There are times when it is not strange to see large companies manipulating the behavior of their products in one way or another when certain tasks are detected, such as specific games or benchmarks, with the aim of ” artificially increase the result of such programs. This is precisely what seems to have happened at first with AMD Ryzen processors, and although in the end it seems that it is not like that, of course, the question is quite suspicious.
PCI PnP controller manipulates AMD Ryzen processor
As Ionescu discovered, the PCI driver for Windows searches for 19 hashes (executable files) which were quickly found to match the executable files of 19 games, which in itself raised suspicion. If the controller detects that one of these applications is running, it disables certain functions through the processor model-specific register (MSR).
Playing with my first AMD Ryzen system. It turns out that the “AMD PCI driver” is not actually a PCI driver… at all.
Here are some fun facts:
1) It registers a process creation notification routine and checks all process names against a list of 19 hashed names.
– Alex Ionescu (@aionescu) May 16, 2021
With a AMD Ryzen 1000 processor (Zen 1 architecture and therefore probably also affecting the Ryzen 2000), some functions of the instruction cache (operations cache) are affected, while with processors Ryzen 3000, certain functions of the L1 and L2 cache are affected. Remember, from what Ionescu has determined, this does not affect the latest AMD Ryzen 5000 processors.
Originally, Ionescu assumed that AMD would enable features that would benefit performance and potentially cause instability in these 19 games; performance optimization is virtually masked with the PCI controller. However, it looks like it in the end doesn’t work like that. the same driver disables these functions
AMD’s approach remains questionable
There is no doubt that AMD’s approach to this is questionable to say the least. According to Ionescu, neither the bit of the MSR that was adapted by the controller nor its function is documented anywhere. The fact that the controller has received the WQHL certificate Microsoft even though it performs tasks completely outside of its actual function, and while the PCI controller should precisely achieve WQHL’s goal of increasing system stability, this hidden function does the exact opposite.
Crash a Ryzen system in a single tweetable PowerShell row:
(Get-NtFile Device NTPNP_PCI0031) .DeviceIoControl (0x9C402400, 5, 5)
Hey, AMD, if you want to tweak some magic MSR bits that control instruction cache when playing some video games, can you at least code properly https://t.co/hb0jB5bCxh pic.twitter.com/ryNzbQYSFL
– Alex Ionescu (@aionescu) May 16, 2021
Ionescu refers to another issue in this regard and in this case it’s related to security: the controller’s IOCTL interface allowed Ionescu to lock down the computer with a single line of code through PowerShell, and it’s also possible manipulate the list of inspected. process by the controller.
AMD has not said anything about these accusations yet, but it is certainly at least suspicious that this “problem” was detected when the manufacturer has not documented it anywhere.
