]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - kernel/sysctl.c
projects / mirror_ubuntu-jammy-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
audit: log AUDIT_TIME_* records only from rules
[mirror_ubuntu-jammy-kernel.git] / kernel / sysctl.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * sysctl.c: General linux system control interface
4 *
5 * Begun 24 March 1995, Stephen Tweedie
6 * Added /proc support, Dec 1995
7 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas.
8 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver.
9 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver.
10 * Dynamic registration fixes, Stephen Tweedie.
11 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn.
12 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris
13 * Horn.
14 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer.
15 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer.
16 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill
17 * Wendling.
18 * The list_for_each() macro wasn't appropriate for the sysctl loop.
19 * Removed it and replaced it with older style, 03/23/00, Bill Wendling
20 */
21
22 #include <linux/module.h>
23 #include <linux/aio.h>
24 #include <linux/mm.h>
25 #include <linux/swap.h>
26 #include <linux/slab.h>
27 #include <linux/sysctl.h>
28 #include <linux/bitmap.h>
29 #include <linux/signal.h>
30 #include <linux/panic.h>
31 #include <linux/printk.h>
32 #include <linux/proc_fs.h>
33 #include <linux/security.h>
34 #include <linux/ctype.h>
35 #include <linux/kmemleak.h>
36 #include <linux/fs.h>
37 #include <linux/init.h>
38 #include <linux/kernel.h>
39 #include <linux/kobject.h>
40 #include <linux/net.h>
41 #include <linux/sysrq.h>
42 #include <linux/highuid.h>
43 #include <linux/writeback.h>
44 #include <linux/ratelimit.h>
45 #include <linux/compaction.h>
46 #include <linux/hugetlb.h>
47 #include <linux/initrd.h>
48 #include <linux/key.h>
49 #include <linux/times.h>
50 #include <linux/limits.h>
51 #include <linux/dcache.h>
52 #include <linux/dnotify.h>
53 #include <linux/syscalls.h>
54 #include <linux/vmstat.h>
55 #include <linux/nfs_fs.h>
56 #include <linux/acpi.h>
57 #include <linux/reboot.h>
58 #include <linux/ftrace.h>
59 #include <linux/perf_event.h>
60 #include <linux/kprobes.h>
61 #include <linux/pipe_fs_i.h>
62 #include <linux/oom.h>
63 #include <linux/kmod.h>
64 #include <linux/capability.h>
65 #include <linux/binfmts.h>
66 #include <linux/sched/sysctl.h>
67 #include <linux/sched/coredump.h>
68 #include <linux/kexec.h>
69 #include <linux/bpf.h>
70 #include <linux/mount.h>
71 #include <linux/userfaultfd_k.h>
72 #include <linux/coredump.h>
73 #include <linux/latencytop.h>
74 #include <linux/pid.h>
75 #include <linux/delayacct.h>
76 #include <linux/user_namespace.h>
77
78 #include "../lib/kstrtox.h"
79
80 #include <linux/uaccess.h>
81 #include <asm/processor.h>
82
83 #ifdef CONFIG_X86
84 #include <asm/nmi.h>
85 #include <asm/stacktrace.h>
86 #include <asm/io.h>
87 #endif
88 #ifdef CONFIG_SPARC
89 #include <asm/setup.h>
90 #endif
91 #ifdef CONFIG_BSD_PROCESS_ACCT
92 #include <linux/acct.h>
93 #endif
94 #ifdef CONFIG_RT_MUTEXES
95 #include <linux/rtmutex.h>
96 #endif
97 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
98 #include <linux/lockdep.h>
99 #endif
100 #ifdef CONFIG_CHR_DEV_SG
101 #include <scsi/sg.h>
102 #endif
103 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE
104 #include <linux/stackleak.h>
105 #endif
106 #ifdef CONFIG_LOCKUP_DETECTOR
107 #include <linux/nmi.h>
108 #endif
109
110 #if defined(CONFIG_SYSCTL)
111
112 /* Constants used for minimum and maximum */
113 #ifdef CONFIG_LOCKUP_DETECTOR
114 static int sixty = 60;
115 #endif
116
117 static int __maybe_unused neg_one = -1;
118 static int __maybe_unused two = 2;
119 static int __maybe_unused four = 4;
120 static unsigned long zero_ul;
121 static unsigned long one_ul = 1;
122 static unsigned long long_max = LONG_MAX;
123 static int one_hundred = 100;
124 static int two_hundred = 200;
125 static int one_thousand = 1000;
126 #ifdef CONFIG_PRINTK
127 static int ten_thousand = 10000;
128 #endif
129 #ifdef CONFIG_PERF_EVENTS
130 static int six_hundred_forty_kb = 640 * 1024;
131 #endif
132
133 /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */
134 static unsigned long dirty_bytes_min = 2 * PAGE_SIZE;
135
136 /* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
137 static int maxolduid = 65535;
138 static int minolduid;
139
140 static int ngroups_max = NGROUPS_MAX;
141 static const int cap_last_cap = CAP_LAST_CAP;
142
143 /*
144 * This is needed for proc_doulongvec_minmax of sysctl_hung_task_timeout_secs
145 * and hung_task_check_interval_secs
146 */
147 #ifdef CONFIG_DETECT_HUNG_TASK
148 static unsigned long hung_task_timeout_max = (LONG_MAX/HZ);
149 #endif
150
151 #ifdef CONFIG_INOTIFY_USER
152 #include <linux/inotify.h>
153 #endif
154 #ifdef CONFIG_FANOTIFY
155 #include <linux/fanotify.h>
156 #endif
157
158 #ifdef CONFIG_PROC_SYSCTL
159
160 /**
161 * enum sysctl_writes_mode - supported sysctl write modes
162 *
163 * @SYSCTL_WRITES_LEGACY: each write syscall must fully contain the sysctl value
164 * to be written, and multiple writes on the same sysctl file descriptor
165 * will rewrite the sysctl value, regardless of file position. No warning
166 * is issued when the initial position is not 0.
167 * @SYSCTL_WRITES_WARN: same as above but warn when the initial file position is
168 * not 0.
169 * @SYSCTL_WRITES_STRICT: writes to numeric sysctl entries must always be at
170 * file position 0 and the value must be fully contained in the buffer
171 * sent to the write syscall. If dealing with strings respect the file
172 * position, but restrict this to the max length of the buffer, anything
173 * passed the max length will be ignored. Multiple writes will append
174 * to the buffer.
175 *
176 * These write modes control how current file position affects the behavior of
177 * updating sysctl values through the proc interface on each write.
178 */
179 enum sysctl_writes_mode {
180 SYSCTL_WRITES_LEGACY = -1,
181 SYSCTL_WRITES_WARN = 0,
182 SYSCTL_WRITES_STRICT = 1,
183 };
184
185 static enum sysctl_writes_mode sysctl_writes_strict = SYSCTL_WRITES_STRICT;
186 #endif /* CONFIG_PROC_SYSCTL */
187
188 #if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
189 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
190 int sysctl_legacy_va_layout;
191 #endif
192
193 #ifdef CONFIG_COMPACTION
194 static int min_extfrag_threshold;
195 static int max_extfrag_threshold = 1000;
196 #endif
197
198 #endif /* CONFIG_SYSCTL */
199
200 #if defined(CONFIG_BPF_SYSCALL) && defined(CONFIG_SYSCTL)
201 static int bpf_stats_handler(struct ctl_table *table, int write,
202 void *buffer, size_t *lenp, loff_t *ppos)
203 {
204 struct static_key *key = (struct static_key *)table->data;
205 static int saved_val;
206 int val, ret;
207 struct ctl_table tmp = {
208 .data = &val,
209 .maxlen = sizeof(val),
210 .mode = table->mode,
211 .extra1 = SYSCTL_ZERO,
212 .extra2 = SYSCTL_ONE,
213 };
214
215 if (write && !capable(CAP_SYS_ADMIN))
216 return -EPERM;
217
218 mutex_lock(&bpf_stats_enabled_mutex);
219 val = saved_val;
220 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
221 if (write && !ret && val != saved_val) {
222 if (val)
223 static_key_slow_inc(key);
224 else
225 static_key_slow_dec(key);
226 saved_val = val;
227 }
228 mutex_unlock(&bpf_stats_enabled_mutex);
229 return ret;
230 }
231
232 void __weak unpriv_ebpf_notify(int new_state)
233 {
234 }
235
236 static int bpf_unpriv_handler(struct ctl_table *table, int write,
237 void *buffer, size_t *lenp, loff_t *ppos)
238 {
239 int ret, unpriv_enable = *(int *)table->data;
240 bool locked_state = unpriv_enable == 1;
241 struct ctl_table tmp = *table;
242
243 if (write && !capable(CAP_SYS_ADMIN))
244 return -EPERM;
245
246 tmp.data = &unpriv_enable;
247 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
248 if (write && !ret) {
249 if (locked_state && unpriv_enable != 1)
250 return -EPERM;
251 *(int *)table->data = unpriv_enable;
252 }
253
254 unpriv_ebpf_notify(unpriv_enable);
255
256 return ret;
257 }
258 #endif /* CONFIG_BPF_SYSCALL && CONFIG_SYSCTL */
259
260 /*
261 * /proc/sys support
262 */
263
264 #ifdef CONFIG_PROC_SYSCTL
265
266 static int _proc_do_string(char *data, int maxlen, int write,
267 char *buffer, size_t *lenp, loff_t *ppos)
268 {
269 size_t len;
270 char c, *p;
271
272 if (!data || !maxlen || !*lenp) {
273 *lenp = 0;
274 return 0;
275 }
276
277 if (write) {
278 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) {
279 /* Only continue writes not past the end of buffer. */
280 len = strlen(data);
281 if (len > maxlen - 1)
282 len = maxlen - 1;
283
284 if (*ppos > len)
285 return 0;
286 len = *ppos;
287 } else {
288 /* Start writing from beginning of buffer. */
289 len = 0;
290 }
291
292 *ppos += *lenp;
293 p = buffer;
294 while ((p - buffer) < *lenp && len < maxlen - 1) {
295 c = *(p++);
296 if (c == 0 || c == '\n')
297 break;
298 data[len++] = c;
299 }
300 data[len] = 0;
301 } else {
302 len = strlen(data);
303 if (len > maxlen)
304 len = maxlen;
305
306 if (*ppos > len) {
307 *lenp = 0;
308 return 0;
309 }
310
311 data += *ppos;
312 len -= *ppos;
313
314 if (len > *lenp)
315 len = *lenp;
316 if (len)
317 memcpy(buffer, data, len);
318 if (len < *lenp) {
319 buffer[len] = '\n';
320 len++;
321 }
322 *lenp = len;
323 *ppos += len;
324 }
325 return 0;
326 }
327
328 static void warn_sysctl_write(struct ctl_table *table)
329 {
330 pr_warn_once("%s wrote to %s when file position was not 0!\n"
331 "This will not be supported in the future. To silence this\n"
332 "warning, set kernel.sysctl_writes_strict = -1\n",
333 current->comm, table->procname);
334 }
335
336 /**
337 * proc_first_pos_non_zero_ignore - check if first position is allowed
338 * @ppos: file position
339 * @table: the sysctl table
340 *
341 * Returns true if the first position is non-zero and the sysctl_writes_strict
342 * mode indicates this is not allowed for numeric input types. String proc
343 * handlers can ignore the return value.
344 */
345 static bool proc_first_pos_non_zero_ignore(loff_t *ppos,
346 struct ctl_table *table)
347 {
348 if (!*ppos)
349 return false;
350
351 switch (sysctl_writes_strict) {
352 case SYSCTL_WRITES_STRICT:
353 return true;
354 case SYSCTL_WRITES_WARN:
355 warn_sysctl_write(table);
356 return false;
357 default:
358 return false;
359 }
360 }
361
362 /**
363 * proc_dostring - read a string sysctl
364 * @table: the sysctl table
365 * @write: %TRUE if this is a write to the sysctl file
366 * @buffer: the user buffer
367 * @lenp: the size of the user buffer
368 * @ppos: file position
369 *
370 * Reads/writes a string from/to the user buffer. If the kernel
371 * buffer provided is not large enough to hold the string, the
372 * string is truncated. The copied string is %NULL-terminated.
373 * If the string is being read by the user process, it is copied
374 * and a newline '\n' is added. It is truncated if the buffer is
375 * not large enough.
376 *
377 * Returns 0 on success.
378 */
379 int proc_dostring(struct ctl_table *table, int write,
380 void *buffer, size_t *lenp, loff_t *ppos)
381 {
382 if (write)
383 proc_first_pos_non_zero_ignore(ppos, table);
384
385 return _proc_do_string(table->data, table->maxlen, write, buffer, lenp,
386 ppos);
387 }
388
389 static size_t proc_skip_spaces(char **buf)
390 {
391 size_t ret;
392 char *tmp = skip_spaces(*buf);
393 ret = tmp - *buf;
394 *buf = tmp;
395 return ret;
396 }
397
398 static void proc_skip_char(char **buf, size_t *size, const char v)
399 {
400 while (*size) {
401 if (**buf != v)
402 break;
403 (*size)--;
404 (*buf)++;
405 }
406 }
407
408 /**
409 * strtoul_lenient - parse an ASCII formatted integer from a buffer and only
410 * fail on overflow
411 *
412 * @cp: kernel buffer containing the string to parse
413 * @endp: pointer to store the trailing characters
414 * @base: the base to use
415 * @res: where the parsed integer will be stored
416 *
417 * In case of success 0 is returned and @res will contain the parsed integer,
418 * @endp will hold any trailing characters.
419 * This function will fail the parse on overflow. If there wasn't an overflow
420 * the function will defer the decision what characters count as invalid to the
421 * caller.
422 */
423 static int strtoul_lenient(const char *cp, char **endp, unsigned int base,
424 unsigned long *res)
425 {
426 unsigned long long result;
427 unsigned int rv;
428
429 cp = _parse_integer_fixup_radix(cp, &base);
430 rv = _parse_integer(cp, base, &result);
431 if ((rv & KSTRTOX_OVERFLOW) || (result != (unsigned long)result))
432 return -ERANGE;
433
434 cp += rv;
435
436 if (endp)
437 *endp = (char *)cp;
438
439 *res = (unsigned long)result;
440 return 0;
441 }
442
443 #define TMPBUFLEN 22
444 /**
445 * proc_get_long - reads an ASCII formatted integer from a user buffer
446 *
447 * @buf: a kernel buffer
448 * @size: size of the kernel buffer
449 * @val: this is where the number will be stored
450 * @neg: set to %TRUE if number is negative
451 * @perm_tr: a vector which contains the allowed trailers
452 * @perm_tr_len: size of the perm_tr vector
453 * @tr: pointer to store the trailer character
454 *
455 * In case of success %0 is returned and @buf and @size are updated with
456 * the amount of bytes read. If @tr is non-NULL and a trailing
457 * character exists (size is non-zero after returning from this
458 * function), @tr is updated with the trailing character.
459 */
460 static int proc_get_long(char **buf, size_t *size,
461 unsigned long *val, bool *neg,
462 const char *perm_tr, unsigned perm_tr_len, char *tr)
463 {
464 int len;
465 char *p, tmp[TMPBUFLEN];
466
467 if (!*size)
468 return -EINVAL;
469
470 len = *size;
471 if (len > TMPBUFLEN - 1)
472 len = TMPBUFLEN - 1;
473
474 memcpy(tmp, *buf, len);
475
476 tmp[len] = 0;
477 p = tmp;
478 if (*p == '-' && *size > 1) {
479 *neg = true;
480 p++;
481 } else
482 *neg = false;
483 if (!isdigit(*p))
484 return -EINVAL;
485
486 if (strtoul_lenient(p, &p, 0, val))
487 return -EINVAL;
488
489 len = p - tmp;
490
491 /* We don't know if the next char is whitespace thus we may accept
492 * invalid integers (e.g. 1234...a) or two integers instead of one
493 * (e.g. 123...1). So lets not allow such large numbers. */
494 if (len == TMPBUFLEN - 1)
495 return -EINVAL;
496
497 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
498 return -EINVAL;
499
500 if (tr && (len < *size))
501 *tr = *p;
502
503 *buf += len;
504 *size -= len;
505
506 return 0;
507 }
508
509 /**
510 * proc_put_long - converts an integer to a decimal ASCII formatted string
511 *
512 * @buf: the user buffer
513 * @size: the size of the user buffer
514 * @val: the integer to be converted
515 * @neg: sign of the number, %TRUE for negative
516 *
517 * In case of success @buf and @size are updated with the amount of bytes
518 * written.
519 */
520 static void proc_put_long(void **buf, size_t *size, unsigned long val, bool neg)
521 {
522 int len;
523 char tmp[TMPBUFLEN], *p = tmp;
524
525 sprintf(p, "%s%lu", neg ? "-" : "", val);
526 len = strlen(tmp);
527 if (len > *size)
528 len = *size;
529 memcpy(*buf, tmp, len);
530 *size -= len;
531 *buf += len;
532 }
533 #undef TMPBUFLEN
534
535 static void proc_put_char(void **buf, size_t *size, char c)
536 {
537 if (*size) {
538 char **buffer = (char **)buf;
539 **buffer = c;
540
541 (*size)--;
542 (*buffer)++;
543 *buf = *buffer;
544 }
545 }
546
547 static int do_proc_dobool_conv(bool *negp, unsigned long *lvalp,
548 int *valp,
549 int write, void *data)
550 {
551 if (write) {
552 *(bool *)valp = *lvalp;
553 } else {
554 int val = *(bool *)valp;
555
556 *lvalp = (unsigned long)val;
557 *negp = false;
558 }
559 return 0;
560 }
561
562 static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
563 int *valp,
564 int write, void *data)
565 {
566 if (write) {
567 if (*negp) {
568 if (*lvalp > (unsigned long) INT_MAX + 1)
569 return -EINVAL;
570 *valp = -*lvalp;
571 } else {
572 if (*lvalp > (unsigned long) INT_MAX)
573 return -EINVAL;
574 *valp = *lvalp;
575 }
576 } else {
577 int val = *valp;
578 if (val < 0) {
579 *negp = true;
580 *lvalp = -(unsigned long)val;
581 } else {
582 *negp = false;
583 *lvalp = (unsigned long)val;
584 }
585 }
586 return 0;
587 }
588
589 static int do_proc_douintvec_conv(unsigned long *lvalp,
590 unsigned int *valp,
591 int write, void *data)
592 {
593 if (write) {
594 if (*lvalp > UINT_MAX)
595 return -EINVAL;
596 *valp = *lvalp;
597 } else {
598 unsigned int val = *valp;
599 *lvalp = (unsigned long)val;
600 }
601 return 0;
602 }
603
604 static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
605
606 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
607 int write, void *buffer,
608 size_t *lenp, loff_t *ppos,
609 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
610 int write, void *data),
611 void *data)
612 {
613 int *i, vleft, first = 1, err = 0;
614 size_t left;
615 char *p;
616
617 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
618 *lenp = 0;
619 return 0;
620 }
621
622 i = (int *) tbl_data;
623 vleft = table->maxlen / sizeof(*i);
624 left = *lenp;
625
626 if (!conv)
627 conv = do_proc_dointvec_conv;
628
629 if (write) {
630 if (proc_first_pos_non_zero_ignore(ppos, table))
631 goto out;
632
633 if (left > PAGE_SIZE - 1)
634 left = PAGE_SIZE - 1;
635 p = buffer;
636 }
637
638 for (; left && vleft--; i++, first=0) {
639 unsigned long lval;
640 bool neg;
641
642 if (write) {
643 left -= proc_skip_spaces(&p);
644
645 if (!left)
646 break;
647 err = proc_get_long(&p, &left, &lval, &neg,
648 proc_wspace_sep,
649 sizeof(proc_wspace_sep), NULL);
650 if (err)
651 break;
652 if (conv(&neg, &lval, i, 1, data)) {
653 err = -EINVAL;
654 break;
655 }
656 } else {
657 if (conv(&neg, &lval, i, 0, data)) {
658 err = -EINVAL;
659 break;
660 }
661 if (!first)
662 proc_put_char(&buffer, &left, '\t');
663 proc_put_long(&buffer, &left, lval, neg);
664 }
665 }
666
667 if (!write && !first && left && !err)
668 proc_put_char(&buffer, &left, '\n');
669 if (write && !err && left)
670 left -= proc_skip_spaces(&p);
671 if (write && first)
672 return err ? : -EINVAL;
673 *lenp -= left;
674 out:
675 *ppos += *lenp;
676 return err;
677 }
678
679 static int do_proc_dointvec(struct ctl_table *table, int write,
680 void *buffer, size_t *lenp, loff_t *ppos,
681 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
682 int write, void *data),
683 void *data)
684 {
685 return __do_proc_dointvec(table->data, table, write,
686 buffer, lenp, ppos, conv, data);
687 }
688
689 static int do_proc_douintvec_w(unsigned int *tbl_data,
690 struct ctl_table *table,
691 void *buffer,
692 size_t *lenp, loff_t *ppos,
693 int (*conv)(unsigned long *lvalp,
694 unsigned int *valp,
695 int write, void *data),
696 void *data)
697 {
698 unsigned long lval;
699 int err = 0;
700 size_t left;
701 bool neg;
702 char *p = buffer;
703
704 left = *lenp;
705
706 if (proc_first_pos_non_zero_ignore(ppos, table))
707 goto bail_early;
708
709 if (left > PAGE_SIZE - 1)
710 left = PAGE_SIZE - 1;
711
712 left -= proc_skip_spaces(&p);
713 if (!left) {
714 err = -EINVAL;
715 goto out_free;
716 }
717
718 err = proc_get_long(&p, &left, &lval, &neg,
719 proc_wspace_sep,
720 sizeof(proc_wspace_sep), NULL);
721 if (err || neg) {
722 err = -EINVAL;
723 goto out_free;
724 }
725
726 if (conv(&lval, tbl_data, 1, data)) {
727 err = -EINVAL;
728 goto out_free;
729 }
730
731 if (!err && left)
732 left -= proc_skip_spaces(&p);
733
734 out_free:
735 if (err)
736 return -EINVAL;
737
738 return 0;
739
740 /* This is in keeping with old __do_proc_dointvec() */
741 bail_early:
742 *ppos += *lenp;
743 return err;
744 }
745
746 static int do_proc_douintvec_r(unsigned int *tbl_data, void *buffer,
747 size_t *lenp, loff_t *ppos,
748 int (*conv)(unsigned long *lvalp,
749 unsigned int *valp,
750 int write, void *data),
751 void *data)
752 {
753 unsigned long lval;
754 int err = 0;
755 size_t left;
756
757 left = *lenp;
758
759 if (conv(&lval, tbl_data, 0, data)) {
760 err = -EINVAL;
761 goto out;
762 }
763
764 proc_put_long(&buffer, &left, lval, false);
765 if (!left)
766 goto out;
767
768 proc_put_char(&buffer, &left, '\n');
769
770 out:
771 *lenp -= left;
772 *ppos += *lenp;
773
774 return err;
775 }
776
777 static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table,
778 int write, void *buffer,
779 size_t *lenp, loff_t *ppos,
780 int (*conv)(unsigned long *lvalp,
781 unsigned int *valp,
782 int write, void *data),
783 void *data)
784 {
785 unsigned int *i, vleft;
786
787 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
788 *lenp = 0;
789 return 0;
790 }
791
792 i = (unsigned int *) tbl_data;
793 vleft = table->maxlen / sizeof(*i);
794
795 /*
796 * Arrays are not supported, keep this simple. *Do not* add
797 * support for them.
798 */
799 if (vleft != 1) {
800 *lenp = 0;
801 return -EINVAL;
802 }
803
804 if (!conv)
805 conv = do_proc_douintvec_conv;
806
807 if (write)
808 return do_proc_douintvec_w(i, table, buffer, lenp, ppos,
809 conv, data);
810 return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data);
811 }
812
813 static int do_proc_douintvec(struct ctl_table *table, int write,
814 void *buffer, size_t *lenp, loff_t *ppos,
815 int (*conv)(unsigned long *lvalp,
816 unsigned int *valp,
817 int write, void *data),
818 void *data)
819 {
820 return __do_proc_douintvec(table->data, table, write,
821 buffer, lenp, ppos, conv, data);
822 }
823
824 /**
825 * proc_dobool - read/write a bool
826 * @table: the sysctl table
827 * @write: %TRUE if this is a write to the sysctl file
828 * @buffer: the user buffer
829 * @lenp: the size of the user buffer
830 * @ppos: file position
831 *
832 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
833 * values from/to the user buffer, treated as an ASCII string.
834 *
835 * Returns 0 on success.
836 */
837 int proc_dobool(struct ctl_table *table, int write, void *buffer,
838 size_t *lenp, loff_t *ppos)
839 {
840 return do_proc_dointvec(table, write, buffer, lenp, ppos,
841 do_proc_dobool_conv, NULL);
842 }
843
844 /**
845 * proc_dointvec - read a vector of integers
846 * @table: the sysctl table
847 * @write: %TRUE if this is a write to the sysctl file
848 * @buffer: the user buffer
849 * @lenp: the size of the user buffer
850 * @ppos: file position
851 *
852 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
853 * values from/to the user buffer, treated as an ASCII string.
854 *
855 * Returns 0 on success.
856 */
857 int proc_dointvec(struct ctl_table *table, int write, void *buffer,
858 size_t *lenp, loff_t *ppos)
859 {
860 return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL);
861 }
862
863 #ifdef CONFIG_COMPACTION
864 static int proc_dointvec_minmax_warn_RT_change(struct ctl_table *table,
865 int write, void *buffer, size_t *lenp, loff_t *ppos)
866 {
867 int ret, old;
868
869 if (!IS_ENABLED(CONFIG_PREEMPT_RT) || !write)
870 return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
871
872 old = *(int *)table->data;
873 ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
874 if (ret)
875 return ret;
876 if (old != *(int *)table->data)
877 pr_warn_once("sysctl attribute %s changed by %s[%d]\n",
878 table->procname, current->comm,
879 task_pid_nr(current));
880 return ret;
881 }
882 #endif
883
884 /**
885 * proc_douintvec - read a vector of unsigned integers
886 * @table: the sysctl table
887 * @write: %TRUE if this is a write to the sysctl file
888 * @buffer: the user buffer
889 * @lenp: the size of the user buffer
890 * @ppos: file position
891 *
892 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
893 * values from/to the user buffer, treated as an ASCII string.
894 *
895 * Returns 0 on success.
896 */
897 int proc_douintvec(struct ctl_table *table, int write, void *buffer,
898 size_t *lenp, loff_t *ppos)
899 {
900 return do_proc_douintvec(table, write, buffer, lenp, ppos,
901 do_proc_douintvec_conv, NULL);
902 }
903
904 /*
905 * Taint values can only be increased
906 * This means we can safely use a temporary.
907 */
908 static int proc_taint(struct ctl_table *table, int write,
909 void *buffer, size_t *lenp, loff_t *ppos)
910 {
911 struct ctl_table t;
912 unsigned long tmptaint = get_taint();
913 int err;
914
915 if (write && !capable(CAP_SYS_ADMIN))
916 return -EPERM;
917
918 t = *table;
919 t.data = &tmptaint;
920 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
921 if (err < 0)
922 return err;
923
924 if (write) {
925 int i;
926
927 /*
928 * If we are relying on panic_on_taint not producing
929 * false positives due to userspace input, bail out
930 * before setting the requested taint flags.
931 */
932 if (panic_on_taint_nousertaint && (tmptaint & panic_on_taint))
933 return -EINVAL;
934
935 /*
936 * Poor man's atomic or. Not worth adding a primitive
937 * to everyone's atomic.h for this
938 */
939 for (i = 0; i < TAINT_FLAGS_COUNT; i++)
940 if ((1UL << i) & tmptaint)
941 add_taint(i, LOCKDEP_STILL_OK);
942 }
943
944 return err;
945 }
946
947 #ifdef CONFIG_PRINTK
948 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
949 void *buffer, size_t *lenp, loff_t *ppos)
950 {
951 if (write && !capable(CAP_SYS_ADMIN))
952 return -EPERM;
953
954 return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
955 }
956 #endif
957
958 /**
959 * struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure
960 * @min: pointer to minimum allowable value
961 * @max: pointer to maximum allowable value
962 *
963 * The do_proc_dointvec_minmax_conv_param structure provides the
964 * minimum and maximum values for doing range checking for those sysctl
965 * parameters that use the proc_dointvec_minmax() handler.
966 */
967 struct do_proc_dointvec_minmax_conv_param {
968 int *min;
969 int *max;
970 };
971
972 static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
973 int *valp,
974 int write, void *data)
975 {
976 int tmp, ret;
977 struct do_proc_dointvec_minmax_conv_param *param = data;
978 /*
979 * If writing, first do so via a temporary local int so we can
980 * bounds-check it before touching *valp.
981 */
982 int *ip = write ? &tmp : valp;
983
984 ret = do_proc_dointvec_conv(negp, lvalp, ip, write, data);
985 if (ret)
986 return ret;
987
988 if (write) {
989 if ((param->min && *param->min > tmp) ||
990 (param->max && *param->max < tmp))
991 return -EINVAL;
992 *valp = tmp;
993 }
994
995 return 0;
996 }
997
998 /**
999 * proc_dointvec_minmax - read a vector of integers with min/max values
1000 * @table: the sysctl table
1001 * @write: %TRUE if this is a write to the sysctl file
1002 * @buffer: the user buffer
1003 * @lenp: the size of the user buffer
1004 * @ppos: file position
1005 *
1006 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1007 * values from/to the user buffer, treated as an ASCII string.
1008 *
1009 * This routine will ensure the values are within the range specified by
1010 * table->extra1 (min) and table->extra2 (max).
1011 *
1012 * Returns 0 on success or -EINVAL on write when the range check fails.
1013 */
1014 int proc_dointvec_minmax(struct ctl_table *table, int write,
1015 void *buffer, size_t *lenp, loff_t *ppos)
1016 {
1017 struct do_proc_dointvec_minmax_conv_param param = {
1018 .min = (int *) table->extra1,
1019 .max = (int *) table->extra2,
1020 };
1021 return do_proc_dointvec(table, write, buffer, lenp, ppos,
1022 do_proc_dointvec_minmax_conv, &param);
1023 }
1024
1025 /**
1026 * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure
1027 * @min: pointer to minimum allowable value
1028 * @max: pointer to maximum allowable value
1029 *
1030 * The do_proc_douintvec_minmax_conv_param structure provides the
1031 * minimum and maximum values for doing range checking for those sysctl
1032 * parameters that use the proc_douintvec_minmax() handler.
1033 */
1034 struct do_proc_douintvec_minmax_conv_param {
1035 unsigned int *min;
1036 unsigned int *max;
1037 };
1038
1039 static int do_proc_douintvec_minmax_conv(unsigned long *lvalp,
1040 unsigned int *valp,
1041 int write, void *data)
1042 {
1043 int ret;
1044 unsigned int tmp;
1045 struct do_proc_douintvec_minmax_conv_param *param = data;
1046 /* write via temporary local uint for bounds-checking */
1047 unsigned int *up = write ? &tmp : valp;
1048
1049 ret = do_proc_douintvec_conv(lvalp, up, write, data);
1050 if (ret)
1051 return ret;
1052
1053 if (write) {
1054 if ((param->min && *param->min > tmp) ||
1055 (param->max && *param->max < tmp))
1056 return -ERANGE;
1057
1058 *valp = tmp;
1059 }
1060
1061 return 0;
1062 }
1063
1064 /**
1065 * proc_douintvec_minmax - read a vector of unsigned ints with min/max values
1066 * @table: the sysctl table
1067 * @write: %TRUE if this is a write to the sysctl file
1068 * @buffer: the user buffer
1069 * @lenp: the size of the user buffer
1070 * @ppos: file position
1071 *
1072 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer
1073 * values from/to the user buffer, treated as an ASCII string. Negative
1074 * strings are not allowed.
1075 *
1076 * This routine will ensure the values are within the range specified by
1077 * table->extra1 (min) and table->extra2 (max). There is a final sanity
1078 * check for UINT_MAX to avoid having to support wrap around uses from
1079 * userspace.
1080 *
1081 * Returns 0 on success or -ERANGE on write when the range check fails.
1082 */
1083 int proc_douintvec_minmax(struct ctl_table *table, int write,
1084 void *buffer, size_t *lenp, loff_t *ppos)
1085 {
1086 struct do_proc_douintvec_minmax_conv_param param = {
1087 .min = (unsigned int *) table->extra1,
1088 .max = (unsigned int *) table->extra2,
1089 };
1090 return do_proc_douintvec(table, write, buffer, lenp, ppos,
1091 do_proc_douintvec_minmax_conv, &param);
1092 }
1093
1094 /**
1095 * proc_dou8vec_minmax - read a vector of unsigned chars with min/max values
1096 * @table: the sysctl table
1097 * @write: %TRUE if this is a write to the sysctl file
1098 * @buffer: the user buffer
1099 * @lenp: the size of the user buffer
1100 * @ppos: file position
1101 *
1102 * Reads/writes up to table->maxlen/sizeof(u8) unsigned chars
1103 * values from/to the user buffer, treated as an ASCII string. Negative
1104 * strings are not allowed.
1105 *
1106 * This routine will ensure the values are within the range specified by
1107 * table->extra1 (min) and table->extra2 (max).
1108 *
1109 * Returns 0 on success or an error on write when the range check fails.
1110 */
1111 int proc_dou8vec_minmax(struct ctl_table *table, int write,
1112 void *buffer, size_t *lenp, loff_t *ppos)
1113 {
1114 struct ctl_table tmp;
1115 unsigned int min = 0, max = 255U, val;
1116 u8 *data = table->data;
1117 struct do_proc_douintvec_minmax_conv_param param = {
1118 .min = &min,
1119 .max = &max,
1120 };
1121 int res;
1122
1123 /* Do not support arrays yet. */
1124 if (table->maxlen != sizeof(u8))
1125 return -EINVAL;
1126
1127 if (table->extra1) {
1128 min = *(unsigned int *) table->extra1;
1129 if (min > 255U)
1130 return -EINVAL;
1131 }
1132 if (table->extra2) {
1133 max = *(unsigned int *) table->extra2;
1134 if (max > 255U)
1135 return -EINVAL;
1136 }
1137
1138 tmp = *table;
1139
1140 tmp.maxlen = sizeof(val);
1141 tmp.data = &val;
1142 val = *data;
1143 res = do_proc_douintvec(&tmp, write, buffer, lenp, ppos,
1144 do_proc_douintvec_minmax_conv, &param);
1145 if (res)
1146 return res;
1147 if (write)
1148 *data = val;
1149 return 0;
1150 }
1151 EXPORT_SYMBOL_GPL(proc_dou8vec_minmax);
1152
1153 static int do_proc_dopipe_max_size_conv(unsigned long *lvalp,
1154 unsigned int *valp,
1155 int write, void *data)
1156 {
1157 if (write) {
1158 unsigned int val;
1159
1160 val = round_pipe_size(*lvalp);
1161 if (val == 0)
1162 return -EINVAL;
1163
1164 *valp = val;
1165 } else {
1166 unsigned int val = *valp;
1167 *lvalp = (unsigned long) val;
1168 }
1169
1170 return 0;
1171 }
1172
1173 static int proc_dopipe_max_size(struct ctl_table *table, int write,
1174 void *buffer, size_t *lenp, loff_t *ppos)
1175 {
1176 return do_proc_douintvec(table, write, buffer, lenp, ppos,
1177 do_proc_dopipe_max_size_conv, NULL);
1178 }
1179
1180 static void validate_coredump_safety(void)
1181 {
1182 #ifdef CONFIG_COREDUMP
1183 if (suid_dumpable == SUID_DUMP_ROOT &&
1184 core_pattern[0] != '/' && core_pattern[0] != '|') {
1185 printk(KERN_WARNING
1186 "Unsafe core_pattern used with fs.suid_dumpable=2.\n"
1187 "Pipe handler or fully qualified core dump path required.\n"
1188 "Set kernel.core_pattern before fs.suid_dumpable.\n"
1189 );
1190 }
1191 #endif
1192 }
1193
1194 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
1195 void *buffer, size_t *lenp, loff_t *ppos)
1196 {
1197 int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
1198 if (!error)
1199 validate_coredump_safety();
1200 return error;
1201 }
1202
1203 #ifdef CONFIG_COREDUMP
1204 static int proc_dostring_coredump(struct ctl_table *table, int write,
1205 void *buffer, size_t *lenp, loff_t *ppos)
1206 {
1207 int error = proc_dostring(table, write, buffer, lenp, ppos);
1208 if (!error)
1209 validate_coredump_safety();
1210 return error;
1211 }
1212 #endif
1213
1214 #ifdef CONFIG_MAGIC_SYSRQ
1215 static int sysrq_sysctl_handler(struct ctl_table *table, int write,
1216 void *buffer, size_t *lenp, loff_t *ppos)
1217 {
1218 int tmp, ret;
1219
1220 tmp = sysrq_mask();
1221
1222 ret = __do_proc_dointvec(&tmp, table, write, buffer,
1223 lenp, ppos, NULL, NULL);
1224 if (ret || !write)
1225 return ret;
1226
1227 if (write)
1228 sysrq_toggle_support(tmp);
1229
1230 return 0;
1231 }
1232 #endif
1233
1234 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table,
1235 int write, void *buffer, size_t *lenp, loff_t *ppos,
1236 unsigned long convmul, unsigned long convdiv)
1237 {
1238 unsigned long *i, *min, *max;
1239 int vleft, first = 1, err = 0;
1240 size_t left;
1241 char *p;
1242
1243 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
1244 *lenp = 0;
1245 return 0;
1246 }
1247
1248 i = (unsigned long *) data;
1249 min = (unsigned long *) table->extra1;
1250 max = (unsigned long *) table->extra2;
1251 vleft = table->maxlen / sizeof(unsigned long);
1252 left = *lenp;
1253
1254 if (write) {
1255 if (proc_first_pos_non_zero_ignore(ppos, table))
1256 goto out;
1257
1258 if (left > PAGE_SIZE - 1)
1259 left = PAGE_SIZE - 1;
1260 p = buffer;
1261 }
1262
1263 for (; left && vleft--; i++, first = 0) {
1264 unsigned long val;
1265
1266 if (write) {
1267 bool neg;
1268
1269 left -= proc_skip_spaces(&p);
1270 if (!left)
1271 break;
1272
1273 err = proc_get_long(&p, &left, &val, &neg,
1274 proc_wspace_sep,
1275 sizeof(proc_wspace_sep), NULL);
1276 if (err)
1277 break;
1278 if (neg)
1279 continue;
1280 val = convmul * val / convdiv;
1281 if ((min && val < *min) || (max && val > *max)) {
1282 err = -EINVAL;
1283 break;
1284 }
1285 *i = val;
1286 } else {
1287 val = convdiv * (*i) / convmul;
1288 if (!first)
1289 proc_put_char(&buffer, &left, '\t');
1290 proc_put_long(&buffer, &left, val, false);
1291 }
1292 }
1293
1294 if (!write && !first && left && !err)
1295 proc_put_char(&buffer, &left, '\n');
1296 if (write && !err)
1297 left -= proc_skip_spaces(&p);
1298 if (write && first)
1299 return err ? : -EINVAL;
1300 *lenp -= left;
1301 out:
1302 *ppos += *lenp;
1303 return err;
1304 }
1305
1306 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
1307 void *buffer, size_t *lenp, loff_t *ppos, unsigned long convmul,
1308 unsigned long convdiv)
1309 {
1310 return __do_proc_doulongvec_minmax(table->data, table, write,
1311 buffer, lenp, ppos, convmul, convdiv);
1312 }
1313
1314 /**
1315 * proc_doulongvec_minmax - read a vector of long integers with min/max values
1316 * @table: the sysctl table
1317 * @write: %TRUE if this is a write to the sysctl file
1318 * @buffer: the user buffer
1319 * @lenp: the size of the user buffer
1320 * @ppos: file position
1321 *
1322 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
1323 * values from/to the user buffer, treated as an ASCII string.
1324 *
1325 * This routine will ensure the values are within the range specified by
1326 * table->extra1 (min) and table->extra2 (max).
1327 *
1328 * Returns 0 on success.
1329 */
1330 int proc_doulongvec_minmax(struct ctl_table *table, int write,
1331 void *buffer, size_t *lenp, loff_t *ppos)
1332 {
1333 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l);
1334 }
1335
1336 /**
1337 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values
1338 * @table: the sysctl table
1339 * @write: %TRUE if this is a write to the sysctl file
1340 * @buffer: the user buffer
1341 * @lenp: the size of the user buffer
1342 * @ppos: file position
1343 *
1344 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
1345 * values from/to the user buffer, treated as an ASCII string. The values
1346 * are treated as milliseconds, and converted to jiffies when they are stored.
1347 *
1348 * This routine will ensure the values are within the range specified by
1349 * table->extra1 (min) and table->extra2 (max).
1350 *
1351 * Returns 0 on success.
1352 */
1353 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
1354 void *buffer, size_t *lenp, loff_t *ppos)
1355 {
1356 return do_proc_doulongvec_minmax(table, write, buffer,
1357 lenp, ppos, HZ, 1000l);
1358 }
1359
1360
1361 static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
1362 int *valp,
1363 int write, void *data)
1364 {
1365 if (write) {
1366 if (*lvalp > INT_MAX / HZ)
1367 return 1;
1368 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ);
1369 } else {
1370 int val = *valp;
1371 unsigned long lval;
1372 if (val < 0) {
1373 *negp = true;
1374 lval = -(unsigned long)val;
1375 } else {
1376 *negp = false;
1377 lval = (unsigned long)val;
1378 }
1379 *lvalp = lval / HZ;
1380 }
1381 return 0;
1382 }
1383
1384 static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
1385 int *valp,
1386 int write, void *data)
1387 {
1388 if (write) {
1389 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ)
1390 return 1;
1391 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp);
1392 } else {
1393 int val = *valp;
1394 unsigned long lval;
1395 if (val < 0) {
1396 *negp = true;
1397 lval = -(unsigned long)val;
1398 } else {
1399 *negp = false;
1400 lval = (unsigned long)val;
1401 }
1402 *lvalp = jiffies_to_clock_t(lval);
1403 }
1404 return 0;
1405 }
1406
1407 static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
1408 int *valp,
1409 int write, void *data)
1410 {
1411 if (write) {
1412 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
1413
1414 if (jif > INT_MAX)
1415 return 1;
1416 *valp = (int)jif;
1417 } else {
1418 int val = *valp;
1419 unsigned long lval;
1420 if (val < 0) {
1421 *negp = true;
1422 lval = -(unsigned long)val;
1423 } else {
1424 *negp = false;
1425 lval = (unsigned long)val;
1426 }
1427 *lvalp = jiffies_to_msecs(lval);
1428 }
1429 return 0;
1430 }
1431
1432 /**
1433 * proc_dointvec_jiffies - read a vector of integers as seconds
1434 * @table: the sysctl table
1435 * @write: %TRUE if this is a write to the sysctl file
1436 * @buffer: the user buffer
1437 * @lenp: the size of the user buffer
1438 * @ppos: file position
1439 *
1440 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1441 * values from/to the user buffer, treated as an ASCII string.
1442 * The values read are assumed to be in seconds, and are converted into
1443 * jiffies.
1444 *
1445 * Returns 0 on success.
1446 */
1447 int proc_dointvec_jiffies(struct ctl_table *table, int write,
1448 void *buffer, size_t *lenp, loff_t *ppos)
1449 {
1450 return do_proc_dointvec(table,write,buffer,lenp,ppos,
1451 do_proc_dointvec_jiffies_conv,NULL);
1452 }
1453
1454 /**
1455 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds
1456 * @table: the sysctl table
1457 * @write: %TRUE if this is a write to the sysctl file
1458 * @buffer: the user buffer
1459 * @lenp: the size of the user buffer
1460 * @ppos: pointer to the file position
1461 *
1462 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1463 * values from/to the user buffer, treated as an ASCII string.
1464 * The values read are assumed to be in 1/USER_HZ seconds, and
1465 * are converted into jiffies.
1466 *
1467 * Returns 0 on success.
1468 */
1469 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
1470 void *buffer, size_t *lenp, loff_t *ppos)
1471 {
1472 return do_proc_dointvec(table,write,buffer,lenp,ppos,
1473 do_proc_dointvec_userhz_jiffies_conv,NULL);
1474 }
1475
1476 /**
1477 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds
1478 * @table: the sysctl table
1479 * @write: %TRUE if this is a write to the sysctl file
1480 * @buffer: the user buffer
1481 * @lenp: the size of the user buffer
1482 * @ppos: file position
1483 * @ppos: the current position in the file
1484 *
1485 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
1486 * values from/to the user buffer, treated as an ASCII string.
1487 * The values read are assumed to be in 1/1000 seconds, and
1488 * are converted into jiffies.
1489 *
1490 * Returns 0 on success.
1491 */
1492 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, void *buffer,
1493 size_t *lenp, loff_t *ppos)
1494 {
1495 return do_proc_dointvec(table, write, buffer, lenp, ppos,
1496 do_proc_dointvec_ms_jiffies_conv, NULL);
1497 }
1498
1499 static int proc_do_cad_pid(struct ctl_table *table, int write, void *buffer,
1500 size_t *lenp, loff_t *ppos)
1501 {
1502 struct pid *new_pid;
1503 pid_t tmp;
1504 int r;
1505
1506 tmp = pid_vnr(cad_pid);
1507
1508 r = __do_proc_dointvec(&tmp, table, write, buffer,
1509 lenp, ppos, NULL, NULL);
1510 if (r || !write)
1511 return r;
1512
1513 new_pid = find_get_pid(tmp);
1514 if (!new_pid)
1515 return -ESRCH;
1516
1517 put_pid(xchg(&cad_pid, new_pid));
1518 return 0;
1519 }
1520
1521 /**
1522 * proc_do_large_bitmap - read/write from/to a large bitmap
1523 * @table: the sysctl table
1524 * @write: %TRUE if this is a write to the sysctl file
1525 * @buffer: the user buffer
1526 * @lenp: the size of the user buffer
1527 * @ppos: file position
1528 *
1529 * The bitmap is stored at table->data and the bitmap length (in bits)
1530 * in table->maxlen.
1531 *
1532 * We use a range comma separated format (e.g. 1,3-4,10-10) so that
1533 * large bitmaps may be represented in a compact manner. Writing into
1534 * the file will clear the bitmap then update it with the given input.
1535 *
1536 * Returns 0 on success.
1537 */
1538 int proc_do_large_bitmap(struct ctl_table *table, int write,
1539 void *buffer, size_t *lenp, loff_t *ppos)
1540 {
1541 int err = 0;
1542 size_t left = *lenp;
1543 unsigned long bitmap_len = table->maxlen;
1544 unsigned long *bitmap = *(unsigned long **) table->data;
1545 unsigned long *tmp_bitmap = NULL;
1546 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
1547
1548 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) {
1549 *lenp = 0;
1550 return 0;
1551 }
1552
1553 if (write) {
1554 char *p = buffer;
1555 size_t skipped = 0;
1556
1557 if (left > PAGE_SIZE - 1) {
1558 left = PAGE_SIZE - 1;
1559 /* How much of the buffer we'll skip this pass */
1560 skipped = *lenp - left;
1561 }
1562
1563 tmp_bitmap = bitmap_zalloc(bitmap_len, GFP_KERNEL);
1564 if (!tmp_bitmap)
1565 return -ENOMEM;
1566 proc_skip_char(&p, &left, '\n');
1567 while (!err && left) {
1568 unsigned long val_a, val_b;
1569 bool neg;
1570 size_t saved_left;
1571
1572 /* In case we stop parsing mid-number, we can reset */
1573 saved_left = left;
1574 err = proc_get_long(&p, &left, &val_a, &neg, tr_a,
1575 sizeof(tr_a), &c);
1576 /*
1577 * If we consumed the entirety of a truncated buffer or
1578 * only one char is left (may be a "-"), then stop here,
1579 * reset, & come back for more.
1580 */
1581 if ((left <= 1) && skipped) {
1582 left = saved_left;
1583 break;
1584 }
1585
1586 if (err)
1587 break;
1588 if (val_a >= bitmap_len || neg) {
1589 err = -EINVAL;
1590 break;
1591 }
1592
1593 val_b = val_a;
1594 if (left) {
1595 p++;
1596 left--;
1597 }
1598
1599 if (c == '-') {
1600 err = proc_get_long(&p, &left, &val_b,
1601 &neg, tr_b, sizeof(tr_b),
1602 &c);
1603 /*
1604 * If we consumed all of a truncated buffer or
1605 * then stop here, reset, & come back for more.
1606 */
1607 if (!left && skipped) {
1608 left = saved_left;
1609 break;
1610 }
1611
1612 if (err)
1613 break;
1614 if (val_b >= bitmap_len || neg ||
1615 val_a > val_b) {
1616 err = -EINVAL;
1617 break;
1618 }
1619 if (left) {
1620 p++;
1621 left--;
1622 }
1623 }
1624
1625 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1);
1626 proc_skip_char(&p, &left, '\n');
1627 }
1628 left += skipped;
1629 } else {
1630 unsigned long bit_a, bit_b = 0;
1631 bool first = 1;
1632
1633 while (left) {
1634 bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
1635 if (bit_a >= bitmap_len)
1636 break;
1637 bit_b = find_next_zero_bit(bitmap, bitmap_len,
1638 bit_a + 1) - 1;
1639
1640 if (!first)
1641 proc_put_char(&buffer, &left, ',');
1642 proc_put_long(&buffer, &left, bit_a, false);
1643 if (bit_a != bit_b) {
1644 proc_put_char(&buffer, &left, '-');
1645 proc_put_long(&buffer, &left, bit_b, false);
1646 }
1647
1648 first = 0; bit_b++;
1649 }
1650 proc_put_char(&buffer, &left, '\n');
1651 }
1652
1653 if (!err) {
1654 if (write) {
1655 if (*ppos)
1656 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
1657 else
1658 bitmap_copy(bitmap, tmp_bitmap, bitmap_len);
1659 }
1660 *lenp -= left;
1661 *ppos += *lenp;
1662 }
1663
1664 bitmap_free(tmp_bitmap);
1665 return err;
1666 }
1667
1668 #else /* CONFIG_PROC_SYSCTL */
1669
1670 int proc_dostring(struct ctl_table *table, int write,
1671 void *buffer, size_t *lenp, loff_t *ppos)
1672 {
1673 return -ENOSYS;
1674 }
1675
1676 int proc_dobool(struct ctl_table *table, int write,
1677 void *buffer, size_t *lenp, loff_t *ppos)
1678 {
1679 return -ENOSYS;
1680 }
1681
1682 int proc_dointvec(struct ctl_table *table, int write,
1683 void *buffer, size_t *lenp, loff_t *ppos)
1684 {
1685 return -ENOSYS;
1686 }
1687
1688 int proc_douintvec(struct ctl_table *table, int write,
1689 void *buffer, size_t *lenp, loff_t *ppos)
1690 {
1691 return -ENOSYS;
1692 }
1693
1694 int proc_dointvec_minmax(struct ctl_table *table, int write,
1695 void *buffer, size_t *lenp, loff_t *ppos)
1696 {
1697 return -ENOSYS;
1698 }
1699
1700 int proc_douintvec_minmax(struct ctl_table *table, int write,
1701 void *buffer, size_t *lenp, loff_t *ppos)
1702 {
1703 return -ENOSYS;
1704 }
1705
1706 int proc_dou8vec_minmax(struct ctl_table *table, int write,
1707 void *buffer, size_t *lenp, loff_t *ppos)
1708 {
1709 return -ENOSYS;
1710 }
1711
1712 int proc_dointvec_jiffies(struct ctl_table *table, int write,
1713 void *buffer, size_t *lenp, loff_t *ppos)
1714 {
1715 return -ENOSYS;
1716 }
1717
1718 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
1719 void *buffer, size_t *lenp, loff_t *ppos)
1720 {
1721 return -ENOSYS;
1722 }
1723
1724 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
1725 void *buffer, size_t *lenp, loff_t *ppos)
1726 {
1727 return -ENOSYS;
1728 }
1729
1730 int proc_doulongvec_minmax(struct ctl_table *table, int write,
1731 void *buffer, size_t *lenp, loff_t *ppos)
1732 {
1733 return -ENOSYS;
1734 }
1735
1736 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
1737 void *buffer, size_t *lenp, loff_t *ppos)
1738 {
1739 return -ENOSYS;
1740 }
1741
1742 int proc_do_large_bitmap(struct ctl_table *table, int write,
1743 void *buffer, size_t *lenp, loff_t *ppos)
1744 {
1745 return -ENOSYS;
1746 }
1747
1748 #endif /* CONFIG_PROC_SYSCTL */
1749
1750 #if defined(CONFIG_SYSCTL)
1751 int proc_do_static_key(struct ctl_table *table, int write,
1752 void *buffer, size_t *lenp, loff_t *ppos)
1753 {
1754 struct static_key *key = (struct static_key *)table->data;
1755 static DEFINE_MUTEX(static_key_mutex);
1756 int val, ret;
1757 struct ctl_table tmp = {
1758 .data = &val,
1759 .maxlen = sizeof(val),
1760 .mode = table->mode,
1761 .extra1 = SYSCTL_ZERO,
1762 .extra2 = SYSCTL_ONE,
1763 };
1764
1765 if (write && !capable(CAP_SYS_ADMIN))
1766 return -EPERM;
1767
1768 mutex_lock(&static_key_mutex);
1769 val = static_key_enabled(key);
1770 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
1771 if (write && !ret) {
1772 if (val)
1773 static_key_enable(key);
1774 else
1775 static_key_disable(key);
1776 }
1777 mutex_unlock(&static_key_mutex);
1778 return ret;
1779 }
1780
1781 static struct ctl_table kern_table[] = {
1782 {
1783 .procname = "sched_child_runs_first",
1784 .data = &sysctl_sched_child_runs_first,
1785 .maxlen = sizeof(unsigned int),
1786 .mode = 0644,
1787 .proc_handler = proc_dointvec,
1788 },
1789 #ifdef CONFIG_SCHEDSTATS
1790 {
1791 .procname = "sched_schedstats",
1792 .data = NULL,
1793 .maxlen = sizeof(unsigned int),
1794 .mode = 0644,
1795 .proc_handler = sysctl_schedstats,
1796 .extra1 = SYSCTL_ZERO,
1797 .extra2 = SYSCTL_ONE,
1798 },
1799 #endif /* CONFIG_SCHEDSTATS */
1800 #ifdef CONFIG_TASK_DELAY_ACCT
1801 {
1802 .procname = "task_delayacct",
1803 .data = NULL,
1804 .maxlen = sizeof(unsigned int),
1805 .mode = 0644,
1806 .proc_handler = sysctl_delayacct,
1807 .extra1 = SYSCTL_ZERO,
1808 .extra2 = SYSCTL_ONE,
1809 },
1810 #endif /* CONFIG_TASK_DELAY_ACCT */
1811 #ifdef CONFIG_NUMA_BALANCING
1812 {
1813 .procname = "numa_balancing",
1814 .data = NULL, /* filled in by handler */
1815 .maxlen = sizeof(unsigned int),
1816 .mode = 0644,
1817 .proc_handler = sysctl_numa_balancing,
1818 .extra1 = SYSCTL_ZERO,
1819 .extra2 = SYSCTL_ONE,
1820 },
1821 #endif /* CONFIG_NUMA_BALANCING */
1822 {
1823 .procname = "sched_rt_period_us",
1824 .data = &sysctl_sched_rt_period,
1825 .maxlen = sizeof(unsigned int),
1826 .mode = 0644,
1827 .proc_handler = sched_rt_handler,
1828 },
1829 {
1830 .procname = "sched_rt_runtime_us",
1831 .data = &sysctl_sched_rt_runtime,
1832 .maxlen = sizeof(int),
1833 .mode = 0644,
1834 .proc_handler = sched_rt_handler,
1835 },
1836 {
1837 .procname = "sched_deadline_period_max_us",
1838 .data = &sysctl_sched_dl_period_max,
1839 .maxlen = sizeof(unsigned int),
1840 .mode = 0644,
1841 .proc_handler = proc_dointvec,
1842 },
1843 {
1844 .procname = "sched_deadline_period_min_us",
1845 .data = &sysctl_sched_dl_period_min,
1846 .maxlen = sizeof(unsigned int),
1847 .mode = 0644,
1848 .proc_handler = proc_dointvec,
1849 },
1850 {
1851 .procname = "sched_rr_timeslice_ms",
1852 .data = &sysctl_sched_rr_timeslice,
1853 .maxlen = sizeof(int),
1854 .mode = 0644,
1855 .proc_handler = sched_rr_handler,
1856 },
1857 #ifdef CONFIG_UCLAMP_TASK
1858 {
1859 .procname = "sched_util_clamp_min",
1860 .data = &sysctl_sched_uclamp_util_min,
1861 .maxlen = sizeof(unsigned int),
1862 .mode = 0644,
1863 .proc_handler = sysctl_sched_uclamp_handler,
1864 },
1865 {
1866 .procname = "sched_util_clamp_max",
1867 .data = &sysctl_sched_uclamp_util_max,
1868 .maxlen = sizeof(unsigned int),
1869 .mode = 0644,
1870 .proc_handler = sysctl_sched_uclamp_handler,
1871 },
1872 {
1873 .procname = "sched_util_clamp_min_rt_default",
1874 .data = &sysctl_sched_uclamp_util_min_rt_default,
1875 .maxlen = sizeof(unsigned int),
1876 .mode = 0644,
1877 .proc_handler = sysctl_sched_uclamp_handler,
1878 },
1879 #endif
1880 #ifdef CONFIG_SCHED_AUTOGROUP
1881 {
1882 .procname = "sched_autogroup_enabled",
1883 .data = &sysctl_sched_autogroup_enabled,
1884 .maxlen = sizeof(unsigned int),
1885 .mode = 0644,
1886 .proc_handler = proc_dointvec_minmax,
1887 .extra1 = SYSCTL_ZERO,
1888 .extra2 = SYSCTL_ONE,
1889 },
1890 #endif
1891 #ifdef CONFIG_CFS_BANDWIDTH
1892 {
1893 .procname = "sched_cfs_bandwidth_slice_us",
1894 .data = &sysctl_sched_cfs_bandwidth_slice,
1895 .maxlen = sizeof(unsigned int),
1896 .mode = 0644,
1897 .proc_handler = proc_dointvec_minmax,
1898 .extra1 = SYSCTL_ONE,
1899 },
1900 #endif
1901 #if defined(CONFIG_ENERGY_MODEL) && defined(CONFIG_CPU_FREQ_GOV_SCHEDUTIL)
1902 {
1903 .procname = "sched_energy_aware",
1904 .data = &sysctl_sched_energy_aware,
1905 .maxlen = sizeof(unsigned int),
1906 .mode = 0644,
1907 .proc_handler = sched_energy_aware_handler,
1908 .extra1 = SYSCTL_ZERO,
1909 .extra2 = SYSCTL_ONE,
1910 },
1911 #endif
1912 #ifdef CONFIG_PROVE_LOCKING
1913 {
1914 .procname = "prove_locking",
1915 .data = &prove_locking,
1916 .maxlen = sizeof(int),
1917 .mode = 0644,
1918 .proc_handler = proc_dointvec,
1919 },
1920 #endif
1921 #ifdef CONFIG_LOCK_STAT
1922 {
1923 .procname = "lock_stat",
1924 .data = &lock_stat,
1925 .maxlen = sizeof(int),
1926 .mode = 0644,
1927 .proc_handler = proc_dointvec,
1928 },
1929 #endif
1930 {
1931 .procname = "panic",
1932 .data = &panic_timeout,
1933 .maxlen = sizeof(int),
1934 .mode = 0644,
1935 .proc_handler = proc_dointvec,
1936 },
1937 #ifdef CONFIG_COREDUMP
1938 {
1939 .procname = "core_uses_pid",
1940 .data = &core_uses_pid,
1941 .maxlen = sizeof(int),
1942 .mode = 0644,
1943 .proc_handler = proc_dointvec,
1944 },
1945 {
1946 .procname = "core_pattern",
1947 .data = core_pattern,
1948 .maxlen = CORENAME_MAX_SIZE,
1949 .mode = 0644,
1950 .proc_handler = proc_dostring_coredump,
1951 },
1952 {
1953 .procname = "core_pipe_limit",
1954 .data = &core_pipe_limit,
1955 .maxlen = sizeof(unsigned int),
1956 .mode = 0644,
1957 .proc_handler = proc_dointvec,
1958 },
1959 #endif
1960 #ifdef CONFIG_USER_NS
1961 {
1962 .procname = "unprivileged_userns_clone",
1963 .data = &unprivileged_userns_clone,
1964 .maxlen = sizeof(int),
1965 .mode = 0644,
1966 .proc_handler = proc_dointvec,
1967 },
1968 #endif
1969 #ifdef CONFIG_PROC_SYSCTL
1970 {
1971 .procname = "tainted",
1972 .maxlen = sizeof(long),
1973 .mode = 0644,
1974 .proc_handler = proc_taint,
1975 },
1976 {
1977 .procname = "sysctl_writes_strict",
1978 .data = &sysctl_writes_strict,
1979 .maxlen = sizeof(int),
1980 .mode = 0644,
1981 .proc_handler = proc_dointvec_minmax,
1982 .extra1 = &neg_one,
1983 .extra2 = SYSCTL_ONE,
1984 },
1985 #endif
1986 #ifdef CONFIG_LATENCYTOP
1987 {
1988 .procname = "latencytop",
1989 .data = &latencytop_enabled,
1990 .maxlen = sizeof(int),
1991 .mode = 0644,
1992 .proc_handler = sysctl_latencytop,
1993 },
1994 #endif
1995 #ifdef CONFIG_BLK_DEV_INITRD
1996 {
1997 .procname = "real-root-dev",
1998 .data = &real_root_dev,
1999 .maxlen = sizeof(int),
2000 .mode = 0644,
2001 .proc_handler = proc_dointvec,
2002 },
2003 #endif
2004 {
2005 .procname = "print-fatal-signals",
2006 .data = &print_fatal_signals,
2007 .maxlen = sizeof(int),
2008 .mode = 0644,
2009 .proc_handler = proc_dointvec,
2010 },
2011 #ifdef CONFIG_SPARC
2012 {
2013 .procname = "reboot-cmd",
2014 .data = reboot_command,
2015 .maxlen = 256,
2016 .mode = 0644,
2017 .proc_handler = proc_dostring,
2018 },
2019 {
2020 .procname = "stop-a",
2021 .data = &stop_a_enabled,
2022 .maxlen = sizeof (int),
2023 .mode = 0644,
2024 .proc_handler = proc_dointvec,
2025 },
2026 {
2027 .procname = "scons-poweroff",
2028 .data = &scons_pwroff,
2029 .maxlen = sizeof (int),
2030 .mode = 0644,
2031 .proc_handler = proc_dointvec,
2032 },
2033 #endif
2034 #ifdef CONFIG_SPARC64
2035 {
2036 .procname = "tsb-ratio",
2037 .data = &sysctl_tsb_ratio,
2038 .maxlen = sizeof (int),
2039 .mode = 0644,
2040 .proc_handler = proc_dointvec,
2041 },
2042 #endif
2043 #ifdef CONFIG_PARISC
2044 {
2045 .procname = "soft-power",
2046 .data = &pwrsw_enabled,
2047 .maxlen = sizeof (int),
2048 .mode = 0644,
2049 .proc_handler = proc_dointvec,
2050 },
2051 #endif
2052 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
2053 {
2054 .procname = "unaligned-trap",
2055 .data = &unaligned_enabled,
2056 .maxlen = sizeof (int),
2057 .mode = 0644,
2058 .proc_handler = proc_dointvec,
2059 },
2060 #endif
2061 {
2062 .procname = "ctrl-alt-del",
2063 .data = &C_A_D,
2064 .maxlen = sizeof(int),
2065 .mode = 0644,
2066 .proc_handler = proc_dointvec,
2067 },
2068 #ifdef CONFIG_FUNCTION_TRACER
2069 {
2070 .procname = "ftrace_enabled",
2071 .data = &ftrace_enabled,
2072 .maxlen = sizeof(int),
2073 .mode = 0644,
2074 .proc_handler = ftrace_enable_sysctl,
2075 },
2076 #endif
2077 #ifdef CONFIG_STACK_TRACER
2078 {
2079 .procname = "stack_tracer_enabled",
2080 .data = &stack_tracer_enabled,
2081 .maxlen = sizeof(int),
2082 .mode = 0644,
2083 .proc_handler = stack_trace_sysctl,
2084 },
2085 #endif
2086 #ifdef CONFIG_TRACING
2087 {
2088 .procname = "ftrace_dump_on_oops",
2089 .data = &ftrace_dump_on_oops,
2090 .maxlen = sizeof(int),
2091 .mode = 0644,
2092 .proc_handler = proc_dointvec,
2093 },
2094 {
2095 .procname = "traceoff_on_warning",
2096 .data = &__disable_trace_on_warning,
2097 .maxlen = sizeof(__disable_trace_on_warning),
2098 .mode = 0644,
2099 .proc_handler = proc_dointvec,
2100 },
2101 {
2102 .procname = "tracepoint_printk",
2103 .data = &tracepoint_printk,
2104 .maxlen = sizeof(tracepoint_printk),
2105 .mode = 0644,
2106 .proc_handler = tracepoint_printk_sysctl,
2107 },
2108 #endif
2109 #ifdef CONFIG_KEXEC_CORE
2110 {
2111 .procname = "kexec_load_disabled",
2112 .data = &kexec_load_disabled,
2113 .maxlen = sizeof(int),
2114 .mode = 0644,
2115 /* only handle a transition from default "0" to "1" */
2116 .proc_handler = proc_dointvec_minmax,
2117 .extra1 = SYSCTL_ONE,
2118 .extra2 = SYSCTL_ONE,
2119 },
2120 #endif
2121 #ifdef CONFIG_MODULES
2122 {
2123 .procname = "modprobe",
2124 .data = &modprobe_path,
2125 .maxlen = KMOD_PATH_LEN,
2126 .mode = 0644,
2127 .proc_handler = proc_dostring,
2128 },
2129 {
2130 .procname = "modules_disabled",
2131 .data = &modules_disabled,
2132 .maxlen = sizeof(int),
2133 .mode = 0644,
2134 /* only handle a transition from default "0" to "1" */
2135 .proc_handler = proc_dointvec_minmax,
2136 .extra1 = SYSCTL_ONE,
2137 .extra2 = SYSCTL_ONE,
2138 },
2139 #endif
2140 #ifdef CONFIG_UEVENT_HELPER
2141 {
2142 .procname = "hotplug",
2143 .data = &uevent_helper,
2144 .maxlen = UEVENT_HELPER_PATH_LEN,
2145 .mode = 0644,
2146 .proc_handler = proc_dostring,
2147 },
2148 #endif
2149 #ifdef CONFIG_CHR_DEV_SG
2150 {
2151 .procname = "sg-big-buff",
2152 .data = &sg_big_buff,
2153 .maxlen = sizeof (int),
2154 .mode = 0444,
2155 .proc_handler = proc_dointvec,
2156 },
2157 #endif
2158 #ifdef CONFIG_BSD_PROCESS_ACCT
2159 {
2160 .procname = "acct",
2161 .data = &acct_parm,
2162 .maxlen = 3*sizeof(int),
2163 .mode = 0644,
2164 .proc_handler = proc_dointvec,
2165 },
2166 #endif
2167 #ifdef CONFIG_MAGIC_SYSRQ
2168 {
2169 .procname = "sysrq",
2170 .data = NULL,
2171 .maxlen = sizeof (int),
2172 .mode = 0644,
2173 .proc_handler = sysrq_sysctl_handler,
2174 },
2175 #endif
2176 #ifdef CONFIG_PROC_SYSCTL
2177 {
2178 .procname = "cad_pid",
2179 .data = NULL,
2180 .maxlen = sizeof (int),
2181 .mode = 0600,
2182 .proc_handler = proc_do_cad_pid,
2183 },
2184 #endif
2185 {
2186 .procname = "threads-max",
2187 .data = NULL,
2188 .maxlen = sizeof(int),
2189 .mode = 0644,
2190 .proc_handler = sysctl_max_threads,
2191 },
2192 {
2193 .procname = "random",
2194 .mode = 0555,
2195 .child = random_table,
2196 },
2197 {
2198 .procname = "usermodehelper",
2199 .mode = 0555,
2200 .child = usermodehelper_table,
2201 },
2202 #ifdef CONFIG_FW_LOADER_USER_HELPER
2203 {
2204 .procname = "firmware_config",
2205 .mode = 0555,
2206 .child = firmware_config_table,
2207 },
2208 #endif
2209 {
2210 .procname = "overflowuid",
2211 .data = &overflowuid,
2212 .maxlen = sizeof(int),
2213 .mode = 0644,
2214 .proc_handler = proc_dointvec_minmax,
2215 .extra1 = &minolduid,
2216 .extra2 = &maxolduid,
2217 },
2218 {
2219 .procname = "overflowgid",
2220 .data = &overflowgid,
2221 .maxlen = sizeof(int),
2222 .mode = 0644,
2223 .proc_handler = proc_dointvec_minmax,
2224 .extra1 = &minolduid,
2225 .extra2 = &maxolduid,
2226 },
2227 #ifdef CONFIG_S390
2228 {
2229 .procname = "userprocess_debug",
2230 .data = &show_unhandled_signals,
2231 .maxlen = sizeof(int),
2232 .mode = 0644,
2233 .proc_handler = proc_dointvec,
2234 },
2235 #endif
2236 #ifdef CONFIG_SMP
2237 {
2238 .procname = "oops_all_cpu_backtrace",
2239 .data = &sysctl_oops_all_cpu_backtrace,
2240 .maxlen = sizeof(int),
2241 .mode = 0644,
2242 .proc_handler = proc_dointvec_minmax,
2243 .extra1 = SYSCTL_ZERO,
2244 .extra2 = SYSCTL_ONE,
2245 },
2246 #endif /* CONFIG_SMP */
2247 {
2248 .procname = "pid_max",
2249 .data = &pid_max,
2250 .maxlen = sizeof (int),
2251 .mode = 0644,
2252 .proc_handler = proc_dointvec_minmax,
2253 .extra1 = &pid_max_min,
2254 .extra2 = &pid_max_max,
2255 },
2256 {
2257 .procname = "panic_on_oops",
2258 .data = &panic_on_oops,
2259 .maxlen = sizeof(int),
2260 .mode = 0644,
2261 .proc_handler = proc_dointvec,
2262 },
2263 {
2264 .procname = "panic_print",
2265 .data = &panic_print,
2266 .maxlen = sizeof(unsigned long),
2267 .mode = 0644,
2268 .proc_handler = proc_doulongvec_minmax,
2269 },
2270 #if defined CONFIG_PRINTK
2271 {
2272 .procname = "printk",
2273 .data = &console_loglevel,
2274 .maxlen = 4*sizeof(int),
2275 .mode = 0644,
2276 .proc_handler = proc_dointvec,
2277 },
2278 {
2279 .procname = "printk_ratelimit",
2280 .data = &printk_ratelimit_state.interval,
2281 .maxlen = sizeof(int),
2282 .mode = 0644,
2283 .proc_handler = proc_dointvec_jiffies,
2284 },
2285 {
2286 .procname = "printk_ratelimit_burst",
2287 .data = &printk_ratelimit_state.burst,
2288 .maxlen = sizeof(int),
2289 .mode = 0644,
2290 .proc_handler = proc_dointvec,
2291 },
2292 {
2293 .procname = "printk_delay",
2294 .data = &printk_delay_msec,
2295 .maxlen = sizeof(int),
2296 .mode = 0644,
2297 .proc_handler = proc_dointvec_minmax,
2298 .extra1 = SYSCTL_ZERO,
2299 .extra2 = &ten_thousand,
2300 },
2301 {
2302 .procname = "printk_devkmsg",
2303 .data = devkmsg_log_str,
2304 .maxlen = DEVKMSG_STR_MAX_SIZE,
2305 .mode = 0644,
2306 .proc_handler = devkmsg_sysctl_set_loglvl,
2307 },
2308 {
2309 .procname = "dmesg_restrict",
2310 .data = &dmesg_restrict,
2311 .maxlen = sizeof(int),
2312 .mode = 0644,
2313 .proc_handler = proc_dointvec_minmax_sysadmin,
2314 .extra1 = SYSCTL_ZERO,
2315 .extra2 = SYSCTL_ONE,
2316 },
2317 {
2318 .procname = "kptr_restrict",
2319 .data = &kptr_restrict,
2320 .maxlen = sizeof(int),
2321 .mode = 0644,
2322 .proc_handler = proc_dointvec_minmax_sysadmin,
2323 .extra1 = SYSCTL_ZERO,
2324 .extra2 = &two,
2325 },
2326 #endif
2327 {
2328 .procname = "ngroups_max",
2329 .data = &ngroups_max,
2330 .maxlen = sizeof (int),
2331 .mode = 0444,
2332 .proc_handler = proc_dointvec,
2333 },
2334 {
2335 .procname = "cap_last_cap",
2336 .data = (void *)&cap_last_cap,
2337 .maxlen = sizeof(int),
2338 .mode = 0444,
2339 .proc_handler = proc_dointvec,
2340 },
2341 #if defined(CONFIG_LOCKUP_DETECTOR)
2342 {
2343 .procname = "watchdog",
2344 .data = &watchdog_user_enabled,
2345 .maxlen = sizeof(int),
2346 .mode = 0644,
2347 .proc_handler = proc_watchdog,
2348 .extra1 = SYSCTL_ZERO,
2349 .extra2 = SYSCTL_ONE,
2350 },
2351 {
2352 .procname = "watchdog_thresh",
2353 .data = &watchdog_thresh,
2354 .maxlen = sizeof(int),
2355 .mode = 0644,
2356 .proc_handler = proc_watchdog_thresh,
2357 .extra1 = SYSCTL_ZERO,
2358 .extra2 = &sixty,
2359 },
2360 {
2361 .procname = "nmi_watchdog",
2362 .data = &nmi_watchdog_user_enabled,
2363 .maxlen = sizeof(int),
2364 .mode = NMI_WATCHDOG_SYSCTL_PERM,
2365 .proc_handler = proc_nmi_watchdog,
2366 .extra1 = SYSCTL_ZERO,
2367 .extra2 = SYSCTL_ONE,
2368 },
2369 {
2370 .procname = "watchdog_cpumask",
2371 .data = &watchdog_cpumask_bits,
2372 .maxlen = NR_CPUS,
2373 .mode = 0644,
2374 .proc_handler = proc_watchdog_cpumask,
2375 },
2376 #ifdef CONFIG_SOFTLOCKUP_DETECTOR
2377 {
2378 .procname = "soft_watchdog",
2379 .data = &soft_watchdog_user_enabled,
2380 .maxlen = sizeof(int),
2381 .mode = 0644,
2382 .proc_handler = proc_soft_watchdog,
2383 .extra1 = SYSCTL_ZERO,
2384 .extra2 = SYSCTL_ONE,
2385 },
2386 {
2387 .procname = "softlockup_panic",
2388 .data = &softlockup_panic,
2389 .maxlen = sizeof(int),
2390 .mode = 0644,
2391 .proc_handler = proc_dointvec_minmax,
2392 .extra1 = SYSCTL_ZERO,
2393 .extra2 = SYSCTL_ONE,
2394 },
2395 #ifdef CONFIG_SMP
2396 {
2397 .procname = "softlockup_all_cpu_backtrace",
2398 .data = &sysctl_softlockup_all_cpu_backtrace,
2399 .maxlen = sizeof(int),
2400 .mode = 0644,
2401 .proc_handler = proc_dointvec_minmax,
2402 .extra1 = SYSCTL_ZERO,
2403 .extra2 = SYSCTL_ONE,
2404 },
2405 #endif /* CONFIG_SMP */
2406 #endif
2407 #ifdef CONFIG_HARDLOCKUP_DETECTOR
2408 {
2409 .procname = "hardlockup_panic",
2410 .data = &hardlockup_panic,
2411 .maxlen = sizeof(int),
2412 .mode = 0644,
2413 .proc_handler = proc_dointvec_minmax,
2414 .extra1 = SYSCTL_ZERO,
2415 .extra2 = SYSCTL_ONE,
2416 },
2417 #ifdef CONFIG_SMP
2418 {
2419 .procname = "hardlockup_all_cpu_backtrace",
2420 .data = &sysctl_hardlockup_all_cpu_backtrace,
2421 .maxlen = sizeof(int),
2422 .mode = 0644,
2423 .proc_handler = proc_dointvec_minmax,
2424 .extra1 = SYSCTL_ZERO,
2425 .extra2 = SYSCTL_ONE,
2426 },
2427 #endif /* CONFIG_SMP */
2428 #endif
2429 #endif
2430
2431 #if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
2432 {
2433 .procname = "unknown_nmi_panic",
2434 .data = &unknown_nmi_panic,
2435 .maxlen = sizeof (int),
2436 .mode = 0644,
2437 .proc_handler = proc_dointvec,
2438 },
2439 #endif
2440
2441 #if (defined(CONFIG_X86_32) || defined(CONFIG_PARISC)) && \
2442 defined(CONFIG_DEBUG_STACKOVERFLOW)
2443 {
2444 .procname = "panic_on_stackoverflow",
2445 .data = &sysctl_panic_on_stackoverflow,
2446 .maxlen = sizeof(int),
2447 .mode = 0644,
2448 .proc_handler = proc_dointvec,
2449 },
2450 #endif
2451 #if defined(CONFIG_X86)
2452 {
2453 .procname = "panic_on_unrecovered_nmi",
2454 .data = &panic_on_unrecovered_nmi,
2455 .maxlen = sizeof(int),
2456 .mode = 0644,
2457 .proc_handler = proc_dointvec,
2458 },
2459 {
2460 .procname = "panic_on_io_nmi",
2461 .data = &panic_on_io_nmi,
2462 .maxlen = sizeof(int),
2463 .mode = 0644,
2464 .proc_handler = proc_dointvec,
2465 },
2466 {
2467 .procname = "bootloader_type",
2468 .data = &bootloader_type,
2469 .maxlen = sizeof (int),
2470 .mode = 0444,
2471 .proc_handler = proc_dointvec,
2472 },
2473 {
2474 .procname = "bootloader_version",
2475 .data = &bootloader_version,
2476 .maxlen = sizeof (int),
2477 .mode = 0444,
2478 .proc_handler = proc_dointvec,
2479 },
2480 {
2481 .procname = "io_delay_type",
2482 .data = &io_delay_type,
2483 .maxlen = sizeof(int),
2484 .mode = 0644,
2485 .proc_handler = proc_dointvec,
2486 },
2487 #endif
2488 #if defined(CONFIG_MMU)
2489 {
2490 .procname = "randomize_va_space",
2491 .data = &randomize_va_space,
2492 .maxlen = sizeof(int),
2493 .mode = 0644,
2494 .proc_handler = proc_dointvec,
2495 },
2496 #endif
2497 #if defined(CONFIG_S390) && defined(CONFIG_SMP)
2498 {
2499 .procname = "spin_retry",
2500 .data = &spin_retry,
2501 .maxlen = sizeof (int),
2502 .mode = 0644,
2503 .proc_handler = proc_dointvec,
2504 },
2505 #endif
2506 #if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86)
2507 {
2508 .procname = "acpi_video_flags",
2509 .data = &acpi_realmode_flags,
2510 .maxlen = sizeof (unsigned long),
2511 .mode = 0644,
2512 .proc_handler = proc_doulongvec_minmax,
2513 },
2514 #endif
2515 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
2516 {
2517 .procname = "ignore-unaligned-usertrap",
2518 .data = &no_unaligned_warning,
2519 .maxlen = sizeof (int),
2520 .mode = 0644,
2521 .proc_handler = proc_dointvec,
2522 },
2523 #endif
2524 #ifdef CONFIG_IA64
2525 {
2526 .procname = "unaligned-dump-stack",
2527 .data = &unaligned_dump_stack,
2528 .maxlen = sizeof (int),
2529 .mode = 0644,
2530 .proc_handler = proc_dointvec,
2531 },
2532 #endif
2533 #ifdef CONFIG_DETECT_HUNG_TASK
2534 #ifdef CONFIG_SMP
2535 {
2536 .procname = "hung_task_all_cpu_backtrace",
2537 .data = &sysctl_hung_task_all_cpu_backtrace,
2538 .maxlen = sizeof(int),
2539 .mode = 0644,
2540 .proc_handler = proc_dointvec_minmax,
2541 .extra1 = SYSCTL_ZERO,
2542 .extra2 = SYSCTL_ONE,
2543 },
2544 #endif /* CONFIG_SMP */
2545 {
2546 .procname = "hung_task_panic",
2547 .data = &sysctl_hung_task_panic,
2548 .maxlen = sizeof(int),
2549 .mode = 0644,
2550 .proc_handler = proc_dointvec_minmax,
2551 .extra1 = SYSCTL_ZERO,
2552 .extra2 = SYSCTL_ONE,
2553 },
2554 {
2555 .procname = "hung_task_check_count",
2556 .data = &sysctl_hung_task_check_count,
2557 .maxlen = sizeof(int),
2558 .mode = 0644,
2559 .proc_handler = proc_dointvec_minmax,
2560 .extra1 = SYSCTL_ZERO,
2561 },
2562 {
2563 .procname = "hung_task_timeout_secs",
2564 .data = &sysctl_hung_task_timeout_secs,
2565 .maxlen = sizeof(unsigned long),
2566 .mode = 0644,
2567 .proc_handler = proc_dohung_task_timeout_secs,
2568 .extra2 = &hung_task_timeout_max,
2569 },
2570 {
2571 .procname = "hung_task_check_interval_secs",
2572 .data = &sysctl_hung_task_check_interval_secs,
2573 .maxlen = sizeof(unsigned long),
2574 .mode = 0644,
2575 .proc_handler = proc_dohung_task_timeout_secs,
2576 .extra2 = &hung_task_timeout_max,
2577 },
2578 {
2579 .procname = "hung_task_warnings",
2580 .data = &sysctl_hung_task_warnings,
2581 .maxlen = sizeof(int),
2582 .mode = 0644,
2583 .proc_handler = proc_dointvec_minmax,
2584 .extra1 = &neg_one,
2585 },
2586 #endif
2587 #ifdef CONFIG_RT_MUTEXES
2588 {
2589 .procname = "max_lock_depth",
2590 .data = &max_lock_depth,
2591 .maxlen = sizeof(int),
2592 .mode = 0644,
2593 .proc_handler = proc_dointvec,
2594 },
2595 #endif
2596 {
2597 .procname = "poweroff_cmd",
2598 .data = &poweroff_cmd,
2599 .maxlen = POWEROFF_CMD_PATH_LEN,
2600 .mode = 0644,
2601 .proc_handler = proc_dostring,
2602 },
2603 #ifdef CONFIG_KEYS
2604 {
2605 .procname = "keys",
2606 .mode = 0555,
2607 .child = key_sysctls,
2608 },
2609 #endif
2610 #ifdef CONFIG_PERF_EVENTS
2611 /*
2612 * User-space scripts rely on the existence of this file
2613 * as a feature check for perf_events being enabled.
2614 *
2615 * So it's an ABI, do not remove!
2616 */
2617 {
2618 .procname = "perf_event_paranoid",
2619 .data = &sysctl_perf_event_paranoid,
2620 .maxlen = sizeof(sysctl_perf_event_paranoid),
2621 .mode = 0644,
2622 .proc_handler = proc_dointvec,
2623 },
2624 {
2625 .procname = "perf_event_mlock_kb",
2626 .data = &sysctl_perf_event_mlock,
2627 .maxlen = sizeof(sysctl_perf_event_mlock),
2628 .mode = 0644,
2629 .proc_handler = proc_dointvec,
2630 },
2631 {
2632 .procname = "perf_event_max_sample_rate",
2633 .data = &sysctl_perf_event_sample_rate,
2634 .maxlen = sizeof(sysctl_perf_event_sample_rate),
2635 .mode = 0644,
2636 .proc_handler = perf_proc_update_handler,
2637 .extra1 = SYSCTL_ONE,
2638 },
2639 {
2640 .procname = "perf_cpu_time_max_percent",
2641 .data = &sysctl_perf_cpu_time_max_percent,
2642 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent),
2643 .mode = 0644,
2644 .proc_handler = perf_cpu_time_max_percent_handler,
2645 .extra1 = SYSCTL_ZERO,
2646 .extra2 = &one_hundred,
2647 },
2648 {
2649 .procname = "perf_event_max_stack",
2650 .data = &sysctl_perf_event_max_stack,
2651 .maxlen = sizeof(sysctl_perf_event_max_stack),
2652 .mode = 0644,
2653 .proc_handler = perf_event_max_stack_handler,
2654 .extra1 = SYSCTL_ZERO,
2655 .extra2 = &six_hundred_forty_kb,
2656 },
2657 {
2658 .procname = "perf_event_max_contexts_per_stack",
2659 .data = &sysctl_perf_event_max_contexts_per_stack,
2660 .maxlen = sizeof(sysctl_perf_event_max_contexts_per_stack),
2661 .mode = 0644,
2662 .proc_handler = perf_event_max_stack_handler,
2663 .extra1 = SYSCTL_ZERO,
2664 .extra2 = &one_thousand,
2665 },
2666 #endif
2667 {
2668 .procname = "panic_on_warn",
2669 .data = &panic_on_warn,
2670 .maxlen = sizeof(int),
2671 .mode = 0644,
2672 .proc_handler = proc_dointvec_minmax,
2673 .extra1 = SYSCTL_ZERO,
2674 .extra2 = SYSCTL_ONE,
2675 },
2676 #if defined(CONFIG_SMP) && defined(CONFIG_NO_HZ_COMMON)
2677 {
2678 .procname = "timer_migration",
2679 .data = &sysctl_timer_migration,
2680 .maxlen = sizeof(unsigned int),
2681 .mode = 0644,
2682 .proc_handler = timer_migration_handler,
2683 .extra1 = SYSCTL_ZERO,
2684 .extra2 = SYSCTL_ONE,
2685 },
2686 #endif
2687 #ifdef CONFIG_BPF_SYSCALL
2688 {
2689 .procname = "unprivileged_bpf_disabled",
2690 .data = &sysctl_unprivileged_bpf_disabled,
2691 .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
2692 .mode = 0644,
2693 .proc_handler = bpf_unpriv_handler,
2694 .extra1 = SYSCTL_ZERO,
2695 .extra2 = &two,
2696 },
2697 {
2698 .procname = "bpf_stats_enabled",
2699 .data = &bpf_stats_enabled_key.key,
2700 .maxlen = sizeof(bpf_stats_enabled_key),
2701 .mode = 0644,
2702 .proc_handler = bpf_stats_handler,
2703 },
2704 #endif
2705 #if defined(CONFIG_TREE_RCU)
2706 {
2707 .procname = "panic_on_rcu_stall",
2708 .data = &sysctl_panic_on_rcu_stall,
2709 .maxlen = sizeof(sysctl_panic_on_rcu_stall),
2710 .mode = 0644,
2711 .proc_handler = proc_dointvec_minmax,
2712 .extra1 = SYSCTL_ZERO,
2713 .extra2 = SYSCTL_ONE,
2714 },
2715 #endif
2716 #if defined(CONFIG_TREE_RCU)
2717 {
2718 .procname = "max_rcu_stall_to_panic",
2719 .data = &sysctl_max_rcu_stall_to_panic,
2720 .maxlen = sizeof(sysctl_max_rcu_stall_to_panic),
2721 .mode = 0644,
2722 .proc_handler = proc_dointvec_minmax,
2723 .extra1 = SYSCTL_ONE,
2724 .extra2 = SYSCTL_INT_MAX,
2725 },
2726 #endif
2727 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE
2728 {
2729 .procname = "stack_erasing",
2730 .data = NULL,
2731 .maxlen = sizeof(int),
2732 .mode = 0600,
2733 .proc_handler = stack_erasing_sysctl,
2734 .extra1 = SYSCTL_ZERO,
2735 .extra2 = SYSCTL_ONE,
2736 },
2737 #endif
2738 { }
2739 };
2740
2741 static struct ctl_table vm_table[] = {
2742 {
2743 .procname = "overcommit_memory",
2744 .data = &sysctl_overcommit_memory,
2745 .maxlen = sizeof(sysctl_overcommit_memory),
2746 .mode = 0644,
2747 .proc_handler = overcommit_policy_handler,
2748 .extra1 = SYSCTL_ZERO,
2749 .extra2 = &two,
2750 },
2751 {
2752 .procname = "panic_on_oom",
2753 .data = &sysctl_panic_on_oom,
2754 .maxlen = sizeof(sysctl_panic_on_oom),
2755 .mode = 0644,
2756 .proc_handler = proc_dointvec_minmax,
2757 .extra1 = SYSCTL_ZERO,
2758 .extra2 = &two,
2759 },
2760 {
2761 .procname = "oom_kill_allocating_task",
2762 .data = &sysctl_oom_kill_allocating_task,
2763 .maxlen = sizeof(sysctl_oom_kill_allocating_task),
2764 .mode = 0644,
2765 .proc_handler = proc_dointvec,
2766 },
2767 {
2768 .procname = "oom_dump_tasks",
2769 .data = &sysctl_oom_dump_tasks,
2770 .maxlen = sizeof(sysctl_oom_dump_tasks),
2771 .mode = 0644,
2772 .proc_handler = proc_dointvec,
2773 },
2774 {
2775 .procname = "overcommit_ratio",
2776 .data = &sysctl_overcommit_ratio,
2777 .maxlen = sizeof(sysctl_overcommit_ratio),
2778 .mode = 0644,
2779 .proc_handler = overcommit_ratio_handler,
2780 },
2781 {
2782 .procname = "overcommit_kbytes",
2783 .data = &sysctl_overcommit_kbytes,
2784 .maxlen = sizeof(sysctl_overcommit_kbytes),
2785 .mode = 0644,
2786 .proc_handler = overcommit_kbytes_handler,
2787 },
2788 {
2789 .procname = "page-cluster",
2790 .data = &page_cluster,
2791 .maxlen = sizeof(int),
2792 .mode = 0644,
2793 .proc_handler = proc_dointvec_minmax,
2794 .extra1 = SYSCTL_ZERO,
2795 },
2796 {
2797 .procname = "dirty_background_ratio",
2798 .data = &dirty_background_ratio,
2799 .maxlen = sizeof(dirty_background_ratio),
2800 .mode = 0644,
2801 .proc_handler = dirty_background_ratio_handler,
2802 .extra1 = SYSCTL_ZERO,
2803 .extra2 = &one_hundred,
2804 },
2805 {
2806 .procname = "dirty_background_bytes",
2807 .data = &dirty_background_bytes,
2808 .maxlen = sizeof(dirty_background_bytes),
2809 .mode = 0644,
2810 .proc_handler = dirty_background_bytes_handler,
2811 .extra1 = &one_ul,
2812 },
2813 {
2814 .procname = "dirty_ratio",
2815 .data = &vm_dirty_ratio,
2816 .maxlen = sizeof(vm_dirty_ratio),
2817 .mode = 0644,
2818 .proc_handler = dirty_ratio_handler,
2819 .extra1 = SYSCTL_ZERO,
2820 .extra2 = &one_hundred,
2821 },
2822 {
2823 .procname = "dirty_bytes",
2824 .data = &vm_dirty_bytes,
2825 .maxlen = sizeof(vm_dirty_bytes),
2826 .mode = 0644,
2827 .proc_handler = dirty_bytes_handler,
2828 .extra1 = &dirty_bytes_min,
2829 },
2830 {
2831 .procname = "dirty_writeback_centisecs",
2832 .data = &dirty_writeback_interval,
2833 .maxlen = sizeof(dirty_writeback_interval),
2834 .mode = 0644,
2835 .proc_handler = dirty_writeback_centisecs_handler,
2836 },
2837 {
2838 .procname = "dirty_expire_centisecs",
2839 .data = &dirty_expire_interval,
2840 .maxlen = sizeof(dirty_expire_interval),
2841 .mode = 0644,
2842 .proc_handler = proc_dointvec_minmax,
2843 .extra1 = SYSCTL_ZERO,
2844 },
2845 {
2846 .procname = "dirtytime_expire_seconds",
2847 .data = &dirtytime_expire_interval,
2848 .maxlen = sizeof(dirtytime_expire_interval),
2849 .mode = 0644,
2850 .proc_handler = dirtytime_interval_handler,
2851 .extra1 = SYSCTL_ZERO,
2852 },
2853 {
2854 .procname = "swappiness",
2855 .data = &vm_swappiness,
2856 .maxlen = sizeof(vm_swappiness),
2857 .mode = 0644,
2858 .proc_handler = proc_dointvec_minmax,
2859 .extra1 = SYSCTL_ZERO,
2860 .extra2 = &two_hundred,
2861 },
2862 #ifdef CONFIG_HUGETLB_PAGE
2863 {
2864 .procname = "nr_hugepages",
2865 .data = NULL,
2866 .maxlen = sizeof(unsigned long),
2867 .mode = 0644,
2868 .proc_handler = hugetlb_sysctl_handler,
2869 },
2870 #ifdef CONFIG_NUMA
2871 {
2872 .procname = "nr_hugepages_mempolicy",
2873 .data = NULL,
2874 .maxlen = sizeof(unsigned long),
2875 .mode = 0644,
2876 .proc_handler = &hugetlb_mempolicy_sysctl_handler,
2877 },
2878 {
2879 .procname = "numa_stat",
2880 .data = &sysctl_vm_numa_stat,
2881 .maxlen = sizeof(int),
2882 .mode = 0644,
2883 .proc_handler = sysctl_vm_numa_stat_handler,
2884 .extra1 = SYSCTL_ZERO,
2885 .extra2 = SYSCTL_ONE,
2886 },
2887 #endif
2888 {
2889 .procname = "hugetlb_shm_group",
2890 .data = &sysctl_hugetlb_shm_group,
2891 .maxlen = sizeof(gid_t),
2892 .mode = 0644,
2893 .proc_handler = proc_dointvec,
2894 },
2895 {
2896 .procname = "nr_overcommit_hugepages",
2897 .data = NULL,
2898 .maxlen = sizeof(unsigned long),
2899 .mode = 0644,
2900 .proc_handler = hugetlb_overcommit_handler,
2901 },
2902 #endif
2903 {
2904 .procname = "lowmem_reserve_ratio",
2905 .data = &sysctl_lowmem_reserve_ratio,
2906 .maxlen = sizeof(sysctl_lowmem_reserve_ratio),
2907 .mode = 0644,
2908 .proc_handler = lowmem_reserve_ratio_sysctl_handler,
2909 },
2910 {
2911 .procname = "drop_caches",
2912 .data = &sysctl_drop_caches,
2913 .maxlen = sizeof(int),
2914 .mode = 0200,
2915 .proc_handler = drop_caches_sysctl_handler,
2916 .extra1 = SYSCTL_ONE,
2917 .extra2 = &four,
2918 },
2919 #ifdef CONFIG_COMPACTION
2920 {
2921 .procname = "compact_memory",
2922 .data = NULL,
2923 .maxlen = sizeof(int),
2924 .mode = 0200,
2925 .proc_handler = sysctl_compaction_handler,
2926 },
2927 {
2928 .procname = "compaction_proactiveness",
2929 .data = &sysctl_compaction_proactiveness,
2930 .maxlen = sizeof(sysctl_compaction_proactiveness),
2931 .mode = 0644,
2932 .proc_handler = compaction_proactiveness_sysctl_handler,
2933 .extra1 = SYSCTL_ZERO,
2934 .extra2 = &one_hundred,
2935 },
2936 {
2937 .procname = "extfrag_threshold",
2938 .data = &sysctl_extfrag_threshold,
2939 .maxlen = sizeof(int),
2940 .mode = 0644,
2941 .proc_handler = proc_dointvec_minmax,
2942 .extra1 = &min_extfrag_threshold,
2943 .extra2 = &max_extfrag_threshold,
2944 },
2945 {
2946 .procname = "compact_unevictable_allowed",
2947 .data = &sysctl_compact_unevictable_allowed,
2948 .maxlen = sizeof(int),
2949 .mode = 0644,
2950 .proc_handler = proc_dointvec_minmax_warn_RT_change,
2951 .extra1 = SYSCTL_ZERO,
2952 .extra2 = SYSCTL_ONE,
2953 },
2954
2955 #endif /* CONFIG_COMPACTION */
2956 {
2957 .procname = "min_free_kbytes",
2958 .data = &min_free_kbytes,
2959 .maxlen = sizeof(min_free_kbytes),
2960 .mode = 0644,
2961 .proc_handler = min_free_kbytes_sysctl_handler,
2962 .extra1 = SYSCTL_ZERO,
2963 },
2964 {
2965 .procname = "watermark_boost_factor",
2966 .data = &watermark_boost_factor,
2967 .maxlen = sizeof(watermark_boost_factor),
2968 .mode = 0644,
2969 .proc_handler = proc_dointvec_minmax,
2970 .extra1 = SYSCTL_ZERO,
2971 },
2972 {
2973 .procname = "watermark_scale_factor",
2974 .data = &watermark_scale_factor,
2975 .maxlen = sizeof(watermark_scale_factor),
2976 .mode = 0644,
2977 .proc_handler = watermark_scale_factor_sysctl_handler,
2978 .extra1 = SYSCTL_ONE,
2979 .extra2 = &one_thousand,
2980 },
2981 {
2982 .procname = "percpu_pagelist_high_fraction",
2983 .data = &percpu_pagelist_high_fraction,
2984 .maxlen = sizeof(percpu_pagelist_high_fraction),
2985 .mode = 0644,
2986 .proc_handler = percpu_pagelist_high_fraction_sysctl_handler,
2987 .extra1 = SYSCTL_ZERO,
2988 },
2989 {
2990 .procname = "page_lock_unfairness",
2991 .data = &sysctl_page_lock_unfairness,
2992 .maxlen = sizeof(sysctl_page_lock_unfairness),
2993 .mode = 0644,
2994 .proc_handler = proc_dointvec_minmax,
2995 .extra1 = SYSCTL_ZERO,
2996 },
2997 #ifdef CONFIG_MMU
2998 {
2999 .procname = "max_map_count",
3000 .data = &sysctl_max_map_count,
3001 .maxlen = sizeof(sysctl_max_map_count),
3002 .mode = 0644,
3003 .proc_handler = proc_dointvec_minmax,
3004 .extra1 = SYSCTL_ZERO,
3005 },
3006 #else
3007 {
3008 .procname = "nr_trim_pages",
3009 .data = &sysctl_nr_trim_pages,
3010 .maxlen = sizeof(sysctl_nr_trim_pages),
3011 .mode = 0644,
3012 .proc_handler = proc_dointvec_minmax,
3013 .extra1 = SYSCTL_ZERO,
3014 },
3015 #endif
3016 {
3017 .procname = "laptop_mode",
3018 .data = &laptop_mode,
3019 .maxlen = sizeof(laptop_mode),
3020 .mode = 0644,
3021 .proc_handler = proc_dointvec_jiffies,
3022 },
3023 {
3024 .procname = "vfs_cache_pressure",
3025 .data = &sysctl_vfs_cache_pressure,
3026 .maxlen = sizeof(sysctl_vfs_cache_pressure),
3027 .mode = 0644,
3028 .proc_handler = proc_dointvec_minmax,
3029 .extra1 = SYSCTL_ZERO,
3030 },
3031 #if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \
3032 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT)
3033 {
3034 .procname = "legacy_va_layout",
3035 .data = &sysctl_legacy_va_layout,
3036 .maxlen = sizeof(sysctl_legacy_va_layout),
3037 .mode = 0644,
3038 .proc_handler = proc_dointvec_minmax,
3039 .extra1 = SYSCTL_ZERO,
3040 },
3041 #endif
3042 #ifdef CONFIG_NUMA
3043 {
3044 .procname = "zone_reclaim_mode",
3045 .data = &node_reclaim_mode,
3046 .maxlen = sizeof(node_reclaim_mode),
3047 .mode = 0644,
3048 .proc_handler = proc_dointvec_minmax,
3049 .extra1 = SYSCTL_ZERO,
3050 },
3051 {
3052 .procname = "min_unmapped_ratio",
3053 .data = &sysctl_min_unmapped_ratio,
3054 .maxlen = sizeof(sysctl_min_unmapped_ratio),
3055 .mode = 0644,
3056 .proc_handler = sysctl_min_unmapped_ratio_sysctl_handler,
3057 .extra1 = SYSCTL_ZERO,
3058 .extra2 = &one_hundred,
3059 },
3060 {
3061 .procname = "min_slab_ratio",
3062 .data = &sysctl_min_slab_ratio,
3063 .maxlen = sizeof(sysctl_min_slab_ratio),
3064 .mode = 0644,
3065 .proc_handler = sysctl_min_slab_ratio_sysctl_handler,
3066 .extra1 = SYSCTL_ZERO,
3067 .extra2 = &one_hundred,
3068 },
3069 #endif
3070 #ifdef CONFIG_SMP
3071 {
3072 .procname = "stat_interval",
3073 .data = &sysctl_stat_interval,
3074 .maxlen = sizeof(sysctl_stat_interval),
3075 .mode = 0644,
3076 .proc_handler = proc_dointvec_jiffies,
3077 },
3078 {
3079 .procname = "stat_refresh",
3080 .data = NULL,
3081 .maxlen = 0,
3082 .mode = 0600,
3083 .proc_handler = vmstat_refresh,
3084 },
3085 #endif
3086 #ifdef CONFIG_MMU
3087 {
3088 .procname = "mmap_min_addr",
3089 .data = &dac_mmap_min_addr,
3090 .maxlen = sizeof(unsigned long),
3091 .mode = 0644,
3092 .proc_handler = mmap_min_addr_handler,
3093 },
3094 #endif
3095 #ifdef CONFIG_NUMA
3096 {
3097 .procname = "numa_zonelist_order",
3098 .data = &numa_zonelist_order,
3099 .maxlen = NUMA_ZONELIST_ORDER_LEN,
3100 .mode = 0644,
3101 .proc_handler = numa_zonelist_order_handler,
3102 },
3103 #endif
3104 #if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \
3105 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL))
3106 {
3107 .procname = "vdso_enabled",
3108 #ifdef CONFIG_X86_32
3109 .data = &vdso32_enabled,
3110 .maxlen = sizeof(vdso32_enabled),
3111 #else
3112 .data = &vdso_enabled,
3113 .maxlen = sizeof(vdso_enabled),
3114 #endif
3115 .mode = 0644,
3116 .proc_handler = proc_dointvec,
3117 .extra1 = SYSCTL_ZERO,
3118 },
3119 #endif
3120 #ifdef CONFIG_HIGHMEM
3121 {
3122 .procname = "highmem_is_dirtyable",
3123 .data = &vm_highmem_is_dirtyable,
3124 .maxlen = sizeof(vm_highmem_is_dirtyable),
3125 .mode = 0644,
3126 .proc_handler = proc_dointvec_minmax,
3127 .extra1 = SYSCTL_ZERO,
3128 .extra2 = SYSCTL_ONE,
3129 },
3130 #endif
3131 #ifdef CONFIG_MEMORY_FAILURE
3132 {
3133 .procname = "memory_failure_early_kill",
3134 .data = &sysctl_memory_failure_early_kill,
3135 .maxlen = sizeof(sysctl_memory_failure_early_kill),
3136 .mode = 0644,
3137 .proc_handler = proc_dointvec_minmax,
3138 .extra1 = SYSCTL_ZERO,
3139 .extra2 = SYSCTL_ONE,
3140 },
3141 {
3142 .procname = "memory_failure_recovery",
3143 .data = &sysctl_memory_failure_recovery,
3144 .maxlen = sizeof(sysctl_memory_failure_recovery),
3145 .mode = 0644,
3146 .proc_handler = proc_dointvec_minmax,
3147 .extra1 = SYSCTL_ZERO,
3148 .extra2 = SYSCTL_ONE,
3149 },
3150 #endif
3151 {
3152 .procname = "user_reserve_kbytes",
3153 .data = &sysctl_user_reserve_kbytes,
3154 .maxlen = sizeof(sysctl_user_reserve_kbytes),
3155 .mode = 0644,
3156 .proc_handler = proc_doulongvec_minmax,
3157 },
3158 {
3159 .procname = "admin_reserve_kbytes",
3160 .data = &sysctl_admin_reserve_kbytes,
3161 .maxlen = sizeof(sysctl_admin_reserve_kbytes),
3162 .mode = 0644,
3163 .proc_handler = proc_doulongvec_minmax,
3164 },
3165 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_BITS
3166 {
3167 .procname = "mmap_rnd_bits",
3168 .data = &mmap_rnd_bits,
3169 .maxlen = sizeof(mmap_rnd_bits),
3170 .mode = 0600,
3171 .proc_handler = proc_dointvec_minmax,
3172 .extra1 = (void *)&mmap_rnd_bits_min,
3173 .extra2 = (void *)&mmap_rnd_bits_max,
3174 },
3175 #endif
3176 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS
3177 {
3178 .procname = "mmap_rnd_compat_bits",
3179 .data = &mmap_rnd_compat_bits,
3180 .maxlen = sizeof(mmap_rnd_compat_bits),
3181 .mode = 0600,
3182 .proc_handler = proc_dointvec_minmax,
3183 .extra1 = (void *)&mmap_rnd_compat_bits_min,
3184 .extra2 = (void *)&mmap_rnd_compat_bits_max,
3185 },
3186 #endif
3187 #ifdef CONFIG_USERFAULTFD
3188 {
3189 .procname = "unprivileged_userfaultfd",
3190 .data = &sysctl_unprivileged_userfaultfd,
3191 .maxlen = sizeof(sysctl_unprivileged_userfaultfd),
3192 .mode = 0644,
3193 .proc_handler = proc_dointvec_minmax,
3194 .extra1 = SYSCTL_ZERO,
3195 .extra2 = SYSCTL_ONE,
3196 },
3197 #endif
3198 { }
3199 };
3200
3201 static struct ctl_table fs_table[] = {
3202 {
3203 .procname = "inode-nr",
3204 .data = &inodes_stat,
3205 .maxlen = 2*sizeof(long),
3206 .mode = 0444,
3207 .proc_handler = proc_nr_inodes,
3208 },
3209 {
3210 .procname = "inode-state",
3211 .data = &inodes_stat,
3212 .maxlen = 7*sizeof(long),
3213 .mode = 0444,
3214 .proc_handler = proc_nr_inodes,
3215 },
3216 {
3217 .procname = "file-nr",
3218 .data = &files_stat,
3219 .maxlen = sizeof(files_stat),
3220 .mode = 0444,
3221 .proc_handler = proc_nr_files,
3222 },
3223 {
3224 .procname = "file-max",
3225 .data = &files_stat.max_files,
3226 .maxlen = sizeof(files_stat.max_files),
3227 .mode = 0644,
3228 .proc_handler = proc_doulongvec_minmax,
3229 .extra1 = &zero_ul,
3230 .extra2 = &long_max,
3231 },
3232 {
3233 .procname = "nr_open",
3234 .data = &sysctl_nr_open,
3235 .maxlen = sizeof(unsigned int),
3236 .mode = 0644,
3237 .proc_handler = proc_dointvec_minmax,
3238 .extra1 = &sysctl_nr_open_min,
3239 .extra2 = &sysctl_nr_open_max,
3240 },
3241 {
3242 .procname = "dentry-state",
3243 .data = &dentry_stat,
3244 .maxlen = 6*sizeof(long),
3245 .mode = 0444,
3246 .proc_handler = proc_nr_dentry,
3247 },
3248 {
3249 .procname = "overflowuid",
3250 .data = &fs_overflowuid,
3251 .maxlen = sizeof(int),
3252 .mode = 0644,
3253 .proc_handler = proc_dointvec_minmax,
3254 .extra1 = &minolduid,
3255 .extra2 = &maxolduid,
3256 },
3257 {
3258 .procname = "overflowgid",
3259 .data = &fs_overflowgid,
3260 .maxlen = sizeof(int),
3261 .mode = 0644,
3262 .proc_handler = proc_dointvec_minmax,
3263 .extra1 = &minolduid,
3264 .extra2 = &maxolduid,
3265 },
3266 #ifdef CONFIG_FILE_LOCKING
3267 {
3268 .procname = "leases-enable",
3269 .data = &leases_enable,
3270 .maxlen = sizeof(int),
3271 .mode = 0644,
3272 .proc_handler = proc_dointvec,
3273 },
3274 #endif
3275 #ifdef CONFIG_DNOTIFY
3276 {
3277 .procname = "dir-notify-enable",
3278 .data = &dir_notify_enable,
3279 .maxlen = sizeof(int),
3280 .mode = 0644,
3281 .proc_handler = proc_dointvec,
3282 },
3283 #endif
3284 #ifdef CONFIG_MMU
3285 #ifdef CONFIG_FILE_LOCKING
3286 {
3287 .procname = "lease-break-time",
3288 .data = &lease_break_time,
3289 .maxlen = sizeof(int),
3290 .mode = 0644,
3291 .proc_handler = proc_dointvec,
3292 },
3293 #endif
3294 #ifdef CONFIG_AIO
3295 {
3296 .procname = "aio-nr",
3297 .data = &aio_nr,
3298 .maxlen = sizeof(aio_nr),
3299 .mode = 0444,
3300 .proc_handler = proc_doulongvec_minmax,
3301 },
3302 {
3303 .procname = "aio-max-nr",
3304 .data = &aio_max_nr,
3305 .maxlen = sizeof(aio_max_nr),
3306 .mode = 0644,
3307 .proc_handler = proc_doulongvec_minmax,
3308 },
3309 #endif /* CONFIG_AIO */
3310 #ifdef CONFIG_INOTIFY_USER
3311 {
3312 .procname = "inotify",
3313 .mode = 0555,
3314 .child = inotify_table,
3315 },
3316 #endif
3317 #ifdef CONFIG_FANOTIFY
3318 {
3319 .procname = "fanotify",
3320 .mode = 0555,
3321 .child = fanotify_table,
3322 },
3323 #endif
3324 #ifdef CONFIG_EPOLL
3325 {
3326 .procname = "epoll",
3327 .mode = 0555,
3328 .child = epoll_table,
3329 },
3330 #endif
3331 #endif
3332 {
3333 .procname = "protected_symlinks",
3334 .data = &sysctl_protected_symlinks,
3335 .maxlen = sizeof(int),
3336 .mode = 0600,
3337 .proc_handler = proc_dointvec_minmax,
3338 .extra1 = SYSCTL_ZERO,
3339 .extra2 = SYSCTL_ONE,
3340 },
3341 {
3342 .procname = "protected_hardlinks",
3343 .data = &sysctl_protected_hardlinks,
3344 .maxlen = sizeof(int),
3345 .mode = 0600,
3346 .proc_handler = proc_dointvec_minmax,
3347 .extra1 = SYSCTL_ZERO,
3348 .extra2 = SYSCTL_ONE,
3349 },
3350 {
3351 .procname = "protected_fifos",
3352 .data = &sysctl_protected_fifos,
3353 .maxlen = sizeof(int),
3354 .mode = 0600,
3355 .proc_handler = proc_dointvec_minmax,
3356 .extra1 = SYSCTL_ZERO,
3357 .extra2 = &two,
3358 },
3359 {
3360 .procname = "protected_regular",
3361 .data = &sysctl_protected_regular,
3362 .maxlen = sizeof(int),
3363 .mode = 0600,
3364 .proc_handler = proc_dointvec_minmax,
3365 .extra1 = SYSCTL_ZERO,
3366 .extra2 = &two,
3367 },
3368 {
3369 .procname = "suid_dumpable",
3370 .data = &suid_dumpable,
3371 .maxlen = sizeof(int),
3372 .mode = 0644,
3373 .proc_handler = proc_dointvec_minmax_coredump,
3374 .extra1 = SYSCTL_ZERO,
3375 .extra2 = &two,
3376 },
3377 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE)
3378 {
3379 .procname = "binfmt_misc",
3380 .mode = 0555,
3381 .child = sysctl_mount_point,
3382 },
3383 #endif
3384 {
3385 .procname = "pipe-max-size",
3386 .data = &pipe_max_size,
3387 .maxlen = sizeof(pipe_max_size),
3388 .mode = 0644,
3389 .proc_handler = proc_dopipe_max_size,
3390 },
3391 {
3392 .procname = "pipe-user-pages-hard",
3393 .data = &pipe_user_pages_hard,
3394 .maxlen = sizeof(pipe_user_pages_hard),
3395 .mode = 0644,
3396 .proc_handler = proc_doulongvec_minmax,
3397 },
3398 {
3399 .procname = "pipe-user-pages-soft",
3400 .data = &pipe_user_pages_soft,
3401 .maxlen = sizeof(pipe_user_pages_soft),
3402 .mode = 0644,
3403 .proc_handler = proc_doulongvec_minmax,
3404 },
3405 {
3406 .procname = "mount-max",
3407 .data = &sysctl_mount_max,
3408 .maxlen = sizeof(unsigned int),
3409 .mode = 0644,
3410 .proc_handler = proc_dointvec_minmax,
3411 .extra1 = SYSCTL_ONE,
3412 },
3413 { }
3414 };
3415
3416 static struct ctl_table debug_table[] = {
3417 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE
3418 {
3419 .procname = "exception-trace",
3420 .data = &show_unhandled_signals,
3421 .maxlen = sizeof(int),
3422 .mode = 0644,
3423 .proc_handler = proc_dointvec
3424 },
3425 #endif
3426 #if defined(CONFIG_OPTPROBES)
3427 {
3428 .procname = "kprobes-optimization",
3429 .data = &sysctl_kprobes_optimization,
3430 .maxlen = sizeof(int),
3431 .mode = 0644,
3432 .proc_handler = proc_kprobes_optimization_handler,
3433 .extra1 = SYSCTL_ZERO,
3434 .extra2 = SYSCTL_ONE,
3435 },
3436 #endif
3437 { }
3438 };
3439
3440 static struct ctl_table dev_table[] = {
3441 { }
3442 };
3443
3444 static struct ctl_table sysctl_base_table[] = {
3445 {
3446 .procname = "kernel",
3447 .mode = 0555,
3448 .child = kern_table,
3449 },
3450 {
3451 .procname = "vm",
3452 .mode = 0555,
3453 .child = vm_table,
3454 },
3455 {
3456 .procname = "fs",
3457 .mode = 0555,
3458 .child = fs_table,
3459 },
3460 {
3461 .procname = "debug",
3462 .mode = 0555,
3463 .child = debug_table,
3464 },
3465 {
3466 .procname = "dev",
3467 .mode = 0555,
3468 .child = dev_table,
3469 },
3470 { }
3471 };
3472
3473 int __init sysctl_init(void)
3474 {
3475 struct ctl_table_header *hdr;
3476
3477 hdr = register_sysctl_table(sysctl_base_table);
3478 kmemleak_not_leak(hdr);
3479 return 0;
3480 }
3481 #endif /* CONFIG_SYSCTL */
3482 /*
3483 * No sense putting this after each symbol definition, twice,
3484 * exception granted :-)
3485 */
3486 EXPORT_SYMBOL(proc_dobool);
3487 EXPORT_SYMBOL(proc_dointvec);
3488 EXPORT_SYMBOL(proc_douintvec);
3489 EXPORT_SYMBOL(proc_dointvec_jiffies);
3490 EXPORT_SYMBOL(proc_dointvec_minmax);
3491 EXPORT_SYMBOL_GPL(proc_douintvec_minmax);
3492 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
3493 EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
3494 EXPORT_SYMBOL(proc_dostring);
3495 EXPORT_SYMBOL(proc_doulongvec_minmax);
3496 EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);
3497 EXPORT_SYMBOL(proc_do_large_bitmap);
Ubuntu Jammy Linux kernel mirror