diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 19:40:15 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 19:40:15 +0000 |
commit | 399644e47874bff147afb19c89228901ac39340e (patch) | |
tree | 1c4c0b733f4c16b5783b41bebb19194a9ef62ad1 /man5/proc.5 | |
parent | Initial commit. (diff) | |
download | manpages-399644e47874bff147afb19c89228901ac39340e.tar.xz manpages-399644e47874bff147afb19c89228901ac39340e.zip |
Adding upstream version 6.05.01.upstream/6.05.01
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man5/proc.5')
-rw-r--r-- | man5/proc.5 | 6965 |
1 files changed, 6965 insertions, 0 deletions
diff --git a/man5/proc.5 b/man5/proc.5 new file mode 100644 index 0000000..9a48841 --- /dev/null +++ b/man5/proc.5 @@ -0,0 +1,6965 @@ +'\" t +.\" Copyright (C) 1994, 1995 by Daniel Quinlan (quinlan@yggdrasil.com) +.\" and Copyright (C) 2002-2008,2017 Michael Kerrisk <mtk.manpages@gmail.com> +.\" with networking additions from Alan Cox (A.Cox@swansea.ac.uk) +.\" and scsi additions from Michael Neuffer (neuffer@mail.uni-mainz.de) +.\" and sysctl additions from Andries Brouwer (aeb@cwi.nl) +.\" and System V IPC (as well as various other) additions from +.\" Michael Kerrisk <mtk.manpages@gmail.com> +.\" +.\" SPDX-License-Identifier: GPL-2.0-or-later +.\" +.\" Modified 1995-05-17 by faith@cs.unc.edu +.\" Minor changes by aeb and Marty Leisner (leisner@sdsp.mc.xerox.com). +.\" Modified 1996-04-13, 1996-07-22 by aeb@cwi.nl +.\" Modified 2001-12-16 by rwhron@earthlink.net +.\" Modified 2002-07-13 by jbelton@shaw.ca +.\" Modified 2002-07-22, 2003-05-27, 2004-04-06, 2004-05-25 +.\" by Michael Kerrisk <mtk.manpages@gmail.com> +.\" 2004-11-17, mtk -- updated notes on /proc/loadavg +.\" 2004-12-01, mtk, rtsig-max and rtsig-nr went away in Linux 2.6.8 +.\" 2004-12-14, mtk, updated 'statm', and fixed error in order of list +.\" 2005-05-12, mtk, updated 'stat' +.\" 2005-07-13, mtk, added /proc/sys/fs/mqueue/* +.\" 2005-09-16, mtk, Added /proc/sys/fs/suid_dumpable +.\" 2005-09-19, mtk, added /proc/zoneinfo +.\" 2005-03-01, mtk, moved /proc/sys/fs/mqueue/* material to mq_overview.7. +.\" 2008-06-05, mtk, Added /proc/[pid]/oom_score, /proc/[pid]/oom_adj, +.\" /proc/[pid]/limits, /proc/[pid]/mountinfo, /proc/[pid]/mountstats, +.\" and /proc/[pid]/fdinfo/*. +.\" 2008-06-19, mtk, Documented /proc/[pid]/status. +.\" 2008-07-15, mtk, added /proc/config.gz +.\" +.\" FIXME cross check against Documentation/filesystems/proc.txt +.\" to see what information could be imported from that file +.\" into this file. +.\" +.TH proc 5 2023-07-08 "Linux man-pages 6.05.01" +.SH NAME +proc \- process information, system information, and sysctl pseudo-filesystem +.SH DESCRIPTION +The +.B proc +filesystem is a pseudo-filesystem which provides an interface to +kernel data structures. +It is commonly mounted at +.IR /proc . +Typically, it is mounted automatically by the system, +but it can also be mounted manually using a command such as: +.PP +.in +4n +.EX +mount \-t proc proc /proc +.EE +.in +.PP +Most of the files in the +.B proc +filesystem are read-only, +but some files are writable, allowing kernel variables to be changed. +.\" +.SS Mount options +The +.B proc +filesystem supports the following mount options: +.TP +.BR hidepid "=\fIn\fP (since Linux 3.3)" +.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201 +This option controls who can access the information in +.IR /proc/ pid +directories. +The argument, +.IR n , +is one of the following values: +.RS +.TP 4 +0 +Everybody may access all +.IR /proc/ pid +directories. +This is the traditional behavior, +and the default if this mount option is not specified. +.TP +1 +Users may not access files and subdirectories inside any +.IR /proc/ pid +directories but their own (the +.IR /proc/ pid +directories themselves remain visible). +Sensitive files such as +.IR /proc/ pid /cmdline +and +.IR /proc/ pid /status +are now protected against other users. +This makes it impossible to learn whether any user is running a +specific program +(so long as the program doesn't otherwise reveal itself by its behavior). +.\" As an additional bonus, since +.\" .IR /proc/[pid]/cmdline +.\" is inaccessible for other users, +.\" poorly written programs passing sensitive information via +.\" program arguments are now protected against local eavesdroppers. +.TP +2 +As for mode 1, but in addition the +.IR /proc/ pid +directories belonging to other users become invisible. +This means that +.IR /proc/ pid +entries can no longer be used to discover the PIDs on the system. +This doesn't hide the fact that a process with a specific PID value exists +(it can be learned by other means, for example, by "kill \-0 $PID"), +but it hides a process's UID and GID, +which could otherwise be learned by employing +.BR stat (2) +on a +.IR /proc/ pid +directory. +This greatly complicates an attacker's task of gathering +information about running processes (e.g., discovering whether +some daemon is running with elevated privileges, +whether another user is running some sensitive program, +whether other users are running any program at all, and so on). +.RE +.TP +.BR gid "=\fIgid\fP (since Linux 3.3)" +.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201 +Specifies the ID of a group whose members are authorized to +learn process information otherwise prohibited by +.B hidepid +(i.e., users in this group behave as though +.I /proc +was mounted with +.IR hidepid=0 ). +This group should be used instead of approaches such as putting +nonroot users into the +.BR sudoers (5) +file. +.\" +.SS Overview +Underneath +.IR /proc , +there are the following general groups of files and subdirectories: +.TP +.IR /proc/ "pid subdirectories" +Each one of these subdirectories contains files and subdirectories +exposing information about the process with the corresponding process ID. +.IP +Underneath each of the +.IR /proc/ pid +directories, a +.I task +subdirectory contains subdirectories of the form +.IR task/ tid, +which contain corresponding information about each of the threads +in the process, where +.I tid +is the kernel thread ID of the thread. +.IP +The +.IR /proc/ pid +subdirectories are visible when iterating through +.I /proc +with +.BR getdents (2) +(and thus are visible when one uses +.BR ls (1) +to view the contents of +.IR /proc ). +.TP +.IR /proc/ "tid subdirectories" +Each one of these subdirectories contains files and subdirectories +exposing information about the thread with the corresponding thread ID. +The contents of these directories are the same as the corresponding +.IR /proc/ pid /task/ tid +directories. +.IP +The +.IR /proc/ tid +subdirectories are +.I not +visible when iterating through +.I /proc +with +.BR getdents (2) +(and thus are +.I not +visible when one uses +.BR ls (1) +to view the contents of +.IR /proc ). +.TP +.I /proc/self +When a process accesses this magic symbolic link, +it resolves to the process's own +.IR /proc/ pid +directory. +.TP +.I /proc/thread\-self +When a thread accesses this magic symbolic link, +it resolves to the process's own +.IR /proc/self/task/ tid +directory. +.TP +.I /proc/[a\-z]* +Various other files and subdirectories under +.I /proc +expose system-wide information. +.PP +All of the above are described in more detail below. +.\" +.SS Files and directories +The following list provides details of many of the files and directories +under the +.I /proc +hierarchy. +.TP +.IR /proc/ pid +There is a numerical subdirectory for each running process; the +subdirectory is named by the process ID. +Each +.IR /proc/ pid +subdirectory contains the pseudo-files and directories described below. +.IP +The files inside each +.IR /proc/ pid +directory are normally owned by the effective user and +effective group ID of the process. +However, as a security measure, the ownership is made +.I root:root +if the process's "dumpable" attribute is set to a value other than 1. +.IP +Before Linux 4.11, +.\" commit 68eb94f16227336a5773b83ecfa8290f1d6b78ce +.I root:root +meant the "global" root user ID and group ID +(i.e., UID 0 and GID 0 in the initial user namespace). +Since Linux 4.11, +if the process is in a noninitial user namespace that has a +valid mapping for user (group) ID 0 inside the namespace, then +the user (group) ownership of the files under +.IR /proc/ pid +is instead made the same as the root user (group) ID of the namespace. +This means that inside a container, +things work as expected for the container "root" user. +.IP +The process's "dumpable" attribute may change for the following reasons: +.RS +.IP \[bu] 3 +The attribute was explicitly set via the +.BR prctl (2) +.B PR_SET_DUMPABLE +operation. +.IP \[bu] +The attribute was reset to the value in the file +.I /proc/sys/fs/suid_dumpable +(described below), for the reasons described in +.BR prctl (2). +.RE +.IP +Resetting the "dumpable" attribute to 1 reverts the ownership of the +.IR /proc/ pid /* +files to the process's effective UID and GID. +Note, however, that if the effective UID or GID is subsequently modified, +then the "dumpable" attribute may be reset, as described in +.BR prctl (2). +Therefore, it may be desirable to reset the "dumpable" attribute +.I after +making any desired changes to the process's effective UID or GID. +.TP +.IR /proc/ pid /attr +.\" https://lwn.net/Articles/28222/ +.\" From: Stephen Smalley <sds@epoch.ncsc.mil> +.\" To: LKML and others +.\" Subject: [RFC][PATCH] Process Attribute API for Security Modules +.\" Date: 08 Apr 2003 16:17:52 -0400 +.\" +.\" http://www.nsa.gov/research/_files/selinux/papers/module/x362.shtml +.\" +The files in this directory provide an API for security modules. +The contents of this directory are files that can be read and written +in order to set security-related attributes. +This directory was added to support SELinux, +but the intention was that the API be general enough to support +other security modules. +For the purpose of explanation, +examples of how SELinux uses these files are provided below. +.IP +This directory is present only if the kernel was configured with +.BR CONFIG_SECURITY . +.TP +.IR /proc/ pid /attr/current " (since Linux 2.6.0)" +The contents of this file represent the current +security attributes of the process. +.IP +In SELinux, this file is used to get the security context of a process. +Prior to Linux 2.6.11, this file could not be used to set the security +context (a write was always denied), since SELinux limited process security +transitions to +.BR execve (2) +(see the description of +.IR /proc/ pid /attr/exec , +below). +Since Linux 2.6.11, SELinux lifted this restriction and began supporting +"set" operations via writes to this node if authorized by policy, +although use of this operation is only suitable for applications that are +trusted to maintain any desired separation between the old and new security +contexts. +.IP +Prior to Linux 2.6.28, SELinux did not allow threads within a +multithreaded process to set their security context via this node +as it would yield an inconsistency among the security contexts of the +threads sharing the same memory space. +Since Linux 2.6.28, SELinux lifted +this restriction and began supporting "set" operations for threads within +a multithreaded process if the new security context is bounded by the old +security context, where the bounded relation is defined in policy and +guarantees that the new security context has a subset of the permissions +of the old security context. +.IP +Other security modules may choose to support "set" operations via +writes to this node. +.TP +.IR /proc/ pid /attr/exec " (since Linux 2.6.0)" +This file represents the attributes to assign to the +process upon a subsequent +.BR execve (2). +.IP +In SELinux, +this is needed to support role/domain transitions, and +.BR execve (2) +is the preferred point to make such transitions because it offers better +control over the initialization of the process in the new security label +and the inheritance of state. +In SELinux, this attribute is reset on +.BR execve (2) +so that the new program reverts to the default behavior for any +.BR execve (2) +calls that it may make. +In SELinux, a process can set +only its own +.IR /proc/ pid /attr/exec +attribute. +.TP +.IR /proc/ pid /attr/fscreate " (since Linux 2.6.0)" +This file represents the attributes to assign to files +created by subsequent calls to +.BR open (2), +.BR mkdir (2), +.BR symlink (2), +and +.BR mknod (2) +.IP +SELinux employs this file to support creation of a file +(using the aforementioned system calls) +in a secure state, +so that there is no risk of inappropriate access being obtained +between the time of creation and the time that attributes are set. +In SELinux, this attribute is reset on +.BR execve (2), +so that the new program reverts to the default behavior for +any file creation calls it may make, but the attribute will persist +across multiple file creation calls within a program unless it is +explicitly reset. +In SELinux, a process can set only its own +.IR /proc/ pid /attr/fscreate +attribute. +.TP +.IR /proc/ pid /attr/keycreate " (since Linux 2.6.18)" +.\" commit 4eb582cf1fbd7b9e5f466e3718a59c957e75254e +If a process writes a security context into this file, +all subsequently created keys +.RB ( add_key (2)) +will be labeled with this context. +For further information, see the kernel source file +.I Documentation/security/keys/core.rst +(or file +.\" commit b68101a1e8f0263dbc7b8375d2a7c57c6216fb76 +.I Documentation/security/keys.txt +between Linux 3.0 and Linux 4.13, or +.\" commit d410fa4ef99112386de5f218dd7df7b4fca910b4 +.I Documentation/keys.txt +before Linux 3.0). +.TP +.IR /proc/ pid /attr/prev " (since Linux 2.6.0)" +This file contains the security context of the process before the last +.BR execve (2); +that is, the previous value of +.IR /proc/ pid /attr/current . +.TP +.IR /proc/ pid /attr/socketcreate " (since Linux 2.6.18)" +.\" commit 42c3e03ef6b298813557cdb997bd6db619cd65a2 +If a process writes a security context into this file, +all subsequently created sockets will be labeled with this context. +.TP +.IR /proc/ pid /autogroup " (since Linux 2.6.38)" +.\" commit 5091faa449ee0b7d73bc296a93bca9540fc51d0a +See +.BR sched (7). +.TP +.IR /proc/ pid /auxv " (since Linux 2.6.0)" +.\" Precisely: Linux 2.6.0-test7 +This contains the contents of the ELF interpreter information passed +to the process at exec time. +The format is one \fIunsigned long\fP ID +plus one \fIunsigned long\fP value for each entry. +The last entry contains two zeros. +See also +.BR getauxval (3). +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /cgroup " (since Linux 2.6.24)" +See +.BR cgroups (7). +.TP +.IR /proc/ pid /clear_refs " (since Linux 2.6.22)" +.\" commit b813e931b4c8235bb42e301096ea97dbdee3e8fe (2.6.22) +.\" commit 398499d5f3613c47f2143b8c54a04efb5d7a6da9 (2.6.32) +.\" commit 040fa02077de01c7e08fa75be6125e4ca5636011 (3.11) +.\" +.\" "Clears page referenced bits shown in smaps output" +.\" write-only, writable only by the owner of the process +.IP +This is a write-only file, writable only by owner of the process. +.IP +The following values may be written to the file: +.RS +.TP +1 (since Linux 2.6.22) +.\" Internally: CLEAR_REFS_ALL +Reset the PG_Referenced and ACCESSED/YOUNG +bits for all the pages associated with the process. +(Before Linux 2.6.32, writing any nonzero value to this file +had this effect.) +.TP +2 (since Linux 2.6.32) +.\" Internally: CLEAR_REFS_ANON +Reset the PG_Referenced and ACCESSED/YOUNG +bits for all anonymous pages associated with the process. +.TP +3 (since Linux 2.6.32) +.\" Internally: CLEAR_REFS_MAPPED +Reset the PG_Referenced and ACCESSED/YOUNG +bits for all file-mapped pages associated with the process. +.RE +.IP +Clearing the PG_Referenced and ACCESSED/YOUNG bits provides a method +to measure approximately how much memory a process is using. +One first inspects the values in the "Referenced" fields +for the VMAs shown in +.IR /proc/ pid /smaps +to get an idea of the memory footprint of the +process. +One then clears the PG_Referenced and ACCESSED/YOUNG bits +and, after some measured time interval, +once again inspects the values in the "Referenced" fields +to get an idea of the change in memory footprint of the +process during the measured interval. +If one is interested only in inspecting the selected mapping types, +then the value 2 or 3 can be used instead of 1. +.IP +Further values can be written to affect different properties: +.RS +.TP +4 (since Linux 3.11) +Clear the soft-dirty bit for all the pages associated with the process. +.\" Internally: CLEAR_REFS_SOFT_DIRTY +This is used (in conjunction with +.IR /proc/ pid /pagemap ) +by the check-point restore system to discover which pages of a process +have been dirtied since the file +.IR /proc/ pid /clear_refs +was written to. +.TP +5 (since Linux 4.0) +.\" Internally: CLEAR_REFS_MM_HIWATER_RSS +Reset the peak resident set size ("high water mark") to the process's +current resident set size value. +.RE +.IP +Writing any value to +.IR /proc/ pid /clear_refs +other than those listed above has no effect. +.IP +The +.IR /proc/ pid /clear_refs +file is present only if the +.B CONFIG_PROC_PAGE_MONITOR +kernel configuration option is enabled. +.TP +.IR /proc/ pid /cmdline +This read-only file holds the complete command line for the process, +unless the process is a zombie. +.\" In Linux 2.3.26, this also used to be true if the process was swapped out. +In the latter case, there is nothing in this file: +that is, a read on this file will return 0 characters. +.IP +For processes which are still running, +the command-line arguments appear in this file +in the same layout as they do in process memory: +If the process is well-behaved, +it is a set of strings separated by null bytes (\[aq]\e0\[aq]), +with a further null byte after the last string. +.IP +This is the common case, +but processes have the freedom to +override the memory region and +break assumptions about the contents or format of the +.IR /proc/ pid /cmdline +file. +.IP +If, after an +.BR execve (2), +the process modifies its +.I argv +strings, those changes will show up here. +This is not the same thing as modifying the +.I argv +array. +.IP +Furthermore, a process may change the memory location that this file refers via +.BR prctl (2) +operations such as +.BR PR_SET_MM_ARG_START . +.IP +Think of this file as the command line that the process wants you to see. +.TP +.IR /proc/ pid /comm " (since Linux 2.6.33)" +.\" commit 4614a696bd1c3a9af3a08f0e5874830a85b889d4 +This file exposes the process's +.I comm +value\[em]that is, the command name associated with the process. +Different threads in the same process may have different +.I comm +values, accessible via +.IR /proc/ pid /task/ tid /comm . +A thread may modify its +.I comm +value, or that of any of other thread in the same thread group (see +the discussion of +.B CLONE_THREAD +in +.BR clone (2)), +by writing to the file +.IR /proc/self/task/ tid /comm . +Strings longer than +.B TASK_COMM_LEN +(16) characters (including the terminating null byte) are silently truncated. +.IP +This file provides a superset of the +.BR prctl (2) +.B PR_SET_NAME +and +.B PR_GET_NAME +operations, and is employed by +.BR pthread_setname_np (3) +when used to rename threads other than the caller. +The value in this file is used for the +.I %e +specifier in +.IR /proc/sys/kernel/core_pattern ; +see +.BR core (5). +.TP +.IR /proc/ pid /coredump_filter " (since Linux 2.6.23)" +See +.BR core (5). +.TP +.IR /proc/ pid /cpuset " (since Linux 2.6.12)" +.\" and/proc/[pid]/task/[tid]/cpuset +See +.BR cpuset (7). +.TP +.IR /proc/ pid /cwd +This is a symbolic link to the current working directory of the process. +To find out the current working directory of process 20, +for instance, you can do this: +.IP +.in +4n +.EX +.RB "$" " cd /proc/20/cwd; pwd \-P" +.EE +.in +.IP +.\" The following was still true as at kernel 2.6.13 +In a multithreaded process, the contents of this symbolic link +are not available if the main thread has already terminated +(typically by calling +.BR pthread_exit (3)). +.IP +Permission to dereference or read +.RB ( readlink (2)) +this symbolic link is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /environ +This file contains the initial environment that was set +when the currently executing program was started via +.BR execve (2). +The entries are separated by null bytes (\[aq]\e0\[aq]), +and there may be a null byte at the end. +Thus, to print out the environment of process 1, you would do: +.IP +.in +4n +.EX +.RB "$" " cat /proc/1/environ | tr \[aq]\e000\[aq] \[aq]\en\[aq]" +.EE +.in +.IP +If, after an +.BR execve (2), +the process modifies its environment +(e.g., by calling functions such as +.BR putenv (3) +or modifying the +.BR environ (7) +variable directly), +this file will +.I not +reflect those changes. +.IP +Furthermore, a process may change the memory location that this file refers via +.BR prctl (2) +operations such as +.BR PR_SET_MM_ENV_START . +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /exe +Under Linux 2.2 and later, this file is a symbolic link +containing the actual pathname of the executed command. +This symbolic link can be dereferenced normally; attempting to open +it will open the executable. +You can even type +.IR /proc/ pid /exe +to run another copy of the same executable that is being run by +process +.IR pid . +If the pathname has been unlinked, the symbolic link will contain the +string \[aq]\ (deleted)\[aq] appended to the original pathname. +.