Due To A GCC Bug, RDRAND Usage Wasn't As Random As Expected

Written by Michael Larabel in GNU on 27 July 2017 at 08:26 AM EDT. 16 Comments
GNU
In a now-fixed bug, the RDRAND/RDSEED instructions for pulling random number generators on modern CPUs may have not been as random as desired when using GCC.

Using older versions of GCC could lead to RDRAND/RDSEED instrinsics producing non-random results. The issue was fixed in GCC back in March but only disclosed today on the oss-sec list as CVE-2017-11671.

There's also this GCC bug report about the issue. GCC should be working fine now with RDRAND/RDSEED: RDRAND was first added to Ivy Bridge CPUs while the RDSEED instruction is supported by Intel Broadwell CPUs and newer as well as AMD Zen CPUs.

Fortunately, the real-world impact should be mitigated as there is an "unrelated GCC usability issue" causing these random/seed intrinsics to be made difficult to use and inline Assembly wasn't affected by this bug. Then again, many people prefer not trusting crypto/RNG hardware from big manufacturers these days anyways.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week