From: Pavel Machek <pavel@denx.de>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Pavel Machek <pavel@denx.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, stable@vger.kernel.org,
Tom Lendacky <thomas.lendacky@amd.com>,
Borislav Petkov <bp@suse.de>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Andrew Morton <akpm@linux-foundation.org>,
Chen Yu <yu.c.chen@intel.com>, "H. Peter Anvin" <hpa@zytor.com>,
Ingo Molnar <mingo@redhat.com>, Jonathan Corbet <corbet@lwn.net>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Juergen Gross <jgross@suse.com>,
Kees Cook <keescook@chromium.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>,
Nathan Chancellor <natechancellor@gmail.com>,
Paolo Bonzini <pbonzini@redhat.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH 4.19 72/98] x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
Date: Wed, 28 Aug 2019 12:31:13 +0200 [thread overview]
Message-ID: <20190828103113.GA14677@amd> (raw)
In-Reply-To: <alpine.DEB.2.21.1908271525480.1939@nanos.tec.linutronix.de>
[-- Attachment #1: Type: text/plain, Size: 1636 bytes --]
On Tue 2019-08-27 15:30:30, Thomas Gleixner wrote:
> On Tue, 27 Aug 2019, Pavel Machek wrote:
>
> > On Tue 2019-08-27 09:50:51, Greg Kroah-Hartman wrote:
> > > From: Tom Lendacky <thomas.lendacky@amd.com>
> > >
> > > commit c49a0a80137c7ca7d6ced4c812c9e07a949f6f24 upstream.
> > >
> > > There have been reports of RDRAND issues after resuming from suspend on
> > > some AMD family 15h and family 16h systems. This issue stems from a BIOS
> > > not performing the proper steps during resume to ensure RDRAND continues
> > > to function properly.
> >
> > Yes. And instead of reinitializing the RDRAND on resume, this patch
> > breaks support even for people with properly functioning BIOSes...
>
> There is no way to reinitialize RDRAND from the kernel otherwise we would
> have exactly done that. If you know how to do that please tell.
Would they? AMD is not exactly doing good job with communication
here. If BIOS can do it, kernel can do it, too... or do you have
information saying otherwise?
> Also disabling it for every BIOS is the only way which can be done because
> there is no way to know whether the BIOS is fixed or not at cold boot
> time. And it has to be known there because applications cache the
I'm pretty sure DMI-based whitelist would help here. It should be
reasonably to fill it with the common machines at least.
Plus, where is the CVE, and does AMD do anything to make BIOS vendors
fix them?
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2019-08-28 10:31 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20190827072718.142728620@linuxfoundation.org>
2019-08-27 7:50 ` [PATCH 4.19 72/98] x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h Greg Kroah-Hartman
2019-08-27 11:36 ` Pavel Machek
2019-08-27 13:30 ` Thomas Gleixner
2019-08-28 10:31 ` Pavel Machek [this message]
2019-08-28 10:47 ` Thomas Gleixner
2019-08-28 11:49 ` Pavel Machek
2019-08-28 12:00 ` Borislav Petkov
2019-08-28 12:09 ` Pavel Machek
2019-08-28 12:16 ` Borislav Petkov
2019-08-28 12:29 ` Pavel Machek
2019-08-28 12:46 ` Borislav Petkov
2019-08-28 13:37 ` Pavel Machek
2019-08-28 14:15 ` Thomas Gleixner
2019-08-28 22:05 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190828103113.GA14677@amd \
--to=pavel@denx.de \
--cc=akpm@linux-foundation.org \
--cc=andrew.cooper3@citrix.com \
--cc=bp@suse.de \
--cc=corbet@lwn.net \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=natechancellor@gmail.com \
--cc=pbonzini@redhat.com \
--cc=rjw@rjwysocki.net \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
--cc=yu.c.chen@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).