⋮    ⋮  

AMD Strategy For Spectre V2 Vulnerability Noted As “Inadequate”, Up To 54% Drop In CPU Performance


Intel and Arm processors were hit this last week by the Spectre V2 vulnerability, the Branch History Injection, or BHI. The Spectre exploit originated several years ago, but this new line of mitigation has had a significant effect on the two chip manufacturers. AMD has a much different design to their chips, allowing them to avoid harm this week. However, three security researchers from Intel have recently written a white paper outlining AMD's chipset having code exposures. In review, AMD has now issued a new security bulletin to reflect the new efficiency for keeping their product safe.

AMD is moving forward with a "generic" Retpoline approach to fix insufficient procedures to ward off BHI vulnerability

The initial Spectre and Meltdown flaws discovered in December 2017 outline issues with Intel's chip designs, which were found by four separate research teams and reported to the leading company around the same time frame. Intel's plans opened up a flaw where a proof-of-concept code could be introduced into the computer's kernel, opening up information that should be inaccessible. The flaw in the Intel chips was present as far back as 1993.

AMD Computex 2022 ‘High-Performance Computing’ By CEO, Dr. Lisa Su, To Feature Next-Generation Desktop & Mobile PC Innovations

Spectre and Meltdown simultaneously affected Intel, Arm, and AMD chips when the initial attack findings were located. When the original attacks were mitigating, security measures were put into place for the chip giants. Still, they were discovered to be a quick solution to a problem that would take years to repair.

Within the last several weeks, the BHI presented itself, opening up the Spectre exploit once again. Intel and Arm were reported to be the most significant vulnerability effect. However, AMD representatives stated that the initial fixes from several years ago were still initiating in their chipset and that the company could avoid the attack—or what was thought.

The VUSec group at Vrije Universiteit Amsterdam outlined the AMD strategy for mitigation of Spectre V2, utilizing the Retpoline strategy. In their findings, the research team notates that AMD's LFENCE/JMP-founded Retpoline code is considered inadequate. AMD states that the approach the company uses performs better on the company's hardware than the Retpoline codes that are considered "generic" by the company, which they state "results in a RET on indirect branches." The default process changes indirect branches to the LFENCE/JMP, allowing AMD's chipset to ward off any attack from Spectre V2.

Performance results by Phoronix show up to a 54% drop in CPU performance as seen below:

While AMD's chips are not directly affected by the Spectre BHB/BHI vulnerabilities, the company was made aware of the approach in handling the exploit, causing higher issues for AMD's Zen-based processors. Now, the company is initializing the recommended "generic" Retpoline guideline to manage the Spectre V2 exploit efficiently.

AMD Radeon & NVIDIA GeForce Graphics Card Price Update: RX 6000 Series at 5% Over MSRP, RTX 30 Series at 24% Over MSRP

AMD retpoline may be susceptible to speculation. The speculation execution window for an incorrect indirect branch prediction using LFENCE/JMP sequence may potentially be large enough to allow exploitation using Spectre V2. By default, don't use retpoline,lfence on AMD. Instead, use the generic retpoline.


AMD's security bulletin outlines their changes and references the team from Intel's IPAS STORM, consisting of Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki. Their paper, "You Cannot Always Win the Race: Analyzing the LFENCE/JMP Mitigation for Branch Target Injection," written by Milburn, Sun, and Kawakami, outlines AMD's flaw in further detail and updating previous papers with new information revealed and submitted to AMD.

LFENCE/JMP is an existing software mitigation option for Branch Target Injection (BTI) and similar transient execution attacks stemming from indirect branch predictions, which is commonly used on AMD processors. However, the effectiveness of this mitigation can be compromised by the inherent race condition between the speculative execution of the predicted target and the architectural resolution of the intended target, since this can create a window in which code can still be transiently executed. This work investigates the potential sources of latency that may contribute to such a speculation window. We show that an attacker can "win the race", and thus that this window can still be sufficient to allow exploitation of BTI-style attacks on a variety of different x86 CPUs, despite the presence of the LFENCE/JMP mitigation.

While it may seem like Intel would want to tarnish AMD's reputation and appear on top in the market, that is hardly the case. Intel notes that the team looks at potential security risks. Suppose their product or any other companies' products have a threat of this magnitude. In that case, it is more beneficial to share and work together to eliminate such significant threats, allowing all to benefit from any risks.

Source: AMD, VUSec, Cornell University