Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752777AbdLESBK (ORCPT ); Tue, 5 Dec 2017 13:01:10 -0500 Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:37756 "EHLO atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752481AbdLESBJ (ORCPT ); Tue, 5 Dec 2017 13:01:09 -0500 Date: Tue, 5 Dec 2017 19:01:07 +0100 From: Pavel Machek To: Alex Deucher Cc: Sean Paul , David Airlie , Intel Graphics Development , LKML , linux-mediatek@lists.infradead.org, Maling list - DRI developers , Daniel Vetter , "linux-arm-kernel@lists.infradead.org" Subject: Re: [RFC PATCH 1/6] drm: Add Content Protection property Message-ID: <20171205180107.GA22672@amd> References: <20171130030907.26848-1-seanpaul@chromium.org> <20171130030907.26848-2-seanpaul@chromium.org> <20171205102840.GB12982@amd> <20171205104538.b4fxdjad3c46koas@phenom.ffwll.local> <20171205173408.GA18425@amd> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2512 Lines: 71 --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! > >> > Why would user of the machine want this to be something else than > >> > 'OFF'? > >> > > >> > If kernel implements this, will it mean hardware vendors will have to > >> > prevent user from updating kernel on machines they own? > >> > > >> > If this is merged, does it open kernel developers to DMCA threats if > >> > they try to change it? > >> > >> Because this just implements one part of the content protection scheme. > >> This only gives you an option to enable HDCP (aka encryption, it's rea= lly > >> nothing else) on the cable. Just because it has Content Protection in = the > >> name does _not_ mean it is (stand-alone) an effective nor complete con= tent > >> protection scheme. It's simply encrypting data, that's all. > > > > Yep. So my first question was: why would user of the machine ever want > > encryption "ENABLED" or "DESIRED"? Could you answer it? >=20 > How about for sensitive video streams in government offices where you > want to avoid a spy potentially tapping the cable to see the video > stream? Except that spies already have the keys, as every monitor manufacturer has them? > >> kernels and be able to exercise their software freedoms already know to > >> avoid such locked down systems. > >> > >> So yeah it would be better to call this the "HDMI/DP cable encryption > >> support", but well, it's not what it's called really. > > > > Well, it does not belong in kernel, no matter what is the name. >=20 > Should we remove support for encrypted file systems and encrypted > virtual machines? Just like them the option is there is you want to > use it. If you don't want to, you don't have to. Encrypted file systems benefit users. Encrypted video is designed to work against users. In particular, users don't have encryption keys for video they generate. I'd have nothing against feature that would let users encrypt video with keys they control. Pavel --=20 (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo= g.html --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlom3uMACgkQMOfwapXb+vJypQCeJ1UqmMUB7ENbOT0y9upXV+pP iBMAmwXGhltjHelMc08wlcuPXrCawQtK =OiP4 -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh--