| ▲ | fooker 4 hours ago |
| The last remaining roadblock is kernel level anti-cheat frameworks. Pretty horrible technology, and unfortunately a good majority of the gaming industry by revenue relies on it. |
|
| ▲ | MegaDeKay 2 hours ago | parent | next [-] |
| I'd say there are two remaining roadblocks. First and biggest is kernel level anti-cheat frameworks as you point out. But there's also no open source HDMI 2.1 implementation allowed by the HDMI cartel so people like me with an AMD card max out at 4K60 even for open source games like Visual Pinball (unless you count an adapter with hacked firmware between the card and the display). NVidia and Intel get away with it because they implement the functionality in their closed source blobs. |
| |
| ▲ | foresto an hour ago | parent | next [-] | | Is HDMI really a roadblock to gaming when DisplayPort exists? | | |
| ▲ | ThatPlayer 37 minutes ago | parent | next [-] | | Up until a year or two ago, the majority of monitors (and graphic cards) used DisplayPort 1.4 and HDMI 2.1. With HDMI 2.1 (42 Gbps) having more bandwidth than the DisplayPort (26 Gbps). This is my case with my relatively new/high-end RTX 4080 and OLED monitor. So until I upgrade both, I use HDMI to be able to drive a 1440p 240hz 10-bit HDR signal @ 30 Gbps. | |
| ▲ | zaptheimpaler 30 minutes ago | parent | prev | next [-] | | It's a blocker if you want to use a TV, there are almost 0 TVs with DP. This HDMI licensing crap is also the reason a Steam Deck can't output HDMI > 4K@60 unless you install Windows on it. | |
| ▲ | PacificSpecific an hour ago | parent | prev [-] | | I want to play games on the same fancy lg tv I use with my consoles. I just checked and it does not appear to have displayport. |
| |
| ▲ | mcv 32 minutes ago | parent | prev [-] | | Does AMD not support Display Port? I'm not an expert on this, but that sounds to me like the superior technology. | | |
| ▲ | tapoxi 28 minutes ago | parent [-] | | TVs don't support displayport, so it makes Linux PCs like the Steam Machine inferior console replacements if you want high refresh rates. A lot of TVs now support 4K/120hz with VRR, the PS5 and Xbox Series X also support those modes. (Some games support 120, but it's also used to present a 40hz image in a 120hz container to improve input latency for games that can't hit 60 at high graphics quality.) |
|
|
|
| ▲ | coppsilgold 3 hours ago | parent | prev | next [-] |
| Competent cheat makers don't have much difficulty in defeating in-kernel anticheats on Windows. With the amount of insight and control available on Linux anticheat makers stand little chance. The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation. If they offer the sources and do verified builds it might even be accepted by some. Doubt it would be popular or even successful on non-Valve machines. But I'm not an online gamer and couldn't care less about anticheats. |
| |
| ▲ | Fr0styMatt88 an hour ago | parent | next [-] | | Anticheat is one of those things where I probably sound really old, but man it’s just a game. If you hate cheating, don’t play on pub servers with randoms or find a group of people you can play with, like how real life works. For competitive gaming, I think attested hardware & software actually is the right way to go. Don’t force kernel-level malware on everyone. | | |
| ▲ | zaptheimpaler 25 minutes ago | parent [-] | | Sorry but you're just old IMO :) PUBG or Arc Raiders have over 100 players in a game. Even Valorant or League have 10 players in a match. It's definitely not easy to find 10 friends to play the same game at the same time as you. And playing any of these games with a cheater can completely wreck the match. If the cheaters go unchecked, over time they start to dominate games where like 30% might be cheaters who can see through walls and insta headshot you and the entire multiplayer mode of the game is ruined. Most of us are happy to have effective anti-cheat, and it's not forced upon us. I understand the tradeoff to having mostly cheater-free games is having to trust the game maker more and am fine with that. Riot for example is quite transparent about what their anti-cheat does, how it works and I don't consider it "malware" anymore than I consider a driver for my graphics card to be "malware" even if they do operate in kernel mode. |
| |
| ▲ | iknowstuff 36 minutes ago | parent | prev | next [-] | | Yeah this is also the model Microsoft is moving to. A separate attested vm for games, immutable to the rest of windows. | |
| ▲ | jauntywundrkind 2 hours ago | parent | prev [-] | | This seems both semi probably but also like maybe a bit of a critical moral hazard for Valve. Right now folks love Valve. They do good things for Linux. Making a Valve-only Linux solution would take a lot of the joy of this moment away for many. But it would also help Valve significantly. It's very uncomfortable to consider, imo. |
|
|
| ▲ | dfxm12 3 hours ago | parent | prev | next [-] |
| You don't have to play these specific games though. I mean, what's your privacy, what's not being bombarded by ads in your OS worth to you? Have you taken an honest thought about this? |
