Due To A GCC Bug, RDRAND Usage Wasn't As Random As Expected
In a now-fixed bug, the RDRAND/RDSEED instructions for pulling random number generators on modern CPUs may have not been as random as desired when using GCC.
Using older versions of GCC could lead to RDRAND/RDSEED instrinsics producing non-random results. The issue was fixed in GCC back in March but only disclosed today on the oss-sec list as CVE-2017-11671.
There's also this GCC bug report about the issue. GCC should be working fine now with RDRAND/RDSEED: RDRAND was first added to Ivy Bridge CPUs while the RDSEED instruction is supported by Intel Broadwell CPUs and newer as well as AMD Zen CPUs.
Fortunately, the real-world impact should be mitigated as there is an "unrelated GCC usability issue" causing these random/seed intrinsics to be made difficult to use and inline Assembly wasn't affected by this bug. Then again, many people prefer not trusting crypto/RNG hardware from big manufacturers these days anyways.
Using older versions of GCC could lead to RDRAND/RDSEED instrinsics producing non-random results. The issue was fixed in GCC back in March but only disclosed today on the oss-sec list as CVE-2017-11671.
There's also this GCC bug report about the issue. GCC should be working fine now with RDRAND/RDSEED: RDRAND was first added to Ivy Bridge CPUs while the RDSEED instruction is supported by Intel Broadwell CPUs and newer as well as AMD Zen CPUs.
Fortunately, the real-world impact should be mitigated as there is an "unrelated GCC usability issue" causing these random/seed intrinsics to be made difficult to use and inline Assembly wasn't affected by this bug. Then again, many people prefer not trusting crypto/RNG hardware from big manufacturers these days anyways.
16 Comments