Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * sysctl.c: General linux system control interface
4 *
5 * Begun 24 March 1995, Stephen Tweedie
6 * Added /proc support, Dec 1995
7 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas.
8 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver.
9 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver.
10 * Dynamic registration fixes, Stephen Tweedie.
11 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn.
12 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris
13 * Horn.
14 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer.
15 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer.
16 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill
17 * Wendling.
18 * The list_for_each() macro wasn't appropriate for the sysctl loop.
19 * Removed it and replaced it with older style, 03/23/00, Bill Wendling
20 */
21
22#include <linux/module.h>
23#include <linux/aio.h>
24#include <linux/mm.h>
25#include <linux/swap.h>
26#include <linux/slab.h>
27#include <linux/sysctl.h>
28#include <linux/bitmap.h>
29#include <linux/signal.h>
30#include <linux/printk.h>
31#include <linux/proc_fs.h>
32#include <linux/security.h>
33#include <linux/ctype.h>
34#include <linux/kmemleak.h>
35#include <linux/fs.h>
36#include <linux/init.h>
37#include <linux/kernel.h>
38#include <linux/kobject.h>
39#include <linux/net.h>
40#include <linux/sysrq.h>
41#include <linux/highuid.h>
42#include <linux/writeback.h>
43#include <linux/ratelimit.h>
44#include <linux/compaction.h>
45#include <linux/hugetlb.h>
46#include <linux/initrd.h>
47#include <linux/key.h>
48#include <linux/times.h>
49#include <linux/limits.h>
50#include <linux/dcache.h>
51#include <linux/dnotify.h>
52#include <linux/syscalls.h>
53#include <linux/vmstat.h>
54#include <linux/nfs_fs.h>
55#include <linux/acpi.h>
56#include <linux/reboot.h>
57#include <linux/ftrace.h>
58#include <linux/perf_event.h>
59#include <linux/kprobes.h>
60#include <linux/pipe_fs_i.h>
61#include <linux/oom.h>
62#include <linux/kmod.h>
63#include <linux/capability.h>
64#include <linux/binfmts.h>
65#include <linux/sched/sysctl.h>
66#include <linux/sched/coredump.h>
67#include <linux/kexec.h>
68#include <linux/bpf.h>
69#include <linux/mount.h>
70#include <linux/userfaultfd_k.h>
71
72#include "../lib/kstrtox.h"
73
74#include <linux/uaccess.h>
75#include <asm/processor.h>
76
77#ifdef CONFIG_X86
78#include <asm/nmi.h>
79#include <asm/stacktrace.h>
80#include <asm/io.h>
81#endif
82#ifdef CONFIG_SPARC
83#include <asm/setup.h>
84#endif
85#ifdef CONFIG_BSD_PROCESS_ACCT
86#include <linux/acct.h>
87#endif
88#ifdef CONFIG_RT_MUTEXES
89#include <linux/rtmutex.h>
90#endif
91#if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
92#include <linux/lockdep.h>
93#endif
94#ifdef CONFIG_CHR_DEV_SG
95#include <scsi/sg.h>
96#endif
97#ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE
98#include <linux/stackleak.h>
99#endif
100#ifdef CONFIG_LOCKUP_DETECTOR
101#include <linux/nmi.h>
102#endif
103
104#if defined(CONFIG_SYSCTL)
105
106/* External variables not in a header file. */
107extern int suid_dumpable;
108#ifdef CONFIG_COREDUMP
109extern int core_uses_pid;
110extern char core_pattern[];
111extern unsigned int core_pipe_limit;
112#endif
113extern int pid_max;
114extern int pid_max_min, pid_max_max;
115extern int percpu_pagelist_fraction;
116extern int latencytop_enabled;
117extern unsigned int sysctl_nr_open_min, sysctl_nr_open_max;
118#ifndef CONFIG_MMU
119extern int sysctl_nr_trim_pages;
120#endif
121
122/* Constants used for minimum and maximum */
123#ifdef CONFIG_LOCKUP_DETECTOR
124static int sixty = 60;
125#endif
126
127static int __maybe_unused neg_one = -1;
128static int __maybe_unused two = 2;
129static int __maybe_unused four = 4;
130static unsigned long zero_ul;
131static unsigned long one_ul = 1;
132static unsigned long long_max = LONG_MAX;
133static int one_hundred = 100;
134static int one_thousand = 1000;
135#ifdef CONFIG_PRINTK
136static int ten_thousand = 10000;
137#endif
138#ifdef CONFIG_PERF_EVENTS
139static int six_hundred_forty_kb = 640 * 1024;
140#endif
141
142/* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */
143static unsigned long dirty_bytes_min = 2 * PAGE_SIZE;
144
145/* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
146static int maxolduid = 65535;
147static int minolduid;
148
149static int ngroups_max = NGROUPS_MAX;
150static const int cap_last_cap = CAP_LAST_CAP;
151
152/*
153 * This is needed for proc_doulongvec_minmax of sysctl_hung_task_timeout_secs
154 * and hung_task_check_interval_secs
155 */
156#ifdef CONFIG_DETECT_HUNG_TASK
157static unsigned long hung_task_timeout_max = (LONG_MAX/HZ);
158#endif
159
160#ifdef CONFIG_INOTIFY_USER
161#include <linux/inotify.h>
162#endif
163#ifdef CONFIG_SPARC
164#endif
165
166#ifdef CONFIG_PARISC
167extern int pwrsw_enabled;
168#endif
169
170#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
171extern int unaligned_enabled;
172#endif
173
174#ifdef CONFIG_IA64
175extern int unaligned_dump_stack;
176#endif
177
178#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
179extern int no_unaligned_warning;
180#endif
181
182#ifdef CONFIG_PROC_SYSCTL
183
184/**
185 * enum sysctl_writes_mode - supported sysctl write modes
186 *
187 * @SYSCTL_WRITES_LEGACY: each write syscall must fully contain the sysctl value
188 * to be written, and multiple writes on the same sysctl file descriptor
189 * will rewrite the sysctl value, regardless of file position. No warning
190 * is issued when the initial position is not 0.
191 * @SYSCTL_WRITES_WARN: same as above but warn when the initial file position is
192 * not 0.
193 * @SYSCTL_WRITES_STRICT: writes to numeric sysctl entries must always be at
194 * file position 0 and the value must be fully contained in the buffer
195 * sent to the write syscall. If dealing with strings respect the file
196 * position, but restrict this to the max length of the buffer, anything
197 * passed the max length will be ignored. Multiple writes will append
198 * to the buffer.
199 *
200 * These write modes control how current file position affects the behavior of
201 * updating sysctl values through the proc interface on each write.
202 */
203enum sysctl_writes_mode {
204 SYSCTL_WRITES_LEGACY = -1,
205 SYSCTL_WRITES_WARN = 0,
206 SYSCTL_WRITES_STRICT = 1,
207};
208
209static enum sysctl_writes_mode sysctl_writes_strict = SYSCTL_WRITES_STRICT;
210
211static int proc_do_cad_pid(struct ctl_table *table, int write,
212 void __user *buffer, size_t *lenp, loff_t *ppos);
213static int proc_taint(struct ctl_table *table, int write,
214 void __user *buffer, size_t *lenp, loff_t *ppos);
215#endif
216
217#ifdef CONFIG_PRINTK
218static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
219 void __user *buffer, size_t *lenp, loff_t *ppos);
220#endif
221
222static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
223 void __user *buffer, size_t *lenp, loff_t *ppos);
224#ifdef CONFIG_COREDUMP
225static int proc_dostring_coredump(struct ctl_table *table, int write,
226 void __user *buffer, size_t *lenp, loff_t *ppos);
227#endif
228static int proc_dopipe_max_size(struct ctl_table *table, int write,
229 void __user *buffer, size_t *lenp, loff_t *ppos);
230
231#ifdef CONFIG_MAGIC_SYSRQ
232/* Note: sysrq code uses its own private copy */
233static int __sysrq_enabled = CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE;
234
235static int sysrq_sysctl_handler(struct ctl_table *table, int write,
236 void __user *buffer, size_t *lenp,
237 loff_t *ppos)
238{
239 int error;
240
241 error = proc_dointvec(table, write, buffer, lenp, ppos);
242 if (error)
243 return error;
244
245 if (write)
246 sysrq_toggle_support(__sysrq_enabled);
247
248 return 0;
249}
250
251#endif
252
253static struct ctl_table kern_table[];
254static struct ctl_table vm_table[];
255static struct ctl_table fs_table[];
256static struct ctl_table debug_table[];
257static struct ctl_table dev_table[];
258extern struct ctl_table random_table[];
259#ifdef CONFIG_EPOLL
260extern struct ctl_table epoll_table[];
261#endif
262
263#ifdef CONFIG_FW_LOADER_USER_HELPER
264extern struct ctl_table firmware_config_table[];
265#endif
266
267#if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
268 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
269int sysctl_legacy_va_layout;
270#endif
271
272/* The default sysctl tables: */
273
274static struct ctl_table sysctl_base_table[] = {
275 {
276 .procname = "kernel",
277 .mode = 0555,
278 .child = kern_table,
279 },
280 {
281 .procname = "vm",
282 .mode = 0555,
283 .child = vm_table,
284 },
285 {
286 .procname = "fs",
287 .mode = 0555,
288 .child = fs_table,
289 },
290 {
291 .procname = "debug",
292 .mode = 0555,
293 .child = debug_table,
294 },
295 {
296 .procname = "dev",
297 .mode = 0555,
298 .child = dev_table,
299 },
300 { }
301};
302
303#ifdef CONFIG_SCHED_DEBUG
304static int min_sched_granularity_ns = 100000; /* 100 usecs */
305static int max_sched_granularity_ns = NSEC_PER_SEC; /* 1 second */
306static int min_wakeup_granularity_ns; /* 0 usecs */
307static int max_wakeup_granularity_ns = NSEC_PER_SEC; /* 1 second */
308#ifdef CONFIG_SMP
309static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE;
310static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1;
311#endif /* CONFIG_SMP */
312#endif /* CONFIG_SCHED_DEBUG */
313
314#ifdef CONFIG_COMPACTION
315static int min_extfrag_threshold;
316static int max_extfrag_threshold = 1000;
317#endif
318
319static struct ctl_table kern_table[] = {
320 {
321 .procname = "sched_child_runs_first",
322 .data = &sysctl_sched_child_runs_first,
323 .maxlen = sizeof(unsigned int),
324 .mode = 0644,
325 .proc_handler = proc_dointvec,
326 },
327#ifdef CONFIG_SCHED_DEBUG
328 {
329 .procname = "sched_min_granularity_ns",
330 .data = &sysctl_sched_min_granularity,
331 .maxlen = sizeof(unsigned int),
332 .mode = 0644,
333 .proc_handler = sched_proc_update_handler,
334 .extra1 = &min_sched_granularity_ns,
335 .extra2 = &max_sched_granularity_ns,
336 },
337 {
338 .procname = "sched_latency_ns",
339 .data = &sysctl_sched_latency,
340 .maxlen = sizeof(unsigned int),
341 .mode = 0644,
342 .proc_handler = sched_proc_update_handler,
343 .extra1 = &min_sched_granularity_ns,
344 .extra2 = &max_sched_granularity_ns,
345 },
346 {
347 .procname = "sched_wakeup_granularity_ns",
348 .data = &sysctl_sched_wakeup_granularity,
349 .maxlen = sizeof(unsigned int),
350 .mode = 0644,
351 .proc_handler = sched_proc_update_handler,
352 .extra1 = &min_wakeup_granularity_ns,
353 .extra2 = &max_wakeup_granularity_ns,
354 },
355#ifdef CONFIG_SMP
356 {
357 .procname = "sched_tunable_scaling",
358 .data = &sysctl_sched_tunable_scaling,
359 .maxlen = sizeof(enum sched_tunable_scaling),
360 .mode = 0644,
361 .proc_handler = sched_proc_update_handler,
362 .extra1 = &min_sched_tunable_scaling,
363 .extra2 = &max_sched_tunable_scaling,
364 },
365 {
366 .procname = "sched_migration_cost_ns",
367 .data = &sysctl_sched_migration_cost,
368 .maxlen = sizeof(unsigned int),
369 .mode = 0644,
370 .proc_handler = proc_dointvec,
371 },
372 {
373 .procname = "sched_nr_migrate",
374 .data = &sysctl_sched_nr_migrate,
375 .maxlen = sizeof(unsigned int),
376 .mode = 0644,
377 .proc_handler = proc_dointvec,
378 },
379#ifdef CONFIG_SCHEDSTATS
380 {
381 .procname = "sched_schedstats",
382 .data = NULL,
383 .maxlen = sizeof(unsigned int),
384 .mode = 0644,
385 .proc_handler = sysctl_schedstats,
386 .extra1 = SYSCTL_ZERO,
387 .extra2 = SYSCTL_ONE,
388 },
389#endif /* CONFIG_SCHEDSTATS */
390#endif /* CONFIG_SMP */
391#ifdef CONFIG_NUMA_BALANCING
392 {
393 .procname = "numa_balancing_scan_delay_ms",
394 .data = &sysctl_numa_balancing_scan_delay,
395 .maxlen = sizeof(unsigned int),
396 .mode = 0644,
397 .proc_handler = proc_dointvec,
398 },
399 {
400 .procname = "numa_balancing_scan_period_min_ms",
401 .data = &sysctl_numa_balancing_scan_period_min,
402 .maxlen = sizeof(unsigned int),
403 .mode = 0644,
404 .proc_handler = proc_dointvec,
405 },
406 {
407 .procname = "numa_balancing_scan_period_max_ms",
408 .data = &sysctl_numa_balancing_scan_period_max,
409 .maxlen = sizeof(unsigned int),
410 .mode = 0644,
411 .proc_handler = proc_dointvec,
412 },
413 {
414 .procname = "numa_balancing_scan_size_mb",
415 .data = &sysctl_numa_balancing_scan_size,
416 .maxlen = sizeof(unsigned int),
417 .mode = 0644,
418 .proc_handler = proc_dointvec_minmax,
419 .extra1 = SYSCTL_ONE,
420 },
421 {
422 .procname = "numa_balancing",
423 .data = NULL, /* filled in by handler */
424 .maxlen = sizeof(unsigned int),
425 .mode = 0644,
426 .proc_handler = sysctl_numa_balancing,
427 .extra1 = SYSCTL_ZERO,
428 .extra2 = SYSCTL_ONE,
429 },
430#endif /* CONFIG_NUMA_BALANCING */
431#endif /* CONFIG_SCHED_DEBUG */
432 {
433 .procname = "sched_rt_period_us",
434 .data = &sysctl_sched_rt_period,
435 .maxlen = sizeof(unsigned int),
436 .mode = 0644,
437 .proc_handler = sched_rt_handler,
438 },
439 {
440 .procname = "sched_rt_runtime_us",
441 .data = &sysctl_sched_rt_runtime,
442 .maxlen = sizeof(int),
443 .mode = 0644,
444 .proc_handler = sched_rt_handler,
445 },
446 {
447 .procname = "sched_rr_timeslice_ms",
448 .data = &sysctl_sched_rr_timeslice,
449 .maxlen = sizeof(int),
450 .mode = 0644,
451 .proc_handler = sched_rr_handler,
452 },
453#ifdef CONFIG_UCLAMP_TASK
454 {
455 .procname = "sched_util_clamp_min",
456 .data = &sysctl_sched_uclamp_util_min,
457 .maxlen = sizeof(unsigned int),
458 .mode = 0644,
459 .proc_handler = sysctl_sched_uclamp_handler,
460 },
461 {
462 .procname = "sched_util_clamp_max",
463 .data = &sysctl_sched_uclamp_util_max,
464 .maxlen = sizeof(unsigned int),
465 .mode = 0644,
466 .proc_handler = sysctl_sched_uclamp_handler,
467 },
468#endif
469#ifdef CONFIG_SCHED_AUTOGROUP
470 {
471 .procname = "sched_autogroup_enabled",
472 .data = &sysctl_sched_autogroup_enabled,
473 .maxlen = sizeof(unsigned int),
474 .mode = 0644,
475 .proc_handler = proc_dointvec_minmax,
476 .extra1 = SYSCTL_ZERO,
477 .extra2 = SYSCTL_ONE,
478 },
479#endif
480#ifdef CONFIG_CFS_BANDWIDTH
481 {
482 .procname = "sched_cfs_bandwidth_slice_us",
483 .data = &sysctl_sched_cfs_bandwidth_slice,
484 .maxlen = sizeof(unsigned int),
485 .mode = 0644,
486 .proc_handler = proc_dointvec_minmax,
487 .extra1 = SYSCTL_ONE,
488 },
489#endif
490#if defined(CONFIG_ENERGY_MODEL) && defined(CONFIG_CPU_FREQ_GOV_SCHEDUTIL)
491 {
492 .procname = "sched_energy_aware",
493 .data = &sysctl_sched_energy_aware,
494 .maxlen = sizeof(unsigned int),
495 .mode = 0644,
496 .proc_handler = sched_energy_aware_handler,
497 .extra1 = SYSCTL_ZERO,
498 .extra2 = SYSCTL_ONE,
499 },
500#endif
501#ifdef CONFIG_PROVE_LOCKING
502 {
503 .procname = "prove_locking",
504 .data = &prove_locking,
505 .maxlen = sizeof(int),
506 .mode = 0644,
507 .proc_handler = proc_dointvec,
508 },
509#endif
510#ifdef CONFIG_LOCK_STAT
511 {
512 .procname = "lock_stat",
513 .data = &lock_stat,
514 .maxlen = sizeof(int),
515 .mode = 0644,
516 .proc_handler = proc_dointvec,
517 },
518#endif
519 {
520 .procname = "panic",
521 .data = &panic_timeout,
522 .maxlen = sizeof(int),
523 .mode = 0644,
524 .proc_handler = proc_dointvec,
525 },
526#ifdef CONFIG_COREDUMP
527 {
528 .procname = "core_uses_pid",
529 .data = &core_uses_pid,
530 .maxlen = sizeof(int),
531 .mode = 0644,
532 .proc_handler = proc_dointvec,
533 },
534 {
535 .procname = "core_pattern",
536 .data = core_pattern,
537 .maxlen = CORENAME_MAX_SIZE,
538 .mode = 0644,
539 .proc_handler = proc_dostring_coredump,
540 },
541 {
542 .procname = "core_pipe_limit",
543 .data = &core_pipe_limit,
544 .maxlen = sizeof(unsigned int),
545 .mode = 0644,
546 .proc_handler = proc_dointvec,
547 },
548#endif
549#ifdef CONFIG_PROC_SYSCTL
550 {
551 .procname = "tainted",
552 .maxlen = sizeof(long),
553 .mode = 0644,
554 .proc_handler = proc_taint,
555 },
556 {
557 .procname = "sysctl_writes_strict",
558 .data = &sysctl_writes_strict,
559 .maxlen = sizeof(int),
560 .mode = 0644,
561 .proc_handler = proc_dointvec_minmax,
562 .extra1 = &neg_one,
563 .extra2 = SYSCTL_ONE,
564 },
565#endif
566#ifdef CONFIG_LATENCYTOP
567 {
568 .procname = "latencytop",
569 .data = &latencytop_enabled,
570 .maxlen = sizeof(int),
571 .mode = 0644,
572 .proc_handler = sysctl_latencytop,
573 },
574#endif
575#ifdef CONFIG_BLK_DEV_INITRD
576 {
577 .procname = "real-root-dev",
578 .data = &real_root_dev,
579 .maxlen = sizeof(int),
580 .mode = 0644,
581 .proc_handler = proc_dointvec,
582 },
583#endif
584 {
585 .procname = "print-fatal-signals",
586 .data = &print_fatal_signals,
587 .maxlen = sizeof(int),
588 .mode = 0644,
589 .proc_handler = proc_dointvec,
590 },
591#ifdef CONFIG_SPARC
592 {
593 .procname = "reboot-cmd",
594 .data = reboot_command,
595 .maxlen = 256,
596 .mode = 0644,
597 .proc_handler = proc_dostring,
598 },
599 {
600 .procname = "stop-a",
601 .data = &stop_a_enabled,
602 .maxlen = sizeof (int),
603 .mode = 0644,
604 .proc_handler = proc_dointvec,
605 },
606 {
607 .procname = "scons-poweroff",
608 .data = &scons_pwroff,
609 .maxlen = sizeof (int),
610 .mode = 0644,
611 .proc_handler = proc_dointvec,
612 },
613#endif
614#ifdef CONFIG_SPARC64
615 {
616 .procname = "tsb-ratio",
617 .data = &sysctl_tsb_ratio,
618 .maxlen = sizeof (int),
619 .mode = 0644,
620 .proc_handler = proc_dointvec,
621 },
622#endif
623#ifdef CONFIG_PARISC
624 {
625 .procname = "soft-power",
626 .data = &pwrsw_enabled,
627 .maxlen = sizeof (int),
628 .mode = 0644,
629 .proc_handler = proc_dointvec,
630 },
631#endif
632#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
633 {
634 .procname = "unaligned-trap",
635 .data = &unaligned_enabled,
636 .maxlen = sizeof (int),
637 .mode = 0644,
638 .proc_handler = proc_dointvec,
639 },
640#endif
641 {
642 .procname = "ctrl-alt-del",
643 .data = &C_A_D,
644 .maxlen = sizeof(int),
645 .mode = 0644,
646 .proc_handler = proc_dointvec,
647 },
648#ifdef CONFIG_FUNCTION_TRACER
649 {
650 .procname = "ftrace_enabled",
651 .data = &ftrace_enabled,
652 .maxlen = sizeof(int),
653 .mode = 0644,
654 .proc_handler = ftrace_enable_sysctl,
655 },
656#endif
657#ifdef CONFIG_STACK_TRACER
658 {
659 .procname = "stack_tracer_enabled",
660 .data = &stack_tracer_enabled,
661 .maxlen = sizeof(int),
662 .mode = 0644,
663 .proc_handler = stack_trace_sysctl,
664 },
665#endif
666#ifdef CONFIG_TRACING
667 {
668 .procname = "ftrace_dump_on_oops",
669 .data = &ftrace_dump_on_oops,
670 .maxlen = sizeof(int),
671 .mode = 0644,
672 .proc_handler = proc_dointvec,
673 },
674 {
675 .procname = "traceoff_on_warning",
676 .data = &__disable_trace_on_warning,
677 .maxlen = sizeof(__disable_trace_on_warning),
678 .mode = 0644,
679 .proc_handler = proc_dointvec,
680 },
681 {
682 .procname = "tracepoint_printk",
683 .data = &tracepoint_printk,
684 .maxlen = sizeof(tracepoint_printk),
685 .mode = 0644,
686 .proc_handler = tracepoint_printk_sysctl,
687 },
688#endif
689#ifdef CONFIG_KEXEC_CORE
690 {
691 .procname = "kexec_load_disabled",
692 .data = &kexec_load_disabled,
693 .maxlen = sizeof(int),
694 .mode = 0644,
695 /* only handle a transition from default "0" to "1" */
696 .proc_handler = proc_dointvec_minmax,
697 .extra1 = SYSCTL_ONE,
698 .extra2 = SYSCTL_ONE,
699 },
700#endif
701#ifdef CONFIG_MODULES
702 {
703 .procname = "modprobe",
704 .data = &modprobe_path,
705 .maxlen = KMOD_PATH_LEN,
706 .mode = 0644,
707 .proc_handler = proc_dostring,
708 },
709 {
710 .procname = "modules_disabled",
711 .data = &modules_disabled,
712 .maxlen = sizeof(int),
713 .mode = 0644,
714 /* only handle a transition from default "0" to "1" */
715 .proc_handler = proc_dointvec_minmax,
716 .extra1 = SYSCTL_ONE,
717 .extra2 = SYSCTL_ONE,
718 },
719#endif
720#ifdef CONFIG_UEVENT_HELPER
721 {
722 .procname = "hotplug",
723 .data = &uevent_helper,
724 .maxlen = UEVENT_HELPER_PATH_LEN,
725 .mode = 0644,
726 .proc_handler = proc_dostring,
727 },
728#endif
729#ifdef CONFIG_CHR_DEV_SG
730 {
731 .procname = "sg-big-buff",
732 .data = &sg_big_buff,
733 .maxlen = sizeof (int),
734 .mode = 0444,
735 .proc_handler = proc_dointvec,
736 },
737#endif
738#ifdef CONFIG_BSD_PROCESS_ACCT
739 {
740 .procname = "acct",
741 .data = &acct_parm,
742 .maxlen = 3*sizeof(int),
743 .mode = 0644,
744 .proc_handler = proc_dointvec,
745 },
746#endif
747#ifdef CONFIG_MAGIC_SYSRQ
748 {
749 .procname = "sysrq",
750 .data = &__sysrq_enabled,
751 .maxlen = sizeof (int),
752 .mode = 0644,
753 .proc_handler = sysrq_sysctl_handler,
754 },
755#endif
756#ifdef CONFIG_PROC_SYSCTL
757 {
758 .procname = "cad_pid",
759 .data = NULL,
760 .maxlen = sizeof (int),
761 .mode = 0600,
762 .proc_handler = proc_do_cad_pid,
763 },
764#endif
765 {
766 .procname = "threads-max",
767 .data = NULL,
768 .maxlen = sizeof(int),
769 .mode = 0644,
770 .proc_handler = sysctl_max_threads,
771 },
772 {
773 .procname = "random",
774 .mode = 0555,
775 .child = random_table,
776 },
777 {
778 .procname = "usermodehelper",
779 .mode = 0555,
780 .child = usermodehelper_table,
781 },
782#ifdef CONFIG_FW_LOADER_USER_HELPER
783 {
784 .procname = "firmware_config",
785 .mode = 0555,
786 .child = firmware_config_table,
787 },
788#endif
789 {
790 .procname = "overflowuid",
791 .data = &overflowuid,
792 .maxlen = sizeof(int),
793 .mode = 0644,
794 .proc_handler = proc_dointvec_minmax,
795 .extra1 = &minolduid,
796 .extra2 = &maxolduid,
797 },
798 {
799 .procname = "overflowgid",
800 .data = &overflowgid,
801 .maxlen = sizeof(int),
802 .mode = 0644,
803 .proc_handler = proc_dointvec_minmax,
804 .extra1 = &minolduid,
805 .extra2 = &maxolduid,
806 },
807#ifdef CONFIG_S390
808#ifdef CONFIG_MATHEMU
809 {
810 .procname = "ieee_emulation_warnings",
811 .data = &sysctl_ieee_emulation_warnings,
812 .maxlen = sizeof(int),
813 .mode = 0644,
814 .proc_handler = proc_dointvec,
815 },
816#endif
817 {
818 .procname = "userprocess_debug",
819 .data = &show_unhandled_signals,
820 .maxlen = sizeof(int),
821 .mode = 0644,
822 .proc_handler = proc_dointvec,
823 },
824#endif
825 {
826 .procname = "pid_max",
827 .data = &pid_max,
828 .maxlen = sizeof (int),
829 .mode = 0644,
830 .proc_handler = proc_dointvec_minmax,
831 .extra1 = &pid_max_min,
832 .extra2 = &pid_max_max,
833 },
834 {
835 .procname = "panic_on_oops",
836 .data = &panic_on_oops,
837 .maxlen = sizeof(int),
838 .mode = 0644,
839 .proc_handler = proc_dointvec,
840 },
841 {
842 .procname = "panic_print",
843 .data = &panic_print,
844 .maxlen = sizeof(unsigned long),
845 .mode = 0644,
846 .proc_handler = proc_doulongvec_minmax,
847 },
848#if defined CONFIG_PRINTK
849 {
850 .procname = "printk",
851 .data = &console_loglevel,
852 .maxlen = 4*sizeof(int),
853 .mode = 0644,
854 .proc_handler = proc_dointvec,
855 },
856 {
857 .procname = "printk_ratelimit",
858 .data = &printk_ratelimit_state.interval,
859 .maxlen = sizeof(int),
860 .mode = 0644,
861 .proc_handler = proc_dointvec_jiffies,
862 },
863 {
864 .procname = "printk_ratelimit_burst",
865 .data = &printk_ratelimit_state.burst,
866 .maxlen = sizeof(int),
867 .mode = 0644,
868 .proc_handler = proc_dointvec,
869 },
870 {
871 .procname = "printk_delay",
872 .data = &printk_delay_msec,
873 .maxlen = sizeof(int),
874 .mode = 0644,
875 .proc_handler = proc_dointvec_minmax,
876 .extra1 = SYSCTL_ZERO,
877 .extra2 = &ten_thousand,
878 },
879 {
880 .procname = "printk_devkmsg",
881 .data = devkmsg_log_str,
882 .maxlen = DEVKMSG_STR_MAX_SIZE,
883 .mode = 0644,
884 .proc_handler = devkmsg_sysctl_set_loglvl,
885 },
886 {
887 .procname = "dmesg_restrict",
888 .data = &dmesg_restrict,
889 .maxlen = sizeof(int),
890 .mode = 0644,
891 .proc_handler = proc_dointvec_minmax_sysadmin,
892 .extra1 = SYSCTL_ZERO,
893 .extra2 = SYSCTL_ONE,
894 },
895 {
896 .procname = "kptr_restrict",
897 .data = &kptr_restrict,
898 .maxlen = sizeof(int),
899 .mode = 0644,
900 .proc_handler = proc_dointvec_minmax_sysadmin,
901 .extra1 = SYSCTL_ZERO,
902 .extra2 = &two,
903 },
904#endif
905 {
906 .procname = "ngroups_max",
907 .data = &ngroups_max,
908 .maxlen = sizeof (int),
909 .mode = 0444,
910 .proc_handler = proc_dointvec,
911 },
912 {
913 .procname = "cap_last_cap",
914 .data = (void *)&cap_last_cap,
915 .maxlen = sizeof(int),
916 .mode = 0444,
917 .proc_handler = proc_dointvec,
918 },
919#if defined(CONFIG_LOCKUP_DETECTOR)
920 {
921 .procname = "watchdog",
922 .data = &watchdog_user_enabled,
923 .maxlen = sizeof(int),
924 .mode = 0644,
925 .proc_handler = proc_watchdog,
926 .extra1 = SYSCTL_ZERO,
927 .extra2 = SYSCTL_ONE,
928 },
929 {
930 .procname = "watchdog_thresh",
931 .data = &watchdog_thresh,
932 .maxlen = sizeof(int),
933 .mode = 0644,
934 .proc_handler = proc_watchdog_thresh,
935 .extra1 = SYSCTL_ZERO,
936 .extra2 = &sixty,
937 },
938 {
939 .procname = "nmi_watchdog",
940 .data = &nmi_watchdog_user_enabled,
941 .maxlen = sizeof(int),
942 .mode = NMI_WATCHDOG_SYSCTL_PERM,
943 .proc_handler = proc_nmi_watchdog,
944 .extra1 = SYSCTL_ZERO,
945 .extra2 = SYSCTL_ONE,
946 },
947 {
948 .procname = "watchdog_cpumask",
949 .data = &watchdog_cpumask_bits,
950 .maxlen = NR_CPUS,
951 .mode = 0644,
952 .proc_handler = proc_watchdog_cpumask,
953 },
954#ifdef CONFIG_SOFTLOCKUP_DETECTOR
955 {
956 .procname = "soft_watchdog",
957 .data = &soft_watchdog_user_enabled,
958 .maxlen = sizeof(int),
959 .mode = 0644,
960 .proc_handler = proc_soft_watchdog,
961 .extra1 = SYSCTL_ZERO,
962 .extra2 = SYSCTL_ONE,
963 },
964 {
965 .procname = "softlockup_panic",
966 .data = &softlockup_panic,
967 .maxlen = sizeof(int),
968 .mode = 0644,
969 .proc_handler = proc_dointvec_minmax,
970 .extra1 = SYSCTL_ZERO,
971 .extra2 = SYSCTL_ONE,
972 },
973#ifdef CONFIG_SMP
974 {
975 .procname = "softlockup_all_cpu_backtrace",
976 .data = &sysctl_softlockup_all_cpu_backtrace,
977 .maxlen = sizeof(int),
978 .mode = 0644,
979 .proc_handler = proc_dointvec_minmax,
980 .extra1 = SYSCTL_ZERO,
981 .extra2 = SYSCTL_ONE,
982 },
983#endif /* CONFIG_SMP */
984#endif
985#ifdef CONFIG_HARDLOCKUP_DETECTOR
986 {
987 .procname = "hardlockup_panic",
988 .data = &hardlockup_panic,
989 .maxlen = sizeof(int),
990 .mode = 0644,
991 .proc_handler = proc_dointvec_minmax,
992 .extra1 = SYSCTL_ZERO,
993 .extra2 = SYSCTL_ONE,
994 },
995#ifdef CONFIG_SMP
996 {
997 .procname = "hardlockup_all_cpu_backtrace",
998 .data = &sysctl_hardlockup_all_cpu_backtrace,
999 .maxlen = sizeof(int),
1000 .mode = 0644,
1001 .proc_handler = proc_dointvec_minmax,
1002 .extra1 = SYSCTL_ZERO,
1003 .extra2 = SYSCTL_ONE,
1004 },
1005#endif /* CONFIG_SMP */
1006#endif
1007#endif
1008
1009#if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
1010 {
1011 .procname = "unknown_nmi_panic",
1012 .data = &unknown_nmi_panic,
1013 .maxlen = sizeof (int),
1014 .mode = 0644,
1015 .proc_handler = proc_dointvec,
1016 },
1017#endif
1018#if defined(CONFIG_X86)
1019 {
1020 .procname = "panic_on_unrecovered_nmi",
1021 .data = &panic_on_unrecovered_nmi,
1022 .maxlen = sizeof(int),
1023 .mode = 0644,
1024 .proc_handler = proc_dointvec,
1025 },
1026 {
1027 .procname = "panic_on_io_nmi",
1028 .data = &panic_on_io_nmi,
1029 .maxlen = sizeof(int),
1030 .mode = 0644,
1031 .proc_handler = proc_dointvec,
1032 },
1033#ifdef CONFIG_DEBUG_STACKOVERFLOW
1034 {
1035 .procname = "panic_on_stackoverflow",
1036 .data = &sysctl_panic_on_stackoverflow,
1037 .maxlen = sizeof(int),
1038 .mode = 0644,
1039 .proc_handler = proc_dointvec,
1040 },
1041#endif
1042 {
1043 .procname = "bootloader_type",
1044 .data = &bootloader_type,
1045 .maxlen = sizeof (int),
1046 .mode = 0444,
1047 .proc_handler = proc_dointvec,
1048 },
1049 {
1050 .procname = "bootloader_version",
1051 .data = &bootloader_version,
1052 .maxlen = sizeof (int),
1053 .mode = 0444,
1054 .proc_handler = proc_dointvec,
1055 },
1056 {
1057 .procname = "io_delay_type",
1058 .data = &io_delay_type,
1059 .maxlen = sizeof(int),
1060 .mode = 0644,
1061 .proc_handler = proc_dointvec,
1062 },
1063#endif
1064#if defined(CONFIG_MMU)
1065 {
1066 .procname = "randomize_va_space",
1067 .data = &randomize_va_space,
1068 .maxlen = sizeof(int),
1069 .mode = 0644,
1070 .proc_handler = proc_dointvec,
1071 },
1072#endif
1073#if defined(CONFIG_S390) && defined(CONFIG_SMP)
1074 {
1075 .procname = "spin_retry",
1076 .data = &spin_retry,
1077 .maxlen = sizeof (int),
1078 .mode = 0644,
1079 .proc_handler = proc_dointvec,
1080 },
1081#endif
1082#if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86)
1083 {
1084 .procname = "acpi_video_flags",
1085 .data = &acpi_realmode_flags,
1086 .maxlen = sizeof (unsigned long),
1087 .mode = 0644,
1088 .proc_handler = proc_doulongvec_minmax,
1089 },
1090#endif
1091#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
1092 {
1093 .procname = "ignore-unaligned-usertrap",
1094 .data = &no_unaligned_warning,
1095 .maxlen = sizeof (int),
1096 .mode = 0644,
1097 .proc_handler = proc_dointvec,
1098 },
1099#endif
1100#ifdef CONFIG_IA64
1101 {
1102 .procname = "unaligned-dump-stack",
1103 .data = &unaligned_dump_stack,
1104 .maxlen = sizeof (int),
1105 .mode = 0644,
1106 .proc_handler = proc_dointvec,
1107 },
1108#endif
1109#ifdef CONFIG_DETECT_HUNG_TASK
1110 {
1111 .procname = "hung_task_panic",
1112 .data = &sysctl_hung_task_panic,
1113 .maxlen = sizeof(int),
1114 .mode = 0644,
1115 .proc_handler = proc_dointvec_minmax,
1116 .extra1 = SYSCTL_ZERO,
1117 .extra2 = SYSCTL_ONE,
1118 },
1119 {
1120 .procname = "hung_task_check_count",
1121 .data = &sysctl_hung_task_check_count,
1122 .maxlen = sizeof(int),
1123 .mode = 0644,
1124 .proc_handler = proc_dointvec_minmax,
1125 .extra1 = SYSCTL_ZERO,
1126 },
1127 {
1128 .procname = "hung_task_timeout_secs",
1129 .data = &sysctl_hung_task_timeout_secs,
1130 .maxlen = sizeof(unsigned long),
1131 .mode = 0644,
1132 .proc_handler = proc_dohung_task_timeout_secs,
1133 .extra2 = &hung_task_timeout_max,
1134 },
1135 {
1136 .procname = "hung_task_check_interval_secs",
1137 .data = &sysctl_hung_task_check_interval_secs,
1138 .maxlen = sizeof(unsigned long),
1139 .mode = 0644,
1140 .proc_handler = proc_dohung_task_timeout_secs,
1141 .extra2 = &hung_task_timeout_max,
1142 },
1143 {
1144 .procname = "hung_task_warnings",
1145 .data = &sysctl_hung_task_warnings,
1146 .maxlen = sizeof(int),
1147 .mode = 0644,
1148 .proc_handler = proc_dointvec_minmax,
1149 .extra1 = &neg_one,
1150 },
1151#endif
1152#ifdef CONFIG_RT_MUTEXES
1153 {
1154 .procname = "max_lock_depth",
1155 .data = &max_lock_depth,
1156 .maxlen = sizeof(int),
1157 .mode = 0644,
1158 .proc_handler = proc_dointvec,
1159 },
1160#endif
1161 {
1162 .procname = "poweroff_cmd",
1163 .data = &poweroff_cmd,
1164 .maxlen = POWEROFF_CMD_PATH_LEN,
1165 .mode = 0644,
1166 .proc_handler = proc_dostring,
1167 },
1168#ifdef CONFIG_KEYS
1169 {
1170 .procname = "keys",
1171 .mode = 0555,
1172 .child = key_sysctls,
1173 },
1174#endif
1175#ifdef CONFIG_PERF_EVENTS
1176 /*
1177 * User-space scripts rely on the existence of this file
1178 * as a feature check for perf_events being enabled.
1179 *
1180 * So it's an ABI, do not remove!
1181 */
1182 {
1183 .procname = "perf_event_paranoid",
1184 .data = &sysctl_perf_event_paranoid,
1185 .maxlen = sizeof(sysctl_perf_event_paranoid),
1186 .mode = 0644,
1187 .proc_handler = proc_dointvec,
1188 },
1189 {
1190 .procname = "perf_event_mlock_kb",
1191 .data = &sysctl_perf_event_mlock,
1192 .maxlen = sizeof(sysctl_perf_event_mlock),
1193 .mode = 0644,
1194 .proc_handler = proc_dointvec,
1195 },
1196 {
1197 .procname = "perf_event_max_sample_rate",
1198 .data = &sysctl_perf_event_sample_rate,
1199 .maxlen = sizeof(sysctl_perf_event_sample_rate),
1200 .mode = 0644,
1201 .proc_handler = perf_proc_update_handler,
1202 .extra1 = SYSCTL_ONE,
1203 },
1204 {
1205 .procname = "perf_cpu_time_max_percent",
1206 .data = &sysctl_perf_cpu_time_max_percent,
1207 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent),
1208 .mode = 0644,
1209 .proc_handler = perf_cpu_time_max_percent_handler,
1210 .extra1 = SYSCTL_ZERO,
1211 .extra2 = &one_hundred,
1212 },
1213 {
1214 .procname = "perf_event_max_stack",
1215 .data = &sysctl_perf_event_max_stack,
1216 .maxlen = sizeof(sysctl_perf_event_max_stack),
1217 .mode = 0644,
1218 .proc_handler = perf_event_max_stack_handler,
1219 .extra1 = SYSCTL_ZERO,
1220 .extra2 = &six_hundred_forty_kb,
1221 },
1222 {
1223 .procname = "perf_event_max_contexts_per_stack",
1224 .data = &sysctl_perf_event_max_contexts_per_stack,
1225 .maxlen = sizeof(sysctl_perf_event_max_contexts_per_stack),
1226 .mode = 0644,
1227 .proc_handler = perf_event_max_stack_handler,
1228 .extra1 = SYSCTL_ZERO,
1229 .extra2 = &one_thousand,
1230 },
1231#endif
1232 {
1233 .procname = "panic_on_warn",
1234 .data = &panic_on_warn,
1235 .maxlen = sizeof(int),
1236 .mode = 0644,
1237 .proc_handler = proc_dointvec_minmax,
1238 .extra1 = SYSCTL_ZERO,
1239 .extra2 = SYSCTL_ONE,
1240 },
1241#if defined(CONFIG_SMP) && defined(CONFIG_NO_HZ_COMMON)
1242 {
1243 .procname = "timer_migration",
1244 .data = &sysctl_timer_migration,
1245 .maxlen = sizeof(unsigned int),
1246 .mode = 0644,
1247 .proc_handler = timer_migration_handler,
1248 .extra1 = SYSCTL_ZERO,
1249 .extra2 = SYSCTL_ONE,
1250 },
1251#endif
1252#ifdef CONFIG_BPF_SYSCALL
1253 {
1254 .procname = "unprivileged_bpf_disabled",
1255 .data = &sysctl_unprivileged_bpf_disabled,
1256 .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
1257 .mode = 0644,
1258 /* only handle a transition from default "0" to "1" */
1259 .proc_handler = proc_dointvec_minmax,
1260 .extra1 = SYSCTL_ONE,
1261 .extra2 = SYSCTL_ONE,
1262 },
1263 {
1264 .procname = "bpf_stats_enabled",
1265 .data = &bpf_stats_enabled_key.key,
1266 .maxlen = sizeof(bpf_stats_enabled_key),
1267 .mode = 0644,
1268 .proc_handler = proc_do_static_key,
1269 },
1270#endif
1271#if defined(CONFIG_TREE_RCU) || defined(CONFIG_PREEMPT_RCU)
1272 {
1273 .procname = "panic_on_rcu_stall",
1274 .data = &sysctl_panic_on_rcu_stall,
1275 .maxlen = sizeof(sysctl_panic_on_rcu_stall),
1276 .mode = 0644,
1277 .proc_handler = proc_dointvec_minmax,
1278 .extra1 = SYSCTL_ZERO,
1279 .extra2 = SYSCTL_ONE,
1280 },
1281#endif
1282#ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE
1283 {
1284 .procname = "stack_erasing",
1285 .data = NULL,
1286 .maxlen = sizeof(int),
1287 .mode = 0600,
1288 .proc_handler = stack_erasing_sysctl,
1289 .extra1 = SYSCTL_ZERO,
1290 .extra2 = SYSCTL_ONE,
1291 },
1292#endif
1293 { }
1294};
1295
1296static struct ctl_table vm_table[] = {
1297 {
1298 .procname = "overcommit_memory",
1299 .data = &sysctl_overcommit_memory,
1300 .maxlen = sizeof(sysctl_overcommit_memory),
1301 .mode = 0644,
1302 .proc_handler = proc_dointvec_minmax,
1303 .extra1 = SYSCTL_ZERO,
1304 .extra2 = &two,
1305 },
1306 {
1307 .procname = "panic_on_oom",
1308 .data = &sysctl_panic_on_oom,
1309 .maxlen = sizeof(sysctl_panic_on_oom),
1310 .mode = 0644,
1311 .proc_handler = proc_dointvec_minmax,
1312 .extra1 = SYSCTL_ZERO,
1313 .extra2 = &two,
1314 },
1315 {
1316 .procname = "oom_kill_allocating_task",
1317 .data = &sysctl_oom_kill_allocating_task,
1318 .maxlen = sizeof(sysctl_oom_kill_allocating_task),
1319 .mode = 0644,
1320 .proc_handler = proc_dointvec,
1321 },
1322 {
1323 .procname = "oom_dump_tasks",
1324 .data = &sysctl_oom_dump_tasks,
1325 .maxlen = sizeof(sysctl_oom_dump_tasks),
1326 .mode = 0644,
1327 .proc_handler = proc_dointvec,
1328 },
1329 {
1330 .procname = "overcommit_ratio",
1331 .data = &sysctl_overcommit_ratio,
1332 .maxlen = sizeof(sysctl_overcommit_ratio),
1333 .mode = 0644,
1334 .proc_handler = overcommit_ratio_handler,
1335 },
1336 {
1337 .procname = "overcommit_kbytes",
1338 .data = &sysctl_overcommit_kbytes,
1339 .maxlen = sizeof(sysctl_overcommit_kbytes),
1340 .mode = 0644,
1341 .proc_handler = overcommit_kbytes_handler,
1342 },
1343 {
1344 .procname = "page-cluster",
1345 .data = &page_cluster,
1346 .maxlen = sizeof(int),
1347 .mode = 0644,
1348 .proc_handler = proc_dointvec_minmax,
1349 .extra1 = SYSCTL_ZERO,
1350 },
1351 {
1352 .procname = "dirty_background_ratio",
1353 .data = &dirty_background_ratio,
1354 .maxlen = sizeof(dirty_background_ratio),
1355 .mode = 0644,
1356 .proc_handler = dirty_background_ratio_handler,
1357 .extra1 = SYSCTL_ZERO,
1358 .extra2 = &one_hundred,
1359 },
1360 {
1361 .procname = "dirty_background_bytes",
1362 .data = &dirty_background_bytes,
1363 .maxlen = sizeof(dirty_background_bytes),
1364 .mode = 0644,
1365 .proc_handler = dirty_background_bytes_handler,
1366 .extra1 = &one_ul,
1367 },
1368 {
1369 .procname = "dirty_ratio",
1370 .data = &vm_dirty_ratio,
1371 .maxlen = sizeof(vm_dirty_ratio),
1372 .mode = 0644,
1373 .proc_handler = dirty_ratio_handler,
1374 .extra1 = SYSCTL_ZERO,
1375 .extra2 = &one_hundred,
1376 },
1377 {
1378 .procname = "dirty_bytes",
1379 .data = &vm_dirty_bytes,
1380 .maxlen = sizeof(vm_dirty_bytes),
1381 .mode = 0644,
1382 .proc_handler = dirty_bytes_handler,
1383 .extra1 = &dirty_bytes_min,
1384 },
1385 {
1386 .procname = "dirty_writeback_centisecs",
1387 .data = &dirty_writeback_interval,
1388 .maxlen = sizeof(dirty_writeback_interval),
1389 .mode = 0644,
1390 .proc_handler = dirty_writeback_centisecs_handler,
1391 },
1392 {
1393 .procname = "dirty_expire_centisecs",
1394 .data = &dirty_expire_interval,
1395 .maxlen = sizeof(dirty_expire_interval),
1396 .mode = 0644,
1397 .proc_handler = proc_dointvec_minmax,
1398 .extra1 = SYSCTL_ZERO,
1399 },
1400 {
1401 .procname = "dirtytime_expire_seconds",
1402 .data = &dirtytime_expire_interval,
1403 .maxlen = sizeof(dirtytime_expire_interval),
1404 .mode = 0644,
1405 .proc_handler = dirtytime_interval_handler,
1406 .extra1 = SYSCTL_ZERO,
1407 },
1408 {
1409 .procname = "swappiness",
1410 .data = &vm_swappiness,
1411 .maxlen = sizeof(vm_swappiness),
1412 .mode = 0644,
1413 .proc_handler = proc_dointvec_minmax,
1414 .extra1 = SYSCTL_ZERO,
1415 .extra2 = &one_hundred,
1416 },
1417#ifdef CONFIG_HUGETLB_PAGE
1418 {
1419 .procname = "nr_hugepages",
1420 .data = NULL,
1421 .maxlen = sizeof(unsigned long),
1422 .mode = 0644,
1423 .proc_handler = hugetlb_sysctl_handler,
1424 },
1425#ifdef CONFIG_NUMA
1426 {
1427 .procname = "nr_hugepages_mempolicy",
1428 .data = NULL,
1429 .maxlen = sizeof(unsigned long),
1430 .mode = 0644,
1431 .proc_handler = &hugetlb_mempolicy_sysctl_handler,
1432 },
1433 {
1434 .procname = "numa_stat",
1435 .data = &sysctl_vm_numa_stat,
1436 .maxlen = sizeof(int),
1437 .mode = 0644,
1438 .proc_handler = sysctl_vm_numa_stat_handler,
1439 .extra1 = SYSCTL_ZERO,
1440 .extra2 = SYSCTL_ONE,
1441 },
1442#endif
1443 {
1444 .procname = "hugetlb_shm_group",
1445 .data = &sysctl_hugetlb_shm_group,
1446 .maxlen = sizeof(gid_t),
1447 .mode = 0644,
1448 .proc_handler = proc_dointvec,
1449 },
1450 {
1451 .procname = "nr_overcommit_hugepages",
1452 .data = NULL,
1453 .maxlen = sizeof(unsigned long),
1454 .mode = 0644,
1455 .proc_handler = hugetlb_overcommit_handler,
1456 },
1457#endif
1458 {
1459 .procname = "lowmem_reserve_ratio",
1460 .data = &sysctl_lowmem_reserve_ratio,
1461 .maxlen = sizeof(sysctl_lowmem_reserve_ratio),
1462 .mode = 0644,
1463 .proc_handler = lowmem_reserve_ratio_sysctl_handler,
1464 },
1465 {
1466 .procname = "drop_caches",
1467 .data = &sysctl_drop_caches,
1468 .maxlen = sizeof(int),
1469 .mode = 0644,
1470 .proc_handler = drop_caches_sysctl_handler,
1471 .extra1 = SYSCTL_ONE,
1472 .extra2 = &four,
1473 },
1474#ifdef CONFIG_COMPACTION
1475 {
1476 .procname = "compact_memory",
1477 .data = &sysctl_compact_memory,
1478 .maxlen = sizeof(int),
1479 .mode = 0200,
1480 .proc_handler = sysctl_compaction_handler,
1481 },
1482 {
1483 .procname = "extfrag_threshold",
1484 .data = &sysctl_extfrag_threshold,
1485 .maxlen = sizeof(int),
1486 .mode = 0644,
1487 .proc_handler = proc_dointvec_minmax,
1488 .extra1 = &min_extfrag_threshold,
1489 .extra2 = &max_extfrag_threshold,
1490 },
1491 {
1492 .procname = "compact_unevictable_allowed",
1493 .data = &sysctl_compact_unevictable_allowed,
1494 .maxlen = sizeof(int),
1495 .mode = 0644,
1496 .proc_handler = proc_dointvec,
1497 .extra1 = SYSCTL_ZERO,
1498 .extra2 = SYSCTL_ONE,
1499 },
1500
1501#endif /* CONFIG_COMPACTION */
1502 {
1503 .procname = "min_free_kbytes",
1504 .data = &min_free_kbytes,
1505 .maxlen = sizeof(min_free_kbytes),
1506 .mode = 0644,
1507 .proc_handler = min_free_kbytes_sysctl_handler,
1508 .extra1 = SYSCTL_ZERO,
1509 },
1510 {
1511 .procname = "watermark_boost_factor",
1512 .data = &watermark_boost_factor,
1513 .maxlen = sizeof(watermark_boost_factor),
1514 .mode = 0644,
1515 .proc_handler = watermark_boost_factor_sysctl_handler,
1516 .extra1 = SYSCTL_ZERO,
1517 },
1518 {
1519 .procname = "watermark_scale_factor",
1520 .data = &watermark_scale_factor,
1521 .maxlen = sizeof(watermark_scale_factor),
1522 .mode = 0644,
1523 .proc_handler = watermark_scale_factor_sysctl_handler,
1524 .extra1 = SYSCTL_ONE,
1525 .extra2 = &one_thousand,
1526 },
1527 {
1528 .procname = "percpu_pagelist_fraction",
1529 .data = &percpu_pagelist_fraction,
1530 .maxlen = sizeof(percpu_pagelist_fraction),
1531 .mode = 0644,
1532 .proc_handler = percpu_pagelist_fraction_sysctl_handler,
1533 .extra1 = SYSCTL_ZERO,
1534 },
1535#ifdef CONFIG_MMU
1536 {
1537 .procname = "max_map_count",
1538 .data = &sysctl_max_map_count,
1539 .maxlen = sizeof(sysctl_max_map_count),
1540 .mode = 0644,
1541 .proc_handler = proc_dointvec_minmax,
1542 .extra1 = SYSCTL_ZERO,
1543 },
1544#else
1545 {
1546 .procname = "nr_trim_pages",
1547 .data = &sysctl_nr_trim_pages,
1548 .maxlen = sizeof(sysctl_nr_trim_pages),
1549 .mode = 0644,
1550 .proc_handler = proc_dointvec_minmax,
1551 .extra1 = SYSCTL_ZERO,
1552 },
1553#endif
1554 {
1555 .procname = "laptop_mode",
1556 .data = &laptop_mode,
1557 .maxlen = sizeof(laptop_mode),
1558 .mode = 0644,
1559 .proc_handler = proc_dointvec_jiffies,
1560 },
1561 {
1562 .procname = "block_dump",
1563 .data = &block_dump,
1564 .maxlen = sizeof(block_dump),
1565 .mode = 0644,
1566 .proc_handler = proc_dointvec,
1567 .extra1 = SYSCTL_ZERO,
1568 },
1569 {
1570 .procname = "vfs_cache_pressure",
1571 .data = &sysctl_vfs_cache_pressure,
1572 .maxlen = sizeof(sysctl_vfs_cache_pressure),
1573 .mode = 0644,
1574 .proc_handler = proc_dointvec,
1575 .extra1 = SYSCTL_ZERO,
1576 },
1577#if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
1578 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
1579 {
1580 .procname = "legacy_va_layout",
1581 .data = &sysctl_legacy_va_layout,
1582 .maxlen = sizeof(sysctl_legacy_va_layout),
1583 .mode = 0644,
1584 .proc_handler = proc_dointvec,
1585 .extra1 = SYSCTL_ZERO,
1586 },
1587#endif
1588#ifdef CONFIG_NUMA
1589 {
1590 .procname = "zone_reclaim_mode",
1591 .data = &node_reclaim_mode,
1592 .maxlen = sizeof(node_reclaim_mode),
1593 .mode = 0644,
1594 .proc_handler = proc_dointvec,
1595 .extra1 = SYSCTL_ZERO,
1596 },
1597 {
1598 .procname = "min_unmapped_ratio",
1599 .data = &sysctl_min_unmapped_ratio,
1600 .maxlen = sizeof(sysctl_min_unmapped_ratio),
1601 .mode = 0644,
1602 .proc_handler = sysctl_min_unmapped_ratio_sysctl_handler,
1603 .extra1 = SYSCTL_ZERO,
1604 .extra2 = &one_hundred,
1605 },
1606 {
1607 .procname = "min_slab_ratio",
1608 .data = &sysctl_min_slab_ratio,
1609 .maxlen = sizeof(sysctl_min_slab_ratio),
1610 .mode = 0644,
1611 .proc_handler = sysctl_min_slab_ratio_sysctl_handler,
1612 .extra1 = SYSCTL_ZERO,
1613 .extra2 = &one_hundred,
1614 },
1615#endif
1616#ifdef CONFIG_SMP
1617 {
1618 .procname = "stat_interval",
1619 .data = &sysctl_stat_interval,
1620 .maxlen = sizeof(sysctl_stat_interval),
1621 .mode = 0644,
1622 .proc_handler = proc_dointvec_jiffies,
1623 },
1624 {
1625 .procname = "stat_refresh",
1626 .data = NULL,
1627 .maxlen = 0,
1628 .mode = 0600,
1629 .proc_handler = vmstat_refresh,
1630 },
1631#endif
1632#ifdef CONFIG_MMU
1633 {
1634 .procname = "mmap_min_addr",
1635 .data = &dac_mmap_min_addr,
1636 .maxlen = sizeof(unsigned long),
1637 .mode = 0644,
1638 .proc_handler = mmap_min_addr_handler,
1639 },
1640#endif
1641#ifdef CONFIG_NUMA
1642 {
1643 .procname = "numa_zonelist_order",
1644 .data = &numa_zonelist_order,
1645 .maxlen = NUMA_ZONELIST_ORDER_LEN,
1646 .mode = 0644,
1647 .proc_handler = numa_zonelist_order_handler,
1648 },
1649#endif
1650#if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \
1651 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL))
1652 {
1653 .procname = "vdso_enabled",
1654#ifdef CONFIG_X86_32
1655 .data = &vdso32_enabled,
1656 .maxlen = sizeof(vdso32_enabled),
1657#else
1658 .data = &vdso_enabled,
1659 .maxlen = sizeof(vdso_enabled),
1660#endif
1661 .mode = 0644,
1662 .proc_handler = proc_dointvec,
1663 .extra1 = SYSCTL_ZERO,
1664 },
1665#endif
1666#ifdef CONFIG_HIGHMEM
1667 {
1668 .procname = "highmem_is_dirtyable",
1669 .data = &vm_highmem_is_dirtyable,
1670 .maxlen = sizeof(vm_highmem_is_dirtyable),
1671 .mode = 0644,
1672 .proc_handler = proc_dointvec_minmax,
1673 .extra1 = SYSCTL_ZERO,
1674 .extra2 = SYSCTL_ONE,
1675 },
1676#endif
1677#ifdef CONFIG_MEMORY_FAILURE
1678 {
1679 .procname = "memory_failure_early_kill",
1680 .data = &sysctl_memory_failure_early_kill,
1681 .maxlen = sizeof(sysctl_memory_failure_early_kill),
1682 .mode = 0644,
1683 .proc_handler = proc_dointvec_minmax,
1684 .extra1 = SYSCTL_ZERO,
1685 .extra2 = SYSCTL_ONE,
1686 },
1687 {
1688 .procname = "memory_failure_recovery",
1689 .data = &sysctl_memory_failure_recovery,
1690 .maxlen = sizeof(sysctl_memory_failure_recovery),
1691 .mode = 0644,
1692 .proc_handler = proc_dointvec_minmax,
1693 .extra1 = SYSCTL_ZERO,
1694 .extra2 = SYSCTL_ONE,
1695 },
1696#endif
1697 {
1698 .procname = "user_reserve_kbytes",
1699 .data = &sysctl_user_reserve_kbytes,
1700 .maxlen = sizeof(sysctl_user_reserve_kbytes),
1701 .mode = 0644,
1702 .proc_handler = proc_doulongvec_minmax,
1703 },
1704 {
1705 .procname = "admin_reserve_kbytes",
1706 .data = &sysctl_admin_reserve_kbytes,
1707 .maxlen = sizeof(sysctl_admin_reserve_kbytes),
1708 .mode = 0644,
1709 .proc_handler = proc_doulongvec_minmax,
1710 },
1711#ifdef CONFIG_HAVE_ARCH_MMAP_RND_BITS
1712 {
1713 .procname = "mmap_rnd_bits",
1714 .data = &mmap_rnd_bits,
1715 .maxlen = sizeof(mmap_rnd_bits),
1716 .mode = 0600,
1717 .proc_handler = proc_dointvec_minmax,
1718 .extra1 = (void *)&mmap_rnd_bits_min,
1719 .extra2 = (void *)&mmap_rnd_bits_max,
1720 },
1721#endif
1722#ifdef CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS
1723 {
1724 .procname = "mmap_rnd_compat_bits",
1725 .data = &mmap_rnd_compat_bits,
1726 .maxlen = sizeof(mmap_rnd_compat_bits),
1727 .mode = 0600,
1728 .proc_handler = proc_dointvec_minmax,
1729 .extra1 = (void *)&mmap_rnd_compat_bits_min,
1730 .extra2 = (void *)&mmap_rnd_compat_bits_max,
1731 },
1732#endif
1733#ifdef CONFIG_USERFAULTFD
1734 {
1735 .procname = "unprivileged_userfaultfd",
1736 .data = &sysctl_unprivileged_userfaultfd,
1737 .maxlen = sizeof(sysctl_unprivileged_userfaultfd),
1738 .mode = 0644,
1739 .proc_handler = proc_dointvec_minmax,
1740 .extra1 = SYSCTL_ZERO,
1741 .extra2 = SYSCTL_ONE,
1742 },
1743#endif
1744 { }
1745};
1746
1747static struct ctl_table fs_table[] = {
1748 {
1749 .procname = "inode-nr",
1750 .data = &inodes_stat,
1751 .maxlen = 2*sizeof(long),
1752 .mode = 0444,
1753 .proc_handler = proc_nr_inodes,
1754 },
1755 {
1756 .procname = "inode-state",
1757 .data = &inodes_stat,
1758 .maxlen = 7*sizeof(long),
1759 .mode = 0444,
1760 .proc_handler = proc_nr_inodes,
1761 },
1762 {
1763 .procname = "file-nr",
1764 .data = &files_stat,
1765 .maxlen = sizeof(files_stat),
1766 .mode = 0444,
1767 .proc_handler = proc_nr_files,
1768 },
1769 {
1770 .procname = "file-max",
1771 .data = &files_stat.max_files,
1772 .maxlen = sizeof(files_stat.max_files),
1773 .mode = 0644,
1774 .proc_handler = proc_doulongvec_minmax,
1775 .extra1 = &zero_ul,
1776 .extra2 = &long_max,
1777 },
1778 {
1779 .procname = "nr_open",
1780 .data = &sysctl_nr_open,
1781 .maxlen = sizeof(unsigned int),
1782 .mode = 0644,
1783 .proc_handler = proc_dointvec_minmax,
1784 .extra1 = &sysctl_nr_open_min,
1785 .extra2 = &sysctl_nr_open_max,
1786 },
1787 {
1788 .procname = "dentry-state",
1789 .data = &dentry_stat,
1790 .maxlen = 6*sizeof(long),
1791 .mode = 0444,
1792 .proc_handler = proc_nr_dentry,
1793 },
1794 {
1795 .procname = "overflowuid",
1796 .data = &fs_overflowuid,
1797 .maxlen = sizeof(int),
1798 .mode = 0644,
1799 .proc_handler = proc_dointvec_minmax,
1800 .extra1 = &minolduid,
1801 .extra2 = &maxolduid,
1802 },
1803 {
1804 .procname = "overflowgid",
1805 .data = &fs_overflowgid,
1806 .maxlen = sizeof(int),
1807 .mode = 0644,
1808 .proc_handler = proc_dointvec_minmax,
1809 .extra1 = &minolduid,
1810 .extra2 = &maxolduid,
1811 },
1812#ifdef CONFIG_FILE_LOCKING
1813 {
1814 .procname = "leases-enable",
1815 .data = &leases_enable,
1816 .maxlen = sizeof(int),
1817 .mode = 0644,
1818 .proc_handler = proc_dointvec,
1819 },
1820#endif
1821#ifdef CONFIG_DNOTIFY
1822 {
1823 .procname = "dir-notify-enable",
1824 .data = &dir_notify_enable,
1825 .maxlen = sizeof(int),
1826 .mode = 0644,
1827 .proc_handler = proc_dointvec,
1828 },
1829#endif
1830#ifdef CONFIG_MMU
1831#ifdef CONFIG_FILE_LOCKING
1832 {
1833 .procname = "lease-break-time",
1834 .data = &lease_break_time,
1835 .maxlen = sizeof(int),
1836 .mode = 0644,
1837 .proc_handler = proc_dointvec,
1838 },
1839#endif
1840#ifdef CONFIG_AIO
1841 {
1842 .procname = "aio-nr",
1843 .data = &aio_nr,
1844 .maxlen = sizeof(aio_nr),
1845 .mode = 0444,
1846 .proc_handler = proc_doulongvec_minmax,
1847 },
1848 {
1849 .procname = "aio-max-nr",
1850 .data = &aio_max_nr,
1851 .maxlen = sizeof(aio_max_nr),
1852 .mode = 0644,
1853 .proc_handler = proc_doulongvec_minmax,
1854 },
1855#endif /* CONFIG_AIO */
1856#ifdef CONFIG_INOTIFY_USER
1857 {
1858 .procname = "inotify",
1859 .mode = 0555,
1860 .child = inotify_table,
1861 },
1862#endif
1863#ifdef CONFIG_EPOLL
1864 {
1865 .procname = "epoll",
1866 .mode = 0555,
1867 .child = epoll_table,
1868 },
1869#endif
1870#endif
1871 {
1872 .procname = "protected_symlinks",
1873 .data = &sysctl_protected_symlinks,
1874 .maxlen = sizeof(int),
1875 .mode = 0600,
1876 .proc_handler = proc_dointvec_minmax,
1877 .extra1 = SYSCTL_ZERO,
1878 .extra2 = SYSCTL_ONE,
1879 },
1880 {
1881 .procname = "protected_hardlinks",
1882 .data = &sysctl_protected_hardlinks,
1883 .maxlen = sizeof(int),
1884 .mode = 0600,
1885 .proc_handler = proc_dointvec_minmax,
1886 .extra1 = SYSCTL_ZERO,
1887 .extra2 = SYSCTL_ONE,
1888 },
1889 {
1890 .procname = "protected_fifos",
1891 .data = &sysctl_protected_fifos,
1892 .maxlen = sizeof(int),
1893 .mode = 0600,
1894 .proc_handler = proc_dointvec_minmax,
1895 .extra1 = SYSCTL_ZERO,
1896 .extra2 = &two,
1897 },
1898 {
1899 .procname = "protected_regular",
1900 .data = &sysctl_protected_regular,
1901 .maxlen = sizeof(int),
1902 .mode = 0600,
1903 .proc_handler = proc_dointvec_minmax,
1904 .extra1 = SYSCTL_ZERO,
1905 .extra2 = &two,
1906 },
1907 {
1908 .procname = "suid_dumpable",
1909 .data = &suid_dumpable,
1910 .maxlen = sizeof(int),
1911 .mode = 0644,
1912 .proc_handler = proc_dointvec_minmax_coredump,
1913 .extra1 = SYSCTL_ZERO,
1914 .extra2 = &two,
1915 },
1916#if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE)
1917 {
1918 .procname = "binfmt_misc",
1919 .mode = 0555,
1920 .child = sysctl_mount_point,
1921 },
1922#endif
1923 {
1924 .procname = "pipe-max-size",
1925 .data = &pipe_max_size,
1926 .maxlen = sizeof(pipe_max_size),
1927 .mode = 0644,
1928 .proc_handler = proc_dopipe_max_size,
1929 },
1930 {
1931 .procname = "pipe-user-pages-hard",
1932 .data = &pipe_user_pages_hard,
1933 .maxlen = sizeof(pipe_user_pages_hard),
1934 .mode = 0644,
1935 .proc_handler = proc_doulongvec_minmax,
1936 },
1937 {
1938 .procname = "pipe-user-pages-soft",
1939 .data = &pipe_user_pages_soft,
1940 .maxlen = sizeof(pipe_user_pages_soft),
1941 .mode = 0644,
1942 .proc_handler = proc_doulongvec_minmax,
1943 },
1944 {
1945 .procname = "mount-max",
1946 .data = &sysctl_mount_max,
1947 .maxlen = sizeof(unsigned int),
1948 .mode = 0644,
1949 .proc_handler = proc_dointvec_minmax,
1950 .extra1 = SYSCTL_ONE,
1951 },
1952 { }
1953};
1954
1955static struct ctl_table debug_table[] = {
1956#ifdef CONFIG_SYSCTL_EXCEPTION_TRACE
1957 {
1958 .procname = "exception-trace",
1959 .data = &show_unhandled_signals,
1960 .maxlen = sizeof(int),
1961 .mode = 0644,
1962 .proc_handler = proc_dointvec
1963 },
1964#endif
1965#if defined(CONFIG_OPTPROBES)
1966 {
1967 .procname = "kprobes-optimization",
1968 .data = &sysctl_kprobes_optimization,
1969 .maxlen = sizeof(int),
1970 .mode = 0644,
1971 .proc_handler = proc_kprobes_optimization_handler,
1972 .extra1 = SYSCTL_ZERO,
1973 .extra2 = SYSCTL_ONE,
1974 },
1975#endif
1976 { }
1977};
1978
1979static struct ctl_table dev_table[] = {
1980 { }
1981};
1982
1983int __init sysctl_init(void)
1984{
1985 struct ctl_table_header *hdr;
1986
1987 hdr = register_sysctl_table(sysctl_base_table);
1988 kmemleak_not_leak(hdr);
1989 return 0;
1990}
1991
1992#endif /* CONFIG_SYSCTL */
1993
1994/*
1995 * /proc/sys support
1996 */
1997
1998#ifdef CONFIG_PROC_SYSCTL
1999
2000static int _proc_do_string(char *data, int maxlen, int write,
2001 char __user *buffer,
2002 size_t *lenp, loff_t *ppos)
2003{
2004 size_t len;
2005 char __user *p;
2006 char c;
2007
2008 if (!data || !maxlen || !*lenp) {
2009 *lenp = 0;
2010 return 0;
2011 }
2012
2013 if (write) {
2014 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) {
2015 /* Only continue writes not past the end of buffer. */
2016 len = strlen(data);
2017 if (len > maxlen - 1)
2018 len = maxlen - 1;
2019
2020 if (*ppos > len)
2021 return 0;
2022 len = *ppos;
2023 } else {
2024 /* Start writing from beginning of buffer. */
2025 len = 0;
2026 }
2027
2028 *ppos += *lenp;
2029 p = buffer;
2030 while ((p - buffer) < *lenp && len < maxlen - 1) {
2031 if (get_user(c, p++))
2032 return -EFAULT;
2033 if (c == 0 || c == '\n')
2034 break;
2035 data[len++] = c;
2036 }
2037 data[len] = 0;
2038 } else {
2039 len = strlen(data);
2040 if (len > maxlen)
2041 len = maxlen;
2042
2043 if (*ppos > len) {
2044 *lenp = 0;
2045 return 0;
2046 }
2047
2048 data += *ppos;
2049 len -= *ppos;
2050
2051 if (len > *lenp)
2052 len = *lenp;
2053 if (len)
2054 if (copy_to_user(buffer, data, len))
2055 return -EFAULT;
2056 if (len < *lenp) {
2057 if (put_user('\n', buffer + len))
2058 return -EFAULT;
2059 len++;
2060 }
2061 *lenp = len;
2062 *ppos += len;
2063 }
2064 return 0;
2065}
2066
2067static void warn_sysctl_write(struct ctl_table *table)
2068{
2069 pr_warn_once("%s wrote to %s when file position was not 0!\n"
2070 "This will not be supported in the future. To silence this\n"
2071 "warning, set kernel.sysctl_writes_strict = -1\n",
2072 current->comm, table->procname);
2073}
2074
2075/**
2076 * proc_first_pos_non_zero_ignore - check if first position is allowed
2077 * @ppos: file position
2078 * @table: the sysctl table
2079 *
2080 * Returns true if the first position is non-zero and the sysctl_writes_strict
2081 * mode indicates this is not allowed for numeric input types. String proc
2082 * handlers can ignore the return value.
