Show Your Support: This site is primarily supported by advertisements. Ads are what have allowed this site to be maintained on a daily basis for the past 18+ years. We do our best to ensure only clean, relevant ads are shown, when any nasty ads are detected, we work to remove them ASAP. If you would like to view the site without ads while still supporting our work, please consider our ad-free Phoronix Premium.
Following Buggy AMD RdRand, The Linux Kernel Will Begin Sanity Checking Randomness At Boot Time
This summer the Linux kernel shifted to no longer advertising RdRand support on Bulldozer and Jaguar CPUs. This was due to RdRand becoming problematic for a subset of systems following suspend/resume cycles. The issue was blamed on motherboard BIOS implementations as opposed to the CPUs, but with enough buggy BIOS implementations out there, it was easier blacklisting all the Family 15h/16h processors.
In helping fend off similar future problems, the Linux kernel will do a basic sanity check of RdRand at boot time. The kernel already does a sanity check of calling RdRand eight times to verify it was properly returning, otherwise disable the capability, but now there is a second check.
This new sanity check is calling RdRand eight times and ensuring the data has changed between calls. If the data never changed, it will now print to the dmesg output, "RDRAND gives funky smelling output, might consider not using it by booting with "nordrand"." This new sanity check will not disable RdRand but just point out to the user the likelihood it being broken over a successive RdRand call returning the same "random" data.