From b65b536e4fe0edee542bf30db55f785dcff9b064 Mon Sep 17 00:00:00 2001 From: Boris Ostrovsky Date: Tue, 23 Jan 2018 11:02:45 -0500 Subject: [PATCH] x86/IBRS/IBPB: Remove procfs interface to ibrs/ibpb_enable We already have exact same functionality available in debugfs. Orabug: 27448280 Signed-off-by: Boris Ostrovsky Reviewed-by: Krish Sadhukhan Reviewed-by: Konrad Rzeszutek Wilk Signed-off-by: Konrad Rzeszutek Wilk --- arch/x86/kernel/cpu/spec_ctrl.c | 4 ++ kernel/sysctl.c | 91 --------------------------------- 2 files changed, 4 insertions(+), 91 deletions(-) diff --git a/arch/x86/kernel/cpu/spec_ctrl.c b/arch/x86/kernel/cpu/spec_ctrl.c index c8c8a9182a00..2b288f1b3d35 100644 --- a/arch/x86/kernel/cpu/spec_ctrl.c +++ b/arch/x86/kernel/cpu/spec_ctrl.c @@ -14,6 +14,10 @@ * bit 2 = indicate if admin disables ibrs */ +u32 sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0; +EXPORT_SYMBOL(sysctl_ibrs_enabled); +EXPORT_SYMBOL(sysctl_ibpb_enabled); + static ssize_t __enabled_read(struct file *file, char __user *user_buf, size_t count, loff_t *ppos, unsigned int *field) { diff --git a/kernel/sysctl.c b/kernel/sysctl.c index af526f11deb7..0603cc4a3bba 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -198,15 +198,6 @@ static int proc_dostring_coredump(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); #endif -#ifdef CONFIG_X86 -int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write, - void __user *buffer, size_t *lenp, loff_t *ppos); -int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write, - void __user *buffer, size_t *lenp, loff_t *ppos); -int proc_dointvec_ibrs_dump(struct ctl_table *table, int write, - void __user *buffer, size_t *lenp, loff_t *ppos); -#endif - #ifdef CONFIG_MAGIC_SYSRQ /* Note: sysrq code uses it's own private copy */ static int __sysrq_enabled = CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE; @@ -243,12 +234,6 @@ extern struct ctl_table epoll_table[]; int sysctl_legacy_va_layout; #endif -u32 sysctl_ibrs_dump = 0; -u32 sysctl_ibrs_enabled = 0; -EXPORT_SYMBOL(sysctl_ibrs_enabled); -u32 sysctl_ibpb_enabled = 0; -EXPORT_SYMBOL(sysctl_ibpb_enabled); - /* The default sysctl tables: */ static struct ctl_table sysctl_base_table[] = { @@ -1189,26 +1174,6 @@ static struct ctl_table kern_table[] = { .extra1 = &zero, .extra2 = &one, }, -#endif -#ifdef CONFIG_X86 - { - .procname = "ibrs_enabled", - .data = &sysctl_ibrs_enabled, - .maxlen = sizeof(unsigned int), - .mode = 0644, - .proc_handler = proc_dointvec_ibrs_ctrl, - .extra1 = &zero, - .extra2 = &two, - }, - { - .procname = "ibpb_enabled", - .data = &sysctl_ibpb_enabled, - .maxlen = sizeof(unsigned int), - .mode = 0644, - .proc_handler = proc_dointvec_ibpb_ctrl, - .extra1 = &zero, - .extra2 = &one, - }, #endif { } }; @@ -2833,62 +2798,6 @@ int proc_do_large_bitmap(struct ctl_table *table, int write, } } -#ifdef CONFIG_X86 - -int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write, - void __user *buffer, size_t *lenp, loff_t *ppos) -{ - int ret; - unsigned int cpu; - - ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); - mutex_lock(&spec_ctrl_mutex); - if (sysctl_ibrs_enabled == 0) { - /* always set IBRS off */ - set_ibrs_disabled(); - if (ibrs_supported) { - for_each_online_cpu(cpu) - wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_DISABLE_IBRS); - } - } else if (sysctl_ibrs_enabled == 2) { - /* always set IBRS on, even in user space */ - clear_ibrs_disabled(); - if (ibrs_supported) { - for_each_online_cpu(cpu) - wrmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, SPEC_CTRL_FEATURE_ENABLE_IBRS); - } else { - sysctl_ibrs_enabled = 0; - } - } else if (sysctl_ibrs_enabled == 1) { - /* use IBRS in kernel */ - clear_ibrs_disabled(); - if (!ibrs_inuse) - /* platform don't support ibrs */ - sysctl_ibrs_enabled = 0; - } - mutex_unlock(&spec_ctrl_mutex); - return ret; -} - -int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write, - void __user *buffer, size_t *lenp, loff_t *ppos) -{ - int ret; - - ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); - mutex_lock(&spec_ctrl_mutex); - if (sysctl_ibpb_enabled == 0) - set_ibpb_disabled(); - else if (sysctl_ibpb_enabled == 1) { - clear_ibpb_disabled(); - if (!ibpb_inuse) - /* platform don't support ibpb */ - sysctl_ibpb_enabled = 0; - } - mutex_unlock(&spec_ctrl_mutex); - return ret; -} -#endif #else /* CONFIG_PROC_SYSCTL */ int proc_dostring(struct ctl_table *table, int write, -- 2.50.1