\" The following was still true as at kernel 2.6.13 +In a multithreaded process, the contents of this symbolic link +are not available if the main thread has already terminated +(typically by calling +.BR pthread_exit (3)). +.IP +Permission to dereference or read +.RB ( readlink (2)) +this symbolic link is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.IP +Under Linux 2.0 and earlier, +.IR /proc/ pid /exe +is a pointer to the binary which was executed, +and appears as a symbolic link. +A +.BR readlink (2) +call on this file under Linux 2.0 returns a string in the format: +.IP +.in +4n +.EX +[device]:inode +.EE +.in +.IP +For example, [0301]:1502 would be inode 1502 on device major 03 (IDE, +MFM, etc. drives) minor 01 (first partition on the first drive). +.IP +.BR find (1) +with the +.I \-inum +option can be used to locate the file. +.TP +.IR /proc/ pid /fd/ +This is a subdirectory containing one entry for each file which the +process has open, named by its file descriptor, and which is a +symbolic link to the actual file. +Thus, 0 is standard input, 1 standard output, 2 standard error, and so on. +.IP +For file descriptors for pipes and sockets, +the entries will be symbolic links whose content is the +file type with the inode. +A +.BR readlink (2) +call on this file returns a string in the format: +.IP +.in +4n +.EX +type:[inode] +.EE +.in +.IP +For example, +.I socket:[2248868] +will be a socket and its inode is 2248868. +For sockets, that inode can be used to find more information +in one of the files under +.IR /proc/net/ . +.IP +For file descriptors that have no corresponding inode +(e.g., file descriptors produced by +.BR bpf (2), +.BR epoll_create (2), +.BR eventfd (2), +.BR inotify_init (2), +.BR perf_event_open (2), +.BR signalfd (2), +.BR timerfd_create (2), +and +.BR userfaultfd (2)), +the entry will be a symbolic link with contents of the form +.IP +.in +4n +.EX +.RI anon_inode: file-type +.EE +.in +.IP +In many cases (but not all), the +.I file-type +is surrounded by square brackets. +.IP +For example, an epoll file descriptor will have a symbolic link +whose content is the string +.IR "anon_inode:[eventpoll]" . +.IP +.\"The following was still true as at kernel 2.6.13 +In a multithreaded process, the contents of this directory +are not available if the main thread has already terminated +(typically by calling +.BR pthread_exit (3)). +.IP +Programs that take a filename as a command-line argument, +but don't take input from standard input if no argument is supplied, +and programs that write to a file named as a command-line argument, +but don't send their output to standard output +if no argument is supplied, can nevertheless be made to use +standard input or standard output by using +.IR /proc/ pid /fd +files as command-line arguments. +For example, assuming that +.I \-i +is the flag designating an input file and +.I \-o +is the flag designating an output file: +.IP +.in +4n +.EX +.RB "$" " foobar \-i /proc/self/fd/0 \-o /proc/self/fd/1 ..." +.EE +.in +.IP +and you have a working filter. +.\" The following is not true in my tests (MTK): +.\" Note that this will not work for +.\" programs that seek on their files, as the files in the fd directory +.\" are not seekable. +.IP +.I /proc/self/fd/N +is approximately the same as +.I /dev/fd/N +in some UNIX and UNIX-like systems. +Most Linux MAKEDEV scripts symbolically link +.I /dev/fd +to +.IR /proc/self/fd , +in fact. +.IP +Most systems provide symbolic links +.IR /dev/stdin , +.IR /dev/stdout , +and +.IR /dev/stderr , +which respectively link to the files +.IR 0 , +.IR 1 , +and +.I 2 +in +.IR /proc/self/fd . +Thus the example command above could be written as: +.IP +.in +4n +.EX +.RB "$" " foobar \-i /dev/stdin \-o /dev/stdout ..." +.EE +.in +.IP +Permission to dereference or read +.RB ( readlink (2)) +the symbolic links in this directory is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.IP +Note that for file descriptors referring to inodes +(pipes and sockets, see above), +those inodes still have permission bits and ownership information +distinct from those of the +.IR /proc/ pid /fd +entry, +and that the owner may differ from the user and group IDs of the process. +An unprivileged process may lack permissions to open them, as in this example: +.IP +.in +4n +.EX +.RB "$" " echo test | sudo \-u nobody cat" +test +.RB "$" " echo test | sudo \-u nobody cat /proc/self/fd/0" +cat: /proc/self/fd/0: Permission denied +.EE +.in +.IP +File descriptor 0 refers to the pipe created by the shell +and owned by that shell's user, which is not +.IR nobody , +so +.B cat +does not have permission +to create a new file descriptor to read from that inode, +even though it can still read from its existing file descriptor 0. +.TP +.IR /proc/ pid /fdinfo/ " (since Linux 2.6.22)" +This is a subdirectory containing one entry for each file which the +process has open, named by its file descriptor. +The files in this directory are readable only by the owner of the process. +The contents of each file can be read to obtain information +about the corresponding file descriptor. +The content depends on the type of file referred to by the +corresponding file descriptor. +.IP +For regular files and directories, we see something like: +.IP +.in +4n +.EX +.RB "$" " cat /proc/12015/fdinfo/4" +pos: 1000 +flags: 01002002 +mnt_id: 21 +.EE +.in +.IP +The fields are as follows: +.RS +.TP +.I pos +This is a decimal number showing the file offset. +.TP +.I flags +This is an octal number that displays the +file access mode and file status flags (see +.BR open (2)). +If the close-on-exec file descriptor flag is set, then +.I flags +will also include the value +.BR O_CLOEXEC . +.IP +Before Linux 3.1, +.\" commit 1117f72ea0217ba0cc19f05adbbd8b9a397f5ab7 +this field incorrectly displayed the setting of +.B O_CLOEXEC +at the time the file was opened, +rather than the current setting of the close-on-exec flag. +.TP +.I +.I mnt_id +This field, present since Linux 3.15, +.\" commit 49d063cb353265c3af701bab215ac438ca7df36d +is the ID of the mount containing this file. +See the description of +.IR /proc/ pid /mountinfo . +.RE +.IP +For eventfd file descriptors (see +.BR eventfd (2)), +we see (since Linux 3.8) +.\" commit cbac5542d48127b546a23d816380a7926eee1c25 +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 02 +mnt_id: 10 +eventfd\-count: 40 +.EE +.in +.IP +.I eventfd\-count +is the current value of the eventfd counter, in hexadecimal. +.IP +For epoll file descriptors (see +.BR epoll (7)), +we see (since Linux 3.8) +.\" commit 138d22b58696c506799f8de759804083ff9effae +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 02 +mnt_id: 10 +tfd: 9 events: 19 data: 74253d2500000009 +tfd: 7 events: 19 data: 74253d2500000007 +.EE +.in +.IP +Each of the lines beginning +.I tfd +describes one of the file descriptors being monitored via +the epoll file descriptor (see +.BR epoll_ctl (2) +for some details). +The +.I tfd +field is the number of the file descriptor. +The +.I events +field is a hexadecimal mask of the events being monitored for this file +descriptor. +The +.I data +field is the data value associated with this file descriptor. +.IP +For signalfd file descriptors (see +.BR signalfd (2)), +we see (since Linux 3.8) +.\" commit 138d22b58696c506799f8de759804083ff9effae +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 02 +mnt_id: 10 +sigmask: 0000000000000006 +.EE +.in +.IP +.I sigmask +is the hexadecimal mask of signals that are accepted via this +signalfd file descriptor. +(In this example, bits 2 and 3 are set, corresponding to the signals +.B SIGINT +and +.BR SIGQUIT ; +see +.BR signal (7).) +.IP +For inotify file descriptors (see +.BR inotify (7)), +we see (since Linux 3.8) +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 00 +mnt_id: 11 +inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:2af87e00220ffd73 +inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:27261900802dfd73 +.EE +.in +.IP +Each of the lines beginning with "inotify" displays information about +one file or directory that is being monitored. +The fields in this line are as follows: +.RS +.TP +.I wd +A watch descriptor number (in decimal). +.TP +.I ino +The inode number of the target file (in hexadecimal). +.TP +.I sdev +The ID of the device where the target file resides (in hexadecimal). +.TP +.I mask +The mask of events being monitored for the target file (in hexadecimal). +.RE +.IP +If the kernel was built with exportfs support, the path to the target +file is exposed as a file handle, via three hexadecimal fields: +.IR fhandle\-bytes , +.IR fhandle\-type , +and +.IR f_handle . +.IP +For fanotify file descriptors (see +.BR fanotify (7)), +we see (since Linux 3.8) +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 02 +mnt_id: 11 +fanotify flags:0 event\-flags:88002 +fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:4f261900a82dfd73 +.EE +.in +.IP +The fourth line displays information defined when the fanotify group +was created via +.BR fanotify_init (2): +.RS +.TP +.I flags +The +.I flags +argument given to +.BR fanotify_init (2) +(expressed in hexadecimal). +.TP +.I event\-flags +The +.I event_f_flags +argument given to +.BR fanotify_init (2) +(expressed in hexadecimal). +.RE +.IP +Each additional line shown in the file contains information +about one of the marks in the fanotify group. +Most of these fields are as for inotify, except: +.RS +.TP +.I mflags +The flags associated with the mark +(expressed in hexadecimal). +.TP +.I mask +The events mask for this mark +(expressed in hexadecimal). +.TP +.I ignored_mask +The mask of events that are ignored for this mark +(expressed in hexadecimal). +.RE +.IP +For details on these fields, see +.BR fanotify_mark (2). +.IP +For timerfd file descriptors (see +.BR timerfd (2)), +we see (since Linux 3.17) +.\" commit af9c4957cf212ad9cf0bee34c95cb11de5426e85 +the following fields: +.IP +.in +4n +.EX +pos: 0 +flags: 02004002 +mnt_id: 13 +clockid: 0 +ticks: 0 +settime flags: 03 +it_value: (7695568592, 640020877) +it_interval: (0, 0) +.EE +.in +.RS +.TP +.I clockid +This is the numeric value of the clock ID +(corresponding to one of the +.B CLOCK_* +constants defined via +.IR <time.h> ) +that is used to mark the progress of the timer (in this example, 0 is +.BR CLOCK_REALTIME ). +.TP +.I ticks +This is the number of timer expirations that have occurred, +(i.e., the value that +.BR read (2) +on it would return). +.TP +.I settime flags +This field lists the flags with which the timerfd was last armed (see +.BR timerfd_settime (2)), +in octal +(in this example, both +.B TFD_TIMER_ABSTIME +and +.B TFD_TIMER_CANCEL_ON_SET +are set). +.TP +.I it_value +This field contains the amount of time until the timer will next expire, +expressed in seconds and nanoseconds. +This is always expressed as a relative value, +regardless of whether the timer was created using the +.B TFD_TIMER_ABSTIME +flag. +.TP +.I it_interval +This field contains the interval of the timer, +in seconds and nanoseconds. +(The +.I it_value +and +.I it_interval +fields contain the values that +.BR timerfd_gettime (2) +on this file descriptor would return.) +.RE +.TP +.IR /proc/ pid /gid_map " (since Linux 3.5)" +See +.BR user_namespaces (7). +.TP +.IR /proc/ pid /io " (since Linux 2.6.20)" +.\" commit 7c3ab7381e79dfc7db14a67c6f4f3285664e1ec2 +This file contains I/O statistics for the process, for example: +.IP +.in +4n +.EX +.RB "#" " cat /proc/3828/io" +rchar: 323934931 +wchar: 323929600 +syscr: 632687 +syscw: 632675 +read_bytes: 0 +write_bytes: 323932160 +cancelled_write_bytes: 0 +.EE +.in +.IP +The fields are as follows: +.RS +.TP +.IR rchar ": characters read" +The number of bytes which this task has caused to be read from storage. +This is simply the sum of bytes which this process passed to +.BR read (2) +and similar system calls. +It includes things such as terminal I/O and +is unaffected by whether or not actual +physical disk I/O was required (the read might have been satisfied from +pagecache). +.TP +.IR wchar ": characters written" +The number of bytes which this task has caused, or shall cause to be written +to disk. +Similar caveats apply here as with +.IR rchar . +.TP +.IR syscr ": read syscalls" +Attempt to count the number of read I/O operations\[em]that is, +system calls such as +.BR read (2) +and +.BR pread (2). +.TP +.IR syscw ": write syscalls" +Attempt to count the number of write I/O operations\[em]that is, +system calls such as +.BR write (2) +and +.BR pwrite (2). +.TP +.IR read_bytes ": bytes read" +Attempt to count the number of bytes which this process really did cause to +be fetched from the storage layer. +This is accurate for block-backed filesystems. +.TP +.IR write_bytes ": bytes written" +Attempt to count the number of bytes which this process caused to be sent to +the storage layer. +.TP +.IR cancelled_write_bytes : +The big inaccuracy here is truncate. +If a process writes 1 MB to a file and then deletes the file, +it will in fact perform no writeout. +But it will have been accounted as having caused 1 MB of write. +In other words: this field represents the number of bytes which this process +caused to not happen, by truncating pagecache. +A task can cause "negative" I/O too. +If this task truncates some dirty pagecache, +some I/O which another task has been accounted for +(in its +.IR write_bytes ) +will not be happening. +.RE +.IP +.IR Note : +In the current implementation, things are a bit racy on 32-bit systems: +if process A reads process B's +.IR /proc/ pid /io +while process B is updating one of these 64-bit counters, +process A could see an intermediate result. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /limits " (since Linux 2.6.24)" +This file displays the soft limit, hard limit, and units of measurement +for each of the process's resource limits (see +.BR getrlimit (2)). +Up to and including Linux 2.6.35, +this file is protected to allow reading only by the real UID of the process. +Since Linux 2.6.36, +.\" commit 3036e7b490bf7878c6dae952eec5fb87b1106589 +this file is readable by all users on the system. +.\" FIXME Describe /proc/[pid]/loginuid +.\" Added in Linux 2.6.11; updating requires CAP_AUDIT_CONTROL +.\" CONFIG_AUDITSYSCALL +.TP +.IR /proc/ pid /map_files/ " (since Linux 3.3)" +.\" commit 640708a2cff7f81e246243b0073c66e6ece7e53e +This subdirectory contains entries corresponding to memory-mapped +files (see +.BR mmap (2)). +Entries are named by memory region start and end +address pair (expressed as hexadecimal numbers), +and are symbolic links to the mapped files themselves. +Here is an example, +with the output wrapped and reformatted to fit on an 80-column display: +.IP +.in +4n +.EX +.RB "#" " ls \-l /proc/self/map_files/" +lr\-\-\-\-\-\-\-\-. 1 root root 64 Apr 16 21:31 + 3252e00000\-3252e20000 \-> /usr/lib64/ld\-2.15.so +\&... +.EE +.in +.IP +Although these entries are present for memory regions that were +mapped with the +.B MAP_FILE +flag, the way anonymous shared memory (regions created with the +.B MAP_ANON | MAP_SHARED +flags) +is implemented in Linux +means that such regions also appear on this directory. +Here is an example where the target file is the deleted +.I /dev/zero +one: +.IP +.in +4n +.EX +lrw\-\-\-\-\-\-\-. 1 root root 64 Apr 16 21:33 + 7fc075d2f000\-7fc075e6f000 \-> /dev/zero (deleted) +.EE +.in +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.IP +Until Linux 4.3, +.\" commit bdb4d100afe9818aebd1d98ced575c5ef143456c +this directory appeared only if the +.B CONFIG_CHECKPOINT_RESTORE +kernel configuration option was enabled. +.IP +Capabilities are required to read the contents of the symbolic links in +this directory: before Linux 5.9, the reading process requires +.B CAP_SYS_ADMIN +in the initial user namespace; +since Linux 5.9, the reading process must have either +.B CAP_SYS_ADMIN +or +.B CAP_CHECKPOINT_RESTORE +in the initial (i.e. root) user namespace. +.TP +.IR /proc/ pid /maps +A file containing the currently mapped memory regions and their access +permissions. +See +.BR mmap (2) +for some further information about memory mappings. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.IP +The format of the file is: +.IP +.in +4n +.EX +.I "address perms offset dev inode pathname" +00400000\-00452000 r\-xp 00000000 08:02 173521 /usr/bin/dbus\-daemon +00651000\-00652000 r\-\-p 00051000 08:02 173521 /usr/bin/dbus\-daemon +00652000\-00655000 rw\-p 00052000 08:02 173521 /usr/bin/dbus\-daemon +00e03000\-00e24000 rw\-p 00000000 00:00 0 [heap] +00e24000\-011f7000 rw\-p 00000000 00:00 0 [heap] +\&... +35b1800000\-35b1820000 r\-xp 00000000 08:02 135522 /usr/lib64/ld\-2.15.so +35b1a1f000\-35b1a20000 r\-\-p 0001f000 08:02 135522 /usr/lib64/ld\-2.15.so +35b1a20000\-35b1a21000 rw\-p 00020000 08:02 135522 /usr/lib64/ld\-2.15.so +35b1a21000\-35b1a22000 rw\-p 00000000 00:00 0 +35b1c00000\-35b1dac000 r\-xp 00000000 08:02 135870 /usr/lib64/libc\-2.15.so +35b1dac000\-35b1fac000 \-\-\-p 001ac000 08:02 135870 /usr/lib64/libc\-2.15.so +35b1fac000\-35b1fb0000 r\-\-p 001ac000 08:02 135870 /usr/lib64/libc\-2.15.so +35b1fb0000\-35b1fb2000 rw\-p 001b0000 08:02 135870 /usr/lib64/libc\-2.15.so +\&... +f2c6ff8c000\-7f2c7078c000 rw\-p 00000000 00:00 0 [stack:986] +\&... +7fffb2c0d000\-7fffb2c2e000 rw\-p 00000000 00:00 0 [stack] +7fffb2d48000\-7fffb2d49000 r\-xp 00000000 00:00 0 [vdso] +.EE +.in +.IP +The +.I address +field is the address space in the process that the mapping occupies. +The +.I perms +field is a set of permissions: +.IP +.in +4n +.EX +r = read +w = write +x = execute +s = shared +p = private (copy on write) +.EE +.in +.IP +The +.I offset +field is the offset into the file/whatever; +.I dev +is the device +(major:minor); +.I inode +is the inode on that device. +0 indicates that no inode is associated with the memory region, +as would be the case with BSS (uninitialized data). +.IP +The +.I pathname +field will usually be the file that is backing the mapping. +For ELF files, +you can easily coordinate with the +.I offset +field by looking at the +Offset field in the ELF program headers +.RI ( "readelf\ \-l" ). +.IP +There are additional helpful pseudo-paths: +.RS +.TP +.I [stack] +The initial process's (also known as the main thread's) stack. +.TP +.IR [stack: tid ] " (from Linux 3.4 to Linux 4.4)" +.\" commit b76437579d1344b612cf1851ae610c636cec7db0 (added) +.\" commit 65376df582174ffcec9e6471bf5b0dd79ba05e4a (removed) +A thread's stack (where the +.I tid +is a thread ID). +It corresponds to the +.IR /proc/ pid /task/ tid / +path. +This field was removed in Linux 4.5, since providing this information +for a process with large numbers of threads is expensive. +.TP +.I [vdso] +The virtual dynamically linked shared object. +See +.BR vdso (7). +.TP +.I [heap] +The process's heap. +.TP +.IR [anon: name ] " (since Linux 5.17)" +.\" Commit 9a10064f5625d5572c3626c1516e0bebc6c9fe9b +A named private anonymous mapping. +Set with +.BR prctl (2) +.BR PR_SET_VMA_ANON_NAME . +.TP +.IR [anon_shmem: name ] " (since Linux 6.2)" +.\" Commit d09e8ca6cb93bb4b97517a18fbbf7eccb0e9ff43 +A named shared anonymous mapping. +Set with +.BR prctl (2) +.BR PR_SET_VMA_ANON_NAME . +.in +.RE +.IP +If the +.I pathname +field is blank, +this is an anonymous mapping as obtained via +.BR mmap (2). +There is no easy way to coordinate this back to a process's source, +short of running it through +.BR gdb (1), +.BR strace (1), +or similar. +.IP +.I pathname +is shown unescaped except for newline characters, which are replaced +with an octal escape sequence. +As a result, it is not possible to determine whether the original +pathname contained a newline character or the literal +.I \e012 +character sequence. +.IP +If the mapping is file-backed and the file has been deleted, the string +" (deleted)" is appended to the pathname. +Note that this is ambiguous too. +.IP +Under Linux 2.0, there is no field giving pathname. +.TP +.IR /proc/ pid /mem +This file can be used to access the pages of a process's memory through +.BR open (2), +.BR read (2), +and +.BR lseek (2). +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_ATTACH_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /mountinfo " (since Linux 2.6.26)" +.\" This info adapted from Documentation/filesystems/proc.txt +.\" commit 2d4d4864ac08caff5c204a752bd004eed4f08760 +This file contains information about mounts +in the process's mount namespace (see +.BR mount_namespaces (7)). +It supplies various information +(e.g., propagation state, root of mount for bind mounts, +identifier for each mount and its parent) that is missing from the (older) +.IR /proc/ pid /mounts +file, and fixes various other problems with that file +(e.g., nonextensibility, +failure to distinguish per-mount versus per-superblock options). +.IP +The file contains lines of the form: +.IP +.EX +36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 \- ext3 /dev/root rw,errors=continue +(1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11) +.EE +.IP +The numbers in parentheses are labels for the descriptions below: +.RS 7 +.TP 5 +(1) +mount ID: a unique ID for the mount (may be reused after +.BR umount (2)). +.TP +(2) +parent ID: the ID of the parent mount +(or of self for the root of this mount namespace's mount tree). +.IP +If a new mount is stacked on top of a previous existing mount +(so that it hides the existing mount) at pathname P, +then the parent of the new mount is the previous mount at that location. +Thus, when looking at all the mounts stacked at a particular location, +the top-most mount is the one that is not the parent +of any other mount at the same location. +(Note, however, that this top-most mount will be accessible only if +the longest path subprefix of P that is a mount point +is not itself hidden by a stacked mount.) +.IP +If the parent mount lies outside the process's root directory (see +.BR chroot (2)), +the ID shown here won't have a corresponding record in +.I mountinfo +whose mount ID (field 1) matches this parent mount ID +(because mounts that lie outside the process's root directory +are not shown in +.IR mountinfo ). +As a special case of this point, +the process's root mount may have a parent mount +(for the initramfs filesystem) that lies +.\" Miklos Szeredi, Nov 2017: The hidden one is the initramfs, I believe +.