| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <175200422447.406.16824702825580478461.tip-bot2@tip-bot2>
Date: Tue, 08 Jul 2025 19:50:24 -0000
From: "tip-bot2 for Mikhail Paulyshka" <tip-bot2@...utronix.de>
To: linux-tip-commits@...r.kernel.org
Cc: Mikhail Paulyshka <me@...aill.net>, "Borislav Petkov (AMD)" <bp@...en8.de>,
<stable@...nel.org>, x86@...nel.org, linux-kernel@...r.kernel.org
Subject: [tip: x86/urgent] x86/rdrand: Disable RDSEED on AMD Cyan Skillfish
The following commit has been merged into the x86/urgent branch of tip:
Commit-ID: 5b937a1ed64ebeba8876e398110a5790ad77407c
Gitweb: https://git.kernel.org/tip/5b937a1ed64ebeba8876e398110a5790ad77407c
Author: Mikhail Paulyshka <me@...aill.net>
AuthorDate: Sat, 24 May 2025 17:53:19 +03:00
Committer: Borislav Petkov (AMD) <bp@...en8.de>
CommitterDate: Tue, 08 Jul 2025 21:33:26 +02:00
x86/rdrand: Disable RDSEED on AMD Cyan Skillfish
AMD Cyan Skillfish (Family 17h, Model 47h, Stepping 0h) has an error that
causes RDSEED to always return 0xffffffff, while RDRAND works correctly.
Mask the RDSEED cap for this CPU so that both /proc/cpuinfo and direct CPUID
read report RDSEED as unavailable.
[ bp: Move to amd.c, massage. ]
Signed-off-by: Mikhail Paulyshka <me@...aill.net>
Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
Cc: <stable@...nel.org>
Link: https://lore.kernel.org/20250524145319.209075-1-me@mixaill.net
---
arch/x86/include/asm/msr-index.h | 1 +
arch/x86/kernel/cpu/amd.c | 7 +++++++
tools/arch/x86/include/asm/msr-index.h | 1 +
3 files changed, 9 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index b7dded3..5cfb5d7 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -628,6 +628,7 @@
#define MSR_AMD64_OSVW_STATUS 0xc0010141
#define MSR_AMD_PPIN_CTL 0xc00102f0
#define MSR_AMD_PPIN 0xc00102f1
+#define MSR_AMD64_CPUID_FN_7 0xc0011002
#define MSR_AMD64_CPUID_FN_1 0xc0011004
#define MSR_AMD64_LS_CFG 0xc0011020
#define MSR_AMD64_DC_CFG 0xc0011022
diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index 655f44f..e1c4661 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -930,6 +930,13 @@ static void init_amd_zen2(struct cpuinfo_x86 *c)
init_spectral_chicken(c);
fix_erratum_1386(c);
zen2_zenbleed_check(c);
+
+ /* Disable RDSEED on AMD Cyan Skillfish because of an error. */
+ if (c->x86_model == 0x47 && c->x86_stepping == 0x0) {
+ clear_cpu_cap(c, X86_FEATURE_RDSEED);
+ msr_clear_bit(MSR_AMD64_CPUID_FN_7, 18);
+ pr_emerg("RDSEED is not reliable on this platform; disabling.\n");
+ }
}
static void init_amd_zen3(struct cpuinfo_x86 *c)
diff --git a/tools/arch/x86/include/asm/msr-index.h b/tools/arch/x86/include/asm/msr-index.h
index b7dded3..5cfb5d7 100644
--- a/tools/arch/x86/include/asm/msr-index.h
+++ b/tools/arch/x86/include/asm/msr-index.h
@@ -628,6 +628,7 @@
#define MSR_AMD64_OSVW_STATUS 0xc0010141
#define MSR_AMD_PPIN_CTL 0xc00102f0
#define MSR_AMD_PPIN 0xc00102f1
+#define MSR_AMD64_CPUID_FN_7 0xc0011002
#define MSR_AMD64_CPUID_FN_1 0xc0011004
#define MSR_AMD64_LS_CFG 0xc0011020
#define MSR_AMD64_DC_CFG 0xc0011022
Powered by blists - more mailing lists