1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * sysctl.c: General linux system control interface 4 * 5 * Begun 24 March 1995, Stephen Tweedie 6 * Added /proc support, Dec 1995 7 * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas. 8 * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver. 9 * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver. 10 * Dynamic registration fixes, Stephen Tweedie. 11 * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn. 12 * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris 13 * Horn. 14 * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer. 15 * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer. 16 * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill 17 * Wendling. 18 * The list_for_each() macro wasn't appropriate for the sysctl loop. 19 * Removed it and replaced it with older style, 03/23/00, Bill Wendling 20 */ 21 22 #include <linux/module.h> 23 #include <linux/aio.h> 24 #include <linux/mm.h> 25 #include <linux/swap.h> 26 #include <linux/slab.h> 27 #include <linux/sysctl.h> 28 #include <linux/bitmap.h> 29 #include <linux/signal.h> 30 #include <linux/printk.h> 31 #include <linux/proc_fs.h> 32 #include <linux/security.h> 33 #include <linux/ctype.h> 34 #include <linux/kmemleak.h> 35 #include <linux/fs.h> 36 #include <linux/init.h> 37 #include <linux/kernel.h> 38 #include <linux/kobject.h> 39 #include <linux/net.h> 40 #include <linux/sysrq.h> 41 #include <linux/highuid.h> 42 #include <linux/writeback.h> 43 #include <linux/ratelimit.h> 44 #include <linux/compaction.h> 45 #include <linux/hugetlb.h> 46 #include <linux/initrd.h> 47 #include <linux/key.h> 48 #include <linux/times.h> 49 #include <linux/limits.h> 50 #include <linux/dcache.h> 51 #include <linux/dnotify.h> 52 #include <linux/syscalls.h> 53 #include <linux/vmstat.h> 54 #include <linux/nfs_fs.h> 55 #include <linux/acpi.h> 56 #include <linux/reboot.h> 57 #include <linux/ftrace.h> 58 #include <linux/perf_event.h> 59 #include <linux/kprobes.h> 60 #include <linux/pipe_fs_i.h> 61 #include <linux/oom.h> 62 #include <linux/kmod.h> 63 #include <linux/capability.h> 64 #include <linux/binfmts.h> 65 #include <linux/sched/sysctl.h> 66 #include <linux/sched/coredump.h> 67 #include <linux/kexec.h> 68 #include <linux/bpf.h> 69 #include <linux/mount.h> 70 #include <linux/userfaultfd_k.h> 71 72 #include "../lib/kstrtox.h" 73 74 #include <linux/uaccess.h> 75 #include <asm/processor.h> 76 77 #ifdef CONFIG_X86 78 #include <asm/nmi.h> 79 #include <asm/stacktrace.h> 80 #include <asm/io.h> 81 #endif 82 #ifdef CONFIG_SPARC 83 #include <asm/setup.h> 84 #endif 85 #ifdef CONFIG_BSD_PROCESS_ACCT 86 #include <linux/acct.h> 87 #endif 88 #ifdef CONFIG_RT_MUTEXES 89 #include <linux/rtmutex.h> 90 #endif 91 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT) 92 #include <linux/lockdep.h> 93 #endif 94 #ifdef CONFIG_CHR_DEV_SG 95 #include <scsi/sg.h> 96 #endif 97 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE 98 #include <linux/stackleak.h> 99 #endif 100 #ifdef CONFIG_LOCKUP_DETECTOR 101 #include <linux/nmi.h> 102 #endif 103 104 #if defined(CONFIG_SYSCTL) 105 106 /* External variables not in a header file. */ 107 extern int suid_dumpable; 108 #ifdef CONFIG_COREDUMP 109 extern int core_uses_pid; 110 extern char core_pattern[]; 111 extern unsigned int core_pipe_limit; 112 #endif 113 extern int pid_max; 114 extern int pid_max_min, pid_max_max; 115 extern int percpu_pagelist_fraction; 116 extern int latencytop_enabled; 117 extern unsigned int sysctl_nr_open_min, sysctl_nr_open_max; 118 #ifndef CONFIG_MMU 119 extern int sysctl_nr_trim_pages; 120 #endif 121 122 /* Constants used for minimum and maximum */ 123 #ifdef CONFIG_LOCKUP_DETECTOR 124 static int sixty = 60; 125 #endif 126 127 static int __maybe_unused neg_one = -1; 128 static int __maybe_unused two = 2; 129 static int __maybe_unused four = 4; 130 static unsigned long zero_ul; 131 static unsigned long one_ul = 1; 132 static unsigned long long_max = LONG_MAX; 133 static int one_hundred = 100; 134 static int one_thousand = 1000; 135 #ifdef CONFIG_PRINTK 136 static int ten_thousand = 10000; 137 #endif 138 #ifdef CONFIG_PERF_EVENTS 139 static int six_hundred_forty_kb = 640 * 1024; 140 #endif 141 142 /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */ 143 static unsigned long dirty_bytes_min = 2 * PAGE_SIZE; 144 145 /* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */ 146 static int maxolduid = 65535; 147 static int minolduid; 148 149 static int ngroups_max = NGROUPS_MAX; 150 static const int cap_last_cap = CAP_LAST_CAP; 151 152 /* 153 * This is needed for proc_doulongvec_minmax of sysctl_hung_task_timeout_secs 154 * and hung_task_check_interval_secs 155 */ 156 #ifdef CONFIG_DETECT_HUNG_TASK 157 static unsigned long hung_task_timeout_max = (LONG_MAX/HZ); 158 #endif 159 160 #ifdef CONFIG_INOTIFY_USER 161 #include <linux/inotify.h> 162 #endif 163 #ifdef CONFIG_SPARC 164 #endif 165 166 #ifdef CONFIG_PARISC 167 extern int pwrsw_enabled; 168 #endif 169 170 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW 171 extern int unaligned_enabled; 172 #endif 173 174 #ifdef CONFIG_IA64 175 extern int unaligned_dump_stack; 176 #endif 177 178 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN 179 extern int no_unaligned_warning; 180 #endif 181 182 #ifdef CONFIG_PROC_SYSCTL 183 184 /** 185 * enum sysctl_writes_mode - supported sysctl write modes 186 * 187 * @SYSCTL_WRITES_LEGACY: each write syscall must fully contain the sysctl value 188 * to be written, and multiple writes on the same sysctl file descriptor 189 * will rewrite the sysctl value, regardless of file position. No warning 190 * is issued when the initial position is not 0. 191 * @SYSCTL_WRITES_WARN: same as above but warn when the initial file position is 192 * not 0. 193 * @SYSCTL_WRITES_STRICT: writes to numeric sysctl entries must always be at 194 * file position 0 and the value must be fully contained in the buffer 195 * sent to the write syscall. If dealing with strings respect the file 196 * position, but restrict this to the max length of the buffer, anything 197 * passed the max length will be ignored. Multiple writes will append 198 * to the buffer. 199 * 200 * These write modes control how current file position affects the behavior of 201 * updating sysctl values through the proc interface on each write. 202 */ 203 enum sysctl_writes_mode { 204 SYSCTL_WRITES_LEGACY = -1, 205 SYSCTL_WRITES_WARN = 0, 206 SYSCTL_WRITES_STRICT = 1, 207 }; 208 209 static enum sysctl_writes_mode sysctl_writes_strict = SYSCTL_WRITES_STRICT; 210 211 static int proc_do_cad_pid(struct ctl_table *table, int write, 212 void __user *buffer, size_t *lenp, loff_t *ppos); 213 static int proc_taint(struct ctl_table *table, int write, 214 void __user *buffer, size_t *lenp, loff_t *ppos); 215 #endif 216 217 #ifdef CONFIG_PRINTK 218 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, 219 void __user *buffer, size_t *lenp, loff_t *ppos); 220 #endif 221 222 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, 223 void __user *buffer, size_t *lenp, loff_t *ppos); 224 #ifdef CONFIG_COREDUMP 225 static int proc_dostring_coredump(struct ctl_table *table, int write, 226 void __user *buffer, size_t *lenp, loff_t *ppos); 227 #endif 228 static int proc_dopipe_max_size(struct ctl_table *table, int write, 229 void __user *buffer, size_t *lenp, loff_t *ppos); 230 231 #ifdef CONFIG_MAGIC_SYSRQ 232 static int sysrq_sysctl_handler(struct ctl_table *table, int write, 233 void __user *buffer, size_t *lenp, loff_t *ppos); 234 #endif 235 236 static struct ctl_table kern_table[]; 237 static struct ctl_table vm_table[]; 238 static struct ctl_table fs_table[]; 239 static struct ctl_table debug_table[]; 240 static struct ctl_table dev_table[]; 241 extern struct ctl_table random_table[]; 242 #ifdef CONFIG_EPOLL 243 extern struct ctl_table epoll_table[]; 244 #endif 245 246 #ifdef CONFIG_FW_LOADER_USER_HELPER 247 extern struct ctl_table firmware_config_table[]; 248 #endif 249 250 #if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \ 251 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT) 252 int sysctl_legacy_va_layout; 253 #endif 254 255 /* The default sysctl tables: */ 256 257 static struct ctl_table sysctl_base_table[] = { 258 { 259 .procname = "kernel", 260 .mode = 0555, 261 .child = kern_table, 262 }, 263 { 264 .procname = "vm", 265 .mode = 0555, 266 .child = vm_table, 267 }, 268 { 269 .procname = "fs", 270 .mode = 0555, 271 .child = fs_table, 272 }, 273 { 274 .procname = "debug", 275 .mode = 0555, 276 .child = debug_table, 277 }, 278 { 279 .procname = "dev", 280 .mode = 0555, 281 .child = dev_table, 282 }, 283 { } 284 }; 285 286 #ifdef CONFIG_SCHED_DEBUG 287 static int min_sched_granularity_ns = 100000; /* 100 usecs */ 288 static int max_sched_granularity_ns = NSEC_PER_SEC; /* 1 second */ 289 static int min_wakeup_granularity_ns; /* 0 usecs */ 290 static int max_wakeup_granularity_ns = NSEC_PER_SEC; /* 1 second */ 291 #ifdef CONFIG_SMP 292 static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE; 293 static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1; 294 #endif /* CONFIG_SMP */ 295 #endif /* CONFIG_SCHED_DEBUG */ 296 297 #ifdef CONFIG_COMPACTION 298 static int min_extfrag_threshold; 299 static int max_extfrag_threshold = 1000; 300 #endif 301 302 static struct ctl_table kern_table[] = { 303 { 304 .procname = "sched_child_runs_first", 305 .data = &sysctl_sched_child_runs_first, 306 .maxlen = sizeof(unsigned int), 307 .mode = 0644, 308 .proc_handler = proc_dointvec, 309 }, 310 #ifdef CONFIG_SCHED_DEBUG 311 { 312 .procname = "sched_min_granularity_ns", 313 .data = &sysctl_sched_min_granularity, 314 .maxlen = sizeof(unsigned int), 315 .mode = 0644, 316 .proc_handler = sched_proc_update_handler, 317 .extra1 = &min_sched_granularity_ns, 318 .extra2 = &max_sched_granularity_ns, 319 }, 320 { 321 .procname = "sched_latency_ns", 322 .data = &sysctl_sched_latency, 323 .maxlen = sizeof(unsigned int), 324 .mode = 0644, 325 .proc_handler = sched_proc_update_handler, 326 .extra1 = &min_sched_granularity_ns, 327 .extra2 = &max_sched_granularity_ns, 328 }, 329 { 330 .procname = "sched_wakeup_granularity_ns", 331 .data = &sysctl_sched_wakeup_granularity, 332 .maxlen = sizeof(unsigned int), 333 .mode = 0644, 334 .proc_handler = sched_proc_update_handler, 335 .extra1 = &min_wakeup_granularity_ns, 336 .extra2 = &max_wakeup_granularity_ns, 337 }, 338 #ifdef CONFIG_SMP 339 { 340 .procname = "sched_tunable_scaling", 341 .data = &sysctl_sched_tunable_scaling, 342 .maxlen = sizeof(enum sched_tunable_scaling), 343 .mode = 0644, 344 .proc_handler = sched_proc_update_handler, 345 .extra1 = &min_sched_tunable_scaling, 346 .extra2 = &max_sched_tunable_scaling, 347 }, 348 { 349 .procname = "sched_migration_cost_ns", 350 .data = &sysctl_sched_migration_cost, 351 .maxlen = sizeof(unsigned int), 352 .mode = 0644, 353 .proc_handler = proc_dointvec, 354 }, 355 { 356 .procname = "sched_nr_migrate", 357 .data = &sysctl_sched_nr_migrate, 358 .maxlen = sizeof(unsigned int), 359 .mode = 0644, 360 .proc_handler = proc_dointvec, 361 }, 362 #ifdef CONFIG_SCHEDSTATS 363 { 364 .procname = "sched_schedstats", 365 .data = NULL, 366 .maxlen = sizeof(unsigned int), 367 .mode = 0644, 368 .proc_handler = sysctl_schedstats, 369 .extra1 = SYSCTL_ZERO, 370 .extra2 = SYSCTL_ONE, 371 }, 372 #endif /* CONFIG_SCHEDSTATS */ 373 #endif /* CONFIG_SMP */ 374 #ifdef CONFIG_NUMA_BALANCING 375 { 376 .procname = "numa_balancing_scan_delay_ms", 377 .data = &sysctl_numa_balancing_scan_delay, 378 .maxlen = sizeof(unsigned int), 379 .mode = 0644, 380 .proc_handler = proc_dointvec, 381 }, 382 { 383 .procname = "numa_balancing_scan_period_min_ms", 384 .data = &sysctl_numa_balancing_scan_period_min, 385 .maxlen = sizeof(unsigned int), 386 .mode = 0644, 387 .proc_handler = proc_dointvec, 388 }, 389 { 390 .procname = "numa_balancing_scan_period_max_ms", 391 .data = &sysctl_numa_balancing_scan_period_max, 392 .maxlen = sizeof(unsigned int), 393 .mode = 0644, 394 .proc_handler = proc_dointvec, 395 }, 396 { 397 .procname = "numa_balancing_scan_size_mb", 398 .data = &sysctl_numa_balancing_scan_size, 399 .maxlen = sizeof(unsigned int), 400 .mode = 0644, 401 .proc_handler = proc_dointvec_minmax, 402 .extra1 = SYSCTL_ONE, 403 }, 404 { 405 .procname = "numa_balancing", 406 .data = NULL, /* filled in by handler */ 407 .maxlen = sizeof(unsigned int), 408 .mode = 0644, 409 .proc_handler = sysctl_numa_balancing, 410 .extra1 = SYSCTL_ZERO, 411 .extra2 = SYSCTL_ONE, 412 }, 413 #endif /* CONFIG_NUMA_BALANCING */ 414 #endif /* CONFIG_SCHED_DEBUG */ 415 { 416 .procname = "sched_rt_period_us", 417 .data = &sysctl_sched_rt_period, 418 .maxlen = sizeof(unsigned int), 419 .mode = 0644, 420 .proc_handler = sched_rt_handler, 421 }, 422 { 423 .procname = "sched_rt_runtime_us", 424 .data = &sysctl_sched_rt_runtime, 425 .maxlen = sizeof(int), 426 .mode = 0644, 427 .proc_handler = sched_rt_handler, 428 }, 429 { 430 .procname = "sched_rr_timeslice_ms", 431 .data = &sysctl_sched_rr_timeslice, 432 .maxlen = sizeof(int), 433 .mode = 0644, 434 .proc_handler = sched_rr_handler, 435 }, 436 #ifdef CONFIG_UCLAMP_TASK 437 { 438 .procname = "sched_util_clamp_min", 439 .data = &sysctl_sched_uclamp_util_min, 440 .maxlen = sizeof(unsigned int), 441 .mode = 0644, 442 .proc_handler = sysctl_sched_uclamp_handler, 443 }, 444 { 445 .procname = "sched_util_clamp_max", 446 .data = &sysctl_sched_uclamp_util_max, 447 .maxlen = sizeof(unsigned int), 448 .mode = 0644, 449 .proc_handler = sysctl_sched_uclamp_handler, 450 }, 451 #endif 452 #ifdef CONFIG_SCHED_AUTOGROUP 453 { 454 .procname = "sched_autogroup_enabled", 455 .data = &sysctl_sched_autogroup_enabled, 456 .maxlen = sizeof(unsigned int), 457 .mode = 0644, 458 .proc_handler = proc_dointvec_minmax, 459 .extra1 = SYSCTL_ZERO, 460 .extra2 = SYSCTL_ONE, 461 }, 462 #endif 463 #ifdef CONFIG_CFS_BANDWIDTH 464 { 465 .procname = "sched_cfs_bandwidth_slice_us", 466 .data = &sysctl_sched_cfs_bandwidth_slice, 467 .maxlen = sizeof(unsigned int), 468 .mode = 0644, 469 .proc_handler = proc_dointvec_minmax, 470 .extra1 = SYSCTL_ONE, 471 }, 472 #endif 473 #if defined(CONFIG_ENERGY_MODEL) && defined(CONFIG_CPU_FREQ_GOV_SCHEDUTIL) 474 { 475 .procname = "sched_energy_aware", 476 .data = &sysctl_sched_energy_aware, 477 .maxlen = sizeof(unsigned int), 478 .mode = 0644, 479 .proc_handler = sched_energy_aware_handler, 480 .extra1 = SYSCTL_ZERO, 481 .extra2 = SYSCTL_ONE, 482 }, 483 #endif 484 #ifdef CONFIG_PROVE_LOCKING 485 { 486 .procname = "prove_locking", 487 .data = &prove_locking, 488 .maxlen = sizeof(int), 489 .mode = 0644, 490 .proc_handler = proc_dointvec, 491 }, 492 #endif 493 #ifdef CONFIG_LOCK_STAT 494 { 495 .procname = "lock_stat", 496 .data = &lock_stat, 497 .maxlen = sizeof(int), 498 .mode = 0644, 499 .proc_handler = proc_dointvec, 500 }, 501 #endif 502 { 503 .procname = "panic", 504 .data = &panic_timeout, 505 .maxlen = sizeof(int), 506 .mode = 0644, 507 .proc_handler = proc_dointvec, 508 }, 509 #ifdef CONFIG_COREDUMP 510 { 511 .procname = "core_uses_pid", 512 .data = &core_uses_pid, 513 .maxlen = sizeof(int), 514 .mode = 0644, 515 .proc_handler = proc_dointvec, 516 }, 517 { 518 .procname = "core_pattern", 519 .data = core_pattern, 520 .maxlen = CORENAME_MAX_SIZE, 521 .mode = 0644, 522 .proc_handler = proc_dostring_coredump, 523 }, 524 { 525 .procname = "core_pipe_limit", 526 .data = &core_pipe_limit, 527 .maxlen = sizeof(unsigned int), 528 .mode = 0644, 529 .proc_handler = proc_dointvec, 530 }, 531 #endif 532 #ifdef CONFIG_PROC_SYSCTL 533 { 534 .procname = "tainted", 535 .maxlen = sizeof(long), 536 .mode = 0644, 537 .proc_handler = proc_taint, 538 }, 539 { 540 .procname = "sysctl_writes_strict", 541 .data = &sysctl_writes_strict, 542 .maxlen = sizeof(int), 543 .mode = 0644, 544 .proc_handler = proc_dointvec_minmax, 545 .extra1 = &neg_one, 546 .extra2 = SYSCTL_ONE, 547 }, 548 #endif 549 #ifdef CONFIG_LATENCYTOP 550 { 551 .procname = "latencytop", 552 .data = &latencytop_enabled, 553 .maxlen = sizeof(int), 554 .mode = 0644, 555 .proc_handler = sysctl_latencytop, 556 }, 557 #endif 558 #ifdef CONFIG_BLK_DEV_INITRD 559 { 560 .procname = "real-root-dev", 561 .data = &real_root_dev, 562 .maxlen = sizeof(int), 563 .mode = 0644, 564 .proc_handler = proc_dointvec, 565 }, 566 #endif 567 { 568 .procname = "print-fatal-signals", 569 .data = &print_fatal_signals, 570 .maxlen = sizeof(int), 571 .mode = 0644, 572 .proc_handler = proc_dointvec, 573 }, 574 #ifdef CONFIG_SPARC 575 { 576 .procname = "reboot-cmd", 577 .data = reboot_command, 578 .maxlen = 256, 579 .mode = 0644, 580 .proc_handler = proc_dostring, 581 }, 582 { 583 .procname = "stop-a", 584 .data = &stop_a_enabled, 585 .maxlen = sizeof (int), 586 .mode = 0644, 587 .proc_handler = proc_dointvec, 588 }, 589 { 590 .procname = "scons-poweroff", 591 .data = &scons_pwroff, 592 .maxlen = sizeof (int), 593 .mode = 0644, 594 .proc_handler = proc_dointvec, 595 }, 596 #endif 597 #ifdef CONFIG_SPARC64 598 { 599 .procname = "tsb-ratio", 600 .data = &sysctl_tsb_ratio, 601 .maxlen = sizeof (int), 602 .mode = 0644, 603 .proc_handler = proc_dointvec, 604 }, 605 #endif 606 #ifdef CONFIG_PARISC 607 { 608 .procname = "soft-power", 609 .data = &pwrsw_enabled, 610 .maxlen = sizeof (int), 611 .mode = 0644, 612 .proc_handler = proc_dointvec, 613 }, 614 #endif 615 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW 616 { 617 .procname = "unaligned-trap", 618 .data = &unaligned_enabled, 619 .maxlen = sizeof (int), 620 .mode = 0644, 621 .proc_handler = proc_dointvec, 622 }, 623 #endif 624 { 625 .procname = "ctrl-alt-del", 626 .data = &C_A_D, 627 .maxlen = sizeof(int), 628 .mode = 0644, 629 .proc_handler = proc_dointvec, 630 }, 631 #ifdef CONFIG_FUNCTION_TRACER 632 { 633 .procname = "ftrace_enabled", 634 .data = &ftrace_enabled, 635 .maxlen = sizeof(int), 636 .mode = 0644, 637 .proc_handler = ftrace_enable_sysctl, 638 }, 639 #endif 640 #ifdef CONFIG_STACK_TRACER 641 { 642 .procname = "stack_tracer_enabled", 643 .data = &stack_tracer_enabled, 644 .maxlen = sizeof(int), 645 .mode = 0644, 646 .proc_handler = stack_trace_sysctl, 647 }, 648 #endif 649 #ifdef CONFIG_TRACING 650 { 651 .procname = "ftrace_dump_on_oops", 652 .data = &ftrace_dump_on_oops, 653 .maxlen = sizeof(int), 654 .mode = 0644, 655 .proc_handler = proc_dointvec, 656 }, 657 { 658 .procname = "traceoff_on_warning", 659 .data = &__disable_trace_on_warning, 660 .maxlen = sizeof(__disable_trace_on_warning), 661 .mode = 0644, 662 .proc_handler = proc_dointvec, 663 }, 664 { 665 .procname = "tracepoint_printk", 666 .data = &tracepoint_printk, 667 .maxlen = sizeof(tracepoint_printk), 668 .mode = 0644, 669 .proc_handler = tracepoint_printk_sysctl, 670 }, 671 #endif 672 #ifdef CONFIG_KEXEC_CORE 673 { 674 .procname = "kexec_load_disabled", 675 .data = &kexec_load_disabled, 676 .maxlen = sizeof(int), 677 .mode = 0644, 678 /* only handle a transition from default "0" to "1" */ 679 .proc_handler = proc_dointvec_minmax, 680 .extra1 = SYSCTL_ONE, 681 .extra2 = SYSCTL_ONE, 682 }, 683 #endif 684 #ifdef CONFIG_MODULES 685 { 686 .procname = "modprobe", 687 .data = &modprobe_path, 688 .maxlen = KMOD_PATH_LEN, 689 .mode = 0644, 690 .proc_handler = proc_dostring, 691 }, 692 { 693 .procname = "modules_disabled", 694 .data = &modules_disabled, 695 .maxlen = sizeof(int), 696 .mode = 0644, 697 /* only handle a transition from default "0" to "1" */ 698 .proc_handler = proc_dointvec_minmax, 699 .extra1 = SYSCTL_ONE, 700 .extra2 = SYSCTL_ONE, 701 }, 702 #endif 703 #ifdef CONFIG_UEVENT_HELPER 704 { 705 .procname = "hotplug", 706 .data = &uevent_helper, 707 .maxlen = UEVENT_HELPER_PATH_LEN, 708 .mode = 0644, 709 .proc_handler = proc_dostring, 710 }, 711 #endif 712 #ifdef CONFIG_CHR_DEV_SG 713 { 714 .procname = "sg-big-buff", 715 .data = &sg_big_buff, 716 .maxlen = sizeof (int), 717 .mode = 0444, 718 .proc_handler = proc_dointvec, 719 }, 720 #endif 721 #ifdef CONFIG_BSD_PROCESS_ACCT 722 { 723 .procname = "acct", 724 .data = &acct_parm, 725 .maxlen = 3*sizeof(int), 726 .mode = 0644, 727 .proc_handler = proc_dointvec, 728 }, 729 #endif 730 #ifdef CONFIG_MAGIC_SYSRQ 731 { 732 .procname = "sysrq", 733 .data = NULL, 734 .maxlen = sizeof (int), 735 .mode = 0644, 736 .proc_handler = sysrq_sysctl_handler, 737 }, 738 #endif 739 #ifdef CONFIG_PROC_SYSCTL 740 { 741 .procname = "cad_pid", 742 .data = NULL, 743 .maxlen = sizeof (int), 744 .mode = 0600, 745 .proc_handler = proc_do_cad_pid, 746 }, 747 #endif 748 { 749 .procname = "threads-max", 750 .data = NULL, 751 .maxlen = sizeof(int), 752 .mode = 0644, 753 .proc_handler = sysctl_max_threads, 754 }, 755 { 756 .procname = "random", 757 .mode = 0555, 758 .child = random_table, 759 }, 760 { 761 .procname = "usermodehelper", 762 .mode = 0555, 763 .child = usermodehelper_table, 764 }, 765 #ifdef CONFIG_FW_LOADER_USER_HELPER 766 { 767 .procname = "firmware_config", 768 .mode = 0555, 769 .child = firmware_config_table, 770 }, 771 #endif 772 { 773 .procname = "overflowuid", 774 .data = &overflowuid, 775 .maxlen = sizeof(int), 776 .mode = 0644, 777 .proc_handler = proc_dointvec_minmax, 778 .extra1 = &minolduid, 779 .extra2 = &maxolduid, 780 }, 781 { 782 .procname = "overflowgid", 783 .data = &overflowgid, 784 .maxlen = sizeof(int), 785 .mode = 0644, 786 .proc_handler = proc_dointvec_minmax, 787 .extra1 = &minolduid, 788 .extra2 = &maxolduid, 789 }, 790 #ifdef CONFIG_S390 791 { 792 .procname = "userprocess_debug", 793 .data = &show_unhandled_signals, 794 .maxlen = sizeof(int), 795 .mode = 0644, 796 .proc_handler = proc_dointvec, 797 }, 798 #endif 799 { 800 .procname = "pid_max", 801 .data = &pid_max, 802 .maxlen = sizeof (int), 803 .mode = 0644, 804 .proc_handler = proc_dointvec_minmax, 805 .extra1 = &pid_max_min, 806 .extra2 = &pid_max_max, 807 }, 808 { 809 .procname = "panic_on_oops", 810 .data = &panic_on_oops, 811 .maxlen = sizeof(int), 812 .mode = 0644, 813 .proc_handler = proc_dointvec, 814 }, 815 { 816 .procname = "panic_print", 817 .data = &panic_print, 818 .maxlen = sizeof(unsigned long), 819 .mode = 0644, 820 .proc_handler = proc_doulongvec_minmax, 821 }, 822 #if defined CONFIG_PRINTK 823 { 824 .procname = "printk", 825 .data = &console_loglevel, 826 .maxlen = 4*sizeof(int), 827 .mode = 0644, 828 .proc_handler = proc_dointvec, 829 }, 830 { 831 .procname = "printk_ratelimit", 832 .data = &printk_ratelimit_state.interval, 833 .maxlen = sizeof(int), 834 .mode = 0644, 835 .proc_handler = proc_dointvec_jiffies, 836 }, 837 { 838 .procname = "printk_ratelimit_burst", 839 .data = &printk_ratelimit_state.burst, 840 .maxlen = sizeof(int), 841 .mode = 0644, 842 .proc_handler = proc_dointvec, 843 }, 844 { 845 .procname = "printk_delay", 846 .data = &printk_delay_msec, 847 .maxlen = sizeof(int), 848 .mode = 0644, 849 .proc_handler = proc_dointvec_minmax, 850 .extra1 = SYSCTL_ZERO, 851 .extra2 = &ten_thousand, 852 }, 853 { 854 .procname = "printk_devkmsg", 855 .data = devkmsg_log_str, 856 .maxlen = DEVKMSG_STR_MAX_SIZE, 857 .mode = 0644, 858 .proc_handler = devkmsg_sysctl_set_loglvl, 859 }, 860 { 861 .procname = "dmesg_restrict", 862 .data = &dmesg_restrict, 863 .maxlen = sizeof(int), 864 .mode = 0644, 865 .proc_handler = proc_dointvec_minmax_sysadmin, 866 .extra1 = SYSCTL_ZERO, 867 .extra2 = SYSCTL_ONE, 868 }, 869 { 870 .procname = "kptr_restrict", 871 .data = &kptr_restrict, 872 .maxlen = sizeof(int), 873 .mode = 0644, 874 .proc_handler = proc_dointvec_minmax_sysadmin, 875 .extra1 = SYSCTL_ZERO, 876 .extra2 = &two, 877 }, 878 #endif 879 { 880 .procname = "ngroups_max", 881 .data = &ngroups_max, 882 .maxlen = sizeof (int), 883 .mode = 0444, 884 .proc_handler = proc_dointvec, 885 }, 886 { 887 .procname = "cap_last_cap", 888 .data = (void *)&cap_last_cap, 889 .maxlen = sizeof(int), 890 .mode = 0444, 891 .proc_handler = proc_dointvec, 892 }, 893 #if defined(CONFIG_LOCKUP_DETECTOR) 894 { 895 .procname = "watchdog", 896 .data = &watchdog_user_enabled, 897 .maxlen = sizeof(int), 898 .mode = 0644, 899 .proc_handler = proc_watchdog, 900 .extra1 = SYSCTL_ZERO, 901 .extra2 = SYSCTL_ONE, 902 }, 903 { 904 .procname = "watchdog_thresh", 905 .data = &watchdog_thresh, 906 .maxlen = sizeof(int), 907 .mode = 0644, 908 .proc_handler = proc_watchdog_thresh, 909 .extra1 = SYSCTL_ZERO, 910 .extra2 = &sixty, 911 }, 912 { 913 .procname = "nmi_watchdog", 914 .data = &nmi_watchdog_user_enabled, 915 .maxlen = sizeof(int), 916 .mode = NMI_WATCHDOG_SYSCTL_PERM, 917 .proc_handler = proc_nmi_watchdog, 918 .extra1 = SYSCTL_ZERO, 919 .extra2 = SYSCTL_ONE, 920 }, 921 { 922 .procname = "watchdog_cpumask", 923 .data = &watchdog_cpumask_bits, 924 .maxlen = NR_CPUS, 925 .mode = 0644, 926 .proc_handler = proc_watchdog_cpumask, 927 }, 928 #ifdef CONFIG_SOFTLOCKUP_DETECTOR 929 { 930 .procname = "soft_watchdog", 931 .data = &soft_watchdog_user_enabled, 932 .maxlen = sizeof(int), 933 .mode = 0644, 934 .proc_handler = proc_soft_watchdog, 935 .extra1 = SYSCTL_ZERO, 936 .extra2 = SYSCTL_ONE, 937 }, 938 { 939 .procname = "softlockup_panic", 940 .data = &softlockup_panic, 941 .maxlen = sizeof(int), 942 .mode = 0644, 943 .proc_handler = proc_dointvec_minmax, 944 .extra1 = SYSCTL_ZERO, 945 .extra2 = SYSCTL_ONE, 946 }, 947 #ifdef CONFIG_SMP 948 { 949 .procname = "softlockup_all_cpu_backtrace", 950 .data = &sysctl_softlockup_all_cpu_backtrace, 951 .maxlen = sizeof(int), 952 .mode = 0644, 953 .proc_handler = proc_dointvec_minmax, 954 .extra1 = SYSCTL_ZERO, 955 .extra2 = SYSCTL_ONE, 956 }, 957 #endif /* CONFIG_SMP */ 958 #endif 959 #ifdef CONFIG_HARDLOCKUP_DETECTOR 960 { 961 .procname = "hardlockup_panic", 962 .data = &hardlockup_panic, 963 .maxlen = sizeof(int), 964 .mode = 0644, 965 .proc_handler = proc_dointvec_minmax, 966 .extra1 = SYSCTL_ZERO, 967 .extra2 = SYSCTL_ONE, 968 }, 969 #ifdef CONFIG_SMP 970 { 971 .procname = "hardlockup_all_cpu_backtrace", 972 .data = &sysctl_hardlockup_all_cpu_backtrace, 973 .maxlen = sizeof(int), 974 .mode = 0644, 975 .proc_handler = proc_dointvec_minmax, 976 .extra1 = SYSCTL_ZERO, 977 .extra2 = SYSCTL_ONE, 978 }, 979 #endif /* CONFIG_SMP */ 980 #endif 981 #endif 982 983 #if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86) 984 { 985 .procname = "unknown_nmi_panic", 986 .data = &unknown_nmi_panic, 987 .maxlen = sizeof (int), 988 .mode = 0644, 989 .proc_handler = proc_dointvec, 990 }, 991 #endif 992 #if defined(CONFIG_X86) 993 { 994 .procname = "panic_on_unrecovered_nmi", 995 .data = &panic_on_unrecovered_nmi, 996 .maxlen = sizeof(int), 997 .mode = 0644, 998 .proc_handler = proc_dointvec, 999 }, 1000 { 1001 .procname = "panic_on_io_nmi", 1002 .data = &panic_on_io_nmi, 1003 .maxlen = sizeof(int), 1004 .mode = 0644, 1005 .proc_handler = proc_dointvec, 1006 }, 1007 #ifdef CONFIG_DEBUG_STACKOVERFLOW 1008 { 1009 .procname = "panic_on_stackoverflow", 1010 .data = &sysctl_panic_on_stackoverflow, 1011 .maxlen = sizeof(int), 1012 .mode = 0644, 1013 .proc_handler = proc_dointvec, 1014 }, 1015 #endif 1016 { 1017 .procname = "bootloader_type", 1018 .data = &bootloader_type, 1019 .maxlen = sizeof (int), 1020 .mode = 0444, 1021 .proc_handler = proc_dointvec, 1022 }, 1023 { 1024 .procname = "bootloader_version", 1025 .data = &bootloader_version, 1026 .maxlen = sizeof (int), 1027 .mode = 0444, 1028 .proc_handler = proc_dointvec, 1029 }, 1030 { 1031 .procname = "io_delay_type", 1032 .data = &io_delay_type, 1033 .maxlen = sizeof(int), 1034 .mode = 0644, 1035 .proc_handler = proc_dointvec, 1036 }, 1037 #endif 1038 #if defined(CONFIG_MMU) 1039 { 1040 .procname = "randomize_va_space", 1041 .data = &randomize_va_space, 1042 .maxlen = sizeof(int), 1043 .mode = 0644, 1044 .proc_handler = proc_dointvec, 1045 }, 1046 #endif 1047 #if defined(CONFIG_S390) && defined(CONFIG_SMP) 1048 { 1049 .procname = "spin_retry", 1050 .data = &spin_retry, 1051 .maxlen = sizeof (int), 1052 .mode = 0644, 1053 .proc_handler = proc_dointvec, 1054 }, 1055 #endif 1056 #if defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86) 1057 { 1058 .procname = "acpi_video_flags", 1059 .data = &acpi_realmode_flags, 1060 .maxlen = sizeof (unsigned long), 1061 .mode = 0644, 1062 .proc_handler = proc_doulongvec_minmax, 1063 }, 1064 #endif 1065 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN 1066 { 1067 .procname = "ignore-unaligned-usertrap", 1068 .data = &no_unaligned_warning, 1069 .maxlen = sizeof (int), 1070 .mode = 0644, 1071 .proc_handler = proc_dointvec, 1072 }, 1073 #endif 1074 #ifdef CONFIG_IA64 1075 { 1076 .procname = "unaligned-dump-stack", 1077 .data = &unaligned_dump_stack, 1078 .maxlen = sizeof (int), 1079 .mode = 0644, 1080 .proc_handler = proc_dointvec, 1081 }, 1082 #endif 1083 #ifdef CONFIG_DETECT_HUNG_TASK 1084 { 1085 .procname = "hung_task_panic", 1086 .data = &sysctl_hung_task_panic, 1087 .maxlen = sizeof(int), 1088 .mode = 0644, 1089 .proc_handler = proc_dointvec_minmax, 1090 .extra1 = SYSCTL_ZERO, 1091 .extra2 = SYSCTL_ONE, 1092 }, 1093 { 1094 .procname = "hung_task_check_count", 1095 .data = &sysctl_hung_task_check_count, 1096 .maxlen = sizeof(int), 1097 .mode = 0644, 1098 .proc_handler = proc_dointvec_minmax, 1099 .extra1 = SYSCTL_ZERO, 1100 }, 1101 { 1102 .procname = "hung_task_timeout_secs", 1103 .data = &sysctl_hung_task_timeout_secs, 1104 .maxlen = sizeof(unsigned long), 1105 .mode = 0644, 1106 .proc_handler = proc_dohung_task_timeout_secs, 1107 .extra2 = &hung_task_timeout_max, 1108 }, 1109 { 1110 .procname = "hung_task_check_interval_secs", 1111 .data = &sysctl_hung_task_check_interval_secs, 1112 .maxlen = sizeof(unsigned long), 1113 .mode = 0644, 1114 .proc_handler = proc_dohung_task_timeout_secs, 1115 .extra2 = &hung_task_timeout_max, 1116 }, 1117 { 1118 .procname = "hung_task_warnings", 1119 .data = &sysctl_hung_task_warnings, 1120 .maxlen = sizeof(int), 1121 .mode = 0644, 1122 .proc_handler = proc_dointvec_minmax, 1123 .extra1 = &neg_one, 1124 }, 1125 #endif 1126 #ifdef CONFIG_RT_MUTEXES 1127 { 1128 .procname = "max_lock_depth", 1129 .data = &max_lock_depth, 1130 .maxlen = sizeof(int), 1131 .mode = 0644, 1132 .proc_handler = proc_dointvec, 1133 }, 1134 #endif 1135 { 1136 .procname = "poweroff_cmd", 1137 .data = &poweroff_cmd, 1138 .maxlen = POWEROFF_CMD_PATH_LEN, 1139 .mode = 0644, 1140 .proc_handler = proc_dostring, 1141 }, 1142 #ifdef CONFIG_KEYS 1143 { 1144 .procname = "keys", 1145 .mode = 0555, 1146 .child = key_sysctls, 1147 }, 1148 #endif 1149 #ifdef CONFIG_PERF_EVENTS 1150 /* 1151 * User-space scripts rely on the existence of this file 1152 * as a feature check for perf_events being enabled. 1153 * 1154 * So it's an ABI, do not remove! 1155 */ 1156 { 1157 .procname = "perf_event_paranoid", 1158 .data = &sysctl_perf_event_paranoid, 1159 .maxlen = sizeof(sysctl_perf_event_paranoid), 1160 .mode = 0644, 1161 .proc_handler = proc_dointvec, 1162 }, 1163 { 1164 .procname = "perf_event_mlock_kb", 1165 .data = &sysctl_perf_event_mlock, 1166 .maxlen = sizeof(sysctl_perf_event_mlock), 1167 .mode = 0644, 1168 .proc_handler = proc_dointvec, 1169 }, 1170 { 1171 .procname = "perf_event_max_sample_rate", 1172 .data = &sysctl_perf_event_sample_rate, 1173 .maxlen = sizeof(sysctl_perf_event_sample_rate), 1174 .mode = 0644, 1175 .proc_handler = perf_proc_update_handler, 1176 .extra1 = SYSCTL_ONE, 1177 }, 1178 { 1179 .procname = "perf_cpu_time_max_percent", 1180 .data = &sysctl_perf_cpu_time_max_percent, 1181 .maxlen = sizeof(sysctl_perf_cpu_time_max_percent), 1182 .mode = 0644, 1183 .proc_handler = perf_cpu_time_max_percent_handler, 1184 .extra1 = SYSCTL_ZERO, 1185 .extra2 = &one_hundred, 1186 }, 1187 { 1188 .procname = "perf_event_max_stack", 1189 .data = &sysctl_perf_event_max_stack, 1190 .maxlen = sizeof(sysctl_perf_event_max_stack), 1191 .mode = 0644, 1192 .proc_handler = perf_event_max_stack_handler, 1193 .extra1 = SYSCTL_ZERO, 1194 .extra2 = &six_hundred_forty_kb, 1195 }, 1196 { 1197 .procname = "perf_event_max_contexts_per_stack", 1198 .data = &sysctl_perf_event_max_contexts_per_stack, 1199 .maxlen = sizeof(sysctl_perf_event_max_contexts_per_stack), 1200 .mode = 0644, 1201 .proc_handler = perf_event_max_stack_handler, 1202 .extra1 = SYSCTL_ZERO, 1203 .extra2 = &one_thousand, 1204 }, 1205 #endif 1206 { 1207 .procname = "panic_on_warn", 1208 .data = &panic_on_warn, 1209 .maxlen = sizeof(int), 1210 .mode = 0644, 1211 .proc_handler = proc_dointvec_minmax, 1212 .extra1 = SYSCTL_ZERO, 1213 .extra2 = SYSCTL_ONE, 1214 }, 1215 #if defined(CONFIG_SMP) && defined(CONFIG_NO_HZ_COMMON) 1216 { 1217 .procname = "timer_migration", 1218 .data = &sysctl_timer_migration, 1219 .maxlen = sizeof(unsigned int), 1220 .mode = 0644, 1221 .proc_handler = timer_migration_handler, 1222 .extra1 = SYSCTL_ZERO, 1223 .extra2 = SYSCTL_ONE, 1224 }, 1225 #endif 1226 #ifdef CONFIG_BPF_SYSCALL 1227 { 1228 .procname = "unprivileged_bpf_disabled", 1229 .data = &sysctl_unprivileged_bpf_disabled, 1230 .maxlen = sizeof(sysctl_unprivileged_bpf_disabled), 1231 .mode = 0644, 1232 /* only handle a transition from default "0" to "1" */ 1233 .proc_handler = proc_dointvec_minmax, 1234 .extra1 = SYSCTL_ONE, 1235 .extra2 = SYSCTL_ONE, 1236 }, 1237 { 1238 .procname = "bpf_stats_enabled", 1239 .data = &bpf_stats_enabled_key.key, 1240 .maxlen = sizeof(bpf_stats_enabled_key), 1241 .mode = 0644, 1242 .proc_handler = proc_do_static_key, 1243 }, 1244 #endif 1245 #if defined(CONFIG_TREE_RCU) 1246 { 1247 .procname = "panic_on_rcu_stall", 1248 .data = &sysctl_panic_on_rcu_stall, 1249 .maxlen = sizeof(sysctl_panic_on_rcu_stall), 1250 .mode = 0644, 1251 .proc_handler = proc_dointvec_minmax, 1252 .extra1 = SYSCTL_ZERO, 1253 .extra2 = SYSCTL_ONE, 1254 }, 1255 #endif 1256 #ifdef CONFIG_STACKLEAK_RUNTIME_DISABLE 1257 { 1258 .procname = "stack_erasing", 1259 .data = NULL, 1260 .maxlen = sizeof(int), 1261 .mode = 0600, 1262 .proc_handler = stack_erasing_sysctl, 1263 .extra1 = SYSCTL_ZERO, 1264 .extra2 = SYSCTL_ONE, 1265 }, 1266 #endif 1267 { } 1268 }; 1269 1270 static struct ctl_table vm_table[] = { 1271 { 1272 .procname = "overcommit_memory", 1273 .data = &sysctl_overcommit_memory, 1274 .maxlen = sizeof(sysctl_overcommit_memory), 1275 .mode = 0644, 1276 .proc_handler = proc_dointvec_minmax, 1277 .extra1 = SYSCTL_ZERO, 1278 .extra2 = &two, 1279 }, 1280 { 1281 .procname = "panic_on_oom", 1282 .data = &sysctl_panic_on_oom, 1283 .maxlen = sizeof(sysctl_panic_on_oom), 1284 .mode = 0644, 1285 .proc_handler = proc_dointvec_minmax, 1286 .extra1 = SYSCTL_ZERO, 1287 .extra2 = &two, 1288 }, 1289 { 1290 .procname = "oom_kill_allocating_task", 1291 .data = &sysctl_oom_kill_allocating_task, 1292 .maxlen = sizeof(sysctl_oom_kill_allocating_task), 1293 .mode = 0644, 1294 .proc_handler = proc_dointvec, 1295 }, 1296 { 1297 .procname = "oom_dump_tasks", 1298 .data = &sysctl_oom_dump_tasks, 1299 .maxlen = sizeof(sysctl_oom_dump_tasks), 1300 .mode = 0644, 1301 .proc_handler = proc_dointvec, 1302 }, 1303 { 1304 .procname = "overcommit_ratio", 1305 .data = &sysctl_overcommit_ratio, 1306 .maxlen = sizeof(sysctl_overcommit_ratio), 1307 .mode = 0644, 1308 .proc_handler = overcommit_ratio_handler, 1309 }, 1310 { 1311 .procname = "overcommit_kbytes", 1312 .data = &sysctl_overcommit_kbytes, 1313 .maxlen = sizeof(sysctl_overcommit_kbytes), 1314 .mode = 0644, 1315 .proc_handler = overcommit_kbytes_handler, 1316 }, 1317 { 1318 .procname = "page-cluster", 1319 .data = &page_cluster, 1320 .maxlen = sizeof(int), 1321 .mode = 0644, 1322 .proc_handler = proc_dointvec_minmax, 1323 .extra1 = SYSCTL_ZERO, 1324 }, 1325 { 1326 .procname = "dirty_background_ratio", 1327 .data = &dirty_background_ratio, 1328 .maxlen = sizeof(dirty_background_ratio), 1329 .mode = 0644, 1330 .proc_handler = dirty_background_ratio_handler, 1331 .extra1 = SYSCTL_ZERO, 1332 .extra2 = &one_hundred, 1333 }, 1334 { 1335 .procname = "dirty_background_bytes", 1336 .data = &dirty_background_bytes, 1337 .maxlen = sizeof(dirty_background_bytes), 1338 .mode = 0644, 1339 .proc_handler = dirty_background_bytes_handler, 1340 .extra1 = &one_ul, 1341 }, 1342 { 1343 .procname = "dirty_ratio", 1344 .data = &vm_dirty_ratio, 1345 .maxlen = sizeof(vm_dirty_ratio), 1346 .mode = 0644, 1347 .proc_handler = dirty_ratio_handler, 1348 .extra1 = SYSCTL_ZERO, 1349 .extra2 = &one_hundred, 1350 }, 1351 { 1352 .procname = "dirty_bytes", 1353 .data = &vm_dirty_bytes, 1354 .maxlen = sizeof(vm_dirty_bytes), 1355 .mode = 0644, 1356 .proc_handler = dirty_bytes_handler, 1357 .extra1 = &dirty_bytes_min, 1358 }, 1359 { 1360 .procname = "dirty_writeback_centisecs", 1361 .data = &dirty_writeback_interval, 1362 .maxlen = sizeof(dirty_writeback_interval), 1363 .mode = 0644, 1364 .proc_handler = dirty_writeback_centisecs_handler, 1365 }, 1366 { 1367 .procname = "dirty_expire_centisecs", 1368 .data = &dirty_expire_interval, 1369 .maxlen = sizeof(dirty_expire_interval), 1370 .mode = 0644, 1371 .proc_handler = proc_dointvec_minmax, 1372 .extra1 = SYSCTL_ZERO, 1373 }, 1374 { 1375 .procname = "dirtytime_expire_seconds", 1376 .data = &dirtytime_expire_interval, 1377 .maxlen = sizeof(dirtytime_expire_interval), 1378 .mode = 0644, 1379 .proc_handler = dirtytime_interval_handler, 1380 .extra1 = SYSCTL_ZERO, 1381 }, 1382 { 1383 .procname = "swappiness", 1384 .data = &vm_swappiness, 1385 .maxlen = sizeof(vm_swappiness), 1386 .mode = 0644, 1387 .proc_handler = proc_dointvec_minmax, 1388 .extra1 = SYSCTL_ZERO, 1389 .extra2 = &one_hundred, 1390 }, 1391 #ifdef CONFIG_HUGETLB_PAGE 1392 { 1393 .procname = "nr_hugepages", 1394 .data = NULL, 1395 .maxlen = sizeof(unsigned long), 1396 .mode = 0644, 1397 .proc_handler = hugetlb_sysctl_handler, 1398 }, 1399 #ifdef CONFIG_NUMA 1400 { 1401 .procname = "nr_hugepages_mempolicy", 1402 .data = NULL, 1403 .maxlen = sizeof(unsigned long), 1404 .mode = 0644, 1405 .proc_handler = &hugetlb_mempolicy_sysctl_handler, 1406 }, 1407 { 1408 .procname = "numa_stat", 1409 .data = &sysctl_vm_numa_stat, 1410 .maxlen = sizeof(int), 1411 .mode = 0644, 1412 .proc_handler = sysctl_vm_numa_stat_handler, 1413 .extra1 = SYSCTL_ZERO, 1414 .extra2 = SYSCTL_ONE, 1415 }, 1416 #endif 1417 { 1418 .procname = "hugetlb_shm_group", 1419 .data = &sysctl_hugetlb_shm_group, 1420 .maxlen = sizeof(gid_t), 1421 .mode = 0644, 1422 .proc_handler = proc_dointvec, 1423 }, 1424 { 1425 .procname = "nr_overcommit_hugepages", 1426 .data = NULL, 1427 .maxlen = sizeof(unsigned long), 1428 .mode = 0644, 1429 .proc_handler = hugetlb_overcommit_handler, 1430 }, 1431 #endif 1432 { 1433 .procname = "lowmem_reserve_ratio", 1434 .data = &sysctl_lowmem_reserve_ratio, 1435 .maxlen = sizeof(sysctl_lowmem_reserve_ratio), 1436 .mode = 0644, 1437 .proc_handler = lowmem_reserve_ratio_sysctl_handler, 1438 }, 1439 { 1440 .procname = "drop_caches", 1441 .data = &sysctl_drop_caches, 1442 .maxlen = sizeof(int), 1443 .mode = 0200, 1444 .proc_handler = drop_caches_sysctl_handler, 1445 .extra1 = SYSCTL_ONE, 1446 .extra2 = &four, 1447 }, 1448 #ifdef CONFIG_COMPACTION 1449 { 1450 .procname = "compact_memory", 1451 .data = &sysctl_compact_memory, 1452 .maxlen = sizeof(int), 1453 .mode = 0200, 1454 .proc_handler = sysctl_compaction_handler, 1455 }, 1456 { 1457 .procname = "extfrag_threshold", 1458 .data = &sysctl_extfrag_threshold, 1459 .maxlen = sizeof(int), 1460 .mode = 0644, 1461 .proc_handler = proc_dointvec_minmax, 1462 .extra1 = &min_extfrag_threshold, 1463 .extra2 = &max_extfrag_threshold, 1464 }, 1465 { 1466 .procname = "compact_unevictable_allowed", 1467 .data = &sysctl_compact_unevictable_allowed, 1468 .maxlen = sizeof(int), 1469 .mode = 0644, 1470 .proc_handler = proc_dointvec, 1471 .extra1 = SYSCTL_ZERO, 1472 .extra2 = SYSCTL_ONE, 1473 }, 1474 1475 #endif /* CONFIG_COMPACTION */ 1476 { 1477 .procname = "min_free_kbytes", 1478 .data = &min_free_kbytes, 1479 .maxlen = sizeof(min_free_kbytes), 1480 .mode = 0644, 1481 .proc_handler = min_free_kbytes_sysctl_handler, 1482 .extra1 = SYSCTL_ZERO, 1483 }, 1484 { 1485 .procname = "watermark_boost_factor", 1486 .data = &watermark_boost_factor, 1487 .maxlen = sizeof(watermark_boost_factor), 1488 .mode = 0644, 1489 .proc_handler = watermark_boost_factor_sysctl_handler, 1490 .extra1 = SYSCTL_ZERO, 1491 }, 1492 { 1493 .procname = "watermark_scale_factor", 1494 .data = &watermark_scale_factor, 1495 .maxlen = sizeof(watermark_scale_factor), 1496 .mode = 0644, 1497 .proc_handler = watermark_scale_factor_sysctl_handler, 1498 .extra1 = SYSCTL_ONE, 1499 .extra2 = &one_thousand, 1500 }, 1501 { 1502 .procname = "percpu_pagelist_fraction", 1503 .data = &percpu_pagelist_fraction, 1504 .maxlen = sizeof(percpu_pagelist_fraction), 1505 .mode = 0644, 1506 .proc_handler = percpu_pagelist_fraction_sysctl_handler, 1507 .extra1 = SYSCTL_ZERO, 1508 }, 1509 #ifdef CONFIG_MMU 1510 { 1511 .procname = "max_map_count", 1512 .data = &sysctl_max_map_count, 1513 .maxlen = sizeof(sysctl_max_map_count), 1514 .mode = 0644, 1515 .proc_handler = proc_dointvec_minmax, 1516 .extra1 = SYSCTL_ZERO, 1517 }, 1518 #else 1519 { 1520 .procname = "nr_trim_pages", 1521 .data = &sysctl_nr_trim_pages, 1522 .maxlen = sizeof(sysctl_nr_trim_pages), 1523 .mode = 0644, 1524 .proc_handler = proc_dointvec_minmax, 1525 .extra1 = SYSCTL_ZERO, 1526 }, 1527 #endif 1528 { 1529 .procname = "laptop_mode", 1530 .data = &laptop_mode, 1531 .maxlen = sizeof(laptop_mode), 1532 .mode = 0644, 1533 .proc_handler = proc_dointvec_jiffies, 1534 }, 1535 { 1536 .procname = "block_dump", 1537 .data = &block_dump, 1538 .maxlen = sizeof(block_dump), 1539 .mode = 0644, 1540 .proc_handler = proc_dointvec, 1541 .extra1 = SYSCTL_ZERO, 1542 }, 1543 { 1544 .procname = "vfs_cache_pressure", 1545 .data = &sysctl_vfs_cache_pressure, 1546 .maxlen = sizeof(sysctl_vfs_cache_pressure), 1547 .mode = 0644, 1548 .proc_handler = proc_dointvec, 1549 .extra1 = SYSCTL_ZERO, 1550 }, 1551 #if defined(HAVE_ARCH_PICK_MMAP_LAYOUT) || \ 1552 defined(CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT) 1553 { 1554 .procname = "legacy_va_layout", 1555 .data = &sysctl_legacy_va_layout, 1556 .maxlen = sizeof(sysctl_legacy_va_layout), 1557 .mode = 0644, 1558 .proc_handler = proc_dointvec, 1559 .extra1 = SYSCTL_ZERO, 1560 }, 1561 #endif 1562 #ifdef CONFIG_NUMA 1563 { 1564 .procname = "zone_reclaim_mode", 1565 .data = &node_reclaim_mode, 1566 .maxlen = sizeof(node_reclaim_mode), 1567 .mode = 0644, 1568 .proc_handler = proc_dointvec, 1569 .extra1 = SYSCTL_ZERO, 1570 }, 1571 { 1572 .procname = "min_unmapped_ratio", 1573 .data = &sysctl_min_unmapped_ratio, 1574 .maxlen = sizeof(sysctl_min_unmapped_ratio), 1575 .mode = 0644, 1576 .proc_handler = sysctl_min_unmapped_ratio_sysctl_handler, 1577 .extra1 = SYSCTL_ZERO, 1578 .extra2 = &one_hundred, 1579 }, 1580 { 1581 .procname = "min_slab_ratio", 1582 .data = &sysctl_min_slab_ratio, 1583 .maxlen = sizeof(sysctl_min_slab_ratio), 1584 .mode = 0644, 1585 .proc_handler = sysctl_min_slab_ratio_sysctl_handler, 1586 .extra1 = SYSCTL_ZERO, 1587 .extra2 = &one_hundred, 1588 }, 1589 #endif 1590 #ifdef CONFIG_SMP 1591 { 1592 .procname = "stat_interval", 1593 .data = &sysctl_stat_interval, 1594 .maxlen = sizeof(sysctl_stat_interval), 1595 .mode = 0644, 1596 .proc_handler = proc_dointvec_jiffies, 1597 }, 1598 { 1599 .procname = "stat_refresh", 1600 .data = NULL, 1601 .maxlen = 0, 1602 .mode = 0600, 1603 .proc_handler = vmstat_refresh, 1604 }, 1605 #endif 1606 #ifdef CONFIG_MMU 1607 { 1608 .procname = "mmap_min_addr", 1609 .data = &dac_mmap_min_addr, 1610 .maxlen = sizeof(unsigned long), 1611 .mode = 0644, 1612 .proc_handler = mmap_min_addr_handler, 1613 }, 1614 #endif 1615 #ifdef CONFIG_NUMA 1616 { 1617 .procname = "numa_zonelist_order", 1618 .data = &numa_zonelist_order, 1619 .maxlen = NUMA_ZONELIST_ORDER_LEN, 1620 .mode = 0644, 1621 .proc_handler = numa_zonelist_order_handler, 1622 }, 1623 #endif 1624 #if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \ 1625 (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL)) 1626 { 1627 .procname = "vdso_enabled", 1628 #ifdef CONFIG_X86_32 1629 .data = &vdso32_enabled, 1630 .maxlen = sizeof(vdso32_enabled), 1631 #else 1632 .data = &vdso_enabled, 1633 .maxlen = sizeof(vdso_enabled), 1634 #endif 1635 .mode = 0644, 1636 .proc_handler = proc_dointvec, 1637 .extra1 = SYSCTL_ZERO, 1638 }, 1639 #endif 1640 #ifdef CONFIG_HIGHMEM 1641 { 1642 .procname = "highmem_is_dirtyable", 1643 .data = &vm_highmem_is_dirtyable, 1644 .maxlen = sizeof(vm_highmem_is_dirtyable), 1645 .mode = 0644, 1646 .proc_handler = proc_dointvec_minmax, 1647 .extra1 = SYSCTL_ZERO, 1648 .extra2 = SYSCTL_ONE, 1649 }, 1650 #endif 1651 #ifdef CONFIG_MEMORY_FAILURE 1652 { 1653 .procname = "memory_failure_early_kill", 1654 .data = &sysctl_memory_failure_early_kill, 1655 .maxlen = sizeof(sysctl_memory_failure_early_kill), 1656 .mode = 0644, 1657 .proc_handler = proc_dointvec_minmax, 1658 .extra1 = SYSCTL_ZERO, 1659 .extra2 = SYSCTL_ONE, 1660 }, 1661 { 1662 .procname = "memory_failure_recovery", 1663 .data = &sysctl_memory_failure_recovery, 1664 .maxlen = sizeof(sysctl_memory_failure_recovery), 1665 .mode = 0644, 1666 .proc_handler = proc_dointvec_minmax, 1667 .extra1 = SYSCTL_ZERO, 1668 .extra2 = SYSCTL_ONE, 1669 }, 1670 #endif 1671 { 1672 .procname = "user_reserve_kbytes", 1673 .data = &sysctl_user_reserve_kbytes, 1674 .maxlen = sizeof(sysctl_user_reserve_kbytes), 1675 .mode = 0644, 1676 .proc_handler = proc_doulongvec_minmax, 1677 }, 1678 { 1679 .procname = "admin_reserve_kbytes", 1680 .data = &sysctl_admin_reserve_kbytes, 1681 .maxlen = sizeof(sysctl_admin_reserve_kbytes), 1682 .mode = 0644, 1683 .proc_handler = proc_doulongvec_minmax, 1684 }, 1685 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_BITS 1686 { 1687 .procname = "mmap_rnd_bits", 1688 .data = &mmap_rnd_bits, 1689 .maxlen = sizeof(mmap_rnd_bits), 1690 .mode = 0600, 1691 .proc_handler = proc_dointvec_minmax, 1692 .extra1 = (void *)&mmap_rnd_bits_min, 1693 .extra2 = (void *)&mmap_rnd_bits_max, 1694 }, 1695 #endif 1696 #ifdef CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS 1697 { 1698 .procname = "mmap_rnd_compat_bits", 1699 .data = &mmap_rnd_compat_bits, 1700 .maxlen = sizeof(mmap_rnd_compat_bits), 1701 .mode = 0600, 1702 .proc_handler = proc_dointvec_minmax, 1703 .extra1 = (void *)&mmap_rnd_compat_bits_min, 1704 .extra2 = (void *)&mmap_rnd_compat_bits_max, 1705 }, 1706 #endif 1707 #ifdef CONFIG_USERFAULTFD 1708 { 1709 .procname = "unprivileged_userfaultfd", 1710 .data = &sysctl_unprivileged_userfaultfd, 1711 .maxlen = sizeof(sysctl_unprivileged_userfaultfd), 1712 .mode = 0644, 1713 .proc_handler = proc_dointvec_minmax, 1714 .extra1 = SYSCTL_ZERO, 1715 .extra2 = SYSCTL_ONE, 1716 }, 1717 #endif 1718 { } 1719 }; 1720 1721 static struct ctl_table fs_table[] = { 1722 { 1723 .procname = "inode-nr", 1724 .data = &inodes_stat, 1725 .maxlen = 2*sizeof(long), 1726 .mode = 0444, 1727 .proc_handler = proc_nr_inodes, 1728 }, 1729 { 1730 .procname = "inode-state", 1731 .data = &inodes_stat, 1732 .maxlen = 7*sizeof(long), 1733 .mode = 0444, 1734 .proc_handler = proc_nr_inodes, 1735 }, 1736 { 1737 .procname = "file-nr", 1738 .data = &files_stat, 1739 .maxlen = sizeof(files_stat), 1740 .mode = 0444, 1741 .proc_handler = proc_nr_files, 1742 }, 1743 { 1744 .procname = "file-max", 1745 .data = &files_stat.max_files, 1746 .maxlen = sizeof(files_stat.max_files), 1747 .mode = 0644, 1748 .proc_handler = proc_doulongvec_minmax, 1749 .extra1 = &zero_ul, 1750 .extra2 = &long_max, 1751 }, 1752 { 1753 .procname = "nr_open", 1754 .data = &sysctl_nr_open, 1755 .maxlen = sizeof(unsigned int), 1756 .mode = 0644, 1757 .proc_handler = proc_dointvec_minmax, 1758 .extra1 = &sysctl_nr_open_min, 1759 .extra2 = &sysctl_nr_open_max, 1760 }, 1761 { 1762 .procname = "dentry-state", 1763 .data = &dentry_stat, 1764 .maxlen = 6*sizeof(long), 1765 .mode = 0444, 1766 .proc_handler = proc_nr_dentry, 1767 }, 1768 { 1769 .procname = "overflowuid", 1770 .data = &fs_overflowuid, 1771 .maxlen = sizeof(int), 1772 .mode = 0644, 1773 .proc_handler = proc_dointvec_minmax, 1774 .extra1 = &minolduid, 1775 .extra2 = &maxolduid, 1776 }, 1777 { 1778 .procname = "overflowgid", 1779 .data = &fs_overflowgid, 1780 .maxlen = sizeof(int), 1781 .mode = 0644, 1782 .proc_handler = proc_dointvec_minmax, 1783 .extra1 = &minolduid, 1784 .extra2 = &maxolduid, 1785 }, 1786 #ifdef CONFIG_FILE_LOCKING 1787 { 1788 .procname = "leases-enable", 1789 .data = &leases_enable, 1790 .maxlen = sizeof(int), 1791 .mode = 0644, 1792 .proc_handler = proc_dointvec, 1793 }, 1794 #endif 1795 #ifdef CONFIG_DNOTIFY 1796 { 1797 .procname = "dir-notify-enable", 1798 .data = &dir_notify_enable, 1799 .maxlen = sizeof(int), 1800 .mode = 0644, 1801 .proc_handler = proc_dointvec, 1802 }, 1803 #endif 1804 #ifdef CONFIG_MMU 1805 #ifdef CONFIG_FILE_LOCKING 1806 { 1807 .procname = "lease-break-time", 1808 .data = &lease_break_time, 1809 .maxlen = sizeof(int), 1810 .mode = 0644, 1811 .proc_handler = proc_dointvec, 1812 }, 1813 #endif 1814 #ifdef CONFIG_AIO 1815 { 1816 .procname = "aio-nr", 1817 .data = &aio_nr, 1818 .maxlen = sizeof(aio_nr), 1819 .mode = 0444, 1820 .proc_handler = proc_doulongvec_minmax, 1821 }, 1822 { 1823 .procname = "aio-max-nr", 1824 .data = &aio_max_nr, 1825 .maxlen = sizeof(aio_max_nr), 1826 .mode = 0644, 1827 .proc_handler = proc_doulongvec_minmax, 1828 }, 1829 #endif /* CONFIG_AIO */ 1830 #ifdef CONFIG_INOTIFY_USER 1831 { 1832 .procname = "inotify", 1833 .mode = 0555, 1834 .child = inotify_table, 1835 }, 1836 #endif 1837 #ifdef CONFIG_EPOLL 1838 { 1839 .procname = "epoll", 1840 .mode = 0555, 1841 .child = epoll_table, 1842 }, 1843 #endif 1844 #endif 1845 { 1846 .procname = "protected_symlinks", 1847 .data = &sysctl_protected_symlinks, 1848 .maxlen = sizeof(int), 1849 .mode = 0600, 1850 .proc_handler = proc_dointvec_minmax, 1851 .extra1 = SYSCTL_ZERO, 1852 .extra2 = SYSCTL_ONE, 1853 }, 1854 { 1855 .procname = "protected_hardlinks", 1856 .data = &sysctl_protected_hardlinks, 1857 .maxlen = sizeof(int), 1858 .mode = 0600, 1859 .proc_handler = proc_dointvec_minmax, 1860 .extra1 = SYSCTL_ZERO, 1861 .extra2 = SYSCTL_ONE, 1862 }, 1863 { 1864 .procname = "protected_fifos", 1865 .data = &sysctl_protected_fifos, 1866 .maxlen = sizeof(int), 1867 .mode = 0600, 1868 .proc_handler = proc_dointvec_minmax, 1869 .extra1 = SYSCTL_ZERO, 1870 .extra2 = &two, 1871 }, 1872 { 1873 .procname = "protected_regular", 1874 .data = &sysctl_protected_regular, 1875 .maxlen = sizeof(int), 1876 .mode = 0600, 1877 .proc_handler = proc_dointvec_minmax, 1878 .extra1 = SYSCTL_ZERO, 1879 .extra2 = &two, 1880 }, 1881 { 1882 .procname = "suid_dumpable", 1883 .data = &suid_dumpable, 1884 .maxlen = sizeof(int), 1885 .mode = 0644, 1886 .proc_handler = proc_dointvec_minmax_coredump, 1887 .extra1 = SYSCTL_ZERO, 1888 .extra2 = &two, 1889 }, 1890 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE) 1891 { 1892 .procname = "binfmt_misc", 1893 .mode = 0555, 1894 .child = sysctl_mount_point, 1895 }, 1896 #endif 1897 { 1898 .procname = "pipe-max-size", 1899 .data = &pipe_max_size, 1900 .maxlen = sizeof(pipe_max_size), 1901 .mode = 0644, 1902 .proc_handler = proc_dopipe_max_size, 1903 }, 1904 { 1905 .procname = "pipe-user-pages-hard", 1906 .data = &pipe_user_pages_hard, 1907 .maxlen = sizeof(pipe_user_pages_hard), 1908 .mode = 0644, 1909 .proc_handler = proc_doulongvec_minmax, 1910 }, 1911 { 1912 .procname = "pipe-user-pages-soft", 1913 .data = &pipe_user_pages_soft, 1914 .maxlen = sizeof(pipe_user_pages_soft), 1915 .mode = 0644, 1916 .proc_handler = proc_doulongvec_minmax, 1917 }, 1918 { 1919 .procname = "mount-max", 1920 .data = &sysctl_mount_max, 1921 .maxlen = sizeof(unsigned int), 1922 .mode = 0644, 1923 .proc_handler = proc_dointvec_minmax, 1924 .extra1 = SYSCTL_ONE, 1925 }, 1926 { } 1927 }; 1928 1929 static struct ctl_table debug_table[] = { 1930 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE 1931 { 1932 .procname = "exception-trace", 1933 .data = &show_unhandled_signals, 1934 .maxlen = sizeof(int), 1935 .mode = 0644, 1936 .proc_handler = proc_dointvec 1937 }, 1938 #endif 1939 #if defined(CONFIG_OPTPROBES) 1940 { 1941 .procname = "kprobes-optimization", 1942 .data = &sysctl_kprobes_optimization, 1943 .maxlen = sizeof(int), 1944 .mode = 0644, 1945 .proc_handler = proc_kprobes_optimization_handler, 1946 .extra1 = SYSCTL_ZERO, 1947 .extra2 = SYSCTL_ONE, 1948 }, 1949 #endif 1950 { } 1951 }; 1952 1953 static struct ctl_table dev_table[] = { 1954 { } 1955 }; 1956 1957 int __init sysctl_init(void) 1958 { 1959 struct ctl_table_header *hdr; 1960 1961 hdr = register_sysctl_table(sysctl_base_table); 1962 kmemleak_not_leak(hdr); 1963 return 0; 1964 } 1965 1966 #endif /* CONFIG_SYSCTL */ 1967 1968 /* 1969 * /proc/sys support 1970 */ 1971 1972 #ifdef CONFIG_PROC_SYSCTL 1973 1974 static int _proc_do_string(char *data, int maxlen, int write, 1975 char __user *buffer, 1976 size_t *lenp, loff_t *ppos) 1977 { 1978 size_t len; 1979 char __user *p; 1980 char c; 1981 1982 if (!data || !maxlen || !*lenp) { 1983 *lenp = 0; 1984 return 0; 1985 } 1986 1987 if (write) { 1988 if (sysctl_writes_strict == SYSCTL_WRITES_STRICT) { 1989 /* Only continue writes not past the end of buffer. */ 1990 len = strlen(data); 1991 if (len > maxlen - 1) 1992 len = maxlen - 1; 1993 1994 if (*ppos > len) 1995 return 0; 1996 len = *ppos; 1997 } else { 1998 /* Start writing from beginning of buffer. */ 1999 len = 0; 2000 } 2001 2002 *ppos += *lenp; 2003 p = buffer; 2004 while ((p - buffer) < *lenp && len < maxlen - 1) { 2005 if (get_user(c, p++)) 2006 return -EFAULT; 2007 if (c == 0 || c == '\n') 2008 break; 2009 data[len++] = c; 2010 } 2011 data[len] = 0; 2012 } else { 2013 len = strlen(data); 2014 if (len > maxlen) 2015 len = maxlen; 2016 2017 if (*ppos > len) { 2018 *lenp = 0; 2019 return 0; 2020 } 2021 2022 data += *ppos; 2023 len -= *ppos; 2024 2025 if (len > *lenp) 2026 len = *lenp; 2027 if (len) 2028 if (copy_to_user(buffer, data, len)) 2029 return -EFAULT; 2030 if (len < *lenp) { 2031 if (put_user('\n', buffer + len)) 2032 return -EFAULT; 2033 len++; 2034 } 2035 *lenp = len; 2036 *ppos += len; 2037 } 2038 return 0; 2039 } 2040 2041 static void warn_sysctl_write(struct ctl_table *table) 2042 { 2043 pr_warn_once("%s wrote to %s when file position was not 0!\n" 2044 "This will not be supported in the future. To silence this\n" 2045 "warning, set kernel.sysctl_writes_strict = -1\n", 2046 current->comm, table->procname); 2047 } 2048 2049 /** 2050 * proc_first_pos_non_zero_ignore - check if first position is allowed 2051 * @ppos: file position 2052 * @table: the sysctl table 2053 * 2054 * Returns true if the first position is non-zero and the sysctl_writes_strict 2055 * mode indicates this is not allowed for numeric input types. String proc 2056 * handlers can ignore the return value. 2057 */ 2058 static bool proc_first_pos_non_zero_ignore(loff_t *ppos, 2059 struct ctl_table *table) 2060 { 2061 if (!*ppos) 2062 return false; 2063 2064 switch (sysctl_writes_strict) { 2065 case SYSCTL_WRITES_STRICT: 2066 return true; 2067 case SYSCTL_WRITES_WARN: 2068 warn_sysctl_write(table); 2069 return false; 2070 default: 2071 return false; 2072 } 2073 } 2074 2075 /** 2076 * proc_dostring - read a string sysctl 2077 * @table: the sysctl table 2078 * @write: %TRUE if this is a write to the sysctl file 2079 * @buffer: the user buffer 2080 * @lenp: the size of the user buffer 2081 * @ppos: file position 2082 * 2083 * Reads/writes a string from/to the user buffer. If the kernel 2084 * buffer provided is not large enough to hold the string, the 2085 * string is truncated. The copied string is %NULL-terminated. 2086 * If the string is being read by the user process, it is copied 2087 * and a newline '\n' is added. It is truncated if the buffer is 2088 * not large enough. 2089 * 2090 * Returns 0 on success. 2091 */ 2092 int proc_dostring(struct ctl_table *table, int write, 2093 void __user *buffer, size_t *lenp, loff_t *ppos) 2094 { 2095 if (write) 2096 proc_first_pos_non_zero_ignore(ppos, table); 2097 2098 return _proc_do_string((char *)(table->data), table->maxlen, write, 2099 (char __user *)buffer, lenp, ppos); 2100 } 2101 2102 static size_t proc_skip_spaces(char **buf) 2103 { 2104 size_t ret; 2105 char *tmp = skip_spaces(*buf); 2106 ret = tmp - *buf; 2107 *buf = tmp; 2108 return ret; 2109 } 2110 2111 static void proc_skip_char(char **buf, size_t *size, const char v) 2112 { 2113 while (*size) { 2114 if (**buf != v) 2115 break; 2116 (*size)--; 2117 (*buf)++; 2118 } 2119 } 2120 2121 /** 2122 * strtoul_lenient - parse an ASCII formatted integer from a buffer and only 2123 * fail on overflow 2124 * 2125 * @cp: kernel buffer containing the string to parse 2126 * @endp: pointer to store the trailing characters 2127 * @base: the base to use 2128 * @res: where the parsed integer will be stored 2129 * 2130 * In case of success 0 is returned and @res will contain the parsed integer, 2131 * @endp will hold any trailing characters. 2132 * This function will fail the parse on overflow. If there wasn't an overflow 2133 * the function will defer the decision what characters count as invalid to the 2134 * caller. 