Lol. In some ways a good point - if you cannot trust the CPU to work correctly, then that system is unusable.

And I thought that discussion was all due to systemd's usage of RDRAND.

Not at all. Not all CPUs even have an RDRAND equivalent to begin with. There's an ongoing discussion (with a recent patch set from Linus) on whether it's appropriate to block, toss an error, or ignore and pass results regardless of the (lack of) entropy contributed to getrandom() and letting the userspace fall on its face for making wrong assumptions. This conversation has really been going on for a number of years and it's included python, systemd, GDM, cryptographic key generation on initial startup like SSH keys, etc.

There is a recent write up on LWN on the current state. If you look through the comments section towards the bottom, there's a link to Linus' patch set that partly mitigates the problem by adding timing jitter from schedule(). I highly recommend reading through the comments, as they're also enlightening on the topic and problematic hardware and valid or invalid assumptions.

Quick link to the referenced patch sets:
Reverting the ext4fs extra interrupts removal since it apparently reduces entropy enough to be currently considered a "bad thing" -- Look for this to be changed/removed at a later date because SSDs are apparently moving away from using interrupts entirely (from the kernel discussion).
https://git.kernel.org/pub/scm/linux...70a7a1b65db72b

Adding the entropy source
https://git.kernel.org/pub/scm/linux...39da47ec689e55

You're missing the point of the comment. If one change is good enough, the loop should just break out once that happens, rather than continuing to loop and uselessly accumulating the number of changes.

Yeah, you're right I did overlook the point of the comment. I agree with the comment once I went back and reread it. Comprehension fail. I kinda went off on a tangent on getrandom() as I'd just read an article on it and discussion on the problems with the instruction RDRAND and my brain made a link that wasn't there.

While true, the calls to rdrand() is probably so quick that adding a break in the loop will #1 not improve the performance in any meaningful way even on a low power system and #2 might actually lower performance (since a break statement would add code inside the tight loop).

This reminds me of an apt Dilbert comic:

Nobody could be so incompetent as to fuck up with those instructions, r-right guys?

Sure, I picked the easy examples, but where do you draw the line?

Well, the core ISA is basically set in stone (no pun intended), but it's still a long shot to assume validation will catch everything before it hits production.

So there's no line to draw anywhere. Just "plug and pray."