PS4s using GPU in Game mode for Blu-ray, Netflix and more = DRM vulnerable

[jeff_rigby]

At this time Netflix and Blu-ray are using the APU's GPU for commercial media which creates DRM vulnerabilities. Sometime around 2010 when OpenGL/WebGL was chosen to support Browsers and Browsers were proposed as the Desktop UI (The PS4 has a WebGL Desktop.), Microsoft stated that there were overflow vulnerabilities allowing hackers to crack routines in GPU memory and allow access to the OS; thus the name Fail Overflow below. AMD sometime around 2010 started adding ARM Trustzone as a security processor to APUs and dGPUs. The ARM Tee in AMD APUs and Playready 3 is the answer to these DRM vulnerabilities for media but it's not used yet.

Sometime 2013 or later Khronos published specifications for a more secure WebGL. Essentially it's GPU memory Virtualization and of course Trusted boot in addition to a number of better programming practices. AMD's HSA memory model requires Memory virtualization and the PS4 Southbridge provides the trusted boot. It is therefore possible that an updated (from what was available in 2013) WebGL for the PS4 could support a secure WebGL.

Edit: FOR Game and media at the present time, a Fail Overflow programmer has stated that in Game mode, video in Display Port format travels over a 4 wire PCIe from the APU directly to the Custom Panasonic HDMI chip which converts from DP to HDMI.

https://www.youtube.com/watch?v=-AoH...outu.be&t=1314

The Fail Overflow hacker makes a big deal about this but it makes sense if Sony used the older Liverpool GPU design only modifying/updating parts of it for the PS4. (DP not HDMI support, No Trustzone block, no True Audio block and only hardware h.264 for game streaming compared to the XB1 with HEVC 8)

h.264 video for game streaming or remote gaming travels over a 4 wire PCIe from the APU to Southbridge then out the LAN port. Netflix at this time is treated as a APU game and does not use any of the Trustzone features. Blue ray player also does not use Trustzone (@ 34:00) as the video stream is treated just like a Game from the GPU.

This is the 2008 GPU DRM for Blue Ray seen in Vista where video is HDCP encrypted in the GPU not the HDMI chip. The PS4 should do something similar as the HDMI chips pins are exposed but Fail overflow says HDCP takes place in the Custom Panasonic chip; again this violates modern DRM rules. If this is true then the design is GAME only and DRM media will eventually have another path through the TEE in southbridge where HDCP 2.2 already exists. There are two PCIe 4 paths from the APU, one to the HDMI chip and one to Southbridge. The HDMI chip has two PCIe4 inputs, one from the APU and one from Southbridge which has the ARM TEE for DRM media:

Quote:

Originally Posted by http://www.anandtech.com/show/2622/2

The problem is that the movie studios wanted a way of securing the content between the time the AACS was decrypted and the HDCP encryption took over. Once the AACS was decrypted the encoded movie was sitting in main memory and could be intercepted by any other application, so something had to be done.

The solution was to re-encrypt the data once it was pulled off the disc (I'm not kidding). This time the encryption would be done by the application and decrypted by the GPU itself, creating a protected path that couldn't easily be compromised.

The graphics driver would be able to pass along the encrypted data to the GPU, which would then decrypt and decode it in hardware and then the entire framebuffer would be HDCP encrypted by the GPU before sending it out over DVI/HDMI.

This means game HDR is handled by the APU but HDMI 2.0a negotiation is still forwarded to the APU either through the Southbridge or directly from HDMI to APU.

Edit: The PS4 is a Game console not PC and DRM rules for it would be less stringent. Sony may have been counting on this and content owners or testing labs may not have signed off on the PS4 design as complying with Playready 3 rules.

Three cases:

1) Sony may already be supporting Playready 3 with reduced SL (Security Level, 3000 required for UHD) due to codec and player being implemented in the APU. This would be the reason for no UHD Blu-ray. Security level too low and power use too high to support DLNA 4.0 and UHD Blu-ray. These issues would apply to the PS4 hardware design using the APU. Trusted boot, TPM 2.0 and HDCP 2.2 are parts needed by Playready 3 and would be supported by Southbridge in all cases and have been essentially confirmed by Cerny.

RE: Exposed PCIe buss and HDMI pins (PCIe traces and HDMI pins exposed) 1.2.1 Company must design and develop PlayReady Products such that decrypted Content is not available to Outputs or APIs except as expressly specified (and in the form specified) in these Robustness Rules and/or applicable Compliance Rules. (HDCP must take place in the GPU similar to the 2008 Vista OS model.)

Possible reason for Netflix size: (Uploaded as 55 MB but PS4 OS says it's 1.13 GB) 1.6.3.1 PlayReady Final Products must comply with Section 1.2 (Keep Secrets), Section 5.1.2 (Protect Trust Values) and Section 1.4 (Keep Confidential) of these Robustness Rules by reasonable and effective methods, which may include, but are not limited to: encryption, embodiment in a secure physical implementation, using techniques of obfuscation and/or cryptographic whiteboxing technologies to disguise and hamper attempts to discover the approaches used or secrets concealed within the software, and/or self-checking of integrity in such a manner as to result in a failure to execute Content Protection Functions in the event of unauthorized modification.

2) Sony with firmware update implements a more secure TEE in the APU with SL reaching 3000 but they still use too much power.
3) Sony implements a TEE in Southbridge

A move to HTML5 <video> with embedded DRM (MSE EME) in the browser be it Playready or whatever will mean a change in Netflix for instance. It will use APIs from the Trustzone block and only the UI will be created in the APU. HDCP 2.2 would already in the Southbridge TEE used for Miracast and Playready 3. For HD and UHD Mode media, DRM requires AACS or Playready encrypted will enter the Southbridge TEE and exit as HDCP 2.2 over a PCIe to the Custom Panasonic HDMI chip with HD + HDR the same. This is a DRM requirement in part because the HDMI pins are exposed.

How do we know this change using a TEE is coming? Sony calls the 2013 PS4 UHD capable and the intellectual notice has Playready 3 listed, both require a TEE for DRM media. Note: 2016 power tests for Media show 80 watts for the 2013 PS4 and 50 watts for the 2016 PS4 Slim (Page 12). This is media being processed by the GPU. 2017 tests should have the Southbridge TEE finally used and with full screen video the power use should be much less.

Sony UHD players both high end and mass market are coming March 2017 which is when the PS4 4.5 semi annual Firmware update (6 months March-April to September-October) happens. The first PC third party UHD Blu-ray player releases April 17. Google is going to refuse to upload Flash video in favor of HTML5 <video> in April also.



RE: Embedded DRM/HTML5 <video> MSE EME and why it may not have been implemented yet

1) Playready is listed in the 2013 PS4 Intellectual notice, it's the embedded Playready 3 as Playready 2.5 is a part of the APP and not included in the platforms OS. This line in the Intellectual notice confirms it's Playready 3. "If the device fails to properly enforce restrictions on content usage, content owners may require Microsoft to revoke the device's ability to consume PlayReady-protected content." If an APP fails to protect content you disable or remove the APP, if the Device fails you revoke the device and all APPs that rely on the embedded DRM fail to work. Playready 3 is going to be required for 1080P and is required for 4k media DRM.

Currently third party apps like Netflix @ 1.13 Gigabyte in size may use a DRM embedded in the APP not the device. That would be Playready 2.5 or similar. If the PS4 Netflix is using Playready 3 then the size of the app is increased to hide critical DRM routines. At the present time HTML5 <video> MSE EME embedded DRM is not supported in the browser which may support no Playready 3.

2) Playready 3 requires a TEE. According to Cerney, the ARM Trustzone TEE is in Southbridge. Playready 3 requires HDCP 2.2 and Miracast is now implicit as an output which also requires HDCP 2.2. HDCP 2.2 requires TPM 2.0 (Trusted Platform Module hardware and routines). Good PDF on TEE video path with ARM Trustzone.

3) WMDRM is also listed in the PS4 Intellectual notice. It's only use is for DLNA DTCP-IP at resolutions below 1080P. It also has not been used yet.

