1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * sysctl.c: General linux system control interface 4 * 5 * Begun 24 March 1995, Stephen Tweedie 6 * Added /proc support, Dec 1995 7 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas. 8 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver. 9 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver. 10 * Dynamic registration fixes, Stephen Tweedie. 11 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn. 12 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris 13 * Horn. 14 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer. 15 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer. 16 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill 17 * Wendling. 18 * The list_for_each() macro wasn't appropriate for the sysctl loop. 19 * Removed it and replaced it with older style, 03/23/00, Bill Wendling 20 */ 21 22 #include <linux/module.h> 23 #include <linux/aio.h> 24 #include <linux/mm.h> 25 #include <linux/swap.h> 26 #include <linux/slab.h> 27 #include <linux/sysctl.h> 28 #include <linux/bitmap.h> 29 #include <linux/signal.h> 30 #include <linux/printk.h> 31 #include <linux/proc_fs.h> 32 #include <linux/security.h> 33 #include <linux/ctype.h> 34 #include <linux/kmemleak.h> 35 #include <linux/fs.h> 36 #include <linux/init.h> 37 #include <linux/kernel.h> 38 #include <linux/kobject.h> 39 #include <linux/net.h> 40 #include <linux/sysrq.h> 41 #include <linux/highuid.h> 42 #include <linux/writeback.h> 43 #include <linux/ratelimit.h> 44 #include <linux/compaction.h> 45 #include <linux/hugetlb.h> 46 #include <linux/initrd.h> 47 #include <linux/key.h> 48 #include <linux/times.h> 49 #include <linux/limits.h> 50 #include <linux/dcache.h> 51 #include <linux/dnotify.h> 52 #include <linux/syscalls.h> 53 #include <linux/vmstat.h> 54 #include <linux/nfs_fs.h> 55 #include <linux/acpi.h> 56 #include <linux/reboot.h> 57 #include <linux/ftrace.h> 58 #include <linux/perf_event.h> 59 #include <linux/kprobes.h> 60 #include <linux/pipe_fs_i.h> 61 #include <linux/oom.h> 62 #include <linux/kmod.h> 63 #include <linux/capability.h> 64 #include <linux/binfmts.h> 65 #include <linux/sched/sysctl.h> 66 #include <linux/sched/coredump.h> 67 #include <linux/kexec.h> 68 #include <linux/bpf.h> 69 #include <linux/mount.h> 70 #include <linux/userfaultfd_k.h> 71 72 #include "../lib/kstrtox.h" 73 74 #include <linux/uaccess.h> 75 #include <asm/processor.h> 76 77 #ifdef CONFIG_X86 78 #include <asm/nmi.h> 79 #include <asm/stacktrace.h> 80 #include <asm/io.h> 81 #endif 82 #ifdef CONFIG_SPARC 83 #include <asm/setup.h> 84 #endif 85 #ifdef CONFIG_BSD_PROCESS_ACCT 86 #include <linux/acct.h> 87 #endif 88 #ifdef CONFIG_RT_MUTEXES 89 #include <linux/rtmutex.h> 90 #endif 91 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT) 92 #include <linux/lockdep.h> 93 #endif 94 #ifdef CONFIG_CHR_DEV_SG 95 #include <scsi/sg.h> 96 #endif 97 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE 98 #include <linux/stackleak.h> 99 #endif 100 #ifdef CONFIG_LOCKUP_DETECTOR 101 #include <linux/nmi.h> 102 #endif 103 104 #if defined(CONFIG_SYSCTL) 105 106 /* External variables not in a header file. */ 107 extern int suid_dumpable; 108 #ifdef CONFIG_COREDUMP 109 extern int core_uses_pid; 110 extern char core_pattern[]; 111 extern unsigned int core_pipe_limit; 112 #endif 113 extern int pid_max; 114 extern int pid_max_min, pid_max_max; 115 extern int percpu_pagelist_fraction; 116 extern int latencytop_enabled; 117 extern unsigned int sysctl_nr_open_min, sysctl_nr_open_max; 118 #ifndef CONFIG_MMU 119 extern int sysctl_nr_trim_pages; 120 #endif 121 122 /* Constants used for minimum and maximum */ 123 #ifdef CONFIG_LOCKUP_DETECTOR 124 static int sixty = 60; 125 #endif 126 127 static int __maybe_unused neg_one = -1; 128 129 static int zero; 130 static int __maybe_unused one = 1; 131 static int __maybe_unused two = 2; 132 static int __maybe_unused four = 4; 133 static unsigned long zero_ul; 134 static unsigned long one_ul = 1; 135 static unsigned long long_max = LONG_MAX; 136 static int one_hundred = 100; 137 static int one_thousand = 1000; 138 #ifdef CONFIG_PRINTK 139 static int ten_thousand = 10000; 140 #endif 141 #ifdef CONFIG_PERF_EVENTS 142 static int six_hundred_forty_kb = 640 * 1024; 143 #endif 144 145 /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ 146 static unsigned long dirty_bytes_min = 2 * PAGE_SIZE; 147 148 /* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */ 149 static int maxolduid = 65535; 150 static int minolduid; 151 152 static int ngroups_max = NGROUPS_MAX; 153 static const int cap_last_cap = CAP_LAST_CAP; 154 155 /* 156 * This is needed for proc_doulongvec_minmax of sysctl_hung_task_timeout_secs 157 * and hung_task_check_interval_secs 158 */ 159 #ifdef CONFIG_DETECT_HUNG_TASK 160 static unsigned long hung_task_timeout_max = (LONG_MAX/HZ); 161 #endif 162 163 #ifdef CONFIG_INOTIFY_USER 164 #include <linux/inotify.h> 165 #endif 166 #ifdef CONFIG_SPARC 167 #endif 168 169 #ifdef __hppa__ 170 extern int pwrsw_enabled; 171 #endif 172 173 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW 174 extern int unaligned_enabled; 175 #endif 176 177 #ifdef CONFIG_IA64 178 extern int unaligned_dump_stack; 179 #endif 180 181 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN 182 extern int no_unaligned_warning; 183 #endif 184 185 #ifdef CONFIG_PROC_SYSCTL 186 187 /** 188 * enum sysctl_writes_mode - supported sysctl write modes 189 * 190 * @SYSCTL_WRITES_LEGACY: each write syscall must fully contain the sysctl value 191 * to be written, and multiple writes on the same sysctl file descriptor 192 * will rewrite the sysctl value, regardless of file position. No warning 193 * is issued when the initial position is not 0. 194 * @SYSCTL_WRITES_WARN: same as above but warn when the initial file position is 195 * not 0. 196 * @SYSCTL_WRITES_STRICT: writes to numeric sysctl entries must always be at 197 * file position 0 and the value must be fully contained in the buffer 198 * sent to the write syscall. If dealing with strings respect the file 199 * position, but restrict this to the max length of the buffer, anything 200 * passed the max lenght will be ignored. Multiple writes will append 201 * to the buffer. 202 * 203 * These write modes control how current file position affects the behavior of 204 * updating sysctl values through the proc interface on each write. 205 */ 206 enum sysctl_writes_mode { 207 SYSCTL_WRITES_LEGACY = -1, 208 SYSCTL_WRITES_WARN = 0, 209 SYSCTL_WRITES_STRICT = 1, 210 }; 211 212 static enum sysctl_writes_mode sysctl_writes_strict = SYSCTL_WRITES_STRICT; 213 214 static int proc_do_cad_pid(struct ctl_table *table, int write, 215 void __user *buffer, size_t *lenp, loff_t *ppos); 216 static int proc_taint(struct ctl_table *table, int write, 217 void __user *buffer, size_t *lenp, loff_t *ppos); 218 #endif 219 220 #ifdef CONFIG_PRINTK 221 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, 222 void __user *buffer, size_t *lenp, loff_t *ppos); 223 #endif 224 225 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, 226 void __user *buffer, size_t *lenp, loff_t *ppos); 227 #ifdef CONFIG_COREDUMP 228 static int proc_dostring_coredump(struct ctl_table *table, int write, 229 void __user *buffer, size_t *lenp, loff_t *ppos); 230 #endif 231 static int proc_dopipe_max_size(struct ctl_table *table, int write, 232 void __user *buffer, size_t *lenp, loff_t *ppos); 233 234 #ifdef CONFIG_MAGIC_SYSRQ 235 /* Note: sysrq code uses its own private copy */ 236 static int __sysrq_enabled = CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE; 237 238 static int sysrq_sysctl_handler(struct ctl_table *table, int write, 239 void __user *buffer, size_t *lenp, 240 loff_t *ppos) 241 { 242 int error; 243 244 error = proc_dointvec(table, write, buffer, lenp, ppos); 245 if (error) 246 return error; 247 248 if (write) 249 sysrq_toggle_support(__sysrq_enabled); 250 251 return 0; 252 } 253 254 #endif 255 256 static struct ctl_table kern_table[]; 257 static struct ctl_table vm_table[]; 258 static struct ctl_table fs_table[]; 259 static struct ctl_table debug_table[]; 260 static struct ctl_table dev_table[]; 261 extern struct ctl_table random_table[]; 262 #ifdef CONFIG_EPOLL 263 extern struct ctl_table epoll_table[]; 264 #endif 265 266 #ifdef CONFIG_FW_LOADER_USER_HELPER 267 extern struct ctl_table firmware_config_table[]; 268 #endif 269 270 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT 271 int sysctl_legacy_va_layout; 272 #endif 273 274 /* The default sysctl tables: */ 275 276 static struct ctl_table sysctl_base_table[] = { 277 { 278 .procname = "kernel", 279 .mode = 0555, 280 .child = kern_table, 281 }, 282 { 283 .procname = "vm", 284 .mode = 0555, 285 .child = vm_table, 286 }, 287 { 288 .procname = "fs", 289 .mode = 0555, 290 .child = fs_table, 291 }, 292 { 293 .procname = "debug", 294 .mode = 0555, 295 .child = debug_table, 296 }, 297 { 298 .procname = "dev", 299 .mode = 0555, 300 .child = dev_table, 301 }, 302 { } 303 }; 304 305 #ifdef CONFIG_SCHED_DEBUG 306 static int min_sched_granularity_ns = 100000; /* 100 usecs */ 307 static int max_sched_granularity_ns = NSEC_PER_SEC; /* 1 second */ 308 static int min_wakeup_granularity_ns; /* 0 usecs */ 309 static int max_wakeup_granularity_ns = NSEC_PER_SEC; /* 1 second */ 310 #ifdef CONFIG_SMP 311 static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE; 312 static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1; 313 #endif /* CONFIG_SMP */ 314 #endif /* CONFIG_SCHED_DEBUG */ 315 316 #ifdef CONFIG_COMPACTION 317 static int min_extfrag_threshold; 318 static int max_extfrag_threshold = 1000; 319 #endif 320 321 static struct ctl_table kern_table[] = { 322 { 323 .procname = "sched_child_runs_first", 324 .data = &sysctl_sched_child_runs_first, 325 .maxlen = sizeof(unsigned int), 326 .mode = 0644, 327 .proc_handler = proc_dointvec, 328 }, 329 #ifdef CONFIG_SCHED_DEBUG 330 { 331 .procname = "sched_min_granularity_ns", 332 .data = &sysctl_sched_min_granularity, 333 .maxlen = sizeof(unsigned int), 334 .mode = 0644, 335 .proc_handler = sched_proc_update_handler, 336 .extra1 = &min_sched_granularity_ns, 337 .extra2 = &max_sched_granularity_ns, 338 }, 339 { 340 .procname = "sched_latency_ns", 341 .data = &sysctl_sched_latency, 342 .maxlen = sizeof(unsigned int), 343 .mode = 0644, 344 .proc_handler = sched_proc_update_handler, 345 .extra1 = &min_sched_granularity_ns, 346 .extra2 = &max_sched_granularity_ns, 347 }, 348 { 349 .procname = "sched_wakeup_granularity_ns", 350 .data = &sysctl_sched_wakeup_granularity, 351 .maxlen = sizeof(unsigned int), 352 .mode = 0644, 353 .proc_handler = sched_proc_update_handler, 354 .extra1 = &min_wakeup_granularity_ns, 355 .extra2 = &max_wakeup_granularity_ns, 356 }, 357 #ifdef CONFIG_SMP 358 { 359 .procname = "sched_tunable_scaling", 360 .data = &sysctl_sched_tunable_scaling, 361 .maxlen = sizeof(enum sched_tunable_scaling), 362 .mode = 0644, 363 .proc_handler = sched_proc_update_handler, 364 .extra1 = &min_sched_tunable_scaling, 365 .extra2 = &max_sched_tunable_scaling, 366 }, 367 { 368 .procname = "sched_migration_cost_ns", 369 .data = &sysctl_sched_migration_cost, 370 .maxlen = sizeof(unsigned int), 371 .mode = 0644, 372 .proc_handler = proc_dointvec, 373 }, 374 { 375 .procname = "sched_nr_migrate", 376 .data = &sysctl_sched_nr_migrate, 377 .maxlen = sizeof(unsigned int), 378 .mode = 0644, 379 .proc_handler = proc_dointvec, 380 }, 381 #ifdef CONFIG_SCHEDSTATS 382 { 383 .procname = "sched_schedstats", 384 .data = NULL, 385 .maxlen = sizeof(unsigned int), 386 .mode = 0644, 387 .proc_handler = sysctl_schedstats, 388 .extra1 = &zero, 389 .extra2 = &one, 390 }, 391 #endif /* CONFIG_SCHEDSTATS */ 392 #endif /* CONFIG_SMP */ 393 #ifdef CONFIG_NUMA_BALANCING 394 { 395 .procname = "numa_balancing_scan_delay_ms", 396 .data = &sysctl_numa_balancing_scan_delay, 397 .maxlen = sizeof(unsigned int), 398 .mode = 0644, 399 .proc_handler = proc_dointvec, 400 }, 401 { 402 .procname = "numa_balancing_scan_period_min_ms", 403 .data = &sysctl_numa_balancing_scan_period_min, 404 .maxlen = sizeof(unsigned int), 405 .mode = 0644, 406 .proc_handler = proc_dointvec, 407 }, 408 { 409 .procname = "numa_balancing_scan_period_max_ms", 410 .data = &sysctl_numa_balancing_scan_period_max, 411 .maxlen = sizeof(unsigned int), 412 .mode = 0644, 413 .proc_handler = proc_dointvec, 414 }, 415 { 416 .procname = "numa_balancing_scan_size_mb", 417 .data = &sysctl_numa_balancing_scan_size, 418 .maxlen = sizeof(unsigned int), 419 .mode = 0644, 420 .proc_handler = proc_dointvec_minmax, 421 .extra1 = &one, 422 }, 423 { 424 .procname = "numa_balancing", 425 .data = NULL, /* filled in by handler */ 426 .maxlen = sizeof(unsigned int), 427 .mode = 0644, 428 .proc_handler = sysctl_numa_balancing, 429 .extra1 = &zero, 430 .extra2 = &one, 431 }, 432 #endif /* CONFIG_NUMA_BALANCING */ 433 #endif /* CONFIG_SCHED_DEBUG */ 434 { 435 .procname = "sched_rt_period_us", 436 .data = &sysctl_sched_rt_period, 437 .maxlen = sizeof(unsigned int), 438 .mode = 0644, 439 .proc_handler = sched_rt_handler, 440 }, 441 { 442 .procname = "sched_rt_runtime_us", 443 .data = &sysctl_sched_rt_runtime, 444 .maxlen = sizeof(int), 445 .mode = 0644, 446 .proc_handler = sched_rt_handler, 447 }, 448 { 449 .procname = "sched_rr_timeslice_ms", 450 .data = &sysctl_sched_rr_timeslice, 451 .maxlen = sizeof(int), 452 .mode = 0644, 453 .proc_handler = sched_rr_handler, 454 }, 455 #ifdef CONFIG_UCLAMP_TASK 456 { 457 .procname = "sched_util_clamp_min", 458 .data = &sysctl_sched_uclamp_util_min, 459 .maxlen = sizeof(unsigned int), 460 .mode = 0644, 461 .proc_handler = sysctl_sched_uclamp_handler, 462 }, 463 { 464 .procname = "sched_util_clamp_max", 465 .data = &sysctl_sched_uclamp_util_max, 466 .maxlen = sizeof(unsigned int), 467 .mode = 0644, 468 .proc_handler = sysctl_sched_uclamp_handler, 469 }, 470 #endif 471 #ifdef CONFIG_SCHED_AUTOGROUP 472 { 473 .procname = "sched_autogroup_enabled", 474 .data = &sysctl_sched_autogroup_enabled, 475 .maxlen = sizeof(unsigned int), 476 .mode = 0644, 477 .proc_handler = proc_dointvec_minmax, 478 .extra1 = &zero, 479 .extra2 = &one, 480 }, 481 #endif 482 #ifdef CONFIG_CFS_BANDWIDTH 483 { 484 .procname = "sched_cfs_bandwidth_slice_us", 485 .data = &sysctl_sched_cfs_bandwidth_slice, 486 .maxlen = sizeof(unsigned int), 487 .mode = 0644, 488 .proc_handler = proc_dointvec_minmax, 489 .extra1 = &one, 490 }, 491 #endif 492 #if defined(CONFIG_ENERGY_MODEL) && defined(CONFIG_CPU_FREQ_GOV_SCHEDUTIL) 493 { 494 .procname = "sched_energy_aware", 495 .data = &sysctl_sched_energy_aware, 496 .maxlen = sizeof(unsigned int), 497 .mode = 0644, 498 .proc_handler = sched_energy_aware_handler, 499 .extra1 = &zero, 500 .extra2 = &one, 501 }, 502 #endif 503 #ifdef CONFIG_PROVE_LOCKING 504 { 505 .procname = "prove_locking", 506 .data = &prove_locking, 507 .maxlen = sizeof(int), 508 .mode = 0644, 509 .proc_handler = proc_dointvec, 510 }, 511 #endif 512 #ifdef CONFIG_LOCK_STAT 513 { 514 .procname = "lock_stat", 515 .data = &lock_stat, 516 .maxlen = sizeof(int), 517 .mode = 0644, 518 .proc_handler = proc_dointvec, 519 }, 520 #endif 521 { 522 .procname = "panic", 523 .data = &panic_timeout, 524 .maxlen = sizeof(int), 525 .mode = 0644, 526 .proc_handler = proc_dointvec, 527 }, 528 #ifdef CONFIG_COREDUMP 529 { 530 .procname = "core_uses_pid", 531 .data = &core_uses_pid, 532 .maxlen = sizeof(int), 533 .mode = 0644, 534 .proc_handler = proc_dointvec, 535 }, 536 { 537 .procname = "core_pattern", 538 .data = core_pattern, 539 .maxlen = CORENAME_MAX_SIZE, 540 .mode = 0644, 541 .proc_handler = proc_dostring_coredump, 542 }, 543 { 544 .procname = "core_pipe_limit", 545 .data = &core_pipe_limit, 546 .maxlen = sizeof(unsigned int), 547 .mode = 0644, 548 .proc_handler = proc_dointvec, 549 }, 550 #endif 551 #ifdef CONFIG_PROC_SYSCTL 552 { 553 .procname = "tainted", 554 .maxlen = sizeof(long), 555 .mode = 0644, 556 .proc_handler = proc_taint, 557 }, 558 { 559 .procname = "sysctl_writes_strict", 560 .data = &sysctl_writes_strict, 561 .maxlen = sizeof(int), 562 .mode = 0644, 563 .proc_handler = proc_dointvec_minmax, 564 .extra1 = &neg_one, 565 .extra2 = &one, 566 }, 567 #endif 568 #ifdef CONFIG_LATENCYTOP 569 { 570 .procname = "latencytop", 571 .data = &latencytop_enabled, 572 .maxlen = sizeof(int), 573 .mode = 0644, 574 .proc_handler = sysctl_latencytop, 575 }, 576 #endif 577 #ifdef CONFIG_BLK_DEV_INITRD 578 { 579 .procname = "real-root-dev", 580 .data = &real_root_dev, 581 .maxlen = sizeof(int), 582 .mode = 0644, 583 .proc_handler = proc_dointvec, 584 }, 585 #endif 586 { 587 .procname = "print-fatal-signals", 588 .data = &print_fatal_signals, 589 .maxlen = sizeof(int), 590 .mode = 0644, 591 .proc_handler = proc_dointvec, 592 }, 593 #ifdef CONFIG_SPARC 594 { 595 .procname = "reboot-cmd", 596 .data = reboot_command, 597 .maxlen = 256, 598 .mode = 0644, 599 .proc_handler = proc_dostring, 600 }, 601 { 602 .procname = "stop-a", 603 .data = &stop_a_enabled, 604 .maxlen = sizeof (int), 605 .mode = 0644, 606 .proc_handler = proc_dointvec, 607 }, 608 { 609 .procname = "scons-poweroff", 610 .data = &scons_pwroff, 611 .maxlen = sizeof (int), 612 .mode = 0644, 613 .proc_handler = proc_dointvec, 614 }, 615 #endif 616 #ifdef CONFIG_SPARC64 617 { 618 .procname = "tsb-ratio", 619 .data = &sysctl_tsb_ratio, 620 .maxlen = sizeof (int), 621 .mode = 0644, 622 .proc_handler = proc_dointvec, 623 }, 624 #endif 625 #ifdef __hppa__ 626 { 627 .procname = "soft-power", 628 .data = &pwrsw_enabled, 629 .maxlen = sizeof (int), 630 .mode = 0644, 631 .proc_handler = proc_dointvec, 632 }, 633 #endif 634 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW 635 { 636 .procname = "unaligned-trap", 637 .data = &unaligned_enabled, 638 .maxlen = sizeof (int), 639 .mode = 0644, 640 .proc_handler = proc_dointvec, 641 }, 642 #endif 643 { 644 .procname = "ctrl-alt-del", 645 .data = &C_A_D, 646 .maxlen = sizeof(int), 647 .mode = 0644, 648 .proc_handler = proc_dointvec, 649 }, 650 #ifdef CONFIG_FUNCTION_TRACER 651 { 652 .procname = "ftrace_enabled", 653 .data = &ftrace_enabled, 654 .maxlen = sizeof(int), 655 .mode = 0644, 656 .proc_handler = ftrace_enable_sysctl, 657 }, 658 #endif 659 #ifdef CONFIG_STACK_TRACER 660 { 661 .procname = "stack_tracer_enabled", 662 .data = &stack_tracer_enabled, 663 .maxlen = sizeof(int), 664 .mode = 0644, 665 .proc_handler = stack_trace_sysctl, 666 }, 667 #endif 668 #ifdef CONFIG_TRACING 669 { 670 .procname = "ftrace_dump_on_oops", 671 .data = &ftrace_dump_on_oops, 672 .maxlen = sizeof(int), 673 .mode = 0644, 674 .proc_handler = proc_dointvec, 675 }, 676 { 677 .procname = "traceoff_on_warning", 678 .data = &__disable_trace_on_warning, 679 .maxlen = sizeof(__disable_trace_on_warning), 680 .mode = 0644, 681 .proc_handler = proc_dointvec, 682 }, 683 { 684 .procname = "tracepoint_printk", 685 .data = &tracepoint_printk, 686 .maxlen = sizeof(tracepoint_printk), 687 .mode = 0644, 688 .proc_handler = tracepoint_printk_sysctl, 689 }, 690 #endif 691 #ifdef CONFIG_KEXEC_CORE 692 { 693 .procname = "kexec_load_disabled", 694 .data = &kexec_load_disabled, 695 .maxlen = sizeof(int), 696 .mode = 0644, 697 /* only handle a transition from default "0" to "1" */ 698 .proc_handler = proc_dointvec_minmax, 699 .extra1 = &one, 700 .extra2 = &one, 701 }, 702 #endif 703 #ifdef CONFIG_MODULES 704 { 705 .procname = "modprobe", 706 .data = &modprobe_path, 707 .maxlen = KMOD_PATH_LEN, 708 .mode = 0644, 709 .proc_handler = proc_dostring, 710 }, 711 { 712 .procname = "modules_disabled", 713 .data = &modules_disabled, 714 .maxlen = sizeof(int), 715 .mode = 0644, 716 /* only handle a transition from default "0" to "1" */ 717 .proc_handler = proc_dointvec_minmax, 718 .extra1 = &one, 719 .extra2 = &one, 720 }, 721 #endif 722 #ifdef CONFIG_UEVENT_HELPER 723 { 724 .procname = "hotplug", 725 .data = &uevent_helper, 726 .maxlen = UEVENT_HELPER_PATH_LEN, 727 .mode = 0644, 728 .proc_handler = proc_dostring, 729 }, 730 #endif 731 #ifdef CONFIG_CHR_DEV_SG 732 { 733 .procname = "sg-big-buff", 734 .data = &sg_big_buff, 735 .maxlen = sizeof (int), 736 .mode = 0444, 737 .proc_handler = proc_dointvec, 738 }, 739 #endif 740 #ifdef CONFIG_BSD_PROCESS_ACCT 741 { 742 .procname = "acct", 743 .data = &acct_parm, 744 .maxlen = 3*sizeof(int), 745 .mode = 0644, 746 .proc_handler = proc_dointvec, 747 }, 748 #endif 749 #ifdef CONFIG_MAGIC_SYSRQ 750 { 751 .procname = "sysrq", 752 .data = &__sysrq_enabled, 753 .maxlen = sizeof (int), 754 .mode = 0644, 755 .proc_handler = sysrq_sysctl_handler, 756 }, 757 #endif 758 #ifdef CONFIG_PROC_SYSCTL 759 { 760 .procname = "cad_pid", 761 .data = NULL, 762 .maxlen = sizeof (int), 763 .mode = 0600, 764 .proc_handler = proc_do_cad_pid, 765 }, 766 #endif 767 { 768 .procname = "threads-max", 769 .data = NULL, 770 .maxlen = sizeof(int), 771 .mode = 0644, 772 .proc_handler = sysctl_max_threads, 773 }, 774 { 775 .procname = "random", 776 .mode = 0555, 777 .child = random_table, 778 }, 779 { 780 .procname = "usermodehelper", 781 .mode = 0555, 782 .child = usermodehelper_table, 783 }, 784 #ifdef CONFIG_FW_LOADER_USER_HELPER 785 { 786 .procname = "firmware_config", 787 .mode = 0555, 788 .child = firmware_config_table, 789 }, 790 #endif 791 { 792 .procname = "overflowuid", 793 .data = &overflowuid, 794 .maxlen = sizeof(int), 795 .mode = 0644, 796 .proc_handler = proc_dointvec_minmax, 797 .extra1 = &minolduid, 798 .extra2 = &maxolduid, 799 }, 800 { 801 .procname = "overflowgid", 802 .data = &overflowgid, 803 .maxlen = sizeof(int), 804 .mode = 0644, 805 .proc_handler = proc_dointvec_minmax, 806 .extra1 = &minolduid, 807 .extra2 = &maxolduid, 808 }, 809 #ifdef CONFIG_S390 810 #ifdef CONFIG_MATHEMU 811 { 812 .procname = "ieee_emulation_warnings", 813 .data = &sysctl_ieee_emulation_warnings, 814 .maxlen = sizeof(int), 815 .mode = 0644, 816 .proc_handler = proc_dointvec, 817 }, 818 #endif 819 { 820 .procname = "userprocess_debug", 821 .data = &show_unhandled_signals, 822 .maxlen = sizeof(int), 823 .mode = 0644, 824 .proc_handler = proc_dointvec, 825 }, 826 #endif 827 { 828 .procname = "pid_max", 829 .data = &pid_max, 830 .maxlen = sizeof (int), 831 .mode = 0644, 832 .proc_handler = proc_dointvec_minmax, 833 .extra1 = &pid_max_min, 834 .extra2 = &pid_max_max, 835 }, 836 { 837 .procname = "panic_on_oops", 838 .data = &panic_on_oops, 839 .maxlen = sizeof(int), 840 .mode = 0644, 841 .proc_handler = proc_dointvec, 842 }, 843 { 844 .procname = "panic_print", 845 .data = &panic_print, 846 .maxlen = sizeof(unsigned long), 847 .mode = 0644, 848 .proc_handler = proc_doulongvec_minmax, 849 }, 850 #if defined CONFIG_PRINTK 851 { 852 .procname = "printk", 853 .data = &console_loglevel, 854 .maxlen = 4*sizeof(int), 855 .mode = 0644, 856 .proc_handler = proc_dointvec, 