Feeds

Is VMware too close to Linux?

Superstar's legal status questioned

SANS - Survey on application security programs

Maybe you've heard of VMware. You know, EMC's baby, huge IPO, Bloomberg called it the hottest tech stock since Google in 2004, drove a member of our staff mad?

Virtualization has clearly become an industry darling, and VMware controls 55 per cent of that market. This kind of monster success tends to paint a big ol' target on a company — and a volley of the slings and arrows that accompany outrageous fortune are already on the way.

Writing on his blog VentureCake, Linux specialist Mike MacCana thinks he might have found a bit of rust on VMware's shining armor. He claims that VMware's ESX server is derived from Linux, and therefore is not legally re-distributable as proprietary software.

McCana's third degree covers the quasi operating system - or rather kernel - behind VMware's flagship ESX Server package.

A kernel is like the nervous system of an OS. It manages the system's resources (such as memory, the CPU, etc,) that an application needs in order to run. VMware uses two kernels that run directly on the hardware; the vmkernel and vmkmod - a Linux kernel.

Because a computer can only run one kernel at a time, the job of VMware's Linux kernel is pretty basic. It's only purpose is to boot the vmkernel. The only way to load vmkernel is through vmkmod, and vmkernel requires Linux — which essentially means that when ESX Server boots, Linux is its kernel. Herein lies the problem.

From VentureCake:

Proprietary drivers for Linux kernel have an interesting licensing situation. Unlike the license for higher level libraries, which allow those libraries to be used by both Open Source and proprietary software, the license for the Linux kernel specifies that software based on the Linux kernel must be licensed under the same license.

If a kernel relies on Linux, it must be open source. The only way such a kernel wouldn't be considered a derivative of Linux and could remain proprietary is if it didn't require Linux to load. MacCana claims this isn't the case with VMware.

VMware, thus far, has remained silent about the issue. Quite surprising, considering the implications and how much money is now involved.

One example of the issue being raised is a post to the Linux kernel mailing list from Linux SCSI storage maintainer, Christopher Helwig. Here, he responds to a post from VMware's Zachary Amsden in August 2006:

Until you stop violating our copyrights with the VMWare ESX support nothing is going to be supported. So could you please stop abusing the Linux code illegally in your projects so I don't have to sue you, or at least piss off and don't expect us to support you in violating our copyrights. I know this isn't your fault, but please get the VMware/EMC legal department to fix it up first.

The post received no reply from Amsden.

So could the issue presented by MacCana blow up in VMware's face? Analyst for Illuminata, Gordon Haff said he'd be "very surprised" if there was a real issue here.

"It's hardly been a secret that VMware has based the console for ESX server (but not the actual hypervisor/VMM) on Linux," wrote Haff in an email. "To be sure, VMware hasn't exactly gone out of its way to play in the Open Source world, and to thoroughly explain exactly how it uses Linux. But it's no secret and therefore, it's really hard to believe that a company of VMware's visibility could be blatantly violating the GPL, and it would never have occurred to anyone to raise the issue until now."

Haff continues that legal issues aside, it would be at least manifestly unfair for such an issue to be realized at this late date when it's been sitting in more-or-less plain sight for years.

Analyst firm Endpoint Technologies president, Roger Kay says that regardless of its merits, the accusation is a result of VMware's success — and the company will doubtlessly continue to draw all sorts of fire.

At the time of this writing, VMware representatives have not responded to our queries. ®

3 Big data security analytics techniques

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
IBM rides nightmarish hardware landscape on OpenPOWER Consortium raft
Google mulls 'third-generation of warehouse-scale computing' on Big Blue's open chips
It's GOOD to get RAIN on your upgrade parade: Crucial M550 1TB SSD
Performance tweaks and power savings – what's not to like?
AMD's 'Seattle' 64-bit ARM server chips now sampling, set to launch in late 2014
But they won't appear in SeaMicro Fabric Compute Systems anytime soon
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.