\" mtk: In the initial mount namespace, this hidden ID has the value 0 +outside the process's root directory, +and an entry for that mount will not appear in +.IR mountinfo . +.TP +(3) +major:minor: the value of +.I st_dev +for files on this filesystem (see +.BR stat (2)). +.TP +(4) +root: the pathname of the directory in the filesystem +which forms the root of this mount. +.TP +(5) +mount point: the pathname of the mount point relative +to the process's root directory. +.TP +(6) +mount options: per-mount options (see +.BR mount (2)). +.TP +(7) +optional fields: zero or more fields of the form "tag[:value]"; see below. +.TP +(8) +separator: the end of the optional fields is marked by a single hyphen. +.TP +(9) +filesystem type: the filesystem type in the form "type[.subtype]". +.TP +(10) +mount source: filesystem-specific information or "none". +.TP +(11) +super options: per-superblock options (see +.BR mount (2)). +.RE +.IP +Currently, the possible optional fields are +.IR shared , +.IR master , +.IR propagate_from , +and +.IR unbindable . +See +.BR mount_namespaces (7) +for a description of these fields. +Parsers should ignore all unrecognized optional fields. +.IP +For more information on mount propagation see +.I Documentation/filesystems/sharedsubtree.rst +(or +.I Documentation/filesystems/sharedsubtree.txt +before Linux 5.8) +in the Linux kernel source tree. +.TP +.IR /proc/ pid /mounts " (since Linux 2.4.19)" +This file lists all the filesystems currently mounted in the +process's mount namespace (see +.BR mount_namespaces (7)). +The format of this file is documented in +.BR fstab (5). +.IP +Since Linux 2.6.15, this file is pollable: +after opening the file for reading, a change in this file +(i.e., a filesystem mount or unmount) causes +.BR select (2) +to mark the file descriptor as having an exceptional condition, and +.BR poll (2) +and +.BR epoll_wait (2) +mark the file as having a priority event +.RB ( POLLPRI ). +(Before Linux 2.6.30, +a change in this file was indicated by the file descriptor +being marked as readable for +.BR select (2), +and being marked as having an error condition for +.BR poll (2) +and +.BR epoll_wait (2).) +.TP +.IR /proc/ pid /mountstats " (since Linux 2.6.17)" +This file exports information (statistics, configuration information) +about the mounts in the process's mount namespace (see +.BR mount_namespaces (7)). +Lines in this file have the form: +.IP +.in +4n +.EX +device /dev/sda7 mounted on /home with fstype ext3 [stats] +( 1 ) ( 2 ) (3 ) ( 4 ) +.EE +.in +.IP +The fields in each line are: +.RS 7 +.TP 5 +(1) +The name of the mounted device +(or "nodevice" if there is no corresponding device). +.TP +(2) +The mount point within the filesystem tree. +.TP +(3) +The filesystem type. +.TP +(4) +Optional statistics and configuration information. +Currently (as at Linux 2.6.26), only NFS filesystems export +information via this field. +.RE +.IP +This file is readable only by the owner of the process. +.TP +.IR /proc/ pid /net " (since Linux 2.6.25)" +See the description of +.IR /proc/net . +.TP +.IR /proc/ pid /ns/ " (since Linux 3.0)" +.\" See commit 6b4e306aa3dc94a0545eb9279475b1ab6209a31f +This is a subdirectory containing one entry for each namespace that +supports being manipulated by +.BR setns (2). +For more information, see +.BR namespaces (7). +.TP +.IR /proc/ pid /numa_maps " (since Linux 2.6.14)" +See +.BR numa (7). +.TP +.IR /proc/ pid /oom_adj " (since Linux 2.6.11)" +This file can be used to adjust the score used to select which process +should be killed in an out-of-memory (OOM) situation. +The kernel uses this value for a bit-shift operation of the process's +.I oom_score +value: +valid values are in the range \-16 to +15, +plus the special value \-17, +which disables OOM-killing altogether for this process. +A positive score increases the likelihood of this +process being killed by the OOM-killer; +a negative score decreases the likelihood. +.IP +The default value for this file is 0; +a new process inherits its parent's +.I oom_adj +setting. +A process must be privileged +.RB ( CAP_SYS_RESOURCE ) +to update this file, +although a process can always increase its own +.I oom_adj +setting (since Linux 2.6.20). +.IP +Since Linux 2.6.36, use of this file is deprecated in favor of +.IR /proc/ pid /oom_score_adj , +and finally removed in Linux 3.7. +.TP +.IR /proc/ pid /oom_score " (since Linux 2.6.11)" +.\" See mm/oom_kill.c::badness() before Linux 2.6.36 sources +.\" See mm/oom_kill.c::oom_badness() after Linux 2.6.36 +.\" commit a63d83f427fbce97a6cea0db2e64b0eb8435cd10 +This file displays the current score that the kernel gives to +this process for the purpose of selecting a process +for the OOM-killer. +A higher score means that the process is more likely to be +selected by the OOM-killer. +The basis for this score is the amount of memory used by the process, +with increases (+) or decreases (\-) for factors including: +.\" See mm/oom_kill.c::badness() before Linux 2.6.36 sources +.\" See mm/oom_kill.c::oom_badness() after Linux 2.6.36 +.\" commit a63d83f427fbce97a6cea0db2e64b0eb8435cd10 +.RS +.IP \[bu] 3 +whether the process is privileged (\-). +.\" More precisely, if it has CAP_SYS_ADMIN or (pre 2.6.36) CAP_SYS_RESOURCE +.RE +.IP +Before Linux 2.6.36 +the following factors were also used in the calculation of oom_score: +.RS +.IP \[bu] 3 +whether the process creates a lot of children using +.BR fork (2) +(+); +.IP \[bu] +whether the process has been running a long time, +or has used a lot of CPU time (\-); +.IP \[bu] +whether the process has a low nice value (i.e., > 0) (+); and +.IP \[bu] +whether the process is making direct hardware access (\-). +.\" More precisely, if it has CAP_SYS_RAWIO +.RE +.IP +The +.I oom_score +also reflects the adjustment specified by the +.I oom_score_adj +or +.I oom_adj +setting for the process. +.TP +.IR /proc/ pid /oom_score_adj " (since Linux 2.6.36)" +.\" Text taken from Linux 3.7 Documentation/filesystems/proc.txt +This file can be used to adjust the badness heuristic used to select which +process gets killed in out-of-memory conditions. +.IP +The badness heuristic assigns a value to each candidate task ranging from 0 +(never kill) to 1000 (always kill) to determine which process is targeted. +The units are roughly a proportion along that range of +allowed memory the process may allocate from, +based on an estimation of its current memory and swap use. +For example, if a task is using all allowed memory, +its badness score will be 1000. +If it is using half of its allowed memory, its score will be 500. +.IP +There is an additional factor included in the badness score: root +processes are given 3% extra memory over other tasks. +.IP +The amount of "allowed" memory depends on the context +in which the OOM-killer was called. +If it is due to the memory assigned to the allocating task's cpuset +being exhausted, +the allowed memory represents the set of mems assigned to that +cpuset (see +.BR cpuset (7)). +If it is due to a mempolicy's node(s) being exhausted, +the allowed memory represents the set of mempolicy nodes. +If it is due to a memory limit (or swap limit) being reached, +the allowed memory is that configured limit. +Finally, if it is due to the entire system being out of memory, the +allowed memory represents all allocatable resources. +.IP +The value of +.I oom_score_adj +is added to the badness score before it +is used to determine which task to kill. +Acceptable values range from \-1000 +(OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX). +This allows user space to control the preference for OOM-killing, +ranging from always preferring a certain +task or completely disabling it from OOM-killing. +The lowest possible value, \-1000, is +equivalent to disabling OOM-killing entirely for that task, +since it will always report a badness score of 0. +.IP +Consequently, it is very simple for user space to define +the amount of memory to consider for each task. +Setting an +.I oom_score_adj +value of +500, for example, +is roughly equivalent to allowing the remainder of tasks sharing the +same system, cpuset, mempolicy, or memory controller resources +to use at least 50% more memory. +A value of \-500, on the other hand, would be roughly +equivalent to discounting 50% of the task's +allowed memory from being considered as scoring against the task. +.IP +For backward compatibility with previous kernels, +.IR /proc/ pid /oom_adj +can still be used to tune the badness score. +Its value is +scaled linearly with +.IR oom_score_adj . +.IP +Writing to +.IR /proc/ pid /oom_score_adj +or +.IR /proc/ pid /oom_adj +will change the other with its scaled value. +.IP +The +.BR choom (1) +program provides a command-line interface for adjusting the +.I oom_score_adj +value of a running process or a newly executed command. +.TP +.IR /proc/ pid /pagemap " (since Linux 2.6.25)" +This file shows the mapping of each of the process's virtual pages +into physical page frames or swap area. +It contains one 64-bit value for each virtual page, +with the bits set as follows: +.RS +.TP +63 +If set, the page is present in RAM. +.TP +62 +If set, the page is in swap space +.TP +61 (since Linux 3.5) +The page is a file-mapped page or a shared anonymous page. +.TP +60\[en]58 (since Linux 3.11) +Zero +.\" Not quite true; see commit 541c237c0923f567c9c4cabb8a81635baadc713f +.TP +57 (since Linux 5.14) +If set, the page is write-protected through +.BR userfaultfd (2). +.TP +56 (since Linux 4.2) +.\" commit 77bb499bb60f4b79cca7d139c8041662860fcf87 +.\" commit 83b4b0bb635eee2b8e075062e4e008d1bc110ed7 +The page is exclusively mapped. +.TP +55 (since Linux 3.11) +PTE is soft-dirty +(see the kernel source file +.IR Documentation/admin\-guide/mm/soft\-dirty.rst ). +.TP +54\[en]0 +If the page is present in RAM (bit 63), then these bits +provide the page frame number, which can be used to index +.I /proc/kpageflags +and +.IR /proc/kpagecount . +If the page is present in swap (bit 62), +then bits 4\[en]0 give the swap type, and bits 54\[en]5 encode the swap offset. +.RE +.IP +Before Linux 3.11, bits 60\[en]55 were +used to encode the base-2 log of the page size. +.IP +To employ +.IR /proc/ pid /pagemap +efficiently, use +.IR /proc/ pid /maps +to determine which areas of memory are actually mapped and seek +to skip over unmapped regions. +.IP +The +.IR /proc/ pid /pagemap +file is present only if the +.B CONFIG_PROC_PAGE_MONITOR +kernel configuration option is enabled. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /personality " (since Linux 2.6.28)" +.\" commit 478307230810d7e2a753ed220db9066dfdf88718 +This read-only file exposes the process's execution domain, as set by +.BR personality (2). +The value is displayed in hexadecimal notation. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_ATTACH_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /root +UNIX and Linux support the idea of a per-process root of the +filesystem, set by the +.BR chroot (2) +system call. +This file is a symbolic link that points to the process's +root directory, and behaves in the same way as +.IR exe , +and +.IR fd/* . +.IP +Note however that this file is not merely a symbolic link. +It provides the same view of the filesystem (including namespaces and the +set of per-process mounts) as the process itself. +An example illustrates this point. +In one terminal, we start a shell in new user and mount namespaces, +and in that shell we create some new mounts: +.IP +.in +4n +.EX +$ \fBPS1=\[aq]sh1# \[aq] unshare \-Urnm\fP +sh1# \fBmount \-t tmpfs tmpfs /etc\fP # Mount empty tmpfs at /etc +sh1# \fBmount \-\-bind /usr /dev\fP # Mount /usr at /dev +sh1# \fBecho $$\fP +27123 +.EE +.in +.IP +In a second terminal window, in the initial mount namespace, +we look at the contents of the corresponding mounts in +the initial and new namespaces: +.IP +.in +4n +.EX +$ \fBPS1=\[aq]sh2# \[aq] sudo sh\fP +sh2# \fBls /etc | wc \-l\fP # In initial NS +309 +sh2# \fBls /proc/27123/root/etc | wc \-l\fP # /etc in other NS +0 # The empty tmpfs dir +sh2# \fBls /dev | wc \-l\fP # In initial NS +205 +sh2# \fBls /proc/27123/root/dev | wc \-l\fP # /dev in other NS +11 # Actually bind + # mounted to /usr +sh2# \fBls /usr | wc \-l\fP # /usr in initial NS +11 +.EE +.in +.IP +.\" The following was still true as at kernel 2.6.13 +In a multithreaded process, the contents of the +.IR /proc/ pid /root +symbolic link are not available if the main thread has already terminated +(typically by calling +.BR pthread_exit (3)). +.IP +Permission to dereference or read +.RB ( readlink (2)) +this symbolic link is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /projid_map " (since Linux 3.7)" +.\" commit f76d207a66c3a53defea67e7d36c3eb1b7d6d61d +See +.BR user_namespaces (7). +.TP +.IR /proc/ pid /seccomp " (Linux 2.6.12 to Linux 2.6.22)" +This file can be used to read and change the process's +secure computing (seccomp) mode setting. +It contains the value 0 if the process is not in seccomp mode, +and 1 if the process is in strict seccomp mode (see +.BR seccomp (2)). +Writing 1 to this file places the process irreversibly in strict seccomp mode. +(Further attempts to write to the file fail with the +.B EPERM +error.) +.IP +In Linux 2.6.23, +this file went away, to be replaced by the +.BR prctl (2) +.B PR_GET_SECCOMP +and +.B PR_SET_SECCOMP +operations (and later by +.BR seccomp (2) +and the +.I Seccomp +field in +.IR /proc/ pid /status ). +.\" FIXME Describe /proc/[pid]/sessionid +.\" commit 1e0bd7550ea9cf474b1ad4c6ff5729a507f75fdc +.\" CONFIG_AUDITSYSCALL +.\" Added in Linux 2.6.25; read-only; only readable by real UID +.\" +.\" FIXME Describe /proc/[pid]/sched +.\" Added in Linux 2.6.23 +.\" CONFIG_SCHED_DEBUG, and additional fields if CONFIG_SCHEDSTATS +.\" Displays various scheduling parameters +.\" This file can be written, to reset stats +.\" The set of fields exposed by this file have changed +.\" significantly over time. +.\" commit 43ae34cb4cd650d1eb4460a8253a8e747ba052ac +.\" +.\" FIXME Describe /proc/[pid]/schedstats and +.\" /proc/[pid]/task/[tid]/schedstats +.\" Added in Linux 2.6.9 +.\" CONFIG_SCHEDSTATS +.TP +.IR /proc/ pid /setgroups " (since Linux 3.19)" +See +.BR user_namespaces (7). +.TP +.IR /proc/ pid /smaps " (since Linux 2.6.14)" +This file shows memory consumption for each of the process's mappings. +(The +.BR pmap (1) +command displays similar information, +in a form that may be easier for parsing.) +For each mapping there is a series of lines such as the following: +.IP +.in +4n +.EX +00400000\-0048a000 r\-xp 00000000 fd:03 960637 /bin/bash +Size: 552 kB +Rss: 460 kB +Pss: 100 kB +Shared_Clean: 452 kB +Shared_Dirty: 0 kB +Private_Clean: 8 kB +Private_Dirty: 0 kB +Referenced: 460 kB +Anonymous: 0 kB +AnonHugePages: 0 kB +ShmemHugePages: 0 kB +ShmemPmdMapped: 0 kB +Swap: 0 kB +KernelPageSize: 4 kB +MMUPageSize: 4 kB +Locked: 0 kB +ProtectionKey: 0 +VmFlags: rd ex mr mw me dw +.EE +.in +.IP +The first of these lines shows the same information as is displayed +for the mapping in +.IR /proc/ pid /maps . +The following lines show the size of the mapping, +the amount of the mapping that is currently resident in RAM ("Rss"), +the process's proportional share of this mapping ("Pss"), +the number of clean and dirty shared pages in the mapping, +and the number of clean and dirty private pages in the mapping. +"Referenced" indicates the amount of memory currently marked as +referenced or accessed. +"Anonymous" shows the amount of memory +that does not belong to any file. +"Swap" shows how much +would-be-anonymous memory is also used, but out on swap. +.IP +The "KernelPageSize" line (available since Linux 2.6.29) +is the page size used by the kernel to back the virtual memory area. +This matches the size used by the MMU in the majority of cases. +However, one counter-example occurs on PPC64 kernels +whereby a kernel using 64 kB as a base page size may still use 4 kB +pages for the MMU on older processors. +To distinguish the two attributes, the "MMUPageSize" line +(also available since Linux 2.6.29) +reports the page size used by the MMU. +.IP +The "Locked" indicates whether the mapping is locked in memory +or not. +.IP +The "ProtectionKey" line (available since Linux 4.9, on x86 only) +contains the memory protection key (see +.BR pkeys (7)) +associated with the virtual memory area. +This entry is present only if the kernel was built with the +.B CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS +configuration option (since Linux 4.6). +.IP +The "VmFlags" line (available since Linux 3.8) +represents the kernel flags associated with the virtual memory area, +encoded using the following two-letter codes: +.RS +.IP +.TS +l l l. +rd - readable +wr - writable +ex - executable +sh - shared +mr - may read +mw - may write +me - may execute +ms - may share +gd - stack segment grows down +pf - pure PFN range +dw - disabled write to the mapped file +lo - pages are locked in memory +io - memory mapped I/O area +sr - sequential read advise provided +rr - random read advise provided +dc - do not copy area on fork +de - do not expand area on remapping +ac - area is accountable +nr - swap space is not reserved for the area +ht - area uses huge tlb pages +sf - perform synchronous page faults (since Linux 4.15) +nl - non-linear mapping (removed in Linux 4.0) +ar - architecture specific flag +wf - wipe on fork (since Linux 4.14) +dd - do not include area into core dump +sd - soft-dirty flag (since Linux 3.13) +mm - mixed map area +hg - huge page advise flag +nh - no-huge page advise flag +mg - mergeable advise flag +um - userfaultfd missing pages tracking (since Linux 4.3) +uw - userfaultfd wprotect pages tracking (since Linux 4.3) +.TE +.RE +.IP +The +.IR /proc/ pid /smaps +file is present only if the +.B CONFIG_PROC_PAGE_MONITOR +kernel configuration option is enabled. +.TP +.IR /proc/ pid /stack " (since Linux 2.6.29)" +.\" 2ec220e27f5040aec1e88901c1b6ea3d135787ad +This file provides a symbolic trace of the function calls in this +process's kernel stack. +This file is provided only if the kernel was built with the +.B CONFIG_STACKTRACE +configuration option. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_ATTACH_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /stat +Status information about the process. +This is used by +.BR ps (1). +It is defined in the kernel source file +.IR fs/proc/array.c "." +.IP +The fields, in order, with their proper +.BR scanf (3) +format specifiers, are listed below. +Whether or not certain of these fields display valid information is governed by +a ptrace access mode +.BR PTRACE_MODE_READ_FSCREDS " | " PTRACE_MODE_NOAUDIT +check (refer to +.BR ptrace (2)). +If the check denies access, then the field value is displayed as 0. +The affected fields are indicated with the marking [PT]. +.RS +.TP +(1) \fIpid\fP \ %d +.br +The process ID. +.TP +(2) \fIcomm\fP \ %s +The filename of the executable, in parentheses. +Strings longer than +.B TASK_COMM_LEN +(16) characters (including the terminating null byte) are silently truncated. +This is visible whether or not the executable is swapped out. +.TP +(3) \fIstate\fP \ %c +One of the following characters, indicating process state: +.RS +.TP +R +Running +.TP +S +Sleeping in an interruptible wait +.TP +D +Waiting in uninterruptible +disk sleep +.TP +Z +Zombie +.TP +T +Stopped (on a signal) or (before Linux 2.6.33) trace stopped +.TP +t +.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29 +Tracing stop (Linux 2.6.33 onward) +.TP +W +Paging (only before Linux 2.6.0) +.TP +X +Dead (from Linux 2.6.0 onward) +.TP +x +.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29 +Dead (Linux 2.6.33 to +.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457 +3.13 only) +.TP +K +.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29 +Wakekill (Linux 2.6.33 to +.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457 +3.13 only) +.TP +W +.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29 +Waking (Linux 2.6.33 to +.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457 +3.13 only) +.TP +P +.\" commit f2530dc71cf0822f90bb63ea4600caaef33a66bb +Parked (Linux 3.9 to +.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457 +3.13 only) +.TP +I +.\" commit 06eb61844d841d0032a9950ce7f8e783ee49c0d0 +Idle (Linux 4.14 onward) +.RE +.TP +(4) \fIppid\fP \ %d +The PID of the parent of this process. +.TP +(5) \fIpgrp\fP \ %d +The process group ID of the process. +.TP +(6) \fIsession\fP \ %d +The session ID of the process. +.TP +(7) \fItty_nr\fP \ %d +The controlling terminal of the process. +(The minor device number is contained in the combination of bits +31 to 20 and 7 to 0; +the major device number is in bits 15 to 8.) +.TP +(8) \fItpgid\fP \ %d +.\" This field and following, up to and including wchan added 0.99.1 +The ID of the foreground process group of the controlling +terminal of the process. +.TP +(9) \fIflags\fP \ %u +The kernel flags word of the process. +For bit meanings, +see the PF_* defines in the Linux kernel source file +.IR include/linux/sched.h . +Details depend on the kernel version. +.IP +The format for this field was %lu before Linux 2.6. +.TP +(10) \fIminflt\fP \ %lu +The number of minor faults the process has made which have not +required loading a memory page from disk. +.TP +(11) \fIcminflt\fP \ %lu +The number of minor faults that the process's +waited-for children have made. +.TP +(12) \fImajflt\fP \ %lu +The number of major faults the process has made which have +required loading a memory page from disk. +.TP +(13) \fIcmajflt\fP \ %lu +The number of major faults that the process's +waited-for children have made. +.TP +(14) \fIutime\fP \ %lu +Amount of time that this process has been scheduled in user mode, +measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +This includes guest time, \fIguest_time\fP +(time spent running a virtual CPU, see below), +so that applications that are not aware of the guest time field +do not lose that time from their calculations. +.TP +(15) \fIstime\fP \ %lu +Amount of time that this process has been scheduled in kernel mode, +measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +.TP +(16) \fIcutime\fP \ %ld +Amount of time that this process's +waited-for children have been scheduled in user mode, +measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +(See also +.BR times (2).) +This includes guest time, \fIcguest_time\fP +(time spent running a virtual CPU, see below). +.TP +(17) \fIcstime\fP \ %ld +Amount of time that this process's +waited-for children have been scheduled in kernel mode, +measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +.TP +(18) \fIpriority\fP \ %ld +(Explanation for Linux 2.6) +For processes running a real-time scheduling policy +.RI ( policy +below; see +.BR sched_setscheduler (2)), +this is the negated scheduling priority, minus one; +that is, a number in the range \-2 to \-100, +corresponding to real-time priorities 1 to 99. +For processes running under a non-real-time scheduling policy, +this is the raw nice value +.RB ( setpriority (2)) +as represented in the kernel. +The kernel stores nice values as numbers +in the range 0 (high) to 39 (low), +corresponding to the user-visible nice range of \-20 to 19. +.IP +Before Linux 2.6, this was a scaled value based on +the scheduler weighting given to this process. +.