857 }, 858 { 859 .procname = "printk_ratelimit", 860 .data = &printk_ratelimit_state.interval, 861 .maxlen = sizeof(int), 862 .mode = 0644, 863 .proc_handler = proc_dointvec_jiffies, 864 }, 865 { 866 .procname = "printk_ratelimit_burst", 867 .data = &printk_ratelimit_state.burst, 868 .maxlen = sizeof(int), 869 .mode = 0644, 870 .proc_handler = proc_dointvec, 871 }, 872 { 873 .procname = "printk_delay", 874 .data = &printk_delay_msec, 875 .maxlen = sizeof(int), 876 .mode = 0644, 877 .proc_handler = proc_dointvec_minmax, 878 .extra1 = &zero, 879 .extra2 = &ten_thousand, 880 }, 881 { 882 .procname = "printk_devkmsg", 883 .data = devkmsg_log_str, 884 .maxlen = DEVKMSG_STR_MAX_SIZE, 885 .mode = 0644, 886 .proc_handler = devkmsg_sysctl_set_loglvl, 887 }, 888 { 889 .procname = "dmesg_restrict", 890 .data = &dmesg_restrict, 891 .maxlen = sizeof(int), 892 .mode = 0644, 893 .proc_handler = proc_dointvec_minmax_sysadmin, 894 .extra1 = &zero, 895 .extra2 = &one, 896 }, 897 { 898 .procname = "kptr_restrict", 899 .data = &kptr_restrict, 900 .maxlen = sizeof(int), 901 .mode = 0644, 902 .proc_handler = proc_dointvec_minmax_sysadmin, 903 .extra1 = &zero, 904 .extra2 = &two, 905 }, 906 #endif 907 { 908 .procname = "ngroups_max", 909 .data = &ngroups_max, 910 .maxlen = sizeof (int), 911 .mode = 0444, 912 .proc_handler = proc_dointvec, 913 }, 914 { 915 .procname = "cap_last_cap", 916 .data = (void *)&cap_last_cap, 917 .maxlen = sizeof(int), 918 .mode = 0444, 919 .proc_handler = proc_dointvec, 920 }, 921 #if defined(CONFIG_LOCKUP_DETECTOR) 922 { 923 .procname = "watchdog", 924 .data = &watchdog_user_enabled, 925 .maxlen = sizeof(int), 926 .mode = 0644, 927 .proc_handler = proc_watchdog, 928 .extra1 = &zero, 929 .extra2 = &one, 930 }, 931 { 932 .procname = "watchdog_thresh", 933 .data = &watchdog_thresh, 934 .maxlen = sizeof(int), 935 .mode = 0644, 936 .proc_handler = proc_watchdog_thresh, 937 .extra1 = &zero, 938 .extra2 = &sixty, 939 }, 940 { 941 .procname = "nmi_watchdog", 942 .data = &nmi_watchdog_user_enabled, 943 .maxlen = sizeof(int), 944 .mode = NMI_WATCHDOG_SYSCTL_PERM, 945 .proc_handler = proc_nmi_watchdog, 946 .extra1 = &zero, 947 .extra2 = &one, 948 }, 949 { 950 .procname = "watchdog_cpumask", 951 .data = &watchdog_cpumask_bits, 952 .maxlen = NR_CPUS, 953 .mode = 0644, 954 .proc_handler = proc_watchdog_cpumask, 955 }, 956 #ifdef CONFIG_SOFTLOCKUP_DETECTOR 957 { 958 .procname = "soft_watchdog", 959 .data = &soft_watchdog_user_enabled, 960 .maxlen = sizeof(int), 961 .mode = 0644, 962 .proc_handler = proc_soft_watchdog, 963 .extra1 = &zero, 964 .extra2 = &one, 965 }, 966 { 967 .procname = "softlockup_panic", 968 .data = &softlockup_panic, 969 .maxlen = sizeof(int), 970 .mode = 0644, 971 .proc_handler = proc_dointvec_minmax, 972 .extra1 = &zero, 973 .extra2 = &one, 974 }, 975 #ifdef CONFIG_SMP 976 { 977 .procname = "softlockup_all_cpu_backtrace", 978 .data = &sysctl_softlockup_all_cpu_backtrace, 979 .maxlen = sizeof(int), 980 .mode = 0644, 981 .proc_handler = proc_dointvec_minmax, 982 .extra1 = &zero, 983 .extra2 = &one, 984 }, 985 #endif /* CONFIG_SMP */ 986 #endif 987 #ifdef CONFIG_HARDLOCKUP_DETECTOR 988 { 989 .procname = "hardlockup_panic", 990 .data = &hardlockup_panic, 991 .maxlen = sizeof(int), 992 .mode = 0644, 993 .proc_handler = proc_dointvec_minmax, 994 .extra1 = &zero, 995 .extra2 = &one, 996 }, 997 #ifdef CONFIG_SMP 998 { 999 .procname = "hardlockup_all_cpu_backtrace", 1000 .data = &sysctl_hardlockup_all_cpu_backtrace, 1001 .maxlen = sizeof(int), 1002 .mode = 0644, 1003 .proc_handler = proc_dointvec_minmax, 1004 .extra1 = &zero, 1005 .extra2 = &one, 1006 }, 1007 #endif /* CONFIG_SMP */ 1008 #endif 1009 #endif 1010 1011 #if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86) 1012 { 1013 .procname = "unknown_nmi_panic", 1014 .data = &unknown_nmi_panic, 1015 .maxlen = sizeof (int), 1016 .mode = 0644, 1017 .proc_handler = proc_dointvec, 1018 }, 1019 #endif 1020 #if defined(CONFIG_X86) 1021 { 1022 .procname = "panic_on_unrecovered_nmi", 1023 .data = &panic_on_unrecovered_nmi, 1024 .maxlen = sizeof(int), 1025 .mode = 0644, 1026 .proc_handler = proc_dointvec, 1027 }, 1028 { 1029 .procname = "panic_on_io_nmi", 1030 .data = &panic_on_io_nmi, 1031 .maxlen = sizeof(int), 1032 .mode = 0644, 1033 .proc_handler = proc_dointvec, 1034 }, 1035 #ifdef CONFIG_DEBUG_STACKOVERFLOW 1036 { 1037 .procname = "panic_on_stackoverflow", 1038 .data = &sysctl_panic_on_stackoverflow, 1039 .maxlen = sizeof(int), 1040 .mode = 0644, 1041 .proc_handler = proc_dointvec, 1042 }, 1043 #endif 1044 { 1045 .procname = "bootloader_type", 1046 .data = &bootloader_type, 1047 .maxlen = sizeof (int), 1048 .mode = 0444, 1049 .proc_handler = proc_dointvec, 1050 }, 1051 { 1052 .procname = "bootloader_version", 1053 .data = &bootloader_version, 1054 .maxlen = sizeof (int), 1055 .mode = 0444, 1056 .proc_handler = proc_dointvec, 1057 }, 1058 { 1059 .procname = "io_delay_type", 1060 .data = &io_delay_type, 1061 .maxlen = sizeof(int), 1062 .mode = 0644, 1063 .proc_handler = proc_dointvec, 1064 }, 1065 #endif 1066 #if defined(CONFIG_MMU) 1067 { 1068 .procname = "randomize_va_space", 1069 .data = &randomize_va_space, 1070 .maxlen = sizeof(int), 1071 .mode = 0644, 1072 .proc_handler = proc_dointvec, 1073 }, 1074 #endif 1075 #if defined(CONFIG_S390) && defined(CONFIG_SMP) 1076 { 1077 .procname = "spin_retry", 1078 .data = &spin_retry, 1079 .maxlen = sizeof (int), 1080 .mode = 0644, 1081 .proc_handler = proc_dointvec, 1082 }, 1083 #endif 1084 #if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86) 1085 { 1086 .procname = "acpi_video_flags", 1087 .data = &acpi_realmode_flags, 1088 .maxlen = sizeof (unsigned long), 1089 .mode = 0644, 1090 .proc_handler = proc_doulongvec_minmax, 1091 }, 1092 #endif 1093 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN 1094 { 1095 .procname = "ignore-unaligned-usertrap", 1096 .data = &no_unaligned_warning, 1097 .maxlen = sizeof (int), 1098 .mode = 0644, 1099 .proc_handler = proc_dointvec, 1100 }, 1101 #endif 1102 #ifdef CONFIG_IA64 1103 { 1104 .procname = "unaligned-dump-stack", 1105 .data = &unaligned_dump_stack, 1106 .maxlen = sizeof (int), 1107 .mode = 0644, 1108 .proc_handler = proc_dointvec, 1109 }, 1110 #endif 1111 #ifdef CONFIG_DETECT_HUNG_TASK 1112 { 1113 .procname = "hung_task_panic", 1114 .data = &sysctl_hung_task_panic, 1115 .maxlen = sizeof(int), 1116 .mode = 0644, 1117 .proc_handler = proc_dointvec_minmax, 1118 .extra1 = &zero, 1119 .extra2 = &one, 1120 }, 1121 { 1122 .procname = "hung_task_check_count", 1123 .data = &sysctl_hung_task_check_count, 1124 .maxlen = sizeof(int), 1125 .mode = 0644, 1126 .proc_handler = proc_dointvec_minmax, 1127 .extra1 = &zero, 1128 }, 1129 { 1130 .procname = "hung_task_timeout_secs", 1131 .data = &sysctl_hung_task_timeout_secs, 1132 .maxlen = sizeof(unsigned long), 1133 .mode = 0644, 1134 .proc_handler = proc_dohung_task_timeout_secs, 1135 .extra2 = &hung_task_timeout_max, 1136 }, 1137 { 1138 .procname = "hung_task_check_interval_secs", 1139 .data = &sysctl_hung_task_check_interval_secs, 1140 .maxlen = sizeof(unsigned long), 1141 .mode = 0644, 1142 .proc_handler = proc_dohung_task_timeout_secs, 1143 .extra2 = &hung_task_timeout_max, 1144 }, 1145 { 1146 .procname = "hung_task_warnings", 1147 .data = &sysctl_hung_task_warnings, 1148 .maxlen = sizeof(int), 1149 .mode = 0644, 1150 .proc_handler = proc_dointvec_minmax, 1151 .extra1 = &neg_one, 1152 }, 1153 #endif 1154 #ifdef CONFIG_RT_MUTEXES 1155 { 1156 .procname = "max_lock_depth", 1157 .data = &max_lock_depth, 1158 .maxlen = sizeof(int), 1159 .mode = 0644, 1160 .proc_handler = proc_dointvec, 1161 }, 1162 #endif 1163 { 1164 .procname = "poweroff_cmd", 1165 .data = &poweroff_cmd, 1166 .maxlen = POWEROFF_CMD_PATH_LEN, 1167 .mode = 0644, 1168 .proc_handler = proc_dostring, 1169 }, 1170 #ifdef CONFIG_KEYS 1171 { 1172 .procname = "keys", 1173 .mode = 0555, 1174 .child = key_sysctls, 1175 }, 1176 #endif 1177 #ifdef CONFIG_PERF_EVENTS 1178 /* 1179 * User-space scripts rely on the existence of this file 1180 * as a feature check for perf_events being enabled. 1181 * 1182 * So it's an ABI, do not remove! 1183 */ 1184 { 1185 .procname = "perf_event_paranoid", 1186 .data = &sysctl_perf_event_paranoid, 1187 .maxlen = sizeof(sysctl_perf_event_paranoid), 1188 .mode = 0644, 1189 .proc_handler = proc_dointvec, 1190 }, 1191 { 1192 .procname = "perf_event_mlock_kb", 1193 .data = &sysctl_perf_event_mlock, 1194 .maxlen = sizeof(sysctl_perf_event_mlock), 1195 .mode = 0644, 1196 .proc_handler = proc_dointvec, 1197 }, 1198 { 1199 .procname = "perf_event_max_sample_rate", 1200 .data = &sysctl_perf_event_sample_rate, 1201 .maxlen = sizeof(sysctl_perf_event_sample_rate), 1202 .mode = 0644, 1203 .proc_handler = perf_proc_update_handler, 1204 .extra1 = &one, 1205 }, 1206 { 1207 .procname = "perf_cpu_time_max_percent", 1208 .data = &sysctl_perf_cpu_time_max_percent, 1209 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent), 1210 .mode = 0644, 1211 .proc_handler = perf_cpu_time_max_percent_handler, 1212 .extra1 = &zero, 1213 .extra2 = &one_hundred, 1214 }, 1215 { 1216 .procname = "perf_event_max_stack", 1217 .data = &sysctl_perf_event_max_stack, 1218 .maxlen = sizeof(sysctl_perf_event_max_stack), 1219 .mode = 0644, 1220 .proc_handler = perf_event_max_stack_handler, 1221 .extra1 = &zero, 1222 .extra2 = &six_hundred_forty_kb, 1223 }, 1224 { 1225 .procname = "perf_event_max_contexts_per_stack", 1226 .data = &sysctl_perf_event_max_contexts_per_stack, 1227 .maxlen = sizeof(sysctl_perf_event_max_contexts_per_stack), 1228 .mode = 0644, 1229 .proc_handler = perf_event_max_stack_handler, 1230 .extra1 = &zero, 1231 .extra2 = &one_thousand, 1232 }, 1233 #endif 1234 { 1235 .procname = "panic_on_warn", 1236 .data = &panic_on_warn, 1237 .maxlen = sizeof(int), 1238 .mode = 0644, 1239 .proc_handler = proc_dointvec_minmax, 1240 .extra1 = &zero, 1241 .extra2 = &one, 1242 }, 1243 #if defined(CONFIG_SMP) && defined(CONFIG_NO_HZ_COMMON) 1244 { 1245 .procname = "timer_migration", 1246 .data = &sysctl_timer_migration, 1247 .maxlen = sizeof(unsigned int), 1248 .mode = 0644, 1249 .proc_handler = timer_migration_handler, 1250 .extra1 = &zero, 1251 .extra2 = &one, 1252 }, 1253 #endif 1254 #ifdef CONFIG_BPF_SYSCALL 1255 { 1256 .procname = "unprivileged_bpf_disabled", 1257 .data = &sysctl_unprivileged_bpf_disabled, 1258 .maxlen = sizeof(sysctl_unprivileged_bpf_disabled), 1259 .mode = 0644, 1260 /* only handle a transition from default "0" to "1" */ 1261 .proc_handler = proc_dointvec_minmax, 1262 .extra1 = &one, 1263 .extra2 = &one, 1264 }, 1265 { 1266 .procname = "bpf_stats_enabled", 1267 .data = &bpf_stats_enabled_key.key, 1268 .maxlen = sizeof(bpf_stats_enabled_key), 1269 .mode = 0644, 1270 .proc_handler = proc_do_static_key, 1271 }, 1272 #endif 1273 #if defined(CONFIG_TREE_RCU) || defined(CONFIG_PREEMPT_RCU) 1274 { 1275 .procname = "panic_on_rcu_stall", 1276 .data = &sysctl_panic_on_rcu_stall, 1277 .maxlen = sizeof(sysctl_panic_on_rcu_stall), 1278 .mode = 0644, 1279 .proc_handler = proc_dointvec_minmax, 1280 .extra1 = &zero, 1281 .extra2 = &one, 1282 }, 1283 #endif 1284 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE 1285 { 1286 .procname = "stack_erasing", 1287 .data = NULL, 1288 .maxlen = sizeof(int), 1289 .mode = 0600, 1290 .proc_handler = stack_erasing_sysctl, 1291 .extra1 = &zero, 1292 .extra2 = &one, 1293 }, 1294 #endif 1295 { } 1296 }; 1297 1298 static struct ctl_table vm_table[] = { 1299 { 1300 .procname = "overcommit_memory", 1301 .data = &sysctl_overcommit_memory, 1302 .maxlen = sizeof(sysctl_overcommit_memory), 1303 .mode = 0644, 1304 .proc_handler = proc_dointvec_minmax, 1305 .extra1 = &zero, 1306 .extra2 = &two, 1307 }, 1308 { 1309 .procname = "panic_on_oom", 1310 .data = &sysctl_panic_on_oom, 1311 .maxlen = sizeof(sysctl_panic_on_oom), 1312 .mode = 0644, 1313 .proc_handler = proc_dointvec_minmax, 1314 .extra1 = &zero, 1315 .extra2 = &two, 1316 }, 1317 { 1318 .procname = "oom_kill_allocating_task", 1319 .data = &sysctl_oom_kill_allocating_task, 1320 .maxlen = sizeof(sysctl_oom_kill_allocating_task), 1321 .mode = 0644, 1322 .proc_handler = proc_dointvec, 1323 }, 1324 { 1325 .procname = "oom_dump_tasks", 1326 .data = &sysctl_oom_dump_tasks, 1327 .maxlen = sizeof(sysctl_oom_dump_tasks), 1328 .mode = 0644, 1329 .proc_handler = proc_dointvec, 1330 }, 1331 { 1332 .procname = "overcommit_ratio", 1333 .data = &sysctl_overcommit_ratio, 1334 .maxlen = sizeof(sysctl_overcommit_ratio), 1335 .mode = 0644, 1336 .proc_handler = overcommit_ratio_handler, 1337 }, 1338 { 1339 .procname = "overcommit_kbytes", 1340 .data = &sysctl_overcommit_kbytes, 1341 .maxlen = sizeof(sysctl_overcommit_kbytes), 1342 .mode = 0644, 1343 .proc_handler = overcommit_kbytes_handler, 1344 }, 1345 { 1346 .procname = "page-cluster", 1347 .data = &page_cluster, 1348 .maxlen = sizeof(int), 1349 .mode = 0644, 1350 .proc_handler = proc_dointvec_minmax, 1351 .extra1 = &zero, 1352 }, 1353 { 1354 .procname = "dirty_background_ratio", 1355 .data = &dirty_background_ratio, 1356 .maxlen = sizeof(dirty_background_ratio), 1357 .mode = 0644, 1358 .proc_handler = dirty_background_ratio_handler, 1359 .extra1 = &zero, 1360 .extra2 = &one_hundred, 1361 }, 1362 { 1363 .procname = "dirty_background_bytes", 1364 .data = &dirty_background_bytes, 1365 .maxlen = sizeof(dirty_background_bytes), 1366 .mode = 0644, 1367 .proc_handler = dirty_background_bytes_handler, 1368 .extra1 = &one_ul, 1369 }, 1370 { 1371 .procname = "dirty_ratio", 1372 .data = &vm_dirty_ratio, 1373 .maxlen = sizeof(vm_dirty_ratio), 1374 .mode = 0644, 1375 .proc_handler = dirty_ratio_handler, 1376 .extra1 = &zero, 1377 .extra2 = &one_hundred, 1378 }, 1379 { 1380 .procname = "dirty_bytes", 1381 .data = &vm_dirty_bytes, 1382 .maxlen = sizeof(vm_dirty_bytes), 1383 .mode = 0644, 1384 .proc_handler = dirty_bytes_handler, 1385 .extra1 = &dirty_bytes_min, 1386 }, 1387 { 1388 .procname = "dirty_writeback_centisecs", 1389 .data = &dirty_writeback_interval, 1390 .maxlen = sizeof(dirty_writeback_interval), 1391 .mode = 0644, 1392 .proc_handler = dirty_writeback_centisecs_handler, 1393 }, 1394 { 1395 .procname = "dirty_expire_centisecs", 1396 .data = &dirty_expire_interval, 1397 .maxlen = sizeof(dirty_expire_interval), 1398 .mode = 0644, 1399 .proc_handler = proc_dointvec_minmax, 1400 .extra1 = &zero, 1401 }, 1402 { 1403 .procname = "dirtytime_expire_seconds", 1404 .data = &dirtytime_expire_interval, 1405 .maxlen = sizeof(dirtytime_expire_interval), 1406 .mode = 0644, 1407 .proc_handler = dirtytime_interval_handler, 1408 .extra1 = &zero, 1409 }, 1410 { 1411 .procname = "swappiness", 1412 .data = &vm_swappiness, 1413 .maxlen = sizeof(vm_swappiness), 1414 .mode = 0644, 1415 .proc_handler = proc_dointvec_minmax, 1416 .extra1 = &zero, 1417 .extra2 = &one_hundred, 1418 }, 1419 #ifdef CONFIG_HUGETLB_PAGE 1420 { 1421 .procname = "nr_hugepages", 1422 .data = NULL, 1423 .maxlen = sizeof(unsigned long), 1424 .mode = 0644, 1425 .proc_handler = hugetlb_sysctl_handler, 1426 }, 1427 #ifdef CONFIG_NUMA 1428 { 1429 .procname = "nr_hugepages_mempolicy", 1430 .data = NULL, 1431 .maxlen = sizeof(unsigned long), 1432 .mode = 0644, 1433 .proc_handler = &hugetlb_mempolicy_sysctl_handler, 1434 }, 1435 { 1436 .procname = "numa_stat", 1437 .data = &sysctl_vm_numa_stat, 1438 .maxlen = sizeof(int), 1439 .mode = 0644, 1440 .proc_handler = sysctl_vm_numa_stat_handler, 1441 .extra1 = &zero, 1442 .extra2 = &one, 1443 }, 1444 #endif 1445 { 1446 .procname = "hugetlb_shm_group", 1447 .data = &sysctl_hugetlb_shm_group, 1448 .maxlen = sizeof(gid_t), 1449 .mode = 0644, 1450 .proc_handler = proc_dointvec, 1451 }, 1452 { 1453 .procname = "nr_overcommit_hugepages", 1454 .data = NULL, 1455 .maxlen = sizeof(unsigned long), 1456 .mode = 0644, 1457 .proc_handler = hugetlb_overcommit_handler, 1458 }, 1459 #endif 1460 { 1461 .procname = "lowmem_reserve_ratio", 1462 .data = &sysctl_lowmem_reserve_ratio, 1463 .maxlen = sizeof(sysctl_lowmem_reserve_ratio), 1464 .mode = 0644, 1465 .proc_handler = lowmem_reserve_ratio_sysctl_handler, 1466 }, 1467 { 1468 .procname = "drop_caches", 1469 .data = &sysctl_drop_caches, 1470 .maxlen = sizeof(int), 1471 .mode = 0644, 1472 .proc_handler = drop_caches_sysctl_handler, 1473 .extra1 = &one, 1474 .extra2 = &four, 1475 }, 1476 #ifdef CONFIG_COMPACTION 1477 { 1478 .procname = "compact_memory", 1479 .data = &sysctl_compact_memory, 1480 .maxlen = sizeof(int), 1481 .mode = 0200, 1482 .proc_handler = sysctl_compaction_handler, 1483 }, 1484 { 1485 .procname = "extfrag_threshold", 1486 .data = &sysctl_extfrag_threshold, 1487 .maxlen = sizeof(int), 1488 .mode = 0644, 1489 .proc_handler = proc_dointvec_minmax, 1490 .extra1 = &min_extfrag_threshold, 1491 .extra2 = &max_extfrag_threshold, 1492 }, 1493 { 1494 .procname = "compact_unevictable_allowed", 1495 .data = &sysctl_compact_unevictable_allowed, 1496 .maxlen = sizeof(int), 1497 .mode = 0644, 1498 .proc_handler = proc_dointvec, 1499 .extra1 = &zero, 1500 .extra2 = &one, 1501 }, 1502 1503 #endif /* CONFIG_COMPACTION */ 1504 { 1505 .procname = "min_free_kbytes", 1506 .data = &min_free_kbytes, 1507 .maxlen = sizeof(min_free_kbytes), 1508 .mode = 0644, 1509 .proc_handler = min_free_kbytes_sysctl_handler, 1510 .extra1 = &zero, 1511 }, 1512 { 1513 .procname = "watermark_boost_factor", 1514 .data = &watermark_boost_factor, 1515 .maxlen = sizeof(watermark_boost_factor), 1516 .mode = 0644, 1517 .proc_handler = watermark_boost_factor_sysctl_handler, 1518 .extra1 = &zero, 1519 }, 1520 { 1521 .procname = "watermark_scale_factor", 1522 .data = &watermark_scale_factor, 1523 .maxlen = sizeof(watermark_scale_factor), 1524 .mode = 0644, 1525 .proc_handler = watermark_scale_factor_sysctl_handler, 1526 .extra1 = &one, 1527 .extra2 = &one_thousand, 1528 }, 1529 { 1530 .procname = "percpu_pagelist_fraction", 1531 .data = &percpu_pagelist_fraction, 1532 .maxlen = sizeof(percpu_pagelist_fraction), 1533 .mode = 0644, 1534 .proc_handler = percpu_pagelist_fraction_sysctl_handler, 1535 .extra1 = &zero, 1536 }, 1537 #ifdef CONFIG_MMU 1538 { 1539 .procname = "max_map_count", 1540 .data = &sysctl_max_map_count, 1541 .maxlen = sizeof(sysctl_max_map_count), 1542 .mode = 0644, 1543 .proc_handler = proc_dointvec_minmax, 1544 .extra1 = &zero, 1545 }, 1546 #else 1547 { 1548 .procname = "nr_trim_pages", 1549 .data = &sysctl_nr_trim_pages, 1550 .maxlen = sizeof(sysctl_nr_trim_pages), 1551 .mode = 0644, 1552 .proc_handler = proc_dointvec_minmax, 1553 .extra1 = &zero, 1554 }, 1555 #endif 1556 { 1557 .procname = "laptop_mode", 1558 .data = &laptop_mode, 1559 .maxlen = sizeof(laptop_mode), 1560 .mode = 0644, 1561 .proc_handler = proc_dointvec_jiffies, 1562 }, 1563 { 1564 .procname = "block_dump", 1565 .data = &block_dump, 1566 .maxlen = sizeof(block_dump), 1567 .mode = 0644, 1568 .proc_handler = proc_dointvec, 1569 .extra1 = &zero, 1570 }, 1571 { 1572 .procname = "vfs_cache_pressure", 1573 .data = &sysctl_vfs_cache_pressure, 1574 .maxlen = sizeof(sysctl_vfs_cache_pressure), 1575 .mode = 0644, 1576 .proc_handler = proc_dointvec, 1577 .extra1 = &zero, 1578 }, 1579 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT 1580 { 1581 .procname = "legacy_va_layout", 1582 .data = &sysctl_legacy_va_layout, 1583 .maxlen = sizeof(sysctl_legacy_va_layout), 1584 .mode = 0644, 1585 .proc_handler = proc_dointvec, 1586 .extra1 = &zero, 1587 }, 1588 #endif 1589 #ifdef CONFIG_NUMA 1590 { 1591 .procname = "zone_reclaim_mode", 1592 .data = &node_reclaim_mode, 1593 .maxlen = sizeof(node_reclaim_mode), 1594 .mode = 0644, 1595 .proc_handler = proc_dointvec, 1596 .extra1 = &zero, 1597 }, 1598 { 1599 .procname = "min_unmapped_ratio", 1600 .data = &sysctl_min_unmapped_ratio, 1601 .maxlen = sizeof(sysctl_min_unmapped_ratio), 1602 .mode = 0644, 1603 .proc_handler = sysctl_min_unmapped_ratio_sysctl_handler, 1604 .extra1 = &zero, 1605 .extra2 = &one_hundred, 1606 }, 1607 { 1608 .procname = "min_slab_ratio", 1609 .data = &sysctl_min_slab_ratio, 1610 .maxlen = sizeof(sysctl_min_slab_ratio), 1611 .mode = 0644, 1612 .proc_handler = sysctl_min_slab_ratio_sysctl_handler, 1613 .extra1 = &zero, 1614 .extra2 = &one_hundred, 1615 }, 1616 #endif 1617 #ifdef CONFIG_SMP 1618 { 1619 .procname = "stat_interval", 1620 .data = &sysctl_stat_interval, 1621 .maxlen = sizeof(sysctl_stat_interval), 1622 .mode = 0644, 1623 .proc_handler = proc_dointvec_jiffies, 1624 }, 1625 { 1626 .procname = "stat_refresh", 1627 .data = NULL, 1628 .maxlen = 0, 1629 .mode = 0600, 1630 .proc_handler = vmstat_refresh, 1631 }, 1632 #endif 1633 #ifdef CONFIG_MMU 1634 { 1635 .procname = "mmap_min_addr", 1636 .data = &dac_mmap_min_addr, 1637 .maxlen = sizeof(unsigned long), 1638 .mode = 0644, 1639 .proc_handler = mmap_min_addr_handler, 1640 }, 1641 #endif 1642 #ifdef CONFIG_NUMA 1643 { 1644 .procname = "numa_zonelist_order", 1645 .data = &numa_zonelist_order, 1646 .maxlen = NUMA_ZONELIST_ORDER_LEN, 1647 .mode = 0644, 1648 .proc_handler = numa_zonelist_order_handler, 1649 }, 1650 #endif 1651 #if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \ 1652 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL)) 1653 { 1654 .procname = "vdso_enabled", 1655 #ifdef CONFIG_X86_32 1656 .data = &vdso32_enabled, 1657 .maxlen = sizeof(vdso32_enabled), 1658 #else 1659 .data = &vdso_enabled, 1660 .maxlen = sizeof(vdso_enabled), 1661 #endif 1662 .mode = 0644, 1663 .proc_handler = proc_dointvec, 1664 .extra1 = &zero, 1665 }, 1666 #endif 1667 #ifdef CONFIG_HIGHMEM 1668 { 1669 .procname = "highmem_is_dirtyable", 1670 .data = &vm_highmem_is_dirtyable, 1671 .maxlen = sizeof(vm_highmem_is_dirtyable), 1672 .mode = 0644, 1673 .proc_handler = proc_dointvec_minmax, 1674 .extra1 = &zero, 1675 .extra2 = &one, 1676 }, 1677 #endif 1678 #ifdef CONFIG_MEMORY_FAILURE 1679 { 1680 .procname = "memory_failure_early_kill", 1681 .data = &sysctl_memory_failure_early_kill, 1682 .maxlen = sizeof(sysctl_memory_failure_early_kill), 1683 .mode = 0644, 1684 .proc_handler = proc_dointvec_minmax, 1685 .extra1 = &zero, 1686 .extra2 = &one, 1687 }, 1688 { 1689 .procname = "memory_failure_recovery", 1690 .data = &sysctl_memory_failure_recovery, 1691 .maxlen = sizeof(sysctl_memory_failure_recovery), 1692 .mode = 0644, 1693 .proc_handler = proc_dointvec_minmax, 1694 .extra1 = &zero, 1695 .extra2 = &one, 1696 }, 1697 #endif 1698 { 1699 .procname = "user_reserve_kbytes", 1700 .data = &sysctl_user_reserve_kbytes, 1701 .maxlen = sizeof(sysctl_user_reserve_kbytes), 1702 .mode = 0644, 1703 .proc_handler = proc_doulongvec_minmax, 1704 }, 1705 { 1706 .procname = "admin_reserve_kbytes", 1707 .data = &sysctl_admin_reserve_kbytes, 1708 .maxlen = sizeof(sysctl_admin_reserve_kbytes), 1709 .mode = 0644, 1710 .proc_handler = proc_doulongvec_minmax, 1711 }, 1712 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_BITS 