You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Does "work" in this case basically just mean "intercept CPUID and thereby disable rdrand"? Or are there other failures under VMs that we have seen?
There were some mentions on the call of other approaches (aka hacks) for nixing rdrand on such platforms... hmm what could those be? Maybe @devietti was alluding to super dirty hacks like patching known uses of rdrand inside cpp standard lib or something...?
On AWS EC2 (t2.micro), it reports cpuid_fault is supported; however, it does nothing. hence even arch_prctl(ARCH_SET_CPUID) returns success, the system still cannot trap cpuid instruction. As a result, we won't see any arch_prctl failure, but we won't be able to intercept rdrand, so random_device.cpp (or std::random) returns non-deterministic random numbers.
DetTrace may not work on all cloud platforms.
We currently use Azure and it works. @wangbj has shown it doesn't work properly on AWS firecracker-microvm/firecracker#1330
We should probably list all cloud platforms we hope to support, and have a CI check for all platforms to ensure DetTrace continuous to work.
The text was updated successfully, but these errors were encountered: