AMD spokespersons recently released through a publication a report in which it is made known information on the analysis carried out on the safety of the optimization technology PSF (Predictive Store Forwarding) implemented in the processors of Zen 3 series.
The studio theoretically confirmed the applicability of the Specter-STL attack method (Specter-v4) to PSF technology, identified in May 2018, but in practice, no code templates capable of provoking an attack have yet been found, and the overall danger is considered negligible.
the record quoted to the specialist of the Graz University of Technology, Daniel Gruss who discovered that AMD PSF can be vulnerable to a variety of side channel attacks, which over the years have developed a lot.
Recall that the Specter-v4 attack (Speculative Store Bypass) relies on restoring data that has been cached after discarding the result of speculative execution of operations by processing alternate read and write operations using indirect addressing.
When a read operation continues to a write operation (for example, mov [rbx + rcx], 0x0; mov rax, [rdx + rsi]), reading direction offset may already be known Due to similar operations (read operations are performed much more often and reading can be done from cache) and the processor can speculatively read before writing, without waiting for the offset of the indirect write direction to be calculated.
This feature allows the read instruction to access the previous value in any direction while the save operation is still pending. In the event of a prediction error, a failed speculative operation will be discarded, but traces of its execution will remain in the processor cache and can be retrieved using one of the methods to determine cache content based on change analysis in access time to cached and non-cached data.
Added to the AMD Zen 3 processors, the technology PSF optimizes the Store-To-Load-Forwarding method (STLF), which speculatively performs read operations based on the prediction of the relationship between read and write operations. With classic STLF, the processor performs a "load" operation on the data directly redirected from the previous "store" instruction, without waiting for the actual writing of the result to memory, but making sure that the addresses used in the "load" y The "store" instructions match.
PSF optimization makes address verification speculative and performs a "load" operation before completing the address information calculation, if a store / load pair was previously executed manipulating an address. If the forecast fails, the state reverts, but the data remains in the cache.
An attack on PSF alone it is feasible within the framework of peer privileges, covers only the context of the current process and is blocked by address space isolation methods or hardware sandbox mechanisms. However, software sandbox isolation techniques in processes can potentially be affected by the issue.
The attack poses a threat to systems such as browsers, code execution virtual machines, and JITs that run third-party code within the same process (as a result of the attack, untrusted sandbox code can gain access to other data on the process).
AMD has provided several methods to disable PSF completely or selectively, but given the negligible risk for most applications, it recommended not to disable this optimization by default.
For selective protection of processes executing unreliable code in isolation, it is proposed to disable PSF by setting the MSR bits "SSBD" and "PSFD", even for individual threads. For the Linux kernel, patches have been made with the implementation of the "psfd" and "nopsfd" command line options that control PSF on and off.
For those who are interested in being able to know the report, they can consult the following link.