Announcement

Collapse
No announcement yet.

AMD Publishes Latest Linux Patch To Toggle Predictive Store Forwarding (PSF)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • AMD Publishes Latest Linux Patch To Toggle Predictive Store Forwarding (PSF)

    Phoronix: AMD Publishes Latest Linux Patch To Toggle Predictive Store Forwarding (PSF)

    It's been a month and a half since AMD published a security analysis of their new Zen 3 "Predictive Store Forwarding" feature that while helping performance could theoretically lead to a new side-channel attack. While they published a Linux patch to allow disabling PSF if desired for increased security, to this day they remain in the works and have yet to be mainlined...

    https://www.phoronix.com/scan.php?pa...D-PSF-Linux-v6

  • #2
    I'd personally vote not for preventing powerful CPU developments, but instead isolating Internet in some places in the OS (perhaps something similar to Qubes OS, but not necessarily the same), and then, when you fix the real problem (namely: Internet), you are free to make your computer fly as efficiently as possible.

    Comment


    • #3
      Good, no need for another mitigation for some academic security flaw that is virtually impossible to exploit in the real world (with some exceptions like Meltdown).
      Aside from that, the version numbers being in the wrong order for nearly all of those, like "V6->V5" triggers some hidden OCD syndrome in me. I have estimated that the chance that this patch gets accepted would increase by approximately 41.4% if that is fixed.

      Comment


      • #4
        This PSF vulnerability doesn't cross the user-space and Kernel boundary, nor does it work outside of one thread.

        Source: Day-0 YouTube Channel

        Comment


        • #5
          Originally posted by cesarcafe View Post
          I'd personally vote not for preventing powerful CPU developments, but instead isolating Internet in some places in the OS (perhaps something similar to Qubes OS, but not necessarily the same), and then, when you fix the real problem (namely: Internet), you are free to make your computer fly as efficiently as possible.
          The Internet used to be relatively safe, at least safer than the modern one.
          Everything becomes different when AJAX (not the club) became a thing. Now everyone's computer is grabbing random js code online in order to view even the tiniest widget in the web page.
          Last edited by zxy_thf; 18 May 2021, 04:36 PM.

          Comment


          • #6
            You mean the time where people would just make complete websites out of flash? I doubt that was a better time regarding security

            Comment

            Working...
            X