audit: fix info leak in AUDIT_GET requests
[linux-3.10.git] / kernel / sysctl.c
1 /*
2  * sysctl.c: General linux system control interface
3  *
4  * Begun 24 March 1995, Stephen Tweedie
5  * Added /proc support, Dec 1995
6  * Added bdflush entry and intvec min/max checking, 2/23/96, Tom Dyas.
7  * Added hooks for /proc/sys/net (minor, minor patch), 96/4/1, Mike Shaver.
8  * Added kernel/java-{interpreter,appletviewer}, 96/5/10, Mike Shaver.
9  * Dynamic registration fixes, Stephen Tweedie.
10  * Added kswapd-interval, ctrl-alt-del, printk stuff, 1/8/97, Chris Horn.
11  * Made sysctl support optional via CONFIG_SYSCTL, 1/10/97, Chris
12  *  Horn.
13  * Added proc_doulongvec_ms_jiffies_minmax, 09/08/99, Carlos H. Bauer.
14  * Added proc_doulongvec_minmax, 09/08/99, Carlos H. Bauer.
15  * Changed linked lists to use list.h instead of lists.h, 02/24/00, Bill
16  *  Wendling.
17  * The list_for_each() macro wasn't appropriate for the sysctl loop.
18  *  Removed it and replaced it with older style, 03/23/00, Bill Wendling
19  */
20
21 #include <linux/module.h>
22 #include <linux/mm.h>
23 #include <linux/swap.h>
24 #include <linux/slab.h>
25 #include <linux/sysctl.h>
26 #include <linux/bitmap.h>
27 #include <linux/signal.h>
28 #include <linux/printk.h>
29 #include <linux/proc_fs.h>
30 #include <linux/security.h>
31 #include <linux/ctype.h>
32 #include <linux/kmemcheck.h>
33 #include <linux/kmemleak.h>
34 #include <linux/fs.h>
35 #include <linux/init.h>
36 #include <linux/kernel.h>
37 #include <linux/kobject.h>
38 #include <linux/net.h>
39 #include <linux/sysrq.h>
40 #include <linux/highuid.h>
41 #include <linux/writeback.h>
42 #include <linux/ratelimit.h>
43 #include <linux/compaction.h>
44 #include <linux/hugetlb.h>
45 #include <linux/initrd.h>
46 #include <linux/key.h>
47 #include <linux/times.h>
48 #include <linux/limits.h>
49 #include <linux/dcache.h>
50 #include <linux/dnotify.h>
51 #include <linux/syscalls.h>
52 #include <linux/vmstat.h>
53 #include <linux/nfs_fs.h>
54 #include <linux/acpi.h>
55 #include <linux/reboot.h>
56 #include <linux/ftrace.h>
57 #include <linux/perf_event.h>
58 #include <linux/kprobes.h>
59 #include <linux/pipe_fs_i.h>
60 #include <linux/oom.h>
61 #include <linux/kmod.h>
62 #include <linux/capability.h>
63 #include <linux/binfmts.h>
64 #include <linux/sched/sysctl.h>
65
66 #include <asm/uaccess.h>
67 #include <asm/processor.h>
68
69 #ifdef CONFIG_X86
70 #include <asm/nmi.h>
71 #include <asm/stacktrace.h>
72 #include <asm/io.h>
73 #endif
74 #ifdef CONFIG_SPARC
75 #include <asm/setup.h>
76 #endif
77 #ifdef CONFIG_BSD_PROCESS_ACCT
78 #include <linux/acct.h>
79 #endif
80 #ifdef CONFIG_RT_MUTEXES
81 #include <linux/rtmutex.h>
82 #endif
83 #if defined(CONFIG_PROVE_LOCKING) || defined(CONFIG_LOCK_STAT)
84 #include <linux/lockdep.h>
85 #endif
86 #ifdef CONFIG_CHR_DEV_SG
87 #include <scsi/sg.h>
88 #endif
89
90 #ifdef CONFIG_LOCKUP_DETECTOR
91 #include <linux/nmi.h>
92 #endif
93
94
95 #if defined(CONFIG_SYSCTL)
96
97 /* External variables not in a header file. */
98 extern int sysctl_overcommit_memory;
99 extern int sysctl_overcommit_ratio;
100 extern int max_threads;
101 extern int suid_dumpable;
102 #ifdef CONFIG_COREDUMP
103 extern int core_uses_pid;
104 extern char core_pattern[];
105 extern unsigned int core_pipe_limit;
106 #endif
107 extern int pid_max;
108 extern int pid_max_min, pid_max_max;
109 extern int percpu_pagelist_fraction;
110 extern int compat_log;
111 extern int latencytop_enabled;
112 extern int sysctl_nr_open_min, sysctl_nr_open_max;
113 #ifndef CONFIG_MMU
114 extern int sysctl_nr_trim_pages;
115 #endif
116 #ifdef CONFIG_BLOCK
117 extern int blk_iopoll_enabled;
118 #endif
119
120 /* Constants used for minimum and  maximum */
121 #ifdef CONFIG_LOCKUP_DETECTOR
122 static int sixty = 60;
123 static int neg_one = -1;
124 #endif
125
126 static int zero;
127 static int __maybe_unused one = 1;
128 static int __maybe_unused two = 2;
129 static int __maybe_unused three = 3;
130 static unsigned long one_ul = 1;
131 static int one_hundred = 100;
132 #ifdef CONFIG_PRINTK
133 static int ten_thousand = 10000;
134 #endif
135
136 /* this is needed for the proc_doulongvec_minmax of vm_dirty_bytes */
137 static unsigned long dirty_bytes_min = 2 * PAGE_SIZE;
138
139 /* this is needed for the proc_dointvec_minmax for [fs_]overflow UID and GID */
140 static int maxolduid = 65535;
141 static int minolduid;
142 static int min_percpu_pagelist_fract = 8;
143
144 static int ngroups_max = NGROUPS_MAX;
145 static const int cap_last_cap = CAP_LAST_CAP;
146
147 #ifdef CONFIG_INOTIFY_USER
148 #include <linux/inotify.h>
149 #endif
150 #ifdef CONFIG_SPARC
151 #endif
152
153 #ifdef CONFIG_SPARC64
154 extern int sysctl_tsb_ratio;
155 #endif
156
157 #ifdef __hppa__
158 extern int pwrsw_enabled;
159 #endif
160
161 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
162 extern int unaligned_enabled;
163 #endif
164
165 #ifdef CONFIG_IA64
166 extern int unaligned_dump_stack;
167 #endif
168
169 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
170 extern int no_unaligned_warning;
171 #endif
172
173 #ifdef CONFIG_PROC_SYSCTL
174 static int proc_do_cad_pid(struct ctl_table *table, int write,
175                   void __user *buffer, size_t *lenp, loff_t *ppos);
176 static int proc_taint(struct ctl_table *table, int write,
177                                void __user *buffer, size_t *lenp, loff_t *ppos);
178 #endif
179
180 #ifdef CONFIG_PRINTK
181 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
182                                 void __user *buffer, size_t *lenp, loff_t *ppos);
183 #endif
184
185 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
186                 void __user *buffer, size_t *lenp, loff_t *ppos);
187 #ifdef CONFIG_COREDUMP
188 static int proc_dostring_coredump(struct ctl_table *table, int write,
189                 void __user *buffer, size_t *lenp, loff_t *ppos);
190 #endif
191
192 #ifdef CONFIG_MAGIC_SYSRQ
193 /* Note: sysrq code uses it's own private copy */
194 static int __sysrq_enabled = SYSRQ_DEFAULT_ENABLE;
195
196 static int sysrq_sysctl_handler(ctl_table *table, int write,
197                                 void __user *buffer, size_t *lenp,
198                                 loff_t *ppos)
199 {
200         int error;
201
202         error = proc_dointvec(table, write, buffer, lenp, ppos);
203         if (error)
204                 return error;
205
206         if (write)
207                 sysrq_toggle_support(__sysrq_enabled);
208
209         return 0;
210 }
211
212 #endif
213
214 static struct ctl_table kern_table[];
215 static struct ctl_table vm_table[];
216 static struct ctl_table fs_table[];
217 static struct ctl_table debug_table[];
218 static struct ctl_table dev_table[];
219 extern struct ctl_table random_table[];
220 #ifdef CONFIG_EPOLL
221 extern struct ctl_table epoll_table[];
222 #endif
223
224 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
225 int sysctl_legacy_va_layout;
226 #endif
227
228 /* The default sysctl tables: */
229
230 static struct ctl_table sysctl_base_table[] = {
231         {
232                 .procname       = "kernel",
233                 .mode           = 0555,
234                 .child          = kern_table,
235         },
236         {
237                 .procname       = "vm",
238                 .mode           = 0555,
239                 .child          = vm_table,
240         },
241         {
242                 .procname       = "fs",
243                 .mode           = 0555,
244                 .child          = fs_table,
245         },
246         {
247                 .procname       = "debug",
248                 .mode           = 0555,
249                 .child          = debug_table,
250         },
251         {
252                 .procname       = "dev",
253                 .mode           = 0555,
254                 .child          = dev_table,
255         },
256         { }
257 };
258
259 #ifdef CONFIG_SCHED_DEBUG
260 static int min_sched_granularity_ns = 100000;           /* 100 usecs */
261 static int max_sched_granularity_ns = NSEC_PER_SEC;     /* 1 second */
262 static int min_wakeup_granularity_ns;                   /* 0 usecs */
263 static int max_wakeup_granularity_ns = NSEC_PER_SEC;    /* 1 second */
264 #ifdef CONFIG_SMP
265 static int min_sched_tunable_scaling = SCHED_TUNABLESCALING_NONE;
266 static int max_sched_tunable_scaling = SCHED_TUNABLESCALING_END-1;
267 #endif /* CONFIG_SMP */
268 #endif /* CONFIG_SCHED_DEBUG */
269
270 #ifdef CONFIG_COMPACTION
271 static int min_extfrag_threshold;
272 static int max_extfrag_threshold = 1000;
273 #endif
274
275 static struct ctl_table kern_table[] = {
276         {
277                 .procname       = "sched_child_runs_first",
278                 .data           = &sysctl_sched_child_runs_first,
279                 .maxlen         = sizeof(unsigned int),
280                 .mode           = 0644,
281                 .proc_handler   = proc_dointvec,
282         },
283 #ifdef CONFIG_SCHED_DEBUG
284         {
285                 .procname       = "sched_min_granularity_ns",
286                 .data           = &sysctl_sched_min_granularity,
287                 .maxlen         = sizeof(unsigned int),
288                 .mode           = 0644,
289                 .proc_handler   = sched_proc_update_handler,
290                 .extra1         = &min_sched_granularity_ns,
291                 .extra2         = &max_sched_granularity_ns,
292         },
293         {
294                 .procname       = "sched_latency_ns",
295                 .data           = &sysctl_sched_latency,
296                 .maxlen         = sizeof(unsigned int),
297                 .mode           = 0644,
298                 .proc_handler   = sched_proc_update_handler,
299                 .extra1         = &min_sched_granularity_ns,
300                 .extra2         = &max_sched_granularity_ns,
301         },
302         {
303                 .procname       = "sched_wakeup_granularity_ns",
304                 .data           = &sysctl_sched_wakeup_granularity,
305                 .maxlen         = sizeof(unsigned int),
306                 .mode           = 0644,
307                 .proc_handler   = sched_proc_update_handler,
308                 .extra1         = &min_wakeup_granularity_ns,
309                 .extra2         = &max_wakeup_granularity_ns,
310         },
311 #ifdef CONFIG_SMP
312         {
313                 .procname       = "sched_tunable_scaling",
314                 .data           = &sysctl_sched_tunable_scaling,
315                 .maxlen         = sizeof(enum sched_tunable_scaling),
316                 .mode           = 0644,
317                 .proc_handler   = sched_proc_update_handler,
318                 .extra1         = &min_sched_tunable_scaling,
319                 .extra2         = &max_sched_tunable_scaling,
320         },
321         {
322                 .procname       = "sched_migration_cost_ns",
323                 .data           = &sysctl_sched_migration_cost,
324                 .maxlen         = sizeof(unsigned int),
325                 .mode           = 0644,
326                 .proc_handler   = proc_dointvec,
327         },
328         {
329                 .procname       = "sched_nr_migrate",
330                 .data           = &sysctl_sched_nr_migrate,
331                 .maxlen         = sizeof(unsigned int),
332                 .mode           = 0644,
333                 .proc_handler   = proc_dointvec,
334         },
335         {
336                 .procname       = "sched_time_avg_ms",
337                 .data           = &sysctl_sched_time_avg,
338                 .maxlen         = sizeof(unsigned int),
339                 .mode           = 0644,
340                 .proc_handler   = proc_dointvec,
341         },
342         {
343                 .procname       = "sched_shares_window_ns",
344                 .data           = &sysctl_sched_shares_window,
345                 .maxlen         = sizeof(unsigned int),
346                 .mode           = 0644,
347                 .proc_handler   = proc_dointvec,
348         },
349         {
350                 .procname       = "timer_migration",
351                 .data           = &sysctl_timer_migration,
352                 .maxlen         = sizeof(unsigned int),
353                 .mode           = 0644,
354                 .proc_handler   = proc_dointvec_minmax,
355                 .extra1         = &zero,
356                 .extra2         = &one,
357         },
358 #endif /* CONFIG_SMP */
359 #ifdef CONFIG_NUMA_BALANCING
360         {
361                 .procname       = "numa_balancing_scan_delay_ms",
362                 .data           = &sysctl_numa_balancing_scan_delay,
363                 .maxlen         = sizeof(unsigned int),
364                 .mode           = 0644,
365                 .proc_handler   = proc_dointvec,
366         },
367         {
368                 .procname       = "numa_balancing_scan_period_min_ms",
369                 .data           = &sysctl_numa_balancing_scan_period_min,
370                 .maxlen         = sizeof(unsigned int),
371                 .mode           = 0644,
372                 .proc_handler   = proc_dointvec,
373         },
374         {
375                 .procname       = "numa_balancing_scan_period_reset",
376                 .data           = &sysctl_numa_balancing_scan_period_reset,
377                 .maxlen         = sizeof(unsigned int),
378                 .mode           = 0644,
379                 .proc_handler   = proc_dointvec,
380         },
381         {
382                 .procname       = "numa_balancing_scan_period_max_ms",
383                 .data           = &sysctl_numa_balancing_scan_period_max,
384                 .maxlen         = sizeof(unsigned int),
385                 .mode           = 0644,
386                 .proc_handler   = proc_dointvec,
387         },
388         {
389                 .procname       = "numa_balancing_scan_size_mb",
390                 .data           = &sysctl_numa_balancing_scan_size,
391                 .maxlen         = sizeof(unsigned int),
392                 .mode           = 0644,
393                 .proc_handler   = proc_dointvec,
394         },
395 #endif /* CONFIG_NUMA_BALANCING */
396 #endif /* CONFIG_SCHED_DEBUG */
397         {
398                 .procname       = "sched_rt_period_us",
399                 .data           = &sysctl_sched_rt_period,
400                 .maxlen         = sizeof(unsigned int),
401                 .mode           = 0644,
402                 .proc_handler   = sched_rt_handler,
403         },
404         {
405                 .procname       = "sched_rt_runtime_us",
406                 .data           = &sysctl_sched_rt_runtime,
407                 .maxlen         = sizeof(int),
408                 .mode           = 0644,
409                 .proc_handler   = sched_rt_handler,
410         },
411         {
412                 .procname       = "sched_rr_timeslice_ms",
413                 .data           = &sched_rr_timeslice,
414                 .maxlen         = sizeof(int),
415                 .mode           = 0644,
416                 .proc_handler   = sched_rr_handler,
417         },
418 #ifdef CONFIG_SCHED_AUTOGROUP
419         {
420                 .procname       = "sched_autogroup_enabled",
421                 .data           = &sysctl_sched_autogroup_enabled,
422                 .maxlen         = sizeof(unsigned int),
423                 .mode           = 0644,
424                 .proc_handler   = proc_dointvec_minmax,
425                 .extra1         = &zero,
426                 .extra2         = &one,
427         },
428 #endif
429 #ifdef CONFIG_CFS_BANDWIDTH
430         {
431                 .procname       = "sched_cfs_bandwidth_slice_us",
432                 .data           = &sysctl_sched_cfs_bandwidth_slice,
433                 .maxlen         = sizeof(unsigned int),
434                 .mode           = 0644,
435                 .proc_handler   = proc_dointvec_minmax,
436                 .extra1         = &one,
437         },
438 #endif
439 #ifdef CONFIG_PROVE_LOCKING
440         {
441                 .procname       = "prove_locking",
442                 .data           = &prove_locking,
443                 .maxlen         = sizeof(int),
444                 .mode           = 0644,
445                 .proc_handler   = proc_dointvec,
446         },
447 #endif
448 #ifdef CONFIG_LOCK_STAT
449         {
450                 .procname       = "lock_stat",
451                 .data           = &lock_stat,
452                 .maxlen         = sizeof(int),
453                 .mode           = 0644,
454                 .proc_handler   = proc_dointvec,
455         },
456 #endif
457         {
458                 .procname       = "panic",
459                 .data           = &panic_timeout,
460                 .maxlen         = sizeof(int),
461                 .mode           = 0644,
462                 .proc_handler   = proc_dointvec,
463         },
464 #ifdef CONFIG_COREDUMP
465         {
466                 .procname       = "core_uses_pid",
467                 .data           = &core_uses_pid,
468                 .maxlen         = sizeof(int),
469                 .mode           = 0644,
470                 .proc_handler   = proc_dointvec,
471         },
472         {
473                 .procname       = "core_pattern",
474                 .data           = core_pattern,
475                 .maxlen         = CORENAME_MAX_SIZE,
476                 .mode           = 0644,
477                 .proc_handler   = proc_dostring_coredump,
478         },
479         {
480                 .procname       = "core_pipe_limit",
481                 .data           = &core_pipe_limit,
482                 .maxlen         = sizeof(unsigned int),
483                 .mode           = 0644,
484                 .proc_handler   = proc_dointvec,
485         },
486 #endif
487 #ifdef CONFIG_PROC_SYSCTL
488         {
489                 .procname       = "tainted",
490                 .maxlen         = sizeof(long),
491                 .mode           = 0644,
492                 .proc_handler   = proc_taint,
493         },
494 #endif
495 #ifdef CONFIG_LATENCYTOP
496         {
497                 .procname       = "latencytop",
498                 .data           = &latencytop_enabled,
499                 .maxlen         = sizeof(int),
500                 .mode           = 0644,
501                 .proc_handler   = proc_dointvec,
502         },
503 #endif
504 #ifdef CONFIG_BLK_DEV_INITRD
505         {
506                 .procname       = "real-root-dev",
507                 .data           = &real_root_dev,
508                 .maxlen         = sizeof(int),
509                 .mode           = 0644,
510                 .proc_handler   = proc_dointvec,
511         },
512 #endif
513         {
514                 .procname       = "print-fatal-signals",
515                 .data           = &print_fatal_signals,
516                 .maxlen         = sizeof(int),
517                 .mode           = 0644,
518                 .proc_handler   = proc_dointvec,
519         },
520 #ifdef CONFIG_SPARC
521         {
522                 .procname       = "reboot-cmd",
523                 .data           = reboot_command,
524                 .maxlen         = 256,
525                 .mode           = 0644,
526                 .proc_handler   = proc_dostring,
527         },
528         {
529                 .procname       = "stop-a",
530                 .data           = &stop_a_enabled,
531                 .maxlen         = sizeof (int),
532                 .mode           = 0644,
533                 .proc_handler   = proc_dointvec,
534         },
535         {
536                 .procname       = "scons-poweroff",
537                 .data           = &scons_pwroff,
538                 .maxlen         = sizeof (int),
539                 .mode           = 0644,
540                 .proc_handler   = proc_dointvec,
541         },
542 #endif
543 #ifdef CONFIG_SPARC64
544         {
545                 .procname       = "tsb-ratio",
546                 .data           = &sysctl_tsb_ratio,
547                 .maxlen         = sizeof (int),
548                 .mode           = 0644,
549                 .proc_handler   = proc_dointvec,
550         },
551 #endif
552 #ifdef __hppa__
553         {
554                 .procname       = "soft-power",
555                 .data           = &pwrsw_enabled,
556                 .maxlen         = sizeof (int),
557                 .mode           = 0644,
558                 .proc_handler   = proc_dointvec,
559         },
560 #endif
561 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW
562         {
563                 .procname       = "unaligned-trap",
564                 .data           = &unaligned_enabled,
565                 .maxlen         = sizeof (int),
566                 .mode           = 0644,
567                 .proc_handler   = proc_dointvec,
568         },
569 #endif
570         {
571                 .procname       = "ctrl-alt-del",
572                 .data           = &C_A_D,
573                 .maxlen         = sizeof(int),
574                 .mode           = 0644,
575                 .proc_handler   = proc_dointvec,
576         },
577 #ifdef CONFIG_FUNCTION_TRACER
578         {
579                 .procname       = "ftrace_enabled",
580                 .data           = &ftrace_enabled,
581                 .maxlen         = sizeof(int),
582                 .mode           = 0644,
583                 .proc_handler   = ftrace_enable_sysctl,
584         },
585 #endif
586 #ifdef CONFIG_STACK_TRACER
587         {
588                 .procname       = "stack_tracer_enabled",
589                 .data           = &stack_tracer_enabled,
590                 .maxlen         = sizeof(int),
591                 .mode           = 0644,
592                 .proc_handler   = stack_trace_sysctl,
593         },
594 #endif
595 #ifdef CONFIG_TRACING
596         {
597                 .procname       = "ftrace_dump_on_oops",
598                 .data           = &ftrace_dump_on_oops,
599                 .maxlen         = sizeof(int),
600                 .mode           = 0644,
601                 .proc_handler   = proc_dointvec,
602         },
603 #endif
604 #ifdef CONFIG_MODULES
605         {
606                 .procname       = "modprobe",
607                 .data           = &modprobe_path,
608                 .maxlen         = KMOD_PATH_LEN,
609                 .mode           = 0644,
610                 .proc_handler   = proc_dostring,
611         },
612         {
613                 .procname       = "modules_disabled",
614                 .data           = &modules_disabled,
615                 .maxlen         = sizeof(int),
616                 .mode           = 0644,
617                 /* only handle a transition from default "0" to "1" */
618                 .proc_handler   = proc_dointvec_minmax,
619                 .extra1         = &one,
620                 .extra2         = &one,
621         },
622 #endif
623
624         {
625                 .procname       = "hotplug",
626                 .data           = &uevent_helper,
627                 .maxlen         = UEVENT_HELPER_PATH_LEN,
628                 .mode           = 0644,
629                 .proc_handler   = proc_dostring,
630         },
631
632 #ifdef CONFIG_CHR_DEV_SG
633         {
634                 .procname       = "sg-big-buff",
635                 .data           = &sg_big_buff,
636                 .maxlen         = sizeof (int),
637                 .mode           = 0444,
638                 .proc_handler   = proc_dointvec,
639         },
640 #endif
641 #ifdef CONFIG_BSD_PROCESS_ACCT
642         {
643                 .procname       = "acct",
644                 .data           = &acct_parm,
645                 .maxlen         = 3*sizeof(int),
646                 .mode           = 0644,
647                 .proc_handler   = proc_dointvec,
648         },
649 #endif
650 #ifdef CONFIG_MAGIC_SYSRQ
651         {
652                 .procname       = "sysrq",
653                 .data           = &__sysrq_enabled,
654                 .maxlen         = sizeof (int),
655                 .mode           = 0644,
656                 .proc_handler   = sysrq_sysctl_handler,
657         },
658 #endif
659 #ifdef CONFIG_PROC_SYSCTL
660         {
661                 .procname       = "cad_pid",
662                 .data           = NULL,
663                 .maxlen         = sizeof (int),
664                 .mode           = 0600,
665                 .proc_handler   = proc_do_cad_pid,
666         },
667 #endif
668         {
669                 .procname       = "threads-max",
670                 .data           = &max_threads,
671                 .maxlen         = sizeof(int),
672                 .mode           = 0644,
673                 .proc_handler   = proc_dointvec,
674         },
675         {
676                 .procname       = "random",
677                 .mode           = 0555,
678                 .child          = random_table,
679         },
680         {
681                 .procname       = "usermodehelper",
682                 .mode           = 0555,
683                 .child          = usermodehelper_table,
684         },
685         {
686                 .procname       = "overflowuid",
687                 .data           = &overflowuid,
688                 .maxlen         = sizeof(int),
689                 .mode           = 0644,
690                 .proc_handler   = proc_dointvec_minmax,
691                 .extra1         = &minolduid,
692                 .extra2         = &maxolduid,
693         },
694         {
695                 .procname       = "overflowgid",
696                 .data           = &overflowgid,
697                 .maxlen         = sizeof(int),
698                 .mode           = 0644,
699                 .proc_handler   = proc_dointvec_minmax,
700                 .extra1         = &minolduid,
701                 .extra2         = &maxolduid,
702         },
703 #ifdef CONFIG_S390
704 #ifdef CONFIG_MATHEMU
705         {
706                 .procname       = "ieee_emulation_warnings",
707                 .data           = &sysctl_ieee_emulation_warnings,
708                 .maxlen         = sizeof(int),
709                 .mode           = 0644,
710                 .proc_handler   = proc_dointvec,
711         },
712 #endif
713         {
714                 .procname       = "userprocess_debug",
715                 .data           = &show_unhandled_signals,
716                 .maxlen         = sizeof(int),
717                 .mode           = 0644,
718                 .proc_handler   = proc_dointvec,
719         },
720 #endif
721         {
722                 .procname       = "pid_max",
723                 .data           = &pid_max,
724                 .maxlen         = sizeof (int),
725                 .mode           = 0644,
726                 .proc_handler   = proc_dointvec_minmax,
727                 .extra1         = &pid_max_min,
728                 .extra2         = &pid_max_max,
729         },
730         {
731                 .procname       = "panic_on_oops",
732                 .data           = &panic_on_oops,
733                 .maxlen         = sizeof(int),
734                 .mode           = 0644,
735                 .proc_handler   = proc_dointvec,
736         },
737 #if defined CONFIG_PRINTK
738         {
739                 .procname       = "printk",
740                 .data           = &console_loglevel,
741                 .maxlen         = 4*sizeof(int),
742                 .mode           = 0644,
743                 .proc_handler   = proc_dointvec,
744         },
745         {
746                 .procname       = "printk_ratelimit",
747                 .data           = &printk_ratelimit_state.interval,
748                 .maxlen         = sizeof(int),
749                 .mode           = 0644,
750                 .proc_handler   = proc_dointvec_jiffies,
751         },
752         {
753                 .procname       = "printk_ratelimit_burst",
754                 .data           = &printk_ratelimit_state.burst,
755                 .maxlen         = sizeof(int),
756                 .mode           = 0644,
757                 .proc_handler   = proc_dointvec,
758         },
759         {
760                 .procname       = "printk_delay",
761                 .data           = &printk_delay_msec,
762                 .maxlen         = sizeof(int),
763                 .mode           = 0644,
764                 .proc_handler   = proc_dointvec_minmax,
765                 .extra1         = &zero,
766                 .extra2         = &ten_thousand,
767         },
768         {
769                 .procname       = "dmesg_restrict",
770                 .data           = &dmesg_restrict,
771                 .maxlen         = sizeof(int),
772                 .mode           = 0644,
773                 .proc_handler   = proc_dointvec_minmax_sysadmin,
774                 .extra1         = &zero,
775                 .extra2         = &one,
776         },
777         {
778                 .procname       = "kptr_restrict",
779                 .data           = &kptr_restrict,
780                 .maxlen         = sizeof(int),
781                 .mode           = 0644,
782                 .proc_handler   = proc_dointvec_minmax_sysadmin,
783                 .extra1         = &zero,
784                 .extra2         = &two,
785         },
786 #endif
787         {
788                 .procname       = "ngroups_max",
789                 .data           = &ngroups_max,
790                 .maxlen         = sizeof (int),
791                 .mode           = 0444,
792                 .proc_handler   = proc_dointvec,
793         },
794         {
795                 .procname       = "cap_last_cap",
796                 .data           = (void *)&cap_last_cap,
797                 .maxlen         = sizeof(int),
798                 .mode           = 0444,
799                 .proc_handler   = proc_dointvec,
800         },
801 #if defined(CONFIG_LOCKUP_DETECTOR)
802         {
803                 .procname       = "watchdog",
804                 .data           = &watchdog_enabled,
805                 .maxlen         = sizeof (int),
806                 .mode           = 0644,
807                 .proc_handler   = proc_dowatchdog,
808                 .extra1         = &zero,
809                 .extra2         = &one,
810         },
811         {
812                 .procname       = "watchdog_thresh",
813                 .data           = &watchdog_thresh,
814                 .maxlen         = sizeof(int),
815                 .mode           = 0644,
816                 .proc_handler   = proc_dowatchdog,
817                 .extra1         = &neg_one,
818                 .extra2         = &sixty,
819         },
820         {
821                 .procname       = "softlockup_panic",
822                 .data           = &softlockup_panic,
823                 .maxlen         = sizeof(int),
824                 .mode           = 0644,
825                 .proc_handler   = proc_dointvec_minmax,
826                 .extra1         = &zero,
827                 .extra2         = &one,
828         },
829         {
830                 .procname       = "nmi_watchdog",
831                 .data           = &watchdog_enabled,
832                 .maxlen         = sizeof (int),
833                 .mode           = 0644,
834                 .proc_handler   = proc_dowatchdog,
835                 .extra1         = &zero,
836                 .extra2         = &one,
837         },
838 #endif
839 #if defined(CONFIG_X86_LOCAL_APIC) && defined(CONFIG_X86)
840         {
841                 .procname       = "unknown_nmi_panic",
842                 .data           = &unknown_nmi_panic,
843                 .maxlen         = sizeof (int),
844                 .mode           = 0644,
845                 .proc_handler   = proc_dointvec,
846         },
847 #endif
848 #if defined(CONFIG_X86)
849         {
850                 .procname       = "panic_on_unrecovered_nmi",
851                 .data           = &panic_on_unrecovered_nmi,
852                 .maxlen         = sizeof(int),
853                 .mode           = 0644,
854                 .proc_handler   = proc_dointvec,
855         },
856         {
857                 .procname       = "panic_on_io_nmi",
858                 .data           = &panic_on_io_nmi,
859                 .maxlen         = sizeof(int),
860                 .mode           = 0644,
861                 .proc_handler   = proc_dointvec,
862         },
863 #ifdef CONFIG_DEBUG_STACKOVERFLOW
864         {
865                 .procname       = "panic_on_stackoverflow",
866                 .data           = &sysctl_panic_on_stackoverflow,
867                 .maxlen         = sizeof(int),
868                 .mode           = 0644,
869                 .proc_handler   = proc_dointvec,
870         },
871 #endif
872         {
873                 .procname       = "bootloader_type",
874                 .data           = &bootloader_type,
875                 .maxlen         = sizeof (int),
876                 .mode           = 0444,
877                 .proc_handler   = proc_dointvec,
878         },
879         {
880                 .procname       = "bootloader_version",
881                 .data           = &bootloader_version,
882                 .maxlen         = sizeof (int),
883                 .mode           = 0444,
884                 .proc_handler   = proc_dointvec,
885         },
886         {
887                 .procname       = "kstack_depth_to_print",
888                 .data           = &kstack_depth_to_print,
889                 .maxlen         = sizeof(int),
890                 .mode           = 0644,
891                 .proc_handler   = proc_dointvec,
892         },
893         {
894                 .procname       = "io_delay_type",
895                 .data           = &io_delay_type,
896                 .maxlen         = sizeof(int),
897                 .mode           = 0644,
898                 .proc_handler   = proc_dointvec,
899         },
900 #endif
901 #if defined(CONFIG_MMU)
902         {
903                 .procname       = "randomize_va_space",
904                 .data           = &randomize_va_space,
905                 .maxlen         = sizeof(int),
906                 .mode           = 0644,
907                 .proc_handler   = proc_dointvec,
908         },
909 #endif
910 #if defined(CONFIG_S390) && defined(CONFIG_SMP)
911         {
912                 .procname       = "spin_retry",
913                 .data           = &spin_retry,
914                 .maxlen         = sizeof (int),
915                 .mode           = 0644,
916                 .proc_handler   = proc_dointvec,
917         },
918 #endif
919 #if     defined(CONFIG_ACPI_SLEEP) && defined(CONFIG_X86)
920         {
921                 .procname       = "acpi_video_flags",
922                 .data           = &acpi_realmode_flags,
923                 .maxlen         = sizeof (unsigned long),
924                 .mode           = 0644,
925                 .proc_handler   = proc_doulongvec_minmax,
926         },
927 #endif
928 #ifdef CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN
929         {
930                 .procname       = "ignore-unaligned-usertrap",
931                 .data           = &no_unaligned_warning,
932                 .maxlen         = sizeof (int),
933                 .mode           = 0644,
934                 .proc_handler   = proc_dointvec,
935         },
936 #endif
937 #ifdef CONFIG_IA64
938         {
939                 .procname       = "unaligned-dump-stack",
940                 .data           = &unaligned_dump_stack,
941                 .maxlen         = sizeof (int),
942                 .mode           = 0644,
943                 .proc_handler   = proc_dointvec,
944         },
945 #endif
946 #ifdef CONFIG_DETECT_HUNG_TASK
947         {
948                 .procname       = "hung_task_panic",
949                 .data           = &sysctl_hung_task_panic,
950                 .maxlen         = sizeof(int),
951                 .mode           = 0644,
952                 .proc_handler   = proc_dointvec_minmax,
953                 .extra1         = &zero,
954                 .extra2         = &one,
955         },
956         {
957                 .procname       = "hung_task_check_count",
958                 .data           = &sysctl_hung_task_check_count,
959                 .maxlen         = sizeof(unsigned long),
960                 .mode           = 0644,
961                 .proc_handler   = proc_doulongvec_minmax,
962         },
963         {
964                 .procname       = "hung_task_timeout_secs",
965                 .data           = &sysctl_hung_task_timeout_secs,
966                 .maxlen         = sizeof(unsigned long),
967                 .mode           = 0644,
968                 .proc_handler   = proc_dohung_task_timeout_secs,
969         },
970         {
971                 .procname       = "hung_task_warnings",
972                 .data           = &sysctl_hung_task_warnings,
973                 .maxlen         = sizeof(unsigned long),
974                 .mode           = 0644,
975                 .proc_handler   = proc_doulongvec_minmax,
976         },
977 #endif
978 #ifdef CONFIG_COMPAT
979         {
980                 .procname       = "compat-log",
981                 .data           = &compat_log,
982                 .maxlen         = sizeof (int),
983                 .mode           = 0644,
984                 .proc_handler   = proc_dointvec,
985         },
986 #endif
987 #ifdef CONFIG_RT_MUTEXES
988         {
989                 .procname       = "max_lock_depth",
990                 .data           = &max_lock_depth,
991                 .maxlen         = sizeof(int),
992                 .mode           = 0644,
993                 .proc_handler   = proc_dointvec,
994         },
995 #endif
996         {
997                 .procname       = "poweroff_cmd",
998                 .data           = &poweroff_cmd,
999                 .maxlen         = POWEROFF_CMD_PATH_LEN,
1000                 .mode           = 0644,
1001                 .proc_handler   = proc_dostring,
1002         },
1003 #ifdef CONFIG_KEYS
1004         {
1005                 .procname       = "keys",
1006                 .mode           = 0555,
1007                 .child          = key_sysctls,
1008         },
1009 #endif
1010 #ifdef CONFIG_RCU_TORTURE_TEST
1011         {
1012                 .procname       = "rcutorture_runnable",
1013                 .data           = &rcutorture_runnable,
1014                 .maxlen         = sizeof(int),
1015                 .mode           = 0644,
1016                 .proc_handler   = proc_dointvec,
1017         },
1018 #endif
1019 #ifdef CONFIG_PERF_EVENTS
1020         /*
1021          * User-space scripts rely on the existence of this file
1022          * as a feature check for perf_events being enabled.
