• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Some AMD Processors Have a Hardware RNG Bug, Losing Randomness After Suspend Resume

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,294 (7.53/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Red Hat Systemd (system and service manager) lead developer Lennart Poettering discovered that AMD A6-6310 "Beema" SoC that's popular among low-cost notebooks, has a faulty implementation of the RdRand random-number generation instruction. The processor's hardware random number generator (RNG) loses "randomness" after the machine resumes from a suspended state (i.e. waking up the notebook from sleep by opening its lid while it's powered on). Modern computers rely on RNGs for "entropy," critical to generation of unpredictable keys on the fly for SSL. However, the entropy source needn't be hardware, and isn't so by default. Software RNGs exist, and by default the Linux kernel does not use RdRand to generate entropy. Windows is not known to use RdRand for basic ACPI functions such as suspend/resume; however a faulty hardware RNG is not without implications for the platform, and applications that run on it.

Users on GitHub and Bugzilla report that with this bug, you cannot make a machine suspend a second time after waking it up from a suspended state, if your kernel uses RdRand. Commit cc83d51 to Systemd introduced optional randomness generation based on RdRand instruction. So, if RdRand instruction is present, it is used to generate UUIDs for invocation IDs. Michael Larabel of Phoronix comments that the RdRand bug is only found on older generations of AMD processors, "Excavator" and older; and does not affect the latest "Zen" processors. This bug report chronicles what's wrong with RdRand on the affected processors, as does this Linux kernel bugzilla thread. By avoiding RdRand usage on the system as part of generating a UUID, the reported systemd issue no longer happens. Red Hat is working on a solution to this bug.



View at TechPowerUp Main Site
 
Joined
Jan 17, 2006
Messages
932 (0.13/day)
Location
Ireland
System Name "Run of the mill" (except GPU)
Processor R9 3900X
Motherboard ASRock X470 Taich Ultimate
Cooling Cryorig (not recommended)
Memory 32GB (2 x 16GB) Team 3200 MT/s, CL14
Video Card(s) Radeon RX6900XT
Storage Samsung 970 Evo plus 1TB NVMe
Display(s) Samsung Q95T
Case Define R5
Audio Device(s) On board
Power Supply Seasonic Prime 1000W
Mouse Roccat Leadr
Keyboard K95 RGB
Software Windows 11 Pro x64, insider preview dev channel
Benchmark Scores #1 worldwide on 3D Mark 99, back in the (P133) days. :)
Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose. ;)

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.
 
Last edited:
Joined
Nov 24, 2018
Messages
2,251 (1.01/day)
Location
south wales uk
System Name 1.FortySe7en VR rig 2. intel teliscope rig 3.MSI GP72MVR Leopard Pro .E-52699, Xeon play thing
Processor 1.3900x @stock 2. 3700x . 3. i7 7700hq
Motherboard 1.aorus x570 ultra 2. Rog b450 f,4 MR9A PRO ATX X99
Cooling 1.Hard tube loop, cpu and gpu 2. Hard loop cpu and gpu 4 360 AIO
Memory 1.Gskill neo @3600 32gb 2.corsair ven 32gb @3200 3. 16gb hyperx @2400 4 64GB 2133 in quad channel
Video Card(s) 1.GIGABYTE RTX 3080 WaterForce WB 2. Aorus RTX2080 3. 1060 3gb. 4 Arc 770LE 16 gb
Storage 1 M.2 500gb , 2 3tb HDs 2. 256gb ssd, 3tbHD 3. 256 m.2. 1tb ssd 4. 2gb ssd
Display(s) 1.LG 50" UHD , 2 MSI Optix MAG342C UWHD. 3.17" 120 hz display 4. Acer Preditor 144hz 32inch.z
Case 1. Thermaltake P5 2. Thermaltake P3 4. some cheapo case that should not be named.
Audio Device(s) 1 Onboard 2 Onboard 3 Onboard 4. onboard.
Power Supply 1.seasonic gx 850w 2. seasonic gx 750w. 4 RM850w
Mouse 1 ROG Gladius 2 Corsair m65 pro
Keyboard 1. ROG Strix Flare 2. Corsair F75 RBG 3. steelseries RBG
VR HMD rift and rift S and Quest 2.
Software 1. win11 pro 2. win11 pro 3, win11 home 4 win11 pro
Benchmark Scores 1.7821 cb20 ,cb15 3442 1c 204 cpu-z 1c 539 12c 8847
thankfully not Zen .
 