2083 */
2084static bool proc_first_pos_non_zero_ignore(loff_t *ppos,
2085 struct ctl_table *table)
2086{
2087 if (!*ppos)
2088 return false;
2089
2090 switch (sysctl_writes_strict) {
2091 case SYSCTL_WRITES_STRICT:
2092 return true;
2093 case SYSCTL_WRITES_WARN:
2094 warn_sysctl_write(table);
2095 return false;
2096 default:
2097 return false;
2098 }
2099}
2100
2101/**
2102 * proc_dostring - read a string sysctl
2103 * @table: the sysctl table
2104 * @write: %TRUE if this is a write to the sysctl file
2105 * @buffer: the user buffer
2106 * @lenp: the size of the user buffer
2107 * @ppos: file position
2108 *
2109 * Reads/writes a string from/to the user buffer. If the kernel
2110 * buffer provided is not large enough to hold the string, the
2111 * string is truncated. The copied string is %NULL-terminated.
2112 * If the string is being read by the user process, it is copied
2113 * and a newline '\n' is added. It is truncated if the buffer is
2114 * not large enough.
2115 *
2116 * Returns 0 on success.
2117 */
2118int proc_dostring(struct ctl_table *table, int write,
2119 void __user *buffer, size_t *lenp, loff_t *ppos)
2120{
2121 if (write)
2122 proc_first_pos_non_zero_ignore(ppos, table);
2123
2124 return _proc_do_string((char *)(table->data), table->maxlen, write,
2125 (char __user *)buffer, lenp, ppos);
2126}
2127
2128static size_t proc_skip_spaces(char **buf)
2129{
2130 size_t ret;
2131 char *tmp = skip_spaces(*buf);
2132 ret = tmp - *buf;
2133 *buf = tmp;
2134 return ret;
2135}
2136
2137static void proc_skip_char(char **buf, size_t *size, const char v)
2138{
2139 while (*size) {
2140 if (**buf != v)
2141 break;
2142 (*size)--;
2143 (*buf)++;
2144 }
2145}
2146
2147/**
2148 * strtoul_lenient - parse an ASCII formatted integer from a buffer and only
2149 * fail on overflow
2150 *
2151 * @cp: kernel buffer containing the string to parse
2152 * @endp: pointer to store the trailing characters
2153 * @base: the base to use
2154 * @res: where the parsed integer will be stored
2155 *
2156 * In case of success 0 is returned and @res will contain the parsed integer,
2157 * @endp will hold any trailing characters.
2158 * This function will fail the parse on overflow. If there wasn't an overflow
2159 * the function will defer the decision what characters count as invalid to the
2160 * caller.
2161 */
2162static int strtoul_lenient(const char *cp, char **endp, unsigned int base,
2163 unsigned long *res)
2164{
2165 unsigned long long result;
2166 unsigned int rv;
2167
2168 cp = _parse_integer_fixup_radix(cp, &base);
2169 rv = _parse_integer(cp, base, &result);
2170 if ((rv & KSTRTOX_OVERFLOW) || (result != (unsigned long)result))
2171 return -ERANGE;
2172
2173 cp += rv;
2174
2175 if (endp)
2176 *endp = (char *)cp;
2177
2178 *res = (unsigned long)result;
2179 return 0;
2180}
2181
2182#define TMPBUFLEN 22
2183/**
2184 * proc_get_long - reads an ASCII formatted integer from a user buffer
2185 *
2186 * @buf: a kernel buffer
2187 * @size: size of the kernel buffer
2188 * @val: this is where the number will be stored
2189 * @neg: set to %TRUE if number is negative
2190 * @perm_tr: a vector which contains the allowed trailers
2191 * @perm_tr_len: size of the perm_tr vector
2192 * @tr: pointer to store the trailer character
2193 *
2194 * In case of success %0 is returned and @buf and @size are updated with
2195 * the amount of bytes read. If @tr is non-NULL and a trailing
2196 * character exists (size is non-zero after returning from this
2197 * function), @tr is updated with the trailing character.
2198 */
2199static int proc_get_long(char **buf, size_t *size,
2200 unsigned long *val, bool *neg,
2201 const char *perm_tr, unsigned perm_tr_len, char *tr)
2202{
2203 int len;
2204 char *p, tmp[TMPBUFLEN];
2205
2206 if (!*size)
2207 return -EINVAL;
2208
2209 len = *size;
2210 if (len > TMPBUFLEN - 1)
2211 len = TMPBUFLEN - 1;
2212
2213 memcpy(tmp, *buf, len);
2214
2215 tmp[len] = 0;
2216 p = tmp;
2217 if (*p == '-' && *size > 1) {
2218 *neg = true;
2219 p++;
2220 } else
2221 *neg = false;
2222 if (!isdigit(*p))
2223 return -EINVAL;
2224
2225 if (strtoul_lenient(p, &p, 0, val))
2226 return -EINVAL;
2227
2228 len = p - tmp;
2229
2230 /* We don't know if the next char is whitespace thus we may accept
2231 * invalid integers (e.g. 1234...a) or two integers instead of one
2232 * (e.g. 123...1). So lets not allow such large numbers. */
2233 if (len == TMPBUFLEN - 1)
2234 return -EINVAL;
2235
2236 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
2237 return -EINVAL;
2238
2239 if (tr && (len < *size))
2240 *tr = *p;
2241
2242 *buf += len;
2243 *size -= len;
2244
2245 return 0;
2246}
2247
2248/**
2249 * proc_put_long - converts an integer to a decimal ASCII formatted string
2250 *
2251 * @buf: the user buffer
2252 * @size: the size of the user buffer
2253 * @val: the integer to be converted
2254 * @neg: sign of the number, %TRUE for negative
2255 *
2256 * In case of success %0 is returned and @buf and @size are updated with
2257 * the amount of bytes written.
2258 */
2259static int proc_put_long(void __user **buf, size_t *size, unsigned long val,
2260 bool neg)
2261{
2262 int len;
2263 char tmp[TMPBUFLEN], *p = tmp;
2264
2265 sprintf(p, "%s%lu", neg ? "-" : "", val);
2266 len = strlen(tmp);
2267 if (len > *size)
2268 len = *size;
2269 if (copy_to_user(*buf, tmp, len))
2270 return -EFAULT;
2271 *size -= len;
2272 *buf += len;
2273 return 0;
2274}
2275#undef TMPBUFLEN
2276
2277static int proc_put_char(void __user **buf, size_t *size, char c)
2278{
2279 if (*size) {
2280 char __user **buffer = (char __user **)buf;
2281 if (put_user(c, *buffer))
2282 return -EFAULT;
2283 (*size)--, (*buffer)++;
2284 *buf = *buffer;
2285 }
2286 return 0;
2287}
2288
2289static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
2290 int *valp,
2291 int write, void *data)
2292{
2293 if (write) {
2294 if (*negp) {
2295 if (*lvalp > (unsigned long) INT_MAX + 1)
2296 return -EINVAL;
2297 *valp = -*lvalp;
2298 } else {
2299 if (*lvalp > (unsigned long) INT_MAX)
2300 return -EINVAL;
2301 *valp = *lvalp;
2302 }
2303 } else {
2304 int val = *valp;
2305 if (val < 0) {
2306 *negp = true;
2307 *lvalp = -(unsigned long)val;
2308 } else {
2309 *negp = false;
2310 *lvalp = (unsigned long)val;
2311 }
2312 }
2313 return 0;
2314}
2315
2316static int do_proc_douintvec_conv(unsigned long *lvalp,
2317 unsigned int *valp,
2318 int write, void *data)
2319{
2320 if (write) {
2321 if (*lvalp > UINT_MAX)
2322 return -EINVAL;
2323 *valp = *lvalp;
2324 } else {
2325 unsigned int val = *valp;
2326 *lvalp = (unsigned long)val;
2327 }
2328 return 0;
2329}
2330
2331static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
2332
2333static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
2334 int write, void __user *buffer,
2335 size_t *lenp, loff_t *ppos,
2336 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
2337 int write, void *data),
2338 void *data)
2339{
2340 int *i, vleft, first = 1, err = 0;
2341 size_t left;
2342 char *kbuf = NULL, *p;
2343
2344 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
2345 *lenp = 0;
2346 return 0;
2347 }
2348
2349 i = (int *) tbl_data;
2350 vleft = table->maxlen / sizeof(*i);
2351 left = *lenp;
2352
2353 if (!conv)
2354 conv = do_proc_dointvec_conv;
2355
2356 if (write) {
2357 if (proc_first_pos_non_zero_ignore(ppos, table))
2358 goto out;
2359
2360 if (left > PAGE_SIZE - 1)
2361 left = PAGE_SIZE - 1;
2362 p = kbuf = memdup_user_nul(buffer, left);
2363 if (IS_ERR(kbuf))
2364 return PTR_ERR(kbuf);
2365 }
2366
2367 for (; left && vleft--; i++, first=0) {
2368 unsigned long lval;
2369 bool neg;
2370
2371 if (write) {
2372 left -= proc_skip_spaces(&p);
2373
2374 if (!left)
2375 break;
2376 err = proc_get_long(&p, &left, &lval, &neg,
2377 proc_wspace_sep,
2378 sizeof(proc_wspace_sep), NULL);
2379 if (err)
2380 break;
2381 if (conv(&neg, &lval, i, 1, data)) {
2382 err = -EINVAL;
2383 break;
2384 }
2385 } else {
2386 if (conv(&neg, &lval, i, 0, data)) {
2387 err = -EINVAL;
2388 break;
2389 }
2390 if (!first)
2391 err = proc_put_char(&buffer, &left, '\t');
2392 if (err)
2393 break;
2394 err = proc_put_long(&buffer, &left, lval, neg);
2395 if (err)
2396 break;
2397 }
2398 }
2399
2400 if (!write && !first && left && !err)
2401 err = proc_put_char(&buffer, &left, '\n');
2402 if (write && !err && left)
2403 left -= proc_skip_spaces(&p);
2404 if (write) {
2405 kfree(kbuf);
2406 if (first)
2407 return err ? : -EINVAL;
2408 }
2409 *lenp -= left;
2410out:
2411 *ppos += *lenp;
2412 return err;
2413}
2414
2415static int do_proc_dointvec(struct ctl_table *table, int write,
2416 void __user *buffer, size_t *lenp, loff_t *ppos,
2417 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
2418 int write, void *data),
2419 void *data)
2420{
2421 return __do_proc_dointvec(table->data, table, write,
2422 buffer, lenp, ppos, conv, data);
2423}
2424
2425static int do_proc_douintvec_w(unsigned int *tbl_data,
2426 struct ctl_table *table,
2427 void __user *buffer,
2428 size_t *lenp, loff_t *ppos,
2429 int (*conv)(unsigned long *lvalp,
2430 unsigned int *valp,
2431 int write, void *data),
2432 void *data)
2433{
2434 unsigned long lval;
2435 int err = 0;
2436 size_t left;
2437 bool neg;
2438 char *kbuf = NULL, *p;
2439
2440 left = *lenp;
2441
2442 if (proc_first_pos_non_zero_ignore(ppos, table))
2443 goto bail_early;
2444
2445 if (left > PAGE_SIZE - 1)
2446 left = PAGE_SIZE - 1;
2447
2448 p = kbuf = memdup_user_nul(buffer, left);
2449 if (IS_ERR(kbuf))
2450 return -EINVAL;
2451
2452 left -= proc_skip_spaces(&p);
2453 if (!left) {
2454 err = -EINVAL;
2455 goto out_free;
2456 }
2457
2458 err = proc_get_long(&p, &left, &lval, &neg,
2459 proc_wspace_sep,
2460 sizeof(proc_wspace_sep), NULL);
2461 if (err || neg) {
2462 err = -EINVAL;
2463 goto out_free;
2464 }
2465
2466 if (conv(&lval, tbl_data, 1, data)) {
2467 err = -EINVAL;
2468 goto out_free;
2469 }
2470
2471 if (!err && left)
2472 left -= proc_skip_spaces(&p);
2473
2474out_free:
2475 kfree(kbuf);
2476 if (err)
2477 return -EINVAL;
2478
2479 return 0;
2480
2481 /* This is in keeping with old __do_proc_dointvec() */
2482bail_early:
2483 *ppos += *lenp;
2484 return err;
2485}
2486
2487static int do_proc_douintvec_r(unsigned int *tbl_data, void __user *buffer,
2488 size_t *lenp, loff_t *ppos,
2489 int (*conv)(unsigned long *lvalp,
2490 unsigned int *valp,
2491 int write, void *data),
2492 void *data)
2493{
2494 unsigned long lval;
2495 int err = 0;
2496 size_t left;
2497
2498 left = *lenp;
2499
2500 if (conv(&lval, tbl_data, 0, data)) {
2501 err = -EINVAL;
2502 goto out;
2503 }
2504
2505 err = proc_put_long(&buffer, &left, lval, false);
2506 if (err || !left)
2507 goto out;
2508
2509 err = proc_put_char(&buffer, &left, '\n');
2510
2511out:
2512 *lenp -= left;
2513 *ppos += *lenp;
2514
2515 return err;
2516}
2517
2518static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table,
2519 int write, void __user *buffer,
2520 size_t *lenp, loff_t *ppos,
2521 int (*conv)(unsigned long *lvalp,
2522 unsigned int *valp,
2523 int write, void *data),
2524 void *data)
2525{
2526 unsigned int *i, vleft;
2527
2528 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
2529 *lenp = 0;
2530 return 0;
2531 }
2532
2533 i = (unsigned int *) tbl_data;
2534 vleft = table->maxlen / sizeof(*i);
2535
2536 /*
2537 * Arrays are not supported, keep this simple. *Do not* add
2538 * support for them.
2539 */
2540 if (vleft != 1) {
2541 *lenp = 0;
2542 return -EINVAL;
2543 }
2544
2545 if (!conv)
2546 conv = do_proc_douintvec_conv;
2547
2548 if (write)
2549 return do_proc_douintvec_w(i, table, buffer, lenp, ppos,
2550 conv, data);
2551 return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data);
2552}
2553
2554static int do_proc_douintvec(struct ctl_table *table, int write,
2555 void __user *buffer, size_t *lenp, loff_t *ppos,
2556 int (*conv)(unsigned long *lvalp,
2557 unsigned int *valp,
2558 int write, void *data),
2559 void *data)
2560{
2561 return __do_proc_douintvec(table->data, table, write,
2562 buffer, lenp, ppos, conv, data);
2563}
2564
2565/**
2566 * proc_dointvec - read a vector of integers
2567 * @table: the sysctl table
2568 * @write: %TRUE if this is a write to the sysctl file
2569 * @buffer: the user buffer
2570 * @lenp: the size of the user buffer
2571 * @ppos: file position
2572 *
2573 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2574 * values from/to the user buffer, treated as an ASCII string.
2575 *
2576 * Returns 0 on success.
2577 */
2578int proc_dointvec(struct ctl_table *table, int write,
2579 void __user *buffer, size_t *lenp, loff_t *ppos)
2580{
2581 return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL);
2582}
2583
2584/**
2585 * proc_douintvec - read a vector of unsigned integers
2586 * @table: the sysctl table
2587 * @write: %TRUE if this is a write to the sysctl file
2588 * @buffer: the user buffer
2589 * @lenp: the size of the user buffer
2590 * @ppos: file position
2591 *
2592 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
2593 * values from/to the user buffer, treated as an ASCII string.
2594 *
2595 * Returns 0 on success.
2596 */
2597int proc_douintvec(struct ctl_table *table, int write,
2598 void __user *buffer, size_t *lenp, loff_t *ppos)
2599{
2600 return do_proc_douintvec(table, write, buffer, lenp, ppos,
2601 do_proc_douintvec_conv, NULL);
2602}
2603
2604/*
2605 * Taint values can only be increased
2606 * This means we can safely use a temporary.
2607 */
2608static int proc_taint(struct ctl_table *table, int write,
2609 void __user *buffer, size_t *lenp, loff_t *ppos)
2610{
2611 struct ctl_table t;
2612 unsigned long tmptaint = get_taint();
2613 int err;
2614
2615 if (write && !capable(CAP_SYS_ADMIN))
2616 return -EPERM;
2617
2618 t = *table;
2619 t.data = &tmptaint;
2620 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
2621 if (err < 0)
2622 return err;
2623
2624 if (write) {
2625 /*
2626 * Poor man's atomic or. Not worth adding a primitive
2627 * to everyone's atomic.h for this
2628 */
2629 int i;
2630 for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) {
2631 if ((tmptaint >> i) & 1)
2632 add_taint(i, LOCKDEP_STILL_OK);
2633 }
2634 }
2635
2636 return err;
2637}
2638
2639#ifdef CONFIG_PRINTK
2640static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
2641 void __user *buffer, size_t *lenp, loff_t *ppos)
2642{
2643 if (write && !capable(CAP_SYS_ADMIN))
2644 return -EPERM;
2645
2646 return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2647}
2648#endif
2649
2650/**
2651 * struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure
2652 * @min: pointer to minimum allowable value
2653 * @max: pointer to maximum allowable value
2654 *
2655 * The do_proc_dointvec_minmax_conv_param structure provides the
2656 * minimum and maximum values for doing range checking for those sysctl
2657 * parameters that use the proc_dointvec_minmax() handler.
2658 */
2659struct do_proc_dointvec_minmax_conv_param {
2660 int *min;
2661 int *max;
2662};
2663
2664static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
2665 int *valp,
2666 int write, void *data)
2667{
2668 int tmp, ret;
2669 struct do_proc_dointvec_minmax_conv_param *param = data;
2670 /*
2671 * If writing, first do so via a temporary local int so we can
2672 * bounds-check it before touching *valp.
2673 */
2674 int *ip = write ? &tmp : valp;
2675
2676 ret = do_proc_dointvec_conv(negp, lvalp, ip, write, data);
2677 if (ret)
2678 return ret;
2679
2680 if (write) {
2681 if ((param->min && *param->min > tmp) ||
2682 (param->max && *param->max < tmp))
2683 return -EINVAL;
2684 *valp = tmp;
2685 }
2686
2687 return 0;
2688}
2689
2690/**
2691 * proc_dointvec_minmax - read a vector of integers with min/max values
2692 * @table: the sysctl table
2693 * @write: %TRUE if this is a write to the sysctl file
2694 * @buffer: the user buffer
2695 * @lenp: the size of the user buffer
2696 * @ppos: file position
2697 *
2698 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2699 * values from/to the user buffer, treated as an ASCII string.
2700 *
2701 * This routine will ensure the values are within the range specified by
2702 * table->extra1 (min) and table->extra2 (max).
2703 *
2704 * Returns 0 on success or -EINVAL on write when the range check fails.
2705 */
2706int proc_dointvec_minmax(struct ctl_table *table, int write,
2707 void __user *buffer, size_t *lenp, loff_t *ppos)
2708{
2709 struct do_proc_dointvec_minmax_conv_param param = {
2710 .min = (int *) table->extra1,
2711 .max = (int *) table->extra2,
2712 };
2713 return do_proc_dointvec(table, write, buffer, lenp, ppos,
2714 do_proc_dointvec_minmax_conv, ¶m);
2715}
2716
2717/**
2718 * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure
2719 * @min: pointer to minimum allowable value
2720 * @max: pointer to maximum allowable value
2721 *
2722 * The do_proc_douintvec_minmax_conv_param structure provides the
2723 * minimum and maximum values for doing range checking for those sysctl
2724 * parameters that use the proc_douintvec_minmax() handler.
2725 */
2726struct do_proc_douintvec_minmax_conv_param {
2727 unsigned int *min;
2728 unsigned int *max;
2729};
2730
2731static int do_proc_douintvec_minmax_conv(unsigned long *lvalp,
2732 unsigned int *valp,
2733 int write, void *data)
2734{
2735 int ret;
2736 unsigned int tmp;
2737 struct do_proc_douintvec_minmax_conv_param *param = data;
2738 /* write via temporary local uint for bounds-checking */
2739 unsigned int *up = write ? &tmp : valp;
2740
2741 ret = do_proc_douintvec_conv(lvalp, up, write, data);
2742 if (ret)
2743 return ret;
2744
2745 if (write) {
2746 if ((param->min && *param->min > tmp) ||
2747 (param->max && *param->max < tmp))
2748 return -ERANGE;
2749
2750 *valp = tmp;
2751 }
2752
2753 return 0;
2754}
2755
2756/**
2757 * proc_douintvec_minmax - read a vector of unsigned ints with min/max values
2758 * @table: the sysctl table
2759 * @write: %TRUE if this is a write to the sysctl file
2760 * @buffer: the user buffer
2761 * @lenp: the size of the user buffer
2762 * @ppos: file position
2763 *
2764 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
2765 * values from/to the user buffer, treated as an ASCII string. Negative
2766 * strings are not allowed.
