x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug

Orabug: 27351274

There is no business in having ibrs_dump exposed to user-space
and it allowing to write to it. Reading that entry ends up
doing an IPI across all CPUs reading an MSR and that (on large
machines) is not something user-space should be able to do.

And also remove the pr_debug statements.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>

diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 857f1fd3c16aeecc53ef797d47231f65483aa723..71bcdd0854b41f2ffe9ff29ff02a40c2aa767935 100644 (file)
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -1208,15 +1208,6 @@ static struct ctl_table kern_table[] = {
                .extra1         = &zero,
                .extra2         = &one,
        },
-       {
-               .procname       = "ibrs_dump",
-               .data           = &sysctl_ibrs_dump,
-               .maxlen         = sizeof(unsigned int),
-               .mode           = 0644,
-               .proc_handler   = proc_dointvec_ibrs_dump,
-               .extra1         = &zero,
-               .extra2         = &one,
-       },
 #endif
        { }
 };
@@ -2842,33 +2833,6 @@ int proc_do_large_bitmap(struct ctl_table *table, int write,
 }
 
 #ifdef CONFIG_X86
-int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
-       void __user *buffer, size_t *lenp, loff_t *ppos)
-{
-       int ret, orig_inuse;
-       unsigned int cpu;
-
-
-       ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-       printk("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-       printk("use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
-       mutex_lock(&spec_ctrl_mutex);
-       orig_inuse = use_ibrs;
-       /* temporary halt to ibrs usage to dump ibrs values */
-       clear_ibrs_inuse();
-       for_each_online_cpu(cpu) {
-              u64 val;
-
-              if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
-                      rdmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, &val);
-              else
-                      val = 0;
-              printk("read cpu %d ibrs val %lu\n", cpu, (unsigned long) val);
-       }
-       use_ibrs = orig_inuse;
-       mutex_unlock(&spec_ctrl_mutex);
-       return ret;
-}
 
 int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
        void __user *buffer, size_t *lenp, loff_t *ppos)
@@ -2877,8 +2841,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
        unsigned int cpu;
 
        ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-       pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-       pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        mutex_lock(&spec_ctrl_mutex);
        if (sysctl_ibrs_enabled == 0) {
                /* always set IBRS off */
@@ -2904,7 +2866,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
                        sysctl_ibrs_enabled = 0;
        }
        mutex_unlock(&spec_ctrl_mutex);
-       pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        return ret;
 }
 
@@ -2914,8 +2875,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
        int ret;
 
        ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-       pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-       pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        mutex_lock(&spec_ctrl_mutex);
        if (sysctl_ibpb_enabled == 0)
                set_ibpb_disabled();
@@ -2926,7 +2885,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
                        sysctl_ibpb_enabled = 0;
        }
        mutex_unlock(&spec_ctrl_mutex);
-       pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
        return ret;
 }
 #endif