1023          *
1024          * So it's an ABI, do not remove!
1025          */
1026         {
1027                 .procname       = "perf_event_paranoid",
1028                 .data           = &sysctl_perf_event_paranoid,
1029                 .maxlen         = sizeof(sysctl_perf_event_paranoid),
1030                 .mode           = 0644,
1031                 .proc_handler   = proc_dointvec,
1032         },
1033         {
1034                 .procname       = "perf_event_mlock_kb",
1035                 .data           = &sysctl_perf_event_mlock,
1036                 .maxlen         = sizeof(sysctl_perf_event_mlock),
1037                 .mode           = 0644,
1038                 .proc_handler   = proc_dointvec,
1039         },
1040         {
1041                 .procname       = "perf_event_max_sample_rate",
1042                 .data           = &sysctl_perf_event_sample_rate,
1043                 .maxlen         = sizeof(sysctl_perf_event_sample_rate),
1044                 .mode           = 0644,
1045                 .proc_handler   = perf_proc_update_handler,
1046         },
1047 #endif
1048 #ifdef CONFIG_KMEMCHECK
1049         {
1050                 .procname       = "kmemcheck",
1051                 .data           = &kmemcheck_enabled,
1052                 .maxlen         = sizeof(int),
1053                 .mode           = 0644,
1054                 .proc_handler   = proc_dointvec,
1055         },
1056 #endif
1057 #ifdef CONFIG_BLOCK
1058         {
1059                 .procname       = "blk_iopoll",
1060                 .data           = &blk_iopoll_enabled,
1061                 .maxlen         = sizeof(int),
1062                 .mode           = 0644,
1063                 .proc_handler   = proc_dointvec,
1064         },
1065 #endif
1066         { }
1067 };
1068
1069 static struct ctl_table vm_table[] = {
1070         {
1071                 .procname       = "overcommit_memory",
1072                 .data           = &sysctl_overcommit_memory,
1073                 .maxlen         = sizeof(sysctl_overcommit_memory),
1074                 .mode           = 0644,
1075                 .proc_handler   = proc_dointvec_minmax,
1076                 .extra1         = &zero,
1077                 .extra2         = &two,
1078         },
1079         {
1080                 .procname       = "panic_on_oom",
1081                 .data           = &sysctl_panic_on_oom,
1082                 .maxlen         = sizeof(sysctl_panic_on_oom),
1083                 .mode           = 0644,
1084                 .proc_handler   = proc_dointvec_minmax,
1085                 .extra1         = &zero,
1086                 .extra2         = &two,
1087         },
1088         {
1089                 .procname       = "oom_kill_allocating_task",
1090                 .data           = &sysctl_oom_kill_allocating_task,
1091                 .maxlen         = sizeof(sysctl_oom_kill_allocating_task),
1092                 .mode           = 0644,
1093                 .proc_handler   = proc_dointvec,
1094         },
1095         {
1096                 .procname       = "oom_dump_tasks",
1097                 .data           = &sysctl_oom_dump_tasks,
1098                 .maxlen         = sizeof(sysctl_oom_dump_tasks),
1099                 .mode           = 0644,
1100                 .proc_handler   = proc_dointvec,
1101         },
1102         {
1103                 .procname       = "overcommit_ratio",
1104                 .data           = &sysctl_overcommit_ratio,
1105                 .maxlen         = sizeof(sysctl_overcommit_ratio),
1106                 .mode           = 0644,
1107                 .proc_handler   = proc_dointvec,
1108         },
1109         {
1110                 .procname       = "page-cluster", 
1111                 .data           = &page_cluster,
1112                 .maxlen         = sizeof(int),
1113                 .mode           = 0644,
1114                 .proc_handler   = proc_dointvec_minmax,
1115                 .extra1         = &zero,
1116         },
1117         {
1118                 .procname       = "dirty_background_ratio",
1119                 .data           = &dirty_background_ratio,
1120                 .maxlen         = sizeof(dirty_background_ratio),
1121                 .mode           = 0644,
1122                 .proc_handler   = dirty_background_ratio_handler,
1123                 .extra1         = &zero,
1124                 .extra2         = &one_hundred,
1125         },
1126         {
1127                 .procname       = "dirty_background_bytes",
1128                 .data           = &dirty_background_bytes,
1129                 .maxlen         = sizeof(dirty_background_bytes),
1130                 .mode           = 0644,
1131                 .proc_handler   = dirty_background_bytes_handler,
1132                 .extra1         = &one_ul,
1133         },
1134         {
1135                 .procname       = "dirty_ratio",
1136                 .data           = &vm_dirty_ratio,
1137                 .maxlen         = sizeof(vm_dirty_ratio),
1138                 .mode           = 0644,
1139                 .proc_handler   = dirty_ratio_handler,
1140                 .extra1         = &zero,
1141                 .extra2         = &one_hundred,
1142         },
1143         {
1144                 .procname       = "dirty_bytes",
1145                 .data           = &vm_dirty_bytes,
1146                 .maxlen         = sizeof(vm_dirty_bytes),
1147                 .mode           = 0644,
1148                 .proc_handler   = dirty_bytes_handler,
1149                 .extra1         = &dirty_bytes_min,
1150         },
1151         {
1152                 .procname       = "dirty_writeback_centisecs",
1153                 .data           = &dirty_writeback_interval,
1154                 .maxlen         = sizeof(dirty_writeback_interval),
1155                 .mode           = 0644,
1156                 .proc_handler   = dirty_writeback_centisecs_handler,
1157         },
1158         {
1159                 .procname       = "dirty_expire_centisecs",
1160                 .data           = &dirty_expire_interval,
1161                 .maxlen         = sizeof(dirty_expire_interval),
1162                 .mode           = 0644,
1163                 .proc_handler   = proc_dointvec_minmax,
1164                 .extra1         = &zero,
1165         },
1166         {
1167                 .procname       = "nr_pdflush_threads",
1168                 .mode           = 0444 /* read-only */,
1169                 .proc_handler   = pdflush_proc_obsolete,
1170         },
1171         {
1172                 .procname       = "swappiness",
1173                 .data           = &vm_swappiness,
1174                 .maxlen         = sizeof(vm_swappiness),
1175                 .mode           = 0644,
1176                 .proc_handler   = proc_dointvec_minmax,
1177                 .extra1         = &zero,
1178                 .extra2         = &one_hundred,
1179         },
1180 #ifdef CONFIG_HUGETLB_PAGE
1181         {
1182                 .procname       = "nr_hugepages",
1183                 .data           = NULL,
1184                 .maxlen         = sizeof(unsigned long),
1185                 .mode           = 0644,
1186                 .proc_handler   = hugetlb_sysctl_handler,
1187                 .extra1         = (void *)&hugetlb_zero,
1188                 .extra2         = (void *)&hugetlb_infinity,
1189         },
1190 #ifdef CONFIG_NUMA
1191         {
1192                 .procname       = "nr_hugepages_mempolicy",
1193                 .data           = NULL,
1194                 .maxlen         = sizeof(unsigned long),
1195                 .mode           = 0644,
1196                 .proc_handler   = &hugetlb_mempolicy_sysctl_handler,
1197                 .extra1         = (void *)&hugetlb_zero,
1198                 .extra2         = (void *)&hugetlb_infinity,
1199         },
1200 #endif
1201          {
1202                 .procname       = "hugetlb_shm_group",
1203                 .data           = &sysctl_hugetlb_shm_group,
1204                 .maxlen         = sizeof(gid_t),
1205                 .mode           = 0644,
1206                 .proc_handler   = proc_dointvec,
1207          },
1208          {
1209                 .procname       = "hugepages_treat_as_movable",
1210                 .data           = &hugepages_treat_as_movable,
1211                 .maxlen         = sizeof(int),
1212                 .mode           = 0644,
1213                 .proc_handler   = hugetlb_treat_movable_handler,
1214         },
1215         {
1216                 .procname       = "nr_overcommit_hugepages",
1217                 .data           = NULL,
1218                 .maxlen         = sizeof(unsigned long),
1219                 .mode           = 0644,
1220                 .proc_handler   = hugetlb_overcommit_handler,
1221                 .extra1         = (void *)&hugetlb_zero,
1222                 .extra2         = (void *)&hugetlb_infinity,
1223         },
1224 #endif
1225         {
1226                 .procname       = "lowmem_reserve_ratio",
1227                 .data           = &sysctl_lowmem_reserve_ratio,
1228                 .maxlen         = sizeof(sysctl_lowmem_reserve_ratio),
1229                 .mode           = 0644,
1230                 .proc_handler   = lowmem_reserve_ratio_sysctl_handler,
1231         },
1232         {
1233                 .procname       = "drop_caches",
1234                 .data           = &sysctl_drop_caches,
1235                 .maxlen         = sizeof(int),
1236                 .mode           = 0644,
1237                 .proc_handler   = drop_caches_sysctl_handler,
1238                 .extra1         = &one,
1239                 .extra2         = &three,
1240         },
1241 #ifdef CONFIG_COMPACTION
1242         {
1243                 .procname       = "compact_memory",
1244                 .data           = &sysctl_compact_memory,
1245                 .maxlen         = sizeof(int),
1246                 .mode           = 0200,
1247                 .proc_handler   = sysctl_compaction_handler,
1248         },
1249         {
1250                 .procname       = "extfrag_threshold",
1251                 .data           = &sysctl_extfrag_threshold,
1252                 .maxlen         = sizeof(int),
1253                 .mode           = 0644,
1254                 .proc_handler   = sysctl_extfrag_handler,
1255                 .extra1         = &min_extfrag_threshold,
1256                 .extra2         = &max_extfrag_threshold,
1257         },
1258
1259 #endif /* CONFIG_COMPACTION */
1260         {
1261                 .procname       = "min_free_kbytes",
1262                 .data           = &min_free_kbytes,
1263                 .maxlen         = sizeof(min_free_kbytes),
1264                 .mode           = 0644,
1265                 .proc_handler   = min_free_kbytes_sysctl_handler,
1266                 .extra1         = &zero,
1267         },
1268         {
1269                 .procname       = "percpu_pagelist_fraction",
1270                 .data           = &percpu_pagelist_fraction,
1271                 .maxlen         = sizeof(percpu_pagelist_fraction),
1272                 .mode           = 0644,
1273                 .proc_handler   = percpu_pagelist_fraction_sysctl_handler,
1274                 .extra1         = &min_percpu_pagelist_fract,
1275         },
1276 #ifdef CONFIG_MMU
1277         {
1278                 .procname       = "max_map_count",
1279                 .data           = &sysctl_max_map_count,
1280                 .maxlen         = sizeof(sysctl_max_map_count),
1281                 .mode           = 0644,
1282                 .proc_handler   = proc_dointvec_minmax,
1283                 .extra1         = &zero,
1284         },
1285 #else
1286         {
1287                 .procname       = "nr_trim_pages",
1288                 .data           = &sysctl_nr_trim_pages,
1289                 .maxlen         = sizeof(sysctl_nr_trim_pages),
1290                 .mode           = 0644,
1291                 .proc_handler   = proc_dointvec_minmax,
1292                 .extra1         = &zero,
1293         },
1294 #endif
1295         {
1296                 .procname       = "laptop_mode",
1297                 .data           = &laptop_mode,
1298                 .maxlen         = sizeof(laptop_mode),
1299                 .mode           = 0644,
1300                 .proc_handler   = proc_dointvec_jiffies,
1301         },
1302         {
1303                 .procname       = "block_dump",
1304                 .data           = &block_dump,
1305                 .maxlen         = sizeof(block_dump),
1306                 .mode           = 0644,
1307                 .proc_handler   = proc_dointvec,
1308                 .extra1         = &zero,
1309         },
1310         {
1311                 .procname       = "vfs_cache_pressure",
1312                 .data           = &sysctl_vfs_cache_pressure,
1313                 .maxlen         = sizeof(sysctl_vfs_cache_pressure),
1314                 .mode           = 0644,
1315                 .proc_handler   = proc_dointvec,
1316                 .extra1         = &zero,
1317         },
1318 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
1319         {
1320                 .procname       = "legacy_va_layout",
1321                 .data           = &sysctl_legacy_va_layout,
1322                 .maxlen         = sizeof(sysctl_legacy_va_layout),
1323                 .mode           = 0644,
1324                 .proc_handler   = proc_dointvec,
1325                 .extra1         = &zero,
1326         },
1327 #endif
1328 #ifdef CONFIG_NUMA
1329         {
1330                 .procname       = "zone_reclaim_mode",
1331                 .data           = &zone_reclaim_mode,
1332                 .maxlen         = sizeof(zone_reclaim_mode),
1333                 .mode           = 0644,
1334                 .proc_handler   = proc_dointvec,
1335                 .extra1         = &zero,
1336         },
1337         {
1338                 .procname       = "min_unmapped_ratio",
1339                 .data           = &sysctl_min_unmapped_ratio,
1340                 .maxlen         = sizeof(sysctl_min_unmapped_ratio),
1341                 .mode           = 0644,
1342                 .proc_handler   = sysctl_min_unmapped_ratio_sysctl_handler,
1343                 .extra1         = &zero,
1344                 .extra2         = &one_hundred,
1345         },
1346         {
1347                 .procname       = "min_slab_ratio",
1348                 .data           = &sysctl_min_slab_ratio,
1349                 .maxlen         = sizeof(sysctl_min_slab_ratio),
1350                 .mode           = 0644,
1351                 .proc_handler   = sysctl_min_slab_ratio_sysctl_handler,
1352                 .extra1         = &zero,
1353                 .extra2         = &one_hundred,
1354         },
1355 #endif
1356 #ifdef CONFIG_SMP
1357         {
1358                 .procname       = "stat_interval",
1359                 .data           = &sysctl_stat_interval,
1360                 .maxlen         = sizeof(sysctl_stat_interval),
1361                 .mode           = 0644,
1362                 .proc_handler   = proc_dointvec_jiffies,
1363         },
1364 #endif
1365 #ifdef CONFIG_MMU
1366         {
1367                 .procname       = "mmap_min_addr",
1368                 .data           = &dac_mmap_min_addr,
1369                 .maxlen         = sizeof(unsigned long),
1370                 .mode           = 0644,
1371                 .proc_handler   = mmap_min_addr_handler,
1372         },
1373 #endif
1374 #ifdef CONFIG_NUMA
1375         {
1376                 .procname       = "numa_zonelist_order",
1377                 .data           = &numa_zonelist_order,
1378                 .maxlen         = NUMA_ZONELIST_ORDER_LEN,
1379                 .mode           = 0644,
1380                 .proc_handler   = numa_zonelist_order_handler,
1381         },
1382 #endif
1383 #if (defined(CONFIG_X86_32) && !defined(CONFIG_UML))|| \
1384    (defined(CONFIG_SUPERH) && defined(CONFIG_VSYSCALL))
1385         {
1386                 .procname       = "vdso_enabled",
1387                 .data           = &vdso_enabled,
1388                 .maxlen         = sizeof(vdso_enabled),
1389                 .mode           = 0644,
1390                 .proc_handler   = proc_dointvec,
1391                 .extra1         = &zero,
1392         },
1393 #endif
1394 #ifdef CONFIG_HIGHMEM
1395         {
1396                 .procname       = "highmem_is_dirtyable",
1397                 .data           = &vm_highmem_is_dirtyable,
1398                 .maxlen         = sizeof(vm_highmem_is_dirtyable),
1399                 .mode           = 0644,
1400                 .proc_handler   = proc_dointvec_minmax,
1401                 .extra1         = &zero,
1402                 .extra2         = &one,
1403         },
1404 #endif
1405         {
1406                 .procname       = "scan_unevictable_pages",
1407                 .data           = &scan_unevictable_pages,
1408                 .maxlen         = sizeof(scan_unevictable_pages),
1409                 .mode           = 0644,
1410                 .proc_handler   = scan_unevictable_handler,
1411         },
1412 #ifdef CONFIG_MEMORY_FAILURE
1413         {
1414                 .procname       = "memory_failure_early_kill",
1415                 .data           = &sysctl_memory_failure_early_kill,
1416                 .maxlen         = sizeof(sysctl_memory_failure_early_kill),
1417                 .mode           = 0644,
1418                 .proc_handler   = proc_dointvec_minmax,
1419                 .extra1         = &zero,
1420                 .extra2         = &one,
1421         },
1422         {
1423                 .procname       = "memory_failure_recovery",
1424                 .data           = &sysctl_memory_failure_recovery,
1425                 .maxlen         = sizeof(sysctl_memory_failure_recovery),
1426                 .mode           = 0644,
1427                 .proc_handler   = proc_dointvec_minmax,
1428                 .extra1         = &zero,
1429                 .extra2         = &one,
1430         },
1431 #endif
1432         {
1433                 .procname       = "user_reserve_kbytes",
1434                 .data           = &sysctl_user_reserve_kbytes,
1435                 .maxlen         = sizeof(sysctl_user_reserve_kbytes),
1436                 .mode           = 0644,
1437                 .proc_handler   = proc_doulongvec_minmax,
1438         },
1439         {
1440                 .procname       = "admin_reserve_kbytes",
1441                 .data           = &sysctl_admin_reserve_kbytes,
1442                 .maxlen         = sizeof(sysctl_admin_reserve_kbytes),
1443                 .mode           = 0644,
1444                 .proc_handler   = proc_doulongvec_minmax,
1445         },
1446         { }
1447 };
1448
1449 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE)
1450 static struct ctl_table binfmt_misc_table[] = {
1451         { }
1452 };
1453 #endif
1454
1455 static struct ctl_table fs_table[] = {
1456         {
1457                 .procname       = "inode-nr",
1458                 .data           = &inodes_stat,
1459                 .maxlen         = 2*sizeof(int),
1460                 .mode           = 0444,
1461                 .proc_handler   = proc_nr_inodes,
1462         },
1463         {
1464                 .procname       = "inode-state",
1465                 .data           = &inodes_stat,
1466                 .maxlen         = 7*sizeof(int),
1467                 .mode           = 0444,
1468                 .proc_handler   = proc_nr_inodes,
1469         },
1470         {
1471                 .procname       = "file-nr",
1472                 .data           = &files_stat,
1473                 .maxlen         = sizeof(files_stat),
1474                 .mode           = 0444,
1475                 .proc_handler   = proc_nr_files,
1476         },
1477         {
1478                 .procname       = "file-max",
1479                 .data           = &files_stat.max_files,
1480                 .maxlen         = sizeof(files_stat.max_files),
1481                 .mode           = 0644,
1482                 .proc_handler   = proc_doulongvec_minmax,
1483         },
1484         {
1485                 .procname       = "nr_open",
1486                 .data           = &sysctl_nr_open,
1487                 .maxlen         = sizeof(int),
1488                 .mode           = 0644,
1489                 .proc_handler   = proc_dointvec_minmax,
1490                 .extra1         = &sysctl_nr_open_min,
1491                 .extra2         = &sysctl_nr_open_max,
1492         },
1493         {
1494                 .procname       = "dentry-state",
1495                 .data           = &dentry_stat,
1496                 .maxlen         = 6*sizeof(int),
1497                 .mode           = 0444,
1498                 .proc_handler   = proc_nr_dentry,
1499         },
1500         {
1501                 .procname       = "overflowuid",
1502                 .data           = &fs_overflowuid,
1503                 .maxlen         = sizeof(int),
1504                 .mode           = 0644,
1505                 .proc_handler   = proc_dointvec_minmax,
1506                 .extra1         = &minolduid,
1507                 .extra2         = &maxolduid,
1508         },
1509         {
1510                 .procname       = "overflowgid",
1511                 .data           = &fs_overflowgid,
1512                 .maxlen         = sizeof(int),
1513                 .mode           = 0644,
1514                 .proc_handler   = proc_dointvec_minmax,
1515                 .extra1         = &minolduid,
1516                 .extra2         = &maxolduid,
1517         },
1518 #ifdef CONFIG_FILE_LOCKING
1519         {
1520                 .procname       = "leases-enable",
1521                 .data           = &leases_enable,
1522                 .maxlen         = sizeof(int),
1523                 .mode           = 0644,
1524                 .proc_handler   = proc_dointvec,
1525         },
1526 #endif
1527 #ifdef CONFIG_DNOTIFY
1528         {
1529                 .procname       = "dir-notify-enable",
1530                 .data           = &dir_notify_enable,
1531                 .maxlen         = sizeof(int),
1532                 .mode           = 0644,
1533                 .proc_handler   = proc_dointvec,
1534         },
1535 #endif
1536 #ifdef CONFIG_MMU
1537 #ifdef CONFIG_FILE_LOCKING
1538         {
1539                 .procname       = "lease-break-time",
1540                 .data           = &lease_break_time,
1541                 .maxlen         = sizeof(int),
1542                 .mode           = 0644,
1543                 .proc_handler   = proc_dointvec,
1544         },
1545 #endif
1546 #ifdef CONFIG_AIO
1547         {
1548                 .procname       = "aio-nr",
1549                 .data           = &aio_nr,
1550                 .maxlen         = sizeof(aio_nr),
1551                 .mode           = 0444,
1552                 .proc_handler   = proc_doulongvec_minmax,
1553         },
1554         {
1555                 .procname       = "aio-max-nr",
1556                 .data           = &aio_max_nr,
1557                 .maxlen         = sizeof(aio_max_nr),
1558                 .mode           = 0644,
1559                 .proc_handler   = proc_doulongvec_minmax,
1560         },
1561 #endif /* CONFIG_AIO */
1562 #ifdef CONFIG_INOTIFY_USER
1563         {
1564                 .procname       = "inotify",
1565                 .mode           = 0555,
1566                 .child          = inotify_table,
1567         },
1568 #endif  
1569 #ifdef CONFIG_EPOLL
1570         {
1571                 .procname       = "epoll",
1572                 .mode           = 0555,
1573                 .child          = epoll_table,
1574         },
1575 #endif
1576 #endif
1577         {
1578                 .procname       = "protected_symlinks",
1579                 .data           = &sysctl_protected_symlinks,
1580                 .maxlen         = sizeof(int),
1581                 .mode           = 0600,
1582                 .proc_handler   = proc_dointvec_minmax,
1583                 .extra1         = &zero,
1584                 .extra2         = &one,
1585         },
1586         {
1587                 .procname       = "protected_hardlinks",
1588                 .data           = &sysctl_protected_hardlinks,
1589                 .maxlen         = sizeof(int),
1590                 .mode           = 0600,
1591                 .proc_handler   = proc_dointvec_minmax,
1592                 .extra1         = &zero,
1593                 .extra2         = &one,
1594         },
1595         {
1596                 .procname       = "suid_dumpable",
1597                 .data           = &suid_dumpable,
1598                 .maxlen         = sizeof(int),
1599                 .mode           = 0644,
1600                 .proc_handler   = proc_dointvec_minmax_coredump,
1601                 .extra1         = &zero,
1602                 .extra2         = &two,
1603         },
1604 #if defined(CONFIG_BINFMT_MISC) || defined(CONFIG_BINFMT_MISC_MODULE)
1605         {
1606                 .procname       = "binfmt_misc",
1607                 .mode           = 0555,
1608                 .child          = binfmt_misc_table,
1609         },
1610 #endif
1611         {
1612                 .procname       = "pipe-max-size",
1613                 .data           = &pipe_max_size,
1614                 .maxlen         = sizeof(int),
1615                 .mode           = 0644,
1616                 .proc_handler   = &pipe_proc_fn,
1617                 .extra1         = &pipe_min_size,
1618         },
1619         { }
1620 };
1621
1622 static struct ctl_table debug_table[] = {
1623 #ifdef CONFIG_SYSCTL_EXCEPTION_TRACE
1624         {
1625                 .procname       = "exception-trace",
1626                 .data           = &show_unhandled_signals,
1627                 .maxlen         = sizeof(int),
1628                 .mode           = 0644,
1629                 .proc_handler   = proc_dointvec
1630         },
1631 #endif
1632 #if defined(CONFIG_OPTPROBES)
1633         {
1634                 .procname       = "kprobes-optimization",
1635                 .data           = &sysctl_kprobes_optimization,
1636                 .maxlen         = sizeof(int),
1637                 .mode           = 0644,
1638                 .proc_handler   = proc_kprobes_optimization_handler,
1639                 .extra1         = &zero,
1640                 .extra2         = &one,
1641         },
1642 #endif
1643         { }
1644 };
1645
1646 static struct ctl_table dev_table[] = {
1647         { }
1648 };
1649
1650 int __init sysctl_init(void)
1651 {
1652         struct ctl_table_header *hdr;
1653
1654         hdr = register_sysctl_table(sysctl_base_table);
1655         kmemleak_not_leak(hdr);
1656         return 0;
1657 }
1658
1659 #endif /* CONFIG_SYSCTL */
1660
1661 /*
1662  * /proc/sys support
1663  */
1664
1665 #ifdef CONFIG_PROC_SYSCTL
1666
1667 static int _proc_do_string(void* data, int maxlen, int write,
1668                            void __user *buffer,
1669                            size_t *lenp, loff_t *ppos)
1670 {
1671         size_t len;
1672         char __user *p;
1673         char c;
1674
1675         if (!data || !maxlen || !*lenp) {
1676                 *lenp = 0;
1677                 return 0;
1678         }
1679
1680         if (write) {
1681                 len = 0;
1682                 p = buffer;
1683                 while (len < *lenp) {
1684                         if (get_user(c, p++))
1685                                 return -EFAULT;
1686                         if (c == 0 || c == '\n')
1687                                 break;
1688                         len++;
1689                 }
1690                 if (len >= maxlen)
1691                         len = maxlen-1;
1692                 if(copy_from_user(data, buffer, len))
1693                         return -EFAULT;
1694                 ((char *) data)[len] = 0;
1695                 *ppos += *lenp;
1696         } else {
1697                 len = strlen(data);
1698                 if (len > maxlen)
1699                         len = maxlen;
1700
1701                 if (*ppos > len) {
1702                         *lenp = 0;
1703                         return 0;
1704                 }
1705
1706                 data += *ppos;
1707                 len  -= *ppos;
1708
1709                 if (len > *lenp)
1710                         len = *lenp;
1711                 if (len)
1712                         if(copy_to_user(buffer, data, len))
1713                                 return -EFAULT;
1714                 if (len < *lenp) {
1715                         if(put_user('\n', ((char __user *) buffer) + len))
1716                                 return -EFAULT;
1717                         len++;
1718                 }
1719                 *lenp = len;
1720                 *ppos += len;
1721         }
1722         return 0;
1723 }
1724
1725 /**
1726  * proc_dostring - read a string sysctl
1727  * @table: the sysctl table
1728  * @write: %TRUE if this is a write to the sysctl file
1729  * @buffer: the user buffer
1730  * @lenp: the size of the user buffer
1731  * @ppos: file position
1732  *
1733  * Reads/writes a string from/to the user buffer. If the kernel
1734  * buffer provided is not large enough to hold the string, the
1735  * string is truncated. The copied string is %NULL-terminated.
1736  * If the string is being read by the user process, it is copied
1737  * and a newline '\n' is added. It is truncated if the buffer is
1738  * not large enough.
1739  *
1740  * Returns 0 on success.
1741  */
1742 int proc_dostring(struct ctl_table *table, int write,
1743                   void __user *buffer, size_t *lenp, loff_t *ppos)
1744 {
1745         return _proc_do_string(table->data, table->maxlen, write,
1746                                buffer, lenp, ppos);
1747 }
1748
1749 static size_t proc_skip_spaces(char **buf)
1750 {
1751         size_t ret;
1752         char *tmp = skip_spaces(*buf);
1753         ret = tmp - *buf;
1754         *buf = tmp;
1755         return ret;
1756 }
1757
1758 static void proc_skip_char(char **buf, size_t *size, const char v)
1759 {
1760         while (*size) {
1761                 if (**buf != v)
1762                         break;
1763                 (*size)--;
1764                 (*buf)++;
1765         }
1766 }
1767
1768 #define TMPBUFLEN 22
1769 /**
1770  * proc_get_long - reads an ASCII formatted integer from a user buffer
1771  *
1772  * @buf: a kernel buffer
1773  * @size: size of the kernel buffer
1774  * @val: this is where the number will be stored
1775  * @neg: set to %TRUE if number is negative
1776  * @perm_tr: a vector which contains the allowed trailers
1777  * @perm_tr_len: size of the perm_tr vector
1778  * @tr: pointer to store the trailer character
1779  *
1780  * In case of success %0 is returned and @buf and @size are updated with
1781  * the amount of bytes read. If @tr is non-NULL and a trailing
1782  * character exists (size is non-zero after returning from this
1783  * function), @tr is updated with the trailing character.
1784  */
1785 static int proc_get_long(char **buf, size_t *size,
1786                           unsigned long *val, bool *neg,
1787                           const char *perm_tr, unsigned perm_tr_len, char *tr)
1788 {
1789         int len;
1790         char *p, tmp[TMPBUFLEN];
1791
1792         if (!*size)
1793                 return -EINVAL;
1794
1795         len = *size;
1796         if (len > TMPBUFLEN - 1)
1797                 len = TMPBUFLEN - 1;
1798
1799         memcpy(tmp, *buf, len);
1800
1801         tmp[len] = 0;
1802         p = tmp;
1803         if (*p == '-' && *size > 1) {
1804                 *neg = true;
1805                 p++;
1806         } else
1807                 *neg = false;
1808         if (!isdigit(*p))
1809                 return -EINVAL;
1810
1811         *val = simple_strtoul(p, &p, 0);
1812
1813         len = p - tmp;
1814
1815         /* We don't know if the next char is whitespace thus we may accept
1816          * invalid integers (e.g. 1234...a) or two integers instead of one
1817          * (e.g. 123...1). So lets not allow such large numbers. */
1818         if (len == TMPBUFLEN - 1)
1819                 return -EINVAL;
1820
1821         if (len < *size && perm_tr_len && !memchr(perm_tr, *p, perm_tr_len))
1822                 return -EINVAL;
1823
1824         if (tr && (len < *size))
1825                 *tr = *p;
1826
1827         *buf += len;
1828         *size -= len;
1829
1830         return 0;
1831 }
1832
1833 /**
1834  * proc_put_long - converts an integer to a decimal ASCII formatted string
1835  *
1836  * @buf: the user buffer
1837  * @size: the size of the user buffer
1838  * @val: the integer to be converted
1839  * @neg: sign of the number, %TRUE for negative
1840  *
1841  * In case of success %0 is returned and @buf and @size are updated with
1842  * the amount of bytes written.
1843  */
1844 static int proc_put_long(void __user **buf, size_t *size, unsigned long val,
1845                           bool neg)
1846 {
1847         int len;
1848         char tmp[TMPBUFLEN], *p = tmp;
1849
1850         sprintf(p, "%s%lu", neg ? "-" : "", val);
1851         len = strlen(tmp);
1852         if (len > *size)
1853                 len = *size;
1854         if (copy_to_user(*buf, tmp, len))
1855                 return -EFAULT;
1856         *size -= len;
1857         *buf += len;
1858         return 0;
1859 }
1860 #undef TMPBUFLEN
1861
1862 static int proc_put_char(void __user **buf, size_t *size, char c)
1863 {
1864         if (*size) {
1865                 char __user **buffer = (char __user **)buf;
1866                 if (put_user(c, *buffer))
1867                         return -EFAULT;
1868                 (*size)--, (*buffer)++;
1869                 *buf = *buffer;
1870         }
1871         return 0;
1872 }
1873
1874 static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp,
1875                                  int *valp,
1876                                  int write, void *data)
1877 {
1878         if (write) {
1879                 *valp = *negp ? -*lvalp : *lvalp;
1880         } else {
1881                 int val = *valp;
1882                 if (val < 0) {
1883                         *negp = true;
1884                         *lvalp = (unsigned long)-val;
1885                 } else {
1886                         *negp = false;
1887                         *lvalp = (unsigned long)val;
1888                 }
1889         }
1890         return 0;
1891 }
1892
1893 static const char proc_wspace_sep[] = { ' ', '\t', '\n' };
1894
1895 static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table,
1896                   int write, void __user *buffer,
1897                   size_t *lenp, loff_t *ppos,
1898                   int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
1899                               int write, void *data),
1900                   void *data)
1901 {
1902         int *i, vleft, first = 1, err = 0;
1903         unsigned long page = 0;
1904         size_t left;
1905         char *kbuf;
1906         
1907         if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) {
1908                 *lenp = 0;
1909                 return 0;
1910         }
1911         
1912         i = (int *) tbl_data;
1913         vleft = table->maxlen / sizeof(*i);
1914         left = *lenp;
1915
1916         if (!conv)
1917                 conv = do_proc_dointvec_conv;
1918
1919         if (write) {
1920                 if (left > PAGE_SIZE - 1)
1921                         left = PAGE_SIZE - 1;
1922                 page = __get_free_page(GFP_TEMPORARY);
1923                 kbuf = (char *) page;
1924                 if (!kbuf)
1925                         return -ENOMEM;
1926                 if (copy_from_user(kbuf, buffer, left)) {
1927                         err = -EFAULT;
1928                         goto free;
1929                 }
1930                 kbuf[left] = 0;
1931         }
1932
1933         for (; left && vleft--; i++, first=0) {
1934                 unsigned long lval;
1935                 bool neg;
1936
1937                 if (write) {
1938                         left -= proc_skip_spaces(&kbuf);
1939
1940                         if (!left)
1941                                 break;
1942                         err = proc_get_long(&kbuf, &left, &lval, &neg,
1943                                              proc_wspace_sep,
1944                                              sizeof(proc_wspace_sep), NULL);
1945                         if (err)
1946                                 break;
1947                         if (conv(&neg, &lval, i, 1, data)) {
1948                                 err = -EINVAL;
1949                                 break;
1950                         }
1951                 } else {
1952                         if (conv(&neg, &lval, i, 0, data)) {
1953                                 err = -EINVAL;
1954                                 break;
1955                         }
1956                         if (!first)
1957                                 err = proc_put_char(&buffer, &left, '\t');
1958                         if (err)
1959                                 break;
1960                         err = proc_put_long(&buffer, &left, lval, neg);
1961                         if (err)
1962                                 break;
1963                 }
1964         }
1965
1966         if (!write && !first && left && !err)
1967                 err = proc_put_char(&buffer, &left, '\n');
1968         if (write && !err && left)
1969                 left -= proc_skip_spaces(&kbuf);
1970 free:
1971         if (write) {
1972                 free_page(page);
1973                 if (first)
1974                         return err ? : -EINVAL;
1975         }
1976         *lenp -= left;
1977         *ppos += *lenp;
1978         return err;
1979 }
1980
1981 static int do_proc_dointvec(struct ctl_table *table, int write,
1982                   void __user *buffer, size_t *lenp, loff_t *ppos,
1983                   int (*conv)(bool *negp, unsigned long *lvalp, int *valp,
1984                               int write, void *data),
1985                   void *data)
1986 {
1987         return __do_proc_dointvec(table->data, table, write,
1988                         buffer, lenp, ppos, conv, data);
1989 }
1990
1991 /**
1992  * proc_dointvec - read a vector of integers
1993  * @table: the sysctl table
1994  * @write: %TRUE if this is a write to the sysctl file
1995  * @buffer: the user buffer
1996  * @lenp: the size of the user buffer
1997  * @ppos: file position
1998  *
1999  * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2000  * values from/to the user buffer, treated as an ASCII string. 
2001  *
2002  * Returns 0 on success.
2003  */
2004 int proc_dointvec(struct ctl_table *table, int write,
2005                      void __user *buffer, size_t *lenp, loff_t *ppos)
2006 {
2007     return do_proc_dointvec(table,write,buffer,lenp,ppos,
2008                             NULL,NULL);
2009 }
2010
2011 /*
2012  * Taint values can only be increased
2013  * This means we can safely use a temporary.
2014  */
2015 static int proc_taint(struct ctl_table *table, int write,
2016                                void __user *buffer, size_t *lenp, loff_t *ppos)
2017 {
2018         struct ctl_table t;
2019         unsigned long tmptaint = get_taint();
2020         int err;
2021
2022         if (write && !capable(CAP_SYS_ADMIN))
2023                 return -EPERM;
2024
2025         t = *table;
2026         t.data = &tmptaint;
2027         err = proc_doulongvec_minmax(&t, write, buffer, lenp, ppos);
2028         if (err < 0)
2029                 return err;
2030
2031         if (write) {
2032                 /*
2033                  * Poor man's atomic or. Not worth adding a primitive
2034                  * to everyone's atomic.h for this
2035                  */
2036                 int i;
2037                 for (i = 0; i < BITS_PER_LONG && tmptaint >> i; i++) {
2038                         if ((tmptaint >> i) & 1)
2039                                 add_taint(i, LOCKDEP_STILL_OK);
2040                 }
2041         }
2042
2043         return err;
2044 }
2045
2046 #ifdef CONFIG_PRINTK
2047 static int proc_dointvec_minmax_sysadmin(struct ctl_table *table, int write,
2048                                 void __user *buffer, size_t *lenp, loff_t *ppos)
2049 {
2050         if (write && !capable(CAP_SYS_ADMIN))
2051                 return -EPERM;
2052
2053         return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2054 }
2055 #endif
2056
2057 struct do_proc_dointvec_minmax_conv_param {
2058         int *min;
2059         int *max;
2060 };
2061
2062 static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp,
2063                                         int *valp,
2064                                         int write, void *data)
2065 {
2066         struct do_proc_dointvec_minmax_conv_param *param = data;
2067         if (write) {
2068                 int val = *negp ? -*lvalp : *lvalp;
2069                 if ((param->min && *param->min > val) ||
2070                     (param->max && *param->max < val))
2071                         return -EINVAL;
2072                 *valp = val;
2073         } else {
2074                 int val = *valp;
2075                 if (val < 0) {
2076                         *negp = true;
2077                         *lvalp = (unsigned long)-val;
2078                 } else {
2079                         *negp = false;
2080                         *lvalp = (unsigned long)val;
2081                 }
2082         }
2083         return 0;
2084 }
2085
2086 /**
2087  * proc_dointvec_minmax - read a vector of integers with min/max values
2088  * @table: the sysctl table
2089  * @write: %TRUE if this is a write to the sysctl file
2090  * @buffer: the user buffer
2091  * @lenp: the size of the user buffer
2092  * @ppos: file position
2093  *
2094  * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2095  * values from/to the user buffer, treated as an ASCII string.
2096  *
2097  * This routine will ensure the values are within the range specified by
2098  * table->extra1 (min) and table->extra2 (max).
2099  *
2100  * Returns 0 on success.
2101  */
2102 int proc_dointvec_minmax(struct ctl_table *table, int write,
2103                   void __user *buffer, size_t *lenp, loff_t *ppos)
2104 {
2105         struct do_proc_dointvec_minmax_conv_param param = {
2106                 .min = (int *) table->extra1,
2107                 .max = (int *) table->extra2,
2108         };
2109         return do_proc_dointvec(table, write, buffer, lenp, ppos,
2110                                 do_proc_dointvec_minmax_conv, &param);
2111 }
2112
2113 static void validate_coredump_safety(void)
2114 {
2115 #ifdef CONFIG_COREDUMP
2116         if (suid_dumpable == SUID_DUMP_ROOT &&
2117             core_pattern[0] != '/' && core_pattern[0] != '|') {
2118                 printk(KERN_WARNING "Unsafe core_pattern used with "\
2119                         "suid_dumpable=2. Pipe handler or fully qualified "\
2120                         "core dump path required.\n");
2121         }
2122 #endif
2123 }
2124
2125 static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
2126                 void __user *buffer, size_t *lenp, loff_t *ppos)
2127 {
2128         int error = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
2129         if (!error)
2130                 validate_coredump_safety();
2131         return error;
2132 }
2133
2134 #ifdef CONFIG_COREDUMP
2135 static int proc_dostring_coredump(struct ctl_table *table, int write,
2136                   void __user *buffer, size_t *lenp, loff_t *ppos)
2137 {
2138         int error = proc_dostring(table, write, buffer, lenp, ppos);
2139         if (!error)
2140                 validate_coredump_safety();
2141         return error;
2142 }
2143 #endif
2144
2145 static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, int write,
2146                                      void __user *buffer,
2147                                      size_t *lenp, loff_t *ppos,
2148                                      unsigned long convmul,
2149                                      unsigned long convdiv)
2150 {
2151         unsigned long *i, *min, *max;
2152         int vleft, first = 1, err = 0;
2153         unsigned long page = 0;
2154         size_t left;
2155         char *kbuf;
2156
2157         if (!data || !table->maxlen || !*lenp || (*ppos && !write)) {
2158                 *lenp = 0;
2159                 return 0;
2160         }
2161
2162         i = (unsigned long *) data;
2163         min = (unsigned long *) table->extra1;
2164         max = (unsigned long *) table->extra2;
2165         vleft = table->maxlen / sizeof(unsigned long);
2166         left = *lenp;
2167
2168         if (write) {
2169                 if (left > PAGE_SIZE - 1)
2170                         left = PAGE_SIZE - 1;
2171                 page = __get_free_page(GFP_TEMPORARY);
2172                 kbuf = (char *) page;
2173                 if (!kbuf)
2174                         return -ENOMEM;
2175                 if (copy_from_user(kbuf, buffer, left)) {
2176                         err = -EFAULT;
2177                         goto free;
2178                 }
2179                 kbuf[left] = 0;
2180         }
2181
2182         for (; left && vleft--; i++, first = 0) {
2183                 unsigned long val;
2184
2185                 if (write) {
2186                         bool neg;
2187
2188                         left -= proc_skip_spaces(&kbuf);
2189
2190                         err = proc_get_long(&kbuf, &left, &val, &neg,
2191                                              proc_wspace_sep,
2192                                              sizeof(proc_wspace_sep), NULL);
2193                         if (err)
2194                                 break;
2195                         if (neg)
2196                                 continue;
2197                         if ((min && val < *min) || (max && val > *max))
2198                                 continue;
2199                         *i = val;
2200                 } else {
2201                         val = convdiv * (*i) / convmul;
2202                         if (!first)
2203                                 err = proc_put_char(&buffer, &left, '\t');
2204                         err = proc_put_long(&buffer, &left, val, false);
2205                         if (err)
2206                                 break;
2207                 }
2208         }
2209
2210         if (!write && !first && left && !err)
2211                 err = proc_put_char(&buffer, &left, '\n');
2212         if (write && !err)
2213                 left -= proc_skip_spaces(&kbuf);
2214 free:
2215         if (write) {
2216                 free_page(page);
2217                 if (first)
2218                         return err ? : -EINVAL;
2219         }
2220         *lenp -= left;
2221         *ppos += *lenp;
2222         return err;
2223 }
2224
2225 static int do_proc_doulongvec_minmax(struct ctl_table *table, int write,
2226                                      void __user *buffer,
2227                                      size_t *lenp, loff_t *ppos,
2228                                      unsigned long convmul,
2229                                      unsigned long convdiv)
2230 {
2231         return __do_proc_doulongvec_minmax(table->data, table, write,
2232                         buffer, lenp, ppos, convmul, convdiv);
2233 }
2234
2235 /**
2236  * proc_doulongvec_minmax - read a vector of long integers with min/max values
2237  * @table: the sysctl table
2238  * @write: %TRUE if this is a write to the sysctl file
2239  * @buffer: the user buffer
2240  * @lenp: the size of the user buffer
2241  * @ppos: file position
2242  *
2243  * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2244  * values from/to the user buffer, treated as an ASCII string.
2245  *
2246  * This routine will ensure the values are within the range specified by
2247  * table->extra1 (min) and table->extra2 (max).
2248  *
2249  * Returns 0 on success.
2250  */
2251 int proc_doulongvec_minmax(struct ctl_table *table, int write,
2252                            void __user *buffer, size_t *lenp, loff_t *ppos)
2253 {
2254     return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l);
2255 }
2256
2257 /**
2258  * proc_doulongvec_ms_jiffies_minmax - read a vector of millisecond values with min/max values
2259  * @table: the sysctl table
2260  * @write: %TRUE if this is a write to the sysctl file
2261  * @buffer: the user buffer
2262  * @lenp: the size of the user buffer
2263  * @ppos: file position
2264  *
2265  * Reads/writes up to table->maxlen/sizeof(unsigned long) unsigned long
2266  * values from/to the user buffer, treated as an ASCII string. The values
2267  * are treated as milliseconds, and converted to jiffies when they are stored.
2268  *
2269  * This routine will ensure the values are within the range specified by
2270  * table->extra1 (min) and table->extra2 (max).
2271  *
2272  * Returns 0 on success.
2273  */
2274 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
2275                                       void __user *buffer,
2276                                       size_t *lenp, loff_t *ppos)
2277 {
2278     return do_proc_doulongvec_minmax(table, write, buffer,
2279                                      lenp, ppos, HZ, 1000l);
2280 }
2281
2282
2283 static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp,
2284                                          int *valp,
2285                                          int write, void *data)
2286 {
2287         if (write) {
2288                 if (*lvalp > LONG_MAX / HZ)
2289                         return 1;
2290                 *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ);
2291         } else {
2292                 int val = *valp;
2293                 unsigned long lval;
2294                 if (val < 0) {
2295                         *negp = true;
2296                         lval = (unsigned long)-val;
2297                 } else {
2298                         *negp = false;
2299                         lval = (unsigned long)val;
2300                 }
2301                 *lvalp = lval / HZ;
2302         }
2303         return 0;
2304 }
2305
2306 static int do_proc_dointvec_userhz_jiffies_conv(bool *negp, unsigned long *lvalp,
2307                                                 int *valp,
2308                                                 int write, void *data)
2309 {
2310         if (write) {
2311                 if (USER_HZ < HZ && *lvalp > (LONG_MAX / HZ) * USER_HZ)
2312                         return 1;
2313                 *valp = clock_t_to_jiffies(*negp ? -*lvalp : *lvalp);
2314         } else {
2315                 int val = *valp;
2316                 unsigned long lval;
2317                 if (val < 0) {
2318                         *negp = true;
2319                         lval = (unsigned long)-val;
2320                 } else {
2321                         *negp = false;
2322                         lval = (unsigned long)val;
2323                 }
2324                 *lvalp = jiffies_to_clock_t(lval);
2325         }
2326         return 0;
2327 }
2328
2329 static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp,
2330                                             int *valp,
2331                                             int write, void *data)
2332 {
2333         if (write) {
2334                 *valp = msecs_to_jiffies(*negp ? -*lvalp : *lvalp);
2335         } else {
2336                 int val = *valp;
2337                 unsigned long lval;
2338                 if (val < 0) {
2339                         *negp = true;
2340                         lval = (unsigned long)-val;
2341                 } else {
2342                         *negp = false;
2343                         lval = (unsigned long)val;
2344                 }
2345                 *lvalp = jiffies_to_msecs(lval);
2346         }
2347         return 0;
2348 }
2349
2350 /**
2351  * proc_dointvec_jiffies - read a vector of integers as seconds
2352  * @table: the sysctl table
2353  * @write: %TRUE if this is a write to the sysctl file
2354  * @buffer: the user buffer
2355  * @lenp: the size of the user buffer
2356  * @ppos: file position
2357  *
2358  * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2359  * values from/to the user buffer, treated as an ASCII string. 
