hung_task: fix false positive during vfork
[linux-2.6.git] / kernel / sysctl.c
index 04bcd8a..11d65b5 100644 (file)
@@ -24,6 +24,7 @@
 #include <linux/slab.h>
 #include <linux/sysctl.h>
 #include <linux/signal.h>
+#include <linux/printk.h>
 #include <linux/proc_fs.h>
 #include <linux/security.h>
 #include <linux/ctype.h>
 #include <linux/highuid.h>
 #include <linux/writeback.h>
 #include <linux/ratelimit.h>
+#include <linux/compaction.h>
 #include <linux/hugetlb.h>
 #include <linux/initrd.h>
 #include <linux/key.h>
 #include <linux/times.h>
 #include <linux/limits.h>
 #include <linux/dcache.h>
+#include <linux/dnotify.h>
 #include <linux/syscalls.h>
 #include <linux/vmstat.h>
 #include <linux/nfs_fs.h>
 #include <linux/acpi.h>
 #include <linux/reboot.h>
 #include <linux/ftrace.h>
-#include <linux/slow-work.h>
 #include <linux/perf_event.h>
 #include <linux/kprobes.h>
+#include <linux/pipe_fs_i.h>
+#include <linux/oom.h>
+#include <linux/kmod.h>
 
 #include <asm/uaccess.h>
 #include <asm/processor.h>
@@ -84,9 +89,6 @@
 /* External variables not in a header file. */
 extern int sysctl_overcommit_memory;
 extern int sysctl_overcommit_ratio;
-extern int sysctl_panic_on_oom;
-extern int sysctl_oom_kill_allocating_task;
-extern int sysctl_oom_dump_tasks;
 extern int max_threads;
 extern int core_uses_pid;
 extern int suid_dumpable;
@@ -116,6 +118,7 @@ static int neg_one = -1;
 static int zero;
 static int __maybe_unused one = 1;
 static int __maybe_unused two = 2;
+static int __maybe_unused three = 3;
 static unsigned long one_ul = 1;
 static int one_hundred = 100;
 #ifdef CONFIG_PRINTK
@@ -132,6 +135,9 @@ static int min_percpu_pagelist_fract = 8;
 
 static int ngroups_max = NGROUPS_MAX;
 
+#ifdef CONFIG_INOTIFY_USER
+#include <linux/inotify.h>
+#endif
 #ifdef CONFIG_SPARC
 #include <asm/system.h>
 #endif
@@ -158,8 +164,6 @@ extern int no_unaligned_warning;
 extern int unaligned_dump_stack;
 #endif
 
-extern struct ratelimit_state printk_ratelimit_state;
-
 #ifdef CONFIG_PROC_SYSCTL
 static int proc_do_cad_pid(struct ctl_table *table, int write,
                  void __user *buffer, size_t *lenp, loff_t *ppos);
@@ -167,12 +171,39 @@ static int proc_taint(struct ctl_table *table, int write,
                               void __user *buffer, size_t *lenp, loff_t *ppos);
 #endif
 
+#ifdef CONFIG_PRINTK
+static int proc_dmesg_restrict(struct ctl_table *table, int write,
+                               void __user *buffer, size_t *lenp, loff_t *ppos);
+#endif
+
+#ifdef CONFIG_MAGIC_SYSRQ
+/* Note: sysrq code uses it's own private copy */
+static int __sysrq_enabled = SYSRQ_DEFAULT_ENABLE;
+
+static int sysrq_sysctl_handler(ctl_table *table, int write,
+                               void __user *buffer, size_t *lenp,
+                               loff_t *ppos)
+{
+       int error;
+
+       error = proc_dointvec(table, write, buffer, lenp, ppos);
+       if (error)
+               return error;
+
+       if (write)
+               sysrq_toggle_support(__sysrq_enabled);
+
+       return 0;
+}
+
+#endif
+
 static struct ctl_table root_table[];
 static struct ctl_table_root sysctl_table_root;
 static struct ctl_table_header root_table_header = {
-       .count = 1,
+       {{.count = 1,
        .ctl_table = root_table,
-       .ctl_entry = LIST_HEAD_INIT(sysctl_table_root.default_set.list),
+       .ctl_entry = LIST_HEAD_INIT(sysctl_table_root.default_set.list),}},
        .root = &sysctl_table_root,
        .set = &sysctl_table_root.default_set,
 };
@@ -187,9 +218,6 @@ static struct ctl_table fs_table[];
 static struct ctl_table debug_table[];
 static struct ctl_table dev_table[];
 extern struct ctl_table random_table[];
-#ifdef CONFIG_INOTIFY_USER
-extern struct ctl_table inotify_table[];
-#endif
 #ifdef CONFIG_EPOLL
 extern struct ctl_table epoll_table[];
 #endif
@@ -226,10 +254,6 @@ static struct ctl_table root_table[] = {
                .mode           = 0555,
                .child          = dev_table,
        },
-/*
- * NOTE: do not add new entries to this table unless you have read
- * Documentation/sysctl/ctl_unnumbered.txt
- */
        { }
 };
 
