Announcement

Collapse
No announcement yet.

RadeonSI Driver Now Supports AMD Trusted Memory Zone

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    A bit off-topic, but there was idea to release opensource firmware for gcn, but without DRM support. Has anyone heard something new?

    Having two boot entries wouldn't be to bad.

    Comment


    • #12
      Originally posted by amdtesterman View Post

      Why HDCP can't be used like in windows on usual PC's?
      Give me a reason. The only difference betwin windows and Linux based distros are the people using it, but both of them have "ways to" break the drm and other stuf.. and the difference from android likes are many so... why windows have hdcp and linux distros using an modern intel or amd can't use it?

      It tells that there is support for the screens hdcp 1.4 and 2.2 so.. the limit are the userspace component that have to be built-in chromium and firefox
      You need a locked down platform. Otherwise you can just hack the driver and pretend HDCP is enabled.

      Comment


      • #13
        Originally posted by agd5f View Post

        You need a locked down platform. Otherwise you can just hack the driver and pretend HDCP is enabled.
        and what's the difference betwing a Linux distribution and windows? both of them are not locked down platforms.. and in MS there is support for this and much more.
        You can not hack the driver and pretend that you are using encrypted memory.. For you what is a locked down platform?

        Comment


        • #14
          Originally posted by amdtesterman View Post

          and what's the difference betwing a Linux distribution and windows? both of them are not locked down platforms.. and in MS there is support for this and much more.
          You can not hack the driver and pretend that you are using encrypted memory.. For you what is a locked down platform?
          I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.

          Comment


          • #15
            Originally posted by agd5f View Post

            I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.
            ah, okay, is it a need to have signed binaries ( like secure boot) to have working and secure protected video playback, right?

            May be someone can think about a solution for a unified way. But I won't expect from open source developpers because they are not very happy with drm ( and I understand why..)

            Comment


            • #16
              Originally posted by agd5f View Post

              I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.
              May be with snap or flatpak in the future can be a real infraestructure for this?

              Comment


              • #17
                Originally posted by amdtesterman View Post

                yeah, the problem is that you are not getting FHD or HD.. you are getting a 540p playback in prime video
                If you don' trust me you can check it by the URL chrome://media-internals there you can view the actual resolution of videos so.. check it please
                Yup. Honestly hadn't noticed. Most of what I've been watching recently has been stuff recorded 10-20 years ago, so it is usually covered in film-grain to begin with.
                Last edited by Veerappan; 05-19-2020, 09:37 AM.

                Comment


                • #18
                  Originally posted by agd5f View Post

                  I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.
                  Yeah, you definitely *can* do this, or at least the beginning of this. I used to run my work laptop with SecureBoot enabled with signed kernel images so that I could keep my Windows partition's BitLocker intact. Eventually not being able to run VirtualBox (due to the dkms modules at the time being a PITA to sign and get recognized at boot) became too big a hassle and I just tossed the windows install completely in favor of the Windows VM I already had.

                  My example is from Ubuntu, but I'm pretty sure *some* other distros have a similar capability.

                  Comment


                  • #19
                    Originally posted by Veerappan View Post

                    Yeah, you definitely *can* do this, or at least the beginning of this. I used to run my work laptop with SecureBoot enabled with signed kernel images so that I could keep my Windows partition's BitLocker intact. Eventually not being able to run VirtualBox (due to the dkms modules at the time being a PITA to sign and get recognized at boot) became too big a hassle and I just tossed the windows install completely in favor of the Windows VM I already had.

                    My example is from Ubuntu, but I'm pretty sure *some* other distros have a similar capability.
                    I think the issue is how to guarantee that the signed images are actually secure and that you didn't just sign a kernel that lies about supporting HDCP.

                    Comment


                    • #20
                      Originally posted by agd5f View Post

                      I think the issue is how to guarantee that the signed images are actually secure and that you didn't just sign a kernel that lies about supporting HDCP.
                      yeah, I suspect that the trusted key-list would have to be controlled there. No user-enrolled keys allowed, probably.

                      And then the user adds one of the HDCP stripping dongles anyway, making kernel support potentially moot.

                      Comment

                      Working...
                      X