Last week, AMD released a security review of AMD Zen 3’s new Predictive Store Forwarding (PSF) functionality. They acknowledged that there is a possibility that poor PSF functionality could lead to a side channel attack, although exposure in the real world would be quite low. In any case, they are allowing interested users to disable Predictive Store Forwarding functionality, but what they did not discuss in that document was what performance can be expected if PSF is disabled. So my Easter weekend turned into an AMD Zen 3 PSF benchmarking.
AMD does not advise end users to disable Zen 3’s protective store forwarding feature, but rather be proactive in their public safety analysis and ensure their customers are informed about its behavior and how to disable it if they are interested. The impact of PSF’s bad speculation would be similar to that of Specter Variant Four / Speculative Store Bypass. AMD’s PSF Security Analysis noted: “Customers with software that implements sandboxing and are concerned about PSF behavior on AMD Zen3 processors may choose to disable PSF functionality.“
PSF is disabled with Zen 3 CPUs if Speculative Storage Bypass Disable (SSBD) mitigation is present or optionally only forcibly disabled via a different bit. AMD’s whitepaper says they are releasing Linux patches to allow you to easily disable PSF if you want, but as of this writing, I haven’t seen those public patches anywhere yet. Presumably they will succeed in the next few days to allow for the convenient “nopsfd” kernel option. But for the purposes of initial testing this weekend, I just built a kernel that configured MSR 48h Bit 7 to disable this Predictive Store Forwarding functionality. By default Linux has no mitigation with SSBD unless you accept it through the prctl or SECCOMP interface.
Not knowing what to expect this weekend with the lack of details on the performance implications of disabling predictive store forwarding, I ran dozens of benchmarks on a few different AMD Ryzen 5000 and EPYC 7003 series systems with the kernel. default and then the same. kernel / configuration but with PSF disabled via bit 7.
On the multiple systems and wide variety of workloads tested and with the Phoronix Test Suite automatically running each test multiple times, etc., in the end, the results with disabling PSF were minimal. At best, for some workloads there was a near 1% impact on the span of multiple runs and multiple systems, but overall it was difficult to find a statistically significant difference.
For example, with the Ryzen 7 5800X box there was this set of results from over 100 tests. With the geometric mean of all those results, the performance loss was less than half a percent when disabling this new Zen 3 feature. The other result files are even more boring than that.
Bottom line, while AMD is not advising its customers in general to turn off Predictive Store Forwarding, if you decide to turn it off in the name of increased security, it probably won’t provide any significant performance difference. I’m still running some larger server workloads, but with everything I’ve seen today and yesterday on various Zen 3 systems, disabling PSF has no major impact. Thankfully, nothing quite as scary as some of the latest x86_64 speculative run mitigations we’ve seen in recent years.
For those who appreciate the rapid change in the AMD Zen 3 PSF benchmark this Easter weekend, consider joining Phoronix Premium or perhaps a tip. At the very least, don’t use ad blockers; Your support makes it possible to compare each and every day of the year.
If you enjoyed this article, consider joining Phoronix Premium to see this site without ads, multi-page articles on one page, and other benefits. PayPal tips are also kindly accepted. Thanks for your support.