@@ -240,8 +264,11 @@ static int min_wakeup_granularity_ns;                      /* 0 usecs */
 static int max_wakeup_granularity_ns = NSEC_PER_SEC;   /* 1 second */
 static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE;
 static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1;
-static int min_sched_shares_ratelimit = 100000; /* 100 usec */
-static int max_sched_shares_ratelimit = NSEC_PER_SEC; /* 1 second */
+#endif
+
+#ifdef CONFIG_COMPACTION
+static int min_extfrag_threshold;
+static int max_extfrag_threshold = 1000;
 #endif
 
 static struct ctl_table kern_table[] = {
@@ -281,15 +308,6 @@ static struct ctl_table kern_table[] = {
                .extra2         = &max_wakeup_granularity_ns,
        },
        {
-               .procname       = "sched_shares_ratelimit",
-               .data           = &sysctl_sched_shares_ratelimit,
-               .maxlen         = sizeof(unsigned int),
-               .mode           = 0644,
-               .proc_handler   = sched_proc_update_handler,
-               .extra1         = &min_sched_shares_ratelimit,
-               .extra2         = &max_sched_shares_ratelimit,
-       },
-       {
                .procname       = "sched_tunable_scaling",
                .data           = &sysctl_sched_tunable_scaling,
                .maxlen         = sizeof(enum sched_tunable_scaling),
@@ -299,14 +317,6 @@ static struct ctl_table kern_table[] = {
                .extra2         = &max_sched_tunable_scaling,
        },
        {
-               .procname       = "sched_shares_thresh",
-               .data           = &sysctl_sched_shares_thresh,
-               .maxlen         = sizeof(unsigned int),
-               .mode           = 0644,
-               .proc_handler   = proc_dointvec_minmax,
-               .extra1         = &zero,
-       },
-       {
                .procname       = "sched_migration_cost",
                .data           = &sysctl_sched_migration_cost,
                .maxlen         = sizeof(unsigned int),
@@ -328,6 +338,13 @@ static struct ctl_table kern_table[] = {
                .proc_handler   = proc_dointvec,
        },
        {
+               .procname       = "sched_shares_window",
+               .data           = &sysctl_sched_shares_window,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = proc_dointvec,
+       },
+       {
                .procname       = "timer_migration",
                .data           = &sysctl_timer_migration,
                .maxlen         = sizeof(unsigned int),
@@ -351,13 +368,17 @@ static struct ctl_table kern_table[] = {
                .mode           = 0644,
                .proc_handler   = sched_rt_handler,
        },
+#ifdef CONFIG_SCHED_AUTOGROUP
        {
-               .procname       = "sched_compat_yield",
-               .data           = &sysctl_sched_compat_yield,
+               .procname       = "sched_autogroup_enabled",
+               .data           = &sysctl_sched_autogroup_enabled,
                .maxlen         = sizeof(unsigned int),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
+               .extra2         = &one,
        },
+#endif
 #ifdef CONFIG_PROVE_LOCKING
        {
                .procname       = "prove_locking",
@@ -538,7 +559,7 @@ static struct ctl_table kern_table[] = {
                .extra2         = &one,
        },
 #endif
-#if defined(CONFIG_HOTPLUG) && defined(CONFIG_NET)
+#ifdef CONFIG_HOTPLUG
        {
                .procname       = "hotplug",
                .data           = &uevent_helper,
@@ -571,7 +592,7 @@ static struct ctl_table kern_table[] = {
                .data           = &__sysrq_enabled,
                .maxlen         = sizeof (int),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = sysrq_sysctl_handler,
        },
 #endif
 #ifdef CONFIG_PROC_SYSCTL
@@ -596,6 +617,11 @@ static struct ctl_table kern_table[] = {
                .child          = random_table,
        },
        {
+               .procname       = "usermodehelper",
+               .mode           = 0555,
+               .child          = usermodehelper_table,
+       },
+       {
                .procname       = "overflowuid",
                .data           = &overflowuid,
                .maxlen         = sizeof(int),
@@ -625,7 +651,7 @@ static struct ctl_table kern_table[] = {
 #endif
        {
                .procname       = "userprocess_debug",
-               .data           = &sysctl_userprocess_debug,
+               .data           = &show_unhandled_signals,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = proc_dointvec,
@@ -678,6 +704,24 @@ static struct ctl_table kern_table[] = {
                .extra1         = &zero,
                .extra2         = &ten_thousand,
        },
+       {
+               .procname       = "dmesg_restrict",
+               .data           = &dmesg_restrict,
+               .maxlen         = sizeof(int),
+               .mode           = 0644,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
+               .extra2         = &one,
+       },
+       {
+               .procname       = "kptr_restrict",
+               .data           = &kptr_restrict,
+               .maxlen         = sizeof(int),
+               .mode           = 0644,
+               .proc_handler   = proc_dmesg_restrict,
+               .extra1         = &zero,
+               .extra2         = &two,
+       },
 #endif
        {
                .procname       = "ngroups_max",
@@ -692,14 +736,16 @@ static struct ctl_table kern_table[] = {
                .data           = &watchdog_enabled,
                .maxlen         = sizeof (int),
                .mode           = 0644,
-               .proc_handler   = proc_dowatchdog_enabled,
+               .proc_handler   = proc_dowatchdog,
+               .extra1         = &zero,
+               .extra2         = &one,
        },
        {
                .procname       = "watchdog_thresh",
-               .data           = &softlockup_thresh,
+               .data           = &watchdog_thresh,
                .maxlen         = sizeof(int),
                .mode           = 0644,
-               .proc_handler   = proc_dowatchdog_thresh,
+               .proc_handler   = proc_dowatchdog,
                .extra1         = &neg_one,
                .extra2         = &sixty,
        },
@@ -712,21 +758,23 @@ static struct ctl_table kern_table[] = {
                .extra1         = &zero,
                .extra2         = &one,
        },
-#endif
-#if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86) && !defined(CONFIG_LOCKUP_DETECTOR)
        {
-               .procname       = "unknown_nmi_panic",
-               .data           = &unknown_nmi_panic,
+               .procname       = "nmi_watchdog",
+               .data           = &watchdog_enabled,
                .maxlen         = sizeof (int),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dowatchdog,
+               .extra1         = &zero,
+               .extra2         = &one,
        },
+#endif
+#if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
        {
-               .procname       = "nmi_watchdog",
-               .data           = &nmi_watchdog_enabled,
+               .procname       = "unknown_nmi_panic",
+               .data           = &unknown_nmi_panic,
                .maxlen         = sizeof (int),
                .mode           = 0644,
-               .proc_handler   = proc_nmi_enabled,
+               .proc_handler   = proc_dointvec,
        },
 #endif
 #if defined(CONFIG_X86)
@@ -889,14 +937,13 @@ static struct ctl_table kern_table[] = {
                .proc_handler   = proc_dointvec,
        },
 #endif
-#ifdef CONFIG_SLOW_WORK
-       {
-               .procname       = "slow-work",
-               .mode           = 0555,
-               .child          = slow_work_sysctls,
-       },
-#endif
 #ifdef CONFIG_PERF_EVENTS
+       /*
+        * User-space scripts rely on the existence of this file
+        * as a feature check for perf_events being enabled.
+        *
+        * So it's an ABI, do not remove!
+        */
        {
                .procname       = "perf_event_paranoid",
                .data           = &sysctl_perf_event_paranoid,
@@ -916,7 +963,7 @@ static struct ctl_table kern_table[] = {
                .data           = &sysctl_perf_event_sample_rate,
                .maxlen         = sizeof(sysctl_perf_event_sample_rate),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = perf_proc_update_handler,
        },
 #endif
 #ifdef CONFIG_KMEMCHECK
@@ -937,10 +984,6 @@ static struct ctl_table kern_table[] = {
                .proc_handler   = proc_dointvec,
        },
 #endif
-/*
- * NOTE: do not add new entries to this table unless you have read
- * Documentation/sysctl/ctl_unnumbered.txt
- */
        { }
 };
 