| |
| ▲ | dontlaugh 3 hours ago | parent | next [-] | | If you want to play games with friends, you have to play whatever the group plays. This is especially problematic as the group tries out new games, increasing the chance you can’t join because you’re not on Windows. | | |
| ▲ | bigstrat2003 29 minutes ago | parent | next [-] | | My friends are understanding that I don't play games with rootkit anti cheat (whether on Linux or Windows). There are enough games that we can play other games together still, and when they want to play the games with such anti-cheat (e.g. Helldivers 2) they simply play without me. No big deal. | |
| ▲ | keyringlight 2 hours ago | parent | prev | next [-] | | Personally I'd be interested to see what would happen if Sony/MS did what they could to make keyboard/mouse experience as good as possible on their consoles (I'm writing from a position of ignorance on the state of mouse/keys with current consoles) and encouraged developers to offer a choice in inputs, so that the locked-down machines can become the place for highest confidence in no/low cheaters. If other people want to pay through the nose to go beyond what consoles offer on the detail/resolution/framerate trifecta then I'm sure they could do so, but I really don't see how you lock down an open platform. That challenge has been going for decades. | | |
| ▲ | bentcorner 2 minutes ago | parent [-] | | > I'm writing from a position of ignorance on the state of mouse/keys with current consoles I'm far from an authority on this topic but from my understanding both Sony/MS have introduced mkb support, but so far it looks to be an opt-in kind of thing and it's still relatively new. |
| |
| ▲ | tormeh 3 hours ago | parent | prev [-] | | This really depends on the friends you have. I've never encountered this limitation because no one in my friend group plays competitive ranked games. Basically anything with private sessions doesn't require anticheat, so Valheim, RV There Yet, Deep Rock Galactic, etc. all work fine. | | |
| ▲ | dontlaugh 3 hours ago | parent [-] | | Sure, that helps. But even then, when everyone is trying out a new indie game there’s a chance it won’t work on non-Windows. It’s happened to me. |
|
| |
| ▲ | tnel77 3 hours ago | parent | prev | next [-] | | Yes, but sometimes it is nice to socialize with other people and they might play these types of games. I don’t enjoy Call of Duty, but I’ll play it from time to time so I can chat with my brother (this is the only way to get him on the phone/microphone for some reason). I value the time I am spending with him more than a bit of privacy (in that context). I am very pro-Linux and pro-privacy, and hope that the situation improves so I don’t have to continue to compromise. | |
| ▲ | diabllicseagull 3 hours ago | parent | prev [-] | | besides ads and privacy concerns it's been such a delight not having to deal with unwanted updates, hunting phantom processes that take up cpu time, or the file explorer that takes forever to show ten files in the download folder. I cannot be paid to use windows at this point. |
|
|
| ▲ | jsheard 3 hours ago | parent | prev | next [-] |
| Another unresolved roadblock is Nvidia cards seriously underperforming in DX12 games under Proton compared to Windows. Implementing DX12 semantics on top of Vulkan runs into some nasty performance cliffs on their hardware, so Khronos is working on amending the Vulkan spec to smooth that over. |
| |
| ▲ | torginus 3 hours ago | parent | next [-] | | What percentage of games require DX12? From what I recall, a surprisingly large percentage of games support DX11, including Arc Raiders, BF6 and Helldivers 2, just to name a few popular titles. At the same time, Vulkan support is also getting pretty widespread, I think notably idTech games prefer Vulkan as the API. | | |
| ▲ | jsheard 2 hours ago | parent [-] | | DX12 is overwhelmingly the default for AAA games at this point. The three titles you listed all officially require DX12, what DX11 support they have is vestigial, undocumented and unsupported. Many other AAAs have already stripped their legacy DX11 support out entirely. Id Software do prefer Vulkan but they are an outlier. | | |
| ▲ | dijit 2 hours ago | parent | next [-] | | DX12 is less and less the default, most gamedev that I’ve seen is surrounding Vulkan now. DX12 worked decently better than openGL before, and all the gamedevs had windows, and it was required for xbox… but now those things are less and less true. The playstation was always “odd-man-out” when it came to graphics processing, and we used a lot of shims, but then Stadia came along and was a proper linux, so we rewrote a huge amount of our render to be better behaved for Vulkan. All subsequent games on that engine have thus had a vulkan friendly renderer by default, that is implemented cleaner than the DX12 one, and works natively pretty much everywhere. So its the new default. | | | |
