An AMDGPU Branch For Security PSP / HDCP Support
There's an AMDGPU Linux branch in development for supporting HDCP (High-bandwidth Digital Content Protection) security and the PSP (Platform Security Processor).
This is just a development branch working on these "security" features and not for mainline at this stage (not in Linux 4.10) and is dependent anyhow first on the DAL/DC code. Plus this could all end up being code reserved just for the AMDGPU-PRO DKMS module and not mainlined if there is backlash or not being able to open-source all of their security-related functionality. But anyhow a Phoronix reader pointed out this amd-staging-security-opensource-4.4 branch and was frightened by it, as most Linux users are when hearing words like "HDCP" and other forms of protection.
The security branch was last updated one month ago and includes PSP support, "PSP (Platform Security Processor) runs a secure OS and trusted applications in a secure world. Host communicates with PSP over mailbox registers available on the Graphics BAR. The AMDGPU driver enables the host to communicate with PSP over the mailbox registers."
There is also DAL changes to support HDCP and a HDCP security service component. Of this HDCP protection component, "HDCP securty service plays an important role during the authentication phase of the HDCP receiver with the HDCP transmitter. The HDCP transmitter and the receiver exchange a series of security messages to establish the authenticity of the receiver. The receiver that is successfully authenticated by the transmitter is authorized to play the protected content that is sent by the transmitter. HDCP security service offloads security critical tasks to HDCP TA running as a secure application on PSP. HDCP security service uses interface provided by DAL to read and write display registers over I2C/AUX. The HDCP authentication sequence is managed by HDCPSS."
We'll see where this code goes moving into 2017.
This is just a development branch working on these "security" features and not for mainline at this stage (not in Linux 4.10) and is dependent anyhow first on the DAL/DC code. Plus this could all end up being code reserved just for the AMDGPU-PRO DKMS module and not mainlined if there is backlash or not being able to open-source all of their security-related functionality. But anyhow a Phoronix reader pointed out this amd-staging-security-opensource-4.4 branch and was frightened by it, as most Linux users are when hearing words like "HDCP" and other forms of protection.
The security branch was last updated one month ago and includes PSP support, "PSP (Platform Security Processor) runs a secure OS and trusted applications in a secure world. Host communicates with PSP over mailbox registers available on the Graphics BAR. The AMDGPU driver enables the host to communicate with PSP over the mailbox registers."
There is also DAL changes to support HDCP and a HDCP security service component. Of this HDCP protection component, "HDCP securty service plays an important role during the authentication phase of the HDCP receiver with the HDCP transmitter. The HDCP transmitter and the receiver exchange a series of security messages to establish the authenticity of the receiver. The receiver that is successfully authenticated by the transmitter is authorized to play the protected content that is sent by the transmitter. HDCP security service offloads security critical tasks to HDCP TA running as a secure application on PSP. HDCP security service uses interface provided by DAL to read and write display registers over I2C/AUX. The HDCP authentication sequence is managed by HDCPSS."
We'll see where this code goes moving into 2017.
32 Comments