@@ -950,14 +993,18 @@ static struct ctl_table vm_table[] = {
                .data           = &sysctl_overcommit_memory,
                .maxlen         = sizeof(sysctl_overcommit_memory),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
+               .extra2         = &two,
        },
        {
                .procname       = "panic_on_oom",
                .data           = &sysctl_panic_on_oom,
                .maxlen         = sizeof(sysctl_panic_on_oom),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
+               .extra2         = &two,
        },
        {
                .procname       = "oom_kill_allocating_task",
@@ -985,7 +1032,8 @@ static struct ctl_table vm_table[] = {
                .data           = &page_cluster,
                .maxlen         = sizeof(int),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
        },
        {
                .procname       = "dirty_background_ratio",
@@ -1033,7 +1081,8 @@ static struct ctl_table vm_table[] = {
                .data           = &dirty_expire_interval,
                .maxlen         = sizeof(dirty_expire_interval),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_dointvec_minmax,
+               .extra1         = &zero,
        },
        {
                .procname       = "nr_pdflush_threads",
@@ -1109,7 +1158,28 @@ static struct ctl_table vm_table[] = {
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = drop_caches_sysctl_handler,
+               .extra1         = &one,
+               .extra2         = &three,
        },
+#ifdef CONFIG_COMPACTION
+       {
+               .procname       = "compact_memory",
+               .data           = &sysctl_compact_memory,
+               .maxlen         = sizeof(int),
+               .mode           = 0200,
+               .proc_handler   = sysctl_compaction_handler,
+       },
+       {
+               .procname       = "extfrag_threshold",
+               .data           = &sysctl_extfrag_threshold,
+               .maxlen         = sizeof(int),
+               .mode           = 0644,
+               .proc_handler   = sysctl_extfrag_handler,
+               .extra1         = &min_extfrag_threshold,
+               .extra2         = &max_extfrag_threshold,
+       },
+
+#endif /* CONFIG_COMPACTION */
        {
                .procname       = "min_free_kbytes",
                .data           = &min_free_kbytes,
@@ -1282,11 +1352,6 @@ static struct ctl_table vm_table[] = {
                .extra2         = &one,
        },
 #endif
-
-/*
- * NOTE: do not add new entries to this table unless you have read
- * Documentation/sysctl/ctl_unnumbered.txt
- */
        { }
 };
 
