There are now several commercially available processors that have h/w
fixes for the TSX Async Abort (TAA) issue as indicated by enumerating
the ARCH_CAPABILITIES "TAA_NO" bit.
Change the default setting to "auto" so that these CPUs will leave
TSX enabled by default.
This can still be overridden by the kernel cmdline parameter
tsx=on|off|auto
Signed-off-by: Nelson D'Souza <nelson.dso...@linux.intel.com>
Reviewed-by: Tony Luck <tony.l...@intel.com>
---
arch/x86/Kconfig | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 1d6104ea8af0..b444205c964a 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1905,7 +1905,7 @@ config X86_INTEL_MEMORY_PROTECTION_KEYS
choice
prompt "TSX enable mode"
depends on CPU_SUP_INTEL
- default X86_INTEL_TSX_MODE_OFF
+ default X86_INTEL_TSX_MODE_AUTO
help
Intel's TSX (Transactional Synchronization Extensions) feature
allows to optimize locking protocols through lock elision which
@@ -1915,8 +1915,13 @@ choice
to form side channel attacks (e.g. TAA) and chances are there
will be more of those attacks discovered in the future.
- Therefore TSX is not enabled by default (aka tsx=off). An admin
- might override this decision by tsx=on the command line parameter.
+ The default setting for TSX Mode is set to auto. This will enable
+ TSX feature for platforms that are not vulnerable to the TAA issue.
+
+ TSX feature will continue to be disabled on platforms that are
+ vulnerable to TAA and support disabling TSX via the updated microcode.
+
+ An admin might override this decision by a kernel command line
parameter.
Even with TSX enabled, the kernel will attempt to enable the best
possible TAA mitigation setting depending on the microcode available
for the particular machine.
--
2.24.1
