This past week, AMD released a security analysis of AMD Zen 3’s new Predictive Store Forwarding (PSF) functionality. In it, they acknowledged that the possibility exists that poor PSF functionality could lead to a side channel attack, although exposure in the real world would be quite low. Either way, they enable interested users to turn off the predictive store shipping functionality, but what they did not comment on in the newspaper was the performance overhead to expect if they disable PSF. So my Easter weekend turned into AMD Zen 3 PSF benchmark.
AMD does not recommend that end users disable the functional feature of Zen 3’s Protective Store Forwarding, but rather be proactive in their public security analysis and make sure their customers are informed about its behavior and how they can disable it should they become interested. The impact of bad PSF speculation will be similar to that of Specter Variant Four / Speculative Store Bypass. AMD’s PSF security analysis noted: “customers with software that implements sandbox and is concerned about the PSF behavior on AMD Zen3 processors can choose to disable the PSF functionality.“
PSF is eliminated with Zen 3 CPUs if the mitigation of Speculative Store Bypass Disable (SSBD) is present or optionally disabled only via another bit. According to AMD’s white paper, Linux patches are published to easily disable PSF if needed, but at the moment I have not seen the public patches anywhere. Presumably they will make it out in the next few days to enable the easy “nopsfd” kernel option. But for the purposes of this weekend’s initial testing, I’ve just built a kernel that introduced MSR 48h Bit 7 to eliminate this predictive Store Forwarding functionality. By default, Linux does not soften with SSBD unless it chooses to do so via the prctl interface or SECCOMP.
Because I did not know what to expect this weekend, as there are no details on the performance implications of eliminating Predictive Store Forwarding, I have dozens of benchmarks on a few different AMD Ryzen 5000 and EPYC 7003 series systems executed with the standard kernel and then the same kernel / configuration but with PSF eliminated via bit 7.
Over the multiple systems and a wide range of workloads tested, and with the Phoronix Test Suite, each test is automatically performed repeatedly, and so on. Eventually, the outcome of PSF elimination was minimal. In some cases, the workload was at most an impact of 1% over the scope of multiple runs and the different systems, but overall it was difficult to find a statistically significant difference.
For example, with the Ryzen 7 5800X box, this series was results of more than 100 tests. With the geometric mean of all the results, the performance loss was less than half a percent when eliminating this new Zen 3 feature. The other result files are even more boring than that.
Such a long story short, although AMD does not generally recommend their customers to disable Predictive Store Forwarding, you are unlikely to make a significant performance difference if you decide to disable it in the name of increased security. I’m still working with a larger number of servers, but with everything I saw today and yesterday, the PSF deactivation did not have much impact on several Zen 3 systems. Fortunately, nothing is as narrow as some of the previous x86_64 speculative execution mitigations we’ve seen in recent years.
For those who appreciate the quick turnaround on AMD Zen 3 PSF’s benchmark this Easter weekend, consider joining Phoronix Premium, or perhaps a tip. At least no use of ad blockers; your support makes it possible to measure every day of the year.
If you liked this article, you may want to consider joining Phoronix Premium to see this site ad-free articles with multiple pages on a single page and other benefits. PayPal tips are also graciously accepted. Thank you for your support.