@@ -1302,28 +1367,28 @@ static struct ctl_table fs_table[] = {
                .data           = &inodes_stat,
                .maxlen         = 2*sizeof(int),
                .mode           = 0444,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_nr_inodes,
        },
        {
                .procname       = "inode-state",
                .data           = &inodes_stat,
                .maxlen         = 7*sizeof(int),
                .mode           = 0444,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_nr_inodes,
        },
        {
                .procname       = "file-nr",
                .data           = &files_stat,
-               .maxlen         = 3*sizeof(int),
+               .maxlen         = sizeof(files_stat),
                .mode           = 0444,
                .proc_handler   = proc_nr_files,
        },
        {
                .procname       = "file-max",
                .data           = &files_stat.max_files,
-               .maxlen         = sizeof(int),
+               .maxlen         = sizeof(files_stat.max_files),
                .mode           = 0644,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_doulongvec_minmax,
        },
        {
                .procname       = "nr_open",
@@ -1339,7 +1404,7 @@ static struct ctl_table fs_table[] = {
                .data           = &dentry_stat,
                .maxlen         = 6*sizeof(int),
                .mode           = 0444,
-               .proc_handler   = proc_dointvec,
+               .proc_handler   = proc_nr_dentry,
        },
        {
                .procname       = "overflowuid",
@@ -1434,15 +1499,20 @@ static struct ctl_table fs_table[] = {
                .child          = binfmt_misc_table,
        },
 #endif
-/*
- * NOTE: do not add new entries to this table unless you have read
- * Documentation/sysctl/ctl_unnumbered.txt
- */
+       {
+               .procname       = "pipe-max-size",
+               .data           = &pipe_max_size,
+               .maxlen         = sizeof(int),
+               .mode           = 0644,
+               .proc_handler   = &pipe_proc_fn,
+               .extra1         = &pipe_min_size,
+       },
        { }
 };
 
 static struct ctl_table debug_table[] = {
-#if defined(CONFIG_X86) || defined(CONFIG_PPC) || defined(CONFIG_SPARC)
+#if defined(CONFIG_X86) || defined(CONFIG_PPC) || defined(CONFIG_SPARC) || \
+    defined(CONFIG_S390) || defined(CONFIG_TILE)
        {
                .procname       = "exception-trace",
                .data           = &show_unhandled_signals,
@@ -1524,7 +1594,7 @@ void sysctl_head_put(struct ctl_table_header *head)
 {
        spin_lock(&sysctl_lock);
        if (!--head->count)
-               kfree(head);
+               kfree_rcu(head, rcu);
        spin_unlock(&sysctl_lock);
 }
 
@@ -1638,13 +1708,8 @@ static int test_perm(int mode, int op)
 
 int sysctl_perm(struct ctl_table_root *root, struct ctl_table *table, int op)
 {
-       int error;
        int mode;
 
-       error = security_sysctl(table, op & (MAY_READ | MAY_WRITE | MAY_EXEC));
-       if (error)
-               return error;
-
        if (root->permissions)
                mode = root->permissions(root, current->nsproxy, table);
        else
@@ -1666,10 +1731,7 @@ static __init int sysctl_init(void)
 {
        sysctl_set_parent(NULL, root_table);
 #ifdef CONFIG_SYSCTL_SYSCALL_CHECK
-       {
-               int err;
-               err = sysctl_check_table(current->nsproxy, root_table);
-       }
+       sysctl_check_table(current->nsproxy, root_table);
 #endif
        return 0;
 }
@@ -1904,10 +1966,10 @@ void unregister_sysctl_table(struct ctl_table_header * header)
        start_unregistering(header);
        if (!--header->parent->count) {
                WARN_ON(1);
-               kfree(header->parent);
+               kfree_rcu(header->parent, rcu);
        }
        if (!--header->count)
-               kfree(header);
+               kfree_rcu(header, rcu);
        spin_unlock(&sysctl_lock);
 }
 
@@ -2051,8 +2113,132 @@ int proc_dostring(struct ctl_table *table, int write,
                               buffer, lenp, ppos);
 }
 
+static size_t proc_skip_spaces(char **buf)
+{
+       size_t ret;
+       char *tmp = skip_spaces(*buf);
+       ret = tmp - *buf;
+       *buf = tmp;
+       return ret;
+}
 
