On July 6, 2022 5:23:31 AM PDT, Borislav Petkov <bp@xxxxxxxxx> wrote: >On Tue, Jul 05, 2022 at 04:11:45PM -0700, H. Peter Anvin wrote: >> What I'm wondering is if we shouldn't be simply instrument *every* >> invocation, and set the trust to zero if we ever trip it. > >I guess you can add some logic to rdrand_long() to sanity-check what it >returns... > >But would that be worth the effort? > I think doing it centrally, as non-arch-specific code, and letting it subsume ad hoc checks for known failure conditions could be a win.