1713 { 1714 .procname = "mmap_rnd_bits", 1715 .data = &mmap_rnd_bits, 1716 .maxlen = sizeof(mmap_rnd_bits), 1717 .mode = 0600, 1718 .proc_handler = proc_dointvec_minmax, 1719 .extra1 = (void *)&mmap_rnd_bits_min, 1720 .extra2 = (void *)&mmap_rnd_bits_max, 1721 }, 1722 #endif 1723 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS 1724 { 1725 .procname = "mmap_rnd_compat_bits", 1726 .data = &mmap_rnd_compat_bits, 1727 .maxlen = sizeof(mmap_rnd_compat_bits), 1728 .mode = 0600, 1729 .proc_handler = proc_dointvec_minmax, 1730 .extra1 = (void *)&mmap_rnd_compat_bits_min, 1731 .extra2 = (void *)&mmap_rnd_compat_bits_max, 1732 }, 1733 #endif 1734 #ifdef CONFIG_USERFAULTFD 1735 { 1736 .procname = "unprivileged_userfaultfd", 1737 .data = &sysctl_unprivileged_userfaultfd, 1738 .maxlen = sizeof(sysctl_unprivileged_userfaultfd), 1739 .mode = 0644, 1740 .proc_handler = proc_dointvec_minmax, 1741 .extra1 = &zero, 1742 .extra2 = &one, 1743 }, 1744 #endif 1745 { } 1746 }; 1747 1748 static struct ctl_table fs_table[] = { 1749 { 1750 .procname = "inode-nr", 1751 .data = &inodes_stat, 1752 .maxlen = 2*sizeof(long), 1753 .mode = 0444, 1754 .proc_handler = proc_nr_inodes, 1755 }, 1756 { 1757 .procname = "inode-state", 1758 .data = &inodes_stat, 1759 .maxlen = 7*sizeof(long), 1760 .mode = 0444, 1761 .proc_handler = proc_nr_inodes, 1762 }, 1763 { 1764 .procname = "file-nr", 1765 .data = &files_stat, 1766 .maxlen = sizeof(files_stat), 1767 .mode = 0444, 1768 .proc_handler = proc_nr_files, 1769 }, 1770 { 1771 .procname = "file-max", 1772 .data = &files_stat.max_files, 1773 .maxlen = sizeof(files_stat.max_files), 1774 .mode = 0644, 1775 .proc_handler = proc_doulongvec_minmax, 1776 .extra1 = &zero_ul, 1777 .extra2 = &long_max, 1778 }, 1779 { 1780 .procname = "nr_open", 1781 .data = &sysctl_nr_open, 1782 .maxlen = sizeof(unsigned int), 1783 .mode = 0644, 1784 .proc_handler = proc_dointvec_minmax, 1785 .extra1 = &sysctl_nr_open_min, 1786 .extra2 = &sysctl_nr_open_max, 1787 }, 1788 { 1789 .procname = "dentry-state", 1790 .data = &dentry_stat, 1791 .maxlen = 6*sizeof(long), 1792 .mode = 0444, 1793 .proc_handler = proc_nr_dentry, 1794 }, 1795 { 1796 .procname = "overflowuid", 1797 .data = &fs_overflowuid, 1798 .maxlen = sizeof(int), 1799 .mode = 0644, 1800 .proc_handler = proc_dointvec_minmax, 1801 .extra1 = &minolduid, 1802 .extra2 = &maxolduid, 1803 }, 1804 { 1805 .procname = "overflowgid", 1806 .data = &fs_overflowgid, 1807 .maxlen = sizeof(int), 1808 .mode = 0644, 1809 .proc_handler = proc_dointvec_minmax, 1810 .extra1 = &minolduid, 1811 .extra2 = &maxolduid, 1812 }, 1813 #ifdef CONFIG_FILE_LOCKING 1814 { 1815 .procname = "leases-enable", 1816 .data = &leases_enable, 1817 .maxlen = sizeof(int), 1818 .mode = 0644, 1819 .proc_handler = proc_dointvec, 1820 }, 1821 #endif 1822 #ifdef CONFIG_DNOTIFY 1823 { 1824 .procname = "dir-notify-enable", 1825 .data = &dir_notify_enable, 1826 .maxlen = sizeof(int), 1827 .mode = 0644, 1828 .proc_handler = proc_dointvec, 1829 }, 1830 #endif 1831 #ifdef CONFIG_MMU 1832 #ifdef CONFIG_FILE_LOCKING 1833 { 1834 .procname = "lease-break-time", 1835 .data = &lease_break_time, 1836 .maxlen = sizeof(int), 1837 .mode = 0644, 1838 .proc_handler = proc_dointvec, 1839 }, 1840 #endif 1841 #ifdef CONFIG_AIO 1842 { 1843 .procname = "aio-nr", 1844 .data = &aio_nr, 1845 .maxlen = sizeof(aio_nr), 1846 .mode = 0444, 1847 .proc_handler = proc_doulongvec_minmax, 1848 }, 1849 { 1850 .procname = "aio-max-nr", 1851 .data = &aio_max_nr, 1852 .maxlen = sizeof(aio_max_nr), 1853 .mode = 0644, 1854 .proc_handler = proc_doulongvec_minmax, 1855 }, 1856 #endif /* CONFIG_AIO */ 1857 #ifdef CONFIG_INOTIFY_USER 1858 { 1859 .procname = "inotify", 1860 .mode = 0555, 1861 .child = inotify_table, 1862 }, 1863 #endif 1864 #ifdef CONFIG_EPOLL 1865 { 1866 .procname = "epoll", 1867 .mode = 0555, 1868 .child = epoll_table, 1869 }, 1870 #endif 1871 #endif 1872 { 1873 .procname = "protected_symlinks", 1874 .data = &sysctl_protected_symlinks, 1875 .maxlen = sizeof(int), 1876 .mode = 0600, 1877 .proc_handler = proc_dointvec_minmax, 1878 .extra1 = &zero, 1879 .extra2 = &one, 1880 }, 1881 { 1882 .procname = "protected_hardlinks", 1883 .data = &sysctl_protected_hardlinks, 1884 .maxlen = sizeof(int), 1885 .mode = 0600, 1886 .proc_handler = proc_dointvec_minmax, 1887 .extra1 = &zero, 1888 .extra2 = &one, 1889 }, 1890 { 1891 .procname = "protected_fifos", 1892 .data = &sysctl_protected_fifos, 1893 .maxlen = sizeof(int), 1894 .mode = 0600, 1895 .proc_handler = proc_dointvec_minmax, 1896 .extra1 = &zero, 1897 .extra2 = &two, 1898 }, 1899 { 1900 .procname = "protected_regular", 1901 .data = &sysctl_protected_regular, 1902 .maxlen = sizeof(int), 1903 .mode = 0600, 1904 .proc_handler = proc_dointvec_minmax, 1905 .extra1 = &zero, 1906 .extra2 = &two, 1907 }, 1908 { 1909 .procname = "suid_dumpable", 1910 .data = &suid_dumpable, 1911 .maxlen = sizeof(int), 1912 .mode = 0644, 1913 .proc_handler = proc_dointvec_minmax_coredump, 1914 .extra1 = &zero, 1915 .extra2 = &two, 1916 }, 1917 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE) 1918 { 1919 .procname = "binfmt_misc", 1920 .mode = 0555, 1921 .child = sysctl_mount_point, 1922 }, 1923 #endif 1924 { 1925 .procname = "pipe-max-size", 1926 .data = &pipe_max_size, 1927 .maxlen = sizeof(pipe_max_size), 1928 .mode = 0644, 1929 .proc_handler = proc_dopipe_max_size, 1930 }, 1931 { 1932 .procname = "pipe-user-pages-hard", 1933 .data = &pipe_user_pages_hard, 1934 .maxlen = sizeof(pipe_user_pages_hard), 1935 .mode = 0644, 1936 .proc_handler = proc_doulongvec_minmax, 1937 }, 1938 { 1939 .procname = "pipe-user-pages-soft", 1940 .data = &pipe_user_pages_soft, 1941 .maxlen = sizeof(pipe_user_pages_soft), 1942 .mode = 0644, 1943 .proc_handler = proc_doulongvec_minmax, 1944 }, 1945 { 1946 .procname = "mount-max", 1947 .data = &sysctl_mount_max, 1948 .maxlen = sizeof(unsigned int), 1949 .mode = 0644, 1950 .proc_handler = proc_dointvec_minmax, 1951 .extra1 = &one, 1952 }, 1953 { } 1954 }; 1955 1956 static struct ctl_table debug_table[] = { 1957 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE 1958 { 1959 .procname = "exception-trace", 1960 .data = &show_unhandled_signals, 1961 .maxlen = sizeof(int), 1962 .mode = 0644, 1963 .proc_handler = proc_dointvec 1964 }, 1965 #endif 1966 #if defined(CONFIG_OPTPROBES) 1967 { 1968 .procname = "kprobes-optimization", 1969 .data = &sysctl_kprobes_optimization, 1970 .maxlen = sizeof(int), 1971 .mode = 0644, 1972 .proc_handler = proc_kprobes_optimization_handler, 1973 .extra1 = &zero, 1974 .extra2 = &one, 1975 }, 1976 #endif 1977 { } 1978 }; 1979 1980 static struct ctl_table dev_table[] = { 1981 { } 1982 }; 1983 1984 int __init sysctl_init(void) 1985 { 1986 struct ctl_table_header *hdr; 1987 1988 hdr = register_sysctl_table(sysctl_base_table); 1989 kmemleak_not_leak(hdr); 1990 return 0; 1991 } 1992 1993 #endif /* CONFIG_SYSCTL */ 1994 1995 /* 1996 * /proc/sys support 1997 */ 1998 1999 #ifdef CONFIG_PROC_SYSCTL 2000 2001 static int _proc_do_string(char *data, int maxlen, int write, 2002 char __user *buffer, 2003 size_t *lenp, loff_t *ppos) 2004 { 2005 size_t len; 2006 char __user *p; 2007 char c; 2008 2009 if (!data || !maxlen || !*lenp) { 2010 *lenp = 0; 2011 return 0; 2012 } 2013 2014 if (write) { 2015 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) { 2016 /* Only continue writes not past the end of buffer. */ 2017 len = strlen(data); 2018 if (len > maxlen - 1) 2019 len = maxlen - 1; 2020 2021 if (*ppos > len) 2022 return 0; 2023 len = *ppos; 2024 } else { 2025 /* Start writing from beginning of buffer. */ 2026 len = 0; 2027 } 2028 2029 *ppos += *lenp; 2030 p = buffer; 2031 while ((p - buffer) < *lenp && len < maxlen - 1) { 2032 if (get_user(c, p++)) 2033 return -EFAULT; 2034 if (c == 0 || c == '\n') 2035 break; 2036 data[len++] = c; 2037 } 2038 data[len] = 0; 2039 } else { 2040 len = strlen(data); 2041 if (len > maxlen) 2042 len = maxlen; 2043 2044 if (*ppos > len) { 2045 *lenp = 0; 2046 return 0; 2047 } 2048 2049 data += *ppos; 2050 len -= *ppos; 2051 2052 if (len > *lenp) 2053 len = *lenp; 2054 if (len) 2055 if (copy_to_user(buffer, data, len)) 2056 return -EFAULT; 2057 if (len < *lenp) { 2058 if (put_user('\n', buffer + len)) 2059 return -EFAULT; 2060 len++; 2061 } 2062 *lenp = len; 2063 *ppos += len; 2064 } 2065 return 0; 2066 } 2067 2068 static void warn_sysctl_write(struct ctl_table *table) 2069 { 2070 pr_warn_once("%s wrote to %s when file position was not 0!\n" 2071 "This will not be supported in the future. To silence this\n" 2072 "warning, set kernel.sysctl_writes_strict = -1\n", 2073 current->comm, table->procname); 2074 } 2075 2076 /** 2077 * proc_first_pos_non_zero_ignore - check if first position is allowed 2078 * @ppos: file position 2079 * @table: the sysctl table 2080 * 2081 * Returns true if the first position is non-zero and the sysctl_writes_strict 2082 * mode indicates this is not allowed for numeric input types. String proc 2083 * handlers can ignore the return value. 2084 */ 2085 static bool proc_first_pos_non_zero_ignore(loff_t *ppos, 2086 struct ctl_table *table) 2087 { 2088 if (!*ppos) 2089 return false; 2090 2091 switch (sysctl_writes_strict) { 2092 case SYSCTL_WRITES_STRICT: 2093 return true; 2094 case SYSCTL_WRITES_WARN: 2095 warn_sysctl_write(table); 2096 return false; 2097 default: 2098 return false; 2099 } 2100 } 2101 2102 /** 2103 * proc_dostring - read a string sysctl 2104 * @table: the sysctl table 2105 * @write: %TRUE if this is a write to the sysctl file 2106 * @buffer: the user buffer 2107 * @lenp: the size of the user buffer 2108 * @ppos: file position 2109 * 2110 * Reads/writes a string from/to the user buffer. If the kernel 2111 * buffer provided is not large enough to hold the string, the 2112 * string is truncated. The copied string is %NULL-terminated. 2113 * If the string is being read by the user process, it is copied 2114 * and a newline '\n' is added. It is truncated if the buffer is 2115 * not large enough. 2116 * 2117 * Returns 0 on success. 2118 */ 2119 int proc_dostring(struct ctl_table *table, int write, 2120 void __user *buffer, size_t *lenp, loff_t *ppos) 2121 { 2122 if (write) 2123 proc_first_pos_non_zero_ignore(ppos, table); 2124 2125 return _proc_do_string((char *)(table->data), table->maxlen, write, 2126 (char __user *)buffer, lenp, ppos); 2127 } 2128 2129 static size_t proc_skip_spaces(char **buf) 2130 { 2131 size_t ret; 2132 char *tmp = skip_spaces(*buf); 2133 ret = tmp - *buf; 2134 *buf = tmp; 2135 return ret; 2136 } 2137 2138 static void proc_skip_char(char **buf, size_t *size, const char v) 2139 { 2140 while (*size) { 2141 if (**buf != v) 2142 break; 2143 (*size)--; 2144 (*buf)++; 2145 } 2146 } 2147 2148 /** 2149 * strtoul_lenient - parse an ASCII formatted integer from a buffer and only 2150 * fail on overflow 2151 * 2152 * @cp: kernel buffer containing the string to parse 2153 * @endp: pointer to store the trailing characters 2154 * @base: the base to use 2155 * @res: where the parsed integer will be stored 2156 * 2157 * In case of success 0 is returned and @res will contain the parsed integer, 2158 * @endp will hold any trailing characters. 2159 * This function will fail the parse on overflow. If there wasn't an overflow 2160 * the function will defer the decision what characters count as invalid to the 2161 * caller. 