-static int do_proc_dointvec_conv(int *negp, unsigned long *lvalp,
+static void proc_skip_char(char **buf, size_t *size, const char v)
+{
+       while (*size) {
+               if (**buf != v)
+                       break;
+               (*size)--;
+               (*buf)++;
+       }
+}
+
+#define TMPBUFLEN 22
+/**
+ * proc_get_long - reads an ASCII formatted integer from a user buffer
+ *
+ * @buf: a kernel buffer
+ * @size: size of the kernel buffer
+ * @val: this is where the number will be stored
+ * @neg: set to %TRUE if number is negative
+ * @perm_tr: a vector which contains the allowed trailers
+ * @perm_tr_len: size of the perm_tr vector
+ * @tr: pointer to store the trailer character
+ *
+ * In case of success %0 is returned and @buf and @size are updated with
+ * the amount of bytes read. If @tr is non-NULL and a trailing
+ * character exists (size is non-zero after returning from this
+ * function), @tr is updated with the trailing character.
+ */
+static int proc_get_long(char **buf, size_t *size,
+                         unsigned long *val, bool *neg,
+                         const char *perm_tr, unsigned perm_tr_len, char *tr)
+{
+       int len;
+       char *p, tmp[TMPBUFLEN];
+
+       if (!*size)
+               return -EINVAL;
+
+       len = *size;
+       if (len > TMPBUFLEN - 1)
+               len = TMPBUFLEN - 1;
+
+       memcpy(tmp, *buf, len);
+
+       tmp[len] = 0;
+       p = tmp;
+       if (*p == '-' && *size > 1) {
+               *neg = true;
+               p++;
+       } else
+               *neg = false;
+       if (!isdigit(*p))
+               return -EINVAL;
+
+       *val = simple_strtoul(p, &p, 0);
+
+       len = p - tmp;
+
+       /* We don't know if the next char is whitespace thus we may accept
+        * invalid integers (e.g. 1234...a) or two integers instead of one
+        * (e.g. 123...1). So lets not allow such large numbers. */
+       if (len == TMPBUFLEN - 1)
+               return -EINVAL;
+
+       if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
+               return -EINVAL;
+
+       if (tr && (len < *size))
+               *tr = *p;
+
+       *buf += len;
+       *size -= len;
+
+       return 0;
+}
+
+/**
+ * proc_put_long - converts an integer to a decimal ASCII formatted string
+ *
+ * @buf: the user buffer
+ * @size: the size of the user buffer
+ * @val: the integer to be converted
+ * @neg: sign of the number, %TRUE for negative
+ *
+ * In case of success %0 is returned and @buf and @size are updated with
+ * the amount of bytes written.
+ */
+static int proc_put_long(void __user **buf, size_t *size, unsigned long val,
+                         bool neg)
+{
+       int len;
+       char tmp[TMPBUFLEN], *p = tmp;
+
+       sprintf(p, "%s%lu", neg ? "-" : "", val);
+       len = strlen(tmp);
+       if (len > *size)
+               len = *size;
+       if (copy_to_user(*buf, tmp, len))
+               return -EFAULT;
+       *size -= len;
+       *buf += len;
+       return 0;
+}
+#undef TMPBUFLEN
+
+static int proc_put_char(void __user **buf, size_t *size, char c)
+{
+       if (*size) {
+               char __user **buffer = (char __user **)buf;
+               if (put_user(c, *buffer))
+                       return -EFAULT;
+               (*size)--, (*buffer)++;
+               *buf = *buffer;
+       }
+       return 0;
+}
+
+static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
                                 int *valp,
                                 int write, void *data)
 {
@@ -2061,33 +2247,31 @@ static int do_proc_dointvec_conv(int *negp, unsigned long *lvalp,
        } else {
                int val = *valp;
                if (val < 0) {
-                       *negp = -1;
+                       *negp = true;
                        *lvalp = (unsigned long)-val;
                } else {
-                       *negp = 0;
+                       *negp = false;
                        *lvalp = (unsigned long)val;
                }
        }
        return 0;
 }
 
+static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
+
 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
                  int write, void __user *buffer,
                  size_t *lenp, loff_t *ppos,
-                 int (*conv)(int *negp, unsigned long *lvalp, int *valp,
+                 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
                              int write, void *data),
                  void *data)
 {
-#define TMPBUFLEN 21
-       int *i, vleft, first = 1, neg;
-       unsigned long lval;
-       size_t left, len;
-       
-       char buf[TMPBUFLEN], *p;
-       char __user *s = buffer;
+       int *i, vleft, first = 1, err = 0;
+       unsigned long page = 0;
+       size_t left;
+       char *kbuf;
        
-       if (!tbl_data || !table->maxlen || !*lenp ||
-           (*ppos && !write)) {
+       if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
                *lenp = 0;
                return 0;
        }
@@ -2099,89 +2283,71 @@ static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
        if (!conv)
                conv = do_proc_dointvec_conv;
 
