Possible upstream solution for Linux Anti-Cheat
I was recently watching a youtube video describing the challenges of Linux gaming and Anti-Cheat... and it occurred to me that there may be a quite simple solution that could potentially be up-streamed so that all/most Linux platforms could benefit in a way that was not invasive and did not impact the security/integrity of the platform itself greatly as the current kernel level Anti-Cheat does on Windows.

I'm making the suggestion here as Valve may be one of the organizations that could potentially consider the merits and potentially implement something, and also has a financial as well I hope as an ideological incentive to see something happen to resolve the current situation.

My suggestion is simple.... most Linux users run kernels that are signed by a distribution for the purposes of secure-boot, so could this not be used to ensure that no kernel level cheating software is loaded.... if there was a driver/API submitted to the kernel mainline which provided an agreed set of data that Anti-Cheat software required, it could address issues of uncontrolled kernel access etc, there could be a mechanism in /proc or /sys to govern if that API was available and to what processes to ensure it was not abused, and secure-boot itself could be used to validate that the kernel being run was not modified from what was signed by the distribution vendor.

In this way the needs of the Anti-Cheat software could be met, while also maintaining a level of security in the OS and not creating a solution that would only work for specific gaming platforms like SteamDeck, or SteamOS.... but for users running Steam on other platforms too.
< >
Showing 1-7 of 7 comments
Except that secure boot supports MOK (machine owner key) and that feature is required for running software like VirtualBox. People running DKMS or using an out-of-tree kernel module because their hardware requires it should not be considered cheaters.

And if there was an operating system level API to tell whether the player was cheating, any cheating software could simply implement that and say "no, the player isn't cheating".

Asking the player's computer whether they're cheating is going to net you only false positives.
Ettanin Mar 9 @ 8:09am 
Linux will never be considered secure with regards to anti-cheat demands because of one single foundational principle: It can be edited by anyone.

And limiting anti-cheat use to specific flavors of Linux due to signing will mean significantly reduced compatibility because some hardware needs kernel supplemental drivers which will alter the composition of the kernel and therefore makes the signature invalid.

If you want complete security against cheaters, don't let the clients own and/or physically access the hardware (good luck with that).
Last edited by Ettanin; Mar 9 @ 8:12am
zeeqon Mar 10 @ 11:26am 
I second that, it would be cool if we could run anti cheat on Linux.
Originally posted by zeeqon:
I second that, it would be cool if we could run anti cheat on Linux.
There's nothing magical about Linux that makes it unable to run anticheat software. There's also nothing magical about anticheat software that makes it different from any other kind of software.

Plenty of commercially available anticheat software already runs on Linux.
zeeqon Mar 12 @ 11:51am 
I'm not as technically experienced as you seem to be, I just want to be able to play FaceIT on Linux, I think that would be great.I do think Linux is magical you can erase your whole OS with just one line, meanwhile windows doesn't let me delete a folder that has nothing in it.
Originally posted by zeeqon:
I'm not as technically experienced as you seem to be, I just want to be able to play FaceIT on Linux, I think that would be great.I do think Linux is magical you can erase your whole OS with just one line, meanwhile windows doesn't let me delete a folder that has nothing in it.

Faceit has nothing to do with Steam. If you have issue with their anti-cheat not working on Linux, ask them to support Linux. CS2 runs just fine on Linux on Steam.

:nkCool:
< >
Showing 1-7 of 7 comments
Per page: 1530 50

Date Posted: Mar 9 @ 3:04am
Posts: 7