oss-sec mailing list archives

Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume

From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 16 Jan 2020 23:21:52 -0500

This just made my radar. It appears some AMD cpus with RDRAND fail to
produce random numbers after a suspend/resume. It looks like it was
first reported in 2014 or so.

Kernel bug:

    * https://bugzilla.kernel.org/show_bug.cgi?id=85911

Systemd bug:

    * https://github.com/systemd/systemd/issues/11810

Fedora bug:

    * https://bugzilla.redhat.com/show_bug.cgi?id=1150286

AMD patch:

    * https://lore.kernel.org/patchwork/patch/1115413/

I agree with Lennart Poettering. This seems CVE worthy given RDRAND is
often used to get the kernel generator (and other userland generators)
in good working order.

(Thanks to https://www.phoronix.com/scan.php?page=news_item&px=AMD-CPUs-RdRand-Suspend
for the article and links).

Current thread:

Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume Jeffrey Walton (Jan 16)
- Re: Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume Sven Schwedas (Jan 17)
  - Re: Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume John Haxby (Jan 17)
- Re: Some AMD cpus with RDRAND fail to produce random numbers after suspend/resume Peter Kjellström (Jan 20)