2767 *
2768 * This routine will ensure the values are within the range specified by
2769 * table->extra1 (min) and table->extra2 (max). There is a final sanity
2770 * check for UINT_MAX to avoid having to support wrap around uses from
2771 * userspace.
2772 *
2773 * Returns 0 on success or -ERANGE on write when the range check fails.
2774 */
2775int proc_douintvec_minmax(struct ctl_table *table, int write,
2776 void __user *buffer, size_t *lenp, loff_t *ppos)
2777{
2778 struct do_proc_douintvec_minmax_conv_param param = {
2779 .min = (unsigned int *) table->extra1,
2780 .max = (unsigned int *) table->extra2,
2781 };
2782 return do_proc_douintvec(table, write, buffer, lenp, ppos,
2783 do_proc_douintvec_minmax_conv, ¶m);
2784}
2785
2786static int do_proc_dopipe_max_size_conv(unsigned long *lvalp,
2787 unsigned int *valp,
2788 int write, void *data)
2789{
2790 if (write) {
2791 unsigned int val;
2792
2793 val = round_pipe_size(*lvalp);
2794 if (val == 0)
2795 return -EINVAL;
2796
2797 *valp = val;
2798 } else {
2799 unsigned int val = *valp;
2800 *lvalp = (unsigned long) val;
2801 }
2802
2803 return 0;
2804}
2805
2806static int proc_dopipe_max_size(struct ctl_table *table, int write,
2807 void __user *buffer, size_t *lenp, loff_t *ppos)
2808{
2809 return do_proc_douintvec(table, write, buffer, lenp, ppos,
2810 do_proc_dopipe_max_size_conv, NULL);
2811}
2812
2813static void validate_coredump_safety(void)
2814{
2815#ifdef CONFIG_COREDUMP
2816 if (suid_dumpable == SUID_DUMP_ROOT &&
2817 core_pattern[0] != '/' && core_pattern[0] != '|') {
2818 printk(KERN_WARNING
2819"Unsafe core_pattern used with fs.suid_dumpable=2.\n"
2820"Pipe handler or fully qualified core dump path required.\n"
2821"Set kernel.core_pattern before fs.suid_dumpable.\n"
2822 );
2823 }
2824#endif
2825}
2826
2827static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
2828 void __user *buffer, size_t *lenp, loff_t *ppos)
2829{
2830 int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2831 if (!error)
2832 validate_coredump_safety();
2833 return error;
2834}
2835
2836#ifdef CONFIG_COREDUMP
2837static int proc_dostring_coredump(struct ctl_table *table, int write,
2838 void __user *buffer, size_t *lenp, loff_t *ppos)
2839{
2840 int error = proc_dostring(table, write, buffer, lenp, ppos);
2841 if (!error)
2842 validate_coredump_safety();
2843 return error;
2844}
2845#endif
2846
2847static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write,
2848 void __user *buffer,
2849 size_t *lenp, loff_t *ppos,
2850 unsigned long convmul,
2851 unsigned long convdiv)
2852{
2853 unsigned long *i, *min, *max;
2854 int vleft, first = 1, err = 0;
2855 size_t left;
2856 char *kbuf = NULL, *p;
2857
2858 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
2859 *lenp = 0;
2860 return 0;
2861 }
2862
2863 i = (unsigned long *) data;
2864 min = (unsigned long *) table->extra1;
2865 max = (unsigned long *) table->extra2;
2866 vleft = table->maxlen / sizeof(unsigned long);
2867 left = *lenp;
2868
2869 if (write) {
2870 if (proc_first_pos_non_zero_ignore(ppos, table))
2871 goto out;
2872
2873 if (left > PAGE_SIZE - 1)
2874 left = PAGE_SIZE - 1;
2875 p = kbuf = memdup_user_nul(buffer, left);
2876 if (IS_ERR(kbuf))
2877 return PTR_ERR(kbuf);
2878 }
2879
2880 for (; left && vleft--; i++, first = 0) {
2881 unsigned long val;
2882
2883 if (write) {
2884 bool neg;
2885
2886 left -= proc_skip_spaces(&p);
2887 if (!left)
2888 break;
2889
2890 err = proc_get_long(&p, &left, &val, &neg,
2891 proc_wspace_sep,
2892 sizeof(proc_wspace_sep), NULL);
2893 if (err)
2894 break;
2895 if (neg)
2896 continue;
2897 val = convmul * val / convdiv;
2898 if ((min && val < *min) || (max && val > *max)) {
2899 err = -EINVAL;
2900 break;
2901 }
2902 *i = val;
2903 } else {
2904 val = convdiv * (*i) / convmul;
2905 if (!first) {
2906 err = proc_put_char(&buffer, &left, '\t');
2907 if (err)
2908 break;
2909 }
2910 err = proc_put_long(&buffer, &left, val, false);
2911 if (err)
2912 break;
2913 }
2914 }
2915
2916 if (!write && !first && left && !err)
2917 err = proc_put_char(&buffer, &left, '\n');
2918 if (write && !err)
2919 left -= proc_skip_spaces(&p);
2920 if (write) {
2921 kfree(kbuf);
2922 if (first)
2923 return err ? : -EINVAL;
2924 }
2925 *lenp -= left;
2926out:
2927 *ppos += *lenp;
2928 return err;
2929}
2930
2931static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
2932 void __user *buffer,
2933 size_t *lenp, loff_t *ppos,
2934 unsigned long convmul,
2935 unsigned long convdiv)
2936{
2937 return __do_proc_doulongvec_minmax(table->data, table, write,
2938 buffer, lenp, ppos, convmul, convdiv);
2939}
2940
2941/**
2942 * proc_doulongvec_minmax - read a vector of long integers with min/max values
2943 * @table: the sysctl table
2944 * @write: %TRUE if this is a write to the sysctl file
2945 * @buffer: the user buffer
2946 * @lenp: the size of the user buffer
2947 * @ppos: file position
2948 *
2949 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2950 * values from/to the user buffer, treated as an ASCII string.
2951 *
2952 * This routine will ensure the values are within the range specified by
2953 * table->extra1 (min) and table->extra2 (max).
2954 *
2955 * Returns 0 on success.
2956 */
2957int proc_doulongvec_minmax(struct ctl_table *table, int write,
2958 void __user *buffer, size_t *lenp, loff_t *ppos)
2959{
2960 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l);
2961}
2962
2963/**
2964 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values
2965 * @table: the sysctl table
2966 * @write: %TRUE if this is a write to the sysctl file
2967 * @buffer: the user buffer
2968 * @lenp: the size of the user buffer
2969 * @ppos: file position
2970 *
2971 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2972 * values from/to the user buffer, treated as an ASCII string. The values
2973 * are treated as milliseconds, and converted to jiffies when they are stored.
2974 *
2975 * This routine will ensure the values are within the range specified by
2976 * table->extra1 (min) and table->extra2 (max).
2977 *
2978 * Returns 0 on success.
2979 */
2980int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
2981 void __user *buffer,
2982 size_t *lenp, loff_t *ppos)
2983{
2984 return do_proc_doulongvec_minmax(table, write, buffer,
2985 lenp, ppos, HZ, 1000l);
2986}
2987
2988
2989static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
2990 int *valp,
2991 int write, void *data)
2992{
2993 if (write) {
2994 if (*lvalp > INT_MAX / HZ)
2995 return 1;
2996 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ);
2997 } else {
2998 int val = *valp;
2999 unsigned long lval;
3000 if (val < 0) {
3001 *negp = true;
3002 lval = -(unsigned long)val;
3003 } else {
3004 *negp = false;
3005 lval = (unsigned long)val;
3006 }
3007 *lvalp = lval / HZ;
3008 }
3009 return 0;
3010}
3011
3012static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
3013 int *valp,
3014 int write, void *data)
3015{
3016 if (write) {
3017 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ)
3018 return 1;
3019 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp);
3020 } else {
3021 int val = *valp;
3022 unsigned long lval;
3023 if (val < 0) {
3024 *negp = true;
3025 lval = -(unsigned long)val;
3026 } else {
3027 *negp = false;
3028 lval = (unsigned long)val;
3029 }
3030 *lvalp = jiffies_to_clock_t(lval);
3031 }
3032 return 0;
3033}
3034
3035static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
3036 int *valp,
3037 int write, void *data)
3038{
3039 if (write) {
3040 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
3041
3042 if (jif > INT_MAX)
3043 return 1;
3044 *valp = (int)jif;
3045 } else {
3046 int val = *valp;
3047 unsigned long lval;
3048 if (val < 0) {
3049 *negp = true;
3050 lval = -(unsigned long)val;
3051 } else {
3052 *negp = false;
3053 lval = (unsigned long)val;
3054 }
3055 *lvalp = jiffies_to_msecs(lval);
3056 }
3057 return 0;
3058}
3059
3060/**
3061 * proc_dointvec_jiffies - read a vector of integers as seconds
3062 * @table: the sysctl table
3063 * @write: %TRUE if this is a write to the sysctl file
3064 * @buffer: the user buffer
3065 * @lenp: the size of the user buffer
3066 * @ppos: file position
3067 *
3068 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
3069 * values from/to the user buffer, treated as an ASCII string.
3070 * The values read are assumed to be in seconds, and are converted into
3071 * jiffies.
3072 *
3073 * Returns 0 on success.
3074 */
3075int proc_dointvec_jiffies(struct ctl_table *table, int write,
3076 void __user *buffer, size_t *lenp, loff_t *ppos)
3077{
3078 return do_proc_dointvec(table,write,buffer,lenp,ppos,
3079 do_proc_dointvec_jiffies_conv,NULL);
3080}
3081
3082/**
3083 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds
3084 * @table: the sysctl table
3085 * @write: %TRUE if this is a write to the sysctl file
3086 * @buffer: the user buffer
3087 * @lenp: the size of the user buffer
3088 * @ppos: pointer to the file position
3089 *
3090 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
3091 * values from/to the user buffer, treated as an ASCII string.
3092 * The values read are assumed to be in 1/USER_HZ seconds, and
3093 * are converted into jiffies.
3094 *
3095 * Returns 0 on success.
3096 */
3097int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
3098 void __user *buffer, size_t *lenp, loff_t *ppos)
3099{
3100 return do_proc_dointvec(table,write,buffer,lenp,ppos,
3101 do_proc_dointvec_userhz_jiffies_conv,NULL);
3102}
3103
3104/**
3105 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds
3106 * @table: the sysctl table
3107 * @write: %TRUE if this is a write to the sysctl file
3108 * @buffer: the user buffer
3109 * @lenp: the size of the user buffer
3110 * @ppos: file position
3111 * @ppos: the current position in the file
3112 *
3113 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
3114 * values from/to the user buffer, treated as an ASCII string.
3115 * The values read are assumed to be in 1/1000 seconds, and
3116 * are converted into jiffies.
3117 *
3118 * Returns 0 on success.
3119 */
3120int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
3121 void __user *buffer, size_t *lenp, loff_t *ppos)
3122{
3123 return do_proc_dointvec(table, write, buffer, lenp, ppos,
3124 do_proc_dointvec_ms_jiffies_conv, NULL);
3125}
3126
3127static int proc_do_cad_pid(struct ctl_table *table, int write,
3128 void __user *buffer, size_t *lenp, loff_t *ppos)
3129{
3130 struct pid *new_pid;
3131 pid_t tmp;
3132 int r;
3133
3134 tmp = pid_vnr(cad_pid);
3135
3136 r = __do_proc_dointvec(&tmp, table, write, buffer,
3137 lenp, ppos, NULL, NULL);
3138 if (r || !write)
3139 return r;
3140
3141 new_pid = find_get_pid(tmp);
3142 if (!new_pid)
3143 return -ESRCH;
3144
3145 put_pid(xchg(&cad_pid, new_pid));
3146 return 0;
3147}
3148
3149/**
3150 * proc_do_large_bitmap - read/write from/to a large bitmap
3151 * @table: the sysctl table
3152 * @write: %TRUE if this is a write to the sysctl file
3153 * @buffer: the user buffer
3154 * @lenp: the size of the user buffer
3155 * @ppos: file position
3156 *
3157 * The bitmap is stored at table->data and the bitmap length (in bits)
3158 * in table->maxlen.
3159 *
3160 * We use a range comma separated format (e.g. 1,3-4,10-10) so that
3161 * large bitmaps may be represented in a compact manner. Writing into
3162 * the file will clear the bitmap then update it with the given input.
3163 *
3164 * Returns 0 on success.
3165 */
3166int proc_do_large_bitmap(struct ctl_table *table, int write,
3167 void __user *buffer, size_t *lenp, loff_t *ppos)
3168{
3169 int err = 0;
3170 bool first = 1;
3171 size_t left = *lenp;
3172 unsigned long bitmap_len = table->maxlen;
3173 unsigned long *bitmap = *(unsigned long **) table->data;
3174 unsigned long *tmp_bitmap = NULL;
3175 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
3176
3177 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) {
3178 *lenp = 0;
3179 return 0;
3180 }
3181
3182 if (write) {
3183 char *kbuf, *p;
3184 size_t skipped = 0;
3185
3186 if (left > PAGE_SIZE - 1) {
3187 left = PAGE_SIZE - 1;
3188 /* How much of the buffer we'll skip this pass */
3189 skipped = *lenp - left;
3190 }
3191
3192 p = kbuf = memdup_user_nul(buffer, left);
3193 if (IS_ERR(kbuf))
3194 return PTR_ERR(kbuf);
3195
3196 tmp_bitmap = bitmap_zalloc(bitmap_len, GFP_KERNEL);
3197 if (!tmp_bitmap) {
3198 kfree(kbuf);
3199 return -ENOMEM;
3200 }
3201 proc_skip_char(&p, &left, '\n');
3202 while (!err && left) {
3203 unsigned long val_a, val_b;
3204 bool neg;
3205 size_t saved_left;
3206
3207 /* In case we stop parsing mid-number, we can reset */
3208 saved_left = left;
3209 err = proc_get_long(&p, &left, &val_a, &neg, tr_a,
3210 sizeof(tr_a), &c);
3211 /*
3212 * If we consumed the entirety of a truncated buffer or
3213 * only one char is left (may be a "-"), then stop here,
3214 * reset, & come back for more.
3215 */
3216 if ((left <= 1) && skipped) {
3217 left = saved_left;
3218 break;
3219 }
3220
3221 if (err)
3222 break;
3223 if (val_a >= bitmap_len || neg) {
3224 err = -EINVAL;
3225 break;
3226 }
3227
3228 val_b = val_a;
3229 if (left) {
3230 p++;
3231 left--;
3232 }
3233
3234 if (c == '-') {
3235 err = proc_get_long(&p, &left, &val_b,
3236 &neg, tr_b, sizeof(tr_b),
3237 &c);
3238 /*
3239 * If we consumed all of a truncated buffer or
3240 * then stop here, reset, & come back for more.
3241 */
3242 if (!left && skipped) {
3243 left = saved_left;
3244 break;
3245 }
3246
3247 if (err)
3248 break;
3249 if (val_b >= bitmap_len || neg ||
3250 val_a > val_b) {
3251 err = -EINVAL;
3252 break;
3253 }
3254 if (left) {
3255 p++;
3256 left--;
3257 }
3258 }
3259
3260 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1);
3261 first = 0;
3262 proc_skip_char(&p, &left, '\n');
3263 }
3264 kfree(kbuf);
3265 left += skipped;
3266 } else {
3267 unsigned long bit_a, bit_b = 0;
3268
3269 while (left) {
3270 bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
3271 if (bit_a >= bitmap_len)
3272 break;
3273 bit_b = find_next_zero_bit(bitmap, bitmap_len,
3274 bit_a + 1) - 1;
3275
3276 if (!first) {
3277 err = proc_put_char(&buffer, &left, ',');
3278 if (err)
3279 break;
3280 }
3281 err = proc_put_long(&buffer, &left, bit_a, false);
3282 if (err)
3283 break;
3284 if (bit_a != bit_b) {
3285 err = proc_put_char(&buffer, &left, '-');
3286 if (err)
3287 break;
3288 err = proc_put_long(&buffer, &left, bit_b, false);
3289 if (err)
3290 break;
3291 }
3292
3293 first = 0; bit_b++;
3294 }
3295 if (!err)
3296 err = proc_put_char(&buffer, &left, '\n');
3297 }
3298
3299 if (!err) {
3300 if (write) {
3301 if (*ppos)
3302 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
3303 else
3304 bitmap_copy(bitmap, tmp_bitmap, bitmap_len);
3305 }
3306 *lenp -= left;
3307 *ppos += *lenp;
3308 }
3309
3310 bitmap_free(tmp_bitmap);
3311 return err;
3312}
3313
3314#else /* CONFIG_PROC_SYSCTL */
3315
3316int proc_dostring(struct ctl_table *table, int write,
3317 void __user *buffer, size_t *lenp, loff_t *ppos)
3318{
3319 return -ENOSYS;
3320}
3321
3322int proc_dointvec(struct ctl_table *table, int write,
3323 void __user *buffer, size_t *lenp, loff_t *ppos)
3324{
3325 return -ENOSYS;
3326}
3327
3328int proc_douintvec(struct ctl_table *table, int write,
3329 void __user *buffer, size_t *lenp, loff_t *ppos)
3330{
3331 return -ENOSYS;
3332}
3333
3334int proc_dointvec_minmax(struct ctl_table *table, int write,
3335 void __user *buffer, size_t *lenp, loff_t *ppos)
3336{
3337 return -ENOSYS;
3338}
3339
3340int proc_douintvec_minmax(struct ctl_table *table, int write,
3341 void __user *buffer, size_t *lenp, loff_t *ppos)
3342{
3343 return -ENOSYS;
3344}
3345
3346int proc_dointvec_jiffies(struct ctl_table *table, int write,
3347 void __user *buffer, size_t *lenp, loff_t *ppos)
3348{
3349 return -ENOSYS;
3350}
3351
3352int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
3353 void __user *buffer, size_t *lenp, loff_t *ppos)
3354{
3355 return -ENOSYS;
3356}
3357
3358int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
3359 void __user *buffer, size_t *lenp, loff_t *ppos)
3360{
3361 return -ENOSYS;
3362}
3363
3364int proc_doulongvec_minmax(struct ctl_table *table, int write,
3365 void __user *buffer, size_t *lenp, loff_t *ppos)
3366{
3367 return -ENOSYS;
3368}
3369
3370int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
3371 void __user *buffer,
3372 size_t *lenp, loff_t *ppos)
3373{
3374 return -ENOSYS;
3375}
3376
3377int proc_do_large_bitmap(struct ctl_table *table, int write,
3378 void __user *buffer, size_t *lenp, loff_t *ppos)
3379{
3380 return -ENOSYS;
3381}
3382
3383#endif /* CONFIG_PROC_SYSCTL */
3384
3385#if defined(CONFIG_SYSCTL)
3386int proc_do_static_key(struct ctl_table *table, int write,
3387 void __user *buffer, size_t *lenp,
3388 loff_t *ppos)
3389{
3390 struct static_key *key = (struct static_key *)table->data;
3391 static DEFINE_MUTEX(static_key_mutex);
3392 int val, ret;
3393 struct ctl_table tmp = {
3394 .data = &val,
3395 .maxlen = sizeof(val),
3396 .mode = table->mode,
3397 .extra1 = SYSCTL_ZERO,
3398 .extra2 = SYSCTL_ONE,
3399 };
3400
3401 if (write && !capable(CAP_SYS_ADMIN))
3402 return -EPERM;
3403
3404 mutex_lock(&static_key_mutex);
3405 val = static_key_enabled(key);
3406 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
3407 if (write && !ret) {
3408 if (val)
3409 static_key_enable(key);
3410 else
3411 static_key_disable(key);
3412 }
3413 mutex_unlock(&static_key_mutex);
3414 return ret;
3415}
3416#endif
3417/*
3418 * No sense putting this after each symbol definition, twice,
3419 * exception granted :-)
3420 */
3421EXPORT_SYMBOL(proc_dointvec);
3422EXPORT_SYMBOL(proc_douintvec);
3423EXPORT_SYMBOL(proc_dointvec_jiffies);
3424EXPORT_SYMBOL(proc_dointvec_minmax);
3425EXPORT_SYMBOL_GPL(proc_douintvec_minmax);
3426EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
3427EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
3428EXPORT_SYMBOL(proc_dostring);
3429EXPORT_SYMBOL(proc_doulongvec_minmax);
3430EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);
3431EXPORT_SYMBOL(proc_do_large_bitmap);
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * sysctl.c: General linux system control interface
4 *
5 * Begun 24 March 1995, Stephen Tweedie
6 * Added /proc support, Dec 1995
7 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas.
8 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver.
9 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver.
10 * Dynamic registration fixes, Stephen Tweedie.
11 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn.
12 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris
13 * Horn.
14 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer.
15 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer.
16 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill
17 * Wendling.
18 * The list_for_each() macro wasn't appropriate for the sysctl loop.
19 * Removed it and replaced it with older style, 03/23/00, Bill Wendling
20 */
21
22#include <linux/module.h>
23#include <linux/mm.h>
24#include <linux/swap.h>
25#include <linux/slab.h>
26#include <linux/sysctl.h>
27#include <linux/bitmap.h>
28#include <linux/signal.h>
29#include <linux/panic.h>
30#include <linux/printk.h>
31#include <linux/proc_fs.h>
32#include <linux/security.h>
33#include <linux/ctype.h>
34#include <linux/kmemleak.h>
35#include <linux/filter.h>
36#include <linux/fs.h>
37#include <linux/init.h>
38#include <linux/kernel.h>
39#include <linux/kobject.h>
40#include <linux/net.h>
41#include <linux/sysrq.h>
42#include <linux/highuid.h>
43#include <linux/writeback.h>
44#include <linux/ratelimit.h>
45#include <linux/hugetlb.h>
46#include <linux/initrd.h>
47#include <linux/key.h>
48#include <linux/times.h>
49#include <linux/limits.h>
50#include <linux/dcache.h>
51#include <linux/syscalls.h>
52#include <linux/vmstat.h>
53#include <linux/nfs_fs.h>
54#include <linux/acpi.h>
55#include <linux/reboot.h>
56#include <linux/ftrace.h>
57#include <linux/perf_event.h>
58#include <linux/oom.h>
59#include <linux/kmod.h>
60#include <linux/capability.h>
61#include <linux/binfmts.h>
62#include <linux/sched/sysctl.h>
63#include <linux/mount.h>
64#include <linux/userfaultfd_k.h>
65#include <linux/pid.h>
66
67#include "../lib/kstrtox.h"
68
69#include <linux/uaccess.h>
70#include <asm/processor.h>
71
72#ifdef CONFIG_X86
73#include <asm/nmi.h>
74#include <asm/stacktrace.h>
75#include <asm/io.h>
76#endif
77#ifdef CONFIG_SPARC
78#include <asm/setup.h>
79#endif
80#ifdef CONFIG_RT_MUTEXES
81#include <linux/rtmutex.h>
82#endif
83
84/* shared constants to be used in various sysctls */
85const int sysctl_vals[] = { 0, 1, 2, 3, 4, 100, 200, 1000, 3000, INT_MAX, 65535, -1 };
86EXPORT_SYMBOL(sysctl_vals);
87
88const unsigned long sysctl_long_vals[] = { 0, 1, LONG_MAX };
89EXPORT_SYMBOL_GPL(sysctl_long_vals);
90
91#if defined(CONFIG_SYSCTL)
92
93/* Constants used for minimum and maximum */
94
95#ifdef CONFIG_PERF_EVENTS
96static const int six_hundred_forty_kb = 640 * 1024;
97#endif
98
99
100static const int ngroups_max = NGROUPS_MAX;
101static const int cap_last_cap = CAP_LAST_CAP;
102
103#ifdef CONFIG_PROC_SYSCTL
104
105/**
106 * enum sysctl_writes_mode - supported sysctl write modes
107 *
108 * @SYSCTL_WRITES_LEGACY: each write syscall must fully contain the sysctl value
109 * to be written, and multiple writes on the same sysctl file descriptor
110 * will rewrite the sysctl value, regardless of file position. No warning
111 * is issued when the initial position is not 0.
