From e6055559cef12d3f2a7608f518301eb0bb51f756 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Thu, 4 Jan 2018 20:29:31 -0800
Subject: [PATCH] x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug

Orabug: 27351274

There is no business in having ibrs_dump exposed to user-space
and it allowing to write to it. Reading that entry ends up
doing an IPI across all CPUs reading an MSR and that (on large
machines) is not something user-space should be able to do.

And also remove the pr_debug statements.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Signed-off-by: Kirtikar Kashyap <kirtikar.kashyap@oracle.com>
---
 kernel/sysctl.c | 42 ------------------------------------------
 1 file changed, 42 deletions(-)

diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 857f1fd3c16ae..71bcdd0854b41 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -1208,15 +1208,6 @@ static struct ctl_table kern_table[] = {
 		.extra1         = &zero,
 		.extra2         = &one,
 	},
-	{
-		.procname       = "ibrs_dump",
-		.data           = &sysctl_ibrs_dump,
-		.maxlen         = sizeof(unsigned int),
-		.mode           = 0644,
-		.proc_handler   = proc_dointvec_ibrs_dump,
-		.extra1         = &zero,
-		.extra2         = &one,
-	},
 #endif
 	{ }
 };
@@ -2842,33 +2833,6 @@ int proc_do_large_bitmap(struct ctl_table *table, int write,
 }
 
 #ifdef CONFIG_X86
-int proc_dointvec_ibrs_dump(struct ctl_table *table, int write,
-	void __user *buffer, size_t *lenp, loff_t *ppos)
-{
-	int ret, orig_inuse;
-	unsigned int cpu;
-
-
-	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-	printk("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-	printk("use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
-	mutex_lock(&spec_ctrl_mutex);
-	orig_inuse = use_ibrs;
-	/* temporary halt to ibrs usage to dump ibrs values */
-	clear_ibrs_inuse();
-	for_each_online_cpu(cpu) {
-	       u64 val;
-
-	       if (boot_cpu_has(X86_FEATURE_SPEC_CTRL))
-		       rdmsrl_on_cpu(cpu, MSR_IA32_SPEC_CTRL, &val);
-	       else
-		       val = 0;
-	       printk("read cpu %d ibrs val %lu\n", cpu, (unsigned long) val);
-	}
-	use_ibrs = orig_inuse;
-	mutex_unlock(&spec_ctrl_mutex);
-	return ret;
-}
 
 int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
 	void __user *buffer, size_t *lenp, loff_t *ppos)
@@ -2877,8 +2841,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
 	unsigned int cpu;
 
 	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-	pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-	pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	mutex_lock(&spec_ctrl_mutex);
 	if (sysctl_ibrs_enabled == 0) {
 		/* always set IBRS off */
@@ -2904,7 +2866,6 @@ int proc_dointvec_ibrs_ctrl(struct ctl_table *table, int write,
 			sysctl_ibrs_enabled = 0;
 	}
 	mutex_unlock(&spec_ctrl_mutex);
-	pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	return ret;
 }
 
@@ -2914,8 +2875,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
 	int ret;
 
 	ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
-	pr_debug("sysctl_ibrs_enabled = %u, sysctl_ibpb_enabled = %u\n", sysctl_ibrs_enabled, sysctl_ibpb_enabled);
-	pr_debug("before:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	mutex_lock(&spec_ctrl_mutex);
 	if (sysctl_ibpb_enabled == 0)
 		set_ibpb_disabled();
@@ -2926,7 +2885,6 @@ int proc_dointvec_ibpb_ctrl(struct ctl_table *table, int write,
 			sysctl_ibpb_enabled = 0;
 	}
 	mutex_unlock(&spec_ctrl_mutex);
-	pr_debug("after:use_ibrs = %d, use_ibpb = %d\n", use_ibrs, use_ibpb);
 	return ret;
 }
 #endif
-- 
2.50.1