+       if (write) {
+               if (left > PAGE_SIZE - 1)
+                       left = PAGE_SIZE - 1;
+               page = __get_free_page(GFP_TEMPORARY);
+               kbuf = (char *) page;
+               if (!kbuf)
+                       return -ENOMEM;
+               if (copy_from_user(kbuf, buffer, left)) {
+                       err = -EFAULT;
+                       goto free;
+               }
+               kbuf[left] = 0;
+       }
+
        for (; left && vleft--; i++, first=0) {
+               unsigned long lval;
+               bool neg;
+
                if (write) {
-                       while (left) {
-                               char c;
-                               if (get_user(c, s))
-                                       return -EFAULT;
-                               if (!isspace(c))
-                                       break;
-                               left--;
-                               s++;
-                       }
+                       left -= proc_skip_spaces(&kbuf);
+
                        if (!left)
                                break;
-                       neg = 0;
-                       len = left;
-                       if (len > sizeof(buf) - 1)
-                               len = sizeof(buf) - 1;
-                       if (copy_from_user(buf, s, len))
-                               return -EFAULT;
-                       buf[len] = 0;
-                       p = buf;
-                       if (*p == '-' && left > 1) {
-                               neg = 1;
-                               p++;
-                       }
-                       if (*p < '0' || *p > '9')
-                               break;
-
-                       lval = simple_strtoul(p, &p, 0);
-
-                       len = p-buf;
-                       if ((len < left) && *p && !isspace(*p))
+                       err = proc_get_long(&kbuf, &left, &lval, &neg,
+                                            proc_wspace_sep,
+                                            sizeof(proc_wspace_sep), NULL);
+                       if (err)
                                break;
-                       s += len;
-                       left -= len;
-
-                       if (conv(&neg, &lval, i, 1, data))
+                       if (conv(&neg, &lval, i, 1, data)) {
+                               err = -EINVAL;
                                break;
+                       }
                } else {
-                       p = buf;
+                       if (conv(&neg, &lval, i, 0, data)) {
+                               err = -EINVAL;
+                               break;
+                       }
                        if (!first)
-                               *p++ = '\t';
-       
-                       if (conv(&neg, &lval, i, 0, data))
+                               err = proc_put_char(&buffer, &left, '\t');
+                       if (err)
+                               break;
+                       err = proc_put_long(&buffer, &left, lval, neg);
+                       if (err)
                                break;
-
-                       sprintf(p, "%s%lu", neg ? "-" : "", lval);
-                       len = strlen(buf);
-                       if (len > left)
-                               len = left;
-                       if(copy_to_user(s, buf, len))
-                               return -EFAULT;
-                       left -= len;
-                       s += len;
                }
        }
 
-       if (!write && !first && left) {
-               if(put_user('\n', s))
-                       return -EFAULT;
-               left--, s++;
-       }
+       if (!write && !first && left && !err)
+               err = proc_put_char(&buffer, &left, '\n');
+       if (write && !err && left)
+               left -= proc_skip_spaces(&kbuf);
+free:
        if (write) {
-               while (left) {
-                       char c;
-                       if (get_user(c, s++))
-                               return -EFAULT;
-                       if (!isspace(c))
-                               break;
-                       left--;
-               }
+               free_page(page);
+               if (first)
+                       return err ? : -EINVAL;
        }
-       if (write && first)
-               return -EINVAL;
        *lenp -= left;
        *ppos += *lenp;
-       return 0;
-#undef TMPBUFLEN
+       return err;
 }
 
 static int do_proc_dointvec(struct ctl_table *table, int write,
                  void __user *buffer, size_t *lenp, loff_t *ppos,
-                 int (*conv)(int *negp, unsigned long *lvalp, int *valp,
+                 int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
                              int write, void *data),
                  void *data)
 {
@@ -2244,13 +2410,24 @@ static int proc_taint(struct ctl_table *table, int write,
        return err;
 }
 
+#ifdef CONFIG_PRINTK
+static int proc_dmesg_restrict(struct ctl_table *table, int write,
+                               void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+       if (write && !capable(CAP_SYS_ADMIN))
+               return -EPERM;
+
+       return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
+}
+#endif
+
 struct do_proc_dointvec_minmax_conv_param {
        int *min;
        int *max;
 };
 
-static int do_proc_dointvec_minmax_conv(int *negp, unsigned long *lvalp, 
-                                       int *valp, 
+static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
+                                       int *valp,
                                        int write, void *data)
 {
        struct do_proc_dointvec_minmax_conv_param *param = data;
@@ -2263,10 +2440,10 @@ static int do_proc_dointvec_minmax_conv(int *negp, unsigned long *lvalp,
        } else {
                int val = *valp;
                if (val < 0) {
-                       *negp = -1;
+                       *negp = true;
                        *lvalp = (unsigned long)-val;
                } else {
-                       *negp = 0;
+                       *negp = false;
                        *lvalp = (unsigned long)val;
                }
        }
@@ -2306,102 +2483,78 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int
                                     unsigned long convmul,
                                     unsigned long convdiv)
 {
-#define TMPBUFLEN 21
-       unsigned long *i, *min, *max, val;
-       int vleft, first=1, neg;
-       size_t len, left;
-       char buf[TMPBUFLEN], *p;
-       char __user *s = buffer;
-       
-       if (!data || !table->maxlen || !*lenp ||
-           (*ppos && !write)) {
+       unsigned long *i, *min, *max;
+       int vleft, first = 1, err = 0;
+       unsigned long page = 0;
+       size_t left;
+       char *kbuf;
+
+       if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
                *lenp = 0;
                return 0;
        }
-       
+
        i = (unsigned long *) data;
        min = (unsigned long *) table->extra1;
        max = (unsigned long *) table->extra2;
        vleft = table->maxlen / sizeof(unsigned long);
        left = *lenp;
-       
-       for (; left && vleft--; i++, min++, max++, first=0) {
+
+       if (write) {
+               if (left > PAGE_SIZE - 1)
+                       left = PAGE_SIZE - 1;
+               page = __get_free_page(GFP_TEMPORARY);
+               kbuf = (char *) page;
+               if (!kbuf)
+                       return -ENOMEM;
+               if (copy_from_user(kbuf, buffer, left)) {
+                       err = -EFAULT;
+                       goto free;
+               }
+               kbuf[left] = 0;
+       }
+
+       for (; left && vleft--; i++, first = 0) {
+               unsigned long val;
+
                if (write) {
-                       while (left) {
-                               char c;
-                               if (get_user(c, s))
-                                       return -EFAULT;
-                               if (!isspace(c))
-                                       break;
-                               left--;
-                               s++;
-                       }
-                       if (!left)
-                               break;
-                       neg = 0;
-                       len = left;
-                       if (len > TMPBUFLEN-1)
-                               len = TMPBUFLEN-1;
-                       if (copy_from_user(buf, s, len))
-                               return -EFAULT;
-                       buf[len] = 0;
-                       p = buf;
-                       if (*p == '-' && left > 1) {
-                               neg = 1;
-                               p++;
-                       }
-                       if (*p < '0' || *p > '9')
-                               break;
-                       val = simple_strtoul(p, &p, 0) * convmul / convdiv ;
-                       len = p-buf;
-                       if ((len < left) && *p && !isspace(*p))
+                       bool neg;
+
+                       left -= proc_skip_spaces(&kbuf);
+
+                       err = proc_get_long(&kbuf, &left, &val, &neg,
+                                            proc_wspace_sep,
+                                            sizeof(proc_wspace_sep), NULL);
+                       if (err)
                                break;
                        if (neg)
-                               val = -val;
-                       s += len;
-                       left -= len;
-
-                       if(neg)
                                continue;
                        if ((min && val < *min) || (max && val > *max))
                                continue;
                        *i = val;
                } else {
-                       p = buf;
+                       val = convdiv * (*i) / convmul;
                        if (!first)
-                               *p++ = '\t';
-                       sprintf(p, "%lu", convdiv * (*i) / convmul);
-                       len = strlen(buf);
-                       if (len > left)
-                               len = left;
-                       if(copy_to_user(s, buf, len))
-                               return -EFAULT;
-                       left -= len;
-                       s += len;
+                               err = proc_put_char(&buffer, &left, '\t');
+                       err = proc_put_long(&buffer, &left, val, false);
+                       if (err)
+                               break;
                }
        }
 