112 * @SYSCTL_WRITES_WARN: same as above but warn when the initial file position is
113 * not 0.
114 * @SYSCTL_WRITES_STRICT: writes to numeric sysctl entries must always be at
115 * file position 0 and the value must be fully contained in the buffer
116 * sent to the write syscall. If dealing with strings respect the file
117 * position, but restrict this to the max length of the buffer, anything
118 * passed the max length will be ignored. Multiple writes will append
119 * to the buffer.
120 *
121 * These write modes control how current file position affects the behavior of
122 * updating sysctl values through the proc interface on each write.
123 */
124enum sysctl_writes_mode {
125 SYSCTL_WRITES_LEGACY = -1,
126 SYSCTL_WRITES_WARN = 0,
127 SYSCTL_WRITES_STRICT = 1,
128};
129
130static enum sysctl_writes_mode sysctl_writes_strict = SYSCTL_WRITES_STRICT;
131#endif /* CONFIG_PROC_SYSCTL */
132
133#if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
134 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
135int sysctl_legacy_va_layout;
136#endif
137
138#endif /* CONFIG_SYSCTL */
139
140/*
141 * /proc/sys support
142 */
143
144#ifdef CONFIG_PROC_SYSCTL
145
146static int _proc_do_string(char *data, int maxlen, int write,
147 char *buffer, size_t *lenp, loff_t *ppos)
148{
149 size_t len;
150 char c, *p;
151
152 if (!data || !maxlen || !*lenp) {
153 *lenp = 0;
154 return 0;
155 }
156
157 if (write) {
158 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) {
159 /* Only continue writes not past the end of buffer. */
160 len = strlen(data);
161 if (len > maxlen - 1)
162 len = maxlen - 1;
163
164 if (*ppos > len)
165 return 0;
166 len = *ppos;
167 } else {
168 /* Start writing from beginning of buffer. */
169 len = 0;
170 }
171
172 *ppos += *lenp;
173 p = buffer;
174 while ((p - buffer) < *lenp && len < maxlen - 1) {
175 c = *(p++);
176 if (c == 0 || c == '\n')
177 break;
178 data[len++] = c;
179 }
180 data[len] = 0;
181 } else {
182 len = strlen(data);
183 if (len > maxlen)
184 len = maxlen;
185
186 if (*ppos > len) {
187 *lenp = 0;
188 return 0;
189 }
190
191 data += *ppos;
192 len -= *ppos;
193
194 if (len > *lenp)
195 len = *lenp;
196 if (len)
197 memcpy(buffer, data, len);
198 if (len < *lenp) {
199 buffer[len] = '\n';
200 len++;
201 }
202 *lenp = len;
203 *ppos += len;
204 }
205 return 0;
206}
207
208static void warn_sysctl_write(const struct ctl_table *table)
209{
210 pr_warn_once("%s wrote to %s when file position was not 0!\n"
211 "This will not be supported in the future. To silence this\n"
212 "warning, set kernel.sysctl_writes_strict = -1\n",
213 current->comm, table->procname);
214}
215
216/**
217 * proc_first_pos_non_zero_ignore - check if first position is allowed
218 * @ppos: file position
219 * @table: the sysctl table
220 *
221 * Returns true if the first position is non-zero and the sysctl_writes_strict
222 * mode indicates this is not allowed for numeric input types. String proc
223 * handlers can ignore the return value.
224 */
225static bool proc_first_pos_non_zero_ignore(loff_t *ppos,
226 const struct ctl_table *table)
227{
228 if (!*ppos)
229 return false;
230
231 switch (sysctl_writes_strict) {
232 case SYSCTL_WRITES_STRICT:
233 return true;
234 case SYSCTL_WRITES_WARN:
235 warn_sysctl_write(table);
236 return false;
237 default:
238 return false;
239 }
240}
241
242/**
243 * proc_dostring - read a string sysctl
244 * @table: the sysctl table
245 * @write: %TRUE if this is a write to the sysctl file
246 * @buffer: the user buffer
247 * @lenp: the size of the user buffer
248 * @ppos: file position
249 *
250 * Reads/writes a string from/to the user buffer. If the kernel
251 * buffer provided is not large enough to hold the string, the
252 * string is truncated. The copied string is %NULL-terminated.
253 * If the string is being read by the user process, it is copied
254 * and a newline '\n' is added. It is truncated if the buffer is
255 * not large enough.
256 *
257 * Returns 0 on success.
258 */
259int proc_dostring(const struct ctl_table *table, int write,
260 void *buffer, size_t *lenp, loff_t *ppos)
261{
262 if (write)
263 proc_first_pos_non_zero_ignore(ppos, table);
264
265 return _proc_do_string(table->data, table->maxlen, write, buffer, lenp,
266 ppos);
267}
268
269static void proc_skip_spaces(char **buf, size_t *size)
270{
271 while (*size) {
272 if (!isspace(**buf))
273 break;
274 (*size)--;
275 (*buf)++;
276 }
277}
278
279static void proc_skip_char(char **buf, size_t *size, const char v)
280{
281 while (*size) {
282 if (**buf != v)
283 break;
284 (*size)--;
285 (*buf)++;
286 }
287}
288
289/**
290 * strtoul_lenient - parse an ASCII formatted integer from a buffer and only
291 * fail on overflow
292 *
293 * @cp: kernel buffer containing the string to parse
294 * @endp: pointer to store the trailing characters
295 * @base: the base to use
296 * @res: where the parsed integer will be stored
297 *
298 * In case of success 0 is returned and @res will contain the parsed integer,
299 * @endp will hold any trailing characters.
300 * This function will fail the parse on overflow. If there wasn't an overflow
301 * the function will defer the decision what characters count as invalid to the
302 * caller.
303 */
304static int strtoul_lenient(const char *cp, char **endp, unsigned int base,
305 unsigned long *res)
306{
307 unsigned long long result;
308 unsigned int rv;
309
310 cp = _parse_integer_fixup_radix(cp, &base);
311 rv = _parse_integer(cp, base, &result);
312 if ((rv & KSTRTOX_OVERFLOW) || (result != (unsigned long)result))
313 return -ERANGE;
314
315 cp += rv;
316
317 if (endp)
318 *endp = (char *)cp;
319
320 *res = (unsigned long)result;
321 return 0;
322}
323
324#define TMPBUFLEN 22
325/**
326 * proc_get_long - reads an ASCII formatted integer from a user buffer
327 *
328 * @buf: a kernel buffer
329 * @size: size of the kernel buffer
330 * @val: this is where the number will be stored
331 * @neg: set to %TRUE if number is negative
332 * @perm_tr: a vector which contains the allowed trailers
333 * @perm_tr_len: size of the perm_tr vector
334 * @tr: pointer to store the trailer character
335 *
336 * In case of success %0 is returned and @buf and @size are updated with
337 * the amount of bytes read. If @tr is non-NULL and a trailing
338 * character exists (size is non-zero after returning from this
339 * function), @tr is updated with the trailing character.
340 */
341static int proc_get_long(char **buf, size_t *size,
342 unsigned long *val, bool *neg,
343 const char *perm_tr, unsigned perm_tr_len, char *tr)
344{
345 char *p, tmp[TMPBUFLEN];
346 ssize_t len = *size;
347
348 if (len <= 0)
349 return -EINVAL;
350
351 if (len > TMPBUFLEN - 1)
352 len = TMPBUFLEN - 1;
353
354 memcpy(tmp, *buf, len);
355
356 tmp[len] = 0;
357 p = tmp;
358 if (*p == '-' && *size > 1) {
359 *neg = true;
360 p++;
361 } else
362 *neg = false;
363 if (!isdigit(*p))
364 return -EINVAL;
365
366 if (strtoul_lenient(p, &p, 0, val))
367 return -EINVAL;
368
369 len = p - tmp;
370
371 /* We don't know if the next char is whitespace thus we may accept
372 * invalid integers (e.g. 1234...a) or two integers instead of one
373 * (e.g. 123...1). So lets not allow such large numbers. */
374 if (len == TMPBUFLEN - 1)
375 return -EINVAL;
376
377 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
378 return -EINVAL;
379
380 if (tr && (len < *size))
381 *tr = *p;
382
383 *buf += len;
384 *size -= len;
385
386 return 0;
387}
388
389/**
390 * proc_put_long - converts an integer to a decimal ASCII formatted string
391 *
392 * @buf: the user buffer
393 * @size: the size of the user buffer
394 * @val: the integer to be converted
395 * @neg: sign of the number, %TRUE for negative
396 *
397 * In case of success @buf and @size are updated with the amount of bytes
398 * written.
399 */
400static void proc_put_long(void **buf, size_t *size, unsigned long val, bool neg)
401{
402 int len;
403 char tmp[TMPBUFLEN], *p = tmp;
404
405 sprintf(p, "%s%lu", neg ? "-" : "", val);
406 len = strlen(tmp);
407 if (len > *size)
408 len = *size;
409 memcpy(*buf, tmp, len);
410 *size -= len;
411 *buf += len;
412}
413#undef TMPBUFLEN
414
415static void proc_put_char(void **buf, size_t *size, char c)
416{
417 if (*size) {
418 char **buffer = (char **)buf;
419 **buffer = c;
420
421 (*size)--;
422 (*buffer)++;
423 *buf = *buffer;
424 }
425}
426
427static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
428 int *valp,
429 int write, void *data)
430{
431 if (write) {
432 if (*negp) {
433 if (*lvalp > (unsigned long) INT_MAX + 1)
434 return -EINVAL;
435 WRITE_ONCE(*valp, -*lvalp);
436 } else {
437 if (*lvalp > (unsigned long) INT_MAX)
438 return -EINVAL;
439 WRITE_ONCE(*valp, *lvalp);
440 }
441 } else {
442 int val = READ_ONCE(*valp);
443 if (val < 0) {
444 *negp = true;
445 *lvalp = -(unsigned long)val;
446 } else {
447 *negp = false;
448 *lvalp = (unsigned long)val;
449 }
450 }
451 return 0;
452}
453
454static int do_proc_douintvec_conv(unsigned long *lvalp,
455 unsigned int *valp,
456 int write, void *data)
457{
458 if (write) {
459 if (*lvalp > UINT_MAX)
460 return -EINVAL;
461 WRITE_ONCE(*valp, *lvalp);
462 } else {
463 unsigned int val = READ_ONCE(*valp);
464 *lvalp = (unsigned long)val;
465 }
466 return 0;
467}
468
469static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
470
471static int __do_proc_dointvec(void *tbl_data, const struct ctl_table *table,
472 int write, void *buffer,
473 size_t *lenp, loff_t *ppos,
474 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
475 int write, void *data),
476 void *data)
477{
478 int *i, vleft, first = 1, err = 0;
479 size_t left;
480 char *p;
481
482 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
483 *lenp = 0;
484 return 0;
485 }
486
487 i = (int *) tbl_data;
488 vleft = table->maxlen / sizeof(*i);
489 left = *lenp;
490
491 if (!conv)
492 conv = do_proc_dointvec_conv;
493
494 if (write) {
495 if (proc_first_pos_non_zero_ignore(ppos, table))
496 goto out;
497
498 if (left > PAGE_SIZE - 1)
499 left = PAGE_SIZE - 1;
500 p = buffer;
501 }
502
503 for (; left && vleft--; i++, first=0) {
504 unsigned long lval;
505 bool neg;
506
507 if (write) {
508 proc_skip_spaces(&p, &left);
509
510 if (!left)
511 break;
512 err = proc_get_long(&p, &left, &lval, &neg,
513 proc_wspace_sep,
514 sizeof(proc_wspace_sep), NULL);
515 if (err)
516 break;
517 if (conv(&neg, &lval, i, 1, data)) {
518 err = -EINVAL;
519 break;
520 }
521 } else {
522 if (conv(&neg, &lval, i, 0, data)) {
523 err = -EINVAL;
524 break;
525 }
526 if (!first)
527 proc_put_char(&buffer, &left, '\t');
528 proc_put_long(&buffer, &left, lval, neg);
529 }
530 }
531
532 if (!write && !first && left && !err)
533 proc_put_char(&buffer, &left, '\n');
534 if (write && !err && left)
535 proc_skip_spaces(&p, &left);
536 if (write && first)
537 return err ? : -EINVAL;
538 *lenp -= left;
539out:
540 *ppos += *lenp;
541 return err;
542}
543
544static int do_proc_dointvec(const struct ctl_table *table, int write,
545 void *buffer, size_t *lenp, loff_t *ppos,
546 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
547 int write, void *data),
548 void *data)
549{
550 return __do_proc_dointvec(table->data, table, write,
551 buffer, lenp, ppos, conv, data);
552}
553
554static int do_proc_douintvec_w(unsigned int *tbl_data,
555 const struct ctl_table *table,
556 void *buffer,
557 size_t *lenp, loff_t *ppos,
558 int (*conv)(unsigned long *lvalp,
559 unsigned int *valp,
560 int write, void *data),
561 void *data)
562{
563 unsigned long lval;
564 int err = 0;
565 size_t left;
566 bool neg;
567 char *p = buffer;
568
569 left = *lenp;
570
571 if (proc_first_pos_non_zero_ignore(ppos, table))
572 goto bail_early;
573
574 if (left > PAGE_SIZE - 1)
575 left = PAGE_SIZE - 1;
576
577 proc_skip_spaces(&p, &left);
578 if (!left) {
579 err = -EINVAL;
580 goto out_free;
581 }
582
583 err = proc_get_long(&p, &left, &lval, &neg,
584 proc_wspace_sep,
585 sizeof(proc_wspace_sep), NULL);
586 if (err || neg) {
587 err = -EINVAL;
588 goto out_free;
589 }
590
591 if (conv(&lval, tbl_data, 1, data)) {
592 err = -EINVAL;
593 goto out_free;
594 }
595
596 if (!err && left)
597 proc_skip_spaces(&p, &left);
598
599out_free:
600 if (err)
601 return -EINVAL;
602
603 return 0;
604
605 /* This is in keeping with old __do_proc_dointvec() */
606bail_early:
607 *ppos += *lenp;
608 return err;
609}
610
611static int do_proc_douintvec_r(unsigned int *tbl_data, void *buffer,
612 size_t *lenp, loff_t *ppos,
613 int (*conv)(unsigned long *lvalp,
614 unsigned int *valp,
615 int write, void *data),
616 void *data)
617{
618 unsigned long lval;
619 int err = 0;
620 size_t left;
621
622 left = *lenp;
623
624 if (conv(&lval, tbl_data, 0, data)) {
625 err = -EINVAL;
626 goto out;
627 }
628
629 proc_put_long(&buffer, &left, lval, false);
630 if (!left)
631 goto out;
632
633 proc_put_char(&buffer, &left, '\n');
634
635out:
636 *lenp -= left;
637 *ppos += *lenp;
638
639 return err;
640}
641
642static int __do_proc_douintvec(void *tbl_data, const struct ctl_table *table,
643 int write, void *buffer,
644 size_t *lenp, loff_t *ppos,
645 int (*conv)(unsigned long *lvalp,
646 unsigned int *valp,
647 int write, void *data),
648 void *data)
649{
650 unsigned int *i, vleft;
651
652 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
653 *lenp = 0;
654 return 0;
655 }
656
657 i = (unsigned int *) tbl_data;
658 vleft = table->maxlen / sizeof(*i);
659
660 /*
661 * Arrays are not supported, keep this simple. *Do not* add
662 * support for them.
663 */
664 if (vleft != 1) {
665 *lenp = 0;
666 return -EINVAL;
667 }
668
669 if (!conv)
670 conv = do_proc_douintvec_conv;
671
672 if (write)
673 return do_proc_douintvec_w(i, table, buffer, lenp, ppos,
674 conv, data);
675 return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data);
676}
677
678int do_proc_douintvec(const struct ctl_table *table, int write,
679 void *buffer, size_t *lenp, loff_t *ppos,
680 int (*conv)(unsigned long *lvalp,
681 unsigned int *valp,
682 int write, void *data),
683 void *data)
684{
685 return __do_proc_douintvec(table->data, table, write,
686 buffer, lenp, ppos, conv, data);
687}
688
689/**
690 * proc_dobool - read/write a bool
691 * @table: the sysctl table
692 * @write: %TRUE if this is a write to the sysctl file
693 * @buffer: the user buffer
694 * @lenp: the size of the user buffer
695 * @ppos: file position
696 *
697 * Reads/writes one integer value from/to the user buffer,
698 * treated as an ASCII string.
699 *
700 * table->data must point to a bool variable and table->maxlen must
701 * be sizeof(bool).
702 *
703 * Returns 0 on success.
704 */
705int proc_dobool(const struct ctl_table *table, int write, void *buffer,
706 size_t *lenp, loff_t *ppos)
707{
708 struct ctl_table tmp;
709 bool *data = table->data;
710 int res, val;
711
712 /* Do not support arrays yet. */
713 if (table->maxlen != sizeof(bool))
714 return -EINVAL;
715
716 tmp = *table;
717 tmp.maxlen = sizeof(val);
718 tmp.data = &val;
719
720 val = READ_ONCE(*data);
721 res = proc_dointvec(&tmp, write, buffer, lenp, ppos);
722 if (res)
723 return res;
724 if (write)
725 WRITE_ONCE(*data, val);
726 return 0;
727}
728
729/**
730 * proc_dointvec - read a vector of integers
731 * @table: the sysctl table
732 * @write: %TRUE if this is a write to the sysctl file
733 * @buffer: the user buffer
734 * @lenp: the size of the user buffer
735 * @ppos: file position
736 *
737 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
738 * values from/to the user buffer, treated as an ASCII string.
739 *
740 * Returns 0 on success.
741 */
742int proc_dointvec(const struct ctl_table *table, int write, void *buffer,
743 size_t *lenp, loff_t *ppos)
744{
745 return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL);
746}
747
748/**
749 * proc_douintvec - read a vector of unsigned integers
750 * @table: the sysctl table
751 * @write: %TRUE if this is a write to the sysctl file
752 * @buffer: the user buffer
753 * @lenp: the size of the user buffer
754 * @ppos: file position
755 *
756 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
757 * values from/to the user buffer, treated as an ASCII string.
758 *
759 * Returns 0 on success.
760 */
761int proc_douintvec(const struct ctl_table *table, int write, void *buffer,
762 size_t *lenp, loff_t *ppos)
763{
764 return do_proc_douintvec(table, write, buffer, lenp, ppos,
765 do_proc_douintvec_conv, NULL);
766}
767
768/*
769 * Taint values can only be increased
770 * This means we can safely use a temporary.
771 */
772static int proc_taint(const struct ctl_table *table, int write,
773 void *buffer, size_t *lenp, loff_t *ppos)
774{
775 struct ctl_table t;
776 unsigned long tmptaint = get_taint();
777 int err;
778
779 if (write && !capable(CAP_SYS_ADMIN))
780 return -EPERM;
781
782 t = *table;
783 t.data = &tmptaint;
784 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
785 if (err < 0)
786 return err;
787
788 if (write) {
789 int i;
790
791 /*
792 * If we are relying on panic_on_taint not producing
793 * false positives due to userspace input, bail out
794 * before setting the requested taint flags.
795 */
796 if (panic_on_taint_nousertaint && (tmptaint & panic_on_taint))
797 return -EINVAL;
798
799 /*
800 * Poor man's atomic or. Not worth adding a primitive
801 * to everyone's atomic.h for this
802 */
803 for (i = 0; i < TAINT_FLAGS_COUNT; i++)
804 if ((1UL << i) & tmptaint)
805 add_taint(i, LOCKDEP_STILL_OK);
806 }
807
808 return err;
809}
810
811/**
812 * struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure
813 * @min: pointer to minimum allowable value
814 * @max: pointer to maximum allowable value
815 *
816 * The do_proc_dointvec_minmax_conv_param structure provides the
817 * minimum and maximum values for doing range checking for those sysctl
818 * parameters that use the proc_dointvec_minmax() handler.
819 */
820struct do_proc_dointvec_minmax_conv_param {
821 int *min;
822 int *max;
823};
824
825static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
826 int *valp,
827 int write, void *data)
828{
829 int tmp, ret;
830 struct do_proc_dointvec_minmax_conv_param *param = data;
831 /*
832 * If writing, first do so via a temporary local int so we can
833 * bounds-check it before touching *valp.
834 */
835 int *ip = write ? &tmp : valp;
836
837 ret = do_proc_dointvec_conv(negp, lvalp, ip, write, data);
838 if (ret)
839 return ret;
840
841 if (write) {
842 if ((param->min && *param->min > tmp) ||
843 (param->max && *param->max < tmp))
844 return -EINVAL;
845 WRITE_ONCE(*valp, tmp);
846 }
847
848 return 0;
849}
850
851/**
852 * proc_dointvec_minmax - read a vector of integers with min/max values
853 * @table: the sysctl table
854 * @write: %TRUE if this is a write to the sysctl file
855 * @buffer: the user buffer
856 * @lenp: the size of the user buffer
857 * @ppos: file position
858 *
859 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
860 * values from/to the user buffer, treated as an ASCII string.
861 *
862 * This routine will ensure the values are within the range specified by
863 * table->extra1 (min) and table->extra2 (max).
864 *
865 * Returns 0 on success or -EINVAL on write when the range check fails.
866 */
867int proc_dointvec_minmax(const struct ctl_table *table, int write,
868 void *buffer, size_t *lenp, loff_t *ppos)
869{
870 struct do_proc_dointvec_minmax_conv_param param = {
871 .min = (int *) table->extra1,
872 .max = (int *) table->extra2,
873 };
874 return do_proc_dointvec(table, write, buffer, lenp, ppos,
875 do_proc_dointvec_minmax_conv, ¶m);
876}
877
878/**
879 * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure
880 * @min: pointer to minimum allowable value
881 * @max: pointer to maximum allowable value
882 *
883 * The do_proc_douintvec_minmax_conv_param structure provides the
884 * minimum and maximum values for doing range checking for those sysctl
885 * parameters that use the proc_douintvec_minmax() handler.
