Thread (14 messages) 14 messages, 4 authors, 2019-08-28

Re: [PATCH 4.19 72/98] x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h

From: Thomas Gleixner <hidden>
Date: 2019-08-28 10:47:38
Also in: linux-pm, lkml, stable

Pavel,

On Wed, 28 Aug 2019, Pavel Machek wrote:
On Tue 2019-08-27 15:30:30, Thomas Gleixner wrote:
quoted
There is no way to reinitialize RDRAND from the kernel otherwise we would
have exactly done that. If you know how to do that please tell.
Would they? AMD is not exactly doing good job with communication
Yes they would. Stop making up weird conspiracy theories.
here. If BIOS can do it, kernel can do it, too...
May I recommend to read up on SMM and BIOS being able to lock down access
to certain facilities?
or do you have information saying otherwise?
Yes. It was clearly stated by Tom that it can only be done in the BIOS.
quoted
Also disabling it for every BIOS is the only way which can be done because
there is no way to know whether the BIOS is fixed or not at cold boot
time. And it has to be known there because applications cache the
I'm pretty sure DMI-based whitelist would help here. It should be
reasonably to fill it with the common machines at least.
Send patches to that effect.
 
Plus, where is the CVE, and does AMD do anything to make BIOS vendors
fix them?
May I redirect you to: https://www.amd.com/en/corporate/contact

Thanks,

	tglx
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help