News [hothardware] zen3 sidechannel vulnerability

[gorobei]

from amd themselves, Predictive Store Forwarding (PSF) is the culprit.
shutdown process is provided but no word on performance impact.

AMD Warns Of Potential Spectre-Style Zen 3 Processor Security Vulnerability

The attack is similar in scope to Spectre and involves a feature introduced with Zen 3 called Predictive Store Forwarding (PSF).

hothardware.com

AMD Publishes Security Analysis Of Zen 3 "PSF" That Could Possibly Lead To A Side-Channel Attack - Phoronix

www.phoronix.com

 

[Kedas]

Wel based on what we see with the list of intels flows, few people care....
(yeah I know we all should care, but that isn't what's happening)

 

[DrMrLordX]

At least they published it instead of sitting on it.

 

[moinmoin]

Two things are interesting: This only affects Zen 3 (as the affected feature is new to it). And AMD's security analysis reads like it's an actual hardware feature that can only be turned off, not fixed by a microcode update.

I'm looking forward to seeing the performance impact benchmarks by Phoronix.

 

[Mopetar]

Maybe a microcode fix is possible, but it really depends on how long AMD has known about this. If they found it or someone pointed it out to them and they rushed to get this out immediately in order to let users know about the vulnerability and how to mitigate it by turning off PSF, they may not have done enough work yet to figure out if it can be patched/fixed in some way.

Seems like the sort of problem that's complicated enough that without designing a solution in hardware it probably eliminates most of the performance gain.

 

[Panino Manino]

This seems like a non issue, sounds like they're giving this posibility just to please the whiners and paranoid.

 

[Panino Manino]

Again, for me looks like AMD is have the bother to do this to appear profession and caring about security. But despite this the impact on performance is negligible:

For example with the Ryzen 7 5800X box was this set of results of more than 100 tests. With the geometric mean of all those results was less than a half percent performance loss when disabling this new Zen 3 feature.

Benchmarking AMD Zen 3 With Predictive Store Forwarding Disabled - Phoronix

www.phoronix.com

Or no one was using the new instruction yet?

 

[Kenmitch]

Two things are interesting:

The 1st one is why AMD's few and far between flaws always spawn a new thread while Intels either are lumped into the the existing sticky or not mentioned at all.

2nd one is why nobody else mentions it.

/s ???

 

[moinmoin]

Or no one was using the new instruction yet?

It's not an instruction but a hardware level feature that should improve everything without any software adaption necessary.

Under Linux PSF is already mitigated as part of Spectre v.4 (Speculative Store Bypass which covers per process sidechannel vulnerabilities). It's not a generally applied mitigation but "Mitigation: Speculative Store Bypass disabled via prctl and seccomp" which means PSF is disabled in those specific circumstances where security is of heightened concern (prctl and seccomp both a process level kernel operations, prctl allows a process to enable it, use of seccomp always enables it).

Phoronix' new benchmark appears to just disabled (though the settings listed are inconclusive) that selective mitigation. It would be interesting to know what's the performance difference of disabling PSF not selectively but blanket altogether, though it looks like we need to wait for the nopsf kernel parameter for that first.