Feeds

Is VMware too close to Linux?

Superstar's legal status questioned

3 Big data security analytics techniques

Maybe you've heard of VMware. You know, EMC's baby, huge IPO, Bloomberg called it the hottest tech stock since Google in 2004, drove a member of our staff mad?

Virtualization has clearly become an industry darling, and VMware controls 55 per cent of that market. This kind of monster success tends to paint a big ol' target on a company — and a volley of the slings and arrows that accompany outrageous fortune are already on the way.

Writing on his blog VentureCake, Linux specialist Mike MacCana thinks he might have found a bit of rust on VMware's shining armor. He claims that VMware's ESX server is derived from Linux, and therefore is not legally re-distributable as proprietary software.

McCana's third degree covers the quasi operating system - or rather kernel - behind VMware's flagship ESX Server package.

A kernel is like the nervous system of an OS. It manages the system's resources (such as memory, the CPU, etc,) that an application needs in order to run. VMware uses two kernels that run directly on the hardware; the vmkernel and vmkmod - a Linux kernel.

Because a computer can only run one kernel at a time, the job of VMware's Linux kernel is pretty basic. It's only purpose is to boot the vmkernel. The only way to load vmkernel is through vmkmod, and vmkernel requires Linux — which essentially means that when ESX Server boots, Linux is its kernel. Herein lies the problem.

From VentureCake:

Proprietary drivers for Linux kernel have an interesting licensing situation. Unlike the license for higher level libraries, which allow those libraries to be used by both Open Source and proprietary software, the license for the Linux kernel specifies that software based on the Linux kernel must be licensed under the same license.

If a kernel relies on Linux, it must be open source. The only way such a kernel wouldn't be considered a derivative of Linux and could remain proprietary is if it didn't require Linux to load. MacCana claims this isn't the case with VMware.

VMware, thus far, has remained silent about the issue. Quite surprising, considering the implications and how much money is now involved.

One example of the issue being raised is a post to the Linux kernel mailing list from Linux SCSI storage maintainer, Christopher Helwig. Here, he responds to a post from VMware's Zachary Amsden in August 2006:

Until you stop violating our copyrights with the VMWare ESX support nothing is going to be supported. So could you please stop abusing the Linux code illegally in your projects so I don't have to sue you, or at least piss off and don't expect us to support you in violating our copyrights. I know this isn't your fault, but please get the VMware/EMC legal department to fix it up first.

The post received no reply from Amsden.

So could the issue presented by MacCana blow up in VMware's face? Analyst for Illuminata, Gordon Haff said he'd be "very surprised" if there was a real issue here.

"It's hardly been a secret that VMware has based the console for ESX server (but not the actual hypervisor/VMM) on Linux," wrote Haff in an email. "To be sure, VMware hasn't exactly gone out of its way to play in the Open Source world, and to thoroughly explain exactly how it uses Linux. But it's no secret and therefore, it's really hard to believe that a company of VMware's visibility could be blatantly violating the GPL, and it would never have occurred to anyone to raise the issue until now."

Haff continues that legal issues aside, it would be at least manifestly unfair for such an issue to be realized at this late date when it's been sitting in more-or-less plain sight for years.

Analyst firm Endpoint Technologies president, Roger Kay says that regardless of its merits, the accusation is a result of VMware's success — and the company will doubtlessly continue to draw all sorts of fire.

At the time of this writing, VMware representatives have not responded to our queries. ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.