Comment by fooker
1 day ago
The last remaining roadblock is kernel level anti-cheat frameworks.
Pretty horrible technology, and unfortunately a good majority of the gaming industry by revenue relies on it.
1 day ago
The last remaining roadblock is kernel level anti-cheat frameworks.
Pretty horrible technology, and unfortunately a good majority of the gaming industry by revenue relies on it.
I'd say there are two remaining roadblocks. First and biggest is kernel level anti-cheat frameworks as you point out. But there's also no open source HDMI 2.1 implementation allowed by the HDMI cartel so people like me with an AMD card max out at 4K60 even for open source games like Visual Pinball (unless you count an adapter with hacked firmware between the card and the display). NVidia and Intel get away with it because they implement the functionality in their closed source blobs.
This is kind of a niche problem. It only affects people with AMD GPUs running games at over 4k60 with HDMI. Get an NVidia or stay at 60 FPS or stay at 1080p or use DisplayPort and you will be fine.
It is not really a roadblock, more like a bump, and it is not the only bump by far. Some games just don't run on Linux, or quite terribly and they don't have a big enough community for people to care. Sometimes one of your pieces of hardware, maybe an exotic controller, doesn't like linux. Sometimes it is not the fault of the game at all, but you want to do something else with that PC and it isn't supported on Linux, and you don't want to dual boot. Overall, you will have less problems with gaming on Windows, especially if you don't really enjoy a trip to stackoverflow and the command line, but except for anti-cheat maybe, there is no "big" reasons, just a lot of small ones.
And sure, it is improving.
This is the first I learned of this since personally I have no need of anything over 4k@60 (that already borders on absurd in my mind). I'm curious if this is something that's likely to get reverse engineered by the community at large?
Outrageous that a ubiquitous connection protocol is allowed to be encumbered in this way.
For the particular use case I mentioned in my earlier post (Visual Pinball), 4k@120 is actually a pretty big deal. We often play on screens 42" and up so the 4k detail is put to good use and makes things like the instruction cards in the corners legible. But the bigger difference is the smoothness in gameplay that 120Hz gets you. The ball travels really fast so 120 Hz helps gameplay a lot while reducing lag at the same time. And because a large chunk of the playfield is static at any one time, you don't need something like a 5090 to hit 120 Hz at that resolution like you might with a triple-A shooter.
Is HDMI really a roadblock to gaming when DisplayPort exists?
It's a blocker if you want to use a TV, there are almost 0 TVs with DP. This HDMI licensing crap is also the reason a Steam Deck can't output HDMI > 4K@60 unless you install Windows on it.
8 replies →
Up until a year or two ago, the majority of monitors (and graphic cards) used DisplayPort 1.4 and HDMI 2.1. With HDMI 2.1 (42 Gbps) having more bandwidth than the DisplayPort (26 Gbps).
This is my case with my relatively new/high-end RTX 4080 and OLED monitor. So until I upgrade both, I use HDMI to be able to drive a 1440p 240hz 10-bit HDR signal @ 30 Gbps.
1 reply →
The Chinese tech manufacturers are so sick of the HDMI licencing mafia that they've developed their own replacement for it:
https://www.techpowerup.com/335152/china-develops-hdmi-alter...
I want to play games on the same fancy lg tv I use with my consoles. I just checked and it does not appear to have displayport.
Does AMD not support Display Port? I'm not an expert on this, but that sounds to me like the superior technology.
TVs don't support displayport, so it makes Linux PCs like the Steam Machine inferior console replacements if you want high refresh rates. A lot of TVs now support 4K/120hz with VRR, the PS5 and Xbox Series X also support those modes.
(Some games support 120, but it's also used to present a 40hz image in a 120hz container to improve input latency for games that can't hit 60 at high graphics quality.)
20 replies →
I don’t understand why they can’t support AMDPort 2.1 which coincidentally has the same connector and protocol.
Pirate everything. Stop feeding beasts and they have no power.
The idea that you need intrusive surveillance in order to make games fair is absurd. If you need fair games, you need referees and moderation, which means you need to train and pay competent people and establish open and transparent rules and tools. You can also give your refs latitude, so if someone is obviously cheating, they have the power to do something about it. You should also require and implement publicly transparent and auditable actions with recourse for players to prevent abuses of power.
That's expensive. It's much easier to create a terms of service with vague guidelines, implement a totally intrusive, absurdly invasive rootkit that does some bare minimum scanning for known cheats and patterns, which establishes an arms race and provides bad actors a nice little point of ingress when the responsible company inevitably fails to protect their users competently.
Just like media platforms, if you cannot moderate at the scale at which you're operating, then it shouldn't be legal to operate at that scale.
People should stop giving money to companies that don't deserve it. No game is worth sacrificing your integrity for. "Just trust us, we know what we're doing" is a huge red flag, and it should be criminal to do what they do.
AI refs are going to be a very real possibility in the near future that can be just as fair and competent as humans, so the "necessity" for rootkits won't be a valid argument for much longer. It'll still be expensive, but multiplayer gaming fairness shouldn't ever serve as a reason for nuking privacy.
Competent cheat makers don't have much difficulty in defeating in-kernel anticheats on Windows. With the amount of insight and control available on Linux anticheat makers stand little chance.
The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation. If they offer the sources and do verified builds it might even be accepted by some.
Doubt it would be popular or even successful on non-Valve machines. But I'm not an online gamer and couldn't care less about anticheats.
Anticheat is one of those things where I probably sound really old, but man it’s just a game. If you hate cheating, don’t play on pub servers with randoms or find a group of people you can play with, like how real life works.
For competitive gaming, I think attested hardware & software actually is the right way to go. Don’t force kernel-level malware on everyone.
Yeah, that's hilariously impractical if you like these games.
> pub servers
Most of these popular competitive games probably don't even have community servers of any kind. Maybe some games like RTSes have custom matches, but they're not used much for the standard game mode, at least not for public lobbies.
Sorry but you're just old IMO :) PUBG or Arc Raiders have over 100 players in a game. Even Valorant or League have 10 players in a match. It's definitely not easy to find 9 friends to play the same game at the same time as you. And playing any of these games with a cheater can completely wreck the match. If the cheaters go unchecked, over time they start to dominate games where like 30% might be cheaters who can see through walls and insta headshot you and the entire multiplayer mode of the game is ruined. Even worse some cheaters are sneaky, they might have a wallhack or a map showing all players but use it cautiously and it can be quite hard to prove they're cheating but they build up a huge advantage nonetheless. Most of us are happy to have effective anti-cheat, and it's not forced upon us. I understand the tradeoff to having mostly cheater-free games is having to trust the game maker more and am fine with that. Riot for example is quite transparent about what their anti-cheat does, how it works and I don't consider it "malware" anymore than I consider a driver for my graphics card to be "malware" even if they do operate in kernel mode.
24 replies →
Usually the one with kernel anti-cheat is competitive one(GTA, BF, LOL).
You clearly don’t play competitive shooters and thus aren’t qualified to opine on the matter.
Competition vs other human beings is the entire point of that genre, and the intensity when you’re in the top .1% of the playerbase in Overwatch/Valorant/CSGO is really unmatched.
I think the problem comes when someone makes a cool, fun, silly little game that is otherwise great when played with randoms, and cheating just sorta spoils it.
Case in point from a few years back - Fall Guys. Silly fun, sloppy controls, a laugh. And then you get people literally flying around because they've installed a hack, so other players can't progress as they can't make the top X players in a round.
So to throw it back - it is just a game, it's so sad that a minority think winning is more important than just enjoying things, or think their own enjoyment is more important than everyone else's.
As an old-timer myself, we thought it was despicable when people replaced downloaded skins in QuakeWorld with all-fullbright versions in their local client, so they could get an advantage spotting other players... I suppose that does show us that multiplayer cheating is almost as old as internet gaming.
Not a gamer, but it seems like super competitive games should be played on locked down consoles not custom-built PCs where the players have full control?
Also, for more casual play, don't players have rankings so that you play with others about your level? Cheaters would alll end up just playing with other cheaters in that case, wouldn't they?
At one point I recall that Valve implemented a rating system so that cheaters who got reported would all end up playing in the same pool with each other.
This console idea would also be better for truly competitive games, because players should have a level playing field in terms of framerates.
Yeah this is also the model Microsoft is moving to. A separate attested vm for games, immutable to the rest of windows.
> The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation.
That would require essentially turning it into a console or Android.
Not really. Measured boot and remote attestation are a thing. Couple with reproducible builds to address security and privacy concerns.
Hardware support would inevitably be somewhat limited but that's still better than the situation with either consoles or kernel anticheat.
1 reply →
This seems both semi probably but also like maybe a bit of a critical moral hazard for Valve. Right now folks love Valve. They do good things for Linux.
Making a Valve-only Linux solution would take a lot of the joy of this moment away for many. But it would also help Valve significantly. It's very uncomfortable to consider, imo.
