Some AMD Processors Have a Hardware RNG Bug, Losing Randomness After Suspend Resume

btarunr · May 8, 2019

Red Hat Systemd (system and service manager) lead developer Lennart Poettering discovered that AMD A6-6310 "Beema" SoC that's popular among low-cost notebooks, has a faulty implementation of the RdRand random-number generation instruction. The processor's hardware random number generator (RNG) loses "randomness" after the machine resumes from a suspended state (i.e. waking up the notebook from sleep by opening its lid while it's powered on). Modern computers rely on RNGs for "entropy," critical to generation of unpredictable keys on the fly for SSL. However, the entropy source needn't be hardware, and isn't so by default. Software RNGs exist, and by default the Linux kernel does not use RdRand to generate entropy. Windows is not known to use RdRand for basic ACPI functions such as suspend/resume; however a faulty hardware RNG is not without implications for the platform, and applications that run on it.

Users on GitHub and Bugzilla report that with this bug, you cannot make a machine suspend a second time after waking it up from a suspended state, if your kernel uses RdRand. Commit cc83d51 to Systemd introduced optional randomness generation based on RdRand instruction. So, if RdRand instruction is present, it is used to generate UUIDs for invocation IDs. Michael Larabel of Phoronix comments that the RdRand bug is only found on older generations of AMD processors, "Excavator" and older; and does not affect the latest "Zen" processors. This bug report chronicles what's wrong with RdRand on the affected processors, as does this Linux kernel bugzilla thread. By avoiding RdRand usage on the system as part of generating a UUID, the reported systemd issue no longer happens. Red Hat is working on a solution to this bug.

View at TechPowerUp Main Site

nemesis.ie · May 8, 2019

Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose.

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.

xtreemchaos · May 8, 2019

thankfully not Zen .

ratirt · May 8, 2019

nemesis.ie said:
Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose.

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.

True that. I thought Ryzen is affected as well.
You think they are going to do something with this? I mean, Ryzen going to replace these older AMD products anyway.

Vayra86 · May 8, 2019

Didn't Intel have an RNG bug as well a few years back? Seems like an allround oversight just like the Spectre issues.

Redwoodz · May 8, 2019

So this effects every Beema laptop being used? Sorry for those 2 people. :wtf:

R0H1T · May 8, 2019

How do you lose (pseudo)randomness anyway :wtf:

Space Lynx · May 8, 2019

nemesis.ie said:
Maybe adjust the title to something like "Some older (2014) AMD tablet SoCs ....".

That would be a bit less "attention grabbing" though I suppose.

Let's hope they bring out a microcode update quickly.

It's also odd that this appears to have been first reported in 2014 and it's only being worked on now? Maybe it's a non-issue (per the comments) as most of this stuff is now in software/windows doesn't use it. So why have the Linux folks just decided to do an update/fix for it recently? Strange.

I have to admit this is a low for TPU... clicky clicky fishy fishy

notb · May 8, 2019

ratirt said:
You think they are going to do something with this? I mean, Ryzen going to replace these older AMD products anyway.

They have to. Computing is not just gaming desktops. :-P

There are embedded chips on this arch running a lot of hardware. How would you feel taking money from an ATM, if you know it may have faulty encryption? ;-)
These embedded chips will work for many years (hopefully).

If we searched long enough, I'm sure we'd find trains or planes using these chips as well.

Deleted member 158293 · May 8, 2019

Yeah this is click bait level stuff...

notb · May 8, 2019

R0H1T said:
How do you lose (pseudo)randomness anyway

The idea behind RdRand is that it returns "true" random numbers, i.e. there's no cycle.
Thing is: Intel implemented this first and introduced and instruction set that got popular. AMD made a workaround, computation-based implementation (so not really random, but still extremely good). Problem is: people found a situation when this algorithm breaks and RNG quality drops significantly.

Zen uses an entropy-based implementation similar to Intel's, so it isn't affected by this issue.

eidairaman1 · May 8, 2019

If AMD takes this seriously they may provide a fix, who knows...

Dave65 · May 8, 2019

Redwoodz said:
So this effects every Beema laptop being used? Sorry for those 2 people.

LMAOOOOOOOO :laugh:

Vayra86 · May 8, 2019

R0H1T said:
How do you lose (pseudo)randomness anyway

Don't you remember from way back in the day, walkmans and discmans had a 'Random' play feature with recognizable patterns? I owned quite a few and they all had that - but maybe I'm just weird noticing that in the first place. It wasn't fixed up to the point that I could tell what song came next, but it definitely had similar 'jumps' through the song lists every so often. Play enough songs and it doesn't feel so random anymore.

R0H1T · May 8, 2019

This seems to be a very specific problem - Linux, OpenSSL, resume from sleep, older gen hardware. You need to tick a lot of boxes to get affected by this software bug.