| ▲ | csdreamer7 2 hours ago | parent | prev [-] | | Godot switched over to DX12 over Vulkan for Windows. Blaming bad Windows drivers for the reason. https://godotengine.org/article/dev-snapshot-godot-4-6-dev-5... | | |
|
| |
| ▲ | braiamp 2 hours ago | parent | prev [-] | | That's being addressed: - https://forums.developer.nvidia.com/t/directx12-performance-is-terrible-on-linux/303207/432
- https://indico.freedesktop.org/event/10/contributions/402/attachments/243/327/2025-09-29%20-%20XDC%202025%20-%20Descriptors%20are%20Hard.pdf
- https://www.youtube.com/watch?v=TpwjJdkg2RE
The problem is on multiple levels, so everything has to work in conjunction to be fixed properly. |
|
|
| ▲ | hparadiz 4 hours ago | parent | prev | next [-] |
| The Linux kernel has eBPF now so if they wanted to start spying on everything you do they can just do it. |
| |
| ▲ | hackyhacky 4 hours ago | parent | next [-] | | > The Linux kernel has eBPF now so if they wanted to start spying on everything you do they can just do it. Sure, except that anyone can just compile a Linux kernel that doesn't allow that. Anti-cheat systems on Windows work because Windows is hard(er) to tamper with. | | |
| ▲ | hparadiz 3 hours ago | parent | next [-] | | Well yeah but then eBPF would not work and then the anti cheat could just show that it's not working and lock you out. This isn't complicated. Even the Crowdstrike falcon agent has switched to bpf because it lowers the risk that a kernel driver will brick downstream like what happened with windows that one time. I recently configured a corporate single sign on to simply not work if the bpf component was disabled. | | |
| ▲ | swinglock 3 hours ago | parent [-] | | Well but then attackers just compile a kernel with a rootkit that hides the hack and itself from the APIs of the BPF program, so it has to deal with that too or it's trivially bypassed. Anticheat and antivirus are two similar but different games. It's very complicated. | | |
| ▲ | hparadiz 2 hours ago | parent [-] | | The bpf api isn't the only telemetry source for an anti cheat module. There's a lot of other things you can look at. A bpf api showing blanks for known pid descendent trees would be a big red flag. You're right that it's very complicated but the toolchain is there if someone wanted to do the hard work of making an attempt. It's really telemetry forensics and what can you do if the cheat is external to the system. |
|
| |
| ▲ | tapoxi 3 hours ago | parent | prev | next [-] | | The interesting solution here is secure boot, only allow users to play from a set of trusted kernels. | | |
| ▲ | __MatrixMan__ an hour ago | parent | next [-] | | I'd be less antianticheat if I could just select the handcuffs at boot time for the rare occasion where I need them. Although even then I'd still have qualms about paying for the creation of something that might pave the path for hardware vendors to work with authoritarian governments to restrict users to approved kernel builds. The potential harms are just not in the same league as whatever problems it might solve for gamers. | | |
| ▲ | digiown 29 minutes ago | parent [-] | | Once a slave, always a slave. Running an explicitly anti-user proprietary kernel module that does god-knows-what is not something I'd ever be willing to do, games be damned. It might just inject exploits into all of your binaries and you'd be none the wiser. Since it wouldn't work on VMs you'd have to use a dedicated physical machine for it. Seems to high of a price to play just a few games. |
| |
| ▲ | monerozcash 3 hours ago | parent | prev | next [-] | | Yep, a plenty of prior art on how to implement the necessary attestations. Valve could totally ship their boxes with support for anticheat kernel-attestation. Is it possible to do this in a relatively hardware-agnostic, but reliable manner? Probably not. | |
| ▲ | vbezhenar an hour ago | parent | prev | next [-] | | What do you mean? Ship computer with preinstalled Linux that you can't tamper? Sounds like Android. For ordinary computers, secure boot is fully configurable, so it won't work: I can disable it, I can install my own keys, etc. Any for any userspace way to check it I'll fool you, if I own the kernel. | | |
| ▲ | tapoxi 35 minutes ago | parent [-] | | No, just have the anti-cheat trust kernels signed by the major Linux vendors and use secure boot with remote attestation. Remote attestation can't be fooled from kernel space, that's the entire point of the technology. That way you could use an official kernel from Fedora, Ubuntu, Debian, Arch etc. A custom one wouldn't be supported but that's significantly better than blocking things universally. | | |
| ▲ | digiown 31 minutes ago | parent [-] | | You can't implement remote attestation without a full chain of exploits (from the perspective of the user). Remote attestation works on Android because there is dedicated hardware to directly establish communication with Google's servers that runs independent (as a backchannel). There is no such hardware in PCs. Software based attestation is easily fooled on previous Android/Linux. | | |
