3 years ago, many of Intel’s processors suffered from the Spectre security vulnerability which concerned security experts. Now, AMD’s Ryzen Zen 3 processors are suffering from a security vulnerability similar to Spectre as detailed in AMD’s whitepaper.
The Predictive Store Forwarding Software On AMD Ryzen Zen 3 Processors Creates Security Vulnerabilities
The new technology introduced by AMD on the Zen 3 based Ryzen & EPYC processors, Predictive Store Forwarding (PSF), has opened up security vulnerabilities. PSF functions by predicting the relationship between loads and stores which improves code execution performance. For the most part, the predictions are correct, but in the case of an incorrect prediction, the result is incorrect CPU speculation.
First, it is possible that the store/load pair had a dependency for a while but later stops having a dependency. This can occur if the address of either the store or load changes during the execution of the program.
The AMD Zen CPU architects have come out and stated that the bad speculating is on the same level as Spectre v4. The inherent risk that comes along with isolation is something AMD has to prepare for with PSF. The quotes above and below
The second source of incorrect PSF predictions can occur if there is an alias in the PSF predictor structure. The PSF predictor is designed to track stores/load pairs based on portions of their RIP. It is possible that a store/load pair which does have a dependency may alias in the predictor with another store/load pair which does not. This may result in incorrect speculation when the second store/load pair is executed.
AMD has not seen any cases of exploits or any code that’s considered vulnerable to misprediction using Predictive Store Forwarding. Thus it is believed that the security risk is low for most applications. AMD admits that there are some security vulnerabilities, but the technology also brings performance advantages for its Ryzen CPUs.
AMD officially recommends leaving Predictive Store Forwarding on to achieve the best possible performance. Those that are worried about the vulnerability can disable PSF.