Joined
May 31, 2016
Messages
4,440 (1.42/day)
Location
Currently Norway
System Name Bro2
Processor Ryzen 5800X
Motherboard Gigabyte X570 Aorus Elite
Cooling Corsair h115i pro rgb
Memory 32GB G.Skill Flare X 3200 CL14 @3800Mhz CL16
Video Card(s) Powercolor 6900 XT Red Devil 1.1v@2400Mhz
Storage M.2 Samsung 970 Evo Plus 500MB/ Samsung 860 Evo 1TB
Display(s) LG 27UD69 UHD / LG 27GN950
Case Fractal Design G
Audio Device(s) Realtec 5.1
Power Supply Seasonic 750W GOLD
Mouse Logitech G402
Keyboard Logitech slim
Software Windows 10 64 bit
Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose. ;)

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.
True that. I thought Ryzen is affected as well.
You think they are going to do something with this? I mean, Ryzen going to replace these older AMD products anyway.
 
Joined
Sep 17, 2014
Messages
22,666 (6.05/day)
Location
The Washing Machine
System Name Tiny the White Yeti
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
VR HMD HD 420 - Green Edition ;)
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
Didn't Intel have an RNG bug as well a few years back? Seems like an allround oversight just like the Spectre issues.
 

Space Lynx

Astronaut
Joined
Oct 17, 2014
Messages
17,425 (4.69/day)
Location
Kepler-186f
Processor 7800X3D -25 all core
Motherboard B650 Steel Legend
Cooling Frost Commander 140
Video Card(s) Merc 310 7900 XT @3100 core -.75v
Display(s) Agon 27" QD-OLED Glossy 240hz 1440p
Case NZXT H710 (Red/Black)
Audio Device(s) Asgard 2, Modi 3, HD58X
Power Supply Corsair RM850x Gold
Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose. ;)

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.

I have to admit this is a low for TPU... clicky clicky fishy fishy
 
Joined
Jun 28, 2016
Messages
3,595 (1.16/day)
You think they are going to do something with this? I mean, Ryzen going to replace these older AMD products anyway.
They have to. Computing is not just gaming desktops. :p

There are embedded chips on this arch running a lot of hardware. How would you feel taking money from an ATM, if you know it may have faulty encryption? ;-)
These embedded chips will work for many years (hopefully).

If we searched long enough, I'm sure we'd find trains or planes using these chips as well.
 
Joined
Jun 28, 2016
Messages
3,595 (1.16/day)
How do you lose (pseudo)randomness anyway :wtf:
The idea behind RdRand is that it returns "true" random numbers, i.e. there's no cycle.
Thing is: Intel implemented this first and introduced and instruction set that got popular. AMD made a workaround, computation-based implementation (so not really random, but still extremely good). Problem is: people found a situation when this algorithm breaks and RNG quality drops significantly.

Zen uses an entropy-based implementation similar to Intel's, so it isn't affected by this issue.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,583 (6.67/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2Ă—BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
If AMD takes this seriously they may provide a fix, who knows...
 
