For CPU bound work loads, pretty low, but not low enough that it's free (~5%).
For devices (especially latency sensitive workloads), it's quite bad. Device accesses have to be bounce-buffered. You can't do anything vaguely zero copy, since the device can't DMA to or from the VM. Future hardware support will mitigate that (mutually attested VM/Device interactions), but no real world devices support it yet.
I don't know the performance implications, but the brief description of the feature is that guest memory is encrypted with a key that the host doesn't know, so the host can't observe the contents of guest memory.
What's the performance penalty for that?