Comment 13 for bug 1853200

You said this might have been resolved differently anyway with the newest kernel having again hle/rtm enabled - I haven't heard about it but that would probably be even better.
Lets see on the kernel side.
- Fixes for CVE-2019-11135 got added in 4.15.0-69.78
- This was reported against 4.15.0-70
- Wondering about 4.15.0-72 being ok again

Reading the latest state of Documentation/admin-guide/hw-vuln/tsx_async_abort.rst shows:
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html#mitigation-control-on-the-kernel-command-line

212 tsx=on tsx_async_abort=full The system will use VERW to clear CPU
213 buffers. Cross-thread attacks are still
214 possible on SMT machines.
215 tsx=on tsx_async_abort=full,nosmt As above, cross-thread attacks on SMT
216 mitigated.
217 tsx=on tsx_async_abort=off The system is vulnerable.
218 tsx=off tsx_async_abort=full TSX might be disabled if microcode
219 provides a TSX control MSR. If so,
220 system is not vulnerable.
221 tsx=off tsx_async_abort=full,nosmt Ditto
222 tsx=off tsx_async_abort=off ditto

Maybe the initial take was tsx=off which would switch off those flags. But now is any of the tsx=on but with full mitigations? But I'm guessing at this point.
I have not found a clear kernel change since then (not until 4.15.0-73.82, but even less so between .70 and .72) that would change these.
The only related "- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs" seems to only affect print output, but not change behavior.

Furthermore none of the systems I have has got hle/rtm back since then.

@Nobuto - has your system any of the above kernel parameters set manually?

I haven't heard from this by sbeattie or others after my last update.
Lets ping security to be sure this hasn't been forgotten.
(I have done that on IRC as well)
@Security - any updates on this from your side?