886 */
887struct do_proc_douintvec_minmax_conv_param {
888 unsigned int *min;
889 unsigned int *max;
890};
891
892static int do_proc_douintvec_minmax_conv(unsigned long *lvalp,
893 unsigned int *valp,
894 int write, void *data)
895{
896 int ret;
897 unsigned int tmp;
898 struct do_proc_douintvec_minmax_conv_param *param = data;
899 /* write via temporary local uint for bounds-checking */
900 unsigned int *up = write ? &tmp : valp;
901
902 ret = do_proc_douintvec_conv(lvalp, up, write, data);
903 if (ret)
904 return ret;
905
906 if (write) {
907 if ((param->min && *param->min > tmp) ||
908 (param->max && *param->max < tmp))
909 return -ERANGE;
910
911 WRITE_ONCE(*valp, tmp);
912 }
913
914 return 0;
915}
916
917/**
918 * proc_douintvec_minmax - read a vector of unsigned ints with min/max values
919 * @table: the sysctl table
920 * @write: %TRUE if this is a write to the sysctl file
921 * @buffer: the user buffer
922 * @lenp: the size of the user buffer
923 * @ppos: file position
924 *
925 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
926 * values from/to the user buffer, treated as an ASCII string. Negative
927 * strings are not allowed.
928 *
929 * This routine will ensure the values are within the range specified by
930 * table->extra1 (min) and table->extra2 (max). There is a final sanity
931 * check for UINT_MAX to avoid having to support wrap around uses from
932 * userspace.
933 *
934 * Returns 0 on success or -ERANGE on write when the range check fails.
935 */
936int proc_douintvec_minmax(const struct ctl_table *table, int write,
937 void *buffer, size_t *lenp, loff_t *ppos)
938{
939 struct do_proc_douintvec_minmax_conv_param param = {
940 .min = (unsigned int *) table->extra1,
941 .max = (unsigned int *) table->extra2,
942 };
943 return do_proc_douintvec(table, write, buffer, lenp, ppos,
944 do_proc_douintvec_minmax_conv, ¶m);
945}
946
947/**
948 * proc_dou8vec_minmax - read a vector of unsigned chars with min/max values
949 * @table: the sysctl table
950 * @write: %TRUE if this is a write to the sysctl file
951 * @buffer: the user buffer
952 * @lenp: the size of the user buffer
953 * @ppos: file position
954 *
955 * Reads/writes up to table->maxlen/sizeof(u8) unsigned chars
956 * values from/to the user buffer, treated as an ASCII string. Negative
957 * strings are not allowed.
958 *
959 * This routine will ensure the values are within the range specified by
960 * table->extra1 (min) and table->extra2 (max).
961 *
962 * Returns 0 on success or an error on write when the range check fails.
963 */
964int proc_dou8vec_minmax(const struct ctl_table *table, int write,
965 void *buffer, size_t *lenp, loff_t *ppos)
966{
967 struct ctl_table tmp;
968 unsigned int min = 0, max = 255U, val;
969 u8 *data = table->data;
970 struct do_proc_douintvec_minmax_conv_param param = {
971 .min = &min,
972 .max = &max,
973 };
974 int res;
975
976 /* Do not support arrays yet. */
977 if (table->maxlen != sizeof(u8))
978 return -EINVAL;
979
980 if (table->extra1)
981 min = *(unsigned int *) table->extra1;
982 if (table->extra2)
983 max = *(unsigned int *) table->extra2;
984
985 tmp = *table;
986
987 tmp.maxlen = sizeof(val);
988 tmp.data = &val;
989 val = READ_ONCE(*data);
990 res = do_proc_douintvec(&tmp, write, buffer, lenp, ppos,
991 do_proc_douintvec_minmax_conv, ¶m);
992 if (res)
993 return res;
994 if (write)
995 WRITE_ONCE(*data, val);
996 return 0;
997}
998EXPORT_SYMBOL_GPL(proc_dou8vec_minmax);
999
1000#ifdef CONFIG_MAGIC_SYSRQ
1001static int sysrq_sysctl_handler(const struct ctl_table *table, int write,
1002 void *buffer, size_t *lenp, loff_t *ppos)
1003{
1004 int tmp, ret;
1005
1006 tmp = sysrq_mask();
1007
1008 ret = __do_proc_dointvec(&tmp, table, write, buffer,
1009 lenp, ppos, NULL, NULL);
1010 if (ret || !write)
1011 return ret;
1012
1013 if (write)
1014 sysrq_toggle_support(tmp);
1015
1016 return 0;
1017}
1018#endif
1019
1020static int __do_proc_doulongvec_minmax(void *data,
1021 const struct ctl_table *table, int write,
1022 void *buffer, size_t *lenp, loff_t *ppos,
1023 unsigned long convmul, unsigned long convdiv)
1024{
1025 unsigned long *i, *min, *max;
1026 int vleft, first = 1, err = 0;
1027 size_t left;
1028 char *p;
1029
1030 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
1031 *lenp = 0;
1032 return 0;
1033 }
1034
1035 i = data;
1036 min = table->extra1;
1037 max = table->extra2;
1038 vleft = table->maxlen / sizeof(unsigned long);
1039 left = *lenp;
1040
1041 if (write) {
1042 if (proc_first_pos_non_zero_ignore(ppos, table))
1043 goto out;
1044
1045 if (left > PAGE_SIZE - 1)
1046 left = PAGE_SIZE - 1;
1047 p = buffer;
1048 }
1049
1050 for (; left && vleft--; i++, first = 0) {
1051 unsigned long val;
1052
1053 if (write) {
1054 bool neg;
1055
1056 proc_skip_spaces(&p, &left);
1057 if (!left)
1058 break;
1059
1060 err = proc_get_long(&p, &left, &val, &neg,
1061 proc_wspace_sep,
1062 sizeof(proc_wspace_sep), NULL);
1063 if (err || neg) {
1064 err = -EINVAL;
1065 break;
1066 }
1067
1068 val = convmul * val / convdiv;
1069 if ((min && val < *min) || (max && val > *max)) {
1070 err = -EINVAL;
1071 break;
1072 }
1073 WRITE_ONCE(*i, val);
1074 } else {
1075 val = convdiv * READ_ONCE(*i) / convmul;
1076 if (!first)
1077 proc_put_char(&buffer, &left, '\t');
1078 proc_put_long(&buffer, &left, val, false);
1079 }
1080 }
1081
1082 if (!write && !first && left && !err)
1083 proc_put_char(&buffer, &left, '\n');
1084 if (write && !err)
1085 proc_skip_spaces(&p, &left);
1086 if (write && first)
1087 return err ? : -EINVAL;
1088 *lenp -= left;
1089out:
1090 *ppos += *lenp;
1091 return err;
1092}
1093
1094static int do_proc_doulongvec_minmax(const struct ctl_table *table, int write,
1095 void *buffer, size_t *lenp, loff_t *ppos, unsigned long convmul,
1096 unsigned long convdiv)
1097{
1098 return __do_proc_doulongvec_minmax(table->data, table, write,
1099 buffer, lenp, ppos, convmul, convdiv);
1100}
1101
1102/**
1103 * proc_doulongvec_minmax - read a vector of long integers with min/max values
1104 * @table: the sysctl table
1105 * @write: %TRUE if this is a write to the sysctl file
1106 * @buffer: the user buffer
1107 * @lenp: the size of the user buffer
1108 * @ppos: file position
1109 *
1110 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
1111 * values from/to the user buffer, treated as an ASCII string.
1112 *
1113 * This routine will ensure the values are within the range specified by
1114 * table->extra1 (min) and table->extra2 (max).
1115 *
1116 * Returns 0 on success.
1117 */
1118int proc_doulongvec_minmax(const struct ctl_table *table, int write,
1119 void *buffer, size_t *lenp, loff_t *ppos)
1120{
1121 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l);
1122}
1123
1124/**
1125 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values
1126 * @table: the sysctl table
1127 * @write: %TRUE if this is a write to the sysctl file
1128 * @buffer: the user buffer
1129 * @lenp: the size of the user buffer
1130 * @ppos: file position
1131 *
1132 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
1133 * values from/to the user buffer, treated as an ASCII string. The values
1134 * are treated as milliseconds, and converted to jiffies when they are stored.
1135 *
1136 * This routine will ensure the values are within the range specified by
1137 * table->extra1 (min) and table->extra2 (max).
1138 *
1139 * Returns 0 on success.
1140 */
1141int proc_doulongvec_ms_jiffies_minmax(const struct ctl_table *table, int write,
1142 void *buffer, size_t *lenp, loff_t *ppos)
1143{
1144 return do_proc_doulongvec_minmax(table, write, buffer,
1145 lenp, ppos, HZ, 1000l);
1146}
1147
1148
1149static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
1150 int *valp,
1151 int write, void *data)
1152{
1153 if (write) {
1154 if (*lvalp > INT_MAX / HZ)
1155 return 1;
1156 if (*negp)
1157 WRITE_ONCE(*valp, -*lvalp * HZ);
1158 else
1159 WRITE_ONCE(*valp, *lvalp * HZ);
1160 } else {
1161 int val = READ_ONCE(*valp);
1162 unsigned long lval;
1163 if (val < 0) {
1164 *negp = true;
1165 lval = -(unsigned long)val;
1166 } else {
1167 *negp = false;
1168 lval = (unsigned long)val;
1169 }
1170 *lvalp = lval / HZ;
1171 }
1172 return 0;
1173}
1174
1175static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
1176 int *valp,
1177 int write, void *data)
1178{
1179 if (write) {
1180 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ)
1181 return 1;
1182 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp);
1183 } else {
1184 int val = *valp;
1185 unsigned long lval;
1186 if (val < 0) {
1187 *negp = true;
1188 lval = -(unsigned long)val;
1189 } else {
1190 *negp = false;
1191 lval = (unsigned long)val;
1192 }
1193 *lvalp = jiffies_to_clock_t(lval);
1194 }
1195 return 0;
1196}
1197
1198static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
1199 int *valp,
1200 int write, void *data)
1201{
1202 if (write) {
1203 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
1204
1205 if (jif > INT_MAX)
1206 return 1;
1207 WRITE_ONCE(*valp, (int)jif);
1208 } else {
1209 int val = READ_ONCE(*valp);
1210 unsigned long lval;
1211 if (val < 0) {
1212 *negp = true;
1213 lval = -(unsigned long)val;
1214 } else {
1215 *negp = false;
1216 lval = (unsigned long)val;
1217 }
1218 *lvalp = jiffies_to_msecs(lval);
1219 }
1220 return 0;
1221}
1222
1223static int do_proc_dointvec_ms_jiffies_minmax_conv(bool *negp, unsigned long *lvalp,
1224 int *valp, int write, void *data)
1225{
1226 int tmp, ret;
1227 struct do_proc_dointvec_minmax_conv_param *param = data;
1228 /*
1229 * If writing, first do so via a temporary local int so we can
1230 * bounds-check it before touching *valp.
1231 */
1232 int *ip = write ? &tmp : valp;
1233
1234 ret = do_proc_dointvec_ms_jiffies_conv(negp, lvalp, ip, write, data);
1235 if (ret)
1236 return ret;
1237
1238 if (write) {
1239 if ((param->min && *param->min > tmp) ||
1240 (param->max && *param->max < tmp))
1241 return -EINVAL;
1242 *valp = tmp;
1243 }
1244 return 0;
1245}
1246
1247/**
1248 * proc_dointvec_jiffies - read a vector of integers as seconds
1249 * @table: the sysctl table
1250 * @write: %TRUE if this is a write to the sysctl file
1251 * @buffer: the user buffer
1252 * @lenp: the size of the user buffer
1253 * @ppos: file position
1254 *
1255 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1256 * values from/to the user buffer, treated as an ASCII string.
1257 * The values read are assumed to be in seconds, and are converted into
1258 * jiffies.
1259 *
1260 * Returns 0 on success.
1261 */
1262int proc_dointvec_jiffies(const struct ctl_table *table, int write,
1263 void *buffer, size_t *lenp, loff_t *ppos)
1264{
1265 return do_proc_dointvec(table,write,buffer,lenp,ppos,
1266 do_proc_dointvec_jiffies_conv,NULL);
1267}
1268
1269int proc_dointvec_ms_jiffies_minmax(const struct ctl_table *table, int write,
1270 void *buffer, size_t *lenp, loff_t *ppos)
1271{
1272 struct do_proc_dointvec_minmax_conv_param param = {
1273 .min = (int *) table->extra1,
1274 .max = (int *) table->extra2,
1275 };
1276 return do_proc_dointvec(table, write, buffer, lenp, ppos,
1277 do_proc_dointvec_ms_jiffies_minmax_conv, ¶m);
1278}
1279
1280/**
1281 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds
1282 * @table: the sysctl table
1283 * @write: %TRUE if this is a write to the sysctl file
1284 * @buffer: the user buffer
1285 * @lenp: the size of the user buffer
1286 * @ppos: pointer to the file position
1287 *
1288 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1289 * values from/to the user buffer, treated as an ASCII string.
1290 * The values read are assumed to be in 1/USER_HZ seconds, and
1291 * are converted into jiffies.
1292 *
1293 * Returns 0 on success.
1294 */
1295int proc_dointvec_userhz_jiffies(const struct ctl_table *table, int write,
1296 void *buffer, size_t *lenp, loff_t *ppos)
1297{
1298 return do_proc_dointvec(table, write, buffer, lenp, ppos,
1299 do_proc_dointvec_userhz_jiffies_conv, NULL);
1300}
1301
1302/**
1303 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds
1304 * @table: the sysctl table
1305 * @write: %TRUE if this is a write to the sysctl file
1306 * @buffer: the user buffer
1307 * @lenp: the size of the user buffer
1308 * @ppos: the current position in the file
1309 *
1310 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1311 * values from/to the user buffer, treated as an ASCII string.
1312 * The values read are assumed to be in 1/1000 seconds, and
1313 * are converted into jiffies.
1314 *
1315 * Returns 0 on success.
1316 */
1317int proc_dointvec_ms_jiffies(const struct ctl_table *table, int write, void *buffer,
1318 size_t *lenp, loff_t *ppos)
1319{
1320 return do_proc_dointvec(table, write, buffer, lenp, ppos,
1321 do_proc_dointvec_ms_jiffies_conv, NULL);
1322}
1323
1324static int proc_do_cad_pid(const struct ctl_table *table, int write, void *buffer,
1325 size_t *lenp, loff_t *ppos)
1326{
1327 struct pid *new_pid;
1328 pid_t tmp;
1329 int r;
1330
1331 tmp = pid_vnr(cad_pid);
1332
1333 r = __do_proc_dointvec(&tmp, table, write, buffer,
1334 lenp, ppos, NULL, NULL);
1335 if (r || !write)
1336 return r;
1337
1338 new_pid = find_get_pid(tmp);
1339 if (!new_pid)
1340 return -ESRCH;
1341
1342 put_pid(xchg(&cad_pid, new_pid));
1343 return 0;
1344}
1345
1346/**
1347 * proc_do_large_bitmap - read/write from/to a large bitmap
1348 * @table: the sysctl table
1349 * @write: %TRUE if this is a write to the sysctl file
1350 * @buffer: the user buffer
1351 * @lenp: the size of the user buffer
1352 * @ppos: file position
1353 *
1354 * The bitmap is stored at table->data and the bitmap length (in bits)
1355 * in table->maxlen.
1356 *
1357 * We use a range comma separated format (e.g. 1,3-4,10-10) so that
1358 * large bitmaps may be represented in a compact manner. Writing into
1359 * the file will clear the bitmap then update it with the given input.
1360 *
1361 * Returns 0 on success.
1362 */
1363int proc_do_large_bitmap(const struct ctl_table *table, int write,
1364 void *buffer, size_t *lenp, loff_t *ppos)
1365{
1366 int err = 0;
1367 size_t left = *lenp;
1368 unsigned long bitmap_len = table->maxlen;
1369 unsigned long *bitmap = *(unsigned long **) table->data;
1370 unsigned long *tmp_bitmap = NULL;
1371 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
1372
1373 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) {
1374 *lenp = 0;
1375 return 0;
1376 }
1377
1378 if (write) {
1379 char *p = buffer;
1380 size_t skipped = 0;
1381
1382 if (left > PAGE_SIZE - 1) {
1383 left = PAGE_SIZE - 1;
1384 /* How much of the buffer we'll skip this pass */
1385 skipped = *lenp - left;
1386 }
1387
1388 tmp_bitmap = bitmap_zalloc(bitmap_len, GFP_KERNEL);
1389 if (!tmp_bitmap)
1390 return -ENOMEM;
1391 proc_skip_char(&p, &left, '\n');
1392 while (!err && left) {
1393 unsigned long val_a, val_b;
1394 bool neg;
1395 size_t saved_left;
1396
1397 /* In case we stop parsing mid-number, we can reset */
1398 saved_left = left;
1399 err = proc_get_long(&p, &left, &val_a, &neg, tr_a,
1400 sizeof(tr_a), &c);
1401 /*
1402 * If we consumed the entirety of a truncated buffer or
1403 * only one char is left (may be a "-"), then stop here,
1404 * reset, & come back for more.
1405 */
1406 if ((left <= 1) && skipped) {
1407 left = saved_left;
1408 break;
1409 }
1410
1411 if (err)
1412 break;
1413 if (val_a >= bitmap_len || neg) {
1414 err = -EINVAL;
1415 break;
1416 }
1417
1418 val_b = val_a;
1419 if (left) {
1420 p++;
1421 left--;
1422 }
1423
1424 if (c == '-') {
1425 err = proc_get_long(&p, &left, &val_b,
1426 &neg, tr_b, sizeof(tr_b),
1427 &c);
1428 /*
1429 * If we consumed all of a truncated buffer or
1430 * then stop here, reset, & come back for more.
