Announcement

Collapse
No announcement yet.

SMAF Still Hasn't Landed In Linux Kernel, Would Allow Better Protecting Video Playback

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • SMAF Still Hasn't Landed In Linux Kernel, Would Allow Better Protecting Video Playback

    Phoronix: SMAF Still Hasn't Landed In Linux Kernel, Would Allow Better Protecting Video Playback

    Last year we covered SMAF as the project aiming to allow for secure DMA-BUF usage. While that was written about nearly a year ago and had already gone through multiple patch revisions, unfortunately that code has yet to be mainlined...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    s/protected/restricted/g

    Comment


    • #3
      I'm fine with it, as long as there is like, a build time switch or something to let us bypass it :-P

      Comment


      • #4
        Originally posted by Calinou View Post
        s/protected/restricted/g
        ...and yet the actual pirates will continue to find success using things like HDMI strippers, BluRay rippers using dumped AACS keys, and plugin cracks which omit the "mark this as protected" instructions.

        I guess we'll just have to hope that this can also be useful as a complement to other technologies like the IOMMU, which is useful for things like sandboxing closed firmware as long as the firmware isn't running at a higher privilege level than the OS, like the Intel Management Engine is.

        Comment


        • #5
          Originally posted by ssokolow View Post
          HDMI strippers
          Bah! HDCP strippers. I reminded myself to get that right three times and I still messed up. I need to get to sleep.

          Comment


          • #6
            Well, I always knew the claim that EME would allow for open source implementations was bullshit. Even if the open source drivers implemented those protected OpenGL extensions, I'm pretty sure they would never be trusted - only closed source drivers like NVIDIA or AMD would be trusted on the desktop, and the case is the same even on mobile.

            I don't know of any open source drivers using a "video hole", sounds like this in an NVIDIA thing. So they were totally bypassing normal rendering paths and screwing up people's display just to protect "protected" content - which is provided higher security and protection than a user's data.

            Comment


            • #7
              What's "protected playback"? Sounds like DRM garbage to me.

              Comment


              • #8
                No such trash should be allowed in the kernel. That would awful.

                Comment


                • #9
                  Originally posted by ssokolow View Post
                  I guess we'll just have to hope that this can also be useful as a complement to other technologies like the IOMMU, which is useful for things like sandboxing closed firmware as long as the firmware isn't running at a higher privilege level than the OS, like the Intel Management Engine is.
                  http://www.phoronix.com/scan.php?pag...v5-DMA-BUF-SPD
                  "The SMAF framework is a Linaro-led project for implementing Secure Data Path (SDP). "
                  "SDP is a set of hardware features to garanty that some memories regions could only be read and/or write by specific hardware IPs. You can imagine it as a kind of memory firewall which grant/revoke accesses to memory per devices. Firewall configuration must be done in a trusted environment: for ARM architecture we plan to use OP-TEE + a trusted application to do that."

                  It allows sandboxing a whole hardware device, as long as it is stuff managed by the kernel, Intel's ME and AMD's equivalents are of course not sanboxable.

                  Comment


                  • #10
                    Sad that this protects the content from the end-user. It runs on your computer but restricts you and serve other people's interest, not yours.

                    I wonder if malware could use SMAF to hide from virus scanners and such.

                    Comment

                    Working...
                    X