2135 */ 2136 static int strtoul_lenient(const char *cp, char **endp, unsigned int base, 2137 unsigned long *res) 2138 { 2139 unsigned long long result; 2140 unsigned int rv; 2141 2142 cp = _parse_integer_fixup_radix(cp, &base); 2143 rv = _parse_integer(cp, base, &result); 2144 if ((rv & KSTRTOX_OVERFLOW) || (result != (unsigned long)result)) 2145 return -ERANGE; 2146 2147 cp += rv; 2148 2149 if (endp) 2150 *endp = (char *)cp; 2151 2152 *res = (unsigned long)result; 2153 return 0; 2154 } 2155 2156 #define TMPBUFLEN 22 2157 /** 2158 * proc_get_long - reads an ASCII formatted integer from a user buffer 2159 * 2160 * @buf: a kernel buffer 2161 * @size: size of the kernel buffer 2162 * @val: this is where the number will be stored 2163 * @neg: set to %TRUE if number is negative 2164 * @perm_tr: a vector which contains the allowed trailers 2165 * @perm_tr_len: size of the perm_tr vector 2166 * @tr: pointer to store the trailer character 2167 * 2168 * In case of success %0 is returned and @buf and @size are updated with 2169 * the amount of bytes read. If @tr is non-NULL and a trailing 2170 * character exists (size is non-zero after returning from this 2171 * function), @tr is updated with the trailing character. 2172 */ 2173 static int proc_get_long(char **buf, size_t *size, 2174 unsigned long *val, bool *neg, 2175 const char *perm_tr, unsigned perm_tr_len, char *tr) 2176 { 2177 int len; 2178 char *p, tmp[TMPBUFLEN]; 2179 2180 if (!*size) 2181 return -EINVAL; 2182 2183 len = *size; 2184 if (len > TMPBUFLEN - 1) 2185 len = TMPBUFLEN - 1; 2186 2187 memcpy(tmp, *buf, len); 2188 2189 tmp[len] = 0; 2190 p = tmp; 2191 if (*p == '-' && *size > 1) { 2192 *neg = true; 2193 p++; 2194 } else 2195 *neg = false; 2196 if (!isdigit(*p)) 2197 return -EINVAL; 2198 2199 if (strtoul_lenient(p, &p, 0, val)) 2200 return -EINVAL; 2201 2202 len = p - tmp; 2203 2204 /* We don't know if the next char is whitespace thus we may accept 2205 * invalid integers (e.g. 1234...a) or two integers instead of one 2206 * (e.g. 123...1). So lets not allow such large numbers. */ 2207 if (len == TMPBUFLEN - 1) 2208 return -EINVAL; 2209 2210 if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len)) 2211 return -EINVAL; 2212 2213 if (tr && (len < *size)) 2214 *tr = *p; 2215 2216 *buf += len; 2217 *size -= len; 2218 2219 return 0; 2220 } 2221 2222 /** 2223 * proc_put_long - converts an integer to a decimal ASCII formatted string 2224 * 2225 * @buf: the user buffer 2226 * @size: the size of the user buffer 2227 * @val: the integer to be converted 2228 * @neg: sign of the number, %TRUE for negative 2229 * 2230 * In case of success %0 is returned and @buf and @size are updated with 2231 * the amount of bytes written. 2232 */ 2233 static int proc_put_long(void __user **buf, size_t *size, unsigned long val, 2234 bool neg) 2235 { 2236 int len; 2237 char tmp[TMPBUFLEN], *p = tmp; 2238 2239 sprintf(p, "%s%lu", neg ? "-" : "", val); 2240 len = strlen(tmp); 2241 if (len > *size) 2242 len = *size; 2243 if (copy_to_user(*buf, tmp, len)) 2244 return -EFAULT; 2245 *size -= len; 2246 *buf += len; 2247 return 0; 2248 } 2249 #undef TMPBUFLEN 2250 2251 static int proc_put_char(void __user **buf, size_t *size, char c) 2252 { 2253 if (*size) { 2254 char __user **buffer = (char __user **)buf; 2255 if (put_user(c, *buffer)) 2256 return -EFAULT; 2257 (*size)--, (*buffer)++; 2258 *buf = *buffer; 2259 } 2260 return 0; 2261 } 2262 2263 static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp, 2264 int *valp, 2265 int write, void *data) 2266 { 2267 if (write) { 2268 if (*negp) { 2269 if (*lvalp > (unsigned long) INT_MAX + 1) 2270 return -EINVAL; 2271 *valp = -*lvalp; 2272 } else { 2273 if (*lvalp > (unsigned long) INT_MAX) 2274 return -EINVAL; 2275 *valp = *lvalp; 2276 } 2277 } else { 2278 int val = *valp; 2279 if (val < 0) { 2280 *negp = true; 2281 *lvalp = -(unsigned long)val; 2282 } else { 2283 *negp = false; 2284 *lvalp = (unsigned long)val; 2285 } 2286 } 2287 return 0; 2288 } 2289 2290 static int do_proc_douintvec_conv(unsigned long *lvalp, 2291 unsigned int *valp, 2292 int write, void *data) 2293 { 2294 if (write) { 2295 if (*lvalp > UINT_MAX) 2296 return -EINVAL; 2297 *valp = *lvalp; 2298 } else { 2299 unsigned int val = *valp; 2300 *lvalp = (unsigned long)val; 2301 } 2302 return 0; 2303 } 2304 2305 static const char proc_wspace_sep[] = { ' ', '\t', '\n' }; 2306 2307 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table, 2308 int write, void __user *buffer, 2309 size_t *lenp, loff_t *ppos, 2310 int (*conv)(bool *negp, unsigned long *lvalp, int *valp, 2311 int write, void *data), 2312 void *data) 2313 { 2314 int *i, vleft, first = 1, err = 0; 2315 size_t left; 2316 char *kbuf = NULL, *p; 2317 2318 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) { 2319 *lenp = 0; 2320 return 0; 2321 } 2322 2323 i = (int *) tbl_data; 2324 vleft = table->maxlen / sizeof(*i); 2325 left = *lenp; 2326 2327 if (!conv) 2328 conv = do_proc_dointvec_conv; 2329 2330 if (write) { 2331 if (proc_first_pos_non_zero_ignore(ppos, table)) 2332 goto out; 2333 2334 if (left > PAGE_SIZE - 1) 2335 left = PAGE_SIZE - 1; 2336 p = kbuf = memdup_user_nul(buffer, left); 2337 if (IS_ERR(kbuf)) 2338 return PTR_ERR(kbuf); 2339 } 2340 2341 for (; left && vleft--; i++, first=0) { 2342 unsigned long lval; 2343 bool neg; 2344 2345 if (write) { 2346 left -= proc_skip_spaces(&p); 2347 2348 if (!left) 2349 break; 2350 err = proc_get_long(&p, &left, &lval, &neg, 2351 proc_wspace_sep, 2352 sizeof(proc_wspace_sep), NULL); 2353 if (err) 2354 break; 2355 if (conv(&neg, &lval, i, 1, data)) { 2356 err = -EINVAL; 2357 break; 2358 } 2359 } else { 2360 if (conv(&neg, &lval, i, 0, data)) { 2361 err = -EINVAL; 2362 break; 2363 } 2364 if (!first) 2365 err = proc_put_char(&buffer, &left, '\t'); 2366 if (err) 2367 break; 2368 err = proc_put_long(&buffer, &left, lval, neg); 2369 if (err) 2370 break; 2371 } 2372 } 2373 2374 if (!write && !first && left && !err) 2375 err = proc_put_char(&buffer, &left, '\n'); 2376 if (write && !err && left) 2377 left -= proc_skip_spaces(&p); 2378 if (write) { 2379 kfree(kbuf); 2380 if (first) 2381 return err ? : -EINVAL; 2382 } 2383 *lenp -= left; 2384 out: 2385 *ppos += *lenp; 2386 return err; 2387 } 2388 2389 static int do_proc_dointvec(struct ctl_table *table, int write, 2390 void __user *buffer, size_t *lenp, loff_t *ppos, 2391 int (*conv)(bool *negp, unsigned long *lvalp, int *valp, 2392 int write, void *data), 2393 void *data) 2394 { 2395 return __do_proc_dointvec(table->data, table, write, 2396 buffer, lenp, ppos, conv, data); 2397 } 2398 2399 static int do_proc_douintvec_w(unsigned int *tbl_data, 2400 struct ctl_table *table, 2401 void __user *buffer, 2402 size_t *lenp, loff_t *ppos, 2403 int (*conv)(unsigned long *lvalp, 2404 unsigned int *valp, 2405 int write, void *data), 2406 void *data) 2407 { 2408 unsigned long lval; 2409 int err = 0; 2410 size_t left; 2411 bool neg; 2412 char *kbuf = NULL, *p; 2413 2414 left = *lenp; 2415 2416 if (proc_first_pos_non_zero_ignore(ppos, table)) 2417 goto bail_early; 2418 2419 if (left > PAGE_SIZE - 1) 2420 left = PAGE_SIZE - 1; 2421 2422 p = kbuf = memdup_user_nul(buffer, left); 2423 if (IS_ERR(kbuf)) 2424 return -EINVAL; 2425 2426 left -= proc_skip_spaces(&p); 2427 if (!left) { 2428 err = -EINVAL; 2429 goto out_free; 2430 } 2431 2432 err = proc_get_long(&p, &left, &lval, &neg, 2433 proc_wspace_sep, 2434 sizeof(proc_wspace_sep), NULL); 2435 if (err || neg) { 2436 err = -EINVAL; 2437 goto out_free; 2438 } 2439 2440 if (conv(&lval, tbl_data, 1, data)) { 2441 err = -EINVAL; 2442 goto out_free; 2443 } 2444 2445 if (!err && left) 2446 left -= proc_skip_spaces(&p); 2447 2448 out_free: 2449 kfree(kbuf); 2450 if (err) 2451 return -EINVAL; 2452 2453 return 0; 2454 2455 /* This is in keeping with old __do_proc_dointvec() */ 2456 bail_early: 2457 *ppos += *lenp; 2458 return err; 2459 } 2460 2461 static int do_proc_douintvec_r(unsigned int *tbl_data, void __user *buffer, 2462 size_t *lenp, loff_t *ppos, 2463 int (*conv)(unsigned long *lvalp, 2464 unsigned int *valp, 2465 int write, void *data), 2466 void *data) 2467 { 2468 unsigned long lval; 2469 int err = 0; 2470 size_t left; 2471 2472 left = *lenp; 2473 2474 if (conv(&lval, tbl_data, 0, data)) { 2475 err = -EINVAL; 2476 goto out; 2477 } 2478 2479 err = proc_put_long(&buffer, &left, lval, false); 2480 if (err || !left) 2481 goto out; 2482 2483 err = proc_put_char(&buffer, &left, '\n'); 2484 2485 out: 2486 *lenp -= left; 2487 *ppos += *lenp; 2488 2489 return err; 2490 } 2491 2492 static int __do_proc_douintvec(void *tbl_data, struct ctl_table *table, 2493 int write, void __user *buffer, 2494 size_t *lenp, loff_t *ppos, 2495 int (*conv)(unsigned long *lvalp, 2496 unsigned int *valp, 2497 int write, void *data), 2498 void *data) 2499 { 2500 unsigned int *i, vleft; 2501 2502 if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) { 2503 *lenp = 0; 2504 return 0; 2505 } 2506 2507 i = (unsigned int *) tbl_data; 2508 vleft = table->maxlen / sizeof(*i); 2509 2510 /* 2511 * Arrays are not supported, keep this simple. *Do not* add 2512 * support for them. 2513 */ 2514 if (vleft != 1) { 2515 *lenp = 0; 2516 return -EINVAL; 2517 } 2518 2519 if (!conv) 2520 conv = do_proc_douintvec_conv; 2521 2522 if (write) 2523 return do_proc_douintvec_w(i, table, buffer, lenp, ppos, 2524 conv, data); 2525 return do_proc_douintvec_r(i, buffer, lenp, ppos, conv, data); 2526 } 2527 2528 static int do_proc_douintvec(struct ctl_table *table, int write, 2529 void __user *buffer, size_t *lenp, loff_t *ppos, 2530 int (*conv)(unsigned long *lvalp, 2531 unsigned int *valp, 2532 int write, void *data), 2533 void *data) 2534 { 2535 return __do_proc_douintvec(table->data, table, write, 2536 buffer, lenp, ppos, conv, data); 2537 } 2538 2539 /** 2540 * proc_dointvec - read a vector of integers 2541 * @table: the sysctl table 2542 * @write: %TRUE if this is a write to the sysctl file 2543 * @buffer: the user buffer 2544 * @lenp: the size of the user buffer 2545 * @ppos: file position 2546 * 2547 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 2548 * values from/to the user buffer, treated as an ASCII string. 2549 * 2550 * Returns 0 on success. 2551 */ 2552 int proc_dointvec(struct ctl_table *table, int write, 2553 void __user *buffer, size_t *lenp, loff_t *ppos) 2554 { 2555 return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL); 2556 } 2557 2558 /** 2559 * proc_douintvec - read a vector of unsigned integers 2560 * @table: the sysctl table 2561 * @write: %TRUE if this is a write to the sysctl file 2562 * @buffer: the user buffer 2563 * @lenp: the size of the user buffer 2564 * @ppos: file position 2565 * 2566 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer 2567 * values from/to the user buffer, treated as an ASCII string. 2568 * 2569 * Returns 0 on success. 2570 */ 2571 int proc_douintvec(struct ctl_table *table, int write, 2572 void __user *buffer, size_t *lenp, loff_t *ppos) 2573 { 2574 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2575 do_proc_douintvec_conv, NULL); 2576 } 2577 2578 /* 2579 * Taint values can only be increased 2580 * This means we can safely use a temporary. 