[cryptography] RDRAND not really random with Oracle Studio 12.3 + patches

Jeffrey Walton noloader at gmail.com
Mon Jun 13 02:06:23 EDT 2016


> While the code doesn't follow the SDG guidelines (I.E. it doesn't check for
> the return status and it doesn't check for the instruction support) it
> should work because RdRand doesn't underflow in any of our chips. Is this
> running in a VM or on bare metal?

I'm not sure. I forwarded it to CERT. I hope they assign a CVE and
obtain more details.

> I tried compiling that code on an Ivy Bridge machine running Linux, but it
> failed to compile..
>
>>gcc rdrand.c -o rdrand
> rdrand.c:1:29: fatal error: sys/immintrin.h: No such file or directory
> compilation terminated.

I'm fairly certain you need to use Sun Studio's CC. E.g.,

$ /opt/solarisstudio12.3/bin/cc -native -m64 -xarch=aes test.cc -o test.exe

There's a procedure to acquire Sun Studio:
https://docs.oracle.com/cd/E37069_01/html/E37072/gozsz.html . Once you
have the keys, you can install 12.2, 12.3, 12.4, etc.

> So I pointed the header to the right place and spend an eternity finding I
> needed the -mrdrnd target to make the intrinsic happy.
>
> #include <sys/immintrin.h>  --> #include <immintrin.h>

Lol... For GCC and Clang, try <x86intrin.h>. (There's a long history
behind that chuckle).

> So it must be some sort of compiler bug or VM problem.

Yeah, it appears to be related to Sun Studio. Bare metal and VMs are a
different story.

Bare metal XEON 5200's (no RDRAND, expected):

$ isainfo -v
64-bit amd64 applications
        ssse3 ahf cx16 sse3 sse2 sse fxsr mmx cmov amd_sysc cx8 tsc fpu
32-bit i386 applications
        ssse3 ahf cx16 sse3 sse2 sse fxsr mmx cmov sep cx8 tsc fpu

VM on top of Core i5-3200 (+AES, +RDRAND, -RDSEED):

64-bit amd64 applications
    sse4.2 sse4.1 ssse3 tscp ahf sse3 sse2 sse fxsr mmx cmov amd_sysc cx8
    tsc fpu
32-bit i386 applications
    sse4.2 sse4.1 ssse3 tscp ahf sse3 sse2 sse fxsr mmx cmov sep cx8 tsc
    fpu

Same Core i5-3200 host with a Linux guest shows aes, rdrand, xsave,
pcclmulqdq, etc.

I have a Core i7-5000 (+AES, +RDRAND, +RDSEED) on a headless server
with Libvirt. I have to perform the net install, but its been giving
me trouble. I hope to have it stood up over the next couple of days.

Jeff

 -----

The following may be helpful. Some familiar preprocessor macros are
missing. In this respect, its kind of like Microsoft where you base
feature availability on compiler version. In this case, Sun Studio
12.3 is __SUNPRO_CC 0x5130, and that means AES is available if
-xarch=aes is on the command line.

$ /opt/solarisstudio12.4/bin/CC -native -m64 -xarch=aes -E
-xdumpmacros /dev/null 2>&1 | sort

#1 "/dev/null"
#define __alignof__ __alignof
#define __amd64 1
#define __amd64__ 1
#define __ARRAYNEW 1
#define __asm asm
#define __asm__ asm
#define __attribute __attribute__
#define __builtin_constant_p __oracle_builtin_constant_p
#define __builtin_fpclassify __oracle_builtin_fpclassify
#define __builtin_huge_val __oracle_builtin_huge_val
#define __builtin_huge_valf __oracle_builtin_huge_valf
#define __builtin_huge_vall __oracle_builtin_huge_vall
#define __builtin_infinity __oracle_builtin_infinity
#define __builtin_isfinite __oracle_builtin_isfinite
#define __builtin_isgreater __oracle_builtin_isgreater
#define __builtin_isgreaterequal __oracle_builtin_isgreaterequal
#define __builtin_isinf __oracle_builtin_isinf
#define __builtin_isless __oracle_builtin_isless
#define __builtin_islessequal __oracle_builtin_islessequal
#define __builtin_islessgreater __oracle_builtin_islessgreater
#define __builtin_isnan __oracle_builtin_isnan
#define __builtin_isnormal __oracle_builtin_isnormal
#define __builtin_isunordered __oracle_builtin_isunordered
#define __builtin_nan __oracle_builtin_nan
#define __builtin_signbit __oracle_builtin_signbit
#define __BUILTIN_VA_STRUCT 1
#define __cplusplus 199711L
#define __DATE__ "Jun 13 2016"
#define __FILE__
#define __has_attribute(x) __oracle_has_attribute(x)
#define __has_nothrow_assign(x) __oracle_has_nothrow_assign(x)
#define __has_nothrow_constructor(x) __oracle_has_nothrow_constructor(x)
#define __has_nothrow_copy(x) __oracle_has_nothrow_copy(x)
#define __has_trivial_assign(x) __oracle_has_trivial_assign(x)
#define __has_trivial_constructor(x) __oracle_has_trivial_constructor(x)
#define __has_trivial_copy(x) __oracle_has_trivial_copy(x)
#define __has_trivial_destructor(x) __oracle_has_trivial_destructor(x)
#define __has_virtual_destructor(x) __oracle_has_virtual_destructor(x)
#define __is_abstract(x) __oracle_is_abstract(x)
#define __is_base_of(x,y) __oracle_is_base_of(x,y)
#define __is_class(x) __oracle_is_class(x)
#define __is_empty(x) __oracle_is_empty(x)
#define __is_enum(x) __oracle_is_enum(x)
#define __is_final(x) __oracle_is_final(x)
#define __is_literal_type(x) __oracle_is_literal_type(x)
#define __is_pod(x) __oracle_is_pod(x)
#define __is_polymorphic(x) __oracle_is_polymorphic(x)
#define __is_standard_layout(x) __oracle_is_standard_layout(x)
#define __is_trivial(x) __oracle_is_trivial(x)
#define __is_union(x) __oracle_is_union(x)
#define __LINE__
#define __LP64__ 1
#define __PRAGMA_REDEFINE_EXTNAME 1
#define __STDC__ 0
#define __sun 1
#define __SUN_PREFETCH 1
#define __SunOS 1
#define __SunOS_5_11 1
#define __SUNPRO_CC 0x5130
#define __SUNPRO_CC_COMPAT 5
#define __SVR4 1
#define __TIME__ "02:03:00"
#define __underlying_type(x) __oracle_underlying_type(x)
#define __unix 1
#define __volatile volatile
#define __volatile__ volatile
#define __x86_64 1
#define __x86_64__ 1
#define _BOOL 1
#define _LARGEFILE64_SOURCE 1
#define _LP64 1
#define _SIGNEDCHAR_ 1
#define _TEMPLATE_NO_EXTDEF 1
#define _WCHAR_T
#define sun 1
#define unix 1


More information about the cryptography mailing list