Please make the implementation generic! Imagine how awesome it could be if HDCP was designed for the consumer and not against it.

Diffie-Hellman key exchange with the monitor, confirmed by the user, to enable a fully encrypted pipeline from the application to the screen. Add to this the ability to run the application code into a secure processor enclave with encrypted memory, and you give keyloggers and Rogue programs a much harder time for snooping on your activities, even with kernel access, or physically (also applicable via wifi or VNC) attached to the video cable.

Well, of course, this only gets financed for DRM... But it would be nice to have. I believe the "no screens hots" functionality Signal uses on Android was originally developed to protect copyrighted content?

Such a solution would be ideal for keyboards as well, I've seen hardware keyloggers in the wild.

Yeah it would be awesome. The main issue is that the protocol itself is not designed for security, but for planned obsolescence and to gobble license money from other hardware manufacturers.

HDCP is a piece of crap that can be sidestepped by a 30$ box, and is not retro-compatible anymore since 2012 I think.

I don't really think its worth using for anything where you care about security.

Which is why I'm 100% ok with adding it to Linux. If this is enough to let the media distributors think they are safe and can provide native linux clients or streaming, I'm all for it. That's the only thing it is good for, providing false sense of security.

Kind of a shame this junk is creeping all around the stack.

so am I going to have to go into source code myself and gut this HDCP b******t after it's committed or will it be limited to Intel drivers or what? Don't want this crap anywhere near my stuff.

Am I correct in my reading that this first cut of DRM support only covers whole-screen output, with an encrypted tunnel between the kernel and display(s) not obtainable in the clear by the compositor or even necessarily the display driver itself?

I don't see how composition of protected video can exist with an open kernel, driver, or kernel, unless you introduced CPU enclaves capable of handshaking with displays doing their own composition from multiple simultaneous input streams. I know the CPU enclave stuff is already here, but I really don't perceive display-side composition coming any time soon given the complete lack of need in the consumer TV side.

It's in Wayland and is generic, it will link with Intel drivers that currently seem to support it, but can also link to any other driver that does.

This means you will have to waste your time reverting patches from the kernel (because of the driver support) and in your favourite DE's wayland compositor (assuming they didn't provide some compile-time switch for that as it is a protocol extension and should therefore be self-contained), to disable an optional feature that is quite frankly not even used unless a userspace application requests it, and if it does and fails to establish a HDCP connection it will refuse to work at all, terminating itself.

All your effort will not change ONE BIT the fact that media mafia want people to use DRM, you might as well send thoughts and prayers.

See the following graphical representation for further details:

I agree with you, but the reason I don't want HDCP in my system is because I already don't buy DRM-encumbered media anymore (with the exception of games on Steam but only when they are on super sale like 80% off). I have hundreds of DVDs and some Blu-rays (haven't bought any in a while and never a 4k one). Problem is, I don't really believe anyone telling me that HDCP will only be used when needed and won't cause problems otherwise. I feel like all it does is cause problems in the home theater realm.

I'm probably never going to buy a movie again in my entire life, and fortunately I don't even feel the need to watch movies at all these days so that won't even need to lead me down the path of the pirate.

I don't want my computer to output a HDCP signal... ever. for any reason. I don't care if an app wants it to.

Unless the application specifically requests to use this, it won't be used. Unless the application is reading DRM-encumbered files and also supports the DRM and HDCP the feature won't be requested and not used.

I quite frankly think this thing is mostly for web browsers, for netflix and similar. You know, the "widevine" DRM.

Opensource applications have 0 need for that. They don't have a "master" they need to appease by promising they will use HDCP to protect the precious media afterwards, as long as they find a way to read the media they will do so, end of the story. (which is why DVD drm gets bypassed while bluray drm may or may not work)
In the highly unlikely case that they do it's vastly easier to just hack the application to not do that, instead of half your system.

Only type of player that could need it are closed-source media players of some sort (wtf is this crap doing in your Linux system anyway).

That's because physical DVD/bluray players enforce the DRM on the physical disk and require HDCP when required by the media itself, as they are built exclusively for that and need the certifications and licenses and blessings from media mafia to read DRM-protected stuff at all.

Same as the total BS "region limitation" of some disks. DVD players freak out, a PC reads them fine. It's another fictional limitation they came up with.

I won't go against your religion, but there is no rational, practical reason that requires you to do so.

I usually just rip the disks with a windows application that removes or bypasses the DRM and store them as DRM-less digital formats. Usually for third parties though.

This is generally safer (digital media is less sensitive than phisical optical drives, and you can make backups all around), easier to deal with as it has no DRM, you can stream it all over the house to any device (with down-scaling done automatically by the server if needed, like say with Plex server), and so on and so forth.

Here's an interesting question, and it goes to whether HDCP could ever be the basis of encrypting your own signal on your monitor cable or not: Could a remote attacker reading the RF emissions from your monitor cable (a "tempest" attack) on getting garbage, re-route it through that $30 box and recover what's on your screen, or is there no way to do this when you have only the data and not the source hardware (graphics card) in hand? Right now, HDCP is probably the only form of encryption supported by consumer monitors.

Certainly a rogue application won't have that box, as it exists only as one and zeros on disk and RAM. If the contents of video RAM are encrypted (even with this known weak system), it is a lot harder for an attacker's malicious program to copy out your video RAM and read all your passphrases, emails, and given enough bandwidth photos and video clips as you interact with them.

If you can't wrap your head around my usual purposes for this security, imagine you are a movie reviewer. You are trusted by the studios with pre-release cuts of big budget films, and if a copy ever leaks you are out of business. Unfortunately you live in an apartment, and the guy in the next unit over works for a rival studio, is a hacker, and also is intimate familiar with RF technology. How do you make sure that when you are watching and reviewing this highly secret, pre-release film that the snoopy next-door neighbor from the rival studio is not also watching it and maybe even recording it? Not being on the Internet is not enough if monitor cable emissions are the leak.