2581 */ 2582 static int proc_taint(struct ctl_table *table, int write, 2583 void __user *buffer, size_t *lenp, loff_t *ppos) 2584 { 2585 struct ctl_table t; 2586 unsigned long tmptaint = get_taint(); 2587 int err; 2588 2589 if (write && !capable(CAP_SYS_ADMIN)) 2590 return -EPERM; 2591 2592 t = *table; 2593 t.data = &tmptaint; 2594 err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos); 2595 if (err < 0) 2596 return err; 2597 2598 if (write) { 2599 /* 2600 * Poor man's atomic or. Not worth adding a primitive 2601 * to everyone's atomic.h for this 2602 */ 2603 int i; 2604 for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) { 2605 if ((tmptaint >> i) & 1) 2606 add_taint(i, LOCKDEP_STILL_OK); 2607 } 2608 } 2609 2610 return err; 2611 } 2612 2613 #ifdef CONFIG_PRINTK 2614 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write, 2615 void __user *buffer, size_t *lenp, loff_t *ppos) 2616 { 2617 if (write && !capable(CAP_SYS_ADMIN)) 2618 return -EPERM; 2619 2620 return proc_dointvec_minmax(table, write, buffer, lenp, ppos); 2621 } 2622 #endif 2623 2624 /** 2625 * struct do_proc_dointvec_minmax_conv_param - proc_dointvec_minmax() range checking structure 2626 * @min: pointer to minimum allowable value 2627 * @max: pointer to maximum allowable value 2628 * 2629 * The do_proc_dointvec_minmax_conv_param structure provides the 2630 * minimum and maximum values for doing range checking for those sysctl 2631 * parameters that use the proc_dointvec_minmax() handler. 2632 */ 2633 struct do_proc_dointvec_minmax_conv_param { 2634 int *min; 2635 int *max; 2636 }; 2637 2638 static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, 2639 int *valp, 2640 int write, void *data) 2641 { 2642 int tmp, ret; 2643 struct do_proc_dointvec_minmax_conv_param *param = data; 2644 /* 2645 * If writing, first do so via a temporary local int so we can 2646 * bounds-check it before touching *valp. 2647 */ 2648 int *ip = write ? &tmp : valp; 2649 2650 ret = do_proc_dointvec_conv(negp, lvalp, ip, write, data); 2651 if (ret) 2652 return ret; 2653 2654 if (write) { 2655 if ((param->min && *param->min > tmp) || 2656 (param->max && *param->max < tmp)) 2657 return -EINVAL; 2658 *valp = tmp; 2659 } 2660 2661 return 0; 2662 } 2663 2664 /** 2665 * proc_dointvec_minmax - read a vector of integers with min/max values 2666 * @table: the sysctl table 2667 * @write: %TRUE if this is a write to the sysctl file 2668 * @buffer: the user buffer 2669 * @lenp: the size of the user buffer 2670 * @ppos: file position 2671 * 2672 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 2673 * values from/to the user buffer, treated as an ASCII string. 2674 * 2675 * This routine will ensure the values are within the range specified by 2676 * table->extra1 (min) and table->extra2 (max). 2677 * 2678 * Returns 0 on success or -EINVAL on write when the range check fails. 2679 */ 2680 int proc_dointvec_minmax(struct ctl_table *table, int write, 2681 void __user *buffer, size_t *lenp, loff_t *ppos) 2682 { 2683 struct do_proc_dointvec_minmax_conv_param param = { 2684 .min = (int *) table->extra1, 2685 .max = (int *) table->extra2, 2686 }; 2687 return do_proc_dointvec(table, write, buffer, lenp, ppos, 2688 do_proc_dointvec_minmax_conv, ¶m); 2689 } 2690 2691 /** 2692 * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure 2693 * @min: pointer to minimum allowable value 2694 * @max: pointer to maximum allowable value 2695 * 2696 * The do_proc_douintvec_minmax_conv_param structure provides the 2697 * minimum and maximum values for doing range checking for those sysctl 2698 * parameters that use the proc_douintvec_minmax() handler. 2699 */ 2700 struct do_proc_douintvec_minmax_conv_param { 2701 unsigned int *min; 2702 unsigned int *max; 2703 }; 2704 2705 static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, 2706 unsigned int *valp, 2707 int write, void *data) 2708 { 2709 int ret; 2710 unsigned int tmp; 2711 struct do_proc_douintvec_minmax_conv_param *param = data; 2712 /* write via temporary local uint for bounds-checking */ 2713 unsigned int *up = write ? &tmp : valp; 2714 2715 ret = do_proc_douintvec_conv(lvalp, up, write, data); 2716 if (ret) 2717 return ret; 2718 2719 if (write) { 2720 if ((param->min && *param->min > tmp) || 2721 (param->max && *param->max < tmp)) 2722 return -ERANGE; 2723 2724 *valp = tmp; 2725 } 2726 2727 return 0; 2728 } 2729 2730 /** 2731 * proc_douintvec_minmax - read a vector of unsigned ints with min/max values 2732 * @table: the sysctl table 2733 * @write: %TRUE if this is a write to the sysctl file 2734 * @buffer: the user buffer 2735 * @lenp: the size of the user buffer 2736 * @ppos: file position 2737 * 2738 * Reads/writes up to table->maxlen/sizeof(unsigned int) unsigned integer 2739 * values from/to the user buffer, treated as an ASCII string. Negative 2740 * strings are not allowed. 2741 * 2742 * This routine will ensure the values are within the range specified by 2743 * table->extra1 (min) and table->extra2 (max). There is a final sanity 2744 * check for UINT_MAX to avoid having to support wrap around uses from 2745 * userspace. 2746 * 2747 * Returns 0 on success or -ERANGE on write when the range check fails. 2748 */ 2749 int proc_douintvec_minmax(struct ctl_table *table, int write, 2750 void __user *buffer, size_t *lenp, loff_t *ppos) 2751 { 2752 struct do_proc_douintvec_minmax_conv_param param = { 2753 .min = (unsigned int *) table->extra1, 2754 .max = (unsigned int *) table->extra2, 2755 }; 2756 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2757 do_proc_douintvec_minmax_conv, ¶m); 2758 } 2759 2760 static int do_proc_dopipe_max_size_conv(unsigned long *lvalp, 2761 unsigned int *valp, 2762 int write, void *data) 2763 { 2764 if (write) { 2765 unsigned int val; 2766 2767 val = round_pipe_size(*lvalp); 2768 if (val == 0) 2769 return -EINVAL; 2770 2771 *valp = val; 2772 } else { 2773 unsigned int val = *valp; 2774 *lvalp = (unsigned long) val; 2775 } 2776 2777 return 0; 2778 } 2779 2780 static int proc_dopipe_max_size(struct ctl_table *table, int write, 2781 void __user *buffer, size_t *lenp, loff_t *ppos) 2782 { 2783 return do_proc_douintvec(table, write, buffer, lenp, ppos, 2784 do_proc_dopipe_max_size_conv, NULL); 2785 } 2786 2787 static void validate_coredump_safety(void) 2788 { 2789 #ifdef CONFIG_COREDUMP 2790 if (suid_dumpable == SUID_DUMP_ROOT && 2791 core_pattern[0] != '/' && core_pattern[0] != '|') { 2792 printk(KERN_WARNING 2793 "Unsafe core_pattern used with fs.suid_dumpable=2.\n" 2794 "Pipe handler or fully qualified core dump path required.\n" 2795 "Set kernel.core_pattern before fs.suid_dumpable.\n" 2796 ); 2797 } 2798 #endif 2799 } 2800 2801 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write, 2802 void __user *buffer, size_t *lenp, loff_t *ppos) 2803 { 2804 int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos); 2805 if (!error) 2806 validate_coredump_safety(); 2807 return error; 2808 } 2809 2810 #ifdef CONFIG_COREDUMP 2811 static int proc_dostring_coredump(struct ctl_table *table, int write, 2812 void __user *buffer, size_t *lenp, loff_t *ppos) 2813 { 2814 int error = proc_dostring(table, write, buffer, lenp, ppos); 2815 if (!error) 2816 validate_coredump_safety(); 2817 return error; 2818 } 2819 #endif 2820 2821 #ifdef CONFIG_MAGIC_SYSRQ 2822 static int sysrq_sysctl_handler(struct ctl_table *table, int write, 2823 void __user *buffer, size_t *lenp, loff_t *ppos) 2824 { 2825 int tmp, ret; 2826 2827 tmp = sysrq_mask(); 2828 2829 ret = __do_proc_dointvec(&tmp, table, write, buffer, 2830 lenp, ppos, NULL, NULL); 2831 if (ret || !write) 2832 return ret; 2833 2834 if (write) 2835 sysrq_toggle_support(tmp); 2836 2837 return 0; 2838 } 2839 #endif 2840 2841 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write, 2842 void __user *buffer, 2843 size_t *lenp, loff_t *ppos, 2844 unsigned long convmul, 2845 unsigned long convdiv) 2846 { 2847 unsigned long *i, *min, *max; 2848 int vleft, first = 1, err = 0; 2849 size_t left; 2850 char *kbuf = NULL, *p; 2851 2852 if (!data || !table->maxlen || !*lenp || (*ppos && !write)) { 2853 *lenp = 0; 2854 return 0; 2855 } 2856 2857 i = (unsigned long *) data; 2858 min = (unsigned long *) table->extra1; 2859 max = (unsigned long *) table->extra2; 2860 vleft = table->maxlen / sizeof(unsigned long); 2861 left = *lenp; 2862 2863 if (write) { 2864 if (proc_first_pos_non_zero_ignore(ppos, table)) 2865 goto out; 2866 2867 if (left > PAGE_SIZE - 1) 2868 left = PAGE_SIZE - 1; 2869 p = kbuf = memdup_user_nul(buffer, left); 2870 if (IS_ERR(kbuf)) 2871 return PTR_ERR(kbuf); 2872 } 2873 2874 for (; left && vleft--; i++, first = 0) { 2875 unsigned long val; 2876 2877 if (write) { 2878 bool neg; 2879 2880 left -= proc_skip_spaces(&p); 2881 if (!left) 2882 break; 2883 2884 err = proc_get_long(&p, &left, &val, &neg, 2885 proc_wspace_sep, 2886 sizeof(proc_wspace_sep), NULL); 2887 if (err) 2888 break; 2889 if (neg) 2890 continue; 2891 val = convmul * val / convdiv; 2892 if ((min && val < *min) || (max && val > *max)) { 2893 err = -EINVAL; 2894 break; 2895 } 2896 *i = val; 2897 } else { 2898 val = convdiv * (*i) / convmul; 2899 if (!first) { 2900 err = proc_put_char(&buffer, &left, '\t'); 2901 if (err) 2902 break; 2903 } 2904 err = proc_put_long(&buffer, &left, val, false); 2905 if (err) 2906 break; 2907 } 2908 } 2909 2910 if (!write && !first && left && !err) 2911 err = proc_put_char(&buffer, &left, '\n'); 2912 if (write && !err) 2913 left -= proc_skip_spaces(&p); 2914 if (write) { 2915 kfree(kbuf); 2916 if (first) 2917 return err ? : -EINVAL; 2918 } 2919 *lenp -= left; 2920 out: 2921 *ppos += *lenp; 2922 return err; 2923 } 2924 2925 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, 2926 void __user *buffer, 2927 size_t *lenp, loff_t *ppos, 2928 unsigned long convmul, 2929 unsigned long convdiv) 2930 { 2931 return __do_proc_doulongvec_minmax(table->data, table, write, 2932 buffer, lenp, ppos, convmul, convdiv); 2933 } 2934 2935 /** 2936 * proc_doulongvec_minmax - read a vector of long integers with min/max values 2937 * @table: the sysctl table 2938 * @write: %TRUE if this is a write to the sysctl file 2939 * @buffer: the user buffer 2940 * @lenp: the size of the user buffer 2941 * @ppos: file position 2942 * 2943 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long 2944 * values from/to the user buffer, treated as an ASCII string. 2945 * 2946 * This routine will ensure the values are within the range specified by 2947 * table->extra1 (min) and table->extra2 (max). 2948 * 2949 * Returns 0 on success. 2950 */ 2951 int proc_doulongvec_minmax(struct ctl_table *table, int write, 2952 void __user *buffer, size_t *lenp, loff_t *ppos) 2953 { 2954 return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l); 2955 } 2956 2957 /** 2958 * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values 2959 * @table: the sysctl table 2960 * @write: %TRUE if this is a write to the sysctl file 2961 * @buffer: the user buffer 2962 * @lenp: the size of the user buffer 2963 * @ppos: file position 2964 * 2965 * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long 2966 * values from/to the user buffer, treated as an ASCII string. The values 2967 * are treated as milliseconds, and converted to jiffies when they are stored. 2968 * 2969 * This routine will ensure the values are within the range specified by 2970 * table->extra1 (min) and table->extra2 (max). 2971 * 2972 * Returns 0 on success. 