• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."

News [hothardware] zen3 sidechannel vulnerability

gorobei

Diamond Member
Jan 7, 2007
3,168
313
126

Kedas

Senior member
Dec 6, 2018
257
206
86
Wel based on what we see with the list of intels flows, few people care....
(yeah I know we all should care, but that isn't what's happening)
 
  • Like
Reactions: Tlh97 and Jimzz

moinmoin

Platinum Member
Jun 1, 2017
2,369
2,941
106
Two things are interesting: This only affects Zen 3 (as the affected feature is new to it). And AMD's security analysis reads like it's an actual hardware feature that can only be turned off, not fixed by a microcode update.

I'm looking forward to seeing the performance impact benchmarks by Phoronix.
 

Mopetar

Diamond Member
Jan 31, 2011
5,651
2,412
136
Maybe a microcode fix is possible, but it really depends on how long AMD has known about this. If they found it or someone pointed it out to them and they rushed to get this out immediately in order to let users know about the vulnerability and how to mitigate it by turning off PSF, they may not have done enough work yet to figure out if it can be patched/fixed in some way.

Seems like the sort of problem that's complicated enough that without designing a solution in hardware it probably eliminates most of the performance gain.
 

Panino Manino

Senior member
Jan 28, 2017
389
483
136
Again, for me looks like AMD is have the bother to do this to appear profession and caring about security. But despite this the impact on performance is negligible:

For example with the Ryzen 7 5800X box was this set of results of more than 100 tests. With the geometric mean of all those results was less than a half percent performance loss when disabling this new Zen 3 feature.

Or no one was using the new instruction yet?
 

moinmoin

Platinum Member
Jun 1, 2017
2,369
2,941
106
Or no one was using the new instruction yet?
It's not an instruction but a hardware level feature that should improve everything without any software adaption necessary.

Under Linux PSF is already mitigated as part of Spectre v.4 (Speculative Store Bypass which covers per process sidechannel vulnerabilities). It's not a generally applied mitigation but "Mitigation: Speculative Store Bypass disabled via prctl and seccomp" which means PSF is disabled in those specific circumstances where security is of heightened concern (prctl and seccomp both a process level kernel operations, prctl allows a process to enable it, use of seccomp always enables it).

Phoronix' new benchmark appears to just disabled (though the settings listed are inconclusive) that selective mitigation. It would be interesting to know what's the performance difference of disabling PSF not selectively but blanket altogether, though it looks like we need to wait for the nopsf kernel parameter for that first.
 
Last edited:
  • Like
Reactions: lightmanek

ASK THE COMMUNITY