Last week, TI Invited me out to their Dallas, Texas headquarters as part of an editors day. There they showed and talked about a number of exciting projects, including their WiLink combo WLAN, GPS, BT, and FM solutions, MSP430 microprocessors, their C66x multicore DSP, and of course more information on OMAP5. If I had to pick a highlight however, it was being first to see Netflix HD playing back on a real live Android 2.3 device, in this case TI's Blaze development platform with an OMAP4430 SoC inside. 

Back when Netflix brought an official playback client to Android, modders were quick to discover that playback could be enabled on unapproved devices simply by modifying build.prop. What it boiled down to was that you could enable Netflix playback on unapproved devices merely by masquerading as an approved one. Further, the list of approved devices didn't clearly delineate any specific SoC. At the time, this made things confusing - it seemed as though Netflix was not in fact using any hardware specific DRM. Turns out they really weren't.

There are two different levels of Netflix certification, and every device has to go through it individually. The first level is essentially a playback test - call it an anti-slideshow benchmark. If the device plays back SD Netflix streams with acceptable performance, the device passes, is certified, and thus granted access to SD streams. This is the level that devices on Android are at right now, and the reason why it's just a matter of masquerading as another to playback simple content. That's also why it works across so many different SoCs.

The second level is for HD content, Netflix's 'premium' level. Here, Netflix is forced to have a much more rigorous set of requirements so that it can fulfill contractual agreements with its content parners. To playback HD content, the entire end-to-end chain must be DRM-enabled, at no point in the playback datapath can the video stream be unprotected. That means decoded and uncompressed frames, audio, and device secrets must only exist in 'firewalled,' protected memory that the OS can't get access to, the decoder can only exist in a trusted execution environment, and HDCP must be used for the stream to be output over HDMI. Netflix obviously takes its HD content protection much more seriously so the entire 720p or 1080p H.264 video can't simply be dumped to an SD card by watching memory. What it boils down to is that Netflix requires Microsoft PlayReady DRM compliance across every tier of hardware before it will allow HD streams to playback. 

TI does this on OMAP4 using everything under its M-Shield security porfolio, which is a combination of Trusted Logic's secure middleware component running in an ARM TrustZone (a feature common to all ARM Cortex-A class processors). In addition, that HD content can be output over HDMI to HDCP-compliant displays. Think a Roku box but in your pocket. 

Last Friday when TI showed me the Blaze playing back 1080p Netflix content, it had only just begun the final stage of its certification. Though I wasn't allowed to take pictures or video, sadly, the Netflix client was otherwise identical to what's in the Android market right now, except with HD video. Video playback was buttery smooth and instantly locked onto the highest quality stream. I tested a number of different things in the catalog from 720p to 1080p, including the Netflix test videos, all of which played back without a hitch.

Things are wrapped up now, with OMAP4 now being granted a Netflix Silicon Reference Implementation (SRI) certification for Android 2.3. I asked the TI folks a bit more about how Netflix certifies devices, and learned that each handset still will undergo its own testing just to make sure each OEM's implementation works. In addition, that secure RAM protected memory is a statically allocated 8 MB, something it believes almost every OEM will have no problem going with. 

The obvious first place for HD Netflix playback with HDMI out to show up is the upcoming Motorola Droid 3, which we've already shown includes an OMAP4 SoC. No doubt the handset will come with a compliant Netflix application preloaded should it leverage this certification.

I fully expect other SoC vendors make their respective announcements about being Netflix HD certified in due time. Qualcomm is probably next in line, as they already advertise both OMA DRM 2.1, TrustZone, and Microsoft WMDRM 10 compliance (which PlayReady is backwards compatible with) for MSM8x55 and MSM8x60, with the latter including HDCP. For now however, OMAP4 is the first to be able to enjoy HD Netflix content. 

POST A COMMENT

22 Comments

View All Comments

  • douglaswilliams - Tuesday, July 5, 2011 - link

    "In addition, that secure RAM protected memory is a statically allocated 8 MB, something it believes almost every OEM will have no problem going with."

    Brian,

    Is this saying devices will be limited to an 8 MB buffer? If you are watching a 4 Mbit stream, will that limit the device to a buffer of only 16 seconds?

    How does this compare to how much will buffer on a PC or Netflix enabled TV?

    Thanks,

    Doug
    Reply
  • Brian Klug - Tuesday, July 5, 2011 - link

    No, the actual buffer size is larger, but the space for decrypted (un-decoded) frames to sit is 8 MB. You'll notice that Android already has a lot of this static memory assignment going on already, this will just be another very small partition.

    Netflix basically wants to protect unencrypted but compressed (still H.264) frames from being just dumped to an SD card.

    -Brian
    Reply
  • fb39ca4 - Tuesday, July 5, 2011 - link

    ??? Reply
  • fb39ca4 - Tuesday, July 5, 2011 - link

    never mind
    i refreshed the page and it showed up
    Reply
  • RipRap - Tuesday, July 5, 2011 - link

    RE: why did my comment get removed? by fb39ca4 on Tuesday, July 05, 2011
    never mind
    i refreshed the page and it showed up

    funny how that works eh?
    Reply
  • douglaswilliams - Wednesday, July 6, 2011 - link

    Brian,

    Ah, gotcha! So it's sort of like there's two buffers - the first one, larger and possibly in main memory, is for encrypted video data. The player can then pull from that buffer, decrypt up to 8 MB at a time and put it in the protected memory area where it will be fed to the GPU for display. Something like that?

    Thanks for the response and clarification!

    Doug
    Reply
  • fb39ca4 - Wednesday, July 6, 2011 - link

    but is the gpu secure? Reply
  • 86waterpumper - Wednesday, July 6, 2011 - link

    The whole drm netflix thing is stupid....and my htpc has the well documented silverlight 4.0 bug. Basically when windows 7 does a auto update to silverlight, it breaks the drm and my netflix will not work. The workaround is to load a older 3. something version of sliverlight but it always eventually auto updates and breaks again. It is infuriating to say the least. Likewise, windows media center has playready issues which hinder me using my tv tuner card which is also a protection issue...seems the only folks that can watch protected content these days are the pirates :P Reply
  • Death666Angel - Thursday, July 7, 2011 - link

    ... in Germany anyway (afaik), so I really don't care. I get most of what I watch TV wise from torrent sites (no other way to get it here unless I wait 1 to 4 years for a TV release here) and when it is released dubbed and on blu ray in Germany I buy it. Very good stuff that is not going to get released on blu ray in Germany I even import from the UK (like Dollhouse and BSG Complete Series). Reply
  • Zoomer - Tuesday, July 12, 2011 - link

    Hmm. what about grabbing it from a laptop lcd's lvds interface?

    It's too much work when easier methods like directly ripping blu-rays exist.
    Reply

Log in

Don't have an account? Sign up now