You don't have to play these specific games though. I mean, what's your privacy, what's not being bombarded by ads in your OS worth to you? Have you taken an honest thought about this?
If you want to play games with friends, you have to play whatever the group plays. This is especially problematic as the group tries out new games, increasing the chance you can’t join because you’re not on Windows.
Personally I'd be interested to see what would happen if Sony/MS did what they could to make keyboard/mouse experience as good as possible on their consoles (I'm writing from a position of ignorance on the state of mouse/keys with current consoles) and encouraged developers to offer a choice in inputs, so that the locked-down machines can become the place for highest confidence in no/low cheaters. If other people want to pay through the nose to go beyond what consoles offer on the detail/resolution/framerate trifecta then I'm sure they could do so, but I really don't see how you lock down an open platform. That challenge has been going for decades.
3 replies →
This really depends on the friends you have. I've never encountered this limitation because no one in my friend group plays competitive ranked games. Basically anything with private sessions doesn't require anticheat, so Valheim, RV There Yet, Deep Rock Galactic, etc. all work fine.
3 replies →
My friends are understanding that I don't play games with rootkit anti cheat (whether on Linux or Windows). There are enough games that we can play other games together still, and when they want to play the games with such anti-cheat (e.g. Helldivers 2) they simply play without me. No big deal.
2 replies →
Yes, but sometimes it is nice to socialize with other people and they might play these types of games. I don’t enjoy Call of Duty, but I’ll play it from time to time so I can chat with my brother (this is the only way to get him on the phone/microphone for some reason). I value the time I am spending with him more than a bit of privacy (in that context).
I am very pro-Linux and pro-privacy, and hope that the situation improves so I don’t have to continue to compromise.
besides ads and privacy concerns it's been such a delight not having to deal with unwanted updates, hunting phantom processes that take up cpu time, or the file explorer that takes forever to show ten files in the download folder. I cannot be paid to use windows at this point.
The Linux kernel has eBPF now so if they wanted to start spying on everything you do they can just do it.
> The Linux kernel has eBPF now so if they wanted to start spying on everything you do they can just do it.
Sure, except that anyone can just compile a Linux kernel that doesn't allow that.
Anti-cheat systems on Windows work because Windows is hard(er) to tamper with.
Well yeah but then eBPF would not work and then the anti cheat could just show that it's not working and lock you out.
This isn't complicated.
Even the Crowdstrike falcon agent has switched to bpf because it lowers the risk that a kernel driver will brick downstream like what happened with windows that one time. I recently configured a corporate single sign on to simply not work if the bpf component was disabled.
2 replies →
The interesting solution here is secure boot, only allow users to play from a set of trusted kernels.
31 replies →
Uh, you'd have to compile a Kernel that doesn't allow it while claiming it does ... And behaves as if it does - otherwise you'd just fail the check, no?
I feel like this is way overstated, it's not that easy to do, and could conceptually be done on windows too via hardware simulation/virtual machines. Both would require significant investments in development to pull of
2 replies →
That would require that they actually make the effort to develop Linux support. The current "it just works" reality is that the games developers don't need to support running on Linux.
I always wondered. Isn't exactly what eBPF would allow you to do?
Assuming that cheats work by reading (and modifying) the memory of the game process you can you can attach a kprobe to the sys_ptrace system call. Every time any process uses it, your eBPF program triggers. You can then capture the PID and UID of the requester and compare it against a whitelist (eg only the game engine can mess with the memory of that process). If the requester is unauthorized, the eBPF program can even override the return value to deny access before the kernel finishes the request.
Of course there are other attack vectors (like spoofing PID/process name), but eBPF covers them also.
All of this to say that Linux already has sane primitives to allow that, but that, as long as devs don't prioritize Linux, we won't see this happening.
> your eBPF program triggers
but how does the anti-cheat know that the kernel is not modified such that it disables certain eBPF programs (or misreports cheats/spoofs data etc)?
This is the problem with anti-cheat in general (and the same exists with DRM) - the machine is (supposedly) under the user's total control and therefore, unless your anti-cheat is running at the lowest level, outside of the control of the user's tampering, it is not trustworthy. This leads to TPM requirements and other anti-user measures that are dressed as pro-user in windows.
There's no such thing in linux, which makes it inoperable as one of these anti-cheat platforms imho.
