Re: [PATCH 4.19 72/98] x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
From: Thomas Gleixner <hidden>
Date: 2019-08-28 10:47:38
Also in:
linux-pm, lkml, stable
From: Thomas Gleixner <hidden>
Date: 2019-08-28 10:47:38
Also in:
linux-pm, lkml, stable
Pavel, On Wed, 28 Aug 2019, Pavel Machek wrote:
On Tue 2019-08-27 15:30:30, Thomas Gleixner wrote:quoted
There is no way to reinitialize RDRAND from the kernel otherwise we would have exactly done that. If you know how to do that please tell.Would they? AMD is not exactly doing good job with communication
Yes they would. Stop making up weird conspiracy theories.
here. If BIOS can do it, kernel can do it, too...
May I recommend to read up on SMM and BIOS being able to lock down access to certain facilities?
or do you have information saying otherwise?
Yes. It was clearly stated by Tom that it can only be done in the BIOS.
quoted
Also disabling it for every BIOS is the only way which can be done because there is no way to know whether the BIOS is fixed or not at cold boot time. And it has to be known there because applications cache theI'm pretty sure DMI-based whitelist would help here. It should be reasonably to fill it with the common machines at least.
Send patches to that effect.
Plus, where is the CVE, and does AMD do anything to make BIOS vendors fix them?
May I redirect you to: https://www.amd.com/en/corporate/contact Thanks, tglx