After suspend/resume on a recent AMD CPU, the rdrand instruction fails.
symptoms are that openssl fails to generate keys (trying to do kernel
module signing), and ssh anywhere does not work.

The problem was eventually diagnosed by disabling that instruction in ssh - i.e. "OPENSSL_ia32cap=~0x4000000000000000 ssh ..." works.

85911 – rdrand instruction fails after resume on AMD CPU

bugzilla.kernel.org

Definitely not recent.

notb · May 8, 2019

R0H1T said:
This seems to be a very specific problem - Linux, OpenSSL, resume from sleep, older gen hardware. You need to tick a lot of boxes to get affected by this software bug.

Not exactly true. Hardware RNGs are used in many other situations. Scientists love them. It was an amazing leap when Intel added this in Ivy.
In case you wonder where scientists got random numbers earlier: they ordered them. For money.

Entropy-based implementations in CPUs are rather good, just very slow. A fast quantum-based RNG costs $1000.

If AMD's workaround (before Zen it was not a true hardware RNG, just a boosted pseudo) is faulty and there's a chance of a problem in some critical applications (embedded!), it has to be fixed or killed.

R0H1T · May 8, 2019

notb said:
If AMD's workaround (before Zen it was not a true hardware RNG, just a boosted pseudo) is faulty

Sure, however this bug was first reported back in 2014 but was closed due to insufficient data. I guess the guy suffering from it, instead suffered more from the craptop? We don't even know if this affects say Windows, also Linux doesn't use just the hardware RNG for entropy.

1150286 – rdrand instruction fails after resume on AMD CPU

bugzilla.redhat.com

bug · May 8, 2019

Does anyone remember that Debian (and downstream) bug that wiped out software RNG? That one also went undetected for years.

sorter · May 8, 2019

Has anyone considered that systemd sucks?

bug · May 8, 2019

sorter said:
Has anyone considered that systemd sucks?

Everything sucks, but systemd sucks a little less than sysv init.
I don't particularly love systemd, but it works and it adds value.

R-T-B · May 8, 2019

Vayra86 said:
Didn't Intel have an RNG bug as well a few years back? Seems like an allround oversight just like the Spectre issues.

Link? I am unaware of any active issues in Intel's implementation.

sorter said:
Has anyone considered that systemd sucks?

It's against Unix philosophy, but to deny it has any benefits is pretty false.

R0H1T said:
We don't even know if this affects say Windows

If the hardware is faulty and an app uses it, of course it does.

R0H1T said:
software

Those openssl flags completely disable the use of rdrand. This is a purely hardware bug.

R0H1T · May 8, 2019

^Zenforo bug?

R-T-B · May 8, 2019

R0H1T said:
^Zenforo bug?

no idea, correcting...

EDIT: fixed. My post was duped all over if anyones curious.

Jism · May 8, 2019

Redwoodz said:
those 2

It would suprise you how many casino's over the world use embedded hardware from AMD. I dont see a slot machine for example go into a sleep state after being inactive (they just turn it off) but it could affect that same Randomness games are supposed to have.

R-T-B · May 8, 2019

Jism said:
It would suprise you how many casino's over the world use embedded hardware from AMD. I dont see a slot machine for example go into a sleep state after being inactive (they just turn it off) but it could affect that same Randomness games are supposed to have.

When it's important to have reliable noncompromisable entropy on the cheap they usually generate it via software. Rdrand is considered potentially weak in such cases.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	7950X
Processor	R9 7950X
Motherboard	Asus X670 Hero
Cooling	Noctua DH15 black edition
Memory	64GB (4 x 16GB) 6000 MT/s
Video Card(s)	Radeon RX7900XT
Storage	Firecuda 540
Display(s)	Samsung Q95T
Audio Device(s)	On board
Power Supply	Seasonic Prime 1000W
Mouse	Roccat Leadr
Keyboard	K95 RGB
Software	Windows 11 Pro x64, insider preview dev channel
Benchmark Scores	#1 worldwide on 3D Mark 99, back in the (P133) days. :)