Joined
Mar 7, 2010
Messages
993 (0.18/day)
Location
Michigan
System Name Daves
Processor AMD Ryzen 3900x
Motherboard AsRock X570 Taichi
Cooling Enermax LIQMAX III 360
Memory 32 GiG Team Group B Die 3600
Video Card(s) Powercolor 5700 xt Red Devil
Storage Crucial MX 500 SSD and Intel P660 NVME 2TB for games
Display(s) Acer 144htz 27in. 2560x1440
Case Phanteks P600S
Audio Device(s) N/A
Power Supply Corsair RM 750
Mouse EVGA
Keyboard Corsair Strafe
Software Windows 10 Pro
Joined
Sep 17, 2014
Messages
22,666 (6.05/day)
Location
The Washing Machine
System Name Tiny the White Yeti
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
VR HMD HD 420 - Green Edition ;)
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
How do you lose (pseudo)randomness anyway :wtf:

Don't you remember from way back in the day, walkmans and discmans had a 'Random' play feature with recognizable patterns? I owned quite a few and they all had that - but maybe I'm just weird noticing that in the first place. It wasn't fixed up to the point that I could tell what song came next, but it definitely had similar 'jumps' through the song lists every so often. Play enough songs and it doesn't feel so random anymore.
 
Joined
Apr 12, 2013
Messages
7,563 (1.77/day)
This seems to be a very specific problem - Linux, OpenSSL, resume from sleep, older gen hardware. You need to tick a lot of boxes to get affected by this software bug.
After suspend/resume on a recent AMD CPU, the rdrand instruction fails.
symptoms are that openssl fails to generate keys (trying to do kernel
module signing), and ssh anywhere does not work.

The problem was eventually diagnosed by disabling that instruction in ssh - i.e. "OPENSSL_ia32cap=~0x4000000000000000 ssh ..." works.

Definitely not recent.
 
Joined
Jun 28, 2016
Messages
3,595 (1.16/day)
This seems to be a very specific problem - Linux, OpenSSL, resume from sleep, older gen hardware. You need to tick a lot of boxes to get affected by this software bug.
Not exactly true. Hardware RNGs are used in many other situations. Scientists love them. It was an amazing leap when Intel added this in Ivy.
In case you wonder where scientists got random numbers earlier: they ordered them. For money.

Entropy-based implementations in CPUs are rather good, just very slow. A fast quantum-based RNG costs $1000.

If AMD's workaround (before Zen it was not a true hardware RNG, just a boosted pseudo) is faulty and there's a chance of a problem in some critical applications (embedded!), it has to be fixed or killed.
 
Joined
Apr 12, 2013
Messages
7,563 (1.77/day)
If AMD's workaround (before Zen it was not a true hardware RNG, just a boosted pseudo) is faulty
Sure, however this bug was first reported back in 2014 but was closed due to insufficient data. I guess the guy suffering from it, instead suffered more from the craptop? We don't even know if this affects say Windows, also Linux doesn't use just the hardware RNG for entropy.

 

bug

Joined
May 22, 2015
Messages
13,842 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Does anyone remember that Debian (and downstream) bug that wiped out software RNG? That one also went undetected for years.
 

bug

Joined
May 22, 2015
Messages
13,842 (3.95/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Joined
Aug 20, 2007
Messages
21,539 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Didn't Intel have an RNG bug as well a few years back? Seems like an allround oversight just like the Spectre issues.

Link? I am unaware of any active issues in Intel's implementation.

Has anyone considered that systemd sucks?

It's against Unix philosophy, but to deny it has any benefits is pretty false.

We don't even know if this affects say Windows

If the hardware is faulty and an app uses it, of course it does.



Those openssl flags completely disable the use of rdrand. This is a purely hardware bug.
 
Last edited:
Joined
Aug 20, 2007
Messages
21,539 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Joined
Dec 30, 2010
Messages
2,200 (0.43/day)

It would suprise you how many casino's over the world use embedded hardware from AMD. I dont see a slot machine for example go into a sleep state after being inactive (they just turn it off) but it could affect that same Randomness games are supposed to have.
 
Joined
Aug 20, 2007
Messages
21,539 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
It would suprise you how many casino's over the world use embedded hardware from AMD. I dont see a slot machine for example go into a sleep state after being inactive (they just turn it off) but it could affect that same Randomness games are supposed to have.

When it's important to have reliable noncompromisable entropy on the cheap they usually generate it via software. Rdrand is considered potentially weak in such cases.
 
Top