From: Nikolay Borisov <nik.borisov@suse.com>
Date: Wed, 12 Nov 2025 19:05:48 +0000 (+0200)
Subject: x86/tsx: Set default TSX mode to auto
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8c7600d468bdb6e44ed3b3247c6e53f5be5d8de;p=thirdparty%2Flinux.git

x86/tsx: Set default TSX mode to auto

At SUSE we've been releasing our kernels with TSX enabled for the past 6
years and some customers have started to rely on it. Furthermore, the last
known vulnerability concerning TSX was TAA (CVE-2019-11135) and a
significant amount time has passed since then without anyone reporting any
issues. Intel has released numerous processors which do not have the
TAA vulnerability (Cooper/Ice Lake, Sapphire/Emerald/Granite Rappids)
yet TSX remains being disabled by default.

The main aim of this patch is to reduce the divergence between SUSE's
configuration and the upstream by switching the default TSX mode to
auto. I believe this strikes the right balance between keeping it
enabled where appropriate (i.e every machine which doesn't contain the
TAA vulnerability) and disabling it preventively.

Signed-off-by: Nikolay Borisov <nik.borisov@suse.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://patch.msgid.link/20251112190548.750746-1-nik.borisov@suse.com
---

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 80527299f859a..f1c98a973fcd8 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1816,7 +1816,7 @@ config ARCH_PKEY_BITS
 choice
 	prompt "TSX enable mode"
 	depends on CPU_SUP_INTEL
-	default X86_INTEL_TSX_MODE_OFF
+	default X86_INTEL_TSX_MODE_AUTO
 	help
 	  Intel's TSX (Transactional Synchronization Extensions) feature
 	  allows to optimize locking protocols through lock elision which