[Tux3] Patch : Data Deduplication in Userspace

Daniel Phillips phillips at phunq.net
Wed Feb 25 00:40:02 PST 2009

On Tuesday 24 February 2009, Conrad Meyer wrote:
> On Tuesday 24 February 2009 10:33:13 am Gaurav Tungatkar wrote:
> > ...
> > The code uses the openssl SHA1 implementation and requires openssl libs to
> > be installed.
> > ...
> This raises a red flag to me. I think I remember hearing OpenSSL's license is 
> incompatible with the GPL; am I mistaken?

Hi Conrad,

Good catch.  The question is laid out pretty well here:


Well, if I have to add an OpenSSL exception to the license, I can, and
userspace will be ok, but that probably won't fly for kernel (Tux3
kernel code can have an OpenSSL exception but that does not cover all
the rest of kernel).

Well, OpenSSL is probably not the only available implementation of SHA1.
I don't think we need to panic about this, just keep using OpenSSL for
now and do something about it when a) it becomes the biggest remaining
issue and b) we want to push dedup to mainline kernel.  There is plenty
of time to work out a sensible solution.

Anyway, there is nothing magic about SHA1.  We certainly do not require
cryptographic security for a dedup hash.  Maybe we should look for a
more efficient hash than SHA1.



Tux3 mailing list
Tux3 at tux3.org

More information about the Tux3 mailing list