2162 */ 2163 static int strtoul_lenient(const char *cp, char **endp, unsigned int base, 2164 unsigned long *res) 2165 { 2166 unsigned long long result; 2167 unsigned int rv; 2168 2169 cp = _parse_integer_fixup_radix(cp, &base); 2170 rv = _parse_integer(cp, base, &result); 2171 if ((rv & KSTRTOX_OVERFLOW) || (result != (unsigned long)result)) 2172 return -ERANGE; 2173 2174 cp += rv; 2175 2176 if (endp) 2177 *endp = (char *)cp; 2178 2179 *res = (unsigned long)result; 2180 return 0; 2181 } 2182 2183 #define TMPBUFLEN 22 2184 /** 2185 * proc_get_long - reads an ASCII formatted integer from a user buffer 2186 * 2187 * @buf: a kernel buffer 2188 * @size: size of the kernel buffer 2189 * @val: this is where the number will be stored 2190 * @neg: set to %TRUE if number is negative 2191 * @perm_tr: a vector which contains the allowed trailers 2192 * @perm_tr_len: size of the perm_tr vector 2193 * @tr: pointer to store the trailer character 2194 * 2195 * In case of success %0 is returned and @buf and @size are updated with 2196 * the amount of bytes read. If @tr is non-NULL and a trailing 2197 * character exists (size is non-zero after returning from this 2198 * function), @tr is updated with the trailing character. 2199 */ 2200 static int proc_get_long(char **buf, size_t *size, 2201 unsigned long *val, bool *neg, 2202 const char *perm_tr, unsigned perm_tr_len, char *tr) 2203 { 2204 int len; 2205 char *p, tmp[TMPBUFLEN]; 2206 2207 if (!*size) 2208 return -EINVAL; 2209 2210 len = *size; 2211 if (len > TMPBUFLEN - 1) 2212 len = TMPBUFLEN - 1; 2213 2214 memcpy(tmp, *buf, len); 2215 2216 tmp[len] = 0; 2217 p = tmp; 2218 if (*p == '-' && *size > 1) { 2219 *neg = true; 2220 p++; 2221 } else 2222 *neg = false; 2223 if (!isdigit(*p)) 2224 return -EINVAL; 2225 2226 if (strtoul_lenient(p, &p, 0, val)) 2227 return -EINVAL; 2228 2229 len = p - tmp; 2230 2231 /* We don't know if the next char is whitespace thus we may accept 2232 * invalid integers (e.g. 1234...a) or two integers instead of one 2233 * (e.g. 123...1). So lets not allow such large numbers. */ 2234 if (len == TMPBUFLEN - 1) 2235 return -EINVAL; 2236 2237 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len)) 2238 return -EINVAL; 2239 2240 if (tr && (len < *size)) 2241 *tr = *p; 2242 2243 *buf += len; 2244 *size -= len; 2245 2246 return 0; 2247 } 2248 2249 /** 2250 * proc_put_long - converts an integer to a decimal ASCII formatted string 2251 * 2252 * @buf: the user buffer 2253 * @size: the size of the user buffer 2254 * @val: the integer to be converted 2255 * @neg: sign of the number, %TRUE for negative 2256 * 2257 * In case of success %0 is returned and @buf and @size are updated with 2258 * the amount of bytes written. 2259 */ 2260 static int proc_put_long(void __user **buf, size_t *size, unsigned long val, 2261 bool neg) 2262 { 2263 int len; 2264 char tmp[TMPBUFLEN], *p = tmp; 2265 2266 sprintf(p, "%s%lu", neg ? "-" : "", val); 2267 len = strlen(tmp); 2268 if (len > *size) 2269 len = *size; 2270 if (copy_to_user(*buf, tmp, len)) 2271 return -EFAULT; 2272 *size -= len; 2273 *buf += len; 2274 return 0; 2275 } 2276 #undef TMPBUFLEN 2277 2278 static int proc_put_char(void __user **buf, size_t *size, char c) 2279 { 2280 if (*size) { 2281 char __user **buffer = (char __user **)buf; 2282 if (put_user(c, *buffer)) 2283 return -EFAULT; 2284 (*size)--, (*buffer)++; 2285 *buf = *buffer; 2286 } 2287 return 0; 2288 } 2289 2290 static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp, 2291 int *valp, 2292 int write, void *data) 2293 { 2294 if (write) { 2295 if (*negp) { 2296 if (*lvalp > (unsigned long) INT_MAX + 1) 2297 return -EINVAL; 2298 *valp = -*lvalp; 2299 } else { 2300 if (*lvalp > (unsigned long) INT_MAX) 2301 return -EINVAL; 2302 *valp = *lvalp; 2303 } 2304 } else { 2305 int val = *valp; 2306 if (val < 0) { 2307 *negp = true; 2308 *lvalp = -(unsigned long)val; 2309 } else { 2310 *negp = false; 2311 *lvalp = (unsigned long)val; 2312 } 2313 } 2314 return 0; 2315 } 2316 2317 static int do_proc_douintvec_conv(unsigned long *lvalp, 2318 unsigned int *valp, 2319 int write, void *data) 2320 { 2321 if (write) { 2322 if (*lvalp > UINT_MAX) 2323 return -EINVAL; 2324 *valp = *lvalp; 2325 } else { 2326 unsigned int val = *valp; 2327 *lvalp = (unsigned long)val; 2328 } 2329 return 0; 2330 } 2331 2332 static const char proc_wspace_sep[] = { ' ', '\t', '\n' }; 2333 2334 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table, 2335 int write, void __user *buffer, 2336 size_t *lenp, loff_t *ppos, 2337 int (*conv)(bool *negp, unsigned long *lvalp, int *valp, 2338 int write, void *data), 2339 void *data) 2340 { 2341 int *i, vleft, first = 1, err = 0; 2342 size_t left; 2343 char *kbuf = NULL, *p; 2344 2345 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) { 2346 *lenp = 0; 2347 return 0; 2348 } 2349 2350 i = (int *) tbl_data; 2351 vleft = table->maxlen / sizeof(*i); 2352 left = *lenp; 2353 2354 if (!conv) 2355 conv = do_proc_dointvec_conv; 2356 2357 if (write) { 2358 if (proc_first_pos_non_zero_ignore(ppos, table)) 2359 goto out; 2360 2361 if (left > PAGE_SIZE - 1) 2362 left = PAGE_SIZE - 1; 2363 p = kbuf = memdup_user_nul(buffer, left); 2364 if (IS_ERR(kbuf)) 2365 return PTR_ERR(kbuf); 2366 } 2367 2368 for (; left && vleft--; i++, first=0) { 2369 unsigned long lval; 2370 bool neg; 2371 2372 if (write) { 2373 left -= proc_skip_spaces(&p); 2374 2375 if (!left) 2376 break; 2377 err = proc_get_long(&p, &left, &lval, &neg, 2378 proc_wspace_sep, 2379 sizeof(proc_wspace_sep), NULL); 2380 if (err) 2381 break; 2382 if (conv(&neg, &lval, i, 1, data)) { 2383 err = -EINVAL; 2384 break; 2385 } 2386 } else { 2387 if (conv(&neg, &lval, i, 0, data)) { 2388 err = -EINVAL; 2389 break; 2390 } 2391 if (!first) 2392 err = proc_put_char(&buffer, &left, '\t'); 2393 if (err) 2394 break; 2395 err = proc_put_long(&buffer, &left, lval, neg); 2396 if (err) 2397 break; 2398 } 2399 } 2400 2401 if (!write && !first && left && !err) 2402 err = proc_put_char(&buffer, &left, '\n'); 2403 if (write && !err && left) 2404 left -= proc_skip_spaces(&p); 2405 if (write) { 2406 kfree(kbuf); 2407 if (first) 2408 return err ? : -EINVAL; 2409 } 2410 *lenp -= left; 2411 out: 2412 *ppos += *lenp; 2413 return err; 2414 } 2415 2416 static int do_proc_dointvec(struct ctl_table *table, int write, 2417 void __user *buffer, size_t *lenp, loff_t *ppos, 2418 int (*conv)(bool *negp, unsigned long *lvalp, int *valp, 2419 int write, void *data), 2420 void *data) 2421 { 2422 return __do_proc_dointvec(table->data, table, write, 2423 buffer, lenp, ppos, conv, data); 2424 } 2425 2426 static int do_proc_douintvec_w(unsigned int *tbl_data, 2427 struct ctl_table *table, 2428 void __user *buffer, 2429 size_t *lenp, loff_t *ppos, 2430 int (*conv)(unsigned long *lvalp, 2431 unsigned int *valp, 2432 int write, void *data), 2433 void *data) 2434 { 2435 unsigned long lval; 2436 int err = 0; 2437 size_t left; 2438 bool neg; 2439 char *kbuf = NULL, *p; 2440 2441 left = *lenp; 2442 2443 if (proc_first_pos_non_zero_ignore(ppos, table)) 2444 goto bail_early; 2445 2446 if (left > PAGE_SIZE - 1) 2447 left = PAGE_SIZE - 1; 2448 2449 p = kbuf = memdup_user_nul(buffer, left); 2450 if (IS_ERR(kbuf)) 2451 return -EINVAL; 2452 2453 left -= proc_skip_spaces(&p); 2454 if (!left) { 2455 err = -EINVAL; 2456 goto out_free; 2457 } 2458 2459 err = proc_get_long(&p, &left, &lval, &neg, 2460 proc_wspace_sep, 2461 sizeof(proc_wspace_sep), NULL); 2462 if (err || neg) { 2463 err = -EINVAL; 2464 goto out_free; 2465 } 2466 2467 if (conv(&lval, tbl_data, 1, data)) { 2468 err = -EINVAL; 2469 goto out_free; 2470 } 2471 2472 if (!err && left) 2473 left -= proc_skip_spaces(&p); 2474 2475 out_free: 2476 kfree(kbuf); 2477 if (err) 2478 return -EINVAL; 2479 2480 return 0; 2481 2482 /* This is in keeping with old __do_proc_dointvec() */ 2483 bail_early: 2484 *ppos += *lenp; 2485 return err; 2486 } 2487 2488 static int do_proc_douintvec_r(unsigned int *tbl_data, void __user *buffer, 2489 size_t *lenp, loff_t *ppos, 2490 int (*conv)(unsigned long *lvalp, 2491 unsigned int *valp, 2492 int write, void *data), 2493 void *data) 2494 { 2495 unsigned long lval; 2496 int err = 0; 2497 size_t left; 2498 2499 left = *lenp; 2500 2501 if (conv(&lval, tbl_data, 0, data)) { 2502 err = -EINVAL; 2503 goto out; 2504 } 2505 2506 err = proc_put_long(&buffer, &left, lval, false); 2507 if (err || !left) 2508 goto out; 2509 2510 err = proc_put_char(&buffer, &left, '\n'); 2511 2512 out: 2513 *lenp -= left; 2514 *ppos += *lenp; 2515 2516 return err; 2517 } 2518 2519 static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table, 2520 int write, void __user *buffer, 2521 size_t *lenp, loff_t *ppos, 2522 int (*conv)(unsigned long *lvalp, 2523 unsigned int *valp, 2524 int write, void *data), 2525 void *data) 2526 { 2527 unsigned int *i, vleft; 2528 2529 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) { 2530 *lenp = 0; 2531 return 0; 2532 } 2533 2534 i = (unsigned int *) tbl_data; 2535 vleft = table->maxlen / sizeof(*i); 2536 2537 /* 2538 * Arrays are not supported, keep this simple. *Do not* add 2539 * support for them. 2540 */ 2541 if (vleft != 1) { 2542 *lenp = 0; 2543 return -EINVAL; 2544 } 2545 2546 if (!conv) 2547 conv = do_proc_douintvec_conv; 2548 2549 if (write) 2550 return do_proc_douintvec_w(i, table, buffer, lenp, ppos, 2551 conv, data); 2552 return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data); 2553 } 2554 2555 static int do_proc_douintvec(struct ctl_table *table, int write, 2556 void __user *buffer, size_t *lenp, loff_t *ppos, 2557 int (*conv)(unsigned long *lvalp, 2558 unsigned int *valp, 2559 int write, void *data), 2560 void *data) 2561 { 2562 return __do_proc_douintvec(table->data, table, write, 2563 buffer, lenp, ppos, conv, data); 2564 } 2565 2566 /** 2567 * proc_dointvec - read a vector of integers 2568 * @table: the sysctl table 2569 * @write: %TRUE if this is a write to the sysctl file 2570 * @buffer: the user buffer 2571 * @lenp: the size of the user buffer 2572 * @ppos: file position 2573 * 2574 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 2575 * values from/to the user buffer, treated as an ASCII string. 2576 * 2577 * Returns 0 on success. 2578 */ 2579 int proc_dointvec(struct ctl_table *table, int write, 2580 void __user *buffer, size_t *lenp, loff_t *ppos) 2581 { 2582 return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL); 2583 } 2584 2585 /** 2586 * proc_douintvec - read a vector of unsigned integers 2587 * @table: the sysctl table 2588 * @write: %TRUE if this is a write to the sysctl file 2589 * @buffer: the user buffer 2590 * @lenp: the size of the user buffer 2591 * @ppos: file position 2592 * 2593 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer 2594 * values from/to the user buffer, treated as an ASCII string. 2595 * 2596 * Returns 0 on success. 2597 */ 2598 int proc_douintvec(struct ctl_table *table, int write, 2599 void __user *buffer, size_t *lenp, loff_t *ppos) 2600 { 2601 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2602 do_proc_douintvec_conv, NULL); 2603 } 2604 2605 /* 2606 * Taint values can only be increased 2607 * This means we can safely use a temporary. 