Great point. As I mentioned there are other attack vectors and you can mitigate them. For mitigating what you are mentioning for instance you don't just run one eBPF program, but you run a cluster of them that watch each other:
(The following was refined by an LLM because I didn't remember the details of when I was pondering this a while back)
All your anti cheats are eBPF programs hooked to the bpf() syscall itself.
Whenever any process tries to call BPF_PROG_DETACH or BPF_LINK_DETACH, your monitors check if the target is one of the anti cheats in your cluster of anti-cheats.
If an unauthorized process (even Root) tries to detach any of your anti-cheat processes, the eBPF program uses bpf_override_return to send an EPERM (Permission Denied) error back to the cheat.
(End LLM part)
Of course, you can always circumvent this by modifying and compiling the kernel so that those syscalls when targeting a specific PID/process name/UID aren't triggered. But this raises the difficulty of cheating a lot as you can't simply download a script, but you need to install and boot a custom kernel.
So this would solve the random user cheating on an online match. Pro users that have enough motivation can and will cheat anyway, but that is true also on windows. Finally at top gaming events there is so much scrutiny as you need to play on stage on vetted PCs that this is a non-issue
1 reply →
but how can you prevent the user from modifying the kernel?
1 reply →
Isn't it a more fundamental problem? I can imagine a cheating setup where you have a separate PC with a HDMI capture stick ("analog hole") and access to the controllers.
I am wondering can game be shipped with their own "kernel" and "hypervisor", basically an entire VM. Yes performance will take a hit, but in my experience with my own VM, it's like 15-20%.
Yes, maybe.
Modern games already employ a bunch of VM-like techniques for tamper protection.
This has effectively killed PC game piracy.
Do you pass through the GPU? Or how does it work?
Another unresolved roadblock is Nvidia cards seriously underperforming in DX12 games under Proton compared to Windows. Implementing DX12 semantics on top of Vulkan runs into some nasty performance cliffs on their hardware, so Khronos is working on amending the Vulkan spec to smooth that over.
That's being addressed:
The problem is on multiple levels, so everything has to work in conjunction to be fixed properly.
What percentage of games require DX12? From what I recall, a surprisingly large percentage of games support DX11, including Arc Raiders, BF6 and Helldivers 2, just to name a few popular titles.
At the same time, Vulkan support is also getting pretty widespread, I think notably idTech games prefer Vulkan as the API.
DX12 is overwhelmingly the default for AAA games at this point. The three titles you listed all officially require DX12, what DX11 support they have is vestigial, undocumented and unsupported. Many other AAAs have already stripped their legacy DX11 support out entirely.
Id Software do prefer Vulkan but they are an outlier.
4 replies →
Clearly, when there will be enough Linux gamers another solution to the kernel-level anti-cheat issue will be found. After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC.
> After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC.
Valve doesn't employ kernel AC but in practice others have taken that into their own hands - the prevalence of cheating on the official CS servers has driven the adoption of third-party matchmaking providers like FACEIT, which layer their own kernel AC on top of the game. The bulk of casual play happens on the former, but serious competitive play mostly happens on the latter.
The best description I've been able to give of the dichotomy of CS is this: there is no way for a person to become good enough to get their signature into the game, without using kernel-level ACs.
1 reply →
The competitive CS leagues do use AC though. The big issue for these games is the free-to-play model does not work without anti-cheat. Having a ~$20 fee to cheat for a while before getting banned significantly reduces the number of cheaters, and that's what CS does with their prime server model.
And for what it's worth, I'm pretty sure Valorant is the most played competitive shooter at the moment.
Isn't it pretty much an open secret that JVM-based cheats can trivially bypass VAC?
And native GNU/Linux games instead of depending on Windows.
Well, if you go by revenue, mobile gaming dwarfs all else.
I actually think it’s better to exclude the AAA games from Linux.
Games being playable also rely on it.
How does their revenue rely on it? People won't buy/recommend their games if they can't solve a fundamental problem, without full control over the machine their product is running on? Then they can change their business model and/or game mechanics. Simple as that. The only reason that blatant security violation was ever considered a viable option is because Microsoft gave them the ability to actually do it with the click of a button. Those companies can adapt, or die.
But is that really a roadblock?
First, let's ask ourselves how many PCs have users play games with anti-cheat frameworks. I'm absolutely no expert, but if it's more than, what? 10%? let's even say 20% - I'd be surprised.
> and unfortunately a good majority of the gaming industry by revenue relies on it.
Well, it used to be the case that game makers relied on copy protection in floppy discs, and movie distributors on DVD/BluRay copy protection. Conditions changed and they adapted.