git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Michal Hocko <mhocko@suse.com>
	Wed, 23 Oct 2019 10:35:50 +0000 (12:35 +0200)
committer	Stefan Bader <stefan.bader@canonical.com>
	Wed, 6 Nov 2019 09:27:23 +0000 (10:27 +0100)
commit	77f7d2ca86398bccca38aa66442d676851ff2e80
tree	a9531fb201c3e93dba027d274d60ad800f04d29f	tree
parent	20040e3da707d2c246a248b42bbab47213fcfe35	commit \| diff

x86/tsx: Add config options to set tsx=on|off|auto

commit db616173d787395787ecc93eef075fa975227b10 upstream

There is a general consensus that TSX usage is not largely spread while
the history shows there is a non trivial space for side channel attacks
possible. Therefore the tsx is disabled by default even on platforms
that might have a safe implementation of TSX according to the current
knowledge. This is a fair trade off to make.

There are, however, workloads that really do benefit from using TSX and
updating to a newer kernel with TSX disabled might introduce a
noticeable regressions. This would be especially a problem for Linux
distributions which will provide TAA mitigations.

Introduce config options X86_INTEL_TSX_MODE_OFF, X86_INTEL_TSX_MODE_ON
and X86_INTEL_TSX_MODE_AUTO to control the TSX feature. The config
setting can be overridden by the tsx cmdline options.

[ bp: Text cleanups from Josh. ]

Suggested-by: Borislav Petkov <bpetkov@suse.de>
Signed-off-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
CVE-2019-11135

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

arch/x86/Kconfig		diff \| blob \| blame \| history
arch/x86/kernel/cpu/tsx.c		diff \| blob \| blame \| history