Zen 3 vulnerable to Spectre-type attack

Lakados

2[H]4U
Joined
Feb 3, 2014
Messages
3,796
I’m going to take a stab at a solid 5-10% IPC performance drop and like Intel they will release a bios update that lets users toggle the fix on and off with it defaulted to off. Now that AMD has taken the crown they are going to be getting a lot of heat will be interesting to see how they handle it.
 

jfreund

[H]ard|Gawd
Joined
Sep 3, 2006
Messages
1,233
I’m going to take a stab at a solid 5-10% IPC performance drop and like Intel they will release a bios update that lets users toggle the fix on and off with it defaulted to off. Now that AMD has taken the crown they are going to be getting a lot of heat will be interesting to see how they handle it.
"AMD has found that techniques like address space isolation are sufficient to stop PSF attacks, however, they’ve provided the means to disable PSF, even on a per-thread basis, if desired. But because the security risk is "low," and because "AMD is not currently aware of any code that would be considered vulnerable due to PSF behavior," they universally recommend leaving the PSF feature enabled as the default setting, even when protections aren’t available."
 

Lakados

2[H]4U
Joined
Feb 3, 2014
Messages
3,796
"AMD has found that techniques like address space isolation are sufficient to stop PSF attacks, however, they’ve provided the means to disable PSF, even on a per-thread basis, if desired. But because the security risk is "low," and because "AMD is not currently aware of any code that would be considered vulnerable due to PSF behavior," they universally recommend leaving the PSF feature enabled as the default setting, even when protections aren’t available."
I wasn’t criticizing AMD for it, even Intel’s mitigation’s are unnecessary for 99% of the people out there. There are much better ways to defend against it because once they are in a position to make a speculative attack like that they are also in the position to do a lot more things that have better track records.
 
Last edited:

thebufenator

[H]ard|Gawd
Joined
Dec 8, 2004
Messages
1,356
"address space isolation are sufficient"

Well as long as Chrome or whatever browser you use as that enabled you should be safe from drive-by's for this.
 

Lakados

2[H]4U
Joined
Feb 3, 2014
Messages
3,796
With hits that low, curious as to why not enable it by default and call it a day?
In the comments they say that the PSF functions don’t really kick in until you get longer processes the short benchmarks they are using might not utilize it at all. So they are going back to the drawing board on some of their tests for it as it may not be working at all.
 

THRESHIN

2[H]4U
Joined
Sep 29, 2002
Messages
3,300
Yeah that's my question on that... or is it one of those situations that me visiting pornhub...YOUTUBE I mean!!!! will install all the backdoor shenanigans (ok maybe pornhub was more appropriate)

Backdoor shenanigans! I see what you did there!
 

Red Falcon

[H]F Junkie
Joined
May 7, 2007
Messages
11,002
To his credit, IdiotInCharge did say that this could eventually happen to AMD CPUs as well.
Oh well, this is 1 AMD exploit to 70+ Intel exploits, so AMD has a ways to go in order to catch up to Intel in that regard. :D

Props to AMD for already having a fix in place, and not taking 4 months to simply acknowledge it like Intel did... on multiple occasions... even when the exploit was in the wild... and abandoning older CPUs and motherboards beyond certain dates... and leaving it up to OEMs to implement said updates...
Oh, and this only affected one generation of CPUs with AMD, unlike Intel with affected generations going back to 1995. :whistle:

0.5% isn't nearly as bad as 20-60% compared to Intel's patches, so I would call that a win for AMD.
 

Nafensoriel

Limp Gawd
Joined
Nov 23, 2015
Messages
318
Can we really define it as a "vulnerability" if it requires physical access and an entire tool kit to pull off?
I was always under the impression that "physical access" WAS the vulnerability.
 

Master_shake_

Fully [H]
Joined
Apr 9, 2012
Messages
16,673
Can we really define it as a "vulnerability" if it requires physical access and an entire tool kit to pull off?
I was always under the impression that "physical access" WAS the vulnerability.
04.jpg


Problem solved really.
 

Lakados

2[H]4U
Joined
Feb 3, 2014
Messages
3,796
To his credit, IdiotInCharge did say that this could eventually happen to AMD CPUs as well.
Oh well, this is 1 AMD exploit to 70+ Intel exploits, so AMD has a ways to go in order to catch up to Intel in that regard. :D

Props to AMD for already having a fix in place, and not taking 4 months to simply acknowledge it like Intel did... on multiple occasions... even when the exploit was in the wild... and abandoning older CPUs and motherboards beyond certain dates... and leaving it up to OEMs to implement said updates...
Oh, and this only affected one generation of CPUs with AMD, unlike Intel with affected generations going back to 1995. :whistle:


0.5% isn't nearly as bad as 20-60% compared to Intel's patches, so I would call that a win for AMD.
Chances are it’s probably more than that the Pharonics guys aren’t so sure that their devised test was actually doing anything. If all that algorithm gets the CPU is 0.5% then it’s a complete waste of silicon and would be better served by disabling it straight up. But yeah speculative attacks by their very nature are hard to actually pull off and there are easier attack vectors to make once you are in a position to pull one off.
 

OutOfPhase

2[H]4U
Joined
May 11, 2005
Messages
3,734
These sorts of attacks are insanely difficult to prevent without making processors fall back to worst-case performance quite a lot. And obviously, That's Bad Too.

Luckily, most home users probably don't really need to worry. Other uses of big-core machines, well, yikes. Glad I'm working on coffee-makers again.
 
Top