| ▲ | tapoxi 20 minutes ago | parent [-] | | The call asks the TPM to display the signed boot chain, you can't fake that because it wouldnt be cryptographically valid. The TPM is that independent hardware. | | |
| ▲ | digiown 14 minutes ago | parent [-] | | How would that be implemented? I'd be curious to know. I'm not aware that a TPM is capable of hiding a key without the OS being able to access/unseal it at some point. It can display a signed boot chain but what would it be signed with? If it's not signed with a key out of the reach of the system, you can always implement a fake driver pretty easily to spoof it. | | |
| ▲ | tapoxi a few seconds ago | parent [-] | | This is called the Endorsement Key, and you're correct, it never leaves the TPM. The TPM is a "black box" to the OS. |
|
|
|
|
| |
| ▲ | fooker 3 hours ago | parent | prev | next [-] | | You can switch out the kernel in the running Linux desktop. | |
| ▲ | znpy 2 hours ago | parent | prev [-] | | I wonder if you could use check-point and restore in userspace (https://criu.org/Main_Page) so that after the game boots and passes the checks on a valid system you can move it to an "invalid" system (where you have all the mods and all the tools to tamper with it). I don't really care about games, but i do care about messing up people and companies that do such heinous crimes against humanity (kernel-level anti-cheat). | | |
| ▲ | tapoxi 32 minutes ago | parent [-] | | The war is lost. The most popular game that refuses to use kernel-level anti-cheat is Valve's Counter-Strike 2, so the community implemented it themselves (FaceIT) and requires it for the competitive scene. |
|
| |
| ▲ | ffsm8 3 hours ago | parent | prev [-] | | Uh, you'd have to compile a Kernel that doesn't allow it while claiming it does ... And behaves as if it does - otherwise you'd just fail the check, no? I feel like this is way overstated, it's not that easy to do, and could conceptually be done on windows too via hardware simulation/virtual machines. Both would require significant investments in development to pull of | | |
| ▲ | zamalek 3 hours ago | parent | next [-] | | Right, the very thing that works against AC on Linux also works for it. There are multiple layers (don't forget Wine/Proton) to inject a cheat, but those same layers could also be exploited to detect cheats (especially adding fingerprints over time and issuing massive ban-waves). And then you have BasicallyHomeless on YouTube who is stimulating nerves and using actuators to "cheat." With the likes of the RP2040, even something like an aim-correcting mouse becomes completely cheap and trivial. There is a sweet-spot for AC and I feel like kernel-level might be a bit too far. | |
| ▲ | hparadiz 3 hours ago | parent | prev [-] | | All it takes is going to cd usr src linux and running make menuconfig. Turning off a few build flags. Hitting save. And then running make to recompile. But that's like saying "well if I remove a fat32 support I can't use fat32". Yea it will lock you out showing you have it disabled. No big deal. |
|
| |
| ▲ | the_hoser 4 hours ago | parent | prev [-] | | That would require that they actually make the effort to develop Linux support. The current "it just works" reality is that the games developers don't need to support running on Linux. |
|
|
| ▲ | drnick1 3 hours ago | parent | prev | next [-] |
| Clearly, when there will be enough Linux gamers another solution to the kernel-level anti-cheat issue will be found. After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC. |
| |
| ▲ | jsheard 3 hours ago | parent | next [-] | | > After all, the most played competitive shooter is CS and Valve has does not use kernel-level AC. Valve doesn't employ kernel AC but in practice others have taken that into their own hands - the prevalence of cheating on the official CS servers has driven the adoption of third-party matchmaking providers like FACEIT, which layer their own kernel AC on top of the game. The bulk of casual play happens on the former, but serious competitive play mostly happens on the latter. | | |
| ▲ | pityJuke 3 hours ago | parent [-] | | The best description I've been able to give of the dichotomy of CS is this: there is no way for a person to become good enough to get their signature into the game, without using kernel-level ACs. | | |
| |
| ▲ | xboxnolifes 3 hours ago | parent | prev | next [-] | | The competitive CS leagues do use AC though. The big issue for these games is the free-to-play model does not work without anti-cheat. Having a ~$20 fee to cheat for a while before getting banned significantly reduces the number of cheaters, and that's what CS does with their prime server model. And for what it's worth, I'm pretty sure Valorant is the most played competitive shooter at the moment. | |
| ▲ | stackghost 3 hours ago | parent | prev [-] | | Isn't it pretty much an open secret that JVM-based cheats can trivially bypass VAC? |
|
|
| ▲ | 4 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | markus_zhang 2 hours ago | parent | prev [-] |
| I actually think it’s better to exclude the AAA games from Linux. |
