Disabling vulnerable PSF mechanism in AMD Zen 3 processors almost does not decrease performance

AMD recently announced that the Predictive Store Forwarding (PSF) mechanism in Zen 3 processors is susceptible to side-channel attacks (like Specter and Meltdown), based on the analysis of data deposited in the processor cache during speculative instruction execution. The company told users how they could secure themselves and disable this functionality but did not comment on how this would affect performance. Phoronix journalists decided to clarify this issue.

The new Predictive Store Forwarding (PSF) prediction engine in AMD Zen 3 processors has been exposed to a hardware side-channel read vulnerability. In theory, disabling this feature should reduce performance, which is exactly the effect we observed with Intel processors in fixing Specter and Meltdown vulnerabilities. But at the moment, AMD refers to the fact that the cases of exploitation of the vulnerability in PSF are unknown. Therefore it does not recommend end-users disable the functionality to avoid performance degradation.

The PSF mechanism is disabled in Zen 3 processors by setting certain MSR bits. In a whitepaper, AMD promised to publish patches for Linux to disable PSF if needed easily, but there are no publicly available patches yet.

Nevertheless, Michael Larabel of Phoronix built his own Linux kernel with PSF disabled and ran dozens of tests on several systems with AMD Ryzen 5000 and EPYC 7003 series processors on a regular core and a kernel with PSF disabled. According to him, testing was carried out on a wide range of workloads, with each test running several times automatically.

As a result, I had to admit that disabling PSF has a minimal effect on performance. In most cases, the difference was within the margin of error, although it approached 1% in some workloads. For example, the Ryzen 7 5800X processor has been run through a suite of over 100 benchmarks. Simultaneously, all results’ averaging indicates less than 1.5% loss of performance when the potentially dangerous Zen 3 function is turned off.

In short, while AMD generally discourages its customers from disabling PSF, if someone decides to take this step in the name of improving security, it likely won’t make any significant difference in performance. Unlike other patches designed to combat attacks related to speculative command execution, it came at a low cost this time.