4) The PS4 HDMI chip is a Panasonic custom design but in pictures of the 2013 and 2015 motherboards, the pins and motherboard traces are exposed. This is not now allowed. The video exiting the Southbridge must be HDCP encrypted rather than HDCP encryption taking place in the HDMI chip. Since in #2 above, the Southbridge Trustzone TEE contains hardware and routines to support HDCP 2.2 and the PS4 has a Custom HDMI chip, it's possible to support HDMI 2.0 with a software update. HDMI 2.0 requires HDCP 2.2 but HDCP 2.2 was not mapped to a HDMI port till early 2013 thus everyone assumed the PS4 released in 2013 could not support a HDMI 2.0 port. It turns out that in a Source player it is cheaper and more DRM secure to HDCP 2.2 encrypt in the TEE rather than the HDMI chip.

4a) Sony calls all PS4s UHD capable in the efficientgaming.eu website

This has been partially confirmed, All PS4s support HDR which for games does not require DRM, it just requires the negotiation of a HDMI 2.0a port which could be limited to 1080P as HDR is independent of resolution but does require Progressive output (480P, 720P, 1080P). HDR for media takes place in the TEE, HDR for games must be added by GPU routines. In all cases including HDCP for HDMI, negotiation must be passed to the TEE and then for game HDR and resolution decisions, provided to the APU.

5) A Software developer is releasing a game @ 1080P 60FPS with HDR which requires a Level A HDMI port spec which can support greater than 1080P @ 60 Hz, possibly 4k... we do not know yet.

6) There is no way to confirm Playready 3 has been used by any third party app and the current PS4 media player does not support DRM including DTCP-IP for DLNA either WMDRM or Playready ND that comes with Playready 3. WHY? Why no video chat?

If you follow the PC and Windows 10, TPM 2.0 was in the 2016 summer update and TPM 2.0 is not backwardly compatible. 4K and HTML5 <video> embedded (MSE EME) depends on embedded DRM and parts of those embedded routines are part of the Playready 3 porting kit which all modern DRM can use. My cite for the PC having a UHD Blu-ray player April 2017 means all DRM including Playready 3 will be ready for use, at least on PCs, before that date. It is easier to support TPM 2.0 and Playready 3 on a Game Console and the day after the TPM 2.0 Windows 10 update, the XB1 S was able to support UHD Blu-ray.

What's the big deal, why should we know this?

If Sony implements the ARM Trustzone TEE, Miracast and DLNA from standby should be possible. ooVoo I believe has been waiting for the TEE also as by default the RTC (real time chat) is encrypted. Miracast and DLNA from standby or while watching TV is useless until IPTV over the home network. The XB1 with HDMI pass through can support a practical DLNA and Miracast from standby or while you use a Cable Box. When Cable delivers as IPTV (Vidipath) and Antenna TV as ATSC 3 over the home network as IPTV, the PS4 design becomes practical. Cable can already support IPTV Vidipath from DVRs and later this year from Cable Modems. The New FCC chairman has proposed allowing Broadcasters to move to ATSC 3.0 voluntarily at the end of 2017.

When?

The Netflix app is apparently the same for all PS4s as the size is 1.13GB regardless of PS4 used but on the PS4 Pro it supports 4K streaming which means the HEVC codec and DRM are running on the GPU. It's still using the GPU game path not the embedded DRM Playready 3 Arm hardware TEE but the Panasonic Custom HDMI chip LIKELY DOES NOT support HDCP 2.2, IT MUST BE supported in the GPU or with a full ARM TEE before exiting either as I cited for Vista in 2008 above. The Netflix app should be less than 100MB not 1.13 GB, the Player/codec and DRM in this case is hidden inside the unnecessarily large package. Fail Overflow has made progress in porting Linux to the PS4 but the same work can be used to crack 4K streaming so there is pressure to move to a more secure DRM.

PCs are getting UHD Blu-ray support by at least April 17, 2017 as a third party UHD blu-ray player is releasing on that date. This means Playready 3 support on PCs is active. The XB1 S already has UHD Blu-ray support and many Android (ARM ) phones have Playready 3 support.

At the earliest we could see the ARM TEE being implemented April-March (Firmware 4.5) or latest October-November (Firmware 5.0??). Sony's roadmap implemented Game HDR with Firmware 4.0 which requires a 4K TV with a HDMI 2.0a port. It does not require DRM, they could have implemented it at any time. The GDC (Game developer Conference) talked about games and HDR support at about the same time. Notice all PS4s support HDR which is a UHD feature and Sony calls all PS4s UHD Capable. I believe Sony will implement the TEE while they are still at a Firmware 4.x number. This could still be later in the year (October-November) as a 4.9.