction natively and provide eBPF runtime 53in HW or via the use of implementing firmware with a proprietary license. 54 55In other operating systems 56-------------------------- 57 58Other kernels or user space implementations of eBPF instruction set and runtime 59can have proprietary licenses. 60 61Using BPF programs in the Linux kernel 62====================================== 63 64Linux Kernel (while being GPLv2) allows linking of proprietary kernel modules 65under these rules: 66Documentation/process/license-rules.rst 67 68When a kernel module is loaded, the linux kernel checks which functions it 69intends to use. If any function is marked as "GPL only," the corresponding 70module or program has to have GPL compatible license. 71 72Loading BPF program into the Linux kernel is similar to loading a kernel 73module. BPF is loaded at run time and not statically linked to the Linux 74kernel. BPF program loading follows the same license checking rules as kernel 75modules. BPF programs can be proprietary if they don't use "GPL only" BPF 76helper functions. 77 78Further, some BPF program types - Linux Security Modules (LSM) and TCP 79Congestion Control (struct_ops), as of Aug 2021 - are required to be GPL 80compatible even if they don't use "GPL only" helper functions directly. The 81registration step of LSM and TCP congestion control modules of the Linux 82kernel is done through EXPORT_SYMBOL_GPL kernel functions. In that sense LSM 83and struct_ops BPF programs are implicitly calling "GPL only" functions. 84The same restriction applies to BPF programs that call kernel functions 85directly via unstable interface also known as "kfunc". 86 87Packaging BPF programs with user space applications 88==================================================== 89 90Generally, proprietary-licensed applications and GPL licensed BPF programs 91written for the Linux kernel in the same package can co-exist because they are 92separate executable processes. This applies to both cBPF and eBPF programs.