Hi!
There is no way to reinitialize RDRAND from the kernel otherwise we would have exactly done that. If you know how to do that please tell.
Would they? AMD is not exactly doing good job with communication
Yes they would. Stop making up weird conspiracy theories.
here. If BIOS can do it, kernel can do it, too...
May I recommend to read up on SMM and BIOS being able to lock down access to certain facilities?
or do you have information saying otherwise?
Yes. It was clearly stated by Tom that it can only be done in the BIOS.
Do you have a link for that? Because I don't think I seen that one.
Also disabling it for every BIOS is the only way which can be done because there is no way to know whether the BIOS is fixed or not at cold boot time. And it has to be known there because applications cache the
I'm pretty sure DMI-based whitelist would help here. It should be reasonably to fill it with the common machines at least.
Send patches to that effect.
Why should it be my job? AMD screwed this up, they should fix it properly. And you should insist on proper fix.
Plus, where is the CVE, and does AMD do anything to make BIOS vendors fix them?
May I redirect you to: https://www.amd.com/en/corporate/contact
That will certainly make communication easier, right.
Pavel