| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b7150721-042d-4750-adfa-a66d8b45f365@intel.com> Date: Wed, 12 Nov 2025 11:13:30 -0800 From: Dave Hansen <dave.hansen@...el.com> To: Nikolay Borisov <nik.borisov@...e.com>, x86@...nel.org Cc: dave.hansen@...ux.intel.com, mhocko@...e.de, asit.k.mallick@...el.com, linux-kernel@...r.kernel.org Subject: Re: [RESEND PATCH v2] x86/tsx: Set default TSX mode to auto On 11/12/25 11:05, Nikolay Borisov wrote: > At SUSE we've been releasing our kernels with TSX enabled for the past 6 > years and some customers have started to rely on it. Furthermore, the last > known vulnerability concerning TSX was TAA (CVE-2019-11135) and a > significant amount time has passed since then without anyone reporting any > issues. Intel has released numerous processors which do not have the > TAA vulnerability (Cooper/Ice Lake, Sapphire/Emerald/Granite Rappids) > yet TSX remains being disabled by default. > > The main aim of this patch is to reduce the divergence between SUSE's > configuration and the upstream by switching the default TSX mode to > auto. I believe this strikes the right balance between keeping it > enabled where appropriate (i.e every machine which doesn't contain the > TAA vulnerability) and disabling it preventively. This seems pretty sane to me. TSX is far less scary than it once was. It seemed to be a key part of a bunch of the speculation gadgets at some point, but having it off by default doesn't really seem to have slowed anyone down. Plus, this won't even change anyone's builds that has a .config from the last 5 years. Does anyone feel differently?
Powered by blists - more mailing lists