Monday, October 15, 2007

OE & FlexLm

Today I went to Kothamangala. I decided to wait at a browsing center when my sister was at college. The owner of the browsing center allowed me to connect my laptop to network. And then... I had access to 2Mbps broadband.

So, I decided to try a few things which my friend had mentioned to me over mail.

OpenEmbedded

This is a framework to create root images for embedded Linux boards. They use an application called bitbake & mtn.

bitbake: A utility to execute a set of tasks. The tasks are present in *.bb file
mtn: A version control system.

How it works?
OE guys save database various BB files. Download that and extract the BB required BB files using the mtn command. Then use the bitbake command to build any (group of) package we need.

Drawback:
There is a local.conf file and a conf file for each distro. We can specify the machine architecture etc in the conf file. However, it will then compile everything from scratch (including the tool chain). That is a few hundred MBs of download for the first time.

The sad part is that, when I tried to build angstrom distro, I found that they applied a QEMU patch which was not getting compiled with GCC version 4.1.2. This was the gcc version mentioned in the conf file of angstrom. I got an error message that I need to use 3.x version of GCC. Now there were two things.

1. By moving gcc version to 3.4.6 (latest in 3.x), I could have broken a few other deps
2. I had already downloaded a few hundreds of MBs of source code for 4.x version.

So, I decided to drop it for the time being. There was one more hurdle. I had access to csb6xx board based on intel pxa2xx. There was no support for this board. Compiling a rootfs for the board meant adding support for this board from scratch.

FlexLm

Should there be an open source license manager? If the source is open, then what is the use of a license manager?

Apparently, there are not many. If you want to make a change to OSS code and want to license it, you need to buy a commercial tool or you need to write one of your own.

One could try to partly encrypt the flash in a embedded Linux device. However, a) this will reduce the life of the flash, b) this will also be difficult since we need to find a way to protect meta data.

The other solution include secure dongles or TPM (these two are costly and complicated)
So, we will forget about hiding the software from the cracker. We will have to let him copy, but prevent that copy from working.

This made me think about the normal license managers available. The most famous is FlexLm. This is commercial. A search on this took me to RLM. This is also commercial. Now there is one in OSS domain. But it is not worth mentioning since the author himself claims that it is easily breakable.

So, I am at this conclusion currently. Security is an illusion and it is better to keep it that way :)

Apart from this, I tried a few more things. More about them later.