2973 */ 2974 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, 2975 void __user *buffer, 2976 size_t *lenp, loff_t *ppos) 2977 { 2978 return do_proc_doulongvec_minmax(table, write, buffer, 2979 lenp, ppos, HZ, 1000l); 2980 } 2981 2982 2983 static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp, 2984 int *valp, 2985 int write, void *data) 2986 { 2987 if (write) { 2988 if (*lvalp > INT_MAX / HZ) 2989 return 1; 2990 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ); 2991 } else { 2992 int val = *valp; 2993 unsigned long lval; 2994 if (val < 0) { 2995 *negp = true; 2996 lval = -(unsigned long)val; 2997 } else { 2998 *negp = false; 2999 lval = (unsigned long)val; 3000 } 3001 *lvalp = lval / HZ; 3002 } 3003 return 0; 3004 } 3005 3006 static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp, 3007 int *valp, 3008 int write, void *data) 3009 { 3010 if (write) { 3011 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ) 3012 return 1; 3013 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp); 3014 } else { 3015 int val = *valp; 3016 unsigned long lval; 3017 if (val < 0) { 3018 *negp = true; 3019 lval = -(unsigned long)val; 3020 } else { 3021 *negp = false; 3022 lval = (unsigned long)val; 3023 } 3024 *lvalp = jiffies_to_clock_t(lval); 3025 } 3026 return 0; 3027 } 3028 3029 static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp, 3030 int *valp, 3031 int write, void *data) 3032 { 3033 if (write) { 3034 unsigned long jif = msecs_to_jiffies(*negp ? -*lvalp : *lvalp); 3035 3036 if (jif > INT_MAX) 3037 return 1; 3038 *valp = (int)jif; 3039 } else { 3040 int val = *valp; 3041 unsigned long lval; 3042 if (val < 0) { 3043 *negp = true; 3044 lval = -(unsigned long)val; 3045 } else { 3046 *negp = false; 3047 lval = (unsigned long)val; 3048 } 3049 *lvalp = jiffies_to_msecs(lval); 3050 } 3051 return 0; 3052 } 3053 3054 /** 3055 * proc_dointvec_jiffies - read a vector of integers as seconds 3056 * @table: the sysctl table 3057 * @write: %TRUE if this is a write to the sysctl file 3058 * @buffer: the user buffer 3059 * @lenp: the size of the user buffer 3060 * @ppos: file position 3061 * 3062 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3063 * values from/to the user buffer, treated as an ASCII string. 3064 * The values read are assumed to be in seconds, and are converted into 3065 * jiffies. 3066 * 3067 * Returns 0 on success. 3068 */ 3069 int proc_dointvec_jiffies(struct ctl_table *table, int write, 3070 void __user *buffer, size_t *lenp, loff_t *ppos) 3071 { 3072 return do_proc_dointvec(table,write,buffer,lenp,ppos, 3073 do_proc_dointvec_jiffies_conv,NULL); 3074 } 3075 3076 /** 3077 * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds 3078 * @table: the sysctl table 3079 * @write: %TRUE if this is a write to the sysctl file 3080 * @buffer: the user buffer 3081 * @lenp: the size of the user buffer 3082 * @ppos: pointer to the file position 3083 * 3084 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3085 * values from/to the user buffer, treated as an ASCII string. 3086 * The values read are assumed to be in 1/USER_HZ seconds, and 3087 * are converted into jiffies. 3088 * 3089 * Returns 0 on success. 3090 */ 3091 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, 3092 void __user *buffer, size_t *lenp, loff_t *ppos) 3093 { 3094 return do_proc_dointvec(table,write,buffer,lenp,ppos, 3095 do_proc_dointvec_userhz_jiffies_conv,NULL); 3096 } 3097 3098 /** 3099 * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds 3100 * @table: the sysctl table 3101 * @write: %TRUE if this is a write to the sysctl file 3102 * @buffer: the user buffer 3103 * @lenp: the size of the user buffer 3104 * @ppos: file position 3105 * @ppos: the current position in the file 3106 * 3107 * Reads/writes up to table->maxlen/sizeof(unsigned int) integer 3108 * values from/to the user buffer, treated as an ASCII string. 3109 * The values read are assumed to be in 1/1000 seconds, and 3110 * are converted into jiffies. 3111 * 3112 * Returns 0 on success. 3113 */ 3114 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, 3115 void __user *buffer, size_t *lenp, loff_t *ppos) 3116 { 3117 return do_proc_dointvec(table, write, buffer, lenp, ppos, 3118 do_proc_dointvec_ms_jiffies_conv, NULL); 3119 } 3120 3121 static int proc_do_cad_pid(struct ctl_table *table, int write, 3122 void __user *buffer, size_t *lenp, loff_t *ppos) 3123 { 3124 struct pid *new_pid; 3125 pid_t tmp; 3126 int r; 3127 3128 tmp = pid_vnr(cad_pid); 3129 3130 r = __do_proc_dointvec(&tmp, table, write, buffer, 3131 lenp, ppos, NULL, NULL); 3132 if (r || !write) 3133 return r; 3134 3135 new_pid = find_get_pid(tmp); 3136 if (!new_pid) 3137 return -ESRCH; 3138 3139 put_pid(xchg(&cad_pid, new_pid)); 3140 return 0; 3141 } 3142 3143 /** 3144 * proc_do_large_bitmap - read/write from/to a large bitmap 3145 * @table: the sysctl table 3146 * @write: %TRUE if this is a write to the sysctl file 3147 * @buffer: the user buffer 3148 * @lenp: the size of the user buffer 3149 * @ppos: file position 3150 * 3151 * The bitmap is stored at table->data and the bitmap length (in bits) 3152 * in table->maxlen. 3153 * 3154 * We use a range comma separated format (e.g. 1,3-4,10-10) so that 3155 * large bitmaps may be represented in a compact manner. Writing into 3156 * the file will clear the bitmap then update it with the given input. 3157 * 3158 * Returns 0 on success. 3159 */ 3160 int proc_do_large_bitmap(struct ctl_table *table, int write, 3161 void __user *buffer, size_t *lenp, loff_t *ppos) 3162 { 3163 int err = 0; 3164 bool first = 1; 3165 size_t left = *lenp; 3166 unsigned long bitmap_len = table->maxlen; 3167 unsigned long *bitmap = *(unsigned long **) table->data; 3168 unsigned long *tmp_bitmap = NULL; 3169 char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c; 3170 3171 if (!bitmap || !bitmap_len || !left || (*ppos && !write)) { 3172 *lenp = 0; 3173 return 0; 3174 } 3175 3176 if (write) { 3177 char *kbuf, *p; 3178 size_t skipped = 0; 3179 3180 if (left > PAGE_SIZE - 1) { 3181 left = PAGE_SIZE - 1; 3182 /* How much of the buffer we'll skip this pass */ 3183 skipped = *lenp - left; 3184 } 3185 3186 p = kbuf = memdup_user_nul(buffer, left); 3187 if (IS_ERR(kbuf)) 3188 return PTR_ERR(kbuf); 3189 3190 tmp_bitmap = bitmap_zalloc(bitmap_len, GFP_KERNEL); 3191 if (!tmp_bitmap) { 3192 kfree(kbuf); 3193 return -ENOMEM; 3194 } 3195 proc_skip_char(&p, &left, '\n'); 3196 while (!err && left) { 3197 unsigned long val_a, val_b; 3198 bool neg; 3199 size_t saved_left; 3200 3201 /* In case we stop parsing mid-number, we can reset */ 3202 saved_left = left; 3203 err = proc_get_long(&p, &left, &val_a, &neg, tr_a, 3204 sizeof(tr_a), &c); 3205 /* 3206 * If we consumed the entirety of a truncated buffer or 3207 * only one char is left (may be a "-"), then stop here, 3208 * reset, & come back for more. 3209 */ 3210 if ((left <= 1) && skipped) { 3211 left = saved_left; 3212 break; 3213 } 3214 3215 if (err) 3216 break; 3217 if (val_a >= bitmap_len || neg) { 3218 err = -EINVAL; 3219 break; 3220 } 3221 3222 val_b = val_a; 3223 if (left) { 3224 p++; 3225 left--; 3226 } 3227 3228 if (c == '-') { 3229 err = proc_get_long(&p, &left, &val_b, 3230 &neg, tr_b, sizeof(tr_b), 3231 &c); 3232 /* 3233 * If we consumed all of a truncated buffer or 3234 * then stop here, reset, & come back for more. 3235 */ 3236 if (!left && skipped) { 3237 left = saved_left; 3238 break; 3239 } 3240 3241 if (err) 3242 break; 3243 if (val_b >= bitmap_len || neg || 3244 val_a > val_b) { 3245 err = -EINVAL; 3246 break; 3247 } 3248 if (left) { 3249 p++; 3250 left--; 3251 } 3252 } 3253 3254 bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1); 3255 first = 0; 3256 proc_skip_char(&p, &left, '\n'); 3257 } 3258 kfree(kbuf); 3259 left += skipped; 3260 } else { 3261 unsigned long bit_a, bit_b = 0; 3262 3263 while (left) { 3264 bit_a = find_next_bit(bitmap, bitmap_len, bit_b); 3265 if (bit_a >= bitmap_len) 3266 break; 3267 bit_b = find_next_zero_bit(bitmap, bitmap_len, 3268 bit_a + 1) - 1; 3269 3270 if (!first) { 3271 err = proc_put_char(&buffer, &left, ','); 3272 if (err) 3273 break; 3274 } 3275 err = proc_put_long(&buffer, &left, bit_a, false); 3276 if (err) 3277 break; 3278 if (bit_a != bit_b) { 3279 err = proc_put_char(&buffer, &left, '-'); 3280 if (err) 3281 break; 3282 err = proc_put_long(&buffer, &left, bit_b, false); 3283 if (err) 3284 break; 3285 } 3286 3287 first = 0; bit_b++; 3288 } 3289 if (!err) 3290 err = proc_put_char(&buffer, &left, '\n'); 3291 } 3292 3293 if (!err) { 3294 if (write) { 3295 if (*ppos) 3296 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len); 3297 else 3298 bitmap_copy(bitmap, tmp_bitmap, bitmap_len); 3299 } 3300 *lenp -= left; 3301 *ppos += *lenp; 3302 } 3303 3304 bitmap_free(tmp_bitmap); 3305 return err; 3306 } 3307 3308 #else /* CONFIG_PROC_SYSCTL */ 3309 3310 int proc_dostring(struct ctl_table *table, int write, 3311 void __user *buffer, size_t *lenp, loff_t *ppos) 3312 { 3313 return -ENOSYS; 3314 } 3315 3316 int proc_dointvec(struct ctl_table *table, int write, 3317 void __user *buffer, size_t *lenp, loff_t *ppos) 3318 { 3319 return -ENOSYS; 3320 } 3321 3322 int proc_douintvec(struct ctl_table *table, int write, 3323 void __user *buffer, size_t *lenp, loff_t *ppos) 3324 { 3325 return -ENOSYS; 3326 } 3327 3328 int proc_dointvec_minmax(struct ctl_table *table, int write, 3329 void __user *buffer, size_t *lenp, loff_t *ppos) 3330 { 3331 return -ENOSYS; 3332 } 3333 3334 int proc_douintvec_minmax(struct ctl_table *table, int write, 3335 void __user *buffer, size_t *lenp, loff_t *ppos) 3336 { 3337 return -ENOSYS; 3338 } 3339 3340 int proc_dointvec_jiffies(struct ctl_table *table, int write, 3341 void __user *buffer, size_t *lenp, loff_t *ppos) 3342 { 3343 return -ENOSYS; 3344 } 3345 3346 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, 3347 void __user *buffer, size_t *lenp, loff_t *ppos) 3348 { 3349 return -ENOSYS; 3350 } 3351 3352 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, 3353 void __user *buffer, size_t *lenp, loff_t *ppos) 3354 { 3355 return -ENOSYS; 3356 } 3357 3358 int proc_doulongvec_minmax(struct ctl_table *table, int write, 3359 void __user *buffer, size_t *lenp, loff_t *ppos) 3360 { 3361 return -ENOSYS; 3362 } 3363 3364 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, 3365 void __user *buffer, 3366 size_t *lenp, loff_t *ppos) 3367 { 3368 return -ENOSYS; 3369 } 3370 3371 int proc_do_large_bitmap(struct ctl_table *table, int write, 3372 void __user *buffer, size_t *lenp, loff_t *ppos) 3373 { 3374 return -ENOSYS; 3375 } 3376 3377 #endif /* CONFIG_PROC_SYSCTL */ 3378 3379 #if defined(CONFIG_SYSCTL) 3380 int proc_do_static_key(struct ctl_table *table, int write, 3381 void __user *buffer, size_t *lenp, 3382 loff_t *ppos) 3383 { 3384 struct static_key *key = (struct static_key *)table->data; 3385 static DEFINE_MUTEX(static_key_mutex); 3386 int val, ret; 3387 struct ctl_table tmp = { 3388 .data = &val, 3389 .maxlen = sizeof(val), 3390 .mode = table->mode, 3391 .extra1 = SYSCTL_ZERO, 3392 .extra2 = SYSCTL_ONE, 3393 }; 3394 3395 if (write && !capable(CAP_SYS_ADMIN)) 3396 return -EPERM; 3397 3398 mutex_lock(&static_key_mutex); 3399 val = static_key_enabled(key); 3400 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 3401 if (write && !ret) { 3402 if (val) 3403 static_key_enable(key); 3404 else 3405 static_key_disable(key); 3406 } 3407 mutex_unlock(&static_key_mutex); 3408 return ret; 3409 } 3410 #endif 3411 /* 3412 * No sense putting this after each symbol definition, twice, 3413 * exception granted :-) 3414 */ 3415 EXPORT_SYMBOL(proc_dointvec); 3416 EXPORT_SYMBOL(proc_douintvec); 3417 EXPORT_SYMBOL(proc_dointvec_jiffies); 3418 EXPORT_SYMBOL(proc_dointvec_minmax); 3419 EXPORT_SYMBOL_GPL(proc_douintvec_minmax); 3420 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); 3421 EXPORT_SYMBOL(proc_dointvec_ms_jiffies); 3422 EXPORT_SYMBOL(proc_dostring); 3423 EXPORT_SYMBOL(proc_doulongvec_minmax); 3424 EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax); 3425 EXPORT_SYMBOL(proc_do_large_bitmap); 3426