-       if (!write && !first && left) {
-               if(put_user('\n', s))
-                       return -EFAULT;
-               left--, s++;
-       }
+       if (!write && !first && left && !err)
+               err = proc_put_char(&buffer, &left, '\n');
+       if (write && !err)
+               left -= proc_skip_spaces(&kbuf);
+free:
        if (write) {
-               while (left) {
-                       char c;
-                       if (get_user(c, s++))
-                               return -EFAULT;
-                       if (!isspace(c))
-                               break;
-                       left--;
-               }
+               free_page(page);
+               if (first)
+                       return err ? : -EINVAL;
        }
-       if (write && first)
-               return -EINVAL;
        *lenp -= left;
        *ppos += *lenp;
-       return 0;
-#undef TMPBUFLEN
+       return err;
 }
 
 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
@@ -2462,7 +2615,7 @@ int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
 }
 
 
-static int do_proc_dointvec_jiffies_conv(int *negp, unsigned long *lvalp,
+static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
                                         int *valp,
                                         int write, void *data)
 {
@@ -2474,10 +2627,10 @@ static int do_proc_dointvec_jiffies_conv(int *negp, unsigned long *lvalp,
                int val = *valp;
                unsigned long lval;
                if (val < 0) {
-                       *negp = -1;
+                       *negp = true;
                        lval = (unsigned long)-val;
                } else {
-                       *negp = 0;
+                       *negp = false;
                        lval = (unsigned long)val;
                }
                *lvalp = lval / HZ;
@@ -2485,7 +2638,7 @@ static int do_proc_dointvec_jiffies_conv(int *negp, unsigned long *lvalp,
        return 0;
 }
 
-static int do_proc_dointvec_userhz_jiffies_conv(int *negp, unsigned long *lvalp,
+static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
                                                int *valp,
                                                int write, void *data)
 {
@@ -2497,10 +2650,10 @@ static int do_proc_dointvec_userhz_jiffies_conv(int *negp, unsigned long *lvalp,
                int val = *valp;
                unsigned long lval;
                if (val < 0) {
-                       *negp = -1;
+                       *negp = true;
                        lval = (unsigned long)-val;
                } else {
-                       *negp = 0;
+                       *negp = false;
                        lval = (unsigned long)val;
                }
                *lvalp = jiffies_to_clock_t(lval);
@@ -2508,7 +2661,7 @@ static int do_proc_dointvec_userhz_jiffies_conv(int *negp, unsigned long *lvalp,
        return 0;
 }
 
-static int do_proc_dointvec_ms_jiffies_conv(int *negp, unsigned long *lvalp,
+static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
                                            int *valp,
                                            int write, void *data)
 {
@@ -2518,10 +2671,10 @@ static int do_proc_dointvec_ms_jiffies_conv(int *negp, unsigned long *lvalp,
                int val = *valp;
                unsigned long lval;
                if (val < 0) {
-                       *negp = -1;
+                       *negp = true;
                        lval = (unsigned long)-val;
                } else {
-                       *negp = 0;
+                       *negp = false;
                        lval = (unsigned long)val;
                }
                *lvalp = jiffies_to_msecs(lval);
@@ -2618,7 +2771,158 @@ static int proc_do_cad_pid(struct ctl_table *table, int write,
        return 0;
 }
 
