Heh, so good on AMD, they’re proactively giving a warning and going to be pushing Linux code to make it easy to disable globally/per thread, a theoretical maybe Spectre v4 type side-channel attack that’s in Zen 3. Proactive. No known code that might exploit that, and they’re already letting people know. Not too shabby.
https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSF-Security-Analysis
Wheee…
More details in the whitepaper: https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf
I’m pretty sure I just no longer care… sigh
Separate untrusted workloads to physically separate machines.
Apparently disabling that feature, according to Phoronix’s tests, produce very minimal to no performance loss, depending on specific test.
https://www.phoronix.com/scan.php?page=article&item=amd-zen3-psf&num=1
Good to know! And a major improvement over Intel’s “Oh please, please don’t say anything about that for a while until we figure something out…” process.
Here’s Anandtech’s writeup of the issue, and I think does a better job of describing it without going too far into the weeds.