2608 */ 2609 static int proc_taint(struct ctl_table *table, int write, 2610 void __user *buffer, size_t *lenp, loff_t *ppos) 2611 { 2612 struct ctl_table t; 2613 unsigned long tmptaint = get_taint(); 2614 int err; 2615 2616 if (write && !capable(CAP_SYS_ADMIN)) 2617 return -EPERM; 2618 2619 t = *table; 2620 t.data = &tmptaint; 2621 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos); 2622 if (err < 0) 2623 return err; 2624 2625 if (write) { 2626 /* 2627 * Poor man's atomic or. Not worth adding a primitive 2628 * to everyone's atomic.h for this 2629 */ 2630 int i; 2631 for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) { 2632 if ((tmptaint >> i) & 1) 2633 add_taint(i, LOCKDEP_STILL_OK); 2634 } 2635 } 2636 2637 return err; 2638 } 2639 2640 #ifdef CONFIG_PRINTK 2641 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, 2642 void __user *buffer, size_t *lenp, loff_t *ppos) 2643 { 2644 if (write && !capable(CAP_SYS_ADMIN)) 2645 return -EPERM; 2646 2647 return proc_dointvec_minmax(table, write, buffer, lenp, ppos); 2648 } 2649 #endif 2650 2651 /** 2652 * struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure 2653 * @min: pointer to minimum allowable value 2654 * @max: pointer to maximum allowable value 2655 * 2656 * The do_proc_dointvec_minmax_conv_param structure provides the 2657 * minimum and maximum values for doing range checking for those sysctl 2658 * parameters that use the proc_dointvec_minmax() handler. 2659 */ 2660 struct do_proc_dointvec_minmax_conv_param { 2661 int *min; 2662 int *max; 2663 }; 2664 2665 static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, 2666 int *valp, 2667 int write, void *data) 2668 { 2669 int tmp, ret; 2670 struct do_proc_dointvec_minmax_conv_param *param = data; 2671 /* 2672 * If writing, first do so via a temporary local int so we can 2673 * bounds-check it before touching *valp. 2674 */ 2675 int *ip = write ? &tmp : valp; 2676 2677 ret = do_proc_dointvec_conv(negp, lvalp, ip, write, data); 2678 if (ret) 2679 return ret; 2680 2681 if (write) { 2682 if ((param->min && *param->min > tmp) || 2683 (param->max && *param->max < tmp)) 2684 return -EINVAL; 2685 *valp = tmp; 2686 } 2687 2688 return 0; 2689 } 2690 2691 /** 2692 * proc_dointvec_minmax - read a vector of integers with min/max values 2693 * @table: the sysctl table 2694 * @write: %TRUE if this is a write to the sysctl file 2695 * @buffer: the user buffer 2696 * @lenp: the size of the user buffer 2697 * @ppos: file position 2698 * 2699 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 2700 * values from/to the user buffer, treated as an ASCII string. 2701 * 2702 * This routine will ensure the values are within the range specified by 2703 * table->extra1 (min) and table->extra2 (max). 2704 * 2705 * Returns 0 on success or -EINVAL on write when the range check fails. 2706 */ 2707 int proc_dointvec_minmax(struct ctl_table *table, int write, 2708 void __user *buffer, size_t *lenp, loff_t *ppos) 2709 { 2710 struct do_proc_dointvec_minmax_conv_param param = { 2711 .min = (int *) table->extra1, 2712 .max = (int *) table->extra2, 2713 }; 2714 return do_proc_dointvec(table, write, buffer, lenp, ppos, 2715 do_proc_dointvec_minmax_conv, ¶m); 2716 } 2717 2718 /** 2719 * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure 2720 * @min: pointer to minimum allowable value 2721 * @max: pointer to maximum allowable value 2722 * 2723 * The do_proc_douintvec_minmax_conv_param structure provides the 2724 * minimum and maximum values for doing range checking for those sysctl 2725 * parameters that use the proc_douintvec_minmax() handler. 2726 */ 2727 struct do_proc_douintvec_minmax_conv_param { 2728 unsigned int *min; 2729 unsigned int *max; 2730 }; 2731 2732 static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, 2733 unsigned int *valp, 2734 int write, void *data) 2735 { 2736 int ret; 2737 unsigned int tmp; 2738 struct do_proc_douintvec_minmax_conv_param *param = data; 2739 /* write via temporary local uint for bounds-checking */ 2740 unsigned int *up = write ? &tmp : valp; 2741 2742 ret = do_proc_douintvec_conv(lvalp, up, write, data); 2743 if (ret) 2744 return ret; 2745 2746 if (write) { 2747 if ((param->min && *param->min > tmp) || 2748 (param->max && *param->max < tmp)) 2749 return -ERANGE; 2750 2751 *valp = tmp; 2752 } 2753 2754 return 0; 2755 } 2756 2757 /** 2758 * proc_douintvec_minmax - read a vector of unsigned ints with min/max values 2759 * @table: the sysctl table 2760 * @write: %TRUE if this is a write to the sysctl file 2761 * @buffer: the user buffer 2762 * @lenp: the size of the user buffer 2763 * @ppos: file position 2764 * 2765 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer 2766 * values from/to the user buffer, treated as an ASCII string. Negative 2767 * strings are not allowed. 2768 * 2769 * This routine will ensure the values are within the range specified by 2770 * table->extra1 (min) and table->extra2 (max). There is a final sanity 2771 * check for UINT_MAX to avoid having to support wrap around uses from 2772 * userspace. 2773 * 2774 * Returns 0 on success or -ERANGE on write when the range check fails. 2775 */ 2776 int proc_douintvec_minmax(struct ctl_table *table, int write, 2777 void __user *buffer, size_t *lenp, loff_t *ppos) 2778 { 2779 struct do_proc_douintvec_minmax_conv_param param = { 2780 .min = (unsigned int *) table->extra1, 2781 .max = (unsigned int *) table->extra2, 2782 }; 2783 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2784 do_proc_douintvec_minmax_conv, ¶m); 2785 } 2786 2787 static int do_proc_dopipe_max_size_conv(unsigned long *lvalp, 2788 unsigned int *valp, 2789 int write, void *data) 2790 { 2791 if (write) { 2792 unsigned int val; 2793 2794 val = round_pipe_size(*lvalp); 2795 if (val == 0) 2796 return -EINVAL; 2797 2798 *valp = val; 2799 } else { 2800 unsigned int val = *valp; 2801 *lvalp = (unsigned long) val; 2802 } 2803 2804 return 0; 2805 } 2806 2807 static int proc_dopipe_max_size(struct ctl_table *table, int write, 2808 void __user *buffer, size_t *lenp, loff_t *ppos) 2809 { 2810 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2811 do_proc_dopipe_max_size_conv, NULL); 2812 } 2813 2814 static void validate_coredump_safety(void) 2815 { 2816 #ifdef CONFIG_COREDUMP 2817 if (suid_dumpable == SUID_DUMP_ROOT && 2818 core_pattern[0] != '/' && core_pattern[0] != '|') { 2819 printk(KERN_WARNING 2820 "Unsafe core_pattern used with fs.suid_dumpable=2.\n" 2821 "Pipe handler or fully qualified core dump path required.\n" 2822 "Set kernel.core_pattern before fs.suid_dumpable.\n" 2823 ); 2824 } 2825 #endif 2826 } 2827 2828 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, 2829 void __user *buffer, size_t *lenp, loff_t *ppos) 2830 { 2831 int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos); 2832 if (!error) 2833 validate_coredump_safety(); 2834 return error; 2835 } 2836 2837 #ifdef CONFIG_COREDUMP 2838 static int proc_dostring_coredump(struct ctl_table *table, int write, 2839 void __user *buffer, size_t *lenp, loff_t *ppos) 2840 { 2841 int error = proc_dostring(table, write, buffer, lenp, ppos); 2842 if (!error) 2843 validate_coredump_safety(); 2844 return error; 2845 } 2846 #endif 2847 2848 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write, 2849 void __user *buffer, 2850 size_t *lenp, loff_t *ppos, 2851 unsigned long convmul, 2852 unsigned long convdiv) 2853 { 2854 unsigned long *i, *min, *max; 2855 int vleft, first = 1, err = 0; 2856 size_t left; 2857 char *kbuf = NULL, *p; 2858 2859 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) { 2860 *lenp = 0; 2861 return 0; 2862 } 2863 2864 i = (unsigned long *) data; 2865 min = (unsigned long *) table->extra1; 2866 max = (unsigned long *) table->extra2; 2867 vleft = table->maxlen / sizeof(unsigned long); 2868 left = *lenp; 2869 2870 if (write) { 2871 if (proc_first_pos_non_zero_ignore(ppos, table)) 2872 goto out; 2873 2874 if (left > PAGE_SIZE - 1) 2875 left = PAGE_SIZE - 1; 2876 p = kbuf = memdup_user_nul(buffer, left); 2877 if (IS_ERR(kbuf)) 2878 return PTR_ERR(kbuf); 2879 } 2880 2881 for (; left && vleft--; i++, first = 0) { 2882 unsigned long val; 2883 2884 if (write) { 2885 bool neg; 2886 2887 left -= proc_skip_spaces(&p); 2888 if (!left) 2889 break; 2890 2891 err = proc_get_long(&p, &left, &val, &neg, 2892 proc_wspace_sep, 2893 sizeof(proc_wspace_sep), NULL); 2894 if (err) 2895 break; 2896 if (neg) 2897 continue; 2898 val = convmul * val / convdiv; 2899 if ((min && val < *min) || (max && val > *max)) { 2900 err = -EINVAL; 2901 break; 2902 } 2903 *i = val; 2904 } else { 2905 val = convdiv * (*i) / convmul; 2906 if (!first) { 2907 err = proc_put_char(&buffer, &left, '\t'); 2908 if (err) 2909 break; 2910 } 2911 err = proc_put_long(&buffer, &left, val, false); 2912 if (err) 2913 break; 2914 } 2915 } 2916 2917 if (!write && !first && left && !err) 2918 err = proc_put_char(&buffer, &left, '\n'); 2919 if (write && !err) 2920 left -= proc_skip_spaces(&p); 2921 if (write) { 2922 kfree(kbuf); 2923 if (first) 2924 return err ? : -EINVAL; 2925 } 2926 *lenp -= left; 2927 out: 2928 *ppos += *lenp; 2929 return err; 2930 } 2931 2932 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, 2933 void __user *buffer, 2934 size_t *lenp, loff_t *ppos, 2935 unsigned long convmul, 2936 unsigned long convdiv) 2937 { 2938 return __do_proc_doulongvec_minmax(table->data, table, write, 2939 buffer, lenp, ppos, convmul, convdiv); 2940 } 2941 2942 /** 2943 * proc_doulongvec_minmax - read a vector of long integers with min/max values 2944 * @table: the sysctl table 2945 * @write: %TRUE if this is a write to the sysctl file 2946 * @buffer: the user buffer 2947 * @lenp: the size of the user buffer 2948 * @ppos: file position 2949 * 2950 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long 2951 * values from/to the user buffer, treated as an ASCII string. 2952 * 2953 * This routine will ensure the values are within the range specified by 2954 * table->extra1 (min) and table->extra2 (max). 2955 * 2956 * Returns 0 on success. 2957 */ 2958 int proc_doulongvec_minmax(struct ctl_table *table, int write, 2959 void __user *buffer, size_t *lenp, loff_t *ppos) 2960 { 2961 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l); 2962 } 2963 2964 /** 2965 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values 2966 * @table: the sysctl table 2967 * @write: %TRUE if this is a write to the sysctl file 2968 * @buffer: the user buffer 2969 * @lenp: the size of the user buffer 2970 * @ppos: file position 2971 * 2972 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long 2973 * values from/to the user buffer, treated as an ASCII string. The values 2974 * are treated as milliseconds, and converted to jiffies when they are stored. 2975 * 2976 * This routine will ensure the values are within the range specified by 2977 * table->extra1 (min) and table->extra2 (max). 2978 * 2979 * Returns 0 on success. 2980 */ 2981 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, 2982 void __user *buffer, 2983 size_t *lenp, loff_t *ppos) 2984 { 2985 return do_proc_doulongvec_minmax(table, write, buffer, 2986 lenp, ppos, HZ, 1000l); 2987 } 2988 2989 2990 static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp, 2991 int *valp, 2992 int write, void *data) 2993 { 2994 if (write) { 2995 if (*lvalp > INT_MAX / HZ) 2996 return 1; 2997 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ); 2998 } else { 2999 int val = *valp; 3000 unsigned long lval; 3001 if (val < 0) { 3002 *negp = true; 3003 lval = -(unsigned long)val; 3004 } else { 3005 *negp = false; 3006 lval = (unsigned long)val; 3007 } 3008 *lvalp = lval / HZ; 3009 } 3010 return 0; 3011 } 3012 3013 static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp, 3014 int *valp, 3015 int write, void *data) 3016 { 3017 if (write) { 3018 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ) 3019 return 1; 3020 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp); 3021 } else { 3022 int val = *valp; 3023 unsigned long lval; 3024 if (val < 0) { 3025 *negp = true; 3026 lval = -(unsigned long)val; 3027 } else { 3028 *negp = false; 3029 lval = (unsigned long)val; 3030 } 3031 *lvalp = jiffies_to_clock_t(lval); 3032 } 3033 return 0; 3034 } 3035 3036 static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp, 3037 int *valp, 3038 int write, void *data) 3039 { 3040 if (write) { 3041 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp); 3042 3043 if (jif > INT_MAX) 3044 return 1; 3045 *valp = (int)jif; 3046 } else { 3047 int val = *valp; 3048 unsigned long lval; 3049 if (val < 0) { 3050 *negp = true; 3051 lval = -(unsigned long)val; 3052 } else { 3053 *negp = false; 3054 lval = (unsigned long)val; 3055 } 3056 *lvalp = jiffies_to_msecs(lval); 3057 } 3058 return 0; 3059 } 3060 3061 /** 3062 * proc_dointvec_jiffies - read a vector of integers as seconds 3063 * @table: the sysctl table 3064 * @write: %TRUE if this is a write to the sysctl file 3065 * @buffer: the user buffer 3066 * @lenp: the size of the user buffer 3067 * @ppos: file position 3068 * 3069 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3070 * values from/to the user buffer, treated as an ASCII string. 3071 * The values read are assumed to be in seconds, and are converted into 3072 * jiffies. 3073 * 3074 * Returns 0 on success. 3075 */ 3076 int proc_dointvec_jiffies(struct ctl_table *table, int write, 3077 void __user *buffer, size_t *lenp, loff_t *ppos) 3078 { 3079 return do_proc_dointvec(table,write,buffer,lenp,ppos, 3080 do_proc_dointvec_jiffies_conv,NULL); 3081 } 3082 3083 /** 3084 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds 3085 * @table: the sysctl table 3086 * @write: %TRUE if this is a write to the sysctl file 3087 * @buffer: the user buffer 3088 * @lenp: the size of the user buffer 3089 * @ppos: pointer to the file position 3090 * 3091 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3092 * values from/to the user buffer, treated as an ASCII string. 3093 * The values read are assumed to be in 1/USER_HZ seconds, and 3094 * are converted into jiffies. 3095 * 3096 * Returns 0 on success. 3097 */ 3098 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, 3099 void __user *buffer, size_t *lenp, loff_t *ppos) 3100 { 3101 return do_proc_dointvec(table,write,buffer,lenp,ppos, 3102 do_proc_dointvec_userhz_jiffies_conv,NULL); 3103 } 3104 3105 /** 3106 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds 3107 * @table: the sysctl table 3108 * @write: %TRUE if this is a write to the sysctl file 3109 * @buffer: the user buffer 3110 * @lenp: the size of the user buffer 3111 * @ppos: file position 3112 * @ppos: the current position in the file 3113 * 3114 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3115 * values from/to the user buffer, treated as an ASCII string. 3116 * The values read are assumed to be in 1/1000 seconds, and 3117 * are converted into jiffies. 3118 * 3119 * Returns 0 on success. 3120 */ 3121 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, 3122 void __user *buffer, size_t *lenp, loff_t *ppos) 3123 { 3124 return do_proc_dointvec(table, write, buffer, lenp, ppos, 3125 do_proc_dointvec_ms_jiffies_conv, NULL); 3126 } 3127 3128 static int proc_do_cad_pid(struct ctl_table *table, int write, 3129 void __user *buffer, size_t *lenp, loff_t *ppos) 3130 { 3131 struct pid *new_pid; 3132 pid_t tmp; 3133 int r; 3134 3135 tmp = pid_vnr(cad_pid); 3136 3137 r = __do_proc_dointvec(&tmp, table, write, buffer, 3138 lenp, ppos, NULL, NULL); 3139 if (r || !write) 3140 return r; 3141 3142 new_pid = find_get_pid(tmp); 3143 if (!new_pid) 3144 return -ESRCH; 3145 3146 put_pid(xchg(&cad_pid, new_pid)); 3147 return 0; 3148 } 3149 3150 /** 3151 * proc_do_large_bitmap - read/write from/to a large bitmap 3152 * @table: the sysctl table 3153 * @write: %TRUE if this is a write to the sysctl file 3154 * @buffer: the user buffer 3155 * @lenp: the size of the user buffer 3156 * @ppos: file position 3157 * 3158 * The bitmap is stored at table->data and the bitmap length (in bits) 3159 * in table->maxlen. 3160 * 3161 * We use a range comma separated format (e.g. 1,3-4,10-10) so that 3162 * large bitmaps may be represented in a compact manner. Writing into 3163 * the file will clear the bitmap then update it with the given input. 3164 * 3165 * Returns 0 on success. 3166 */ 3167 int proc_do_large_bitmap(struct ctl_table *table, int write, 3168 void __user *buffer, size_t *lenp, loff_t *ppos) 3169 { 3170 int err = 0; 3171 bool first = 1; 3172 size_t left = *lenp; 3173 unsigned long bitmap_len = table->maxlen; 3174 unsigned long *bitmap = *(unsigned long **) table->data; 3175 unsigned long *tmp_bitmap = NULL; 3176 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c; 3177 3178 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) { 3179 *lenp = 0; 3180 return 0; 3181 } 3182 3183 if (write) { 3184 char *kbuf, *p; 3185 size_t skipped = 0; 3186 3187 if (left > PAGE_SIZE - 1) { 3188 left = PAGE_SIZE - 1; 3189 /* How much of the buffer we'll skip this pass */ 3190 skipped = *lenp - left; 3191 } 3192 3193 p = kbuf = memdup_user_nul(buffer, left); 3194 if (IS_ERR(kbuf)) 3195 return PTR_ERR(kbuf); 3196 3197 tmp_bitmap = bitmap_zalloc(bitmap_len, GFP_KERNEL); 3198 if (!tmp_bitmap) { 3199 kfree(kbuf); 3200 return -ENOMEM; 3201 } 3202 proc_skip_char(&p, &left, '\n'); 3203 while (!err && left) { 3204 unsigned long val_a, val_b; 3205 bool neg; 3206 size_t saved_left; 3207 3208 /* In case we stop parsing mid-number, we can reset */ 3209 saved_left = left; 3210 err = proc_get_long(&p, &left, &val_a, &neg, tr_a, 3211 sizeof(tr_a), &c); 3212 /* 3213 * If we consumed the entirety of a truncated buffer or 3214 * only one char is left (may be a "-"), then stop here, 3215 * reset, & come back for more. 3216 */ 3217 if ((left <= 1) && skipped) { 3218 left = saved_left; 3219 break; 3220 } 3221 3222 if (err) 3223 break; 3224 if (val_a >= bitmap_len || neg) { 3225 err = -EINVAL; 3226 break; 3227 } 3228 3229 val_b = val_a; 3230 if (left) { 3231 p++; 3232 left--; 3233 } 3234 3235 if (c == '-') { 3236 err = proc_get_long(&p, &left, &val_b, 3237 &neg, tr_b, sizeof(tr_b), 3238 &c); 3239 /* 3240 * If we consumed all of a truncated buffer or 3241 * then stop here, reset, & come back for more. 3242 */ 3243 if (!left && skipped) { 3244 left = saved_left; 3245 break; 3246 } 3247 3248 if (err) 3249 break; 3250 if (val_b >= bitmap_len || neg || 3251 val_a > val_b) { 3252 err = -EINVAL; 3253 break; 3254 } 3255 if (left) { 3256 p++; 3257 left--; 3258 } 3259 } 3260 3261 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1); 3262 first = 0; 3263 proc_skip_char(&p, &left, '\n'); 3264 } 3265 kfree(kbuf); 3266 left += skipped; 3267 } else { 3268 unsigned long bit_a, bit_b = 0; 3269 3270 while (left) { 3271 bit_a = find_next_bit(bitmap, bitmap_len, bit_b); 3272 if (bit_a >= bitmap_len) 3273 break; 3274 bit_b = find_next_zero_bit(bitmap, bitmap_len, 3275 bit_a + 1) - 1; 3276 3277 if (!first) { 3278 err = proc_put_char(&buffer, &left, ','); 3279 if (err) 3280 break; 3281 } 3282 err = proc_put_long(&buffer, &left, bit_a, false); 3283 if (err) 3284 break; 3285 if (bit_a != bit_b) { 3286 err = proc_put_char(&buffer, &left, '-'); 3287 if (err) 3288 break; 3289 err = proc_put_long(&buffer, &left, bit_b, false); 3290 if (err) 3291 break; 3292 } 3293 3294 first = 0; bit_b++; 3295 } 3296 if (!err) 3297 err = proc_put_char(&buffer, &left, '\n'); 3298 } 3299 3300 if (!err) { 3301 if (write) { 3302 if (*ppos) 3303 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len); 3304 else 3305 bitmap_copy(bitmap, tmp_bitmap, bitmap_len); 3306 } 3307 *lenp -= left; 3308 *ppos += *lenp; 3309 } 3310 3311 bitmap_free(tmp_bitmap); 3312 return err; 3313 } 3314 3315 #else /* CONFIG_PROC_SYSCTL */ 3316 3317 int proc_dostring(struct ctl_table *table, int write, 3318 void __user *buffer, size_t *lenp, loff_t *ppos) 3319 { 3320 return -ENOSYS; 3321 } 3322 3323 int proc_dointvec(struct ctl_table *table, int write, 3324 void __user *buffer, size_t *lenp, loff_t *ppos) 3325 { 3326 return -ENOSYS; 3327 } 3328 3329 int proc_douintvec(struct ctl_table *table, int write, 3330 void __user *buffer, size_t *lenp, loff_t *ppos) 3331 { 3332 return -ENOSYS; 3333 } 3334 3335 int proc_dointvec_minmax(struct ctl_table *table, int write, 3336 void __user *buffer, size_t *lenp, loff_t *ppos) 3337 { 3338 return -ENOSYS; 3339 } 3340 3341 int proc_douintvec_minmax(struct ctl_table *table, int write, 3342 void __user *buffer, size_t *lenp, loff_t *ppos) 3343 { 3344 return -ENOSYS; 3345 } 3346 3347 int proc_dointvec_jiffies(struct ctl_table *table, int write, 3348 void __user *buffer, size_t *lenp, loff_t *ppos) 3349 { 3350 return -ENOSYS; 3351 } 3352 3353 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, 3354 void __user *buffer, size_t *lenp, loff_t *ppos) 3355 { 3356 return -ENOSYS; 3357 } 3358 3359 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, 3360 void __user *buffer, size_t *lenp, loff_t *ppos) 3361 { 3362 return -ENOSYS; 3363 } 3364 3365 int proc_doulongvec_minmax(struct ctl_table *table, int write, 3366 void __user *buffer, size_t *lenp, loff_t *ppos) 3367 { 3368 return -ENOSYS; 3369 } 3370 3371 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, 3372 void __user *buffer, 3373 size_t *lenp, loff_t *ppos) 3374 { 3375 return -ENOSYS; 3376 } 3377 3378 int proc_do_large_bitmap(struct ctl_table *table, int write, 3379 void __user *buffer, size_t *lenp, loff_t *ppos) 3380 { 3381 return -ENOSYS; 3382 } 3383 3384 #endif /* CONFIG_PROC_SYSCTL */ 3385 3386 #if defined(CONFIG_SYSCTL) 3387 int proc_do_static_key(struct ctl_table *table, int write, 3388 void __user *buffer, size_t *lenp, 3389 loff_t *ppos) 3390 { 3391 struct static_key *key = (struct static_key *)table->data; 3392 static DEFINE_MUTEX(static_key_mutex); 3393 int val, ret; 3394 struct ctl_table tmp = { 3395 .data = &val, 3396 .maxlen = sizeof(val), 3397 .mode = table->mode, 3398 .extra1 = &zero, 3399 .extra2 = &one, 3400 }; 3401 3402 if (write && !capable(CAP_SYS_ADMIN)) 3403 return -EPERM; 3404 3405 mutex_lock(&static_key_mutex); 3406 val = static_key_enabled(key); 3407 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3408 if (write && !ret) { 3409 if (val) 3410 static_key_enable(key); 3411 else 3412 static_key_disable(key); 3413 } 3414 mutex_unlock(&static_key_mutex); 3415 return ret; 3416 } 3417 #endif 3418 /* 3419 * No sense putting this after each symbol definition, twice, 3420 * exception granted :-) 3421 */ 3422 EXPORT_SYMBOL(proc_dointvec); 3423 EXPORT_SYMBOL(proc_douintvec); 3424 EXPORT_SYMBOL(proc_dointvec_jiffies); 3425 EXPORT_SYMBOL(proc_dointvec_minmax); 3426 EXPORT_SYMBOL_GPL(proc_douintvec_minmax); 3427 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); 3428 EXPORT_SYMBOL(proc_dointvec_ms_jiffies); 3429 EXPORT_SYMBOL(proc_dostring); 3430 EXPORT_SYMBOL(proc_doulongvec_minmax); 3431 EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax); 3432 EXPORT_SYMBOL(proc_do_large_bitmap); 3433