Benchmarking AMD Zen 3 With Predictive Store Forwarding Disabled
This past week AMD published a security analysis of AMD Zen 3's new Predictive Store Forwarding (PSF) functionality. In there they did acknowledge there is the possibility where bad PSF functionality could lead to a side-channel attack albeit the real-world exposure would be quite low. In any case they are allowing interested users to disable the Predictive Store Forwarding functionality, but what they didn't comment on in that paper was what performance overhead to expect if disabling PSF. So my Easter weekend turned into AMD Zen 3 PSF benchmarking.
AMD isn't recommending end-users disable Zen 3's Protective Store Forwarding functionality but rather being proactive in their public security analysis and making sure their customers are informed about its behavior and how to disable it should they be interested. The impact of bad PSF speculation would be similar to that of Spectre Variant Four / Speculative Store Bypass. AMD's PSF security analysis noted, "customers with software that implements sandboxing and are concerned about the PSF behavior on AMD Zen3 processors may choose to disable the PSF functionality."
PSF is disabled with Zen 3 CPUs if Speculative Store Bypass Disable (SSBD) mitigation is present or optionally just force-disabled via a different bit. AMD's whitepaper says they are publishing Linux patches to allow easily disabling PSF if desired, but as of writing I have yet to see those public patches anywhere. Presumably they will make it out in the next few days to allow for the convenient "nopsfd" kernel option. But for the purposes of the initial testing this weekend I just built a kernel that set MSR 48h Bit 7 to disable this Predictive Store Forwarding functionality. By default Linux does not mitigation with SSBD unless opting into it via the prctl interface or SECCOMP.
Not knowing what to expect going into this weekend with the lack of any details on the performance implications from disabling Predictive Store Forwarding, I ran dozens of benchmarks on a few different AMD Ryzen 5000 and EPYC 7003 series systems with the default kernel and then the same kernel/configuration but with PSF disabled via bit 7.
Across the multiple systems and wide variety of workloads tested and with the Phoronix Test Suite automatically running each test multiple times, etc, in the end the results with disabling PSF were of minimal difference. At most in some workloads were close to a 1% impact over the span of multiple runs and the multiple systems but overall was hard to find any statistically significant difference.
For example with the Ryzen 7 5800X box was this set of results of more than 100 tests. With the geometric mean of all those results was less than a half percent performance loss when disabling this new Zen 3 feature -- some of which may just be noise. The other result files are even more boring than that.
So long story short, even though AMD isn't recommending their customers at large disable Predictive Store Forwarding, if you decide to disable it in the name of increased security it's not likely going to provide any meaningful performance difference. I'm still running some larger server workloads but with everything I've seen today and yesterday across multiple Zen 3 systems the PSF disabling isn't having any major impact... Will update if managing to find any configuration / large workloads there there is a meaningful difference from disabling PSF but at this stage looks to be of limited impact in toggling it at least for common test case scenarios. Thankfully nothing as scary as some of the past x86_64 speculative execution mitigations we have seen in recent years -- just a few days ago in fact looking at the Spectre mitigation costs still being carried by Intel's Rocket Lake, among many other examples and benchmarks over the past three years.
For those appreciating the fast turnaround on AMD Zen 3 PSF benchmarkng this Easter weekend, consider joining Phoronix Premium or perhaps a tip. At the very least please no ad-blocker usage; your support makes it possible to be able to benchmark each and every day of the year.
If you enjoyed this article consider joining Phoronix Premium to view this site ad-free, multi-page articles on a single page, and other benefits. PayPal or Stripe tips are also graciously accepted. Thanks for your support.