13:59 <macc24> now that i'm out of school.... i can procrastinate testing !10961

14:05 <leah> is the OFTC chan official now?

14:05 <leah> because of the freenode stuff. just wondering

14:05 <macc24> leah: yea

14:05 <leah> ok

14:06 <leah> damn

14:06 <leah> now i'm logged on to 3 irc servers

14:06 <leah> debian is on oftc. i'll check them out

14:20 <leah> now can i pm an admin about something

14:20 <leah> oh wait, sorry wrong chan. this was meant for #oftc

18:31 <cphealy> Do any of the ARM Mali GPUs support EXT_protected_textures or EGL_EXT_protected_content for secure video use cases?

18:36 <alyssa> cphealy: lolsecure

18:36 <alyssa> Bifrost lets the CPU lock down its MU

18:36 <alyssa> MMU

18:37 <alyssa> but the functionality is useless on its own, all of the interesting pieces would have to happen in trustzone

18:37 <cphealy> trustzone is specific too the CPU though, correct?

18:37 <cphealy> There would need to be a way to prevent the 3D GPU from writing a buffer with secure texture to a non-secure memory location.

18:38 <alyssa> yeah the GPU's MMU can be configured for that

18:38 <alyssa> but I don't condone that

18:38 <alyssa> ;)

18:38 <alyssa> For, er, educational purposes the string to grep kbase for is 'protected_mode'

18:38 <cphealy> ha, thank you.

18:39 <cphealy> Yea, I want to avoid the philosophical side of digital rights management and stick to the technical side... ;-)

18:39 <alyssa> "rights"

18:41 <anarsoul> what prevents you from reading render target back later?

18:43 <cphealy> In the case of HW DRM on embedded systems, typically there is an OP-TEE (open trusted execution environment) which lives in the secure domain (trustzone) that prevents IP cores from being able to move data from secure memory to regular memory locations.

18:44 <cphealy> For example: if a display controller supported a writeback_connector, there would be code running in the OP-TEE that makes sure the display controller is not configured to use the writeback connector when secure content is being played.

18:48 <anarsoul> cphealy: you still may need to read render target on the GPU, i.e. for compositing

18:49 <cphealy> anarsoul: ack This is definitely where it gets interesting.

21:05 <alyssa> I've spent much of today fixing register preloading on the current RA (cherrypicking some of what worked in March's RA experiment)

21:06 <alyssa> which means message preloading should be able to land Soon(TM)

21:06 <alyssa> which I'm excited about, since it's a fairly important optimization on v7

23:00 <cyrozap> alyssa: Some DRM tech can also be used to enhance user privacy/security. For example, HDCP can be used to foil TEMPEST-style attacks on the HDMI link, and preventing reads from "secure" memory could be used for things like isolating applications from one another (e.g., so a malicious application with elevated privileges can't dump the screen and exfiltrate info). Not defending the creation of

23:00 <cyrozap> technologies designed to prevent users from accessing parts of their own hardware, just wanted to show that there are some good, freedom-respecting uses for it (when the user is able to control it).

23:13 <Dylanger[m]> > For example, HDCP can be used to foil TEMPEST-style

23:13 <Dylanger[m]> Within handhelds, TEMPEST is super hard to mitigate

23:54 <alyssa> fizzlepop berrytwist?