1431 */
1432 if (!left && skipped) {
1433 left = saved_left;
1434 break;
1435 }
1436
1437 if (err)
1438 break;
1439 if (val_b >= bitmap_len || neg ||
1440 val_a > val_b) {
1441 err = -EINVAL;
1442 break;
1443 }
1444 if (left) {
1445 p++;
1446 left--;
1447 }
1448 }
1449
1450 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1);
1451 proc_skip_char(&p, &left, '\n');
1452 }
1453 left += skipped;
1454 } else {
1455 unsigned long bit_a, bit_b = 0;
1456 bool first = 1;
1457
1458 while (left) {
1459 bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
1460 if (bit_a >= bitmap_len)
1461 break;
1462 bit_b = find_next_zero_bit(bitmap, bitmap_len,
1463 bit_a + 1) - 1;
1464
1465 if (!first)
1466 proc_put_char(&buffer, &left, ',');
1467 proc_put_long(&buffer, &left, bit_a, false);
1468 if (bit_a != bit_b) {
1469 proc_put_char(&buffer, &left, '-');
1470 proc_put_long(&buffer, &left, bit_b, false);
1471 }
1472
1473 first = 0; bit_b++;
1474 }
1475 proc_put_char(&buffer, &left, '\n');
1476 }
1477
1478 if (!err) {
1479 if (write) {
1480 if (*ppos)
1481 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
1482 else
1483 bitmap_copy(bitmap, tmp_bitmap, bitmap_len);
1484 }
1485 *lenp -= left;
1486 *ppos += *lenp;
1487 }
1488
1489 bitmap_free(tmp_bitmap);
1490 return err;
1491}
1492
1493#else /* CONFIG_PROC_SYSCTL */
1494
1495int proc_dostring(const struct ctl_table *table, int write,
1496 void *buffer, size_t *lenp, loff_t *ppos)
1497{
1498 return -ENOSYS;
1499}
1500
1501int proc_dobool(const struct ctl_table *table, int write,
1502 void *buffer, size_t *lenp, loff_t *ppos)
1503{
1504 return -ENOSYS;
1505}
1506
1507int proc_dointvec(const struct ctl_table *table, int write,
1508 void *buffer, size_t *lenp, loff_t *ppos)
1509{
1510 return -ENOSYS;
1511}
1512
1513int proc_douintvec(const struct ctl_table *table, int write,
1514 void *buffer, size_t *lenp, loff_t *ppos)
1515{
1516 return -ENOSYS;
1517}
1518
1519int proc_dointvec_minmax(const struct ctl_table *table, int write,
1520 void *buffer, size_t *lenp, loff_t *ppos)
1521{
1522 return -ENOSYS;
1523}
1524
1525int proc_douintvec_minmax(const struct ctl_table *table, int write,
1526 void *buffer, size_t *lenp, loff_t *ppos)
1527{
1528 return -ENOSYS;
1529}
1530
1531int proc_dou8vec_minmax(const struct ctl_table *table, int write,
1532 void *buffer, size_t *lenp, loff_t *ppos)
1533{
1534 return -ENOSYS;
1535}
1536
1537int proc_dointvec_jiffies(const struct ctl_table *table, int write,
1538 void *buffer, size_t *lenp, loff_t *ppos)
1539{
1540 return -ENOSYS;
1541}
1542
1543int proc_dointvec_ms_jiffies_minmax(const struct ctl_table *table, int write,
1544 void *buffer, size_t *lenp, loff_t *ppos)
1545{
1546 return -ENOSYS;
1547}
1548
1549int proc_dointvec_userhz_jiffies(const struct ctl_table *table, int write,
1550 void *buffer, size_t *lenp, loff_t *ppos)
1551{
1552 return -ENOSYS;
1553}
1554
1555int proc_dointvec_ms_jiffies(const struct ctl_table *table, int write,
1556 void *buffer, size_t *lenp, loff_t *ppos)
1557{
1558 return -ENOSYS;
1559}
1560
1561int proc_doulongvec_minmax(const struct ctl_table *table, int write,
1562 void *buffer, size_t *lenp, loff_t *ppos)
1563{
1564 return -ENOSYS;
1565}
1566
1567int proc_doulongvec_ms_jiffies_minmax(const struct ctl_table *table, int write,
1568 void *buffer, size_t *lenp, loff_t *ppos)
1569{
1570 return -ENOSYS;
1571}
1572
1573int proc_do_large_bitmap(const struct ctl_table *table, int write,
1574 void *buffer, size_t *lenp, loff_t *ppos)
1575{
1576 return -ENOSYS;
1577}
1578
1579#endif /* CONFIG_PROC_SYSCTL */
1580
1581#if defined(CONFIG_SYSCTL)
1582int proc_do_static_key(const struct ctl_table *table, int write,
1583 void *buffer, size_t *lenp, loff_t *ppos)
1584{
1585 struct static_key *key = (struct static_key *)table->data;
1586 static DEFINE_MUTEX(static_key_mutex);
1587 int val, ret;
1588 struct ctl_table tmp = {
1589 .data = &val,
1590 .maxlen = sizeof(val),
1591 .mode = table->mode,
1592 .extra1 = SYSCTL_ZERO,
1593 .extra2 = SYSCTL_ONE,
1594 };
1595
1596 if (write && !capable(CAP_SYS_ADMIN))
1597 return -EPERM;
1598
1599 mutex_lock(&static_key_mutex);
1600 val = static_key_enabled(key);
1601 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
1602 if (write && !ret) {
1603 if (val)
1604 static_key_enable(key);
1605 else
1606 static_key_disable(key);
1607 }
1608 mutex_unlock(&static_key_mutex);
1609 return ret;
1610}
1611
1612static struct ctl_table kern_table[] = {
1613 {
1614 .procname = "panic",
1615 .data = &panic_timeout,
1616 .maxlen = sizeof(int),
1617 .mode = 0644,
1618 .proc_handler = proc_dointvec,
1619 },
1620#ifdef CONFIG_PROC_SYSCTL
1621 {
1622 .procname = "tainted",
1623 .maxlen = sizeof(long),
1624 .mode = 0644,
1625 .proc_handler = proc_taint,
1626 },
1627 {
1628 .procname = "sysctl_writes_strict",
1629 .data = &sysctl_writes_strict,
1630 .maxlen = sizeof(int),
1631 .mode = 0644,
1632 .proc_handler = proc_dointvec_minmax,
1633 .extra1 = SYSCTL_NEG_ONE,
1634 .extra2 = SYSCTL_ONE,
1635 },
1636#endif
1637 {
1638 .procname = "print-fatal-signals",
1639 .data = &print_fatal_signals,
1640 .maxlen = sizeof(int),
1641 .mode = 0644,
1642 .proc_handler = proc_dointvec,
1643 },
1644#ifdef CONFIG_SPARC
1645 {
1646 .procname = "reboot-cmd",
1647 .data = reboot_command,
1648 .maxlen = 256,
1649 .mode = 0644,
1650 .proc_handler = proc_dostring,
1651 },
1652 {
1653 .procname = "stop-a",
1654 .data = &stop_a_enabled,
1655 .maxlen = sizeof (int),
1656 .mode = 0644,
1657 .proc_handler = proc_dointvec,
1658 },
1659 {
1660 .procname = "scons-poweroff",
1661 .data = &scons_pwroff,
1662 .maxlen = sizeof (int),
1663 .mode = 0644,
1664 .proc_handler = proc_dointvec,
1665 },
1666#endif
1667#ifdef CONFIG_SPARC64
1668 {
1669 .procname = "tsb-ratio",
1670 .data = &sysctl_tsb_ratio,
1671 .maxlen = sizeof (int),
1672 .mode = 0644,
1673 .proc_handler = proc_dointvec,
1674 },
1675#endif
1676#ifdef CONFIG_PARISC
1677 {
1678 .procname = "soft-power",
1679 .data = &pwrsw_enabled,
1680 .maxlen = sizeof (int),
1681 .mode = 0644,
1682 .proc_handler = proc_dointvec,
1683 },
1684#endif
1685#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
1686 {
1687 .procname = "unaligned-trap",
1688 .data = &unaligned_enabled,
1689 .maxlen = sizeof (int),
1690 .mode = 0644,
1691 .proc_handler = proc_dointvec,
1692 },
1693#endif
1694#ifdef CONFIG_STACK_TRACER
1695 {
1696 .procname = "stack_tracer_enabled",
1697 .data = &stack_tracer_enabled,
1698 .maxlen = sizeof(int),
1699 .mode = 0644,
1700 .proc_handler = stack_trace_sysctl,
1701 },
1702#endif
1703#ifdef CONFIG_TRACING
1704 {
1705 .procname = "ftrace_dump_on_oops",
1706 .data = &ftrace_dump_on_oops,
1707 .maxlen = MAX_TRACER_SIZE,
1708 .mode = 0644,
1709 .proc_handler = proc_dostring,
1710 },
1711 {
1712 .procname = "traceoff_on_warning",
1713 .data = &__disable_trace_on_warning,
1714 .maxlen = sizeof(__disable_trace_on_warning),
1715 .mode = 0644,
1716 .proc_handler = proc_dointvec,
1717 },
1718 {
1719 .procname = "tracepoint_printk",
1720 .data = &tracepoint_printk,
1721 .maxlen = sizeof(tracepoint_printk),
1722 .mode = 0644,
1723 .proc_handler = tracepoint_printk_sysctl,
1724 },
1725#endif
1726#ifdef CONFIG_MODULES
1727 {
1728 .procname = "modprobe",
1729 .data = &modprobe_path,
1730 .maxlen = KMOD_PATH_LEN,
1731 .mode = 0644,
1732 .proc_handler = proc_dostring,
1733 },
1734 {
1735 .procname = "modules_disabled",
1736 .data = &modules_disabled,
1737 .maxlen = sizeof(int),
1738 .mode = 0644,
1739 /* only handle a transition from default "0" to "1" */
1740 .proc_handler = proc_dointvec_minmax,
1741 .extra1 = SYSCTL_ONE,
1742 .extra2 = SYSCTL_ONE,
1743 },
1744#endif
1745#ifdef CONFIG_UEVENT_HELPER
1746 {
1747 .procname = "hotplug",
1748 .data = &uevent_helper,
1749 .maxlen = UEVENT_HELPER_PATH_LEN,
1750 .mode = 0644,
1751 .proc_handler = proc_dostring,
1752 },
1753#endif
1754#ifdef CONFIG_MAGIC_SYSRQ
1755 {
1756 .procname = "sysrq",
1757 .data = NULL,
1758 .maxlen = sizeof (int),
1759 .mode = 0644,
1760 .proc_handler = sysrq_sysctl_handler,
1761 },
1762#endif
1763#ifdef CONFIG_PROC_SYSCTL
1764 {
1765 .procname = "cad_pid",
1766 .data = NULL,
1767 .maxlen = sizeof (int),
1768 .mode = 0600,
1769 .proc_handler = proc_do_cad_pid,
1770 },
1771#endif
1772 {
1773 .procname = "threads-max",
1774 .data = NULL,
1775 .maxlen = sizeof(int),
1776 .mode = 0644,
1777 .proc_handler = sysctl_max_threads,
1778 },
1779 {
1780 .procname = "overflowuid",
1781 .data = &overflowuid,
1782 .maxlen = sizeof(int),
1783 .mode = 0644,
1784 .proc_handler = proc_dointvec_minmax,
1785 .extra1 = SYSCTL_ZERO,
1786 .extra2 = SYSCTL_MAXOLDUID,
1787 },
1788 {
1789 .procname = "overflowgid",
1790 .data = &overflowgid,
1791 .maxlen = sizeof(int),
1792 .mode = 0644,
1793 .proc_handler = proc_dointvec_minmax,
1794 .extra1 = SYSCTL_ZERO,
1795 .extra2 = SYSCTL_MAXOLDUID,
1796 },
1797#ifdef CONFIG_S390
1798 {
1799 .procname = "userprocess_debug",
1800 .data = &show_unhandled_signals,
1801 .maxlen = sizeof(int),
1802 .mode = 0644,
1803 .proc_handler = proc_dointvec,
1804 },
1805#endif
1806 {
1807 .procname = "pid_max",
1808 .data = &pid_max,
1809 .maxlen = sizeof (int),
1810 .mode = 0644,
1811 .proc_handler = proc_dointvec_minmax,
1812 .extra1 = &pid_max_min,
1813 .extra2 = &pid_max_max,
1814 },
1815 {
1816 .procname = "panic_on_oops",
1817 .data = &panic_on_oops,
1818 .maxlen = sizeof(int),
1819 .mode = 0644,
1820 .proc_handler = proc_dointvec,
1821 },
1822 {
1823 .procname = "panic_print",
1824 .data = &panic_print,
1825 .maxlen = sizeof(unsigned long),
1826 .mode = 0644,
1827 .proc_handler = proc_doulongvec_minmax,
1828 },
1829 {
1830 .procname = "ngroups_max",
1831 .data = (void *)&ngroups_max,
1832 .maxlen = sizeof (int),
1833 .mode = 0444,
1834 .proc_handler = proc_dointvec,
1835 },
1836 {
1837 .procname = "cap_last_cap",
1838 .data = (void *)&cap_last_cap,
1839 .maxlen = sizeof(int),
1840 .mode = 0444,
1841 .proc_handler = proc_dointvec,
1842 },
1843#if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
1844 {
1845 .procname = "unknown_nmi_panic",
1846 .data = &unknown_nmi_panic,
1847 .maxlen = sizeof (int),
1848 .mode = 0644,
1849 .proc_handler = proc_dointvec,
1850 },
1851#endif
1852
1853#if (defined(CONFIG_X86_32) || defined(CONFIG_PARISC)) && \
1854 defined(CONFIG_DEBUG_STACKOVERFLOW)
1855 {
1856 .procname = "panic_on_stackoverflow",
1857 .data = &sysctl_panic_on_stackoverflow,
1858 .maxlen = sizeof(int),
1859 .mode = 0644,
1860 .proc_handler = proc_dointvec,
1861 },
1862#endif
1863#if defined(CONFIG_X86)
1864 {
1865 .procname = "panic_on_unrecovered_nmi",
1866 .data = &panic_on_unrecovered_nmi,
1867 .maxlen = sizeof(int),
1868 .mode = 0644,
1869 .proc_handler = proc_dointvec,
1870 },
1871 {
1872 .procname = "panic_on_io_nmi",
1873 .data = &panic_on_io_nmi,
1874 .maxlen = sizeof(int),
1875 .mode = 0644,
1876 .proc_handler = proc_dointvec,
1877 },
1878 {
1879 .procname = "bootloader_type",
1880 .data = &bootloader_type,
1881 .maxlen = sizeof (int),
1882 .mode = 0444,
1883 .proc_handler = proc_dointvec,
1884 },
1885 {
1886 .procname = "bootloader_version",
1887 .data = &bootloader_version,
1888 .maxlen = sizeof (int),
1889 .mode = 0444,
1890 .proc_handler = proc_dointvec,
1891 },
1892 {
1893 .procname = "io_delay_type",
1894 .data = &io_delay_type,
1895 .maxlen = sizeof(int),
1896 .mode = 0644,
1897 .proc_handler = proc_dointvec,
1898 },
1899#endif
1900#if defined(CONFIG_MMU)
1901 {
1902 .procname = "randomize_va_space",
1903 .data = &randomize_va_space,
1904 .maxlen = sizeof(int),
1905 .mode = 0644,
1906 .proc_handler = proc_dointvec,
1907 },
1908#endif
1909#if defined(CONFIG_S390) && defined(CONFIG_SMP)
1910 {
1911 .procname = "spin_retry",
1912 .data = &spin_retry,
1913 .maxlen = sizeof (int),
1914 .mode = 0644,
1915 .proc_handler = proc_dointvec,
1916 },
1917#endif
1918#if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86)
1919 {
1920 .procname = "acpi_video_flags",
1921 .data = &acpi_realmode_flags,
1922 .maxlen = sizeof (unsigned long),
1923 .mode = 0644,
1924 .proc_handler = proc_doulongvec_minmax,
1925 },
1926#endif
1927#ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
1928 {
1929 .procname = "ignore-unaligned-usertrap",
1930 .data = &no_unaligned_warning,
1931 .maxlen = sizeof (int),
1932 .mode = 0644,
1933 .proc_handler = proc_dointvec,
1934 },
1935#endif
1936#ifdef CONFIG_RT_MUTEXES
1937 {
1938 .procname = "max_lock_depth",
1939 .data = &max_lock_depth,
1940 .maxlen = sizeof(int),
1941 .mode = 0644,
1942 .proc_handler = proc_dointvec,
1943 },
1944#endif
1945#ifdef CONFIG_PERF_EVENTS
1946 /*
1947 * User-space scripts rely on the existence of this file
1948 * as a feature check for perf_events being enabled.
1949 *
1950 * So it's an ABI, do not remove!
1951 */
1952 {
1953 .procname = "perf_event_paranoid",
1954 .data = &sysctl_perf_event_paranoid,
1955 .maxlen = sizeof(sysctl_perf_event_paranoid),
1956 .mode = 0644,
1957 .proc_handler = proc_dointvec,
1958 },
1959 {
1960 .procname = "perf_event_mlock_kb",
1961 .data = &sysctl_perf_event_mlock,
1962 .maxlen = sizeof(sysctl_perf_event_mlock),
1963 .mode = 0644,
1964 .proc_handler = proc_dointvec,
1965 },
1966 {
1967 .procname = "perf_event_max_sample_rate",
1968 .data = &sysctl_perf_event_sample_rate,
1969 .maxlen = sizeof(sysctl_perf_event_sample_rate),
1970 .mode = 0644,
1971 .proc_handler = perf_event_max_sample_rate_handler,
1972 .extra1 = SYSCTL_ONE,
1973 },
1974 {
1975 .procname = "perf_cpu_time_max_percent",
1976 .data = &sysctl_perf_cpu_time_max_percent,
1977 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent),
1978 .mode = 0644,
1979 .proc_handler = perf_cpu_time_max_percent_handler,
1980 .extra1 = SYSCTL_ZERO,
1981 .extra2 = SYSCTL_ONE_HUNDRED,
1982 },
1983 {
1984 .procname = "perf_event_max_stack",
1985 .data = &sysctl_perf_event_max_stack,
1986 .maxlen = sizeof(sysctl_perf_event_max_stack),
1987 .mode = 0644,
1988 .proc_handler = perf_event_max_stack_handler,
1989 .extra1 = SYSCTL_ZERO,
1990 .extra2 = (void *)&six_hundred_forty_kb,
1991 },
1992 {
1993 .procname = "perf_event_max_contexts_per_stack",
1994 .data = &sysctl_perf_event_max_contexts_per_stack,
1995 .maxlen = sizeof(sysctl_perf_event_max_contexts_per_stack),
1996 .mode = 0644,
1997 .proc_handler = perf_event_max_stack_handler,
1998 .extra1 = SYSCTL_ZERO,
1999 .extra2 = SYSCTL_ONE_THOUSAND,
2000 },
2001#endif
2002 {
2003 .procname = "panic_on_warn",
2004 .data = &panic_on_warn,
2005 .maxlen = sizeof(int),
2006 .mode = 0644,
2007 .proc_handler = proc_dointvec_minmax,
2008 .extra1 = SYSCTL_ZERO,
2009 .extra2 = SYSCTL_ONE,
2010 },
2011#ifdef CONFIG_TREE_RCU
2012 {
2013 .procname = "panic_on_rcu_stall",
2014 .data = &sysctl_panic_on_rcu_stall,
2015 .maxlen = sizeof(sysctl_panic_on_rcu_stall),
2016 .mode = 0644,
2017 .proc_handler = proc_dointvec_minmax,
2018 .extra1 = SYSCTL_ZERO,
2019 .extra2 = SYSCTL_ONE,
2020 },
2021 {
2022 .procname = "max_rcu_stall_to_panic",
2023 .data = &sysctl_max_rcu_stall_to_panic,
2024 .maxlen = sizeof(sysctl_max_rcu_stall_to_panic),
2025 .mode = 0644,
2026 .proc_handler = proc_dointvec_minmax,
2027 .extra1 = SYSCTL_ONE,
2028 .extra2 = SYSCTL_INT_MAX,
2029 },
2030#endif
2031};
2032
2033static struct ctl_table vm_table[] = {
2034 {
2035 .procname = "overcommit_memory",
2036 .data = &sysctl_overcommit_memory,
2037 .maxlen = sizeof(sysctl_overcommit_memory),
2038 .mode = 0644,
2039 .proc_handler = overcommit_policy_handler,
2040 .extra1 = SYSCTL_ZERO,
2041 .extra2 = SYSCTL_TWO,
2042 },
2043 {
2044 .procname = "overcommit_ratio",
2045 .data = &sysctl_overcommit_ratio,
2046 .maxlen = sizeof(sysctl_overcommit_ratio),
2047 .mode = 0644,
2048 .proc_handler = overcommit_ratio_handler,
2049 },
2050 {
2051 .procname = "overcommit_kbytes",
2052 .data = &sysctl_overcommit_kbytes,
2053 .maxlen = sizeof(sysctl_overcommit_kbytes),
2054 .mode = 0644,
2055 .proc_handler = overcommit_kbytes_handler,
2056 },
2057 {
2058 .procname = "page-cluster",
2059 .data = &page_cluster,
2060 .maxlen = sizeof(int),
2061 .mode = 0644,
2062 .proc_handler = proc_dointvec_minmax,
2063 .extra1 = SYSCTL_ZERO,
2064 .extra2 = (void *)&page_cluster_max,
2065 },
2066 {
2067 .procname = "dirtytime_expire_seconds",
2068 .data = &dirtytime_expire_interval,
2069 .maxlen = sizeof(dirtytime_expire_interval),
2070 .mode = 0644,
2071 .proc_handler = dirtytime_interval_handler,
2072 .extra1 = SYSCTL_ZERO,
2073 },
2074 {
2075 .procname = "swappiness",
2076 .data = &vm_swappiness,
2077 .maxlen = sizeof(vm_swappiness),
2078 .mode = 0644,
2079 .proc_handler = proc_dointvec_minmax,
2080 .extra1 = SYSCTL_ZERO,
2081 .extra2 = SYSCTL_TWO_HUNDRED,
2082 },
2083#ifdef CONFIG_NUMA
2084 {
2085 .procname = "numa_stat",
2086 .data = &sysctl_vm_numa_stat,
2087 .maxlen = sizeof(int),
2088 .mode = 0644,
2089 .proc_handler = sysctl_vm_numa_stat_handler,
2090 .extra1 = SYSCTL_ZERO,
2091 .extra2 = SYSCTL_ONE,
2092 },
2093#endif
2094 {
2095 .procname = "drop_caches",
2096 .data = &sysctl_drop_caches,
2097 .maxlen = sizeof(int),
2098 .mode = 0200,
2099 .proc_handler = drop_caches_sysctl_handler,
2100 .extra1 = SYSCTL_ONE,
2101 .extra2 = SYSCTL_FOUR,
2102 },
2103 {
2104 .procname = "page_lock_unfairness",
2105 .data = &sysctl_page_lock_unfairness,
2106 .maxlen = sizeof(sysctl_page_lock_unfairness),
2107 .mode = 0644,
2108 .proc_handler = proc_dointvec_minmax,
2109 .extra1 = SYSCTL_ZERO,
2110 },
2111#ifdef CONFIG_MMU
2112 {
2113 .procname = "max_map_count",
2114 .data = &sysctl_max_map_count,
2115 .maxlen = sizeof(sysctl_max_map_count),
2116 .mode = 0644,
2117 .proc_handler = proc_dointvec_minmax,
2118 .extra1 = SYSCTL_ZERO,
2119 },
2120#else
2121 {
2122 .procname = "nr_trim_pages",
2123 .data = &sysctl_nr_trim_pages,
2124 .maxlen = sizeof(sysctl_nr_trim_pages),
2125 .mode = 0644,
2126 .proc_handler = proc_dointvec_minmax,
2127 .extra1 = SYSCTL_ZERO,
2128 },
2129#endif
2130 {
2131 .procname = "vfs_cache_pressure",
2132 .data = &sysctl_vfs_cache_pressure,
2133 .maxlen = sizeof(sysctl_vfs_cache_pressure),
2134 .mode = 0644,
2135 .proc_handler = proc_dointvec_minmax,
2136 .extra1 = SYSCTL_ZERO,
2137 },
2138#if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
2139 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
2140 {
2141 .procname = "legacy_va_layout",
2142 .data = &sysctl_legacy_va_layout,
2143 .maxlen = sizeof(sysctl_legacy_va_layout),
2144 .mode = 0644,
2145 .proc_handler = proc_dointvec_minmax,
2146 .extra1 = SYSCTL_ZERO,
2147 },
2148#endif
2149#ifdef CONFIG_NUMA
2150 {
2151 .procname = "zone_reclaim_mode",
2152 .data = &node_reclaim_mode,
2153 .maxlen = sizeof(node_reclaim_mode),
2154 .mode = 0644,
2155 .proc_handler = proc_dointvec_minmax,
2156 .extra1 = SYSCTL_ZERO,
2157 },
2158#endif
2159#ifdef CONFIG_SMP
2160 {
2161 .procname = "stat_interval",
2162 .data = &sysctl_stat_interval,
2163 .maxlen = sizeof(sysctl_stat_interval),
2164 .mode = 0644,
2165 .proc_handler = proc_dointvec_jiffies,
2166 },
2167 {
2168 .procname = "stat_refresh",
2169 .data = NULL,
2170 .maxlen = 0,
2171 .mode = 0600,
2172 .proc_handler = vmstat_refresh,
2173 },
2174#endif
2175#ifdef CONFIG_MMU
2176 {
2177 .procname = "mmap_min_addr",
2178 .data = &dac_mmap_min_addr,
2179 .maxlen = sizeof(unsigned long),
2180 .mode = 0644,
2181 .proc_handler = mmap_min_addr_handler,
2182 },
2183#endif
2184#if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \
2185 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL))
2186 {
2187 .procname = "vdso_enabled",
2188#ifdef CONFIG_X86_32
2189 .data = &vdso32_enabled,
2190 .maxlen = sizeof(vdso32_enabled),
2191#else
2192 .data = &vdso_enabled,
2193 .maxlen = sizeof(vdso_enabled),
2194#endif
2195 .mode = 0644,
2196 .proc_handler = proc_dointvec,
2197 .extra1 = SYSCTL_ZERO,
2198 },
2199#endif
2200 {
2201 .procname = "user_reserve_kbytes",
2202 .data = &sysctl_user_reserve_kbytes,
2203 .maxlen = sizeof(sysctl_user_reserve_kbytes),
2204 .mode = 0644,
2205 .proc_handler = proc_doulongvec_minmax,
2206 },
2207 {
2208 .procname = "admin_reserve_kbytes",
2209 .data = &sysctl_admin_reserve_kbytes,
2210 .maxlen = sizeof(sysctl_admin_reserve_kbytes),
2211 .mode = 0644,
2212 .proc_handler = proc_doulongvec_minmax,
2213 },
2214#ifdef CONFIG_HAVE_ARCH_MMAP_RND_BITS
2215 {
2216 .procname = "mmap_rnd_bits",
2217 .data = &mmap_rnd_bits,
2218 .maxlen = sizeof(mmap_rnd_bits),
2219 .mode = 0600,
2220 .proc_handler = proc_dointvec_minmax,
2221 .extra1 = (void *)&mmap_rnd_bits_min,
2222 .extra2 = (void *)&mmap_rnd_bits_max,
2223 },
2224#endif
2225#ifdef CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS
2226 {
2227 .procname = "mmap_rnd_compat_bits",
2228 .data = &mmap_rnd_compat_bits,
2229 .maxlen = sizeof(mmap_rnd_compat_bits),
2230 .mode = 0600,
2231 .proc_handler = proc_dointvec_minmax,
2232 .extra1 = (void *)&mmap_rnd_compat_bits_min,
2233 .extra2 = (void *)&mmap_rnd_compat_bits_max,
2234 },
2235#endif
2236};
2237
2238int __init sysctl_init_bases(void)
2239{
2240 register_sysctl_init("kernel", kern_table);
2241 register_sysctl_init("vm", vm_table);
2242
2243 return 0;
2244}
2245#endif /* CONFIG_SYSCTL */
2246/*
2247 * No sense putting this after each symbol definition, twice,
2248 * exception granted :-)
2249 */
2250EXPORT_SYMBOL(proc_dobool);
2251EXPORT_SYMBOL(proc_dointvec);
2252EXPORT_SYMBOL(proc_douintvec);
2253EXPORT_SYMBOL(proc_dointvec_jiffies);
2254EXPORT_SYMBOL(proc_dointvec_minmax);
2255EXPORT_SYMBOL_GPL(proc_douintvec_minmax);
2256EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
2257EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
2258EXPORT_SYMBOL(proc_dostring);
2259EXPORT_SYMBOL(proc_doulongvec_minmax);
2260EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);
2261EXPORT_SYMBOL(proc_do_large_bitmap);