AMD Cpu still not good with random?

Sorry if this is a repost, i haven’t seen it before

Apparently on 5900X the RDRAND instructions return some collision.

RDRAND() = 0x0081da17
RDRAND() = 0x0081da17
RDRAND() = 0x0178d2ea
RDRAND() = 0x0178d2ea
RDRAND() = 0x02a91db5
RDRAND() = 0x02a91db5
RDRAND() = 0x06c4385b
RDRAND() = 0x06c4385b
RDRAND() = 0x095d1bf8
RDRAND() = 0x095d1bf8
RDRAND() = 0x0990b335
RDRAND() = 0x0990b335

Look like a huge security risk if confirmed.

I was wondering if anyone here can confirm this ? Seeing that it only show up now seam’s really weird.
I know it a hard-to-get part but still Oo

1 Like

Haven’t manually compiled a C program for over 20 years, so here’s my notes on how to test (on fedora), from: https://github.com/systemd/systemd/issues/18184#issuecomment-758228586

dnf install gcc gcc-c++

wget https://gist.githubusercontent.com/andrew-d/bcbe477f7de9a03c7b8285bcee531196/raw/c3275f571f4ec92cec8402acdead5bb5ba61b0e1/rdrand.c

cc rdrand.c

./a.out

Seems like the “story” is still developing on the github issues thread. My intuition says that it’s possible that some of the people on there are operating on incorrect premises or have an incomplete understanding of how rdrand works. Not that I know anything about the latter either, just find it hard to believe that AMD would mess up something like that again(?).

it does not look quite as bad as last time? but still not awesome…

Why? RDRAND is known to be broken on almost all AMD platforms in one way or the other, and has had ample issues even on Intel. I have a very hard time believing that any competently built cryptographic library would actually rely on it.

Even systemd could get away with just using it to seed a software RNG given what they use it for (generating UUIDs before the kernels random number generator is available), and anything running after boot is probably better served by using /dev/(u)random.

1 Like

That code appears to work perfectly on my 5950X on an ASUS x570 board. It is either particular CPU chips, the 5900X model, or a fault in that Gigabyte BIOS.

I remember with the 3000 CPUs the RDRAND bug was fixed in the BIOS updates. Perhaps Gigabyte forgot to include that one in their latest.

This topic was automatically closed 273 days after the last reply. New replies are no longer allowed.