The security concerns of predicting current processors are raising the issue of hardware security engineers on both sides. The performance improvement through these techniques is undeniable and they will not be abandoned, but now AMD admits that its Zen 3 processors are vulnerable in such speculation at the level of what has been seen with Specter V4. There is a solution?
Speculations and predictions, a technique with security risks
This type of information or technical document is by no means uncommon in the cybersecurity industry, but the truth is, apparently there is no safe processor against side attack intruders. With Zen 3, AMD introduced a technology called PSF, which increases the execution performance of code that passes through its cores and caches by predicting the relationship between so-called loads and stores.
The better the PSF does a better job, the less chance there is that the forecast will be wasted, but even if performance has been lost or rather performance has not been gained, the safety issue is there.
These types of actions are called incorrect CPU speculation and this is where they attack to remove information from the processor, as software based on so called “sandboxing” is very vulnerable to such side-channel attacks, as we saw in Specter V4.
Two scenarios for an attacker to get his hands on data
AMD clearly specifies two scenarios in which its Zen 3 processors can be attacked:
First, the store / load pair may have had a dependency for a while, but then no longer have such a dependency. This can happen if the store address or load changes while the program is running.
The second source of incorrect PSF predictions can occur if there is an alias in the PSF predictor structure. the predictor of PSF it is designed to track store / load pairs based on parts of your RIP. It is possible that a store / load pair has a dependency with an alias in the predictor and in turn with another store / load pair that does not. This can lead to incorrect speculation when the second quoted pair is executed.
Therefore, the storage / load transfer will have an improvement in performance at the cost of a security implication. Even so, AMD states that it has not seen any code considered vulnerable to the PSF prediction error, where no vulnerability has been detected, so it recommends leaving PSF enabled.
But at the same time and surprisingly, for users who work with sandbox tools and on Linux, AMD released fixes for said operating system that would disable predictive forwarding, clearly contradicting itself. Are we about to see a new variant Specter V5 intended only for AMD? After viewing the document, how long will it take for this vulnerability to be exploited?