[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: use of RDRAND in $random_library

On Fri, 13 Jun 2014, Joey Hess wrote:
> Henrique de Moraes Holschuh wrote:
> > Now, the kernel can soft-blacklist RDRAND (and RDSEED) usage[2].  In that
> > case, the kernel won't use it and it disappears from /proc/cpuinfo, and we
> > could do that also to avoid processor errata, not just due to user request.
> > However, AFAIK kernel blacklisting would not cause the instructions to trap
> > or fail on bare-metal, so userspace could still just use them anyway.
> Not sure what you mean by bare metal here.

Not under a hypervisor.

> > Joey, what does that Haskell lib uses to detect availability of RDRAND?
> int cpu_has_rdrand()
> {
>     uint32_t ax,bx,cx,dx,func=1;
>     __asm__ volatile ("cpuid":\
>             "=a" (ax), "=b" (bx), "=c" (cx), "=d" (dx) : "a" (func));
>     return (cx & 0x40000000);
> }

Oh dear.   Can you try running that on a kernel that was booted with the
"nordrand" command line parameter?   I don't have a box with RDRAND support
to test it myself ATM.

Please try it on bare metal (not on a VM).

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: