Confusion between patches and code
I think there's a big confusion between patches and code. The GPL requires that you give the code and allows the receiver to redistribute it. It doesn't make mentions of patches, changelogs, drafts or even copies of design discussions, all of which are part of the development process. From what I've read from various posts, the grsec contract restricts redistribution of the patches and changelogs and claims no extra limitation beyond the GPL's obligations. This means the recipient is perfectly allowed to redistribute the source code (patched kernel) as per the GPL, and whoever receives it can rebuild a jumbo patch by diffing this kernel against the mainline kernel.
It's just true that nowadays, a few decades after the GPL was invented, we value git patches and their full changelogs a lot because they contain the justification for the change, which is very important in the security area. We must just not confuse code and changelogs. And eventhough I really hate what they're doing, I think they're in their right and people are misreading their contract.
If I were a customer, I'd rather argue that this restriction significantly reduces the code's exposure to peer reviews and making it much less trustable for security applications. Security must be the most open possible, and Spender has been arguing about this for as long as he's been working on grsec. So in my opinion grsec has lost its main value now, it's sad.
Biting the hand that feeds IT
