An engineer from Meta on the Linux kernel developer mailing list drew attention to a problem with the operation of the instruction RDSEED in AMD processors based on the Zen 5 microarchitecture. In our tests, the RDSEED instruction, which provides access to the hardware entropy generator, returned the value 0 s in 10% of cases successful operation completion flag (CF=1). Since the value 0 is also returned if it is impossible to return a correct random number and such a state is highlighted by a different value of the operation completion flag (CF=0), it is assumed that AMD processors have a bug that leads to an incorrect determination of the operation state.
In the Linux kernel, the instruction is used as one of the elements for generating entropy in the software pseudo-random generator numbers. There are multiple sources of entropy, so the problem in RDSEED does not affect the overall quality of the random numbers produced by the kernel. A patch has been proposed for the kernel that disables the use of the RDSEED instruction on systems with some AMD-based processors microarchitecture Zen 5.
Initially, the problem was identified in the AMD EPYC Turin CPU, but was later repeated on another AMD CPU model with the same microarchitecture, therefore, instead of selective blocking, it was proposed to stop using RDSEED on all processors of the AMD Zen 5 family. It is noteworthy that testing the correct operation of RDSEED on different processors was carried out during the analysis of another problem with RDSEED that arose in the CPU Zen2 Cyan Skillfish and leading in some situations to returning only the value 0xffffffff. Before this, occurred in AMD processors problems with the RDRAND instruction not working after returning from sleep mode.