Skip to content
【☢】 ▷ Hardware, Reviews, News, Tutorials, Help post

AMD uses PCI controllers to manipulate functions of Ryzen CPUs

There are times when it is not strange to see large companies manipulating the behavior of their products in one way or another when certain tasks are detected, such as specific games or benchmarks, with the aim of artificially increasing the result in such programs. It is precisely what at first seems to have happened with the AMD Ryzen CPUs, and although in the end it seems that it is not like that, of course the matter is quite suspicious.

PnP PCI controller manipulates AMD Ryzen CPU

As Ionescu discovered, the PCI driver for Windows looks for 19 hashes (executable files) that were quickly found to match the executable files of 19 games, which in itself raised suspicions. If the controller detects that any of these applications are running, it disables certain functions through the CPU Model Specific Register (MSR).

With a AMD Ryzen 1000 CPU (Zen 1 architecture and therefore probably also affect the Ryzen 2000s), certain functions in the instruction cache (operations cache) are affected, while with processors Ryzen 3000, it is some functions of the L1 and L2 cache that are affected. Mind you, from what Ionescu has determined, this is not affecting the latest AMD Ryzen 5000 processors.

Originally, Ionescu had assumed that AMD would activate features that are beneficial for performance and that could cause instability in these 19 games; performance optimization is practically hidden with the PCI controller. However, it seems that this in the end does not work like that since the same driver disables these functions, most likely in order to avoid instability problems; despite that, the AMD code is still there and it is not quite clear why.

AMD’s approach remains questionable

There’s no question that AMD’s approach to this is questionable to say the least. Neither the bit in the MSR that was adapted by the controller nor the function in it is documented anywhere, according to Ionescu. The fact that the controller has received the WQHL certificate even though it performs tasks completely outside of its actual function, and while the PCI controller should precisely achieve WQHL’s goal of increasing system stability, this hidden function does precisely the opposite.

Ionescu refers to another problem in this regard and in this case it is related to security: the IOCTL interface of the controller allowed Ionescu to lock the computer with only one line of code through PowerShell, and it is also possible to manipulate the list of monitored processes by the controller.

AMD has not said anything about these accusations at the moment, but it is certainly at least suspicious that this “problem” has been detected when the manufacturer has not documented it anywhere.