System Name	1.FortySe7en VR rig 2. intel teliscope rig 3.MSI GP72MVR Leopard Pro .E-52699, Xeon play thing
Processor	1.3900x @stock 2. 5950x undervolted . 3. i7 7700hq 4 E5-2699 V3
Motherboard	1.aorus x570 ultra 2. Rog b550 f,4 MR9A PRO ATX X99
Cooling	1.Hard tube loop, cpu and gpu 2. Hard loop cpu and gpu 4 360 AIO
Memory	1.Gskill neo @3600 32gb 2.corsair ven 32gb @3200 3. 16gb hyperx @2400 4 64GB 2133 in quad channel
Video Card(s)	1.GIGABYTE RTX 3080 WaterForce WB 2. Aorus RTX2080 3. 1060 3gb. 4 Arc 770LE 16 gb
Storage	1 M.2 1tb +1tb , 2 3tb HDs 2. 1tb m.2 3tbHD 3. 256 m.2. 1tb ssd 4. 2gb ssd
Display(s)	1.LG 50" UHD , 2 MSI Optix MAG342C UWHD. 3.17" 120 hz display 4. Acer Preditor 144hz 32inch.z
Case	1. Thermaltake P5 2. Thermaltake P3 4. montech king 65
Audio Device(s)	1 Onboard 2 Onboard 3 Onboard 4. onboard.
Power Supply	1.seasonic gx 850w 2. seasonic gx 750w. 4 RM850w
Mouse	1 ROG Gladius 2 Corsair m65 pro
Keyboard	1. ROG Strix Flare 2. Corsair F75 RBG 3. steelseries RBG
VR HMD	rift and rift S and Quest 2. rog ally 2tb m.2 1tb SD.
Software	1. win11 pro 2. win11 pro 3, win11 home 4 win11 pro
Benchmark Scores	1.7821 cb20 ,cb15 3442 1c 204 cpu-z 1c 539 12c 8847

System Name	Bro2
Processor	Ryzen 5800X
Motherboard	Gigabyte X570 Aorus Elite
Cooling	Corsair h115i pro rgb
Memory	32GB G.Skill Flare X 3200 CL14 @3800Mhz CL16
Video Card(s)	Powercolor 6900 XT Red Devil 1.1v@2400Mhz
Storage	M.2 Samsung 970 Evo Plus 500MB/ Samsung 860 Evo 1TB
Display(s)	LG 27UD69 UHD / LG 27GN950
Case	Fractal Design G
Audio Device(s)	Realtec 5.1
Power Supply	Seasonic 750W GOLD
Mouse	Logitech G402
Keyboard	Logitech slim
Software	Windows 10 64 bit

System Name	Tiny the White Yeti
Processor	7800X3D
Motherboard	MSI MAG Mortar b650m wifi
Cooling	CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory	32GB Corsair Vengeance 30CL6000
Video Card(s)	ASRock RX7900XT Phantom Gaming
Storage	Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s)	Gigabyte G34QWC (3440x1440)
Case	Lian Li A3 mATX White
Audio Device(s)	Harman Kardon AVR137 + 2.1
Power Supply	EVGA Supernova G2 750W
Mouse	Steelseries Aerox 5
Keyboard	Lenovo Thinkpad Trackpoint II
VR HMD	HD 420 - Green Edition ;)
Software	W11 IoT Enterprise LTSC
Benchmark Scores	Over 9000

Some AMD Processors Have a Hardware RNG Bug, Losing Randomness After Suspend Resume

btarunr

Editor & Senior Moderator

nemesis.ie

xtreemchaos

ratirt

Vayra86

Redwoodz

R0H1T

Space Lynx

Astronaut

notb

Deleted member 158293

Guest

notb

eidairaman1

The Exiled Airman

Dave65

Vayra86

R0H1T

85911 – rdrand instruction fails after resume on AMD CPU

notb

R0H1T

1150286 – rdrand instruction fails after resume on AMD CPU

bug

sorter

New Member

bug

R-T-B

R0H1T

R-T-B

Jism

R-T-B

Processor	7800X3D -25 all core
Motherboard	B650 Steel Legend
Cooling	Frost Commander 140
Memory	32gb ddr5 (2x16) cl 30 6000
Video Card(s)	Merc 310 7900 XT @3100 core -.75v
Display(s)	Agon 27" QD-OLED Glossy 240hz 1440p
Case	NZXT H710
Power Supply	Corsair RM850x

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	Daves
Processor	AMD Ryzen 3900x
Motherboard	AsRock X570 Taichi
Cooling	Enermax LIQMAX III 360
Memory	32 GiG Team Group B Die 3600
Video Card(s)	Powercolor 5700 xt Red Devil
Storage	Crucial MX 500 SSD and Intel P660 NVME 2TB for games
Display(s)	Acer 144htz 27in. 2560x1440
Case	Phanteks P600S
Audio Device(s)	N/A
Power Supply	Corsair RM 750
Mouse	EVGA
Keyboard	Corsair Strafe
Software	Windows 10 Pro

Processor	Intel i5-12600k
Motherboard	Asus H670 TUF
Cooling	Arctic Freezer 34
Memory	2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s)	EVGA GTX 1060 SC
Storage	500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s)	Dell U3219Q + HP ZR24w
Case	Raijintek Thetis
Audio Device(s)	Audioquest Dragonfly Red :D
Power Supply	Seasonic 620W M12
Mouse	Logitech G502 Proteus Core
Keyboard	G.Skill KM780R
Software	Arch Linux + Win10

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	128GB (4x 32GB) G.Skill Flare X5 @ DDR5-4200(Running 1:1:1 w/FCLK)
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64, other office machines run Windows 11 Enterprise