2360  * The values read are assumed to be in seconds, and are converted into
2361  * jiffies.
2362  *
2363  * Returns 0 on success.
2364  */
2365 int proc_dointvec_jiffies(struct ctl_table *table, int write,
2366                           void __user *buffer, size_t *lenp, loff_t *ppos)
2367 {
2368     return do_proc_dointvec(table,write,buffer,lenp,ppos,
2369                             do_proc_dointvec_jiffies_conv,NULL);
2370 }
2371
2372 /**
2373  * proc_dointvec_userhz_jiffies - read a vector of integers as 1/USER_HZ seconds
2374  * @table: the sysctl table
2375  * @write: %TRUE if this is a write to the sysctl file
2376  * @buffer: the user buffer
2377  * @lenp: the size of the user buffer
2378  * @ppos: pointer to the file position
2379  *
2380  * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2381  * values from/to the user buffer, treated as an ASCII string. 
2382  * The values read are assumed to be in 1/USER_HZ seconds, and 
2383  * are converted into jiffies.
2384  *
2385  * Returns 0 on success.
2386  */
2387 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
2388                                  void __user *buffer, size_t *lenp, loff_t *ppos)
2389 {
2390     return do_proc_dointvec(table,write,buffer,lenp,ppos,
2391                             do_proc_dointvec_userhz_jiffies_conv,NULL);
2392 }
2393
2394 /**
2395  * proc_dointvec_ms_jiffies - read a vector of integers as 1 milliseconds
2396  * @table: the sysctl table
2397  * @write: %TRUE if this is a write to the sysctl file
2398  * @buffer: the user buffer
2399  * @lenp: the size of the user buffer
2400  * @ppos: file position
2401  * @ppos: the current position in the file
2402  *
2403  * Reads/writes up to table->maxlen/sizeof(unsigned int) integer
2404  * values from/to the user buffer, treated as an ASCII string. 
2405  * The values read are assumed to be in 1/1000 seconds, and 
2406  * are converted into jiffies.
2407  *
2408  * Returns 0 on success.
2409  */
2410 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
2411                              void __user *buffer, size_t *lenp, loff_t *ppos)
2412 {
2413         return do_proc_dointvec(table, write, buffer, lenp, ppos,
2414                                 do_proc_dointvec_ms_jiffies_conv, NULL);
2415 }
2416
2417 static int proc_do_cad_pid(struct ctl_table *table, int write,
2418                            void __user *buffer, size_t *lenp, loff_t *ppos)
2419 {
2420         struct pid *new_pid;
2421         pid_t tmp;
2422         int r;
2423
2424         tmp = pid_vnr(cad_pid);
2425
2426         r = __do_proc_dointvec(&tmp, table, write, buffer,
2427                                lenp, ppos, NULL, NULL);
2428         if (r || !write)
2429                 return r;
2430
2431         new_pid = find_get_pid(tmp);
2432         if (!new_pid)
2433                 return -ESRCH;
2434
2435         put_pid(xchg(&cad_pid, new_pid));
2436         return 0;
2437 }
2438
2439 /**
2440  * proc_do_large_bitmap - read/write from/to a large bitmap
2441  * @table: the sysctl table
2442  * @write: %TRUE if this is a write to the sysctl file
2443  * @buffer: the user buffer
2444  * @lenp: the size of the user buffer
2445  * @ppos: file position
2446  *
2447  * The bitmap is stored at table->data and the bitmap length (in bits)
2448  * in table->maxlen.
2449  *
2450  * We use a range comma separated format (e.g. 1,3-4,10-10) so that
2451  * large bitmaps may be represented in a compact manner. Writing into
2452  * the file will clear the bitmap then update it with the given input.
2453  *
2454  * Returns 0 on success.
2455  */
2456 int proc_do_large_bitmap(struct ctl_table *table, int write,
2457                          void __user *buffer, size_t *lenp, loff_t *ppos)
2458 {
2459         int err = 0;
2460         bool first = 1;
2461         size_t left = *lenp;
2462         unsigned long bitmap_len = table->maxlen;
2463         unsigned long *bitmap = (unsigned long *) table->data;
2464         unsigned long *tmp_bitmap = NULL;
2465         char tr_a[] = { '-', ',', '\n' }, tr_b[] = { ',', '\n', 0 }, c;
2466
2467         if (!bitmap_len || !left || (*ppos && !write)) {
2468                 *lenp = 0;
2469                 return 0;
2470         }
2471
2472         if (write) {
2473                 unsigned long page = 0;
2474                 char *kbuf;
2475
2476                 if (left > PAGE_SIZE - 1)
2477                         left = PAGE_SIZE - 1;
2478
2479                 page = __get_free_page(GFP_TEMPORARY);
2480                 kbuf = (char *) page;
2481                 if (!kbuf)
2482                         return -ENOMEM;
2483                 if (copy_from_user(kbuf, buffer, left)) {
2484                         free_page(page);
2485                         return -EFAULT;
2486                 }
2487                 kbuf[left] = 0;
2488
2489                 tmp_bitmap = kzalloc(BITS_TO_LONGS(bitmap_len) * sizeof(unsigned long),
2490                                      GFP_KERNEL);
2491                 if (!tmp_bitmap) {
2492                         free_page(page);
2493                         return -ENOMEM;
2494                 }
2495                 proc_skip_char(&kbuf, &left, '\n');
2496                 while (!err && left) {
2497                         unsigned long val_a, val_b;
2498                         bool neg;
2499
2500                         err = proc_get_long(&kbuf, &left, &val_a, &neg, tr_a,
2501                                              sizeof(tr_a), &c);
2502                         if (err)
2503                                 break;
2504                         if (val_a >= bitmap_len || neg) {
2505                                 err = -EINVAL;
2506                                 break;
2507                         }
2508
2509                         val_b = val_a;
2510                         if (left) {
2511                                 kbuf++;
2512                                 left--;
2513                         }
2514
2515                         if (c == '-') {
2516                                 err = proc_get_long(&kbuf, &left, &val_b,
2517                                                      &neg, tr_b, sizeof(tr_b),
2518                                                      &c);
2519                                 if (err)
2520                                         break;
2521                                 if (val_b >= bitmap_len || neg ||
2522                                     val_a > val_b) {
2523                                         err = -EINVAL;
2524                                         break;
2525                                 }
2526                                 if (left) {
2527                                         kbuf++;
2528                                         left--;
2529                                 }
2530                         }
2531
2532                         bitmap_set(tmp_bitmap, val_a, val_b - val_a + 1);
2533                         first = 0;
2534                         proc_skip_char(&kbuf, &left, '\n');
2535                 }
2536                 free_page(page);
2537         } else {
2538                 unsigned long bit_a, bit_b = 0;
2539
2540                 while (left) {
2541                         bit_a = find_next_bit(bitmap, bitmap_len, bit_b);
2542                         if (bit_a >= bitmap_len)
2543                                 break;
2544                         bit_b = find_next_zero_bit(bitmap, bitmap_len,
2545                                                    bit_a + 1) - 1;
2546
2547                         if (!first) {
2548                                 err = proc_put_char(&buffer, &left, ',');
2549                                 if (err)
2550                                         break;
2551                         }
2552                         err = proc_put_long(&buffer, &left, bit_a, false);
2553                         if (err)
2554                                 break;
2555                         if (bit_a != bit_b) {
2556                                 err = proc_put_char(&buffer, &left, '-');
2557                                 if (err)
2558                                         break;
2559                                 err = proc_put_long(&buffer, &left, bit_b, false);
2560                                 if (err)
2561                                         break;
2562                         }
2563
2564                         first = 0; bit_b++;
2565                 }
2566                 if (!err)
2567                         err = proc_put_char(&buffer, &left, '\n');
2568         }
2569
2570         if (!err) {
2571                 if (write) {
2572                         if (*ppos)
2573                                 bitmap_or(bitmap, bitmap, tmp_bitmap, bitmap_len);
2574                         else
2575                                 bitmap_copy(bitmap, tmp_bitmap, bitmap_len);
2576                 }
2577                 kfree(tmp_bitmap);
2578                 *lenp -= left;
2579                 *ppos += *lenp;
2580                 return 0;
2581         } else {
2582                 kfree(tmp_bitmap);
2583                 return err;
2584         }
2585 }
2586
2587 #else /* CONFIG_PROC_SYSCTL */
2588
2589 int proc_dostring(struct ctl_table *table, int write,
2590                   void __user *buffer, size_t *lenp, loff_t *ppos)
2591 {
2592         return -ENOSYS;
2593 }
2594
2595 int proc_dointvec(struct ctl_table *table, int write,
2596                   void __user *buffer, size_t *lenp, loff_t *ppos)
2597 {
2598         return -ENOSYS;
2599 }
2600
2601 int proc_dointvec_minmax(struct ctl_table *table, int write,
2602                     void __user *buffer, size_t *lenp, loff_t *ppos)
2603 {
2604         return -ENOSYS;
2605 }
2606
2607 int proc_dointvec_jiffies(struct ctl_table *table, int write,
2608                     void __user *buffer, size_t *lenp, loff_t *ppos)
2609 {
2610         return -ENOSYS;
2611 }
2612
2613 int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write,
2614                     void __user *buffer, size_t *lenp, loff_t *ppos)
2615 {
2616         return -ENOSYS;
2617 }
2618
2619 int proc_dointvec_ms_jiffies(struct ctl_table *table, int write,
2620                              void __user *buffer, size_t *lenp, loff_t *ppos)
2621 {
2622         return -ENOSYS;
2623 }
2624
2625 int proc_doulongvec_minmax(struct ctl_table *table, int write,
2626                     void __user *buffer, size_t *lenp, loff_t *ppos)
2627 {
2628         return -ENOSYS;
2629 }
2630
2631 int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write,
2632                                       void __user *buffer,
2633                                       size_t *lenp, loff_t *ppos)
2634 {
2635     return -ENOSYS;
2636 }
2637
2638
2639 #endif /* CONFIG_PROC_SYSCTL */
2640
2641 /*
2642  * No sense putting this after each symbol definition, twice,
2643  * exception granted :-)
2644  */
2645 EXPORT_SYMBOL(proc_dointvec);
2646 EXPORT_SYMBOL(proc_dointvec_jiffies);
2647 EXPORT_SYMBOL(proc_dointvec_minmax);
2648 EXPORT_SYMBOL(proc_dointvec_userhz_jiffies);
2649 EXPORT_SYMBOL(proc_dointvec_ms_jiffies);
2650 EXPORT_SYMBOL(proc_dostring);
2651 EXPORT_SYMBOL(proc_doulongvec_minmax);
2652 EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax);