1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * /proc/sys support 4 */ 5 #include <linux/init.h> 6 #include <linux/sysctl.h> 7 #include <linux/poll.h> 8 #include <linux/proc_fs.h> 9 #include <linux/printk.h> 10 #include <linux/security.h> 11 #include <linux/sched.h> 12 #include <linux/cred.h> 13 #include <linux/namei.h> 14 #include <linux/mm.h> 15 #include <linux/uio.h> 16 #include <linux/module.h> 17 #include <linux/bpf-cgroup.h> 18 #include <linux/mount.h> 19 #include <linux/kmemleak.h> 20 #include <linux/lockdep.h> 21 #include "internal.h" 22 23 #define list_for_each_table_entry(entry, header) \ 24 entry = header->ctl_table; \ 25 for (size_t i = 0 ; i < header->ctl_table_size; ++i, entry++) 26 27 static const struct dentry_operations proc_sys_dentry_operations; 28 static const struct file_operations proc_sys_file_operations; 29 static const struct inode_operations proc_sys_inode_operations; 30 static const struct file_operations proc_sys_dir_file_operations; 31 static const struct inode_operations proc_sys_dir_operations; 32 33 /* 34 * Support for permanently empty directories. 35 * Must be non-empty to avoid sharing an address with other tables. 36 */ 37 static const struct ctl_table sysctl_mount_point[] = { 38 { } 39 }; 40 41 /** 42 * register_sysctl_mount_point() - registers a sysctl mount point 43 * @path: path for the mount point 44 * 45 * Used to create a permanently empty directory to serve as mount point. 46 * There are some subtle but important permission checks this allows in the 47 * case of unprivileged mounts. 48 */ 49 struct ctl_table_header *register_sysctl_mount_point(const char *path) 50 { 51 return register_sysctl_sz(path, sysctl_mount_point, 0); 52 } 53 EXPORT_SYMBOL(register_sysctl_mount_point); 54 55 #define sysctl_is_perm_empty_ctl_header(hptr) \ 56 (hptr->type == SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) 57 #define sysctl_set_perm_empty_ctl_header(hptr) \ 58 (hptr->type = SYSCTL_TABLE_TYPE_PERMANENTLY_EMPTY) 59 #define sysctl_clear_perm_empty_ctl_header(hptr) \ 60 (hptr->type = SYSCTL_TABLE_TYPE_DEFAULT) 61 62 void proc_sys_poll_notify(struct ctl_table_poll *poll) 63 { 64 if (!poll) 65 return; 66 67 atomic_inc(&poll->event); 68 wake_up_interruptible(&poll->wait); 69 } 70 71 static const struct ctl_table root_table[] = { 72 { 73 .procname = "", 74 .mode = S_IFDIR|S_IRUGO|S_IXUGO, 75 }, 76 }; 77 static struct ctl_table_root sysctl_table_root = { 78 .default_set.dir.header = { 79 {{.count = 1, 80 .nreg = 1, 81 .ctl_table = root_table }}, 82 .ctl_table_arg = root_table, 83 .root = &sysctl_table_root, 84 .set = &sysctl_table_root.default_set, 85 }, 86 }; 87 88 static DEFINE_SPINLOCK(sysctl_lock); 89 90 static void drop_sysctl_table(struct ctl_table_header *header); 91 static int sysctl_follow_link(struct ctl_table_header **phead, 92 const struct ctl_table **pentry); 93 static int insert_links(struct ctl_table_header *head); 94 static void put_links(struct ctl_table_header *header); 95 96 static void sysctl_print_dir(struct ctl_dir *dir) 97 { 98 if (dir->header.parent) 99 sysctl_print_dir(dir->header.parent); 100 pr_cont("%s/", dir->header.ctl_table[0].procname); 101 } 102 103 static int namecmp(const char *name1, int len1, const char *name2, int len2) 104 { 105 int cmp; 106 107 cmp = memcmp(name1, name2, min(len1, len2)); 108 if (cmp == 0) 109 cmp = len1 - len2; 110 return cmp; 111 } 112 113 static const struct ctl_table *find_entry(struct ctl_table_header **phead, 114 struct ctl_dir *dir, const char *name, int namelen) 115 { 116 struct ctl_table_header *head; 117 const struct ctl_table *entry; 118 struct rb_node *node = dir->root.rb_node; 119 120 lockdep_assert_held(&sysctl_lock); 121 122 while (node) 123 { 124 struct ctl_node *ctl_node; 125 const char *procname; 126 int cmp; 127 128 ctl_node = rb_entry(node, struct ctl_node, node); 129 head = ctl_node->header; 130 entry = &head->ctl_table[ctl_node - head->node]; 131 procname = entry->procname; 132 133 cmp = namecmp(name, namelen, procname, strlen(procname)); 134 if (cmp < 0) 135 node = node->rb_left; 136 else if (cmp > 0) 137 node = node->rb_right; 138 else { 139 *phead = head; 140 return entry; 141 } 142 } 143 return NULL; 144 } 145 146 static int insert_entry(struct ctl_table_header *head, const struct ctl_table *entry) 147 { 148 struct rb_node *node = &head->node[entry - head->ctl_table].node; 149 struct rb_node **p = &head->parent->root.rb_node; 150 struct rb_node *parent = NULL; 151 const char *name = entry->procname; 152 int namelen = strlen(name); 153 154 while (*p) { 155 struct ctl_table_header *parent_head; 156 const struct ctl_table *parent_entry; 157 struct ctl_node *parent_node; 158 const char *parent_name; 159 int cmp; 160 161 parent = *p; 162 parent_node = rb_entry(parent, struct ctl_node, node); 163 parent_head = parent_node->header; 164 parent_entry = &parent_head->ctl_table[parent_node - parent_head->node]; 165 parent_name = parent_entry->procname; 166 167 cmp = namecmp(name, namelen, parent_name, strlen(parent_name)); 168 if (cmp < 0) 169 p = &(*p)->rb_left; 170 else if (cmp > 0) 171 p = &(*p)->rb_right; 172 else { 173 pr_err("sysctl duplicate entry: "); 174 sysctl_print_dir(head->parent); 175 pr_cont("%s\n", entry->procname); 176 return -EEXIST; 177 } 178 } 179 180 rb_link_node(node, parent, p); 181 rb_insert_color(node, &head->parent->root); 182 return 0; 183 } 184 185 static void erase_entry(struct ctl_table_header *head, const struct ctl_table *entry) 186 { 187 struct rb_node *node = &head->node[entry - head->ctl_table].node; 188 189 rb_erase(node, &head->parent->root); 190 } 191 192 static void init_header(struct ctl_table_header *head, 193 struct ctl_table_root *root, struct ctl_table_set *set, 194 struct ctl_node *node, const struct ctl_table *table, size_t table_size) 195 { 196 head->ctl_table = table; 197 head->ctl_table_size = table_size; 198 head->ctl_table_arg = table; 199 head->used = 0; 200 head->count = 1; 201 head->nreg = 1; 202 head->unregistering = NULL; 203 head->root = root; 204 head->set = set; 205 head->parent = NULL; 206 head->node = node; 207 INIT_HLIST_HEAD(&head->inodes); 208 if (node) { 209 const struct ctl_table *entry; 210 211 list_for_each_table_entry(entry, head) { 212 node->header = head; 213 node++; 214 } 215 } 216 if (table == sysctl_mount_point) 217 sysctl_set_perm_empty_ctl_header(head); 218 } 219 220 static void erase_header(struct ctl_table_header *head) 221 { 222 const struct ctl_table *entry; 223 224 list_for_each_table_entry(entry, head) 225 erase_entry(head, entry); 226 } 227 228 static int insert_header(struct ctl_dir *dir, struct ctl_table_header *header) 229 { 230 const struct ctl_table *entry; 231 struct ctl_table_header *dir_h = &dir->header; 232 int err; 233 234 235 /* Is this a permanently empty directory? */ 236 if (sysctl_is_perm_empty_ctl_header(dir_h)) 237 return -EROFS; 238 239 /* Am I creating a permanently empty directory? */ 240 if (sysctl_is_perm_empty_ctl_header(header)) { 241 if (!RB_EMPTY_ROOT(&dir->root)) 242 return -EINVAL; 243 sysctl_set_perm_empty_ctl_header(dir_h); 244 } 245 246 dir_h->nreg++; 247 header->parent = dir; 248 err = insert_links(header); 249 if (err) 250 goto fail_links; 251 list_for_each_table_entry(entry, header) { 252 err = insert_entry(header, entry); 253 if (err) 254 goto fail; 255 } 256 return 0; 257 fail: 258 erase_header(header); 259 put_links(header); 260 fail_links: 261 if (header->ctl_table == sysctl_mount_point) 262 sysctl_clear_perm_empty_ctl_header(dir_h); 263 header->parent = NULL; 264 drop_sysctl_table(dir_h); 265 return err; 266 } 267 268 static int use_table(struct ctl_table_header *p) 269 { 270 lockdep_assert_held(&sysctl_lock); 271 272 if (unlikely(p->unregistering)) 273 return 0; 274 p->used++; 275 return 1; 276 } 277 278 static void unuse_table(struct ctl_table_header *p) 279 { 280 lockdep_assert_held(&sysctl_lock); 281 282 if (!--p->used) 283 if (unlikely(p->unregistering)) 284 complete(p->unregistering); 285 } 286 287 static void proc_sys_invalidate_dcache(struct ctl_table_header *head) 288 { 289 proc_invalidate_siblings_dcache(&head->inodes, &sysctl_lock); 290 } 291 292 static void start_unregistering(struct ctl_table_header *p) 293 { 294 /* will reacquire if has to wait */ 295 lockdep_assert_held(&sysctl_lock); 296 297 /* 298 * if p->used is 0, nobody will ever touch that entry again; 299 * we'll eliminate all paths to it before dropping sysctl_lock 300 */ 301 if (unlikely(p->used)) { 302 struct completion wait; 303 init_completion(&wait); 304 p->unregistering = &wait; 305 spin_unlock(&sysctl_lock); 306 wait_for_completion(&wait); 307 } else { 308 /* anything non-NULL; we'll never dereference it */ 309 p->unregistering = ERR_PTR(-EINVAL); 310 spin_unlock(&sysctl_lock); 311 } 312 /* 313 * Invalidate dentries for unregistered sysctls: namespaced sysctls 314 * can have duplicate names and contaminate dcache very badly. 315 */ 316 proc_sys_invalidate_dcache(p); 317 /* 318 * do not remove from the list until nobody holds it; walking the 319 * list in do_sysctl() relies on that. 320 */ 321 spin_lock(&sysctl_lock); 322 erase_header(p); 323 } 324 325 static struct ctl_table_header *sysctl_head_grab(struct ctl_table_header *head) 326 { 327 BUG_ON(!head); 328 spin_lock(&sysctl_lock); 329 if (!use_table(head)) 330 head = ERR_PTR(-ENOENT); 331 spin_unlock(&sysctl_lock); 332 return head; 333 } 334 335 static void sysctl_head_finish(struct ctl_table_header *head) 336 { 337 if (!head) 338 return; 339 spin_lock(&sysctl_lock); 340 unuse_table(head); 341 spin_unlock(&sysctl_lock); 342 } 343 344 static struct ctl_table_set * 345 lookup_header_set(struct ctl_table_root *root) 346 { 347 struct ctl_table_set *set = &root->default_set; 348 if (root->lookup) 349 set = root->lookup(root); 350 return set; 351 } 352 353 static const struct ctl_table *lookup_entry(struct ctl_table_header **phead, 354 struct ctl_dir *dir, 355 const char *name, int namelen) 356 { 357 struct ctl_table_header *head; 358 const struct ctl_table *entry; 359 360 spin_lock(&sysctl_lock); 361 entry = find_entry(&head, dir, name, namelen); 362 if (entry && use_table(head)) 363 *phead = head; 364 else 365 entry = NULL; 366 spin_unlock(&sysctl_lock); 367 return entry; 368 } 369 370 static struct ctl_node *first_usable_entry(struct rb_node *node) 371 { 372 struct ctl_node *ctl_node; 373 374 for (;node; node = rb_next(node)) { 375 ctl_node = rb_entry(node, struct ctl_node, node); 376 if (use_table(ctl_node->header)) 377 return ctl_node; 378 } 379 return NULL; 380 } 381 382 static void first_entry(struct ctl_dir *dir, 383 struct ctl_table_header **phead, const struct ctl_table **pentry) 384 { 385 struct ctl_table_header *head = NULL; 386 const struct ctl_table *entry = NULL; 387 struct ctl_node *ctl_node; 388 389 spin_lock(&sysctl_lock); 390 ctl_node = first_usable_entry(rb_first(&dir->root)); 391 spin_unlock(&sysctl_lock); 392 if (ctl_node) { 393 head = ctl_node->header; 394 entry = &head->ctl_table[ctl_node - head->node]; 395 } 396 *phead = head; 397 *pentry = entry; 398 } 399 400 static void next_entry(struct ctl_table_header **phead, const struct ctl_table **pentry) 401 { 402 struct ctl_table_header *head = *phead; 403 const struct ctl_table *entry = *pentry; 404 struct ctl_node *ctl_node = &head->node[entry - head->ctl_table]; 405 406 spin_lock(&sysctl_lock); 407 unuse_table(head); 408 409 ctl_node = first_usable_entry(rb_next(&ctl_node->node)); 410 spin_unlock(&sysctl_lock); 411 head = NULL; 412 if (ctl_node) { 413 head = ctl_node->header; 414 entry = &head->ctl_table[ctl_node - head->node]; 415 } 416 *phead = head; 417 *pentry = entry; 418 } 419 420 /* 421 * sysctl_perm does NOT grant the superuser all rights automatically, because 422 * some sysctl variables are readonly even to root. 423 */ 424 425 static int test_perm(int mode, int op) 426 { 427 if (uid_eq(current_euid(), GLOBAL_ROOT_UID)) 428 mode >>= 6; 429 else if (in_egroup_p(GLOBAL_ROOT_GID)) 430 mode >>= 3; 431 if ((op & ~mode & (MAY_READ|MAY_WRITE|MAY_EXEC)) == 0) 432 return 0; 433 return -EACCES; 434 } 435 436 static int sysctl_perm(struct ctl_table_header *head, const struct ctl_table *table, int op) 437 { 438 struct ctl_table_root *root = head->root; 439 int mode; 440 441 if (root->permissions) 442 mode = root->permissions(head, table); 443 else 444 mode = table->mode; 445 446 return test_perm(mode, op); 447 } 448 449 static struct inode *proc_sys_make_inode(struct super_block *sb, 450 struct ctl_table_header *head, const struct ctl_table *table) 451 { 452 struct ctl_table_root *root = head->root; 453 struct inode *inode; 454 struct proc_inode *ei; 455 456 inode = new_inode(sb); 457 if (!inode) 458 return ERR_PTR(-ENOMEM); 459 460 inode->i_ino = get_next_ino(); 461 462 ei = PROC_I(inode); 463 464 spin_lock(&sysctl_lock); 465 if (unlikely(head->unregistering)) { 466 spin_unlock(&sysctl_lock); 467 iput(inode); 468 return ERR_PTR(-ENOENT); 469 } 470 ei->sysctl = head; 471 ei->sysctl_entry = table; 472 hlist_add_head_rcu(&ei->sibling_inodes, &head->inodes); 473 head->count++; 474 spin_unlock(&sysctl_lock); 475 476 simple_inode_init_ts(inode); 477 inode->i_mode = table->mode; 478 if (!S_ISDIR(table->mode)) { 479 inode->i_mode |= S_IFREG; 480 inode->i_op = &proc_sys_inode_operations; 481 inode->i_fop = &proc_sys_file_operations; 482 } else { 483 inode->i_mode |= S_IFDIR; 484 inode->i_op = &proc_sys_dir_operations; 485 inode->i_fop = &proc_sys_dir_file_operations; 486 if (sysctl_is_perm_empty_ctl_header(head)) 487 make_empty_dir_inode(inode); 488 } 489 490 inode->i_uid = GLOBAL_ROOT_UID; 491 inode->i_gid = GLOBAL_ROOT_GID; 492 if (root->set_ownership) 493 root->set_ownership(head, &inode->i_uid, &inode->i_gid); 494 495 return inode; 496 } 497 498 void proc_sys_evict_inode(struct inode *inode, struct ctl_table_header *head) 499 { 500 spin_lock(&sysctl_lock); 501 hlist_del_init_rcu(&PROC_I(inode)->sibling_inodes); 502 if (!--head->count) 503 kfree_rcu(head, rcu); 504 spin_unlock(&sysctl_lock); 505 } 506 507 static struct ctl_table_header *grab_header(struct inode *inode) 508 { 509 struct ctl_table_header *head = PROC_I(inode)->sysctl; 510 if (!head) 511 head = &sysctl_table_root.default_set.dir.header; 512 return sysctl_head_grab(head); 513 } 514 515 static struct dentry *proc_sys_lookup(struct inode *dir, struct dentry *dentry, 516 unsigned int flags) 517 { 518 struct ctl_table_header *head = grab_header(dir); 519 struct ctl_table_header *h = NULL; 520 const struct qstr *name = &dentry->d_name; 521 const struct ctl_table *p; 522 struct inode *inode; 523 struct dentry *err = ERR_PTR(-ENOENT); 524 struct ctl_dir *ctl_dir; 525 int ret; 526 527 if (IS_ERR(head)) 528 return ERR_CAST(head); 529 530 ctl_dir = container_of(head, struct ctl_dir, header); 531 532 p = lookup_entry(&h, ctl_dir, name->name, name->len); 533 if (!p) 534 goto out; 535 536 if (S_ISLNK(p->mode)) { 537 ret = sysctl_follow_link(&h, &p); 538 err = ERR_PTR(ret); 539 if (ret) 540 goto out; 541 } 542 543 inode = proc_sys_make_inode(dir->i_sb, h ? h : head, p); 544 err = d_splice_alias_ops(inode, dentry, &proc_sys_dentry_operations); 545 546 out: 547 if (h) 548 sysctl_head_finish(h); 549 sysctl_head_finish(head); 550 return err; 551 } 552 553 static ssize_t proc_sys_call_handler(struct kiocb *iocb, struct iov_iter *iter, 554 int write) 555 { 556 struct inode *inode = file_inode(iocb->ki_filp); 557 struct ctl_table_header *head = grab_header(inode); 558 const struct ctl_table *table = PROC_I(inode)->sysctl_entry; 559 size_t count = iov_iter_count(iter); 560 char *kbuf; 561 ssize_t error; 562 563 if (IS_ERR(head)) 564 return PTR_ERR(head); 565 566 /* 567 * At this point we know that the sysctl was not unregistered 568 * and won't be until we finish. 569 */ 570 error = -EPERM; 571 if (sysctl_perm(head, table, write ? MAY_WRITE : MAY_READ)) 572 goto out; 573 574 /* if that can happen at all, it should be -EINVAL, not -EISDIR */ 575 error = -EINVAL; 576 if (!table->proc_handler) 577 goto out; 578 579 /* don't even try if the size is too large */ 580 error = -ENOMEM; 581 if (count >= KMALLOC_MAX_SIZE) 582 goto out; 583 kbuf = kvzalloc(count + 1, GFP_KERNEL); 584 if (!kbuf) 585 goto out; 586 587 if (write) { 588 error = -EFAULT; 589 if (!copy_from_iter_full(kbuf, count, iter)) 590 goto out_free_buf; 591 kbuf[count] = '\0'; 592 } 593 594 error = BPF_CGROUP_RUN_PROG_SYSCTL(head, table, write, &kbuf, &count, 595 &iocb->ki_pos); 596 if (error) 597 goto out_free_buf; 598 599 /* careful: calling conventions are nasty here */ 600 error = table->proc_handler(table, write, kbuf, &count, &iocb->ki_pos); 601 if (error) 602 goto out_free_buf; 603 604 if (!write) { 605 error = -EFAULT; 606 if (copy_to_iter(kbuf, count, iter) < count) 607 goto out_free_buf; 608 } 609 610 error = count; 611 out_free_buf: 612 kvfree(kbuf); 613 out: 614 sysctl_head_finish(head); 615 616 return error; 617 } 618 619 static ssize_t proc_sys_read(struct kiocb *iocb, struct iov_iter *iter) 620 { 621 return proc_sys_call_handler(iocb, iter, 0); 622 } 623 624 static ssize_t proc_sys_write(struct kiocb *iocb, struct iov_iter *iter) 625 { 626 return proc_sys_call_handler(iocb, iter, 1); 627 } 628 629 static int proc_sys_open(struct inode *inode, struct file *filp) 630 { 631 struct ctl_table_header *head = grab_header(inode); 632 const struct ctl_table *table = PROC_I(inode)->sysctl_entry; 633 634 /* sysctl was unregistered */ 635 if (IS_ERR(head)) 636 return PTR_ERR(head); 637 638 if (table->poll) 639 filp->private_data = proc_sys_poll_event(table->poll); 640 641 sysctl_head_finish(head); 642 643 return 0; 644 } 645 646 static __poll_t proc_sys_poll(struct file *filp, poll_table *wait) 647 { 648 struct inode *inode = file_inode(filp); 649 struct ctl_table_header *head = grab_header(inode); 650 const struct ctl_table *table = PROC_I(inode)->sysctl_entry; 651 __poll_t ret = DEFAULT_POLLMASK; 652 unsigned long event; 653 654 /* sysctl was unregistered */ 655 if (IS_ERR(head)) 656 return EPOLLERR | EPOLLHUP; 657 658 if (!table->proc_handler) 659 goto out; 660 661 if (!table->poll) 662 goto out; 663 664 event = (unsigned long)filp->private_data; 665 poll_wait(filp, &table->poll->wait, wait); 666 667 if (event != atomic_read(&table->poll->event)) { 668 filp->private_data = proc_sys_poll_event(table->poll); 669 ret = EPOLLIN | EPOLLRDNORM | EPOLLERR | EPOLLPRI; 670 } 671 672 out: 673 sysctl_head_finish(head); 674 675 return ret; 676 } 677 678 static bool proc_sys_fill_cache(struct file *file, 679 struct dir_context *ctx, 680 struct ctl_table_header *head, 681 const struct ctl_table *table) 682 { 683 struct dentry *child, *dir = file->f_path.dentry; 684 struct inode *inode; 685 struct qstr qname; 686 ino_t ino = 0; 687 unsigned type = DT_UNKNOWN; 688 689 qname.name = table->procname; 690 qname.len = strlen(table->procname); 691 qname.hash = full_name_hash(dir, qname.name, qname.len); 692 693 child = d_lookup(dir, &qname); 694 if (!child) { 695 child = d_alloc_parallel(dir, &qname); 696 if (IS_ERR(child)) 697 return false; 698 if (d_in_lookup(child)) { 699 struct dentry *res; 700 inode = proc_sys_make_inode(dir->d_sb, head, table); 701 res = d_splice_alias_ops(inode, child, 702 &proc_sys_dentry_operations); 703 d_lookup_done(child); 704 if (unlikely(res)) { 705 dput(child); 706 707 if (IS_ERR(res)) 708 return false; 709 710 child = res; 711 } 712 } 713 } 714 inode = d_inode(child); 715 ino = inode->i_ino; 716 type = inode->i_mode >> 12; 717 dput(child); 718 return dir_emit(ctx, qname.name, qname.len, ino, type); 719 } 720 721 static bool proc_sys_link_fill_cache(struct file *file, 722 struct dir_context *ctx, 723 struct ctl_table_header *head, 724 const struct ctl_table *table) 725 { 726 bool ret = true; 727 728 head = sysctl_head_grab(head); 729 if (IS_ERR(head)) 730 return false; 731 732 /* It is not an error if we can not follow the link ignore it */ 733 if (sysctl_follow_link(&head, &table)) 734 goto out; 735 736 ret = proc_sys_fill_cache(file, ctx, head, table); 737 out: 738 sysctl_head_finish(head); 739 return ret; 740 } 741 742 static int scan(struct ctl_table_header *head, const struct ctl_table *table, 743 unsigned long *pos, struct file *file, 744 struct dir_context *ctx) 745 { 746 bool res; 747 748 if ((*pos)++ < ctx->pos) 749 return true; 750 751 if (unlikely(S_ISLNK(table->mode))) 752 res = proc_sys_link_fill_cache(file, ctx, head, table); 753 else 754 res = proc_sys_fill_cache(file, ctx, head, table); 755 756 if (res) 757 ctx->pos = *pos; 758 759 return res; 760 } 761 762 static int proc_sys_readdir(struct file *file, struct dir_context *ctx) 763 { 764 struct ctl_table_header *head = grab_header(file_inode(file)); 765 struct ctl_table_header *h = NULL; 766 const struct ctl_table *entry; 767 struct ctl_dir *ctl_dir; 768 unsigned long pos; 769 770 if (IS_ERR(head)) 771 return PTR_ERR(head); 772 773 ctl_dir = container_of(head, struct ctl_dir, header); 774 775 if (!dir_emit_dots(file, ctx)) 776 goto out; 777 778 pos = 2; 779 780 for (first_entry(ctl_dir, &h, &entry); h; next_entry(&h, &entry)) { 781 if (!scan(h, entry, &pos, file, ctx)) { 782 sysctl_head_finish(h); 783 break; 784 } 785 } 786 out: 787 sysctl_head_finish(head); 788 return 0; 789 } 790 791 static int proc_sys_permission(struct mnt_idmap *idmap, 792 struct inode *inode, int mask) 793 { 794 /* 795 * sysctl entries that are not writeable, 796 * are _NOT_ writeable, capabilities or not. 797 */ 798 struct ctl_table_header *head; 799 const struct ctl_table *table; 800 int error; 801 802 /* Executable files are not allowed under /proc/sys/ */ 803 if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode)) 804 return -EACCES; 805 806 head = grab_header(inode); 807 if (IS_ERR(head)) 808 return PTR_ERR(head); 809 810 table = PROC_I(inode)->sysctl_entry; 811 if (!table) /* global root - r-xr-xr-x */ 812 error = mask & MAY_WRITE ? -EACCES : 0; 813 else /* Use the permissions on the sysctl table entry */ 814 error = sysctl_perm(head, table, mask & ~MAY_NOT_BLOCK); 815 816 sysctl_head_finish(head); 817 return error; 818 } 819 820 static int proc_sys_setattr(struct mnt_idmap *idmap, 821 struct dentry *dentry, struct iattr *attr) 822 { 823 struct inode *inode = d_inode(dentry); 824 int error; 825 826 if (attr->ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID)) 827 return -EPERM; 828 829 error = setattr_prepare(&nop_mnt_idmap, dentry, attr); 830 if (error) 831 return error; 832 833 setattr_copy(&nop_mnt_idmap, inode, attr); 834 return 0; 835 } 836 837 static int proc_sys_getattr(struct mnt_idmap *idmap, 838 const struct path *path, struct kstat *stat, 839 u32 request_mask, unsigned int query_flags) 840 { 841 struct inode *inode = d_inode(path->dentry); 842 struct ctl_table_header *head = grab_header(inode); 843 const struct ctl_table *table = PROC_I(inode)->sysctl_entry; 844 845 if (IS_ERR(head)) 846 return PTR_ERR(head); 847 848 generic_fillattr(&nop_mnt_idmap, request_mask, inode, stat); 849 if (table) 850 stat->mode = (stat->mode & S_IFMT) | table->mode; 851 852 sysctl_head_finish(head); 853 return 0; 854 } 855 856 static const struct file_operations proc_sys_file_operations = { 857 .open = proc_sys_open, 858 .poll = proc_sys_poll, 859 .read_iter = proc_sys_read, 860 .write_iter = proc_sys_write, 861 .splice_read = copy_splice_read, 862 .splice_write = iter_file_splice_write, 863 .llseek = default_llseek, 864 }; 865 866 static const struct file_operations proc_sys_dir_file_operations = { 867 .read = generic_read_dir, 868 .iterate_shared = proc_sys_readdir, 869 .llseek = generic_file_llseek, 870 }; 871 872 static const struct inode_operations proc_sys_inode_operations = { 873 .permission = proc_sys_permission, 874 .setattr = proc_sys_setattr, 875 .getattr = proc_sys_getattr, 876 }; 877 878 static const struct inode_operations proc_sys_dir_operations = { 879 .lookup = proc_sys_lookup, 880 .permission = proc_sys_permission, 881 .setattr = proc_sys_setattr, 882 .getattr = proc_sys_getattr, 883 }; 884 885 static int proc_sys_revalidate(struct inode *dir, const struct qstr *name, 886 struct dentry *dentry, unsigned int flags) 887 { 888 if (flags & LOOKUP_RCU) 889 return -ECHILD; 890 return !PROC_I(d_inode(dentry))->sysctl->unregistering; 891 } 892 893 static int proc_sys_delete(const struct dentry *dentry) 894 { 895 return !!PROC_I(d_inode(dentry))->sysctl->unregistering; 896 } 897 898 static int sysctl_is_seen(struct ctl_table_header *p) 899 { 900 struct ctl_table_set *set = p->set; 901 int res; 902 spin_lock(&sysctl_lock); 903 if (p->unregistering) 904 res = 0; 905 else if (!set->is_seen) 906 res = 1; 907 else 908 res = set->is_seen(set); 909 spin_unlock(&sysctl_lock); 910 return res; 911 } 912 913 static int proc_sys_compare(const struct dentry *dentry, 914 unsigned int len, const char *str, const struct qstr *name) 915 { 916 struct ctl_table_header *head; 917 struct inode *inode; 918 919 if (name->len != len) 920 return 1; 921 if (memcmp(name->name, str, len)) 922 return 1; 923 924 // false positive is fine here - we'll recheck anyway 925 if (d_in_lookup(dentry)) 926 return 0; 927 928 inode = d_inode_rcu(dentry); 929 // we just might have run into dentry in the middle of __dentry_kill() 930 if (!inode) 931 return 1; 932 933 head = READ_ONCE(PROC_I(inode)->sysctl); 934 return !head || !sysctl_is_seen(head); 935 } 936 937 static const struct dentry_operations proc_sys_dentry_operations = { 938 .d_revalidate = proc_sys_revalidate, 939 .d_delete = proc_sys_delete, 940 .d_compare = proc_sys_compare, 941 }; 942 943 static struct ctl_dir *find_subdir(struct ctl_dir *dir, 944 const char *name, int namelen) 945 { 946 struct ctl_table_header *head; 947 const struct ctl_table *entry; 948 949 entry = find_entry(&head, dir, name, namelen); 950 if (!entry) 951 return ERR_PTR(-ENOENT); 952 if (!S_ISDIR(entry->mode)) 953 return ERR_PTR(-ENOTDIR); 954 return container_of(head, struct ctl_dir, header); 955 } 956 957 static struct ctl_dir *new_dir(struct ctl_table_set *set, 958 const char *name, int namelen) 959 { 960 struct ctl_table *table; 961 struct ctl_dir *new; 962 struct ctl_node *node; 963 char *new_name; 964 965 new = kzalloc(sizeof(*new) + sizeof(struct ctl_node) + 966 sizeof(struct ctl_table) + namelen + 1, 967 GFP_KERNEL); 968 if (!new) 969 return NULL; 970 971 node = (struct ctl_node *)(new + 1); 972 table = (struct ctl_table *)(node + 1); 973 new_name = (char *)(table + 1); 974 memcpy(new_name, name, namelen); 975 table[0].procname = new_name; 976 table[0].mode = S_IFDIR|S_IRUGO|S_IXUGO; 977 init_header(&new->header, set->dir.header.root, set, node, table, 1); 978 979 return new; 980 } 981 982 /** 983 * get_subdir - find or create a subdir with the specified name. 984 * @dir: Directory to create the subdirectory in 985 * @name: The name of the subdirectory to find or create 986 * @namelen: The length of name 987 * 988 * Takes a directory with an elevated reference count so we know that 989 * if we drop the lock the directory will not go away. Upon success 990 * the reference is moved from @dir to the returned subdirectory. 991 * Upon error an error code is returned and the reference on @dir is 992 * simply dropped. 993 */ 994 static struct ctl_dir *get_subdir(struct ctl_dir *dir, 995 const char *name, int namelen) 996 { 997 struct ctl_table_set *set = dir->header.set; 998 struct ctl_dir *subdir, *new = NULL; 999 int err; 1000 1001 spin_lock(&sysctl_lock); 1002 subdir = find_subdir(dir, name, namelen); 1003 if (!IS_ERR(subdir)) 1004 goto found; 1005 if (PTR_ERR(subdir) != -ENOENT) 1006 goto failed; 1007 1008 spin_unlock(&sysctl_lock); 1009 new = new_dir(set, name, namelen); 1010 spin_lock(&sysctl_lock); 1011 subdir = ERR_PTR(-ENOMEM); 1012 if (!new) 1013 goto failed; 1014 1015 /* Was the subdir added while we dropped the lock? */ 1016 subdir = find_subdir(dir, name, namelen); 1017 if (!IS_ERR(subdir)) 1018 goto found; 1019 if (PTR_ERR(subdir) != -ENOENT) 1020 goto failed; 1021 1022 /* Nope. Use the our freshly made directory entry. */ 1023 err = insert_header(dir, &new->header); 1024 subdir = ERR_PTR(err); 1025 if (err) 1026 goto failed; 1027 subdir = new; 1028 found: 1029 subdir->header.nreg++; 1030 failed: 1031 if (IS_ERR(subdir)) { 1032 pr_err("sysctl could not get directory: "); 1033 sysctl_print_dir(dir); 1034 pr_cont("%*.*s %ld\n", namelen, namelen, name, 1035 PTR_ERR(subdir)); 1036 } 1037 drop_sysctl_table(&dir->header); 1038 if (new) 1039 drop_sysctl_table(&new->header); 1040 spin_unlock(&sysctl_lock); 1041 return subdir; 1042 } 1043 1044 static struct ctl_dir *xlate_dir(struct ctl_table_set *set, struct ctl_dir *dir) 1045 { 1046 struct ctl_dir *parent; 1047 const char *procname; 1048 if (!dir->header.parent) 1049 return &set->dir; 1050 parent = xlate_dir(set, dir->header.parent); 1051 if (IS_ERR(parent)) 1052 return parent; 1053 procname = dir->header.ctl_table[0].procname; 1054 return find_subdir(parent, procname, strlen(procname)); 1055 } 1056 1057 static int sysctl_follow_link(struct ctl_table_header **phead, 1058 const struct ctl_table **pentry) 1059 { 1060 struct ctl_table_header *head; 1061 const struct ctl_table *entry; 1062 struct ctl_table_root *root; 1063 struct ctl_table_set *set; 1064 struct ctl_dir *dir; 1065 int ret; 1066 1067 spin_lock(&sysctl_lock); 1068 root = (*pentry)->data; 1069 set = lookup_header_set(root); 1070 dir = xlate_dir(set, (*phead)->parent); 1071 if (IS_ERR(dir)) 1072 ret = PTR_ERR(dir); 1073 else { 1074 const char *procname = (*pentry)->procname; 1075 head = NULL; 1076 entry = find_entry(&head, dir, procname, strlen(procname)); 1077 ret = -ENOENT; 1078 if (entry && use_table(head)) { 1079 unuse_table(*phead); 1080 *phead = head; 1081 *pentry = entry; 1082 ret = 0; 1083 } 1084 } 1085 1086 spin_unlock(&sysctl_lock); 1087 return ret; 1088 } 1089 1090 static int sysctl_err(const char *path, const struct ctl_table *table, char *fmt, ...) 1091 { 1092 struct va_format vaf; 1093 va_list args; 1094 1095 va_start(args, fmt); 1096 vaf.fmt = fmt; 1097 vaf.va = &args; 1098 1099 pr_err("sysctl table check failed: %s/%s %pV\n", 1100 path, table->procname, &vaf); 1101 1102 va_end(args); 1103 return -EINVAL; 1104 } 1105 1106 static int sysctl_check_table_array(const char *path, const struct ctl_table *table) 1107 { 1108 unsigned int extra; 1109 int err = 0; 1110 1111 if ((table->proc_handler == proc_douintvec) || 1112 (table->proc_handler == proc_douintvec_minmax)) { 1113 if (table->maxlen != sizeof(unsigned int)) 1114 err |= sysctl_err(path, table, "array not allowed"); 1115 } 1116 1117 if (table->proc_handler == proc_dou8vec_minmax) { 1118 if (table->maxlen != sizeof(u8)) 1119 err |= sysctl_err(path, table, "array not allowed"); 1120 1121 if (table->extra1) { 1122 extra = *(unsigned int *) table->extra1; 1123 if (extra > 255U) 1124 err |= sysctl_err(path, table, 1125 "range value too large for proc_dou8vec_minmax"); 1126 } 1127 if (table->extra2) { 1128 extra = *(unsigned int *) table->extra2; 1129 if (extra > 255U) 1130 err |= sysctl_err(path, table, 1131 "range value too large for proc_dou8vec_minmax"); 1132 } 1133 } 1134 1135 if (table->proc_handler == proc_dobool) { 1136 if (table->maxlen != sizeof(bool)) 1137 err |= sysctl_err(path, table, "array not allowed"); 1138 } 1139 1140 return err; 1141 } 1142 1143 static int sysctl_check_table(const char *path, struct ctl_table_header *header) 1144 { 1145 const struct ctl_table *entry; 1146 int err = 0; 1147 list_for_each_table_entry(entry, header) { 1148 if (!entry->procname) 1149 err |= sysctl_err(path, entry, "procname is null"); 1150 if ((entry->proc_handler == proc_dostring) || 1151 (entry->proc_handler == proc_dobool) || 1152 (entry->proc_handler == proc_dointvec) || 1153 (entry->proc_handler == proc_douintvec) || 1154 (entry->proc_handler == proc_douintvec_minmax) || 1155 (entry->proc_handler == proc_dointvec_minmax) || 1156 (entry->proc_handler == proc_dou8vec_minmax) || 1157 (entry->proc_handler == proc_dointvec_jiffies) || 1158 (entry->proc_handler == proc_dointvec_userhz_jiffies) || 1159 (entry->proc_handler == proc_dointvec_ms_jiffies) || 1160 (entry->proc_handler == proc_doulongvec_minmax) || 1161 (entry->proc_handler == proc_doulongvec_ms_jiffies_minmax)) { 1162 if (!entry->data) 1163 err |= sysctl_err(path, entry, "No data"); 1164 if (!entry->maxlen) 1165 err |= sysctl_err(path, entry, "No maxlen"); 1166 else 1167 err |= sysctl_check_table_array(path, entry); 1168 } 1169 if (!entry->proc_handler) 1170 err |= sysctl_err(path, entry, "No proc_handler"); 1171 1172 if ((entry->mode & (S_IRUGO|S_IWUGO)) != entry->mode) 1173 err |= sysctl_err(path, entry, "bogus .mode 0%o", 1174 entry->mode); 1175 } 1176 return err; 1177 } 1178 1179 static struct ctl_table_header *new_links(struct ctl_dir *dir, struct ctl_table_header *head) 1180 { 1181 struct ctl_table *link_table, *link; 1182 struct ctl_table_header *links; 1183 const struct ctl_table *entry; 1184 struct ctl_node *node; 1185 char *link_name; 1186 int name_bytes; 1187 1188 name_bytes = 0; 1189 list_for_each_table_entry(entry, head) { 1190 name_bytes += strlen(entry->procname) + 1; 1191 } 1192 1193 links = kzalloc(sizeof(struct ctl_table_header) + 1194 sizeof(struct ctl_node)*head->ctl_table_size + 1195 sizeof(struct ctl_table)*head->ctl_table_size + 1196 name_bytes, 1197 GFP_KERNEL); 1198 1199 if (!links) 1200 return NULL; 1201 1202 node = (struct ctl_node *)(links + 1); 1203 link_table = (struct ctl_table *)(node + head->ctl_table_size); 1204 link_name = (char *)(link_table + head->ctl_table_size); 1205 link = link_table; 1206 1207 list_for_each_table_entry(entry, head) { 1208 int len = strlen(entry->procname) + 1; 1209 memcpy(link_name, entry->procname, len); 1210 link->procname = link_name; 1211 link->mode = S_IFLNK|S_IRWXUGO; 1212 link->data = head->root; 1213 link_name += len; 1214 link++; 1215 } 1216 init_header(links, dir->header.root, dir->header.set, node, link_table, 1217 head->ctl_table_size); 1218 links->nreg = head->ctl_table_size; 1219 1220 return links; 1221 } 1222 1223 static bool get_links(struct ctl_dir *dir, 1224 struct ctl_table_header *header, 1225 struct ctl_table_root *link_root) 1226 { 1227 struct ctl_table_header *tmp_head; 1228 const struct ctl_table *entry, *link; 1229 1230 if (header->ctl_table_size == 0 || 1231 sysctl_is_perm_empty_ctl_header(header)) 1232 return true; 1233 1234 /* Are there links available for every entry in table? */ 1235 list_for_each_table_entry(entry, header) { 1236 const char *procname = entry->procname; 1237 link = find_entry(&tmp_head, dir, procname, strlen(procname)); 1238 if (!link) 1239 return false; 1240 if (S_ISDIR(link->mode) && S_ISDIR(entry->mode)) 1241 continue; 1242 if (S_ISLNK(link->mode) && (link->data == link_root)) 1243 continue; 1244 return false; 1245 } 1246 1247 /* The checks passed. Increase the registration count on the links */ 1248 list_for_each_table_entry(entry, header) { 1249 const char *procname = entry->procname; 1250 link = find_entry(&tmp_head, dir, procname, strlen(procname)); 1251 tmp_head->nreg++; 1252 } 1253 return true; 1254 } 1255 1256 static int insert_links(struct ctl_table_header *head) 1257 { 1258 struct ctl_table_set *root_set = &sysctl_table_root.default_set; 1259 struct ctl_dir *core_parent; 1260 struct ctl_table_header *links; 1261 int err; 1262 1263 if (head->set == root_set) 1264 return 0; 1265 1266 core_parent = xlate_dir(root_set, head->parent); 1267 if (IS_ERR(core_parent)) 1268 return 0; 1269 1270 if (get_links(core_parent, head, head->root)) 1271 return 0; 1272 1273 core_parent->header.nreg++; 1274 spin_unlock(&sysctl_lock); 1275 1276 links = new_links(core_parent, head); 1277 1278 spin_lock(&sysctl_lock); 1279 err = -ENOMEM; 1280 if (!links) 1281 goto out; 1282 1283 err = 0; 1284 if (get_links(core_parent, head, head->root)) { 1285 kfree(links); 1286 goto out; 1287 } 1288 1289 err = insert_header(core_parent, links); 1290 if (err) 1291 kfree(links); 1292 out: 1293 drop_sysctl_table(&core_parent->header); 1294 return err; 1295 } 1296 1297 /* Find the directory for the ctl_table. If one is not found create it. */ 1298 static struct ctl_dir *sysctl_mkdir_p(struct ctl_dir *dir, const char *path) 1299 { 1300 const char *name, *nextname; 1301 1302 for (name = path; name; name = nextname) { 1303 int namelen; 1304 nextname = strchr(name, '/'); 1305 if (nextname) { 1306 namelen = nextname - name; 1307 nextname++; 1308 } else { 1309 namelen = strlen(name); 1310 } 1311 if (namelen == 0) 1312 continue; 1313 1314 /* 1315 * namelen ensures if name is "foo/bar/yay" only foo is 1316 * registered first. We traverse as if using mkdir -p and 1317 * return a ctl_dir for the last directory entry. 1318 */ 1319 dir = get_subdir(dir, name, namelen); 1320 if (IS_ERR(dir)) 1321 break; 1322 } 1323 return dir; 1324 } 1325 1326 /** 1327 * __register_sysctl_table - register a leaf sysctl table 1328 * @set: Sysctl tree to register on 1329 * @path: The path to the directory the sysctl table is in. 1330 * 1331 * @table: the top-level table structure. This table should not be free'd 1332 * after registration. So it should not be used on stack. It can either 1333 * be a global or dynamically allocated by the caller and free'd later 1334 * after sysctl unregistration. 1335 * @table_size : The number of elements in table 1336 * 1337 * Register a sysctl table hierarchy. @table should be a filled in ctl_table 1338 * array. 1339 * 1340 * The members of the &struct ctl_table structure are used as follows: 1341 * procname - the name of the sysctl file under /proc/sys. Set to %NULL to not 1342 * enter a sysctl file 1343 * data - a pointer to data for use by proc_handler 1344 * maxlen - the maximum size in bytes of the data 1345 * mode - the file permissions for the /proc/sys file 1346 * type - Defines the target type (described in struct definition) 1347 * proc_handler - the text handler routine (described below) 1348 * 1349 * extra1, extra2 - extra pointers usable by the proc handler routines 1350 * XXX: we should eventually modify these to use long min / max [0] 1351 * [0] https://lkml.kernel.org/87zgpte9o4.fsf@email.froward.int.ebiederm.org 1352 * 1353 * Leaf nodes in the sysctl tree will be represented by a single file 1354 * under /proc; non-leaf nodes are not allowed. 1355 * 1356 * There must be a proc_handler routine for any terminal nodes. 1357 * Several default handlers are available to cover common cases - 1358 * 1359 * proc_dostring(), proc_dointvec(), proc_dointvec_jiffies(), 1360 * proc_dointvec_userhz_jiffies(), proc_dointvec_minmax(), 1361 * proc_doulongvec_ms_jiffies_minmax(), proc_doulongvec_minmax() 1362 * 1363 * It is the handler's job to read the input buffer from user memory 1364 * and process it. The handler should return 0 on success. 1365 * 1366 * This routine returns %NULL on a failure to register, and a pointer 1367 * to the table header on success. 1368 */ 1369 struct ctl_table_header *__register_sysctl_table( 1370 struct ctl_table_set *set, 1371 const char *path, const struct ctl_table *table, size_t table_size) 1372 { 1373 struct ctl_table_root *root = set->dir.header.root; 1374 struct ctl_table_header *header; 1375 struct ctl_dir *dir; 1376 struct ctl_node *node; 1377 1378 header = kzalloc(sizeof(struct ctl_table_header) + 1379 sizeof(struct ctl_node)*table_size, GFP_KERNEL_ACCOUNT); 1380 if (!header) 1381 return NULL; 1382 1383 node = (struct ctl_node *)(header + 1); 1384 init_header(header, root, set, node, table, table_size); 1385 if (sysctl_check_table(path, header)) 1386 goto fail; 1387 1388 spin_lock(&sysctl_lock); 1389 dir = &set->dir; 1390 /* Reference moved down the directory tree get_subdir */ 1391 dir->header.nreg++; 1392 spin_unlock(&sysctl_lock); 1393 1394 dir = sysctl_mkdir_p(dir, path); 1395 if (IS_ERR(dir)) 1396 goto fail; 1397 spin_lock(&sysctl_lock); 1398 if (insert_header(dir, header)) 1399 goto fail_put_dir_locked; 1400 1401 drop_sysctl_table(&dir->header); 1402 spin_unlock(&sysctl_lock); 1403 1404 return header; 1405 1406 fail_put_dir_locked: 1407 drop_sysctl_table(&dir->header); 1408 spin_unlock(&sysctl_lock); 1409 fail: 1410 kfree(header); 1411 return NULL; 1412 } 1413 1414 /** 1415 * register_sysctl_sz - register a sysctl table 1416 * @path: The path to the directory the sysctl table is in. If the path 1417 * doesn't exist we will create it for you. 1418 * @table: the table structure. The calller must ensure the life of the @table 1419 * will be kept during the lifetime use of the syctl. It must not be freed 1420 * until unregister_sysctl_table() is called with the given returned table 1421 * with this registration. If your code is non modular then you don't need 1422 * to call unregister_sysctl_table() and can instead use something like 1423 * register_sysctl_init() which does not care for the result of the syctl 1424 * registration. 1425 * @table_size: The number of elements in table. 1426 * 1427 * Register a sysctl table. @table should be a filled in ctl_table 1428 * array. A completely 0 filled entry terminates the table. 1429 * 1430 * See __register_sysctl_table for more details. 1431 */ 1432 struct ctl_table_header *register_sysctl_sz(const char *path, const struct ctl_table *table, 1433 size_t table_size) 1434 { 1435 return __register_sysctl_table(&sysctl_table_root.default_set, 1436 path, table, table_size); 1437 } 1438 EXPORT_SYMBOL(register_sysctl_sz); 1439 1440 /** 1441 * __register_sysctl_init() - register sysctl table to path 1442 * @path: path name for sysctl base. If that path doesn't exist we will create 1443 * it for you. 1444 * @table: This is the sysctl table that needs to be registered to the path. 1445 * The caller must ensure the life of the @table will be kept during the 1446 * lifetime use of the sysctl. 1447 * @table_name: The name of sysctl table, only used for log printing when 1448 * registration fails 1449 * @table_size: The number of elements in table 1450 * 1451 * The sysctl interface is used by userspace to query or modify at runtime 1452 * a predefined value set on a variable. These variables however have default 1453 * values pre-set. Code which depends on these variables will always work even 1454 * if register_sysctl() fails. If register_sysctl() fails you'd just loose the 1455 * ability to query or modify the sysctls dynamically at run time. Chances of 1456 * register_sysctl() failing on init are extremely low, and so for both reasons 1457 * this function does not return any error as it is used by initialization code. 1458 * 1459 * Context: if your base directory does not exist it will be created for you. 1460 */ 1461 void __init __register_sysctl_init(const char *path, const struct ctl_table *table, 1462 const char *table_name, size_t table_size) 1463 { 1464 struct ctl_table_header *hdr = register_sysctl_sz(path, table, table_size); 1465 1466 if (unlikely(!hdr)) { 1467 pr_err("failed when register_sysctl_sz %s to %s\n", table_name, path); 1468 return; 1469 } 1470 kmemleak_not_leak(hdr); 1471 } 1472 1473 static void put_links(struct ctl_table_header *header) 1474 { 1475 struct ctl_table_set *root_set = &sysctl_table_root.default_set; 1476 struct ctl_table_root *root = header->root; 1477 struct ctl_dir *parent = header->parent; 1478 struct ctl_dir *core_parent; 1479 const struct ctl_table *entry; 1480 1481 if (header->set == root_set) 1482 return; 1483 1484 core_parent = xlate_dir(root_set, parent); 1485 if (IS_ERR(core_parent)) 1486 return; 1487 1488 list_for_each_table_entry(entry, header) { 1489 struct ctl_table_header *link_head; 1490 const struct ctl_table *link; 1491 const char *name = entry->procname; 1492 1493 link = find_entry(&link_head, core_parent, name, strlen(name)); 1494 if (link && 1495 ((S_ISDIR(link->mode) && S_ISDIR(entry->mode)) || 1496 (S_ISLNK(link->mode) && (link->data == root)))) { 1497 drop_sysctl_table(link_head); 1498 } 1499 else { 1500 pr_err("sysctl link missing during unregister: "); 1501 sysctl_print_dir(parent); 1502 pr_cont("%s\n", name); 1503 } 1504 } 1505 } 1506 1507 static void drop_sysctl_table(struct ctl_table_header *header) 1508 { 1509 struct ctl_dir *parent = header->parent; 1510 1511 if (--header->nreg) 1512 return; 1513 1514 if (parent) { 1515 put_links(header); 1516 start_unregistering(header); 1517 } 1518 1519 if (!--header->count) 1520 kfree_rcu(header, rcu); 1521 1522 if (parent) 1523 drop_sysctl_table(&parent->header); 1524 } 1525 1526 /** 1527 * unregister_sysctl_table - unregister a sysctl table hierarchy 1528 * @header: the header returned from register_sysctl or __register_sysctl_table 1529 * 1530 * Unregisters the sysctl table and all children. proc entries may not 1531 * actually be removed until they are no longer used by anyone. 1532 */ 1533 void unregister_sysctl_table(struct ctl_table_header * header) 1534 { 1535 might_sleep(); 1536 1537 if (header == NULL) 1538 return; 1539 1540 spin_lock(&sysctl_lock); 1541 drop_sysctl_table(header); 1542 spin_unlock(&sysctl_lock); 1543 } 1544 EXPORT_SYMBOL(unregister_sysctl_table); 1545 1546 void setup_sysctl_set(struct ctl_table_set *set, 1547 struct ctl_table_root *root, 1548 int (*is_seen)(struct ctl_table_set *)) 1549 { 1550 memset(set, 0, sizeof(*set)); 1551 set->is_seen = is_seen; 1552 init_header(&set->dir.header, root, set, NULL, root_table, 1); 1553 } 1554 1555 void retire_sysctl_set(struct ctl_table_set *set) 1556 { 1557 WARN_ON(!RB_EMPTY_ROOT(&set->dir.root)); 1558 } 1559 1560 int __init proc_sys_init(void) 1561 { 1562 struct proc_dir_entry *proc_sys_root; 1563 1564 proc_sys_root = proc_mkdir("sys", NULL); 1565 proc_sys_root->proc_iops = &proc_sys_dir_operations; 1566 proc_sys_root->proc_dir_ops = &proc_sys_dir_file_operations; 1567 proc_sys_root->nlink = 0; 1568 1569 return sysctl_init_bases(); 1570 } 1571 1572 struct sysctl_alias { 1573 const char *kernel_param; 1574 const char *sysctl_param; 1575 }; 1576 1577 /* 1578 * Historically some settings had both sysctl and a command line parameter. 1579 * With the generic sysctl. parameter support, we can handle them at a single 1580 * place and only keep the historical name for compatibility. This is not meant 1581 * to add brand new aliases. When adding existing aliases, consider whether 1582 * the possibly different moment of changing the value (e.g. from early_param 1583 * to the moment do_sysctl_args() is called) is an issue for the specific 1584 * parameter. 1585 */ 1586 static const struct sysctl_alias sysctl_aliases[] = { 1587 {"hardlockup_all_cpu_backtrace", "kernel.hardlockup_all_cpu_backtrace" }, 1588 {"hung_task_panic", "kernel.hung_task_panic" }, 1589 {"numa_zonelist_order", "vm.numa_zonelist_order" }, 1590 {"softlockup_all_cpu_backtrace", "kernel.softlockup_all_cpu_backtrace" }, 1591 { } 1592 }; 1593 1594 static const char *sysctl_find_alias(char *param) 1595 { 1596 const struct sysctl_alias *alias; 1597 1598 for (alias = &sysctl_aliases[0]; alias->kernel_param != NULL; alias++) { 1599 if (strcmp(alias->kernel_param, param) == 0) 1600 return alias->sysctl_param; 1601 } 1602 1603 return NULL; 1604 } 1605 1606 bool sysctl_is_alias(char *param) 1607 { 1608 const char *alias = sysctl_find_alias(param); 1609 1610 return alias != NULL; 1611 } 1612 1613 /* Set sysctl value passed on kernel command line. */ 1614 static int process_sysctl_arg(char *param, char *val, 1615 const char *unused, void *arg) 1616 { 1617 char *path; 1618 struct vfsmount **proc_mnt = arg; 1619 struct file_system_type *proc_fs_type; 1620 struct file *file; 1621 int len; 1622 int err; 1623 loff_t pos = 0; 1624 ssize_t wret; 1625 1626 if (strncmp(param, "sysctl", sizeof("sysctl") - 1) == 0) { 1627 param += sizeof("sysctl") - 1; 1628 1629 if (param[0] != '/' && param[0] != '.') 1630 return 0; 1631 1632 param++; 1633 } else { 1634 param = (char *) sysctl_find_alias(param); 1635 if (!param) 1636 return 0; 1637 } 1638 1639 if (!val) 1640 return -EINVAL; 1641 len = strlen(val); 1642 if (len == 0) 1643 return -EINVAL; 1644 1645 /* 1646 * To set sysctl options, we use a temporary mount of proc, look up the 1647 * respective sys/ file and write to it. To avoid mounting it when no 1648 * options were given, we mount it only when the first sysctl option is 1649 * found. Why not a persistent mount? There are problems with a 1650 * persistent mount of proc in that it forces userspace not to use any 1651 * proc mount options. 1652 */ 1653 if (!*proc_mnt) { 1654 proc_fs_type = get_fs_type("proc"); 1655 if (!proc_fs_type) { 1656 pr_err("Failed to find procfs to set sysctl from command line\n"); 1657 return 0; 1658 } 1659 *proc_mnt = kern_mount(proc_fs_type); 1660 put_filesystem(proc_fs_type); 1661 if (IS_ERR(*proc_mnt)) { 1662 pr_err("Failed to mount procfs to set sysctl from command line\n"); 1663 return 0; 1664 } 1665 } 1666 1667 path = kasprintf(GFP_KERNEL, "sys/%s", param); 1668 if (!path) 1669 panic("%s: Failed to allocate path for %s\n", __func__, param); 1670 strreplace(path, '.', '/'); 1671 1672 file = file_open_root_mnt(*proc_mnt, path, O_WRONLY, 0); 1673 if (IS_ERR(file)) { 1674 err = PTR_ERR(file); 1675 if (err == -ENOENT) 1676 pr_err("Failed to set sysctl parameter '%s=%s': parameter not found\n", 1677 param, val); 1678 else if (err == -EACCES) 1679 pr_err("Failed to set sysctl parameter '%s=%s': permission denied (read-only?)\n", 1680 param, val); 1681 else 1682 pr_err("Error %pe opening proc file to set sysctl parameter '%s=%s'\n", 1683 file, param, val); 1684 goto out; 1685 } 1686 wret = kernel_write(file, val, len, &pos); 1687 if (wret < 0) { 1688 err = wret; 1689 if (err == -EINVAL) 1690 pr_err("Failed to set sysctl parameter '%s=%s': invalid value\n", 1691 param, val); 1692 else 1693 pr_err("Error %pe writing to proc file to set sysctl parameter '%s=%s'\n", 1694 ERR_PTR(err), param, val); 1695 } else if (wret != len) { 1696 pr_err("Wrote only %zd bytes of %d writing to proc file %s to set sysctl parameter '%s=%s\n", 1697 wret, len, path, param, val); 1698 } 1699 1700 err = filp_close(file, NULL); 1701 if (err) 1702 pr_err("Error %pe closing proc file to set sysctl parameter '%s=%s\n", 1703 ERR_PTR(err), param, val); 1704 out: 1705 kfree(path); 1706 return 0; 1707 } 1708 1709 void do_sysctl_args(void) 1710 { 1711 char *command_line; 1712 struct vfsmount *proc_mnt = NULL; 1713 1714 command_line = kstrdup(saved_command_line, GFP_KERNEL); 1715 if (!command_line) 1716 panic("%s: Failed to allocate copy of command line\n", __func__); 1717 1718 parse_args("Setting sysctl args", command_line, 1719 NULL, 0, -1, -1, &proc_mnt, process_sysctl_arg); 1720 1721 if (proc_mnt) 1722 kern_unmount(proc_mnt); 1723 1724 kfree(command_line); 1725 } 1726