-#else /* CONFIG_PROC_FS */
+/**
+ * proc_do_large_bitmap - read/write from/to a large bitmap
+ * @table: the sysctl table
+ * @write: %TRUE if this is a write to the sysctl file
+ * @buffer: the user buffer
+ * @lenp: the size of the user buffer
+ * @ppos: file position
+ *
+ * The bitmap is stored at table->data and the bitmap length (in bits)
+ * in table->maxlen.
+ *
+ * We use a range comma separated format (e.g. 1,3-4,10-10) so that
+ * large bitmaps may be represented in a compact manner. Writing into
+ * the file will clear the bitmap then update it with the given input.
+ *
+ * Returns 0 on success.
+ */
+int proc_do_large_bitmap(struct ctl_table *table, int write,
+                        void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+       int err = 0;
+       bool first = 1;
+       size_t left = *lenp;
+       unsigned long bitmap_len = table->maxlen;
+       unsigned long *bitmap = (unsigned long *) table->data;
+       unsigned long *tmp_bitmap = NULL;
+       char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
+
+       if (!bitmap_len || !left || (*ppos && !write)) {
+               *lenp = 0;
+               return 0;
+       }
+
+       if (write) {
+               unsigned long page = 0;
+               char *kbuf;
+
+               if (left > PAGE_SIZE - 1)
+                       left = PAGE_SIZE - 1;
+
+               page = __get_free_page(GFP_TEMPORARY);
+               kbuf = (char *) page;
+               if (!kbuf)
+                       return -ENOMEM;
+               if (copy_from_user(kbuf, buffer, left)) {
+                       free_page(page);
+                       return -EFAULT;
+                }
+               kbuf[left] = 0;
+
+               tmp_bitmap = kzalloc(BITS_TO_LONGS(bitmap_len) * sizeof(unsigned long),
+                                    GFP_KERNEL);
+               if (!tmp_bitmap) {
+                       free_page(page);
+                       return -ENOMEM;
+               }
+               proc_skip_char(&kbuf, &left, '\n');
+               while (!err && left) {
+                       unsigned long val_a, val_b;
+                       bool neg;
+
+                       err = proc_get_long(&kbuf, &left, &val_a, &neg, tr_a,
+                                            sizeof(tr_a), &c);
+                       if (err)
+                               break;
+                       if (val_a >= bitmap_len || neg) {
+                               err = -EINVAL;
+                               break;
+                       }
+
+                       val_b = val_a;
+                       if (left) {
+                               kbuf++;
+                               left--;
+                       }
+
+                       if (c == '-') {
+                               err = proc_get_long(&kbuf, &left, &val_b,
+                                                    &neg, tr_b, sizeof(tr_b),
+                                                    &c);
+                               if (err)
+                                       break;
+                               if (val_b >= bitmap_len || neg ||
+                                   val_a > val_b) {
+                                       err = -EINVAL;
+                                       break;
+                               }
+                               if (left) {
+                                       kbuf++;
+                                       left--;
+                               }
+                       }
+
+                       while (val_a <= val_b)
+                               set_bit(val_a++, tmp_bitmap);
+
+                       first = 0;
+                       proc_skip_char(&kbuf, &left, '\n');
+               }
+               free_page(page);
+       } else {
+               unsigned long bit_a, bit_b = 0;
+
+               while (left) {
+                       bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
+                       if (bit_a >= bitmap_len)
+                               break;
+                       bit_b = find_next_zero_bit(bitmap, bitmap_len,
+                                                  bit_a + 1) - 1;
+
+                       if (!first) {
+                               err = proc_put_char(&buffer, &left, ',');
+                               if (err)
+                                       break;
+                       }
+                       err = proc_put_long(&buffer, &left, bit_a, false);
+                       if (err)
+                               break;
+                       if (bit_a != bit_b) {
+                               err = proc_put_char(&buffer, &left, '-');
+                               if (err)
+                                       break;
+                               err = proc_put_long(&buffer, &left, bit_b, false);
+                               if (err)
+                                       break;
+                       }
+
+                       first = 0; bit_b++;
+               }
+               if (!err)
+                       err = proc_put_char(&buffer, &left, '\n');
+       }
+
+       if (!err) {
+               if (write) {
+                       if (*ppos)
+                               bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
+                       else
+                               memcpy(bitmap, tmp_bitmap,
+                                       BITS_TO_LONGS(bitmap_len) * sizeof(unsigned long));
+               }
+               kfree(tmp_bitmap);
+               *lenp -= left;
+               *ppos += *lenp;
+               return 0;
+       } else {
+               kfree(tmp_bitmap);
+               return err;
+       }
+}
+
+#else /* CONFIG_PROC_SYSCTL */
 
 int proc_dostring(struct ctl_table *table, int write,
                  void __user *buffer, size_t *lenp, loff_t *ppos)
@@ -2670,7 +2974,7 @@ int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
 }
 
 
-#endif /* CONFIG_PROC_FS */
+#endif /* CONFIG_PROC_SYSCTL */
 
 /*
  * No sense putting this after each symbol definition, twice,