]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blob - kernel/sysctl.c
projects / mirror_ubuntu-zesty-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
UBUNTU: SAUCE: add a sysctl to disable unprivileged user namespace unsharing
[mirror_ubuntu-zesty-kernel.git] / kernel / sysctl.c
1 /*
2 * sysctl.c: General linux system control interface
3 *
4 * Begun 24 March 1995, Stephen Tweedie
5 * Added /proc support, Dec 1995
6 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas.
7 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver.
8 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver.
9 * Dynamic registration fixes, Stephen Tweedie.
10 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn.
11 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris
12 * Horn.
13 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer.
14 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer.
15 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill
16 * Wendling.
17 * The list_for_each() macro wasn't appropriate for the sysctl loop.
18 * Removed it and replaced it with older style, 03/23/00, Bill Wendling
19 */
20
21 #include <linux/module.h>
22 #include <linux/aio.h>
23 #include <linux/mm.h>
24 #include <linux/swap.h>
25 #include <linux/slab.h>
26 #include <linux/sysctl.h>
27 #include <linux/bitmap.h>
28 #include <linux/signal.h>
29 #include <linux/printk.h>
30 #include <linux/proc_fs.h>
31 #include <linux/security.h>
32 #include <linux/ctype.h>
33 #include <linux/kmemcheck.h>
34 #include <linux/kmemleak.h>
35 #include <linux/fs.h>
36 #include <linux/init.h>
37 #include <linux/kernel.h>
38 #include <linux/kobject.h>
39 #include <linux/net.h>
40 #include <linux/sysrq.h>
41 #include <linux/highuid.h>
42 #include <linux/writeback.h>
43 #include <linux/ratelimit.h>
44 #include <linux/compaction.h>
45 #include <linux/hugetlb.h>
46 #include <linux/initrd.h>
47 #include <linux/key.h>
48 #include <linux/times.h>
49 #include <linux/limits.h>
50 #include <linux/dcache.h>
51 #include <linux/dnotify.h>
52 #include <linux/syscalls.h>
53 #include <linux/vmstat.h>
54 #include <linux/nfs_fs.h>
55 #include <linux/acpi.h>
56 #include <linux/reboot.h>
57 #include <linux/ftrace.h>
58 #include <linux/perf_event.h>
59 #include <linux/kprobes.h>
60 #include <linux/pipe_fs_i.h>
61 #include <linux/oom.h>
62 #include <linux/kmod.h>
63 #include <linux/capability.h>
64 #include <linux/binfmts.h>
65 #include <linux/sched/sysctl.h>
66 #include <linux/kexec.h>
67 #include <linux/bpf.h>
68
69 #include <asm/uaccess.h>
70 #include <asm/processor.h>
71
72 #ifdef CONFIG_X86
73 #include <asm/nmi.h>
74 #include <asm/stacktrace.h>
75 #include <asm/io.h>
76 #endif
77 #ifdef CONFIG_SPARC
78 #include <asm/setup.h>
79 #endif
80 #ifdef CONFIG_BSD_PROCESS_ACCT
81 #include <linux/acct.h>
82 #endif
83 #ifdef CONFIG_RT_MUTEXES
84 #include <linux/rtmutex.h>
85 #endif
86 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
87 #include <linux/lockdep.h>
88 #endif
89 #ifdef CONFIG_CHR_DEV_SG
90 #include <scsi/sg.h>
91 #endif
92
93 #ifdef CONFIG_LOCKUP_DETECTOR
94 #include <linux/nmi.h>
95 #endif
96
97 #if defined(CONFIG_SYSCTL)
98
99 /* External variables not in a header file. */
100 extern int suid_dumpable;
101 #ifdef CONFIG_COREDUMP
102 extern int core_uses_pid;
103 extern char core_pattern[];
104 extern unsigned int core_pipe_limit;
105 #endif
106 #ifdef CONFIG_USER_NS
107 extern int unprivileged_userns_clone;
108 #endif
109 extern int pid_max;
110 extern int pid_max_min, pid_max_max;
111 extern int percpu_pagelist_fraction;
112 extern int compat_log;
113 extern int latencytop_enabled;
114 extern int sysctl_nr_open_min, sysctl_nr_open_max;
115 #ifndef CONFIG_MMU
116 extern int sysctl_nr_trim_pages;
117 #endif
118
119 /* Constants used for minimum and maximum */
120 #ifdef CONFIG_LOCKUP_DETECTOR
121 static int sixty = 60;
122 #endif
123
124 static int __maybe_unused neg_one = -1;
125
126 static int zero;
127 static int __maybe_unused one = 1;
128 static int __maybe_unused two = 2;
129 static int __maybe_unused four = 4;
130 static unsigned long one_ul = 1;
131 static int one_hundred = 100;
132 #ifdef CONFIG_PRINTK
133 static int ten_thousand = 10000;
134 #endif
135
136 /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */
137 static unsigned long dirty_bytes_min = 2 * PAGE_SIZE;
138
139 /* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
140 static int maxolduid = 65535;
141 static int minolduid;
142
143 static int ngroups_max = NGROUPS_MAX;
144 static const int cap_last_cap = CAP_LAST_CAP;
145
146 /*this is needed for proc_doulongvec_minmax of sysctl_hung_task_timeout_secs */
147 #ifdef CONFIG_DETECT_HUNG_TASK
148 static unsigned long hung_task_timeout_max = (LONG_MAX/HZ);
149 #endif
150
151 #ifdef CONFIG_INOTIFY_USER
152 #include <linux/inotify.h>
153 #endif
154 #ifdef CONFIG_SPARC
155 #endif
156
157 #ifdef __hppa__
158 extern int pwrsw_enabled;
159 #endif
160
161 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
162 extern int unaligned_enabled;
163 #endif
164
165 #ifdef CONFIG_IA64
166 extern int unaligned_dump_stack;
167 #endif
168
169 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
170 extern int no_unaligned_warning;
171 #endif
172
173 #ifdef CONFIG_PROC_SYSCTL
174
175 #define SYSCTL_WRITES_LEGACY -1
176 #define SYSCTL_WRITES_WARN 0
177 #define SYSCTL_WRITES_STRICT 1
178
179 static int sysctl_writes_strict = SYSCTL_WRITES_WARN;
180
181 static int proc_do_cad_pid(struct ctl_table *table, int write,
182 void __user *buffer, size_t *lenp, loff_t *ppos);
183 static int proc_taint(struct ctl_table *table, int write,
184 void __user *buffer, size_t *lenp, loff_t *ppos);
185 #endif
186
187 #ifdef CONFIG_PRINTK
188 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
189 void __user *buffer, size_t *lenp, loff_t *ppos);
190 #endif
191
192 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
193 void __user *buffer, size_t *lenp, loff_t *ppos);
194 #ifdef CONFIG_COREDUMP
195 static int proc_dostring_coredump(struct ctl_table *table, int write,
196 void __user *buffer, size_t *lenp, loff_t *ppos);
197 #endif
198
199 #ifdef CONFIG_MAGIC_SYSRQ
200 /* Note: sysrq code uses it's own private copy */
201 static int __sysrq_enabled = CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE;
202
203 static int sysrq_sysctl_handler(struct ctl_table *table, int write,
204 void __user *buffer, size_t *lenp,
205 loff_t *ppos)
206 {
207 int error;
208
209 error = proc_dointvec(table, write, buffer, lenp, ppos);
210 if (error)
211 return error;
212
213 if (write)
214 sysrq_toggle_support(__sysrq_enabled);
215
216 return 0;
217 }
218
219 #endif
220
221 static struct ctl_table kern_table[];
222 static struct ctl_table vm_table[];
223 static struct ctl_table fs_table[];
224 static struct ctl_table debug_table[];
225 static struct ctl_table dev_table[];
226 extern struct ctl_table random_table[];
227 #ifdef CONFIG_EPOLL
228 extern struct ctl_table epoll_table[];
229 #endif
230
231 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
232 int sysctl_legacy_va_layout;
233 #endif
234
235 /* The default sysctl tables: */
236
237 static struct ctl_table sysctl_base_table[] = {
238 {
239 .procname = "kernel",
240 .mode = 0555,
241 .child = kern_table,
242 },
243 {
244 .procname = "vm",
245 .mode = 0555,
246 .child = vm_table,
247 },
248 {
249 .procname = "fs",
250 .mode = 0555,
251 .child = fs_table,
252 },
253 {
254 .procname = "debug",
255 .mode = 0555,
256 .child = debug_table,
257 },
258 {
259 .procname = "dev",
260 .mode = 0555,
261 .child = dev_table,
262 },
263 { }
264 };
265
266 #ifdef CONFIG_SCHED_DEBUG
267 static int min_sched_granularity_ns = 100000; /* 100 usecs */
268 static int max_sched_granularity_ns = NSEC_PER_SEC; /* 1 second */
269 static int min_wakeup_granularity_ns; /* 0 usecs */
270 static int max_wakeup_granularity_ns = NSEC_PER_SEC; /* 1 second */
271 #ifdef CONFIG_SMP
272 static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE;
273 static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1;
274 #endif /* CONFIG_SMP */
275 #endif /* CONFIG_SCHED_DEBUG */
276
277 #ifdef CONFIG_COMPACTION
278 static int min_extfrag_threshold;
279 static int max_extfrag_threshold = 1000;
280 #endif
281
282 static struct ctl_table kern_table[] = {
283 {
284 .procname = "sched_child_runs_first",
285 .data = &sysctl_sched_child_runs_first,
286 .maxlen = sizeof(unsigned int),
287 .mode = 0644,
288 .proc_handler = proc_dointvec,
289 },
290 #ifdef CONFIG_SCHED_DEBUG
291 {
292 .procname = "sched_min_granularity_ns",
293 .data = &sysctl_sched_min_granularity,
294 .maxlen = sizeof(unsigned int),
295 .mode = 0644,
296 .proc_handler = sched_proc_update_handler,
297 .extra1 = &min_sched_granularity_ns,
298 .extra2 = &max_sched_granularity_ns,
299 },
300 {
301 .procname = "sched_latency_ns",
302 .data = &sysctl_sched_latency,
303 .maxlen = sizeof(unsigned int),
304 .mode = 0644,
305 .proc_handler = sched_proc_update_handler,
306 .extra1 = &min_sched_granularity_ns,
307 .extra2 = &max_sched_granularity_ns,
308 },
309 {
310 .procname = "sched_wakeup_granularity_ns",
311 .data = &sysctl_sched_wakeup_granularity,
312 .maxlen = sizeof(unsigned int),
313 .mode = 0644,
314 .proc_handler = sched_proc_update_handler,
315 .extra1 = &min_wakeup_granularity_ns,
316 .extra2 = &max_wakeup_granularity_ns,
317 },
318 #ifdef CONFIG_SMP
319 {
320 .procname = "sched_tunable_scaling",
321 .data = &sysctl_sched_tunable_scaling,
322 .maxlen = sizeof(enum sched_tunable_scaling),
323 .mode = 0644,
324 .proc_handler = sched_proc_update_handler,
325 .extra1 = &min_sched_tunable_scaling,
326 .extra2 = &max_sched_tunable_scaling,
327 },
328 {
329 .procname = "sched_migration_cost_ns",
330 .data = &sysctl_sched_migration_cost,
331 .maxlen = sizeof(unsigned int),
332 .mode = 0644,
333 .proc_handler = proc_dointvec,
334 },
335 {
336 .procname = "sched_nr_migrate",
337 .data = &sysctl_sched_nr_migrate,
338 .maxlen = sizeof(unsigned int),
339 .mode = 0644,
340 .proc_handler = proc_dointvec,
341 },
342 {
343 .procname = "sched_time_avg_ms",
344 .data = &sysctl_sched_time_avg,
345 .maxlen = sizeof(unsigned int),
346 .mode = 0644,
347 .proc_handler = proc_dointvec,
348 },
349 {
350 .procname = "sched_shares_window_ns",
351 .data = &sysctl_sched_shares_window,
352 .maxlen = sizeof(unsigned int),
353 .mode = 0644,
354 .proc_handler = proc_dointvec,
355 },
356 #endif /* CONFIG_SMP */
357 #ifdef CONFIG_NUMA_BALANCING
358 {
359 .procname = "numa_balancing_scan_delay_ms",
360 .data = &sysctl_numa_balancing_scan_delay,
361 .maxlen = sizeof(unsigned int),
362 .mode = 0644,
363 .proc_handler = proc_dointvec,
364 },
365 {
366 .procname = "numa_balancing_scan_period_min_ms",
367 .data = &sysctl_numa_balancing_scan_period_min,
368 .maxlen = sizeof(unsigned int),
369 .mode = 0644,
370 .proc_handler = proc_dointvec,
371 },
372 {
373 .procname = "numa_balancing_scan_period_max_ms",
374 .data = &sysctl_numa_balancing_scan_period_max,
375 .maxlen = sizeof(unsigned int),
376 .mode = 0644,
377 .proc_handler = proc_dointvec,
378 },
379 {
380 .procname = "numa_balancing_scan_size_mb",
381 .data = &sysctl_numa_balancing_scan_size,
382 .maxlen = sizeof(unsigned int),
383 .mode = 0644,
384 .proc_handler = proc_dointvec_minmax,
385 .extra1 = &one,
386 },
387 {
388 .procname = "numa_balancing",
389 .data = NULL, /* filled in by handler */
390 .maxlen = sizeof(unsigned int),
391 .mode = 0644,
392 .proc_handler = sysctl_numa_balancing,
393 .extra1 = &zero,
394 .extra2 = &one,
395 },
396 #endif /* CONFIG_NUMA_BALANCING */
397 #endif /* CONFIG_SCHED_DEBUG */
398 {
399 .procname = "sched_rt_period_us",
400 .data = &sysctl_sched_rt_period,
401 .maxlen = sizeof(unsigned int),
402 .mode = 0644,
403 .proc_handler = sched_rt_handler,
404 },
405 {
406 .procname = "sched_rt_runtime_us",
407 .data = &sysctl_sched_rt_runtime,
408 .maxlen = sizeof(int),
409 .mode = 0644,
410 .proc_handler = sched_rt_handler,
411 },
412 {
413 .procname = "sched_rr_timeslice_ms",
414 .data = &sched_rr_timeslice,
415 .maxlen = sizeof(int),
416 .mode = 0644,
417 .proc_handler = sched_rr_handler,
418 },
419 #ifdef CONFIG_SCHED_AUTOGROUP
420 {
421 .procname = "sched_autogroup_enabled",
422 .data = &sysctl_sched_autogroup_enabled,
423 .maxlen = sizeof(unsigned int),
424 .mode = 0644,
425 .proc_handler = proc_dointvec_minmax,
426 .extra1 = &zero,
427 .extra2 = &one,
428 },
429 #endif
430 #ifdef CONFIG_CFS_BANDWIDTH
431 {
432 .procname = "sched_cfs_bandwidth_slice_us",
433 .data = &sysctl_sched_cfs_bandwidth_slice,
434 .maxlen = sizeof(unsigned int),
435 .mode = 0644,
436 .proc_handler = proc_dointvec_minmax,
437 .extra1 = &one,
438 },
439 #endif
440 #ifdef CONFIG_PROVE_LOCKING
441 {
442 .procname = "prove_locking",
443 .data = &prove_locking,
444 .maxlen = sizeof(int),
445 .mode = 0644,
446 .proc_handler = proc_dointvec,
447 },
448 #endif
449 #ifdef CONFIG_LOCK_STAT
450 {
451 .procname = "lock_stat",
452 .data = &lock_stat,
453 .maxlen = sizeof(int),
454 .mode = 0644,
455 .proc_handler = proc_dointvec,
456 },
457 #endif
458 {
459 .procname = "panic",
460 .data = &panic_timeout,
461 .maxlen = sizeof(int),
462 .mode = 0644,
463 .proc_handler = proc_dointvec,
464 },
465 #ifdef CONFIG_COREDUMP
466 {
467 .procname = "core_uses_pid",
468 .data = &core_uses_pid,
469 .maxlen = sizeof(int),
470 .mode = 0644,
471 .proc_handler = proc_dointvec,
472 },
473 {
474 .procname = "core_pattern",
475 .data = core_pattern,
476 .maxlen = CORENAME_MAX_SIZE,
477 .mode = 0644,
478 .proc_handler = proc_dostring_coredump,
479 },
480 {
481 .procname = "core_pipe_limit",
482 .data = &core_pipe_limit,
483 .maxlen = sizeof(unsigned int),
484 .mode = 0644,
485 .proc_handler = proc_dointvec,
486 },
487 #endif
488 #ifdef CONFIG_USER_NS
489 {
490 .procname = "unprivileged_userns_clone",
491 .data = &unprivileged_userns_clone,
492 .maxlen = sizeof(int),
493 .mode = 0644,
494 .proc_handler = proc_dointvec,
495 },
496 #endif
497 #ifdef CONFIG_PROC_SYSCTL
498 {
499 .procname = "tainted",
500 .maxlen = sizeof(long),
501 .mode = 0644,
502 .proc_handler = proc_taint,
503 },
504 {
505 .procname = "sysctl_writes_strict",
506 .data = &sysctl_writes_strict,
507 .maxlen = sizeof(int),
508 .mode = 0644,
509 .proc_handler = proc_dointvec_minmax,
510 .extra1 = &neg_one,
511 .extra2 = &one,
512 },
513 #endif
514 #ifdef CONFIG_LATENCYTOP
515 {
516 .procname = "latencytop",
517 .data = &latencytop_enabled,
518 .maxlen = sizeof(int),
519 .mode = 0644,
520 .proc_handler = proc_dointvec,
521 },
522 #endif
523 #ifdef CONFIG_BLK_DEV_INITRD
524 {
525 .procname = "real-root-dev",
526 .data = &real_root_dev,
527 .maxlen = sizeof(int),
528 .mode = 0644,
529 .proc_handler = proc_dointvec,
530 },
531 #endif
532 {
533 .procname = "print-fatal-signals",
534 .data = &print_fatal_signals,
535 .maxlen = sizeof(int),
536 .mode = 0644,
537 .proc_handler = proc_dointvec,
538 },
539 #ifdef CONFIG_SPARC
540 {
541 .procname = "reboot-cmd",
542 .data = reboot_command,
543 .maxlen = 256,
544 .mode = 0644,
545 .proc_handler = proc_dostring,
546 },
547 {
548 .procname = "stop-a",
549 .data = &stop_a_enabled,
550 .maxlen = sizeof (int),
551 .mode = 0644,
552 .proc_handler = proc_dointvec,
553 },
554 {
555 .procname = "scons-poweroff",
556 .data = &scons_pwroff,
557 .maxlen = sizeof (int),
558 .mode = 0644,
559 .proc_handler = proc_dointvec,
560 },
561 #endif
562 #ifdef CONFIG_SPARC64
563 {
564 .procname = "tsb-ratio",
565 .data = &sysctl_tsb_ratio,
566 .maxlen = sizeof (int),
567 .mode = 0644,
568 .proc_handler = proc_dointvec,
569 },
570 #endif
571 #ifdef __hppa__
572 {
573 .procname = "soft-power",
574 .data = &pwrsw_enabled,
575 .maxlen = sizeof (int),
576 .mode = 0644,
577 .proc_handler = proc_dointvec,
578 },
579 #endif
580 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
581 {
582 .procname = "unaligned-trap",
583 .data = &unaligned_enabled,
584 .maxlen = sizeof (int),
585 .mode = 0644,
586 .proc_handler = proc_dointvec,
587 },
588 #endif
589 {
590 .procname = "ctrl-alt-del",
591 .data = &C_A_D,
592 .maxlen = sizeof(int),
593 .mode = 0644,
594 .proc_handler = proc_dointvec,
595 },
596 #ifdef CONFIG_FUNCTION_TRACER
597 {
598 .procname = "ftrace_enabled",
599 .data = &ftrace_enabled,
600 .maxlen = sizeof(int),
601 .mode = 0644,
602 .proc_handler = ftrace_enable_sysctl,
603 },
604 #endif
605 #ifdef CONFIG_STACK_TRACER
606 {
607 .procname = "stack_tracer_enabled",
608 .data = &stack_tracer_enabled,
609 .maxlen = sizeof(int),
610 .mode = 0644,
611 .proc_handler = stack_trace_sysctl,
612 },
613 #endif
614 #ifdef CONFIG_TRACING
615 {
616 .procname = "ftrace_dump_on_oops",
617 .data = &ftrace_dump_on_oops,
618 .maxlen = sizeof(int),
619 .mode = 0644,
620 .proc_handler = proc_dointvec,
621 },
622 {
623 .procname = "traceoff_on_warning",
624 .data = &__disable_trace_on_warning,
625 .maxlen = sizeof(__disable_trace_on_warning),
626 .mode = 0644,
627 .proc_handler = proc_dointvec,
628 },
629 {
630 .procname = "tracepoint_printk",
631 .data = &tracepoint_printk,
632 .maxlen = sizeof(tracepoint_printk),
633 .mode = 0644,
634 .proc_handler = proc_dointvec,
635 },
636 #endif
637 #ifdef CONFIG_KEXEC_CORE
638 {
639 .procname = "kexec_load_disabled",
640 .data = &kexec_load_disabled,
641 .maxlen = sizeof(int),
642 .mode = 0644,
643 /* only handle a transition from default "0" to "1" */
644 .proc_handler = proc_dointvec_minmax,
645 .extra1 = &one,
646 .extra2 = &one,
647 },
648 #endif
649 #ifdef CONFIG_MODULES
650 {
651 .procname = "modprobe",
652 .data = &modprobe_path,
653 .maxlen = KMOD_PATH_LEN,
654 .mode = 0644,
655 .proc_handler = proc_dostring,
656 },
657 {
658 .procname = "modules_disabled",
659 .data = &modules_disabled,
660 .maxlen = sizeof(int),
661 .mode = 0644,
662 /* only handle a transition from default "0" to "1" */
663 .proc_handler = proc_dointvec_minmax,
664 .extra1 = &one,
665 .extra2 = &one,
666 },
667 #endif
668 #ifdef CONFIG_UEVENT_HELPER
669 {
670 .procname = "hotplug",
671 .data = &uevent_helper,
672 .maxlen = UEVENT_HELPER_PATH_LEN,
673 .mode = 0644,
674 .proc_handler = proc_dostring,
675 },
676 #endif
677 #ifdef CONFIG_CHR_DEV_SG
678 {
679 .procname = "sg-big-buff",
680 .data = &sg_big_buff,
681 .maxlen = sizeof (int),
682 .mode = 0444,
683 .proc_handler = proc_dointvec,
684 },
685 #endif
686 #ifdef CONFIG_BSD_PROCESS_ACCT
687 {
688 .procname = "acct",
689 .data = &acct_parm,
690 .maxlen = 3*sizeof(int),
691 .mode = 0644,
692 .proc_handler = proc_dointvec,
693 },
694 #endif
695 #ifdef CONFIG_MAGIC_SYSRQ
696 {
697 .procname = "sysrq",
698 .data = &__sysrq_enabled,
699 .maxlen = sizeof (int),
700 .mode = 0644,
701 .proc_handler = sysrq_sysctl_handler,
702 },
703 #endif
704 #ifdef CONFIG_PROC_SYSCTL
705 {
706 .procname = "cad_pid",
707 .data = NULL,
708 .maxlen = sizeof (int),
709 .mode = 0600,
710 .proc_handler = proc_do_cad_pid,
711 },
712 #endif
713 {
714 .procname = "threads-max",
715 .data = NULL,
716 .maxlen = sizeof(int),
717 .mode = 0644,
718 .proc_handler = sysctl_max_threads,
719 },
720 {
721 .procname = "random",
722 .mode = 0555,
723 .child = random_table,
724 },
725 {
726 .procname = "usermodehelper",
727 .mode = 0555,
728 .child = usermodehelper_table,
729 },
730 {
731 .procname = "overflowuid",
732 .data = &overflowuid,
733 .maxlen = sizeof(int),
734 .mode = 0644,
735 .proc_handler = proc_dointvec_minmax,
736 .extra1 = &minolduid,
737 .extra2 = &maxolduid,
738 },
739 {
740 .procname = "overflowgid",
741 .data = &overflowgid,
742 .maxlen = sizeof(int),
743 .mode = 0644,
744 .proc_handler = proc_dointvec_minmax,
745 .extra1 = &minolduid,
746 .extra2 = &maxolduid,
747 },
748 #ifdef CONFIG_S390
749 #ifdef CONFIG_MATHEMU
750 {
751 .procname = "ieee_emulation_warnings",
752 .data = &sysctl_ieee_emulation_warnings,
753 .maxlen = sizeof(int),
754 .mode = 0644,
755 .proc_handler = proc_dointvec,
756 },
757 #endif
758 {
759 .procname = "userprocess_debug",
760 .data = &show_unhandled_signals,
761 .maxlen = sizeof(int),
762 .mode = 0644,
763 .proc_handler = proc_dointvec,
764 },
765 #endif
766 {
767 .procname = "pid_max",
768 .data = &pid_max,
769 .maxlen = sizeof (int),
770 .mode = 0644,
771 .proc_handler = proc_dointvec_minmax,
772 .extra1 = &pid_max_min,
773 .extra2 = &pid_max_max,
774 },
775 {
776 .procname = "panic_on_oops",
777 .data = &panic_on_oops,
778 .maxlen = sizeof(int),
779 .mode = 0644,
780 .proc_handler = proc_dointvec,
781 },
782 #if defined CONFIG_PRINTK
783 {
784 .procname = "printk",
785 .data = &console_loglevel,
786 .maxlen = 4*sizeof(int),
787 .mode = 0644,
788 .proc_handler = proc_dointvec,
789 },
790 {
791 .procname = "printk_ratelimit",
792 .data = &printk_ratelimit_state.interval,
793 .maxlen = sizeof(int),
794 .mode = 0644,
795 .proc_handler = proc_dointvec_jiffies,
796 },
797 {
798 .procname = "printk_ratelimit_burst",
799 .data = &printk_ratelimit_state.burst,
800 .maxlen = sizeof(int),
801 .mode = 0644,
802 .proc_handler = proc_dointvec,
803 },
804 {
805 .procname = "printk_delay",
806 .data = &printk_delay_msec,
807 .maxlen = sizeof(int),
808 .mode = 0644,
809 .proc_handler = proc_dointvec_minmax,
810 .extra1 = &zero,
811 .extra2 = &ten_thousand,
812 },
813 {
814 .procname = "dmesg_restrict",
815 .data = &dmesg_restrict,
816 .maxlen = sizeof(int),
817 .mode = 0644,
818 .proc_handler = proc_dointvec_minmax_sysadmin,
819 .extra1 = &zero,
820 .extra2 = &one,
821 },
822 {
823 .procname = "kptr_restrict",
824 .data = &kptr_restrict,
825 .maxlen = sizeof(int),
826 .mode = 0644,
827 .proc_handler = proc_dointvec_minmax_sysadmin,
828 .extra1 = &zero,
829 .extra2 = &two,
830 },
831 #endif
832 {
833 .procname = "ngroups_max",
834 .data = &ngroups_max,
835 .maxlen = sizeof (int),
836 .mode = 0444,
837 .proc_handler = proc_dointvec,
838 },
839 {
840 .procname = "cap_last_cap",
841 .data = (void *)&cap_last_cap,
842 .maxlen = sizeof(int),
843 .mode = 0444,
844 .proc_handler = proc_dointvec,
845 },
846 #if defined(CONFIG_LOCKUP_DETECTOR)
847 {
848 .procname = "watchdog",
849 .data = &watchdog_user_enabled,
850 .maxlen = sizeof (int),
851 .mode = 0644,
852 .proc_handler = proc_watchdog,
853 .extra1 = &zero,
854 .extra2 = &one,
855 },
856 {
857 .procname = "watchdog_thresh",
858 .data = &watchdog_thresh,
859 .maxlen = sizeof(int),
860 .mode = 0644,
861 .proc_handler = proc_watchdog_thresh,
862 .extra1 = &zero,
863 .extra2 = &sixty,
864 },
865 {
866 .procname = "nmi_watchdog",
867 .data = &nmi_watchdog_enabled,
868 .maxlen = sizeof (int),
869 .mode = 0644,
870 .proc_handler = proc_nmi_watchdog,
871 .extra1 = &zero,
872 #if defined(CONFIG_HAVE_NMI_WATCHDOG) || defined(CONFIG_HARDLOCKUP_DETECTOR)
873 .extra2 = &one,
874 #else
875 .extra2 = &zero,
876 #endif
877 },
878 {
879 .procname = "soft_watchdog",
880 .data = &soft_watchdog_enabled,
881 .maxlen = sizeof (int),
882 .mode = 0644,
883 .proc_handler = proc_soft_watchdog,
884 .extra1 = &zero,
885 .extra2 = &one,
886 },
887 {
888 .procname = "watchdog_cpumask",
889 .data = &watchdog_cpumask_bits,
890 .maxlen = NR_CPUS,
891 .mode = 0644,
892 .proc_handler = proc_watchdog_cpumask,
893 },
894 {
895 .procname = "softlockup_panic",
896 .data = &softlockup_panic,
897 .maxlen = sizeof(int),
898 .mode = 0644,
899 .proc_handler = proc_dointvec_minmax,
900 .extra1 = &zero,
901 .extra2 = &one,
902 },
903 #ifdef CONFIG_HARDLOCKUP_DETECTOR
904 {
905 .procname = "hardlockup_panic",
906 .data = &hardlockup_panic,
907 .maxlen = sizeof(int),
908 .mode = 0644,
909 .proc_handler = proc_dointvec_minmax,
910 .extra1 = &zero,
911 .extra2 = &one,
912 },
913 #endif
914 #ifdef CONFIG_SMP
915 {
916 .procname = "softlockup_all_cpu_backtrace",
917 .data = &sysctl_softlockup_all_cpu_backtrace,
918 .maxlen = sizeof(int),
919 .mode = 0644,
920 .proc_handler = proc_dointvec_minmax,
921 .extra1 = &zero,
922 .extra2 = &one,
923 },
924 {
925 .procname = "hardlockup_all_cpu_backtrace",
926 .data = &sysctl_hardlockup_all_cpu_backtrace,
927 .maxlen = sizeof(int),
928 .mode = 0644,
929 .proc_handler = proc_dointvec_minmax,
930 .extra1 = &zero,
931 .extra2 = &one,
932 },
933 #endif /* CONFIG_SMP */
934 #endif
935 #if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
936 {
937 .procname = "unknown_nmi_panic",
938 .data = &unknown_nmi_panic,
939 .maxlen = sizeof (int),
940 .mode = 0644,
941 .proc_handler = proc_dointvec,
942 },
943 #endif
944 #if defined(CONFIG_X86)
945 {
946 .procname = "panic_on_unrecovered_nmi",
947 .data = &panic_on_unrecovered_nmi,
948 .maxlen = sizeof(int),
949 .mode = 0644,
950 .proc_handler = proc_dointvec,
951 },
952 {
953 .procname = "panic_on_io_nmi",
954 .data = &panic_on_io_nmi,
955 .maxlen = sizeof(int),
956 .mode = 0644,
957 .proc_handler = proc_dointvec,
958 },
959 #ifdef CONFIG_DEBUG_STACKOVERFLOW
960 {
961 .procname = "panic_on_stackoverflow",
962 .data = &sysctl_panic_on_stackoverflow,
963 .maxlen = sizeof(int),
964 .mode = 0644,
965 .proc_handler = proc_dointvec,
966 },
967 #endif
968 {
969 .procname = "bootloader_type",
970 .data = &bootloader_type,
971 .maxlen = sizeof (int),
972 .mode = 0444,
973 .proc_handler = proc_dointvec,
974 },
975 {
976 .procname = "bootloader_version",
977 .data = &bootloader_version,
978 .maxlen = sizeof (int),
979 .mode = 0444,
980 .proc_handler = proc_dointvec,
981 },
982 {
983 .procname = "kstack_depth_to_print",
984 .data = &kstack_depth_to_print,
985 .maxlen = sizeof(int),
986 .mode = 0644,
987 .proc_handler = proc_dointvec,
988 },
989 {
990 .procname = "io_delay_type",
991 .data = &io_delay_type,
992 .maxlen = sizeof(int),
993 .mode = 0644,
994 .proc_handler = proc_dointvec,
995 },
996 #endif
997 #if defined(CONFIG_MMU)
998 {
999 .procname = "randomize_va_space",
1000 .data = &randomize_va_space,
1001 .maxlen = sizeof(int),
1002 .mode = 0644,
1003 .proc_handler = proc_dointvec,
1004 },
1005 #endif
1006 #if defined(CONFIG_S390) && defined(CONFIG_SMP)
1007 {
1008 .procname = "spin_retry",
1009 .data = &spin_retry,
1010 .maxlen = sizeof (int),
1011 .mode = 0644,
1012 .proc_handler = proc_dointvec,
1013 },
1014 #endif
1015 #if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86)
1016 {
1017 .procname = "acpi_video_flags",
1018 .data = &acpi_realmode_flags,
1019 .maxlen = sizeof (unsigned long),
1020 .mode = 0644,
1021 .proc_handler = proc_doulongvec_minmax,
1022 },
1023 #endif
1024 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
1025 {
1026 .procname = "ignore-unaligned-usertrap",
1027 .data = &no_unaligned_warning,
1028 .maxlen = sizeof (int),
1029 .mode = 0644,
1030 .proc_handler = proc_dointvec,
1031 },
1032 #endif
1033 #ifdef CONFIG_IA64
1034 {
1035 .procname = "unaligned-dump-stack",
1036 .data = &unaligned_dump_stack,
1037 .maxlen = sizeof (int),
1038 .mode = 0644,
1039 .proc_handler = proc_dointvec,
1040 },
1041 #endif
1042 #ifdef CONFIG_DETECT_HUNG_TASK
1043 {
1044 .procname = "hung_task_panic",
1045 .data = &sysctl_hung_task_panic,
1046 .maxlen = sizeof(int),
1047 .mode = 0644,
1048 .proc_handler = proc_dointvec_minmax,
1049 .extra1 = &zero,
1050 .extra2 = &one,
1051 },
1052 {
1053 .procname = "hung_task_check_count",
1054 .data = &sysctl_hung_task_check_count,
1055 .maxlen = sizeof(int),
1056 .mode = 0644,
1057 .proc_handler = proc_dointvec_minmax,
1058 .extra1 = &zero,
1059 },
1060 {
1061 .procname = "hung_task_timeout_secs",
1062 .data = &sysctl_hung_task_timeout_secs,
1063 .maxlen = sizeof(unsigned long),
1064 .mode = 0644,
1065 .proc_handler = proc_dohung_task_timeout_secs,
1066 .extra2 = &hung_task_timeout_max,
1067 },
1068 {
1069 .procname = "hung_task_warnings",
1070 .data = &sysctl_hung_task_warnings,
1071 .maxlen = sizeof(int),
1072 .mode = 0644,
1073 .proc_handler = proc_dointvec_minmax,
1074 .extra1 = &neg_one,
1075 },
1076 #endif
1077 #ifdef CONFIG_COMPAT
1078 {
1079 .procname = "compat-log",
1080 .data = &compat_log,
1081 .maxlen = sizeof (int),
1082 .mode = 0644,
1083 .proc_handler = proc_dointvec,
1084 },
1085 #endif
1086 #ifdef CONFIG_RT_MUTEXES
1087 {
1088 .procname = "max_lock_depth",
1089 .data = &max_lock_depth,
1090 .maxlen = sizeof(int),
1091 .mode = 0644,
1092 .proc_handler = proc_dointvec,
1093 },
1094 #endif
1095 {
1096 .procname = "poweroff_cmd",
1097 .data = &poweroff_cmd,
1098 .maxlen = POWEROFF_CMD_PATH_LEN,
1099 .mode = 0644,
1100 .proc_handler = proc_dostring,
1101 },
1102 #ifdef CONFIG_KEYS
1103 {
1104 .procname = "keys",
1105 .mode = 0555,
1106 .child = key_sysctls,
1107 },
1108 #endif
1109 #ifdef CONFIG_PERF_EVENTS
1110 /*
1111 * User-space scripts rely on the existence of this file
1112 * as a feature check for perf_events being enabled.
1113 *
1114 * So it's an ABI, do not remove!
1115 */
1116 {
1117 .procname = "perf_event_paranoid",
1118 .data = &sysctl_perf_event_paranoid,
1119 .maxlen = sizeof(sysctl_perf_event_paranoid),
1120 .mode = 0644,
1121 .proc_handler = proc_dointvec,
1122 },
1123 {
1124 .procname = "perf_event_mlock_kb",
1125 .data = &sysctl_perf_event_mlock,
1126 .maxlen = sizeof(sysctl_perf_event_mlock),
1127 .mode = 0644,
1128 .proc_handler = proc_dointvec,
1129 },
1130 {
1131 .procname = "perf_event_max_sample_rate",
1132 .data = &sysctl_perf_event_sample_rate,
1133 .maxlen = sizeof(sysctl_perf_event_sample_rate),
1134 .mode = 0644,
1135 .proc_handler = perf_proc_update_handler,
1136 .extra1 = &one,
1137 },
1138 {
1139 .procname = "perf_cpu_time_max_percent",
1140 .data = &sysctl_perf_cpu_time_max_percent,
1141 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent),
1142 .mode = 0644,
1143 .proc_handler = perf_cpu_time_max_percent_handler,
1144 .extra1 = &zero,
1145 .extra2 = &one_hundred,
1146 },
1147 #endif
1148 #ifdef CONFIG_KMEMCHECK
1149 {
1150 .procname = "kmemcheck",
1151 .data = &kmemcheck_enabled,
1152 .maxlen = sizeof(int),
1153 .mode = 0644,
1154 .proc_handler = proc_dointvec,
1155 },
1156 #endif
1157 {
1158 .procname = "panic_on_warn",
1159 .data = &panic_on_warn,
1160 .maxlen = sizeof(int),
1161 .mode = 0644,
1162 .proc_handler = proc_dointvec_minmax,
1163 .extra1 = &zero,
1164 .extra2 = &one,
1165 },
1166 #if defined(CONFIG_SMP) && defined(CONFIG_NO_HZ_COMMON)
1167 {
1168 .procname = "timer_migration",
1169 .data = &sysctl_timer_migration,
1170 .maxlen = sizeof(unsigned int),
1171 .mode = 0644,
1172 .proc_handler = timer_migration_handler,
1173 },
1174 #endif
1175 #ifdef CONFIG_BPF_SYSCALL
1176 {
1177 .procname = "unprivileged_bpf_disabled",
1178 .data = &sysctl_unprivileged_bpf_disabled,
1179 .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
1180 .mode = 0644,
1181 /* only handle a transition from default "0" to "1" */
1182 .proc_handler = proc_dointvec_minmax,
1183 .extra1 = &one,
1184 .extra2 = &one,
1185 },
1186 #endif
1187 { }
1188 };
1189
1190 static struct ctl_table vm_table[] = {
1191 {
1192 .procname = "overcommit_memory",
1193 .data = &sysctl_overcommit_memory,
1194 .maxlen = sizeof(sysctl_overcommit_memory),
1195 .mode = 0644,
1196 .proc_handler = proc_dointvec_minmax,
1197 .extra1 = &zero,
1198 .extra2 = &two,
1199 },
1200 {
1201 .procname = "panic_on_oom",
1202 .data = &sysctl_panic_on_oom,
1203 .maxlen = sizeof(sysctl_panic_on_oom),
1204 .mode = 0644,
1205 .proc_handler = proc_dointvec_minmax,
1206 .extra1 = &zero,
1207 .extra2 = &two,
1208 },
1209 {
1210 .procname = "oom_kill_allocating_task",
1211 .data = &sysctl_oom_kill_allocating_task,
1212 .maxlen = sizeof(sysctl_oom_kill_allocating_task),
1213 .mode = 0644,
1214 .proc_handler = proc_dointvec,
1215 },
1216 {
1217 .procname = "oom_dump_tasks",
1218 .data = &sysctl_oom_dump_tasks,
1219 .maxlen = sizeof(sysctl_oom_dump_tasks),
1220 .mode = 0644,
1221 .proc_handler = proc_dointvec,
1222 },
1223 {
1224 .procname = "overcommit_ratio",
1225 .data = &sysctl_overcommit_ratio,
1226 .maxlen = sizeof(sysctl_overcommit_ratio),
1227 .mode = 0644,
1228 .proc_handler = overcommit_ratio_handler,
1229 },
1230 {
1231 .procname = "overcommit_kbytes",
1232 .data = &sysctl_overcommit_kbytes,
1233 .maxlen = sizeof(sysctl_overcommit_kbytes),
1234 .mode = 0644,
1235 .proc_handler = overcommit_kbytes_handler,
1236 },
1237 {
1238 .procname = "page-cluster",
1239 .data = &page_cluster,
1240 .maxlen = sizeof(int),
1241 .mode = 0644,
1242 .proc_handler = proc_dointvec_minmax,
1243 .extra1 = &zero,
1244 },
1245 {
1246 .procname = "dirty_background_ratio",
1247 .data = &dirty_background_ratio,
1248 .maxlen = sizeof(dirty_background_ratio),
1249 .mode = 0644,
1250 .proc_handler = dirty_background_ratio_handler,
1251 .extra1 = &zero,
1252 .extra2 = &one_hundred,
1253 },
1254 {
1255 .procname = "dirty_background_bytes",
1256 .data = &dirty_background_bytes,
1257 .maxlen = sizeof(dirty_background_bytes),
1258 .mode = 0644,
1259 .proc_handler = dirty_background_bytes_handler,
1260 .extra1 = &one_ul,
1261 },
1262 {
1263 .procname = "dirty_ratio",
1264 .data = &vm_dirty_ratio,
1265 .maxlen = sizeof(vm_dirty_ratio),
1266 .mode = 0644,
1267 .proc_handler = dirty_ratio_handler,
1268 .extra1 = &zero,
1269 .extra2 = &one_hundred,
1270 },
1271 {
1272 .procname = "dirty_bytes",
1273 .data = &vm_dirty_bytes,
1274 .maxlen = sizeof(vm_dirty_bytes),
1275 .mode = 0644,
1276 .proc_handler = dirty_bytes_handler,
1277 .extra1 = &dirty_bytes_min,
1278 },
1279 {
1280 .procname = "dirty_writeback_centisecs",
1281 .data = &dirty_writeback_interval,
1282 .maxlen = sizeof(dirty_writeback_interval),
1283 .mode = 0644,
1284 .proc_handler = dirty_writeback_centisecs_handler,
1285 },
1286 {
1287 .procname = "dirty_expire_centisecs",
1288 .data = &dirty_expire_interval,
1289 .maxlen = sizeof(dirty_expire_interval),
1290 .mode = 0644,
1291 .proc_handler = proc_dointvec_minmax,
1292 .extra1 = &zero,
1293 },
1294 {
1295 .procname = "dirtytime_expire_seconds",
1296 .data = &dirtytime_expire_interval,
1297 .maxlen = sizeof(dirty_expire_interval),
1298 .mode = 0644,
1299 .proc_handler = dirtytime_interval_handler,
1300 .extra1 = &zero,
1301 },
1302 {
1303 .procname = "nr_pdflush_threads",
1304 .mode = 0444 /* read-only */,
1305 .proc_handler = pdflush_proc_obsolete,
1306 },
1307 {
1308 .procname = "swappiness",
1309 .data = &vm_swappiness,
1310 .maxlen = sizeof(vm_swappiness),
1311 .mode = 0644,
1312 .proc_handler = proc_dointvec_minmax,
1313 .extra1 = &zero,
1314 .extra2 = &one_hundred,
1315 },
1316 #ifdef CONFIG_HUGETLB_PAGE
1317 {
1318 .procname = "nr_hugepages",
1319 .data = NULL,
1320 .maxlen = sizeof(unsigned long),
1321 .mode = 0644,
1322 .proc_handler = hugetlb_sysctl_handler,
1323 },
1324 #ifdef CONFIG_NUMA
1325 {
1326 .procname = "nr_hugepages_mempolicy",
1327 .data = NULL,
1328 .maxlen = sizeof(unsigned long),
1329 .mode = 0644,
1330 .proc_handler = &hugetlb_mempolicy_sysctl_handler,
1331 },
1332 #endif
1333 {
1334 .procname = "hugetlb_shm_group",
1335 .data = &sysctl_hugetlb_shm_group,
1336 .maxlen = sizeof(gid_t),
1337 .mode = 0644,
1338 .proc_handler = proc_dointvec,
1339 },
1340 {
1341 .procname = "hugepages_treat_as_movable",
1342 .data = &hugepages_treat_as_movable,
1343 .maxlen = sizeof(int),
1344 .mode = 0644,
1345 .proc_handler = proc_dointvec,
1346 },
1347 {
1348 .procname = "nr_overcommit_hugepages",
1349 .data = NULL,
1350 .maxlen = sizeof(unsigned long),
1351 .mode = 0644,
1352 .proc_handler = hugetlb_overcommit_handler,
1353 },
1354 #endif
1355 {
1356 .procname = "lowmem_reserve_ratio",
1357 .data = &sysctl_lowmem_reserve_ratio,
1358 .maxlen = sizeof(sysctl_lowmem_reserve_ratio),
1359 .mode = 0644,
1360 .proc_handler = lowmem_reserve_ratio_sysctl_handler,
1361 },
1362 {
1363 .procname = "drop_caches",
1364 .data = &sysctl_drop_caches,
1365 .maxlen = sizeof(int),
1366 .mode = 0644,
1367 .proc_handler = drop_caches_sysctl_handler,
1368 .extra1 = &one,
1369 .extra2 = &four,
1370 },
1371 #ifdef CONFIG_COMPACTION
1372 {
1373 .procname = "compact_memory",
1374 .data = &sysctl_compact_memory,
1375 .maxlen = sizeof(int),
1376 .mode = 0200,
1377 .proc_handler = sysctl_compaction_handler,
1378 },
1379 {
1380 .procname = "extfrag_threshold",
1381 .data = &sysctl_extfrag_threshold,
1382 .maxlen = sizeof(int),
1383 .mode = 0644,
1384 .proc_handler = sysctl_extfrag_handler,
1385 .extra1 = &min_extfrag_threshold,
1386 .extra2 = &max_extfrag_threshold,
1387 },
1388 {
1389 .procname = "compact_unevictable_allowed",
1390 .data = &sysctl_compact_unevictable_allowed,
1391 .maxlen = sizeof(int),
1392 .mode = 0644,
1393 .proc_handler = proc_dointvec,
1394 .extra1 = &zero,
1395 .extra2 = &one,
1396 },
1397
1398 #endif /* CONFIG_COMPACTION */
1399 {
1400 .procname = "min_free_kbytes",
1401 .data = &min_free_kbytes,
1402 .maxlen = sizeof(min_free_kbytes),
1403 .mode = 0644,
1404 .proc_handler = min_free_kbytes_sysctl_handler,
1405 .extra1 = &zero,
1406 },
1407 {
1408 .procname = "percpu_pagelist_fraction",
1409 .data = &percpu_pagelist_fraction,
1410 .maxlen = sizeof(percpu_pagelist_fraction),
1411 .mode = 0644,
1412 .proc_handler = percpu_pagelist_fraction_sysctl_handler,
1413 .extra1 = &zero,
1414 },
1415 #ifdef CONFIG_MMU
1416 {
1417 .procname = "max_map_count",
1418 .data = &sysctl_max_map_count,
1419 .maxlen = sizeof(sysctl_max_map_count),
1420 .mode = 0644,
1421 .proc_handler = proc_dointvec_minmax,
1422 .extra1 = &zero,
1423 },
1424 #else
1425 {
1426 .procname = "nr_trim_pages",
1427 .data = &sysctl_nr_trim_pages,
1428 .maxlen = sizeof(sysctl_nr_trim_pages),
1429 .mode = 0644,
1430 .proc_handler = proc_dointvec_minmax,
1431 .extra1 = &zero,
1432 },
1433 #endif
1434 {
1435 .procname = "laptop_mode",
1436 .data = &laptop_mode,
1437 .maxlen = sizeof(laptop_mode),
1438 .mode = 0644,
1439 .proc_handler = proc_dointvec_jiffies,
1440 },
1441 {
1442 .procname = "block_dump",
1443 .data = &block_dump,
1444 .maxlen = sizeof(block_dump),
1445 .mode = 0644,
1446 .proc_handler = proc_dointvec,
1447 .extra1 = &zero,
1448 },
1449 {
1450 .procname = "vfs_cache_pressure",
1451 .data = &sysctl_vfs_cache_pressure,
1452 .maxlen = sizeof(sysctl_vfs_cache_pressure),
1453 .mode = 0644,
1454 .proc_handler = proc_dointvec,
1455 .extra1 = &zero,
1456 },
1457 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
1458 {
1459 .procname = "legacy_va_layout",
1460 .data = &sysctl_legacy_va_layout,
1461 .maxlen = sizeof(sysctl_legacy_va_layout),
1462 .mode = 0644,
1463 .proc_handler = proc_dointvec,
1464 .extra1 = &zero,
1465 },
1466 #endif
1467 #ifdef CONFIG_NUMA
1468 {
1469 .procname = "zone_reclaim_mode",
1470 .data = &zone_reclaim_mode,
1471 .maxlen = sizeof(zone_reclaim_mode),
1472 .mode = 0644,
1473 .proc_handler = proc_dointvec,
1474 .extra1 = &zero,
1475 },
1476 {
1477 .procname = "min_unmapped_ratio",
1478 .data = &sysctl_min_unmapped_ratio,
1479 .maxlen = sizeof(sysctl_min_unmapped_ratio),
1480 .mode = 0644,
1481 .proc_handler = sysctl_min_unmapped_ratio_sysctl_handler,
1482 .extra1 = &zero,
1483 .extra2 = &one_hundred,
1484 },
1485 {
1486 .procname = "min_slab_ratio",
1487 .data = &sysctl_min_slab_ratio,
1488 .maxlen = sizeof(sysctl_min_slab_ratio),
1489 .mode = 0644,
1490 .proc_handler = sysctl_min_slab_ratio_sysctl_handler,
1491 .extra1 = &zero,
1492 .extra2 = &one_hundred,
1493 },
1494 #endif
1495 #ifdef CONFIG_SMP
1496 {
1497 .procname = "stat_interval",
1498 .data = &sysctl_stat_interval,
1499 .maxlen = sizeof(sysctl_stat_interval),
1500 .mode = 0644,
1501 .proc_handler = proc_dointvec_jiffies,
1502 },
1503 #endif
1504 #ifdef CONFIG_MMU
1505 {
1506 .procname = "mmap_min_addr",
1507 .data = &dac_mmap_min_addr,
1508 .maxlen = sizeof(unsigned long),
1509 .mode = 0644,
1510 .proc_handler = mmap_min_addr_handler,
1511 },
1512 #endif
1513 #ifdef CONFIG_NUMA
1514 {
1515 .procname = "numa_zonelist_order",
1516 .data = &numa_zonelist_order,
1517 .maxlen = NUMA_ZONELIST_ORDER_LEN,
1518 .mode = 0644,
1519 .proc_handler = numa_zonelist_order_handler,
1520 },
1521 #endif
1522 #if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \
1523 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL))
1524 {
1525 .procname = "vdso_enabled",
1526 #ifdef CONFIG_X86_32
1527 .data = &vdso32_enabled,
1528 .maxlen = sizeof(vdso32_enabled),
1529 #else
1530 .data = &vdso_enabled,
1531 .maxlen = sizeof(vdso_enabled),
1532 #endif
1533 .mode = 0644,
1534 .proc_handler = proc_dointvec,
1535 .extra1 = &zero,
1536 },
1537 #endif
1538 #ifdef CONFIG_HIGHMEM
1539 {
1540 .procname = "highmem_is_dirtyable",
1541 .data = &vm_highmem_is_dirtyable,
1542 .maxlen = sizeof(vm_highmem_is_dirtyable),
1543 .mode = 0644,
1544 .proc_handler = proc_dointvec_minmax,
1545 .extra1 = &zero,
1546 .extra2 = &one,
1547 },
1548 #endif
1549 #ifdef CONFIG_MEMORY_FAILURE
1550 {
1551 .procname = "memory_failure_early_kill",
1552 .data = &sysctl_memory_failure_early_kill,
1553 .maxlen = sizeof(sysctl_memory_failure_early_kill),
1554 .mode = 0644,
1555 .proc_handler = proc_dointvec_minmax,
1556 .extra1 = &zero,
1557 .extra2 = &one,
1558 },
1559 {
1560 .procname = "memory_failure_recovery",
1561 .data = &sysctl_memory_failure_recovery,
1562 .maxlen = sizeof(sysctl_memory_failure_recovery),
1563 .mode = 0644,
1564 .proc_handler = proc_dointvec_minmax,
1565 .extra1 = &zero,
1566 .extra2 = &one,
1567 },
1568 #endif
1569 {
1570 .procname = "user_reserve_kbytes",
1571 .data = &sysctl_user_reserve_kbytes,
1572 .maxlen = sizeof(sysctl_user_reserve_kbytes),
1573 .mode = 0644,
1574 .proc_handler = proc_doulongvec_minmax,
1575 },
1576 {
1577 .procname = "admin_reserve_kbytes",
1578 .data = &sysctl_admin_reserve_kbytes,
1579 .maxlen = sizeof(sysctl_admin_reserve_kbytes),
1580 .mode = 0644,
1581 .proc_handler = proc_doulongvec_minmax,
1582 },
1583 { }
1584 };
1585
1586 static struct ctl_table fs_table[] = {
1587 {
1588 .procname = "inode-nr",
1589 .data = &inodes_stat,
1590 .maxlen = 2*sizeof(long),
1591 .mode = 0444,
1592 .proc_handler = proc_nr_inodes,
1593 },
1594 {
1595 .procname = "inode-state",
1596 .data = &inodes_stat,
1597 .maxlen = 7*sizeof(long),
1598 .mode = 0444,
1599 .proc_handler = proc_nr_inodes,
1600 },
1601 {
1602 .procname = "file-nr",
1603 .data = &files_stat,
1604 .maxlen = sizeof(files_stat),
1605 .mode = 0444,
1606 .proc_handler = proc_nr_files,
1607 },
1608 {
1609 .procname = "file-max",
1610 .data = &files_stat.max_files,
1611 .maxlen = sizeof(files_stat.max_files),
1612 .mode = 0644,
1613 .proc_handler = proc_doulongvec_minmax,
1614 },
1615 {
1616 .procname = "nr_open",
1617 .data = &sysctl_nr_open,
1618 .maxlen = sizeof(int),
1619 .mode = 0644,
1620 .proc_handler = proc_dointvec_minmax,
1621 .extra1 = &sysctl_nr_open_min,
1622 .extra2 = &sysctl_nr_open_max,
1623 },
1624 {
1625 .procname = "dentry-state",
1626 .data = &dentry_stat,
1627 .maxlen = 6*sizeof(long),
1628 .mode = 0444,
1629 .proc_handler = proc_nr_dentry,
1630 },
1631 {
1632 .procname = "overflowuid",
1633 .data = &fs_overflowuid,
1634 .maxlen = sizeof(int),
1635 .mode = 0644,
1636 .proc_handler = proc_dointvec_minmax,
1637 .extra1 = &minolduid,
1638 .extra2 = &maxolduid,
1639 },
1640 {
1641 .procname = "overflowgid",
1642 .data = &fs_overflowgid,
1643 .maxlen = sizeof(int),
1644 .mode = 0644,
1645 .proc_handler = proc_dointvec_minmax,
1646 .extra1 = &minolduid,
1647 .extra2 = &maxolduid,
1648 },
1649 #ifdef CONFIG_FILE_LOCKING
1650 {
1651 .procname = "leases-enable",
1652 .data = &leases_enable,
1653 .maxlen = sizeof(int),
1654 .mode = 0644,
1655 .proc_handler = proc_dointvec,
1656 },
1657 #endif
1658 #ifdef CONFIG_DNOTIFY
1659 {
1660 .procname = "dir-notify-enable",
1661 .data = &dir_notify_enable,
1662 .maxlen = sizeof(int),
1663 .mode = 0644,
1664 .proc_handler = proc_dointvec,
1665 },
1666 #endif
1667 #ifdef CONFIG_MMU
1668 #ifdef CONFIG_FILE_LOCKING
1669 {
1670 .procname = "lease-break-time",
1671 .data = &lease_break_time,
1672 .maxlen = sizeof(int),
1673 .mode = 0644,
1674 .proc_handler = proc_dointvec,
1675 },
1676 #endif
1677 #ifdef CONFIG_AIO
1678 {
1679 .procname = "aio-nr",
1680 .data = &aio_nr,
1681 .maxlen = sizeof(aio_nr),
1682 .mode = 0444,
1683 .proc_handler = proc_doulongvec_minmax,
1684 },
1685 {
1686 .procname = "aio-max-nr",
1687 .data = &aio_max_nr,
1688 .maxlen = sizeof(aio_max_nr),
1689 .mode = 0644,
1690 .proc_handler = proc_doulongvec_minmax,
1691 },
1692 #endif /* CONFIG_AIO */
1693 #ifdef CONFIG_INOTIFY_USER
1694 {
1695 .procname = "inotify",
1696 .mode = 0555,
1697 .child = inotify_table,
1698 },
1699 #endif
1700 #ifdef CONFIG_EPOLL
1701 {
1702 .procname = "epoll",
1703 .mode = 0555,
1704 .child = epoll_table,
1705 },
1706 #endif
1707 #endif
1708 {
1709 .procname = "protected_symlinks",
1710 .data = &sysctl_protected_symlinks,
1711 .maxlen = sizeof(int),
1712 .mode = 0600,
1713 .proc_handler = proc_dointvec_minmax,
1714 .extra1 = &zero,
1715 .extra2 = &one,
1716 },
1717 {
1718 .procname = "protected_hardlinks",
1719 .data = &sysctl_protected_hardlinks,
1720 .maxlen = sizeof(int),
1721 .mode = 0600,
1722 .proc_handler = proc_dointvec_minmax,
1723 .extra1 = &zero,
1724 .extra2 = &one,
1725 },
1726 {
1727 .procname = "suid_dumpable",
1728 .data = &suid_dumpable,
1729 .maxlen = sizeof(int),
1730 .mode = 0644,
1731 .proc_handler = proc_dointvec_minmax_coredump,
1732 .extra1 = &zero,
1733 .extra2 = &two,
1734 },
1735 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE)
1736 {
1737 .procname = "binfmt_misc",
1738 .mode = 0555,
1739 .child = sysctl_mount_point,
1740 },
1741 #endif
1742 {
1743 .procname = "pipe-max-size",
1744 .data = &pipe_max_size,
1745 .maxlen = sizeof(int),
1746 .mode = 0644,
1747 .proc_handler = &pipe_proc_fn,
1748 .extra1 = &pipe_min_size,
1749 },
1750 { }
1751 };
1752
1753 static struct ctl_table debug_table[] = {
1754 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE
1755 {
1756 .procname = "exception-trace",
1757 .data = &show_unhandled_signals,
1758 .maxlen = sizeof(int),
1759 .mode = 0644,
1760 .proc_handler = proc_dointvec
1761 },
1762 #endif
1763 #if defined(CONFIG_OPTPROBES)
1764 {
1765 .procname = "kprobes-optimization",
1766 .data = &sysctl_kprobes_optimization,
1767 .maxlen = sizeof(int),
1768 .mode = 0644,
1769 .proc_handler = proc_kprobes_optimization_handler,
1770 .extra1 = &zero,
1771 .extra2 = &one,
1772 },
1773 #endif
1774 { }
1775 };
1776
1777 static struct ctl_table dev_table[] = {
1778 { }
1779 };
1780
1781 int __init sysctl_init(void)
1782 {
1783 struct ctl_table_header *hdr;
1784
1785 hdr = register_sysctl_table(sysctl_base_table);
1786 kmemleak_not_leak(hdr);
1787 return 0;
1788 }
1789
1790 #endif /* CONFIG_SYSCTL */
1791
1792 /*
1793 * /proc/sys support
1794 */
1795
1796 #ifdef CONFIG_PROC_SYSCTL
1797
1798 static int _proc_do_string(char *data, int maxlen, int write,
1799 char __user *buffer,
1800 size_t *lenp, loff_t *ppos)
1801 {
1802 size_t len;
1803 char __user *p;
1804 char c;
1805
1806 if (!data || !maxlen || !*lenp) {
1807 *lenp = 0;
1808 return 0;
1809 }
1810
1811 if (write) {
1812 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) {
1813 /* Only continue writes not past the end of buffer. */
1814 len = strlen(data);
1815 if (len > maxlen - 1)
1816 len = maxlen - 1;
1817
1818 if (*ppos > len)
1819 return 0;
1820 len = *ppos;
1821 } else {
1822 /* Start writing from beginning of buffer. */
1823 len = 0;
1824 }
1825
1826 *ppos += *lenp;
1827 p = buffer;
1828 while ((p - buffer) < *lenp && len < maxlen - 1) {
1829 if (get_user(c, p++))
1830 return -EFAULT;
1831 if (c == 0 || c == '\n')
1832 break;
1833 data[len++] = c;
1834 }
1835 data[len] = 0;
1836 } else {
1837 len = strlen(data);
1838 if (len > maxlen)
1839 len = maxlen;
1840
1841 if (*ppos > len) {
1842 *lenp = 0;
1843 return 0;
1844 }
1845
1846 data += *ppos;
1847 len -= *ppos;
1848
1849 if (len > *lenp)
1850 len = *lenp;
1851 if (len)
1852 if (copy_to_user(buffer, data, len))
1853 return -EFAULT;
1854 if (len < *lenp) {
1855 if (put_user('\n', buffer + len))
1856 return -EFAULT;
1857 len++;
1858 }
1859 *lenp = len;
1860 *ppos += len;
1861 }
1862 return 0;
1863 }
1864
1865 static void warn_sysctl_write(struct ctl_table *table)
1866 {
1867 pr_warn_once("%s wrote to %s when file position was not 0!\n"
1868 "This will not be supported in the future. To silence this\n"
1869 "warning, set kernel.sysctl_writes_strict = -1\n",
1870 current->comm, table->procname);
1871 }
1872
1873 /**
1874 * proc_dostring - read a string sysctl
1875 * @table: the sysctl table
1876 * @write: %TRUE if this is a write to the sysctl file
1877 * @buffer: the user buffer
1878 * @lenp: the size of the user buffer
1879 * @ppos: file position
1880 *
1881 * Reads/writes a string from/to the user buffer. If the kernel
1882 * buffer provided is not large enough to hold the string, the
1883 * string is truncated. The copied string is %NULL-terminated.
1884 * If the string is being read by the user process, it is copied
1885 * and a newline '\n' is added. It is truncated if the buffer is
1886 * not large enough.
1887 *
1888 * Returns 0 on success.
1889 */
1890 int proc_dostring(struct ctl_table *table, int write,
1891 void __user *buffer, size_t *lenp, loff_t *ppos)
1892 {
1893 if (write && *ppos && sysctl_writes_strict == SYSCTL_WRITES_WARN)
1894 warn_sysctl_write(table);
1895
1896 return _proc_do_string((char *)(table->data), table->maxlen, write,
1897 (char __user *)buffer, lenp, ppos);
1898 }
1899
1900 static size_t proc_skip_spaces(char **buf)
1901 {
1902 size_t ret;
1903 char *tmp = skip_spaces(*buf);
1904 ret = tmp - *buf;
1905 *buf = tmp;
1906 return ret;
1907 }
1908
1909 static void proc_skip_char(char **buf, size_t *size, const char v)
1910 {
1911 while (*size) {
1912 if (**buf != v)
1913 break;
1914 (*size)--;
1915 (*buf)++;
1916 }
1917 }
1918
1919 #define TMPBUFLEN 22
1920 /**
1921 * proc_get_long - reads an ASCII formatted integer from a user buffer
1922 *
1923 * @buf: a kernel buffer
1924 * @size: size of the kernel buffer
1925 * @val: this is where the number will be stored
1926 * @neg: set to %TRUE if number is negative
1927 * @perm_tr: a vector which contains the allowed trailers
1928 * @perm_tr_len: size of the perm_tr vector
1929 * @tr: pointer to store the trailer character
1930 *
1931 * In case of success %0 is returned and @buf and @size are updated with
1932 * the amount of bytes read. If @tr is non-NULL and a trailing
1933 * character exists (size is non-zero after returning from this
1934 * function), @tr is updated with the trailing character.
1935 */
1936 static int proc_get_long(char **buf, size_t *size,
1937 unsigned long *val, bool *neg,
1938 const char *perm_tr, unsigned perm_tr_len, char *tr)
1939 {
1940 int len;
1941 char *p, tmp[TMPBUFLEN];
1942
1943 if (!*size)
1944 return -EINVAL;
1945
1946 len = *size;
1947 if (len > TMPBUFLEN - 1)
1948 len = TMPBUFLEN - 1;
1949
1950 memcpy(tmp, *buf, len);
1951
1952 tmp[len] = 0;
1953 p = tmp;
1954 if (*p == '-' && *size > 1) {
1955 *neg = true;
1956 p++;
1957 } else
1958 *neg = false;
1959 if (!isdigit(*p))
1960 return -EINVAL;
1961
1962 *val = simple_strtoul(p, &p, 0);
1963
1964 len = p - tmp;
1965
1966 /* We don't know if the next char is whitespace thus we may accept
1967 * invalid integers (e.g. 1234...a) or two integers instead of one
1968 * (e.g. 123...1). So lets not allow such large numbers. */
1969 if (len == TMPBUFLEN - 1)
1970 return -EINVAL;
1971
1972 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
1973 return -EINVAL;
1974
1975 if (tr && (len < *size))
1976 *tr = *p;
1977
1978 *buf += len;
1979 *size -= len;
1980
1981 return 0;
1982 }
1983
1984 /**
1985 * proc_put_long - converts an integer to a decimal ASCII formatted string
1986 *
1987 * @buf: the user buffer
1988 * @size: the size of the user buffer
1989 * @val: the integer to be converted
1990 * @neg: sign of the number, %TRUE for negative
1991 *
1992 * In case of success %0 is returned and @buf and @size are updated with
1993 * the amount of bytes written.
1994 */
1995 static int proc_put_long(void __user **buf, size_t *size, unsigned long val,
1996 bool neg)
1997 {
1998 int len;
1999 char tmp[TMPBUFLEN], *p = tmp;
2000
2001 sprintf(p, "%s%lu", neg ? "-" : "", val);
2002 len = strlen(tmp);
2003 if (len > *size)
2004 len = *size;
2005 if (copy_to_user(*buf, tmp, len))
2006 return -EFAULT;
2007 *size -= len;
2008 *buf += len;
2009 return 0;
2010 }
2011 #undef TMPBUFLEN
2012
2013 static int proc_put_char(void __user **buf, size_t *size, char c)
2014 {
2015 if (*size) {
2016 char __user **buffer = (char __user **)buf;
2017 if (put_user(c, *buffer))
2018 return -EFAULT;
2019 (*size)--, (*buffer)++;
2020 *buf = *buffer;
2021 }
2022 return 0;
2023 }
2024
2025 static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
2026 int *valp,
2027 int write, void *data)
2028 {
2029 if (write) {
2030 if (*negp) {
2031 if (*lvalp > (unsigned long) INT_MAX + 1)
2032 return -EINVAL;
2033 *valp = -*lvalp;
2034 } else {
2035 if (*lvalp > (unsigned long) INT_MAX)
2036 return -EINVAL;
2037 *valp = *lvalp;
2038 }
2039 } else {
2040 int val = *valp;
2041 if (val < 0) {
2042 *negp = true;
2043 *lvalp = -(unsigned long)val;
2044 } else {
2045 *negp = false;
2046 *lvalp = (unsigned long)val;
2047 }
2048 }
2049 return 0;
2050 }
2051
2052 static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
2053
2054 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
2055 int write, void __user *buffer,
2056 size_t *lenp, loff_t *ppos,
2057 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
2058 int write, void *data),
2059 void *data)
2060 {
2061 int *i, vleft, first = 1, err = 0;
2062 unsigned long page = 0;
2063 size_t left;
2064 char *kbuf;
2065
2066 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
2067 *lenp = 0;
2068 return 0;
2069 }
2070
2071 i = (int *) tbl_data;
2072 vleft = table->maxlen / sizeof(*i);
2073 left = *lenp;
2074
2075 if (!conv)
2076 conv = do_proc_dointvec_conv;
2077
2078 if (write) {
2079 if (*ppos) {
2080 switch (sysctl_writes_strict) {
2081 case SYSCTL_WRITES_STRICT:
2082 goto out;
2083 case SYSCTL_WRITES_WARN:
2084 warn_sysctl_write(table);
2085 break;
2086 default:
2087 break;
2088 }
2089 }
2090
2091 if (left > PAGE_SIZE - 1)
2092 left = PAGE_SIZE - 1;
2093 page = __get_free_page(GFP_TEMPORARY);
2094 kbuf = (char *) page;
2095 if (!kbuf)
2096 return -ENOMEM;
2097 if (copy_from_user(kbuf, buffer, left)) {
2098 err = -EFAULT;
2099 goto free;
2100 }
2101 kbuf[left] = 0;
2102 }
2103
2104 for (; left && vleft--; i++, first=0) {
2105 unsigned long lval;
2106 bool neg;
2107
2108 if (write) {
2109 left -= proc_skip_spaces(&kbuf);
2110
2111 if (!left)
2112 break;
2113 err = proc_get_long(&kbuf, &left, &lval, &neg,
2114 proc_wspace_sep,
2115 sizeof(proc_wspace_sep), NULL);
2116 if (err)
2117 break;
2118 if (conv(&neg, &lval, i, 1, data)) {
2119 err = -EINVAL;
2120 break;
2121 }
2122 } else {
2123 if (conv(&neg, &lval, i, 0, data)) {
2124 err = -EINVAL;
2125 break;
2126 }
2127 if (!first)
2128 err = proc_put_char(&buffer, &left, '\t');
2129 if (err)
2130 break;
2131 err = proc_put_long(&buffer, &left, lval, neg);
2132 if (err)
2133 break;
2134 }
2135 }
2136
2137 if (!write && !first && left && !err)
2138 err = proc_put_char(&buffer, &left, '\n');
2139 if (write && !err && left)
2140 left -= proc_skip_spaces(&kbuf);
2141 free:
2142 if (write) {
2143 free_page(page);
2144 if (first)
2145 return err ? : -EINVAL;
2146 }
2147 *lenp -= left;
2148 out:
2149 *ppos += *lenp;
2150 return err;
2151 }
2152
2153 static int do_proc_dointvec(struct ctl_table *table, int write,
2154 void __user *buffer, size_t *lenp, loff_t *ppos,
2155 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
2156 int write, void *data),
2157 void *data)
2158 {
2159 return __do_proc_dointvec(table->data, table, write,
2160 buffer, lenp, ppos, conv, data);
2161 }
2162
2163 /**
2164 * proc_dointvec - read a vector of integers
2165 * @table: the sysctl table
2166 * @write: %TRUE if this is a write to the sysctl file
2167 * @buffer: the user buffer
2168 * @lenp: the size of the user buffer
2169 * @ppos: file position
2170 *
2171 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2172 * values from/to the user buffer, treated as an ASCII string.
2173 *
2174 * Returns 0 on success.
2175 */
2176 int proc_dointvec(struct ctl_table *table, int write,
2177 void __user *buffer, size_t *lenp, loff_t *ppos)
2178 {
2179 return do_proc_dointvec(table,write,buffer,lenp,ppos,
2180 NULL,NULL);
2181 }
2182
2183 /*
2184 * Taint values can only be increased
2185 * This means we can safely use a temporary.
2186 */
2187 static int proc_taint(struct ctl_table *table, int write,
2188 void __user *buffer, size_t *lenp, loff_t *ppos)
2189 {
2190 struct ctl_table t;
2191 unsigned long tmptaint = get_taint();
2192 int err;
2193
2194 if (write && !capable(CAP_SYS_ADMIN))
2195 return -EPERM;
2196
2197 t = *table;
2198 t.data = &tmptaint;
2199 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
2200 if (err < 0)
2201 return err;
2202
2203 if (write) {
2204 /*
2205 * Poor man's atomic or. Not worth adding a primitive
2206 * to everyone's atomic.h for this
2207 */
2208 int i;
2209 for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) {
2210 if ((tmptaint >> i) & 1)
2211 add_taint(i, LOCKDEP_STILL_OK);
2212 }
2213 }
2214
2215 return err;
2216 }
2217
2218 #ifdef CONFIG_PRINTK
2219 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
2220 void __user *buffer, size_t *lenp, loff_t *ppos)
2221 {
2222 if (write && !capable(CAP_SYS_ADMIN))
2223 return -EPERM;
2224
2225 return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2226 }
2227 #endif
2228
2229 struct do_proc_dointvec_minmax_conv_param {
2230 int *min;
2231 int *max;
2232 };
2233
2234 static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
2235 int *valp,
2236 int write, void *data)
2237 {
2238 struct do_proc_dointvec_minmax_conv_param *param = data;
2239 if (write) {
2240 int val = *negp ? -*lvalp : *lvalp;
2241 if ((param->min && *param->min > val) ||
2242 (param->max && *param->max < val))
2243 return -EINVAL;
2244 *valp = val;
2245 } else {
2246 int val = *valp;
2247 if (val < 0) {
2248 *negp = true;
2249 *lvalp = -(unsigned long)val;
2250 } else {
2251 *negp = false;
2252 *lvalp = (unsigned long)val;
2253 }
2254 }
2255 return 0;
2256 }
2257
2258 /**
2259 * proc_dointvec_minmax - read a vector of integers with min/max values
2260 * @table: the sysctl table
2261 * @write: %TRUE if this is a write to the sysctl file
2262 * @buffer: the user buffer
2263 * @lenp: the size of the user buffer
2264 * @ppos: file position
2265 *
2266 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2267 * values from/to the user buffer, treated as an ASCII string.
2268 *
2269 * This routine will ensure the values are within the range specified by
2270 * table->extra1 (min) and table->extra2 (max).
2271 *
2272 * Returns 0 on success.
2273 */
2274 int proc_dointvec_minmax(struct ctl_table *table, int write,
2275 void __user *buffer, size_t *lenp, loff_t *ppos)
2276 {
2277 struct do_proc_dointvec_minmax_conv_param param = {
2278 .min = (int *) table->extra1,
2279 .max = (int *) table->extra2,
2280 };
2281 return do_proc_dointvec(table, write, buffer, lenp, ppos,
2282 do_proc_dointvec_minmax_conv, &param);
2283 }
2284
2285 static void validate_coredump_safety(void)
2286 {
2287 #ifdef CONFIG_COREDUMP
2288 if (suid_dumpable == SUID_DUMP_ROOT &&
2289 core_pattern[0] != '/' && core_pattern[0] != '|') {
2290 printk(KERN_WARNING "Unsafe core_pattern used with "\
2291 "suid_dumpable=2. Pipe handler or fully qualified "\
2292 "core dump path required.\n");
2293 }
2294 #endif
2295 }
2296
2297 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
2298 void __user *buffer, size_t *lenp, loff_t *ppos)
2299 {
2300 int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2301 if (!error)
2302 validate_coredump_safety();
2303 return error;
2304 }
2305
2306 #ifdef CONFIG_COREDUMP
2307 static int proc_dostring_coredump(struct ctl_table *table, int write,
2308 void __user *buffer, size_t *lenp, loff_t *ppos)
2309 {
2310 int error = proc_dostring(table, write, buffer, lenp, ppos);
2311 if (!error)
2312 validate_coredump_safety();
2313 return error;
2314 }
2315 #endif
2316
2317 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write,
2318 void __user *buffer,
2319 size_t *lenp, loff_t *ppos,
2320 unsigned long convmul,
2321 unsigned long convdiv)
2322 {
2323 unsigned long *i, *min, *max;
2324 int vleft, first = 1, err = 0;
2325 unsigned long page = 0;
2326 size_t left;
2327 char *kbuf;
2328
2329 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
2330 *lenp = 0;
2331 return 0;
2332 }
2333
2334 i = (unsigned long *) data;
2335 min = (unsigned long *) table->extra1;
2336 max = (unsigned long *) table->extra2;
2337 vleft = table->maxlen / sizeof(unsigned long);
2338 left = *lenp;
2339
2340 if (write) {
2341 if (*ppos) {
2342 switch (sysctl_writes_strict) {
2343 case SYSCTL_WRITES_STRICT:
2344 goto out;
2345 case SYSCTL_WRITES_WARN:
2346 warn_sysctl_write(table);
2347 break;
2348 default:
2349 break;
2350 }
2351 }
2352
2353 if (left > PAGE_SIZE - 1)
2354 left = PAGE_SIZE - 1;
2355 page = __get_free_page(GFP_TEMPORARY);
2356 kbuf = (char *) page;
2357 if (!kbuf)
2358 return -ENOMEM;
2359 if (copy_from_user(kbuf, buffer, left)) {
2360 err = -EFAULT;
2361 goto free;
2362 }
2363 kbuf[left] = 0;
2364 }
2365
2366 for (; left && vleft--; i++, first = 0) {
2367 unsigned long val;
2368
2369 if (write) {
2370 bool neg;
2371
2372 left -= proc_skip_spaces(&kbuf);
2373
2374 err = proc_get_long(&kbuf, &left, &val, &neg,
2375 proc_wspace_sep,
2376 sizeof(proc_wspace_sep), NULL);
2377 if (err)
2378 break;
2379 if (neg)
2380 continue;
2381 if ((min && val < *min) || (max && val > *max))
2382 continue;
2383 *i = val;
2384 } else {
2385 val = convdiv * (*i) / convmul;
2386 if (!first) {
2387 err = proc_put_char(&buffer, &left, '\t');
2388 if (err)
2389 break;
2390 }
2391 err = proc_put_long(&buffer, &left, val, false);
2392 if (err)
2393 break;
2394 }
2395 }
2396
2397 if (!write && !first && left && !err)
2398 err = proc_put_char(&buffer, &left, '\n');
2399 if (write && !err)
2400 left -= proc_skip_spaces(&kbuf);
2401 free:
2402 if (write) {
2403 free_page(page);
2404 if (first)
2405 return err ? : -EINVAL;
2406 }
2407 *lenp -= left;
2408 out:
2409 *ppos += *lenp;
2410 return err;
2411 }
2412
2413 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
2414 void __user *buffer,
2415 size_t *lenp, loff_t *ppos,
2416 unsigned long convmul,
2417 unsigned long convdiv)
2418 {
2419 return __do_proc_doulongvec_minmax(table->data, table, write,
2420 buffer, lenp, ppos, convmul, convdiv);
2421 }
2422
2423 /**
2424 * proc_doulongvec_minmax - read a vector of long integers with min/max values
2425 * @table: the sysctl table
2426 * @write: %TRUE if this is a write to the sysctl file
2427 * @buffer: the user buffer
2428 * @lenp: the size of the user buffer
2429 * @ppos: file position
2430 *
2431 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2432 * values from/to the user buffer, treated as an ASCII string.
2433 *
2434 * This routine will ensure the values are within the range specified by
2435 * table->extra1 (min) and table->extra2 (max).
2436 *
2437 * Returns 0 on success.
2438 */
2439 int proc_doulongvec_minmax(struct ctl_table *table, int write,
2440 void __user *buffer, size_t *lenp, loff_t *ppos)
2441 {
2442 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l);
2443 }
2444
2445 /**
2446 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values
2447 * @table: the sysctl table
2448 * @write: %TRUE if this is a write to the sysctl file
2449 * @buffer: the user buffer
2450 * @lenp: the size of the user buffer
2451 * @ppos: file position
2452 *
2453 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2454 * values from/to the user buffer, treated as an ASCII string. The values
2455 * are treated as milliseconds, and converted to jiffies when they are stored.
2456 *
2457 * This routine will ensure the values are within the range specified by
2458 * table->extra1 (min) and table->extra2 (max).
2459 *
2460 * Returns 0 on success.
2461 */
2462 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
2463 void __user *buffer,
2464 size_t *lenp, loff_t *ppos)
2465 {
2466 return do_proc_doulongvec_minmax(table, write, buffer,
2467 lenp, ppos, HZ, 1000l);
2468 }
2469
2470
2471 static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
2472 int *valp,
2473 int write, void *data)
2474 {
2475 if (write) {
2476 if (*lvalp > LONG_MAX / HZ)
2477 return 1;
2478 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ);
2479 } else {
2480 int val = *valp;
2481 unsigned long lval;
2482 if (val < 0) {
2483 *negp = true;
2484 lval = -(unsigned long)val;
2485 } else {
2486 *negp = false;
2487 lval = (unsigned long)val;
2488 }
2489 *lvalp = lval / HZ;
2490 }
2491 return 0;
2492 }
2493
2494 static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
2495 int *valp,
2496 int write, void *data)
2497 {
2498 if (write) {
2499 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ)
2500 return 1;
2501 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp);
2502 } else {
2503 int val = *valp;
2504 unsigned long lval;
2505 if (val < 0) {
2506 *negp = true;
2507 lval = -(unsigned long)val;
2508 } else {
2509 *negp = false;
2510 lval = (unsigned long)val;
2511 }
2512 *lvalp = jiffies_to_clock_t(lval);
2513 }
2514 return 0;
2515 }
2516
2517 static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
2518 int *valp,
2519 int write, void *data)
2520 {
2521 if (write) {
2522 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
2523
2524 if (jif > INT_MAX)
2525 return 1;
2526 *valp = (int)jif;
2527 } else {
2528 int val = *valp;
2529 unsigned long lval;
2530 if (val < 0) {
2531 *negp = true;
2532 lval = -(unsigned long)val;
2533 } else {
2534 *negp = false;
2535 lval = (unsigned long)val;
2536 }
2537 *lvalp = jiffies_to_msecs(lval);
2538 }
2539 return 0;
2540 }
2541
2542 /**
2543 * proc_dointvec_jiffies - read a vector of integers as seconds
2544 * @table: the sysctl table
2545 * @write: %TRUE if this is a write to the sysctl file
2546 * @buffer: the user buffer
2547 * @lenp: the size of the user buffer
2548 * @ppos: file position
2549 *
2550 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2551 * values from/to the user buffer, treated as an ASCII string.
2552 * The values read are assumed to be in seconds, and are converted into
2553 * jiffies.
2554 *
2555 * Returns 0 on success.
2556 */
2557 int proc_dointvec_jiffies(struct ctl_table *table, int write,
2558 void __user *buffer, size_t *lenp, loff_t *ppos)
2559 {
2560 return do_proc_dointvec(table,write,buffer,lenp,ppos,
2561 do_proc_dointvec_jiffies_conv,NULL);
2562 }
2563
2564 /**
2565 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds
2566 * @table: the sysctl table
2567 * @write: %TRUE if this is a write to the sysctl file
2568 * @buffer: the user buffer
2569 * @lenp: the size of the user buffer
2570 * @ppos: pointer to the file position
2571 *
2572 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2573 * values from/to the user buffer, treated as an ASCII string.
2574 * The values read are assumed to be in 1/USER_HZ seconds, and
2575 * are converted into jiffies.
2576 *
2577 * Returns 0 on success.
2578 */
2579 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
2580 void __user *buffer, size_t *lenp, loff_t *ppos)
2581 {
2582 return do_proc_dointvec(table,write,buffer,lenp,ppos,
2583 do_proc_dointvec_userhz_jiffies_conv,NULL);
2584 }
2585
2586 /**
2587 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds
2588 * @table: the sysctl table
2589 * @write: %TRUE if this is a write to the sysctl file
2590 * @buffer: the user buffer
2591 * @lenp: the size of the user buffer
2592 * @ppos: file position
2593 * @ppos: the current position in the file
2594 *
2595 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2596 * values from/to the user buffer, treated as an ASCII string.
2597 * The values read are assumed to be in 1/1000 seconds, and
2598 * are converted into jiffies.
2599 *
2600 * Returns 0 on success.
2601 */
2602 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
2603 void __user *buffer, size_t *lenp, loff_t *ppos)
2604 {
2605 return do_proc_dointvec(table, write, buffer, lenp, ppos,
2606 do_proc_dointvec_ms_jiffies_conv, NULL);
2607 }
2608
2609 static int proc_do_cad_pid(struct ctl_table *table, int write,
2610 void __user *buffer, size_t *lenp, loff_t *ppos)
2611 {
2612 struct pid *new_pid;
2613 pid_t tmp;
2614 int r;
2615
2616 tmp = pid_vnr(cad_pid);
2617
2618 r = __do_proc_dointvec(&tmp, table, write, buffer,
2619 lenp, ppos, NULL, NULL);
2620 if (r || !write)
2621 return r;
2622
2623 new_pid = find_get_pid(tmp);
2624 if (!new_pid)
2625 return -ESRCH;
2626
2627 put_pid(xchg(&cad_pid, new_pid));
2628 return 0;
2629 }
2630
2631 /**
2632 * proc_do_large_bitmap - read/write from/to a large bitmap
2633 * @table: the sysctl table
2634 * @write: %TRUE if this is a write to the sysctl file
2635 * @buffer: the user buffer
2636 * @lenp: the size of the user buffer
2637 * @ppos: file position
2638 *
2639 * The bitmap is stored at table->data and the bitmap length (in bits)
2640 * in table->maxlen.
2641 *
2642 * We use a range comma separated format (e.g. 1,3-4,10-10) so that
2643 * large bitmaps may be represented in a compact manner. Writing into
2644 * the file will clear the bitmap then update it with the given input.
2645 *
2646 * Returns 0 on success.
2647 */
2648 int proc_do_large_bitmap(struct ctl_table *table, int write,
2649 void __user *buffer, size_t *lenp, loff_t *ppos)
2650 {
2651 int err = 0;
2652 bool first = 1;
2653 size_t left = *lenp;
2654 unsigned long bitmap_len = table->maxlen;
2655 unsigned long *bitmap = *(unsigned long **) table->data;
2656 unsigned long *tmp_bitmap = NULL;
2657 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
2658
2659 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) {
2660 *lenp = 0;
2661 return 0;
2662 }
2663
2664 if (write) {
2665 unsigned long page = 0;
2666 char *kbuf;
2667
2668 if (left > PAGE_SIZE - 1)
2669 left = PAGE_SIZE - 1;
2670
2671 page = __get_free_page(GFP_TEMPORARY);
2672 kbuf = (char *) page;
2673 if (!kbuf)
2674 return -ENOMEM;
2675 if (copy_from_user(kbuf, buffer, left)) {
2676 free_page(page);
2677 return -EFAULT;
2678 }
2679 kbuf[left] = 0;
2680
2681 tmp_bitmap = kzalloc(BITS_TO_LONGS(bitmap_len) * sizeof(unsigned long),
2682 GFP_KERNEL);
2683 if (!tmp_bitmap) {
2684 free_page(page);
2685 return -ENOMEM;
2686 }
2687 proc_skip_char(&kbuf, &left, '\n');
2688 while (!err && left) {
2689 unsigned long val_a, val_b;
2690 bool neg;
2691
2692 err = proc_get_long(&kbuf, &left, &val_a, &neg, tr_a,
2693 sizeof(tr_a), &c);
2694 if (err)
2695 break;
2696 if (val_a >= bitmap_len || neg) {
2697 err = -EINVAL;
2698 break;
2699 }
2700
2701 val_b = val_a;
2702 if (left) {
2703 kbuf++;
2704 left--;
2705 }
2706
2707 if (c == '-') {
2708 err = proc_get_long(&kbuf, &left, &val_b,
2709 &neg, tr_b, sizeof(tr_b),
2710 &c);
2711 if (err)
2712 break;
2713 if (val_b >= bitmap_len || neg ||
2714 val_a > val_b) {
2715 err = -EINVAL;
2716 break;
2717 }
2718 if (left) {
2719 kbuf++;
2720 left--;
2721 }
2722 }
2723
2724 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1);
2725 first = 0;
2726 proc_skip_char(&kbuf, &left, '\n');
2727 }
2728 free_page(page);
2729 } else {
2730 unsigned long bit_a, bit_b = 0;
2731
2732 while (left) {
2733 bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
2734 if (bit_a >= bitmap_len)
2735 break;
2736 bit_b = find_next_zero_bit(bitmap, bitmap_len,
2737 bit_a + 1) - 1;
2738
2739 if (!first) {
2740 err = proc_put_char(&buffer, &left, ',');
2741 if (err)
2742 break;
2743 }
2744 err = proc_put_long(&buffer, &left, bit_a, false);
2745 if (err)
2746 break;
2747 if (bit_a != bit_b) {
2748 err = proc_put_char(&buffer, &left, '-');
2749 if (err)
2750 break;
2751 err = proc_put_long(&buffer, &left, bit_b, false);
2752 if (err)
2753 break;
2754 }
2755
2756 first = 0; bit_b++;
2757 }
2758 if (!err)
2759 err = proc_put_char(&buffer, &left, '\n');
2760 }
2761
2762 if (!err) {
2763 if (write) {
2764 if (*ppos)
2765 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
2766 else
2767 bitmap_copy(bitmap, tmp_bitmap, bitmap_len);
2768 }
2769 kfree(tmp_bitmap);
2770 *lenp -= left;
2771 *ppos += *lenp;
2772 return 0;
2773 } else {
2774 kfree(tmp_bitmap);
2775 return err;
2776 }
2777 }
2778
2779 #else /* CONFIG_PROC_SYSCTL */
2780
2781 int proc_dostring(struct ctl_table *table, int write,
2782 void __user *buffer, size_t *lenp, loff_t *ppos)
2783 {
2784 return -ENOSYS;
2785 }
2786
2787 int proc_dointvec(struct ctl_table *table, int write,
2788 void __user *buffer, size_t *lenp, loff_t *ppos)
2789 {
2790 return -ENOSYS;
2791 }
2792
2793 int proc_dointvec_minmax(struct ctl_table *table, int write,
2794 void __user *buffer, size_t *lenp, loff_t *ppos)
2795 {
2796 return -ENOSYS;
2797 }
2798
2799 int proc_dointvec_jiffies(struct ctl_table *table, int write,
2800 void __user *buffer, size_t *lenp, loff_t *ppos)
2801 {
2802 return -ENOSYS;
2803 }
2804
2805 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
2806 void __user *buffer, size_t *lenp, loff_t *ppos)
2807 {
2808 return -ENOSYS;
2809 }
2810
2811 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
2812 void __user *buffer, size_t *lenp, loff_t *ppos)
2813 {
2814 return -ENOSYS;
2815 }
2816
2817 int proc_doulongvec_minmax(struct ctl_table *table, int write,
2818 void __user *buffer, size_t *lenp, loff_t *ppos)
2819 {
2820 return -ENOSYS;
2821 }
2822
2823 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
2824 void __user *buffer,
2825 size_t *lenp, loff_t *ppos)
2826 {
2827 return -ENOSYS;
2828 }
2829
2830
2831 #endif /* CONFIG_PROC_SYSCTL */
2832
2833 /*
2834 * No sense putting this after each symbol definition, twice,
2835 * exception granted :-)
2836 */
2837 EXPORT_SYMBOL(proc_dointvec);
2838 EXPORT_SYMBOL(proc_dointvec_jiffies);
2839 EXPORT_SYMBOL(proc_dointvec_minmax);
2840 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
2841 EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
2842 EXPORT_SYMBOL(proc_dostring);
2843 EXPORT_SYMBOL(proc_doulongvec_minmax);
2844 EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);
ubuntu-zesty-kernel mirror