Announcement

**ShFil** · 14 May 2020, 05:45 PM

A bit off-topic, but there was idea to release opensource firmware for gcn, but without DRM support. Has anyone heard something new?

Having two boot entries wouldn't be to bad.

**agd5f** · 15 May 2020, 09:22 PM

Originally posted by amdtesterman View Post

Why HDCP can't be used like in windows on usual PC's?
Give me a reason. The only difference betwin windows and Linux based distros are the people using it, but both of them have "ways to" break the drm and other stuf.. and the difference from android likes are many so... why windows have hdcp and linux distros using an modern intel or amd can't use it?

It tells that there is support for the screens hdcp 1.4 and 2.2 so.. the limit are the userspace component that have to be built-in chromium and firefox

You need a locked down platform. Otherwise you can just hack the driver and pretend HDCP is enabled.

**amdtesterman** · 18 May 2020, 11:28 AM

Originally posted by agd5f View Post

You need a locked down platform. Otherwise you can just hack the driver and pretend HDCP is enabled.

and what's the difference betwing a Linux distribution and windows? both of them are not locked down platforms.. and in MS there is support for this and much more.
You can not hack the driver and pretend that you are using encrypted memory.. For you what is a locked down platform?

**agd5f** · 18 May 2020, 11:38 AM

Originally posted by amdtesterman View Post

and what's the difference betwing a Linux distribution and windows? both of them are not locked down platforms.. and in MS there is support for this and much more.
You can not hack the driver and pretend that you are using encrypted memory.. For you what is a locked down platform?

I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.

**amdtesterman** · 18 May 2020, 12:12 PM

Originally posted by agd5f View Post

I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.

ah, okay, is it a need to have signed binaries ( like secure boot) to have working and secure protected video playback, right?

May be someone can think about a solution for a unified way. But I won't expect from open source developpers because they are not very happy with drm ( and I understand why..)

**amdtesterman** · 18 May 2020, 12:15 PM

Originally posted by agd5f View Post

I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.

May be with snap or flatpak in the future can be a real infraestructure for this?

**Veerappan** · 19 May 2020, 09:33 AM

Originally posted by amdtesterman View Post

yeah, the problem is that you are not getting FHD or HD.. you are getting a 540p playback in prime video

If you don' trust me you can check it by the URL chrome://media-internals there you can view the actual resolution of videos so.. check it please

Yup. Honestly hadn't noticed. Most of what I've been watching recently has been stuff recorded 10-20 years ago, so it is usually covered in film-grain to begin with.

**Veerappan** · 19 May 2020, 09:41 AM

Originally posted by agd5f View Post

I'm not too familiar with exactly how windows handles this, but at at high level, windows uses signed binaries for the OS and drivers. You could probably do something similar on Linux, but there is no real infrastructure for handling this in a unified way.

Yeah, you definitely *can* do this, or at least the beginning of this. I used to run my work laptop with SecureBoot enabled with signed kernel images so that I could keep my Windows partition's BitLocker intact. Eventually not being able to run VirtualBox (due to the dkms modules at the time being a PITA to sign and get recognized at boot) became too big a hassle and I just tossed the windows install completely in favor of the Windows VM I already had.

My example is from Ubuntu, but I'm pretty sure *some* other distros have a similar capability.

**agd5f** · 19 May 2020, 09:58 AM

Originally posted by Veerappan View Post

Yeah, you definitely *can* do this, or at least the beginning of this. I used to run my work laptop with SecureBoot enabled with signed kernel images so that I could keep my Windows partition's BitLocker intact. Eventually not being able to run VirtualBox (due to the dkms modules at the time being a PITA to sign and get recognized at boot) became too big a hassle and I just tossed the windows install completely in favor of the Windows VM I already had.

My example is from Ubuntu, but I'm pretty sure *some* other distros have a similar capability.

I think the issue is how to guarantee that the signed images are actually secure and that you didn't just sign a kernel that lies about supporting HDCP.

**Veerappan** · 19 May 2020, 11:42 AM

Originally posted by agd5f View Post

I think the issue is how to guarantee that the signed images are actually secure and that you didn't just sign a kernel that lies about supporting HDCP.

yeah, I suspect that the trusted key-list would have to be controlled there. No user-enrolled keys allowed, probably.

And then the user adds one of the HDCP stripping dongles anyway, making kernel support potentially moot.

Announcement

RadeonSI Driver Now Supports AMD Trusted Memory Zone

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment