Zen 3 vulnerability: Predictive store redirection carries risks like Specter

AMD security researchers have an extensive one White paper (PDF) On feature risks Predictive store redirection (PSF) It was released in a Zen 3 processor architecture, which is very similar to that of the Specter V4. In order to exclude these risks, it should be possible to deactivate the PSF with little loss in performance.

All Zen 3 processors may be affected

Zen 3 Predictive Store Reorientation (PSF) aims to improve systems performance by attempting to predict the dependency between loads and stores. This feature is used in current Vermeer desktop processors as well as in AC server CPUs, and is also used in Zen 3 mobile CPUs such as Cezanne.

The PSF can execute instructions speculatively based on what it “thinks” about the outcome of the pregnancy, and even if the predictions are as accurate as possible, there is always a possibility of false speculation in the PSF, according to AMD security researchers.

The V4 Specter is very similar

PSF false guesses are said to be similar to those of the Specter V4 and are especially important for unreliable code that is implemented within a sandbox or isolation, and under certain circumstances, it can also carry corresponding risks.

AMD is not aware of any code yet.Who are considered susceptible to PSF behaviorThe risk with active PSF is thus classified as:Maybe lowBut has provided instructions on how to deactivate Predictive Store Redirection (PSF).

The security researchers also proposed a mirrored Linux patch, which would deactivate PSF via PSFD bit from Zen 3 as well as new kernel command line options, for Linux kernel admins.

The performance loss is minimal

A website specializing in Linux Voronex It has already deactivated Predictive Store Redirection (PSF) as instructed by security researchers and analyzed the impacts on AMD Ryzen 7 5800X performance (testing) and on the platform OpenBenchmarking Chest.

The loss rate for performance with and without PSF is 0.5 percent in over 100 tests. As part of their analysis, AMD security researchers recommend leaving the feature active.

The editors would like to thank community member “Che-Tah” for pointing out.