On Tue, May 7, 2019 at 10:45 AM tedheadster <tedheadster@xxxxxxxxx> wrote: > > On Tue, May 7, 2019 at 10:27 AM Segher Boessenkool > <segher@xxxxxxxxxxxxxxxxxxx> wrote: > > But it should not execute it, it is guarded by some cpuid things. > > > > If the assembler does not like the insn, first do (in the same asm) an > > assembler pseudo-instruction to select a CPU that does have that insn, > > then the rdrand, and then the original CPU again. Or write the bytes > > of the instruction encoding directly. > > Segher, > you are correct that the code should avoid executing the rdrand > instruction by doing some cpuid queries. The problem is that does not > work: systemd _does_ execute the rdrand instruction and the system > crashes. As far as I know the instruction is only defined for Intel, AMD and Hyogen cpus. See, for example, https://github.com/weidai11/cryptopp/blob/master/cpu.cpp#L380. Also, according to David Johnston of Intel, the RDRAND circuit is designed to never underflow. So instead of adding the 'setb' and return -EAGAIN, just hammer that instruction until it produces a random number. Something like: asm volatile(1:" "rdrand %0;" "jnc 1b" : "=r" (*ret)); That safety valve is recommended by Intel in case the silicon goes bad. My feeling is, you need good silicon or all bets are off. Jeff