\" And back in Linux 1.2 days things were different again. +.TP +(19) \fInice\fP \ %ld +The nice value (see +.BR setpriority (2)), +a value in the range 19 (low priority) to \-20 (high priority). +.\" Back in Linux 1.2 days things were different. +.\" .TP +.\" \fIcounter\fP %ld +.\" The current maximum size in jiffies of the process's next timeslice, +.\" or what is currently left of its current timeslice, if it is the +.\" currently running process. +.\" .TP +.\" \fItimeout\fP %u +.\" The time in jiffies of the process's next timeout. +.\" timeout was removed sometime around 2.1/2.2 +.TP +(20) \fInum_threads\fP \ %ld +Number of threads in this process (since Linux 2.6). +Before Linux 2.6, this field was hard coded to 0 as a placeholder +for an earlier removed field. +.TP +(21) \fIitrealvalue\fP \ %ld +The time in jiffies before the next +.B SIGALRM +is sent to the process due to an interval timer. +Since Linux 2.6.17, this field is no longer maintained, +and is hard coded as 0. +.TP +(22) \fIstarttime\fP \ %llu +The time the process started after system boot. +Before Linux 2.6, this value was expressed in jiffies. +Since Linux 2.6, the value is expressed in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +.IP +The format for this field was %lu before Linux 2.6. +.TP +(23) \fIvsize\fP \ %lu +Virtual memory size in bytes. +.TP +(24) \fIrss\fP \ %ld +Resident Set Size: number of pages the process has in real memory. +This is just the pages which +count toward text, data, or stack space. +This does not include pages +which have not been demand-loaded in, or which are swapped out. +This value is inaccurate; see +.IR /proc/ pid /statm +below. +.TP +(25) \fIrsslim\fP \ %lu +Current soft limit in bytes on the rss of the process; +see the description of +.B RLIMIT_RSS +in +.BR getrlimit (2). +.TP +(26) \fIstartcode\fP \ %lu \ [PT] +The address above which program text can run. +.TP +(27) \fIendcode\fP \ %lu \ [PT] +The address below which program text can run. +.TP +(28) \fIstartstack\fP \ %lu \ [PT] +The address of the start (i.e., bottom) of the stack. +.TP +(29) \fIkstkesp\fP \ %lu \ [PT] +The current value of ESP (stack pointer), as found in the +kernel stack page for the process. +.TP +(30) \fIkstkeip\fP \ %lu \ [PT] +The current EIP (instruction pointer). +.TP +(31) \fIsignal\fP \ %lu +The bitmap of pending signals, displayed as a decimal number. +Obsolete, because it does not provide information on real-time signals; use +.IR /proc/ pid /status +instead. +.TP +(32) \fIblocked\fP \ %lu +The bitmap of blocked signals, displayed as a decimal number. +Obsolete, because it does not provide information on real-time signals; use +.IR /proc/ pid /status +instead. +.TP +(33) \fIsigignore\fP \ %lu +The bitmap of ignored signals, displayed as a decimal number. +Obsolete, because it does not provide information on real-time signals; use +.IR /proc/ pid /status +instead. +.TP +(34) \fIsigcatch\fP \ %lu +The bitmap of caught signals, displayed as a decimal number. +Obsolete, because it does not provide information on real-time signals; use +.IR /proc/ pid /status +instead. +.TP +(35) \fIwchan\fP \ %lu \ [PT] +This is the "channel" in which the process is waiting. +It is the address of a location in the kernel where the process is sleeping. +The corresponding symbolic name can be found in +.IR /proc/ pid /wchan . +.TP +(36) \fInswap\fP \ %lu +.\" nswap was added in Linux 2.0 +Number of pages swapped (not maintained). +.TP +(37) \fIcnswap\fP \ %lu +.\" cnswap was added in Linux 2.0 +Cumulative \fInswap\fP for child processes (not maintained). +.TP +(38) \fIexit_signal\fP \ %d \ (since Linux 2.1.22) +Signal to be sent to parent when we die. +.TP +(39) \fIprocessor\fP \ %d \ (since Linux 2.2.8) +CPU number last executed on. +.TP +(40) \fIrt_priority\fP \ %u \ (since Linux 2.5.19) +Real-time scheduling priority, a number in the range 1 to 99 for +processes scheduled under a real-time policy, +or 0, for non-real-time processes (see +.BR sched_setscheduler (2)). +.TP +(41) \fIpolicy\fP \ %u \ (since Linux 2.5.19) +Scheduling policy (see +.BR sched_setscheduler (2)). +Decode using the SCHED_* constants in +.IR linux/sched.h . +.IP +The format for this field was %lu before Linux 2.6.22. +.TP +(42) \fIdelayacct_blkio_ticks\fP \ %llu \ (since Linux 2.6.18) +Aggregated block I/O delays, measured in clock ticks (centiseconds). +.TP +(43) \fIguest_time\fP \ %lu \ (since Linux 2.6.24) +Guest time of the process (time spent running a virtual CPU +for a guest operating system), measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +.TP +(44) \fIcguest_time\fP \ %ld \ (since Linux 2.6.24) +Guest time of the process's children, measured in clock ticks (divide by +.IR sysconf(_SC_CLK_TCK) ). +.TP +(45) \fIstart_data\fP \ %lu \ (since Linux 3.3) \ [PT] +.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff +Address above which program initialized and +uninitialized (BSS) data are placed. +.TP +(46) \fIend_data\fP \ %lu \ (since Linux 3.3) \ [PT] +.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff +Address below which program initialized and +uninitialized (BSS) data are placed. +.TP +(47) \fIstart_brk\fP \ %lu \ (since Linux 3.3) \ [PT] +.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff +Address above which program heap can be expanded with +.BR brk (2). +.TP +(48) \fIarg_start\fP \ %lu \ (since Linux 3.5) \ [PT] +.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3 +Address above which program command-line arguments +.RI ( argv ) +are placed. +.TP +(49) \fIarg_end\fP \ %lu \ (since Linux 3.5) \ [PT] +.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3 +Address below program command-line arguments +.RI ( argv ) +are placed. +.TP +(50) \fIenv_start\fP \ %lu \ (since Linux 3.5) \ [PT] +.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3 +Address above which program environment is placed. +.TP +(51) \fIenv_end\fP \ %lu \ (since Linux 3.5) \ [PT] +.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3 +Address below which program environment is placed. +.TP +(52) \fIexit_code\fP \ %d \ (since Linux 3.5) \ [PT] +.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3 +The thread's exit status in the form reported by +.BR waitpid (2). +.RE +.TP +.IR /proc/ pid /statm +Provides information about memory usage, measured in pages. +The columns are: +.IP +.in +4n +.EX +size (1) total program size + (same as VmSize in \fI/proc/\fPpid\fI/status\fP) +resident (2) resident set size + (inaccurate; same as VmRSS in \fI/proc/\fPpid\fI/status\fP) +shared (3) number of resident shared pages + (i.e., backed by a file) + (inaccurate; same as RssFile+RssShmem in + \fI/proc/\fPpid\fI/status\fP) +text (4) text (code) +.\" (not including libs; broken, includes data segment) +lib (5) library (unused since Linux 2.6; always 0) +data (6) data + stack +.\" (including libs; broken, includes library text) +dt (7) dirty pages (unused since Linux 2.6; always 0) +.EE +.in +.IP +.\" See SPLIT_RSS_COUNTING in the kernel. +.\" Inaccuracy is bounded by TASK_RSS_EVENTS_THRESH. +Some of these values are inaccurate because +of a kernel-internal scalability optimization. +If accurate values are required, use +.IR /proc/ pid /smaps +or +.IR /proc/ pid /smaps_rollup +instead, which are much slower but provide accurate, detailed information. +.TP +.IR /proc/ pid /status +Provides much of the information in +.IR /proc/ pid /stat +and +.IR /proc/ pid /statm +in a format that's easier for humans to parse. +Here's an example: +.IP +.in +4n +.EX +.RB "$" " cat /proc/$$/status" +Name: bash +Umask: 0022 +State: S (sleeping) +Tgid: 17248 +Ngid: 0 +Pid: 17248 +PPid: 17200 +TracerPid: 0 +Uid: 1000 1000 1000 1000 +Gid: 100 100 100 100 +FDSize: 256 +Groups: 16 33 100 +NStgid: 17248 +NSpid: 17248 +NSpgid: 17248 +NSsid: 17200 +VmPeak: 131168 kB +VmSize: 131168 kB +VmLck: 0 kB +VmPin: 0 kB +VmHWM: 13484 kB +VmRSS: 13484 kB +RssAnon: 10264 kB +RssFile: 3220 kB +RssShmem: 0 kB +VmData: 10332 kB +VmStk: 136 kB +VmExe: 992 kB +VmLib: 2104 kB +VmPTE: 76 kB +VmPMD: 12 kB +VmSwap: 0 kB +HugetlbPages: 0 kB # 4.4 +CoreDumping: 0 # 4.15 +Threads: 1 +SigQ: 0/3067 +SigPnd: 0000000000000000 +ShdPnd: 0000000000000000 +SigBlk: 0000000000010000 +SigIgn: 0000000000384004 +SigCgt: 000000004b813efb +CapInh: 0000000000000000 +CapPrm: 0000000000000000 +CapEff: 0000000000000000 +CapBnd: ffffffffffffffff +CapAmb: 0000000000000000 +NoNewPrivs: 0 +Seccomp: 0 +Speculation_Store_Bypass: vulnerable +Cpus_allowed: 00000001 +Cpus_allowed_list: 0 +Mems_allowed: 1 +Mems_allowed_list: 0 +voluntary_ctxt_switches: 150 +nonvoluntary_ctxt_switches: 545 +.EE +.in +.IP +The fields are as follows: +.RS +.TP +.I Name +Command run by this process. +Strings longer than +.B TASK_COMM_LEN +(16) characters (including the terminating null byte) are silently truncated. +.TP +.I Umask +Process umask, expressed in octal with a leading zero; see +.BR umask (2). +(Since Linux 4.7.) +.TP +.I State +Current state of the process. +One of +"R (running)", +"S (sleeping)", +"D (disk sleep)", +"T (stopped)", +"t (tracing stop)", +"Z (zombie)", +or +"X (dead)". +.TP +.I Tgid +Thread group ID (i.e., Process ID). +.TP +.I Ngid +NUMA group ID (0 if none; since Linux 3.13). +.TP +.I Pid +Thread ID (see +.BR gettid (2)). +.TP +.I PPid +PID of parent process. +.TP +.I TracerPid +PID of process tracing this process (0 if not being traced). +.TP +.IR Uid ", " Gid +Real, effective, saved set, and filesystem UIDs (GIDs). +.TP +.I FDSize +Number of file descriptor slots currently allocated. +.TP +.I Groups +Supplementary group list. +.TP +.I NStgid +Thread group ID (i.e., PID) in each of the PID namespaces of which +.I pid +is a member. +The leftmost entry shows the value with respect to the PID namespace +of the process that mounted this procfs (or the root namespace +if mounted by the kernel), +followed by the value in successively nested inner namespaces. +.\" commit e4bc33245124db69b74a6d853ac76c2976f472d5 +(Since Linux 4.1.) +.TP +.I NSpid +Thread ID in each of the PID namespaces of which +.I pid +is a member. +The fields are ordered as for +.IR NStgid . +(Since Linux 4.1.) +.TP +.I NSpgid +Process group ID in each of the PID namespaces of which +.I pid +is a member. +The fields are ordered as for +.IR NStgid . +(Since Linux 4.1.) +.TP +.I NSsid +descendant namespace session ID hierarchy +Session ID in each of the PID namespaces of which +.I pid +is a member. +The fields are ordered as for +.IR NStgid . +(Since Linux 4.1.) +.TP +.I VmPeak +Peak virtual memory size. +.TP +.I VmSize +Virtual memory size. +.TP +.I VmLck +Locked memory size (see +.BR mlock (2)). +.TP +.I VmPin +Pinned memory size +.\" commit bc3e53f682d93df677dbd5006a404722b3adfe18 +(since Linux 3.2). +These are pages that can't be moved because something needs to +directly access physical memory. +.TP +.I VmHWM +Peak resident set size ("high water mark"). +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I VmRSS +Resident set size. +Note that the value here is the sum of +.IR RssAnon , +.IR RssFile , +and +.IR RssShmem . +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I RssAnon +Size of resident anonymous memory. +.\" commit bf9683d6990589390b5178dafe8fd06808869293 +(since Linux 4.5). +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I RssFile +Size of resident file mappings. +.\" commit bf9683d6990589390b5178dafe8fd06808869293 +(since Linux 4.5). +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I RssShmem +Size of resident shared memory (includes System V shared memory, +mappings from +.BR tmpfs (5), +and shared anonymous mappings). +.\" commit bf9683d6990589390b5178dafe8fd06808869293 +(since Linux 4.5). +.TP +.IR VmData ", " VmStk ", " VmExe +Size of data, stack, and text segments. +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I VmLib +Shared library code size. +.TP +.I VmPTE +Page table entries size (since Linux 2.6.10). +.TP +.I VmPMD +.\" commit dc6c9a35b66b520cf67e05d8ca60ebecad3b0479 +Size of second-level page tables (added in Linux 4.0; removed in Linux 4.15). +.TP +.I VmSwap +.\" commit b084d4353ff99d824d3bc5a5c2c22c70b1fba722 +Swapped-out virtual memory size by anonymous private pages; +shmem swap usage is not included (since Linux 2.6.34). +This value is inaccurate; see +.IR /proc/ pid /statm +above. +.TP +.I HugetlbPages +Size of hugetlb memory portions +.\" commit 5d317b2b6536592a9b51fe65faed43d65ca9158e +(since Linux 4.4). +.TP +.I CoreDumping +Contains the value 1 if the process is currently dumping core, +and 0 if it is not +.\" commit c643401218be0f4ab3522e0c0a63016596d6e9ca +(since Linux 4.15). +This information can be used by a monitoring process to avoid killing +a process that is currently dumping core, +which could result in a corrupted core dump file. +.TP +.I Threads +Number of threads in process containing this thread. +.TP +.I SigQ +This field contains two slash-separated numbers that relate to +queued signals for the real user ID of this process. +The first of these is the number of currently queued +signals for this real user ID, and the second is the +resource limit on the number of queued signals for this process +(see the description of +.B RLIMIT_SIGPENDING +in +.BR getrlimit (2)). +.TP +.IR SigPnd ", " ShdPnd +Mask (expressed in hexadecimal) +of signals pending for thread and for process as a whole (see +.BR pthreads (7) +and +.BR signal (7)). +.TP +.IR SigBlk ", " SigIgn ", " SigCgt +Masks (expressed in hexadecimal) +indicating signals being blocked, ignored, and caught (see +.BR signal (7)). +.TP +.IR CapInh ", " CapPrm ", " CapEff +Masks (expressed in hexadecimal) +of capabilities enabled in inheritable, permitted, and effective sets +(see +.BR capabilities (7)). +.TP +.I CapBnd +Capability bounding set, expressed in hexadecimal +(since Linux 2.6.26, see +.BR capabilities (7)). +.TP +.I CapAmb +Ambient capability set, expressed in hexadecimal +(since Linux 4.3, see +.BR capabilities (7)). +.TP +.I NoNewPrivs +.\" commit af884cd4a5ae62fcf5e321fecf0ec1014730353d +Value of the +.I no_new_privs +bit +(since Linux 4.10, see +.BR prctl (2)). +.TP +.I Seccomp +.\" commit 2f4b3bf6b2318cfaa177ec5a802f4d8d6afbd816 +Seccomp mode of the process +(since Linux 3.8, see +.BR seccomp (2)). +0 means +.BR SECCOMP_MODE_DISABLED ; +1 means +.BR SECCOMP_MODE_STRICT ; +2 means +.BR SECCOMP_MODE_FILTER . +This field is provided only if the kernel was built with the +.B CONFIG_SECCOMP +kernel configuration option enabled. +.TP +.I Speculation_Store_Bypass +.\" commit fae1fa0fc6cca8beee3ab8ed71d54f9a78fa3f64 +Speculation flaw mitigation state +(since Linux 4.17, see +.BR prctl (2)). +.TP +.I Cpus_allowed +Hexadecimal mask of CPUs on which this process may run +(since Linux 2.6.24, see +.BR cpuset (7)). +.TP +.I Cpus_allowed_list +Same as previous, but in "list format" +(since Linux 2.6.26, see +.BR cpuset (7)). +.TP +.I Mems_allowed +Mask of memory nodes allowed to this process +(since Linux 2.6.24, see +.BR cpuset (7)). +.TP +.I Mems_allowed_list +Same as previous, but in "list format" +(since Linux 2.6.26, see +.BR cpuset (7)). +.TP +.IR voluntary_ctxt_switches ", " nonvoluntary_ctxt_switches +Number of voluntary and involuntary context switches (since Linux 2.6.23). +.RE +.TP +.IR /proc/ pid /syscall " (since Linux 2.6.27)" +.\" commit ebcb67341fee34061430f3367f2e507e52ee051b +This file exposes the system call number and argument registers for the +system call currently being executed by the process, +followed by the values of the stack pointer and program counter registers. +The values of all six argument registers are exposed, +although most system calls use fewer registers. +.IP +If the process is blocked, but not in a system call, +then the file displays \-1 in place of the system call number, +followed by just the values of the stack pointer and program counter. +If process is not blocked, then the file contains just the string "running". +.IP +This file is present only if the kernel was configured with +.BR CONFIG_HAVE_ARCH_TRACEHOOK . +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_ATTACH_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ pid /task " (since Linux 2.6.0)" +.\" Precisely: Linux 2.6.0-test6 +This is a directory that contains one subdirectory +for each thread in the process. +The name of each subdirectory is the numerical thread ID +.RI ( tid ) +of the thread (see +.BR gettid (2)). +.IP +Within each of these subdirectories, there is a set of +files with the same names and contents as under the +.IR /proc/ pid +directories. +For attributes that are shared by all threads, the contents for +each of the files under the +.IR task/ tid +subdirectories will be the same as in the corresponding +file in the parent +.IR /proc/ pid +directory +(e.g., in a multithreaded process, all of the +.IR task/ tid /cwd +files will have the same value as the +.IR /proc/ pid /cwd +file in the parent directory, since all of the threads in a process +share a working directory). +For attributes that are distinct for each thread, +the corresponding files under +.IR task/ tid +may have different values (e.g., various fields in each of the +.IR task/ tid /status +files may be different for each thread), +.\" in particular: "children" :/ +or they might not exist in +.IR /proc/ pid +at all. +.IP +.\" The following was still true as at kernel 2.6.13 +In a multithreaded process, the contents of the +.IR /proc/ pid /task +directory are not available if the main thread has already terminated +(typically by calling +.BR pthread_exit (3)). +.TP +.IR /proc/ pid /task/ tid /children " (since Linux 3.5)" +.\" commit 818411616baf46ceba0cff6f05af3a9b294734f7 +A space-separated list of child tasks of this task. +Each child task is represented by its TID. +.IP +.\" see comments in get_children_pid() in fs/proc/array.c +This option is intended for use by the checkpoint-restore (CRIU) system, +and reliably provides a list of children only if all of the child processes +are stopped or frozen. +It does not work properly if children of the target task exit while +the file is being read! +Exiting children may cause non-exiting children to be omitted from the list. +This makes this interface even more unreliable than classic PID-based +approaches if the inspected task and its children aren't frozen, +and most code should probably not use this interface. +.IP +Until Linux 4.2, the presence of this file was governed by the +.B CONFIG_CHECKPOINT_RESTORE +kernel configuration option. +Since Linux 4.2, +.\" commit 2e13ba54a2682eea24918b87ad3edf70c2cf085b +it is governed by the +.B CONFIG_PROC_CHILDREN +option. +.TP +.IR /proc/ pid /timers " (since Linux 3.10)" +.\" commit 5ed67f05f66c41e39880a6d61358438a25f9fee5 +.\" commit 48f6a7a511ef8823fdff39afee0320092d43a8a0 +A list of the POSIX timers for this process. +Each timer is listed with a line that starts with the string "ID:". +For example: +.IP +.in +4n +.EX +ID: 1 +signal: 60/00007fff86e452a8 +notify: signal/pid.2634 +ClockID: 0 +ID: 0 +signal: 60/00007fff86e452a8 +notify: signal/pid.2634 +ClockID: 1 +.EE +.in +.IP +The lines shown for each timer have the following meanings: +.RS +.TP +.I ID +The ID for this timer. +This is not the same as the timer ID returned by +.BR timer_create (2); +rather, it is the same kernel-internal ID that is available via the +.I si_timerid +field of the +.I siginfo_t +structure (see +.BR sigaction (2)). +.TP +.I signal +This is the signal number that this timer uses to deliver notifications +followed by a slash, and then the +.I sigev_value +value supplied to the signal handler. +Valid only for timers that notify via a signal. +.TP +.I notify +The part before the slash specifies the mechanism +that this timer uses to deliver notifications, +and is one of "thread", "signal", or "none". +Immediately following the slash is either the string "tid" for timers +with +.B SIGEV_THREAD_ID +notification, or "pid" for timers that notify by other mechanisms. +Following the "." is the PID of the process +(or the kernel thread ID of the thread) that will be delivered +a signal if the timer delivers notifications via a signal. +.TP +.I ClockID +This field identifies the clock that the timer uses for measuring time. +For most clocks, this is a number that matches one of the user-space +.B CLOCK_* +constants exposed via +.IR <time.h> . +.B CLOCK_PROCESS_CPUTIME_ID +timers display with a value of \-6 +in this field. +.B CLOCK_THREAD_CPUTIME_ID +timers display with a value of \-2 +in this field. +.RE +.IP +This file is available only when the kernel was configured with +.BR CONFIG_CHECKPOINT_RESTORE . +.TP +.IR /proc/ pid /timerslack_ns " (since Linux 4.6)" +.\" commit da8b44d5a9f8bf26da637b7336508ca534d6b319 +.\" commit 5de23d435e88996b1efe0e2cebe242074ce67c9e +This file exposes the process's "current" timer slack value, +expressed in nanoseconds. +The file is writable, +allowing the process's timer slack value to be changed. +Writing 0 to this file resets the "current" timer slack to the +"default" timer slack value. +For further details, see the discussion of +.B PR_SET_TIMERSLACK +in +.BR prctl (2). +.IP +Initially, +permission to access this file was governed by a ptrace access mode +.B PTRACE_MODE_ATTACH_FSCREDS +check (see +.BR ptrace (2)). +However, this was subsequently deemed too strict a requirement +(and had the side effect that requiring a process to have the +.B CAP_SYS_PTRACE +capability would also allow it to view and change any process's memory). +Therefore, since Linux 4.9, +.\" commit 7abbaf94049914f074306d960b0f968ffe52e59f +only the (weaker) +.B CAP_SYS_NICE +capability is required to access this file. +.TP +.IR /proc/ pid /uid_map " (since Linux 3.5)" +See +.BR user_namespaces (7). +.TP +.IR /proc/ pid /wchan " (since Linux 2.6.0)" +The symbolic name corresponding to the location +in the kernel where the process is sleeping. +.IP +Permission to access this file is governed by a ptrace access mode +.B PTRACE_MODE_READ_FSCREDS +check; see +.BR ptrace (2). +.TP +.IR /proc/ tid +There is a numerical subdirectory for each running thread +that is not a thread group leader +(i.e., a thread whose thread ID is not the same as its process ID); +the subdirectory is named by the thread ID. +Each one of these subdirectories contains files and subdirectories +exposing information about the thread with the thread ID +.IR tid . +The contents of these directories are the same as the corresponding +.IR /proc/ pid /task/ tid +directories. +.IP +The +.IR /proc/ tid +subdirectories are +.I not +visible when iterating through +.I /proc +with +.BR getdents (2) +(and thus are +.I not +visible when one uses +.BR ls (1) +to view the contents of +.IR /proc ). +However, the pathnames of these directories are visible to +(i.e., usable as arguments in) +system calls that operate on pathnames. +.TP +.I /proc/apm +Advanced power management version and battery information when +.B CONFIG_APM +is defined at kernel compilation time. +.TP +.I /proc/buddyinfo +This file contains information which is used for diagnosing memory +fragmentation issues. +Each line starts with the identification of the node and the name +of the zone which together identify a memory region. +This is then +followed by the count of available chunks of a certain order in +which these zones are split. +The size in bytes of a certain order is given by the formula: +.IP +.in +4n +.EX +(2\[ha]order)\ *\ PAGE_SIZE +.EE +.in +.IP +The binary buddy allocator algorithm inside the kernel will split +one chunk into two chunks of a smaller order (thus with half the +size) or combine two contiguous chunks into one larger chunk of +a higher order (thus with double the size) to satisfy allocation +requests and to counter memory fragmentation. +The order matches the column number, when starting to count at zero. +.IP +For example on an x86-64 system: +.RS -12 +.EX +Node 0, zone DMA 1 1 1 0 2 1 1 0 1 1 3 +Node 0, zone DMA32 65 47 4 81 52 28 13 10 5 1 404 +Node 0, zone Normal 216 55 189 101 84 38 37 27 5 3 587 +.EE +.RE +.IP +In this example, there is one node containing three zones and there +are 11 different chunk sizes. +If the page size is 4 kilobytes, then the first zone called +.I DMA +(on x86 the first 16 megabyte of memory) has 1 chunk of 4 kilobytes +(order 0) available and has 3 chunks of 4 megabytes (order 10) available. +.IP +If the memory is heavily fragmented, the counters for higher +order chunks will be zero and allocation of large contiguous areas +will fail. +.IP +Further information about the zones can be found in +.IR /proc/zoneinfo . +.TP +.I /proc/bus +Contains subdirectories for installed buses. +.TP +.I /proc/bus/pccard +Subdirectory for PCMCIA devices when +.B CONFIG_PCMCIA +is set at kernel compilation time. +.TP +.I /proc/bus/pccard/drivers +.TP +.I /proc/bus/pci +Contains various bus subdirectories and pseudo-files containing +information about PCI buses, installed devices, and device +drivers. +Some of these files are not ASCII. +.TP +.I /proc/bus/pci/devices +Information about PCI devices. +They may be accessed through +.BR lspci (8) +and +.BR setpci (8). +.TP +.IR /proc/cgroups " (since Linux 2.6.24)" +See +.BR cgroups (7). +.TP +.I /proc/cmdline +Arguments passed to the Linux kernel at boot time. +Often done via a boot manager such as +.BR lilo (8) +or +.BR grub (8). +Any arguments embedded in the kernel image or initramfs via +.B CONFIG_BOOT_CONFIG +will also be displayed. +.TP +.IR /proc/config.gz " (since Linux 2.6)" +This file exposes the configuration options that were used +to build the currently running kernel, +in the same format as they would be shown in the +.I .config +file that resulted when configuring the kernel (using +.IR "make xconfig" , +.IR "make config" , +or similar). +The file contents are compressed; view or search them using +.BR zcat (1) +and +.BR zgrep (1). +As long as no changes have been made to the following file, +the contents of +.I /proc/config.gz +are the same as those provided by: +.IP +.in +4n +.EX +cat /lib/modules/$(uname \-r)/build/.config +.EE +.in +.IP +.I /proc/config.gz +is provided only if the kernel is configured with +.BR CONFIG_IKCONFIG_PROC . +.TP +.I /proc/crypto +A list of the ciphers provided by the kernel crypto API. +For details, see the kernel +.I "Linux Kernel Crypto API" +documentation available under the kernel source directory +.I Documentation/crypto/ +.\" commit 3b72c814a8e8cd638e1ba0da4dfce501e9dff5af +(or +.I Documentation/DocBook +before Linux 4.10; +the documentation can be built using a command such as +.I make htmldocs +in the root directory of the kernel source tree). +.TP +.I /proc/cpuinfo +This is a collection of CPU and system architecture dependent items, +for each supported architecture a different list. +Two common entries are \fIprocessor\fP which gives CPU number and +\fIbogomips\fP; a system constant that is calculated +during kernel initialization. +SMP machines have information for +each CPU. +The +.BR lscpu (1) +command gathers its information from this file. +.TP +.I /proc/devices +Text listing of major numbers and device groups. +This can be used by MAKEDEV scripts for consistency with the kernel. +.TP +.IR /proc/diskstats " (since Linux 2.5.69)" +This file contains disk I/O statistics for each disk device. +See the Linux kernel source file +.I Documentation/admin\-guide/iostats.rst +(or +.I Documentation/iostats.txt +before Linux 5.3) +for further information. +.TP +.I /proc/dma +This is a list of the registered \fIISA\fP DMA (direct memory access) +channels in use. +.TP +.I /proc/driver +Empty subdirectory. +.TP +.I /proc/execdomains +Used to list ABI personalities before Linux 4.1; +now contains a constant string for userspace compatibility. +.TP +.I /proc/fb +Frame buffer information when +.B CONFIG_FB +is defined during kernel compilation. +.TP +.I /proc/filesystems +A text listing of the filesystems which are supported by the kernel, +namely filesystems which were compiled into the kernel or whose kernel +modules are currently loaded. +(See also +.BR filesystems (5).) +If a filesystem is marked with "nodev", +this means that it does not require a block device to be mounted +(e.g., virtual filesystem, network filesystem). +.IP +Incidentally, this file may be used by +.BR mount (8) +when no filesystem is specified and it didn't manage to determine the +filesystem type. +Then filesystems contained in this file are tried +(excepted those that are marked with "nodev"). +.TP +.I /proc/fs +.\" FIXME Much more needs to be said about /proc/fs +.\" +Contains subdirectories that in turn contain files +with information about (certain) mounted filesystems. +.TP +.I /proc/ide +This directory +exists on systems with the IDE bus. +There are directories for each IDE channel and attached device. +Files include: +.IP +.in +4n +.EX +cache buffer size in KB +capacity number of sectors +driver driver version +geometry physical and logical geometry +identify in hexadecimal +media media type +model manufacturer\[aq]s model number +settings drive settings +smart_thresholds IDE disk management thresholds (in hex) +smart_values IDE disk management values (in hex) +.EE +.in +.IP +The +.BR hdparm (8) +utility provides access to this information in a friendly format. +.TP +.I /proc/interrupts +This is used to record the number of interrupts per CPU per IO device. +Since Linux 2.6.24, +for the i386 and x86-64 architectures, at least, this also includes +interrupts internal to the system (that is, not associated with a device +as such), such as NMI (nonmaskable interrupt), LOC (local timer interrupt), +and for SMP systems, TLB (TLB flush interrupt), RES (rescheduling +interrupt), CAL (remote function call interrupt), and possibly others. +Very easy to read formatting, done in ASCII. +.TP +.I /proc/iomem +I/O memory map in Linux 2.4. +.TP +.I /proc/ioports +This is a list of currently registered Input-Output port regions that +are in use. +.TP +.IR /proc/kallsyms " (since Linux 2.5.71)" +This holds the kernel exported symbol definitions used by the +.BR modules (X) +tools to dynamically link and bind loadable modules. +In Linux 2.5.47 and earlier, a similar file with slightly different syntax +was named +.IR ksyms . +.TP +.I /proc/kcore +This file represents the physical memory of the system and is stored +in the ELF core file format. +With this pseudo-file, and an unstripped +kernel +.RI ( /usr/src/linux/vmlinux ) +binary, GDB can be used to +examine the current state of any kernel data structures. +.IP +The total length of the file is the size of physical memory (RAM) plus +4\ KiB. +.TP +.IR /proc/keys " (since Linux 2.6.10)" +See +.BR keyrings (7). +.TP +.IR /proc/key\-users " (since Linux 2.6.10)" +See +.BR keyrings (7). +.TP +.I /proc/kmsg +This file can be used instead of the +.BR syslog (2) +system call to read kernel messages. +A process must have superuser +privileges to read this file, and only one process should read this +file. +This file should not be read if a syslog process is running +which uses the +.BR syslog (2) +system call facility to log kernel messages. +.IP +Information in this file is retrieved with the +.BR dmesg (1) +program. +.TP +.IR /proc/kpagecgroup " (since Linux 4.3)" +.\" commit 80ae2fdceba8313b0433f899bdd9c6c463291a17 +This file contains a 64-bit inode number of +the memory cgroup each page is charged to, +indexed by page frame number (see the discussion of +.IR /proc/ pid /pagemap ). +.IP +The +.I /proc/kpagecgroup +file is present only if the +.B CONFIG_MEMCG +kernel configuration option is enabled. +.TP +.IR /proc/kpagecount " (since Linux 2.6.25)" +This file contains a 64-bit count of the number of +times each physical page frame is mapped, +indexed by page frame number (see the discussion of +.IR /proc/ pid /pagemap ). +.IP +The +.I /proc/kpagecount +file is present only if the +.B CONFIG_PROC_PAGE_MONITOR +kernel configuration option is enabled. +.TP +.IR /proc/kpageflags " (since Linux 2.6.25)" +This file contains 64-bit masks corresponding to each physical page frame; +it is indexed by page frame number (see the discussion of +.IR /proc/ pid /pagemap ). +The bits are as follows: +.RS +.IP +.TS +r l l l. +0 - KPF_LOCKED +1 - KPF_ERROR +2 - KPF_REFERENCED +3 - KPF_UPTODATE +4 - KPF_DIRTY +5 - KPF_LRU +6 - KPF_ACTIVE +7 - KPF_SLAB +8 - KPF_WRITEBACK +9 - KPF_RECLAIM +10 - KPF_BUDDY +11 - KPF_MMAP (since Linux 2.6.31) +12 - KPF_ANON (since Linux 2.6.31) +13 - KPF_SWAPCACHE (since Linux 2.6.31) +14 - KPF_SWAPBACKED (since Linux 2.6.31) +15 - KPF_COMPOUND_HEAD (since Linux 2.6.31) +16 - KPF_COMPOUND_TAIL (since Linux 2.6.31) +17 - KPF_HUGE (since Linux 2.6.31) +18 - KPF_UNEVICTABLE (since Linux 2.6.31) +19 - KPF_HWPOISON (since Linux 2.6.31) +20 - KPF_NOPAGE (since Linux 2.6.31) +21 - KPF_KSM (since Linux 2.6.32) +22 - KPF_THP (since Linux 3.4) +23 - KPF_BALLOON (since Linux 3.18) +.\" KPF_BALLOON: commit 09316c09dde33aae14f34489d9e3d243ec0d5938 +24 - KPF_ZERO_PAGE (since Linux 4.0) +.\" KPF_ZERO_PAGE: commit 56873f43abdcd574b25105867a990f067747b2f4 +25 - KPF_IDLE (since Linux 4.3) +.\" KPF_IDLE: commit f074a8f49eb87cde95ac9d040ad5e7ea4f029738 +26 - KPF_PGTABLE (since Linux 4.18) +.\" KPF_PGTABLE: commit 1d40a5ea01d53251c23c7be541d3f4a656cfc537 +.TE +.RE +.IP +For further details on the meanings of these bits, +see the kernel source file +.IR Documentation/admin\-guide/mm/pagemap.rst . +Before Linux 2.6.29, +.\" commit ad3bdefe877afb47480418fdb05ecd42842de65e +.\" commit e07a4b9217d1e97d2f3a62b6b070efdc61212110 +.BR KPF_WRITEBACK , +.BR KPF_RECLAIM , +.BR KPF_BUDDY , +and +.B KPF_LOCKED +did not report correctly. +.IP +The +.I /proc/kpageflags +file is present only if the +.B CONFIG_PROC_PAGE_MONITOR +kernel configuration option is enabled. +.TP +.IR /proc/ksyms " (Linux 1.1.23\[en]2.5.47)" +See +.IR /proc/kallsyms . +.TP +.I /proc/loadavg +The first three fields in this file are load average figures +giving the number of jobs in the run queue (state R) +or waiting for disk I/O (state D) averaged over 1, 5, and 15 minutes. +They are the same as the load average numbers given by +.BR uptime (1) +and other programs. +The fourth field consists of two numbers separated by a slash (/). +The first of these is the number of currently runnable kernel +scheduling entities (processes, threads). +The value after the slash is the number of kernel scheduling entities +that currently exist on the system. +The fifth field is the PID of the process that was most +recently created on the system. +.TP +.I /proc/locks +This file shows current file locks +.RB ( flock "(2) and " fcntl (2)) +and leases +.RB ( fcntl (2)). +.IP +An example of the content shown in this file is the following: +.IP +.in +4n +.EX +1: POSIX ADVISORY READ 5433 08:01:7864448 128 128 +2: FLOCK ADVISORY WRITE 2001 08:01:7864554 0 EOF +3: FLOCK ADVISORY WRITE 1568 00:2f:32388 0 EOF +4: POSIX ADVISORY WRITE 699 00:16:28457 0 EOF +5: POSIX ADVISORY WRITE 764 00:16:21448 0 0 +6: POSIX ADVISORY READ 3548 08:01:7867240 1 1 +7: POSIX ADVISORY READ 3548 08:01:7865567 1826 2335 +8: OFDLCK ADVISORY WRITE \-1 08:01:8713209 128 191 +.EE +.in +.IP +The fields shown in each line are as follows: +.RS +.IP [1] 5 +The ordinal position of the lock in the list. +.IP [2] +The lock type. +Values that may appear here include: +.RS +.TP +.B FLOCK +This is a BSD file lock created using +.BR flock (2). +.TP +.B OFDLCK +This is an open file description (OFD) lock created using +.BR fcntl (2). +.TP +.B POSIX +This is a POSIX byte-range lock created using +.BR fcntl (2). +.RE +.IP [3] +Among the strings that can appear here are the following: +.RS +.TP +.B ADVISORY +This is an advisory lock. +.TP +.B MANDATORY +This is a mandatory lock. +.RE +.IP [4] +The type of lock. +Values that can appear here are: +.RS +.TP +.B READ +This is a POSIX or OFD read lock, or a BSD shared lock. +.TP +.B WRITE +This is a POSIX or OFD write lock, or a BSD exclusive lock. +.RE +.IP [5] +The PID of the process that owns the lock. +.IP +Because OFD locks are not owned by a single process +(since multiple processes may have file descriptors that +refer to the same open file description), +the value \-1 is displayed in this field for OFD locks. +(Before Linux 4.14, +.\" commit 9d5b86ac13c573795525ecac6ed2db39ab23e2a8 +a bug meant that the PID of the process that +initially acquired the lock was displayed instead of the value \-1.) +.IP [6] +Three colon-separated subfields that identify the major and minor device +ID of the device containing the filesystem where the locked file resides, +followed by the inode number of the locked file. +.IP [7] +The byte offset of the first byte of the lock. +For BSD locks, this value is always 0. +.IP [8] +The byte offset of the last byte of the lock. +.B EOF +in this field means that the lock extends to the end of the file. +For BSD locks, the value shown is always +.IR EOF . +.RE +.IP +Since Linux 4.9, +.\" commit d67fd44f697dff293d7cdc29af929241b669affe +the list of locks shown in +.I /proc/locks +is filtered to show just the locks for the processes in the PID +namespace (see +.BR pid_namespaces (7)) +for which the +.I /proc +filesystem was mounted. +(In the initial PID namespace, +there is no filtering of the records shown in this file.) +.IP +The +.BR lslocks (8) +command provides a bit more information about each lock. +.TP +.IR /proc/malloc " (only up to and including Linux 2.2)" +.\" It looks like this only ever did something back in 1.0 days +This file is present only if +.B CONFIG_DEBUG_MALLOC +was defined during compilation. +.TP +.I /proc/meminfo +This file reports statistics about memory usage on the system. +It is used by +.BR free (1) +to report the amount of free and used memory (both physical and swap) +on the system as well as the shared memory and buffers used by the +kernel. +Each line of the file consists of a parameter name, followed by a colon, +the value of the parameter, and an option unit of measurement (e.g., "kB"). +The list below describes the parameter names and +the format specifier required to read the field value. +Except as noted below, +all of the fields have been present since at least Linux 2.6.0. +Some fields are displayed only if the kernel was configured +with various options; those dependencies are noted in the list. +.RS +.TP +.IR MemTotal " %lu" +Total usable RAM (i.e., physical RAM minus a few reserved +bits and the kernel binary code). +.TP +.IR MemFree " %lu" +The sum of +.IR LowFree + HighFree . +.TP +.IR MemAvailable " %lu (since Linux 3.14)" +An estimate of how much memory is available for starting new +applications, without swapping. +.TP +.IR Buffers " %lu" +Relatively temporary storage for raw disk blocks that +shouldn't get tremendously large (20 MB or so). +.TP +.IR Cached " %lu" +In-memory cache for files read from the disk (the page cache). +Doesn't include +.IR SwapCached . +.TP +.IR SwapCached " %lu" +Memory that once was swapped out, is swapped back in but +still also is in the swap file. +(If memory pressure is high, these pages +don't need to be swapped out again because they are already +in the swap file. +This saves I/O.) +.TP +.IR Active " %lu" +Memory that has been used more recently and usually not +reclaimed unless absolutely necessary. +.TP +.IR Inactive " %lu" +Memory which has been less recently used. +It is more eligible to be reclaimed for other purposes. +.TP +.IR Active(anon) " %lu (since Linux 2.6.28)" +[To be documented.] +.TP +.IR Inactive(anon) " %lu (since Linux 2.6.28)" +[To be documented.] +.TP +.IR Active(file) " %lu (since Linux 2.6.28)" +[To be documented.] +.TP +.IR Inactive(file) " %lu (since Linux 2.6.28)" +[To be documented.] +.TP +.IR Unevictable " %lu (since Linux 2.6.28)" +(From Linux 2.6.28 to Linux 2.6.30, +\fBCONFIG_UNEVICTABLE_LRU\fP was required.) +[To be documented.] +.TP +.IR Mlocked " %lu (since Linux 2.6.28)" +(From Linux 2.6.28 to Linux 2.6.30, +\fBCONFIG_UNEVICTABLE_LRU\fP was required.) +[To be documented.] +.TP +.IR HighTotal " %lu" +(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.) +Total amount of highmem. +Highmem is all memory above \[ti]860 MB of physical memory. +Highmem areas are for use by user-space programs, +or for the page cache. +The kernel must use tricks to access +this memory, making it slower to access than lowmem. +.TP +.IR HighFree " %lu" +(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.) +Amount of free highmem. +.TP +.IR LowTotal " %lu" +(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.) +Total amount of lowmem. +Lowmem is memory which can be used for everything that +highmem can be used for, but it is also available for the +kernel's use for its own data structures. +Among many other things, +it is where everything from +.I Slab +is allocated. +Bad things happen when you're out of lowmem. +.TP +.IR LowFree " %lu" +(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.) +Amount of free lowmem. +.TP +.IR MmapCopy " %lu (since Linux 2.6.29)" +.RB ( CONFIG_MMU +is required.) +[To be documented.] +.TP +.IR SwapTotal " %lu" +Total amount of swap space available. +.TP +.IR SwapFree " %lu" +Amount of swap space that is currently unused. +.TP +.IR Dirty " %lu" +Memory which is waiting to get written back to the disk. +.TP +.IR Writeback " %lu" +Memory which is actively being written back to the disk. +.TP +.IR AnonPages " %lu (since Linux 2.6.18)" +Non-file backed pages mapped into user-space page tables. +.TP +.IR Mapped " %lu" +Files which have been mapped into memory (with +.BR mmap (2)), +such as libraries. +.TP +.IR Shmem " %lu (since Linux 2.6.32)" +Amount of memory consumed in +.BR tmpfs (5) +filesystems. +.TP +.IR KReclaimable " %lu (since Linux 4.20)" +Kernel allocations that the kernel will attempt to reclaim +under memory pressure. +Includes +.I SReclaimable +(below), and other direct allocations with a shrinker. +.TP +.IR Slab " %lu" +In-kernel data structures cache. +(See +.BR slabinfo (5).) +.TP +.IR SReclaimable " %lu (since Linux 2.6.19)" +Part of +.IR Slab , +that might be reclaimed, such as caches. +.TP +.IR SUnreclaim " %lu (since Linux 2.6.19)" +Part of +.IR Slab , +that cannot be reclaimed on memory pressure. +.TP +.IR KernelStack " %lu (since Linux 2.6.32)" +Amount of memory allocated to kernel stacks. +.TP +.IR PageTables " %lu (since Linux 2.6.18)" +Amount of memory dedicated to the lowest level of page tables. +.TP +.IR Quicklists " %lu (since Linux 2.6.27)" +(\fBCONFIG_QUICKLIST\fP is required.) +[To be documented.] +.TP +.IR NFS_Unstable " %lu (since Linux 2.6.18)" +NFS pages sent to the server, but not yet committed to stable storage. +.TP +.IR Bounce " %lu (since Linux 2.6.18)" +Memory used for block device "bounce buffers". +.TP +.IR WritebackTmp " %lu (since Linux 2.6.26)" +Memory used by FUSE for temporary writeback buffers. +.TP +.IR CommitLimit " %lu (since Linux 2.6.10)" +This is the total amount of memory currently available to +be allocated on the system, expressed in kilobytes. +This limit is adhered to +only if strict overcommit accounting is enabled (mode 2 in +.IR /proc/sys/vm/overcommit_memory ). +The limit is calculated according to the formula described under +.IR /proc/sys/vm/overcommit_memory . +For further details, see the kernel source file +.IR Documentation/vm/overcommit\-accounting.rst . +.TP +.IR Committed_AS " %lu" +The amount of memory presently allocated on the system. +The committed memory is a sum of all of the memory which +has been allocated by processes, even if it has not been +"used" by them as of yet. +A process which allocates 1 GB of memory (using +.BR malloc (3) +or similar), but touches only 300 MB of that memory will show up +as using only 300 MB of memory even if it has the address space +allocated for the entire 1 GB. +.IP +This 1 GB is memory which has been "committed" to by the VM +and can be used at any time by the allocating application. +With strict overcommit enabled on the system (mode 2 in +.IR /proc/sys/vm/overcommit_memory ), +allocations which would exceed the +.I CommitLimit +will not be permitted. +This is useful if one needs to guarantee that processes will not +fail due to lack of memory once that memory has been successfully allocated. +.TP +.IR VmallocTotal " %lu" +Total size of vmalloc memory area. +.TP +.IR VmallocUsed " %lu" +Amount of vmalloc area which is used. +Since Linux 4.4, +.\" commit a5ad88ce8c7fae7ddc72ee49a11a75aa837788e0 +this field is no longer calculated, and is hard coded as 0. +See +.IR /proc/vmallocinfo . +.TP +.IR VmallocChunk " %lu" +Largest contiguous block of vmalloc area which is free. +Since Linux 4.4, +.\" commit a5ad88ce8c7fae7ddc72ee49a11a75aa837788e0 +this field is no longer calculated and is hard coded as 0. +See +.IR /proc/vmallocinfo . +.TP +.IR HardwareCorrupted " %lu (since Linux 2.6.32)" +(\fBCONFIG_MEMORY_FAILURE\fP is required.) +[To be documented.] +.TP +.IR LazyFree " %lu (since Linux 4.12)" +Shows the amount of memory marked by +.BR madvise (2) +.BR MADV_FREE . +.TP +.IR AnonHugePages " %lu (since Linux 2.6.38)" +(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.) +Non-file backed huge pages mapped into user-space page tables. +.TP +.IR ShmemHugePages " %lu (since Linux 4.8)" +(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.) +Memory used by shared memory (shmem) and +.BR tmpfs (5) +allocated with huge pages. +.TP +.IR ShmemPmdMapped " %lu (since Linux 4.8)" +(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.) +Shared memory mapped into user space with huge pages. +.TP +.IR CmaTotal " %lu (since Linux 3.1)" +Total CMA (Contiguous Memory Allocator) pages. +(\fBCONFIG_CMA\fP is required.) +.TP +.IR CmaFree " %lu (since Linux 3.1)" +Free CMA (Contiguous Memory Allocator) pages. +(\fBCONFIG_CMA\fP is required.) +.TP +.IR HugePages_Total " %lu" +(\fBCONFIG_HUGETLB_PAGE\fP is required.) +The size of the pool of huge pages. +.TP +.IR HugePages_Free " %lu" +(\fBCONFIG_HUGETLB_PAGE\fP is required.) +The number of huge pages in the pool that are not yet allocated. +.TP +.IR HugePages_Rsvd " %lu (since Linux 2.6.17)" +(\fBCONFIG_HUGETLB_PAGE\fP is required.) +This is the number of huge pages for +which a commitment to allocate from the pool has been made, +but no allocation has yet been made. +These reserved huge pages +guarantee that an application will be able to allocate a +huge page from the pool of huge pages at fault time. +.TP +.IR HugePages_Surp " %lu (since Linux 2.6.24)" +(\fBCONFIG_HUGETLB_PAGE\fP is required.) +This is the number of huge pages in +the pool above the value in +.IR /proc/sys/vm/nr_hugepages . +The maximum number of surplus huge pages is controlled by +.IR /proc/sys/vm/nr_overcommit_hugepages . +.TP +.IR Hugepagesize " %lu" +(\fBCONFIG_HUGETLB_PAGE\fP is required.) +The size of huge pages. +.TP +.IR DirectMap4k " %lu (since Linux 2.6.27)" +Number of bytes of RAM linearly mapped by kernel in 4 kB pages. +(x86.) +.TP +.IR DirectMap4M " %lu (since Linux 2.6.27)" +Number of bytes of RAM linearly mapped by kernel in 4 MB pages. +(x86 with +.B CONFIG_X86_64 +or +.B CONFIG_X86_PAE +enabled.) +.TP +.IR DirectMap2M " %lu (since Linux 2.6.27)" +Number of bytes of RAM linearly mapped by kernel in 2 MB pages. +(x86 with neither +.B CONFIG_X86_64 +nor +.B CONFIG_X86_PAE +enabled.) +.TP +.IR DirectMap1G " %lu (since Linux 2.6.27)" +(x86 with +.B CONFIG_X86_64 +and +.B CONFIG_X86_DIRECT_GBPAGES +enabled.) +.RE +.TP +.I /proc/modules +A text list of the modules that have been loaded by the system. +See also +.BR lsmod (8). +.TP +.I /proc/mounts +Before Linux 2.4.19, this file was a list +of all the filesystems currently mounted on the system. +With the introduction of per-process mount namespaces in Linux 2.4.19 (see +.BR mount_namespaces (7)), +this file became a link to +.IR /proc/self/mounts , +which lists the mounts of the process's own mount namespace. +The format of this file is documented in +.BR fstab (5). +.TP +.I /proc/mtrr +Memory Type Range Registers. +See the Linux kernel source file +.I Documentation/x86/mtrr.rst +(or +.I Documentation/x86/mtrr.txt +.\" commit 7225e75144b9718cbbe1820d9c011c809d5773fd +before Linux 5.2, or +.I Documentation/mtrr.txt +before Linux 2.6.28) +for details. +.TP +.I /proc/net +This directory contains various files and subdirectories containing +information about the networking layer. +The files contain ASCII structures and are, +therefore, readable with +.BR cat (1). +However, the standard +.BR netstat (8) +suite provides much cleaner access to these files. +.IP +With the advent of network namespaces, +various information relating to the network stack is virtualized (see +.BR network_namespaces (7)). +Thus, since Linux 2.6.25, +.\" commit e9720acd728a46cb40daa52c99a979f7c4ff195c +.I /proc/net +is a symbolic link to the directory +.IR /proc/self/net , +which contains the same files and directories as listed below. +However, these files and directories now expose information +for the network namespace of which the process is a member. +.TP +.I /proc/net/arp +This holds an ASCII readable dump of the kernel ARP table used for +address resolutions. +It will show both dynamically learned and preprogrammed ARP entries. +The format is: +.IP +.in +4n +.EX +IP address HW type Flags HW address Mask Device +192.168.0.50 0x1 0x2 00:50:BF:25:68:F3 * eth0 +192.168.0.250 0x1 0xc 00:00:00:00:00:00 * eth0 +.EE +.in +.IP +Here "IP address" is the IPv4 address of the machine and the "HW type" +is the hardware type of the address from RFC\ 826. +The flags are the internal +flags of the ARP structure (as defined in +.IR /usr/include/linux/if_arp.h ) +and +the "HW address" is the data link layer mapping for that IP address if +it is known. +.TP +.I /proc/net/dev +The dev pseudo-file contains network device status information. +This gives +the number of received and sent packets, the number of errors and +collisions +and other basic statistics. +These are used by the +.BR ifconfig (8) +program to report device status. +The format is: +.IP +.EX +Inter\-| Receive | Transmit + face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed + lo: 2776770 11307 0 0 0 0 0 0 2776770 11307 0 0 0 0 0 0 + eth0: 1215645 2751 0 0 0 0 0 0 1782404 4324 0 0 0 427 0 0 + ppp0: 1622270 5552 1 0 0 0 0 0 354130 5669 0 0 0 0 0 0 + tap0: 7714 81 0 0 0 0 0 0 7714 81 0 0 0 0 0 0 +.EE +.\" .TP +.\" .I /proc/net/ipx +.\" No information. +.\" .TP +.\" .I /proc/net/ipx_route +.\" No information. +.TP +.I /proc/net/dev_mcast +Defined in +.IR /usr/src/linux/net/core/dev_mcast.c : +.IP +.in +4n +.EX +indx interface_name dmi_u dmi_g dmi_address +2 eth0 1 0 01005e000001 +3 eth1 1 0 01005e000001 +4 eth2 1 0 01005e000001 +.EE +.in +.TP +.I /proc/net/igmp +Internet Group Management Protocol. +Defined in +.IR /usr/src/linux/net/core/igmp.c . +.TP +.I /proc/net/rarp +This file uses the same format as the +.I arp +file and contains the current reverse mapping database used to provide +.BR rarp (8) +reverse address lookup services. +If RARP is not configured into the +kernel, +this file will not be present. +.TP +.I /proc/net/raw +Holds a dump of the RAW socket table. +Much of the information is not of +use +apart from debugging. +The "sl" value is the kernel hash slot for the +socket, +the "local_address" is the local address and protocol number pair. +\&"St" is +the internal status of the socket. +The "tx_queue" and "rx_queue" are the +outgoing and incoming data queue in terms of kernel memory usage. +The "tr", "tm\->when", and "rexmits" fields are not used by RAW. +The "uid" +field holds the effective UID of the creator of the socket. +.\" .TP +.\" .I /proc/net/route +.\" No information, but looks similar to +.\" .BR route (8). +.TP +.I /proc/net/snmp +This file holds the ASCII data needed for the IP, ICMP, TCP, and UDP +management +information bases for an SNMP agent. +.TP +.I /proc/net/tcp +Holds a dump of the TCP socket table. +Much of the information is not +of use apart from debugging. +The "sl" value is the kernel hash slot +for the socket, the "local_address" is the local address and port number pair. +The "rem_address" is the remote address and port number pair +(if connected). +\&"St" is the internal status of the socket. +The "tx_queue" and "rx_queue" are the +outgoing and incoming data queue in terms of kernel memory usage. +The "tr", "tm\->when", and "rexmits" fields hold internal information of +the kernel socket state and are useful only for debugging. +The "uid" +field holds the effective UID of the creator of the socket. +.TP +.I /proc/net/udp +Holds a dump of the UDP socket table. +Much of the information is not of +use apart from debugging. +The "sl" value is the kernel hash slot for the +socket, the "local_address" is the local address and port number pair. +The "rem_address" is the remote address and port number pair +(if connected). +"St" is the internal status of the socket. +The "tx_queue" and "rx_queue" are the outgoing and incoming data queue +in terms of kernel memory usage. +The "tr", "tm\->when", and "rexmits" fields +are not used by UDP. +The "uid" +field holds the effective UID of the creator of the socket. +The format is: +.IP +.EX +sl local_address rem_address st tx_queue rx_queue tr rexmits tm\->when uid + 1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0 + 1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0 + 1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 +.EE +.TP +.I /proc/net/unix +Lists the UNIX domain sockets present within the system and their +status. +The format is: +.IP +.EX +Num RefCount Protocol Flags Type St Inode Path + 0: 00000002 00000000 00000000 0001 03 42 + 1: 00000001 00000000 00010000 0001 01 1948 /dev/printer +.EE +.IP +The fields are as follows: +.RS +.TP 10 +.IR Num : +the kernel table slot number. +.TP +.IR RefCount : +the number of users of the socket. +.TP +.IR Protocol : +currently always 0. +.TP +.IR Flags : +the internal kernel flags holding the status of the socket. +.TP +.IR Type : +the socket type. +For +.B SOCK_STREAM +sockets, this is 0001; for +.B SOCK_DGRAM +sockets, it is 0002; and for +.B SOCK_SEQPACKET +sockets, it is 0005. +.TP +.IR St : +the internal state of the socket. +.TP +.IR Inode : +the inode number of the socket. +.TP +.IR Path : +the bound pathname (if any) of the socket. +Sockets in the abstract namespace are included in the list, +and are shown with a +.I Path +that commences with the character '@'. +.RE +.TP +.I /proc/net/netfilter/nfnetlink_queue +This file contains information about netfilter user-space queueing, if used. +Each line represents a queue. +Queues that have not been subscribed to +by user space are not shown. +.IP +.in +4n +.EX + 1 4207 0 2 65535 0 0 0 1 + (1) (2) (3)(4) (5) (6) (7) (8) +.EE +.in +.IP +The fields in each line are: +.RS 7 +.TP 5 +(1) +The ID of the queue. +This matches what is specified in the +.B \-\-queue\-num +or +.B \-\-queue\-balance +options to the +.BR iptables (8) +NFQUEUE target. +See +.BR iptables\-extensions (8) +for more information. +.TP +(2) +The netlink port ID subscribed to the queue. +.TP +(3) +The number of packets currently queued and waiting to be processed by +the application. +.TP +(4) +The copy mode of the queue. +It is either 1 (metadata only) or 2 +(also copy payload data to user space). +.TP +(5) +Copy range; that is, how many bytes of packet payload should be copied to +user space at most. +.TP +(6) +queue dropped. +Number of packets that had to be dropped by the kernel because +too many packets are already waiting for user space to send back the mandatory +accept/drop verdicts. +.TP +(7) +queue user dropped. +Number of packets that were dropped within the netlink +subsystem. +Such drops usually happen when the corresponding socket buffer is +full; that is, user space is not able to read messages fast enough. +.TP +(8) +sequence number. +Every queued packet is associated with a (32-bit) +monotonically increasing sequence number. +This shows the ID of the most recent packet queued. +.RE +.IP +The last number exists only for compatibility reasons and is always 1. +.TP +.I /proc/partitions +Contains the major and minor numbers of each partition as well as the number +of 1024-byte blocks and the partition name. +.TP +.I /proc/pci +This is a listing of all PCI devices found during kernel initialization +and their configuration. +.IP +This file has been deprecated in favor of a new +.I /proc +interface for PCI +.RI ( /proc/bus/pci ). +It became optional in Linux 2.2 (available with +.B CONFIG_PCI_OLD_PROC +set at kernel compilation). +It became once more nonoptionally enabled in Linux 2.4. +Next, it was deprecated in Linux 2.6 (still available with +.B CONFIG_PCI_LEGACY_PROC +set), and finally removed altogether since Linux 2.6.17. +.\" FIXME Document /proc/sched_debug (since Linux 2.6.23) +.\" See also /proc/[pid]/sched +.TP +.IR /proc/profile " (since Linux 2.4)" +This file is present only if the kernel was booted with the +.I profile=1 +command-line option. +It exposes kernel profiling information in a binary format for use by +.BR readprofile (1). +Writing (e.g., an empty string) to this file resets the profiling counters; +on some architectures, +writing a binary integer "profiling multiplier" of size +.I sizeof(int) +sets the profiling interrupt frequency. +.TP +.I /proc/scsi +A directory with the +.I scsi +mid-level pseudo-file and various SCSI low-level +driver directories, +which contain a file for each SCSI host in this system, all of +which give the status of some part of the SCSI IO subsystem. +These files contain ASCII structures and are, therefore, readable with +.BR cat (1). +.IP +You can also write to some of the files to reconfigure the subsystem or +switch certain features on or off. +.TP +.I /proc/scsi/scsi +This is a listing of all SCSI devices known to the kernel. +The listing is similar to the one seen during bootup. +scsi currently supports only the \fIadd\-single\-device\fP command which +allows root to add a hotplugged device to the list of known devices. +.IP +The command +.IP +.in +4n +.EX +echo \[aq]scsi add\-single\-device 1 0 5 0\[aq] > /proc/scsi/scsi +.EE +.in +.IP +will cause +host scsi1 to scan on SCSI channel 0 for a device on ID 5 LUN 0. +If there +is already a device known on this address or the address is invalid, an +error will be returned. +.TP +.IR /proc/scsi/ drivername +\fIdrivername\fP can currently be NCR53c7xx, aha152x, aha1542, aha1740, +aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000, pas16, qlogic, +scsi_debug, seagate, t128, u15\-24f, ultrastore, or wd7000. +These directories show up for all drivers that registered at least one +SCSI HBA. +Every directory contains one file per registered host. +Every host-file is named after the number the host was assigned during +initialization. +.IP +Reading these files will usually show driver and host configuration, +statistics, and so on. +.IP +Writing to these files allows different things on different hosts. +For example, with the \fIlatency\fP and \fInolatency\fP commands, +root can switch on and off command latency measurement code in the +eata_dma driver. +With the \fIlockup\fP and \fIunlock\fP commands, +root can control bus lockups simulated by the scsi_debug driver. +.TP +.I /proc/self +This directory refers to the process accessing the +.I /proc +filesystem, +and is identical to the +.I /proc +directory named by the process ID of the same process. +.TP +.I /proc/slabinfo +Information about kernel caches. +See +.BR slabinfo (5) +for details. +.TP +.I /proc/stat +kernel/system statistics. +Varies with architecture. +Common +entries include: +.RS +.TP +.I cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0 +.TQ +.I cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0 +The amount of time, measured in units of +USER_HZ (1/100ths of a second on most architectures, use +.I sysconf(_SC_CLK_TCK) +to obtain the right value), +.\" 1024 on Alpha and ia64 +that the system ("cpu" line) or the specific CPU ("cpu\fIN\fR" line) +spent in various states: +.RS +.TP +.I user +(1) Time spent in user mode. +.TP +.I nice +(2) Time spent in user mode with low priority (nice). +.TP +.I system +(3) Time spent in system mode. +.TP +.I idle +(4) Time spent in the idle task. +.\" FIXME . Actually, the following info about the /proc/stat 'cpu' field +.\" does not seem to be quite right (at least in Linux 2.6.12 or Linux 3.6): +.\" the idle time in /proc/uptime does not quite match this value +This value should be USER_HZ times the +second entry in the +.I /proc/uptime +pseudo-file. +.TP +.IR iowait " (since Linux 2.5.41)" +(5) Time waiting for I/O to complete. +This value is not reliable, for the following reasons: +.\" See kernel commit 9c240d757658a3ae9968dd309e674c61f07c7f48 +.RS +.IP \[bu] 3 +The CPU will not wait for I/O to complete; +iowait is the time that a task is waiting for I/O to complete. +When a CPU goes into idle state for outstanding task I/O, +another task will be scheduled on this CPU. +.IP \[bu] +On a multi-core CPU, +the task waiting for I/O to complete is not running on any CPU, +so the iowait of each CPU is difficult to calculate. +.IP \[bu] +The value in this field may +.I decrease +in certain conditions. +.RE +.TP +.IR irq " (since Linux 2.6.0)" +.\" Precisely: Linux 2.6.0-test4 +(6) Time servicing interrupts. +.TP +.IR softirq " (since Linux 2.6.0)" +.\" Precisely: Linux 2.6.0-test4 +(7) Time servicing softirqs. +.TP +.IR steal " (since Linux 2.6.11)" +(8) Stolen time, which is the time spent in other operating systems when +running in a virtualized environment +.TP +.IR guest " (since Linux 2.6.24)" +(9) Time spent running a virtual CPU for guest +operating systems under the control of the Linux kernel. +.\" See Changelog entry for 5e84cfde51cf303d368fcb48f22059f37b3872de +.TP +.IR guest_nice " (since Linux 2.6.33)" +.\" commit ce0e7b28fb75cb003cfc8d0238613aaf1c55e797 +(10) Time spent running a niced guest (virtual CPU for guest +operating systems under the control of the Linux kernel). +.RE +.TP +\fIpage 5741 1808\fP +The number of pages the system paged in and the number that were paged +out (from disk). +.TP +\fIswap 1 0\fP +The number of swap pages that have been brought in and out. +.TP +.\" FIXME . The following is not the full picture for the 'intr' of +.\" /proc/stat on 2.6: +\fIintr 1462898\fP +This line shows counts of interrupts serviced since boot time, +for each of the possible system interrupts. +The first column is the total of all interrupts serviced +including unnumbered architecture specific interrupts; +each subsequent column is the total for that particular numbered interrupt. +Unnumbered interrupts are not shown, only summed into the total. +.TP +\fIdisk_io: (2,0):(31,30,5764,1,2) (3,0):\fP... +(major,disk_idx):(noinfo, read_io_ops, blks_read, write_io_ops, blks_written) +.br +(Linux 2.4 only) +.TP +\fIctxt 115315\fP +The number of context switches that the system underwent. +.TP +\fIbtime 769041601\fP +boot time, in seconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC). +.TP +\fIprocesses 86031\fP +Number of forks since boot. +.TP +\fIprocs_running 6\fP +Number of processes in runnable state. +(Linux 2.5.45 onward.) +.TP +\fIprocs_blocked 2\fP +Number of processes blocked waiting for I/O to complete. +(Linux 2.5.45 onward.) +.TP +.I softirq 229245889 94 60001584 13619 5175704 2471304 28 51212741 59130143 0 51240672 +.\" commit d3d64df21d3d0de675a0d3ffa7c10514f3644b30 +This line shows the number of softirq for all CPUs. +The first column is the total of all softirqs and +each subsequent column is the total for particular softirq. +(Linux 2.6.31 onward.) +.RE +.TP +.I /proc/swaps +Swap areas in use. +See also +.BR swapon (8). +.TP +.I /proc/sys +This directory (present since Linux 1.3.57) contains a number of files +and subdirectories corresponding to kernel variables. +These variables can be read and in some cases modified using +the \fI/proc\fP filesystem, and the (deprecated) +.BR sysctl (2) +system call. +.IP +String values may be terminated by either \[aq]\e0\[aq] or \[aq]\en\[aq]. +.IP +Integer and long values may be written either in decimal or in +hexadecimal notation (e.g., 0x3FFF). +When writing multiple integer or long values, these may be separated +by any of the following whitespace characters: +\[aq]\ \[aq], \[aq]\et\[aq], or \[aq]\en\[aq]. +Using other separators leads to the error +.BR EINVAL . +.TP +.IR /proc/sys/abi " (since Linux 2.4.10)" +This directory may contain files with application binary information. +.\" On some systems, it is not present. +See the Linux kernel source file +.I Documentation/sysctl/abi.rst +(or +.I Documentation/sysctl/abi.txt +before Linux 5.3) +for more information. +.TP +.I /proc/sys/debug +This directory may be empty. +.TP +.I /proc/sys/dev +This directory contains device-specific information (e.g., +.IR dev/cdrom/info ). +On +some systems, it may be empty. +.TP +.I /proc/sys/fs +This directory contains the files and subdirectories for kernel variables +related to filesystems. +.TP +.IR /proc/sys/fs/aio\-max\-nr " and " /proc/sys/fs/aio\-nr " (since Linux 2.6.4)" +.I aio\-nr +is the running total of the number of events specified by +.BR io_setup (2) +calls for all currently active AIO contexts. +If +.I aio\-nr +reaches +.IR aio\-max\-nr , +then +.BR io_setup (2) +will fail with the error +.BR EAGAIN . +Raising +.I aio\-max\-nr +does not result in the preallocation or resizing +of any kernel data structures. +.TP +.I /proc/sys/fs/binfmt_misc +Documentation for files in this directory can be found +in the Linux kernel source in the file +.I Documentation/admin\-guide/binfmt\-misc.rst +(or in +.I Documentation/binfmt_misc.txt +on older kernels). +.TP +.IR /proc/sys/fs/dentry\-state " (since Linux 2.2)" +This file contains information about the status of the +directory cache (dcache). +The file contains six numbers, +.IR nr_dentry , +.IR nr_unused , +.I age_limit +(age in seconds), +.I want_pages +(pages requested by system) and two dummy values. +.RS +.IP \[bu] 3 +.I nr_dentry +is the number of allocated dentries (dcache entries). +This field is unused in Linux 2.2. +.IP \[bu] +.I nr_unused +is the number of unused dentries. +.IP \[bu] +.I age_limit +.\" looks like this is unused in Linux 2.2 to Linux 2.6 +is the age in seconds after which dcache entries +can be reclaimed when memory is short. +.IP \[bu] +.I want_pages +.\" looks like this is unused in Linux 2.2 to Linux 2.6 +is nonzero when the kernel has called shrink_dcache_pages() and the +dcache isn't pruned yet. +.RE +.TP +.I /proc/sys/fs/dir\-notify\-enable +This file can be used to disable or enable the +.I dnotify +interface described in +.BR fcntl (2) +on a system-wide basis. +A value of 0 in this file disables the interface, +and a value of 1 enables it. +.TP +.I /proc/sys/fs/dquot\-max +This file shows the maximum number of cached disk quota entries. +On some (2.4) systems, it is not present. +If the number of free cached disk quota entries is very low and +you have some awesome number of simultaneous system users, +you might want to raise the limit. +.TP +.I /proc/sys/fs/dquot\-nr +This file shows the number of allocated disk quota +entries and the number of free disk quota entries. +.TP +.IR /proc/sys/fs/epoll " (since Linux 2.6.28)" +This directory contains the file +.IR max_user_watches , +which can be used to limit the amount of kernel memory consumed by the +.I epoll +interface. +For further details, see +.BR epoll (7). +.TP +.I /proc/sys/fs/file\-max +This file defines +a system-wide limit on the number of open files for all processes. +System calls that fail when encountering this limit fail with the error +.BR ENFILE . +(See also +.BR setrlimit (2), +which can be used by a process to set the per-process limit, +.BR RLIMIT_NOFILE , +on the number of files it may open.) +If you get lots +of error messages in the kernel log about running out of file handles +(open file descriptions) +(look for "VFS: file\-max limit <number> reached"), +try increasing this value: +.IP +.in +4n +.EX +echo 100000 > /proc/sys/fs/file\-max +.EE +.in +.IP +Privileged processes +.RB ( CAP_SYS_ADMIN ) +can override the +.I file\-max +limit. +.TP +.I /proc/sys/fs/file\-nr +This (read-only) file contains three numbers: +the number of allocated file handles +(i.e., the number of open file descriptions; see +.BR open (2)); +the number of free file handles; +and the maximum number of file handles (i.e., the same value as +.IR /proc/sys/fs/file\-max ). +If the number of allocated file handles is close to the +maximum, you should consider increasing the maximum. +Before Linux 2.6, +the kernel allocated file handles dynamically, +but it didn't free them again. +Instead the free file handles were kept in a list for reallocation; +the "free file handles" value indicates the size of that list. +A large number of free file handles indicates that there was +a past peak in the usage of open file handles. +Since Linux 2.6, the kernel does deallocate freed file handles, +and the "free file handles" value is always zero. +.TP +.IR /proc/sys/fs/inode\-max " (only present until Linux 2.2)" +This file contains the maximum number of in-memory inodes. +This value should be 3\[en]4 times larger +than the value in +.IR file\-max , +since \fIstdin\fP, \fIstdout\fP +and network sockets also need an inode to handle them. +When you regularly run out of inodes, you need to increase this value. +.IP +Starting with Linux 2.4, +there is no longer a static limit on the number of inodes, +and this file is removed. +.TP +.I /proc/sys/fs/inode\-nr +This file contains the first two values from +.IR inode\-state . +.TP +.I /proc/sys/fs/inode\-state +This file +contains seven numbers: +.IR nr_inodes , +.IR nr_free_inodes , +.IR preshrink , +and four dummy values (always zero). +.IP +.I nr_inodes +is the number of inodes the system has allocated. +.\" This can be slightly more than +.\" .I inode\-max +.\" because Linux allocates them one page full at a time. +.I nr_free_inodes +represents the number of free inodes. +.IP +.I preshrink +is nonzero when the +.I nr_inodes +> +.I inode\-max +and the system needs to prune the inode list instead of allocating more; +since Linux 2.4, this field is a dummy value (always zero). +.TP +.IR /proc/sys/fs/inotify " (since Linux 2.6.13)" +This directory contains files +.IR max_queued_events ", " max_user_instances ", and " max_user_watches , +that can be used to limit the amount of kernel memory consumed by the +.I inotify +interface. +For further details, see +.BR inotify (7). +.TP +.I /proc/sys/fs/lease\-break\-time +This file specifies the grace period that the kernel grants to a process +holding a file lease +.RB ( fcntl (2)) +after it has sent a signal to that process notifying it +that another process is waiting to open the file. +If the lease holder does not remove or downgrade the lease within +this grace period, the kernel forcibly breaks the lease. +.TP +.I /proc/sys/fs/leases\-enable +This file can be used to enable or disable file leases +.RB ( fcntl (2)) +on a system-wide basis. +If this file contains the value 0, leases are disabled. +A nonzero value enables leases. +.TP +.IR /proc/sys/fs/mount\-max " (since Linux 4.9)" +.\" commit d29216842a85c7970c536108e093963f02714498 +The value in this file specifies the maximum number of mounts that may exist +in a mount namespace. +The default value in this file is 100,000. +.TP +.IR /proc/sys/fs/mqueue " (since Linux 2.6.6)" +This directory contains files +.IR msg_max ", " msgsize_max ", and " queues_max , +controlling the resources used by POSIX message queues. +See +.BR mq_overview (7) +for details. +.TP +.IR /proc/sys/fs/nr_open " (since Linux 2.6.25)" +.\" commit 9cfe015aa424b3c003baba3841a60dd9b5ad319b +This file imposes a ceiling on the value to which the +.B RLIMIT_NOFILE +resource limit can be raised (see +.BR getrlimit (2)). +This ceiling is enforced for both unprivileged and privileged process. +The default value in this file is 1048576. +(Before Linux 2.6.25, the ceiling for +.B RLIMIT_NOFILE +was hard-coded to the same value.) +.TP +.IR /proc/sys/fs/overflowgid " and " /proc/sys/fs/overflowuid +These files +allow you to change the value of the fixed UID and GID. +The default is 65534. +Some filesystems support only 16-bit UIDs and GIDs, although in Linux +UIDs and GIDs are 32 bits. +When one of these filesystems is mounted +with writes enabled, any UID or GID that would exceed 65535 is translated +to the overflow value before being written to disk. +.TP +.IR /proc/sys/fs/pipe\-max\-size " (since Linux 2.6.35)" +See +.BR pipe (7). +.TP +.IR /proc/sys/fs/pipe\-user\-pages\-hard " (since Linux 4.5)" +See +.BR pipe (7). +.TP +.IR /proc/sys/fs/pipe\-user\-pages\-soft " (since Linux 4.5)" +See +.BR pipe (7). +.TP +.IR /proc/sys/fs/protected_fifos " (since Linux 4.19)" +The value in this file is/can be set to one of the following: +.RS +.TP 4 +0 +Writing to FIFOs is unrestricted. +.TP +1 +Don't allow +.B O_CREAT +.BR open (2) +on FIFOs that the caller doesn't own in world-writable sticky directories, +unless the FIFO is owned by the owner of the directory. +.TP +2 +As for the value 1, +but the restriction also applies to group-writable sticky directories. +.RE +.IP +The intent of the above protections is to avoid unintentional writes to an +attacker-controlled FIFO when a program expected to create a regular file. +.TP +.IR /proc/sys/fs/protected_hardlinks " (since Linux 3.6)" +.\" commit 800179c9b8a1e796e441674776d11cd4c05d61d7 +When the value in this file is 0, +no restrictions are placed on the creation of hard links +(i.e., this is the historical behavior before Linux 3.6). +When the value in this file is 1, +a hard link can be created to a target file +only if one of the following conditions is true: +.RS +.IP \[bu] 3 +The calling process has the +.B CAP_FOWNER +capability in its user namespace +and the file UID has a mapping in the namespace. +.IP \[bu] +The filesystem UID of the process creating the link matches +the owner (UID) of the target file +(as described in +.BR credentials (7), +a process's filesystem UID is normally the same as its effective UID). +.IP \[bu] +All of the following conditions are true: +.RS 4 +.IP \[bu] 3 +the target is a regular file; +.IP \[bu] +the target file does not have its set-user-ID mode bit enabled; +.IP \[bu] +the target file does not have both its set-group-ID and +group-executable mode bits enabled; and +.IP \[bu] +the caller has permission to read and write the target file +(either via the file's permissions mask or because it has +suitable capabilities). +.RE +.RE +.IP +The default value in this file is 0. +Setting the value to 1 +prevents a longstanding class of security issues caused by +hard-link-based time-of-check, time-of-use races, +most commonly seen in world-writable directories such as +.IR /tmp . +The common method of exploiting this flaw +is to cross privilege boundaries when following a given hard link +(i.e., a root process follows a hard link created by another user). +Additionally, on systems without separated partitions, +this stops unauthorized users from "pinning" vulnerable set-user-ID and +set-group-ID files against being upgraded by +the administrator, or linking to special files. +.TP +.IR /proc/sys/fs/protected_regular " (since Linux 4.19)" +The value in this file is/can be set to one of the following: +.RS +.TP 4 +0 +Writing to regular files is unrestricted. +.TP +1 +Don't allow +.B O_CREAT +.BR open (2) +on regular files that the caller doesn't own in +world-writable sticky directories, +unless the regular file is owned by the owner of the directory. +.TP +2 +As for the value 1, +but the restriction also applies to group-writable sticky directories. +.RE +.IP +The intent of the above protections is similar to +.IR protected_fifos , +but allows an application to +avoid writes to an attacker-controlled regular file, +where the application expected to create one. +.TP +.IR /proc/sys/fs/protected_symlinks " (since Linux 3.6)" +.\" commit 800179c9b8a1e796e441674776d11cd4c05d61d7 +When the value in this file is 0, +no restrictions are placed on following symbolic links +(i.e., this is the historical behavior before Linux 3.6). +When the value in this file is 1, symbolic links are followed only +in the following circumstances: +.RS +.IP \[bu] 3 +the filesystem UID of the process following the link matches +the owner (UID) of the symbolic link +(as described in +.BR credentials (7), +a process's filesystem UID is normally the same as its effective UID); +.IP \[bu] +the link is not in a sticky world-writable directory; or +.IP \[bu] +the symbolic link and its parent directory have the same owner (UID) +.RE +.IP +A system call that fails to follow a symbolic link +because of the above restrictions returns the error +.B EACCES +in +.IR errno . +.IP +The default value in this file is 0. +Setting the value to 1 avoids a longstanding class of security issues +based on time-of-check, time-of-use races when accessing symbolic links. +.TP +.IR /proc/sys/fs/suid_dumpable " (since Linux 2.6.13)" +.\" The following is based on text from Documentation/sysctl/kernel.txt +The value in this file is assigned to a process's "dumpable" flag +in the circumstances described in +.BR prctl (2). +In effect, +the value in this file determines whether core dump files are +produced for set-user-ID or otherwise protected/tainted binaries. +The "dumpable" setting also affects the ownership of files in a process's +.IR /proc/ pid +directory, as described above. +.IP +Three different integer values can be specified: +.RS +.TP +\fI0\ (default)\fP +.\" In kernel source: SUID_DUMP_DISABLE +This provides the traditional (pre-Linux 2.6.13) behavior. +A core dump will not be produced for a process which has +changed credentials (by calling +.BR seteuid (2), +.BR setgid (2), +or similar, or by executing a set-user-ID or set-group-ID program) +or whose binary does not have read permission enabled. +.TP +\fI1\ ("debug")\fP +.\" In kernel source: SUID_DUMP_USER +All processes dump core when possible. +(Reasons why a process might nevertheless not dump core are described in +.BR core (5).) +The core dump is owned by the filesystem user ID of the dumping process +and no security is applied. +This is intended for system debugging situations only: +this mode is insecure because it allows unprivileged users to +examine the memory contents of privileged processes. +.TP +\fI2\ ("suidsafe")\fP +.\" In kernel source: SUID_DUMP_ROOT +Any binary which normally would not be dumped (see "0" above) +is dumped readable by root only. +This allows the user to remove the core dump file but not to read it. +For security reasons core dumps in this mode will not overwrite one +another or other files. +This mode is appropriate when administrators are +attempting to debug problems in a normal environment. +.IP +Additionally, since Linux 3.6, +.\" 9520628e8ceb69fa9a4aee6b57f22675d9e1b709 +.I /proc/sys/kernel/core_pattern +must either be an absolute pathname +or a pipe command, as detailed in +.BR core (5). +Warnings will be written to the kernel log if +.I core_pattern +does not follow these rules, and no core dump will be produced. +.\" 54b501992dd2a839e94e76aa392c392b55080ce8 +.RE +.IP +For details of the effect of a process's "dumpable" setting +on ptrace access mode checking, see +.BR ptrace (2). +.TP +.I /proc/sys/fs/super\-max +This file +controls the maximum number of superblocks, and +thus the maximum number of mounted filesystems the kernel +can have. +You need increase only +.I super\-max +if you need to mount more filesystems than the current value in +.I super\-max +allows you to. +.TP +.I /proc/sys/fs/super\-nr +This file +contains the number of filesystems currently mounted. +.TP +.I /proc/sys/kernel +This directory contains files controlling a range of kernel parameters, +as described below. +.TP +.I /proc/sys/kernel/acct +This file +contains three numbers: +.IR highwater , +.IR lowwater , +and +.IR frequency . +If BSD-style process accounting is enabled, these values control +its behavior. +If free space on filesystem where the log lives goes below +.I lowwater +percent, accounting suspends. +If free space gets above +.I highwater +percent, accounting resumes. +.I frequency +determines +how often the kernel checks the amount of free space (value is in +seconds). +Default values are 4, 2, and 30. +That is, suspend accounting if 2% or less space is free; resume it +if 4% or more space is free; consider information about amount of free space +valid for 30 seconds. +.TP +.IR /proc/sys/kernel/auto_msgmni " (Linux 2.6.27 to Linux 3.18)" +.\" commit 9eefe520c814f6f62c5d36a2ddcd3fb99dfdb30e (introduces feature) +.\" commit 0050ee059f7fc86b1df2527aaa14ed5dc72f9973 (rendered redundant) +From Linux 2.6.27 to Linux 3.18, +this file was used to control recomputing of the value in +.I /proc/sys/kernel/msgmni +upon the addition or removal of memory or upon IPC namespace creation/removal. +Echoing "1" into this file enabled +.I msgmni +automatic recomputing (and triggered a recomputation of +.I msgmni +based on the current amount of available memory and number of IPC namespaces). +Echoing "0" disabled automatic recomputing. +(Automatic recomputing was also disabled if a value was explicitly assigned to +.IR /proc/sys/kernel/msgmni .) +The default value in +.I auto_msgmni +was 1. +.IP +Since Linux 3.19, the content of this file has no effect (because +.I msgmni +.\" FIXME Must document the 3.19 'msgmni' changes. +defaults to near the maximum value possible), +and reads from this file always return the value "0". +.TP +.IR /proc/sys/kernel/cap_last_cap " (since Linux 3.2)" +See +.BR capabilities (7). +.TP +.IR /proc/sys/kernel/cap\-bound " (from Linux 2.2 to Linux 2.6.24)" +This file holds the value of the kernel +.I "capability bounding set" +(expressed as a signed decimal number). +This set is ANDed against the capabilities permitted to a process +during +.BR execve (2). +Starting with Linux 2.6.25, +the system-wide capability bounding set disappeared, +and was replaced by a per-thread bounding set; see +.BR capabilities (7). +.TP +.I /proc/sys/kernel/core_pattern +See +.BR core (5). +.TP +.I /proc/sys/kernel/core_pipe_limit +See +.BR core (5). +.TP +.I /proc/sys/kernel/core_uses_pid +See +.BR core (5). +.TP +.I /proc/sys/kernel/ctrl\-alt\-del +This file +controls the handling of Ctrl-Alt-Del from the keyboard. +When the value in this file is 0, Ctrl-Alt-Del is trapped and +sent to the +.BR init (1) +program to handle a graceful restart. +When the value is greater than zero, Linux's reaction to a Vulcan +Nerve Pinch (tm) will be an immediate reboot, without even +syncing its dirty buffers. +Note: when a program (like dosemu) has the keyboard in "raw" +mode, the Ctrl-Alt-Del is intercepted by the program before it +ever reaches the kernel tty layer, and it's up to the program +to decide what to do with it. +.TP +.IR /proc/sys/kernel/dmesg_restrict " (since Linux 2.6.37)" +The value in this file determines who can see kernel syslog contents. +A value of 0 in this file imposes no restrictions. +If the value is 1, only privileged users can read the kernel syslog. +(See +.BR syslog (2) +for more details.) +Since Linux 3.4, +.\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8 +only users with the +.B CAP_SYS_ADMIN +capability may change the value in this file. +.TP +.IR /proc/sys/kernel/domainname " and " /proc/sys/kernel/hostname +can be used to set the NIS/YP domainname and the +hostname of your box in exactly the same way as the commands +.BR domainname (1) +and +.BR hostname (1), +that is: +.IP +.in +4n +.EX +.RB "#" " echo \[aq]darkstar\[aq] > /proc/sys/kernel/hostname" +.RB "#" " echo \[aq]mydomain\[aq] > /proc/sys/kernel/domainname" +.EE +.in +.IP +has the same effect as +.IP +.in +4n +.EX +.RB "#" " hostname \[aq]darkstar\[aq]" +.RB "#" " domainname \[aq]mydomain\[aq]" +.EE +.in +.IP +Note, however, that the classic darkstar.frop.org has the +hostname "darkstar" and DNS (Internet Domain Name Server) +domainname "frop.org", not to be confused with the NIS (Network +Information Service) or YP (Yellow Pages) domainname. +These two +domain names are in general different. +For a detailed discussion +see the +.BR hostname (1) +man page. +.TP +.I /proc/sys/kernel/hotplug +This file +contains the pathname for the hotplug policy agent. +The default value in this file is +.IR /sbin/hotplug . +.TP +.\" Removed in commit 87f504e5c78b910b0c1d6ffb89bc95e492322c84 (tglx/history.git) +.IR /proc/sys/kernel/htab\-reclaim " (before Linux 2.4.9.2)" +(PowerPC only) If this file is set to a nonzero value, +the PowerPC htab +.\" removed in commit 1b483a6a7b2998e9c98ad985d7494b9b725bd228, before Linux 2.6.28 +(see kernel file +.IR Documentation/powerpc/ppc_htab.txt ) +is pruned +each time the system hits the idle loop. +.TP +.I /proc/sys/kernel/keys/* +This directory contains various files that define parameters and limits +for the key-management facility. +These files are described in +.BR keyrings (7). +.TP +.IR /proc/sys/kernel/kptr_restrict " (since Linux 2.6.38)" +.\" 455cd5ab305c90ffc422dd2e0fb634730942b257 +The value in this file determines whether kernel addresses are exposed via +.I /proc +files and other interfaces. +A value of 0 in this file imposes no restrictions. +If the value is 1, kernel pointers printed using the +.I %pK +format specifier will be replaced with zeros unless the user has the +.B CAP_SYSLOG +capability. +If the value is 2, kernel pointers printed using the +.I %pK +format specifier will be replaced with zeros regardless +of the user's capabilities. +The initial default value for this file was 1, +but the default was changed +.\" commit 411f05f123cbd7f8aa1edcae86970755a6e2a9d9 +to 0 in Linux 2.6.39. +Since Linux 3.4, +.\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8 +only users with the +.B CAP_SYS_ADMIN +capability can change the value in this file. +.TP +.I /proc/sys/kernel/l2cr +(PowerPC only) This file +contains a flag that controls the L2 cache of G3 processor +boards. +If 0, the cache is disabled. +Enabled if nonzero. +.TP +.I /proc/sys/kernel/modprobe +This file contains the pathname for the kernel module loader. +The default value is +.IR /sbin/modprobe . +The file is present only if the kernel is built with the +.B CONFIG_MODULES +.RB ( CONFIG_KMOD +in Linux 2.6.26 and earlier) +option enabled. +It is described by the Linux kernel source file +.I Documentation/kmod.txt +(present only in Linux 2.4 and earlier). +.TP +.IR /proc/sys/kernel/modules_disabled " (since Linux 2.6.31)" +.\" 3d43321b7015387cfebbe26436d0e9d299162ea1 +.\" From Documentation/sysctl/kernel.txt +A toggle value indicating if modules are allowed to be loaded +in an otherwise modular kernel. +This toggle defaults to off (0), but can be set true (1). +Once true, modules can be neither loaded nor unloaded, +and the toggle cannot be set back to false. +The file is present only if the kernel is built with the +.B CONFIG_MODULES +option enabled. +.TP +.IR /proc/sys/kernel/msgmax " (since Linux 2.2)" +This file defines +a system-wide limit specifying the maximum number of bytes in +a single message written on a System V message queue. +.TP +.IR /proc/sys/kernel/msgmni " (since Linux 2.4)" +This file defines the system-wide limit on the number of +message queue identifiers. +See also +.IR /proc/sys/kernel/auto_msgmni . +.TP +.IR /proc/sys/kernel/msgmnb " (since Linux 2.2)" +This file defines a system-wide parameter used to initialize the +.I msg_qbytes +setting for subsequently created message queues. +The +.I msg_qbytes +setting specifies the maximum number of bytes that may be written to the +message queue. +.TP +.IR /proc/sys/kernel/ngroups_max " (since Linux 2.6.4)" +This is a read-only file that displays the upper limit on the +number of a process's group memberships. +.TP +.IR /proc/sys/kernel/ns_last_pid " (since Linux 3.3)" +See +.BR pid_namespaces (7). +.TP +.IR /proc/sys/kernel/ostype " and " /proc/sys/kernel/osrelease +These files +give substrings of +.IR /proc/version . +.TP +.IR /proc/sys/kernel/overflowgid " and " /proc/sys/kernel/overflowuid +These files duplicate the files +.I /proc/sys/fs/overflowgid +and +.IR /proc/sys/fs/overflowuid . +.TP +.I /proc/sys/kernel/panic +This file gives read/write access to the kernel variable +.IR panic_timeout . +If this is zero, the kernel will loop on a panic; if nonzero, +it indicates that the kernel should autoreboot after this number +of seconds. +When you use the +software watchdog device driver, the recommended setting is 60. +.TP +.IR /proc/sys/kernel/panic_on_oops " (since Linux 2.5.68)" +This file controls the kernel's behavior when an oops +or BUG is encountered. +If this file contains 0, then the system +tries to continue operation. +If it contains 1, then the system +delays a few seconds (to give klogd time to record the oops output) +and then panics. +If the +.I /proc/sys/kernel/panic +file is also nonzero, then the machine will be rebooted. +.TP +.IR /proc/sys/kernel/pid_max " (since Linux 2.5.34)" +This file specifies the value at which PIDs wrap around +(i.e., the value in this file is one greater than the maximum PID). +PIDs greater than this value are not allocated; +thus, the value in this file also acts as a system-wide limit +on the total number of processes and threads. +The default value for this file, 32768, +results in the same range of PIDs as on earlier kernels. +On 32-bit platforms, 32768 is the maximum value for +.IR pid_max . +On 64-bit systems, +.I pid_max +can be set to any value up to 2\[ha]22 +.RB ( PID_MAX_LIMIT , +approximately 4 million). +.\" Prior to Linux 2.6.10, pid_max could also be raised above 32768 on 32-bit +.\" platforms, but this broke /proc/[pid] +.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=109513010926152&w=2 +.TP +.IR /proc/sys/kernel/powersave\-nap " (PowerPC only)" +This file contains a flag. +If set, Linux-PPC will use the "nap" mode of +powersaving, +otherwise the "doze" mode will be used. +.TP +.I /proc/sys/kernel/printk +See +.BR syslog (2). +.TP +.IR /proc/sys/kernel/pty " (since Linux 2.6.4)" +This directory contains two files relating to the number of UNIX 98 +pseudoterminals (see +.BR pts (4)) +on the system. +.TP +.I /proc/sys/kernel/pty/max +This file defines the maximum number of pseudoterminals. +.\" FIXME Document /proc/sys/kernel/pty/reserve +.\" New in Linux 3.3 +.\" commit e9aba5158a80098447ff207a452a3418ae7ee386 +.TP +.I /proc/sys/kernel/pty/nr +This read-only file +indicates how many pseudoterminals are currently in use. +.TP +.I /proc/sys/kernel/random +This directory +contains various parameters controlling the operation of the file +.IR /dev/random . +See +.BR random (4) +for further information. +.TP +.IR /proc/sys/kernel/random/uuid " (since Linux 2.4)" +Each read from this read-only file returns a randomly generated 128-bit UUID, +as a string in the standard UUID format. +.TP +.IR /proc/sys/kernel/randomize_va_space " (since Linux 2.6.12)" +.\" Some further details can be found in Documentation/sysctl/kernel.txt +Select the address space layout randomization (ASLR) policy for the system +(on architectures that support ASLR). +Three values are supported for this file: +.RS +.TP +.B 0 +Turn ASLR off. +This is the default for architectures that don't support ASLR, +and when the kernel is booted with the +.I norandmaps +parameter. +.TP +.B 1 +Make the addresses of +.BR mmap (2) +allocations, the stack, and the VDSO page randomized. +Among other things, this means that shared libraries will be +loaded at randomized addresses. +The text segment of PIE-linked binaries will also be loaded +at a randomized address. +This value is the default if the kernel was configured with +.BR CONFIG_COMPAT_BRK . +.TP +.B 2 +(Since Linux 2.6.25) +.\" commit c1d171a002942ea2d93b4fbd0c9583c56fce0772 +Also support heap randomization. +This value is the default if the kernel was not configured with +.BR CONFIG_COMPAT_BRK . +.RE +.TP +.I /proc/sys/kernel/real\-root\-dev +This file is documented in the Linux kernel source file +.I Documentation/admin\-guide/initrd.rst +.\" commit 9d85025b0418163fae079c9ba8f8445212de8568 +(or +.I Documentation/initrd.txt +before Linux 4.10). +.TP +.IR /proc/sys/kernel/reboot\-cmd " (Sparc only)" +This file seems to be a way to give an argument to the SPARC +ROM/Flash boot loader. +Maybe to tell it what to do after +rebooting? +.TP +.I /proc/sys/kernel/rtsig\-max +(Up to and including Linux 2.6.7; see +.BR setrlimit (2)) +This file can be used to tune the maximum number +of POSIX real-time (queued) signals that can be outstanding +in the system. +.TP +.I /proc/sys/kernel/rtsig\-nr +(Up to and including Linux 2.6.7.) +This file shows the number of POSIX real-time signals currently queued. +.TP +.IR /proc/ pid /sched_autogroup_enabled " (since Linux 2.6.38)" +.\" commit 5091faa449ee0b7d73bc296a93bca9540fc51d0a +See +.BR sched (7). +.TP +.IR /proc/sys/kernel/sched_child_runs_first " (since Linux 2.6.23)" +If this file contains the value zero, then, after a +.BR fork (2), +the parent is first scheduled on the CPU. +If the file contains a nonzero value, +then the child is scheduled first on the CPU. +(Of course, on a multiprocessor system, +the parent and the child might both immediately be scheduled on a CPU.) +.TP +.IR /proc/sys/kernel/sched_rr_timeslice_ms " (since Linux 3.9)" +See +.BR sched_rr_get_interval (2). +.TP +.IR /proc/sys/kernel/sched_rt_period_us " (since Linux 2.6.25)" +See +.BR sched (7). +.TP +.IR /proc/sys/kernel/sched_rt_runtime_us " (since Linux 2.6.25)" +See +.BR sched (7). +.TP +.IR /proc/sys/kernel/seccomp " (since Linux 4.14)" +.\" commit 8e5f1ad116df6b0de65eac458d5e7c318d1c05af +This directory provides additional seccomp information and +configuration. +See +.BR seccomp (2) +for further details. +.TP +.IR /proc/sys/kernel/sem " (since Linux 2.4)" +This file contains 4 numbers defining limits for System V IPC semaphores. +These fields are, in order: +.RS +.TP +SEMMSL +The maximum semaphores per semaphore set. +.TP +SEMMNS +A system-wide limit on the number of semaphores in all semaphore sets. +.TP +SEMOPM +The maximum number of operations that may be specified in a +.BR semop (2) +call. +.TP +SEMMNI +A system-wide limit on the maximum number of semaphore identifiers. +.RE +.TP +.I /proc/sys/kernel/sg\-big\-buff +This file +shows the size of the generic SCSI device (sg) buffer. +You can't tune it just yet, but you could change it at +compile time by editing +.I include/scsi/sg.h +and changing +the value of +.BR SG_BIG_BUFF . +However, there shouldn't be any reason to change this value. +.TP +.IR /proc/sys/kernel/shm_rmid_forced " (since Linux 3.1)" +.\" commit b34a6b1da371ed8af1221459a18c67970f7e3d53 +.\" See also Documentation/sysctl/kernel.txt +If this file is set to 1, all System V shared memory segments will +be marked for destruction as soon as the number of attached processes +falls to zero; +in other words, it is no longer possible to create shared memory segments +that exist independently of any attached process. +.IP +The effect is as though a +.BR shmctl (2) +.B IPC_RMID +is performed on all existing segments as well as all segments +created in the future (until this file is reset to 0). +Note that existing segments that are attached to no process will be +immediately destroyed when this file is set to 1. +Setting this option will also destroy segments that were created, +but never attached, +upon termination of the process that created the segment with +.BR shmget (2). +.IP +Setting this file to 1 provides a way of ensuring that +all System V shared memory segments are counted against the +resource usage and resource limits (see the description of +.B RLIMIT_AS +in +.BR getrlimit (2)) +of at least one process. +.IP +Because setting this file to 1 produces behavior that is nonstandard +and could also break existing applications, +the default value in this file is 0. +Set this file to 1 only if you have a good understanding +of the semantics of the applications using +System V shared memory on your system. +.TP +.IR /proc/sys/kernel/shmall " (since Linux 2.2)" +This file +contains the system-wide limit on the total number of pages of +System V shared memory. +.TP +.IR /proc/sys/kernel/shmmax " (since Linux 2.2)" +This file +can be used to query and set the run-time limit +on the maximum (System V IPC) shared memory segment size that can be +created. +Shared memory segments up to 1 GB are now supported in the +kernel. +This value defaults to +.BR SHMMAX . +.TP +.IR /proc/sys/kernel/shmmni " (since Linux 2.4)" +This file +specifies the system-wide maximum number of System V shared memory +segments that can be created. +.TP +.IR /proc/sys/kernel/sysctl_writes_strict " (since Linux 3.16)" +.\" commit f88083005ab319abba5d0b2e4e997558245493c8 +.\" commit 2ca9bb456ada8bcbdc8f77f8fc78207653bbaa92 +.\" commit f4aacea2f5d1a5f7e3154e967d70cf3f711bcd61 +.\" commit 24fe831c17ab8149413874f2fd4e5c8a41fcd294 +The value in this file determines how the file offset affects +the behavior of updating entries in files under +.IR /proc/sys . +The file has three possible values: +.RS +.TP 4 +\-1 +This provides legacy handling, with no printk warnings. +Each +.BR write (2) +must fully contain the value to be written, +and multiple writes on the same file descriptor +will overwrite the entire value, regardless of the file position. +.TP +0 +(default) This provides the same behavior as for \-1, +but printk warnings are written for processes that +perform writes when the file offset is not 0. +.TP +1 +Respect the file offset when writing strings into +.I /proc/sys +files. +Multiple writes will +.I append +to the value buffer. +Anything written beyond the maximum length +of the value buffer will be ignored. +Writes to numeric +.I /proc/sys +entries must always be at file offset 0 and the value must be +fully contained in the buffer provided to +.BR write (2). +.\" FIXME . +.\" With /proc/sys/kernel/sysctl_writes_strict==1, writes at an +.\" offset other than 0 do not generate an error. Instead, the +.\" write() succeeds, but the file is left unmodified. +.\" This is surprising. The behavior may change in the future. +.\" See thread.gmane.org/gmane.linux.man/9197 +.\" From: Michael Kerrisk (man-pages <mtk.manpages@...> +.\" Subject: sysctl_writes_strict documentation + an oddity? +.\" Newsgroups: gmane.linux.man, gmane.linux.kernel +.\" Date: 2015-05-09 08:54:11 GMT +.RE +.TP +.I /proc/sys/kernel/sysrq +This file controls the functions allowed to be invoked by the SysRq key. +By default, +the file contains 1 meaning that every possible SysRq request is allowed +(in older kernel versions, SysRq was disabled by default, +and you were required to specifically enable it at run-time, +but this is not the case any more). +Possible values in this file are: +.RS +.TP 5 +0 +Disable sysrq completely +.TP +1 +Enable all functions of sysrq +.TP +> 1 +Bit mask of allowed sysrq functions, as follows: +.PD 0 +.RS +.TP 5 +\ \ 2 +Enable control of console logging level +.TP +\ \ 4 +Enable control of keyboard (SAK, unraw) +.TP +\ \ 8 +Enable debugging dumps of processes etc. +.TP +\ 16 +Enable sync command +.TP +\ 32 +Enable remount read-only +.TP +\ 64 +Enable signaling of processes (term, kill, oom-kill) +.TP +128 +Allow reboot/poweroff +.TP +256 +Allow nicing of all real-time tasks +.RE +.PD +.RE +.IP +This file is present only if the +.B CONFIG_MAGIC_SYSRQ +kernel configuration option is enabled. +For further details see the Linux kernel source file +.I Documentation/admin\-guide/sysrq.rst +.\" commit 9d85025b0418163fae079c9ba8f8445212de8568 +(or +.I Documentation/sysrq.txt +before Linux 4.10). +.TP +.I /proc/sys/kernel/version +This file contains a string such as: +.IP +.in +4n +.EX +#5 Wed Feb 25 21:49:24 MET 1998 +.EE +.in +.IP +The "#5" means that +this is the fifth kernel built from this source base and the +date following it indicates the time the kernel was built. +.TP +.IR /proc/sys/kernel/threads\-max " (since Linux 2.3.11)" +.\" The following is based on Documentation/sysctl/kernel.txt +This file specifies the system-wide limit on the number of +threads (tasks) that can be created on the system. +.IP +Since Linux 4.1, +.\" commit 230633d109e35b0a24277498e773edeb79b4a331 +the value that can be written to +.I threads\-max +is bounded. +The minimum value that can be written is 20. +The maximum value that can be written is given by the +constant +.B FUTEX_TID_MASK +(0x3fffffff). +If a value outside of this range is written to +.IR threads\-max , +the error +.B EINVAL +occurs. +.IP +The value written is checked against the available RAM pages. +If the thread structures would occupy too much (more than 1/8th) +of the available RAM pages, +.I threads\-max +is reduced accordingly. +.TP +.IR /proc/sys/kernel/yama/ptrace_scope " (since Linux 3.5)" +See +.BR ptrace (2). +.TP +.IR /proc/sys/kernel/zero\-paged " (PowerPC only)" +This file +contains a flag. +When enabled (nonzero), Linux-PPC will pre-zero pages in +the idle loop, possibly speeding up get_free_pages. +.TP +.I /proc/sys/net +This directory contains networking stuff. +Explanations for some of the files under this directory can be found in +.BR tcp (7) +and +.BR ip (7). +.TP +.I /proc/sys/net/core/bpf_jit_enable +See +.BR bpf (2). +.TP +.I /proc/sys/net/core/somaxconn +This file defines a ceiling value for the +.I backlog +argument of +.BR listen (2); +see the +.BR listen (2) +manual page for details. +.TP +.I /proc/sys/proc +This directory may be empty. +.TP +.I /proc/sys/sunrpc +This directory supports Sun remote procedure call for network filesystem +(NFS). +On some systems, it is not present. +.TP +.IR /proc/sys/user " (since Linux 4.9)" +See +.BR namespaces (7). +.TP +.I /proc/sys/vm +This directory contains files for memory management tuning, buffer, and +cache management. +.TP +.IR /proc/sys/vm/admin_reserve_kbytes " (since Linux 3.10)" +.\" commit 4eeab4f5580d11bffedc697684b91b0bca0d5009 +This file defines the amount of free memory (in KiB) on the system that +should be reserved for users with the capability +.BR CAP_SYS_ADMIN . +.IP +The default value in this file is the minimum of [3% of free pages, 8MiB] +expressed as KiB. +The default is intended to provide enough for the superuser +to log in and kill a process, if necessary, +under the default overcommit 'guess' mode (i.e., 0 in +.IR /proc/sys/vm/overcommit_memory ). +.IP +Systems running in "overcommit never" mode (i.e., 2 in +.IR /proc/sys/vm/overcommit_memory ) +should increase the value in this file to account +for the full virtual memory size of the programs used to recover (e.g., +.BR login (1) +.BR ssh (1), +and +.BR top (1)) +Otherwise, the superuser may not be able to log in to recover the system. +For example, on x86-64 a suitable value is 131072 (128MiB reserved). +.IP +Changing the value in this file takes effect whenever +an application requests memory. +.TP +.IR /proc/sys/vm/compact_memory " (since Linux 2.6.35)" +When 1 is written to this file, all zones are compacted such that free +memory is available in contiguous blocks where possible. +The effect of this action can be seen by examining +.IR /proc/buddyinfo . +.IP +Present only if the kernel was configured with +.BR CONFIG_COMPACTION . +.TP +.IR /proc/sys/vm/drop_caches " (since Linux 2.6.16)" +Writing to this file causes the kernel to drop clean caches, dentries, and +inodes from memory, causing that memory to become free. +This can be useful for memory management testing and +performing reproducible filesystem benchmarks. +Because writing to this file causes the benefits of caching to be lost, +it can degrade overall system performance. +.IP +To free pagecache, use: +.IP +.in +4n +.EX +echo 1 > /proc/sys/vm/drop_caches +.EE +.in +.IP +To free dentries and inodes, use: +.IP +.in +4n +.EX +echo 2 > /proc/sys/vm/drop_caches +.EE +.in +.IP +To free pagecache, dentries, and inodes, use: +.IP +.in +4n +.EX +echo 3 > /proc/sys/vm/drop_caches +.EE +.in +.IP +Because writing to this file is a nondestructive operation and dirty objects +are not freeable, the +user should run +.BR sync (1) +first. +.TP +.IR /proc/sys/vm/sysctl_hugetlb_shm_group " (since Linux 2.6.7)" +This writable file contains a group ID that is allowed +to allocate memory using huge pages. +If a process has a filesystem group ID or any supplementary group ID that +matches this group ID, +then it can make huge-page allocations without holding the +.B CAP_IPC_LOCK +capability; see +.BR memfd_create (2), +.BR mmap (2), +and +.BR shmget (2). +.TP +.IR /proc/sys/vm/legacy_va_layout " (since Linux 2.6.9)" +.\" The following is from Documentation/filesystems/proc.txt +If nonzero, this disables the new 32-bit memory-mapping layout; +the kernel will use the legacy (2.4) layout for all processes. +.TP +.IR /proc/sys/vm/memory_failure_early_kill " (since Linux 2.6.32)" +.\" The following is based on the text in Documentation/sysctl/vm.txt +Control how to kill processes when an uncorrected memory error +(typically a 2-bit error in a memory module) +that cannot be handled by the kernel +is detected in the background by hardware. +In some cases (like the page still having a valid copy on disk), +the kernel will handle the failure +transparently without affecting any applications. +But if there is no other up-to-date copy of the data, +it will kill processes to prevent any data corruptions from propagating. +.IP +The file has one of the following values: +.RS +.TP +.B 1 +Kill all processes that have the corrupted-and-not-reloadable page mapped +as soon as the corruption is detected. +Note that this is not supported for a few types of pages, +such as kernel internally +allocated data or the swap cache, but works for the majority of user pages. +.TP +.B 0 +Unmap the corrupted page from all processes and kill a process +only if it tries to access the page. +.RE +.IP +The kill is performed using a +.B SIGBUS +signal with +.I si_code +set to +.BR BUS_MCEERR_AO . +Processes can handle this if they want to; see +.BR sigaction (2) +for more details. +.IP +This feature is active only on architectures/platforms with advanced machine +check handling and depends on the hardware capabilities. +.IP +Applications can override the +.I memory_failure_early_kill +setting individually with the +.BR prctl (2) +.B PR_MCE_KILL +operation. +.IP +Present only if the kernel was configured with +.BR CONFIG_MEMORY_FAILURE . +.TP +.IR /proc/sys/vm/memory_failure_recovery " (since Linux 2.6.32)" +.\" The following is based on the text in Documentation/sysctl/vm.txt +Enable memory failure recovery (when supported by the platform). +.RS +.TP +.B 1 +Attempt recovery. +.TP +.B 0 +Always panic on a memory failure. +.RE +.IP +Present only if the kernel was configured with +.BR CONFIG_MEMORY_FAILURE . +.TP +.IR /proc/sys/vm/oom_dump_tasks " (since Linux 2.6.25)" +.\" The following is from Documentation/sysctl/vm.txt +Enables a system-wide task dump (excluding kernel threads) to be +produced when the kernel performs an OOM-killing. +The dump includes the following information +for each task (thread, process): +thread ID, real user ID, thread group ID (process ID), +virtual memory size, resident set size, +the CPU that the task is scheduled on, +oom_adj score (see the description of +.IR /proc/ pid /oom_adj ), +and command name. +This is helpful to determine why the OOM-killer was invoked +and to identify the rogue task that caused it. +.IP +If this contains the value zero, this information is suppressed. +On very large systems with thousands of tasks, +it may not be feasible to dump the memory state information for each one. +Such systems should not be forced to incur a performance penalty in +OOM situations when the information may not be desired. +.IP +If this is set to nonzero, this information is shown whenever the +OOM-killer actually kills a memory-hogging task. +.IP +The default value is 0. +.TP +.IR /proc/sys/vm/oom_kill_allocating_task " (since Linux 2.6.24)" +.\" The following is from Documentation/sysctl/vm.txt +This enables or disables killing the OOM-triggering task in +out-of-memory situations. +.IP +If this is set to zero, the OOM-killer will scan through the entire +tasklist and select a task based on heuristics to kill. +This normally selects a rogue memory-hogging task that +frees up a large amount of memory when killed. +.IP +If this is set to nonzero, the OOM-killer simply kills the task that +triggered the out-of-memory condition. +This avoids a possibly expensive tasklist scan. +.IP +If +.I /proc/sys/vm/panic_on_oom +is nonzero, it takes precedence over whatever value is used in +.IR /proc/sys/vm/oom_kill_allocating_task . +.IP +The default value is 0. +.TP +.IR /proc/sys/vm/overcommit_kbytes " (since Linux 3.14)" +.\" commit 49f0ce5f92321cdcf741e35f385669a421013cb7 +This writable file provides an alternative to +.I /proc/sys/vm/overcommit_ratio +for controlling the +.I CommitLimit +when +.I /proc/sys/vm/overcommit_memory +has the value 2. +It allows the amount of memory overcommitting to be specified as +an absolute value (in kB), +rather than as a percentage, as is done with +.IR overcommit_ratio . +This allows for finer-grained control of +.I CommitLimit +on systems with extremely large memory sizes. +.IP +Only one of +.I overcommit_kbytes +or +.I overcommit_ratio +can have an effect: +if +.I overcommit_kbytes +has a nonzero value, then it is used to calculate +.IR CommitLimit , +otherwise +.I overcommit_ratio +is used. +Writing a value to either of these files causes the +value in the other file to be set to zero. +.TP +.I /proc/sys/vm/overcommit_memory +This file contains the kernel virtual memory accounting mode. +Values are: +.RS +.IP +0: heuristic overcommit (this is the default) +.br +1: always overcommit, never check +.br +2: always check, never overcommit +.RE +.IP +In mode 0, calls of +.BR mmap (2) +with +.B MAP_NORESERVE +are not checked, and the default check is very weak, +leading to the risk of getting a process "OOM-killed". +.IP +In mode 1, the kernel pretends there is always enough memory, +until memory actually runs out. +One use case for this mode is scientific computing applications +that employ large sparse arrays. +Before Linux 2.6.0, any nonzero value implies mode 1. +.IP +In mode 2 (available since Linux 2.6), the total virtual address space +that can be allocated +.RI ( CommitLimit +in +.IR /proc/meminfo ) +is calculated as +.IP +.in +4n +.EX +CommitLimit = (total_RAM \- total_huge_TLB) * + overcommit_ratio / 100 + total_swap +.EE +.in +.IP +where: +.RS +.IP \[bu] 3 +.I total_RAM +is the total amount of RAM on the system; +.IP \[bu] +.I total_huge_TLB +is the amount of memory set aside for huge pages; +.IP \[bu] +.I overcommit_ratio +is the value in +.IR /proc/sys/vm/overcommit_ratio ; +and +.IP \[bu] +.I total_swap +is the amount of swap space. +.RE +.IP +For example, on a system with 16 GB of physical RAM, 16 GB +of swap, no space dedicated to huge pages, and an +.I overcommit_ratio +of 50, this formula yields a +.I CommitLimit +of 24 GB. +.IP +Since Linux 3.14, if the value in +.I /proc/sys/vm/overcommit_kbytes +is nonzero, then +.I CommitLimit +is instead calculated as: +.IP +.in +4n +.EX +CommitLimit = overcommit_kbytes + total_swap +.EE +.in +.IP +See also the description of +.I /proc/sys/vm/admin_reserve_kbytes +and +.IR /proc/sys/vm/user_reserve_kbytes . +.TP +.IR /proc/sys/vm/overcommit_ratio " (since Linux 2.6.0)" +This writable file defines a percentage by which memory +can be overcommitted. +The default value in the file is 50. +See the description of +.IR /proc/sys/vm/overcommit_memory . +.TP +.IR /proc/sys/vm/panic_on_oom " (since Linux 2.6.18)" +.\" The following is adapted from Documentation/sysctl/vm.txt +This enables or disables a kernel panic in +an out-of-memory situation. +.IP +If this file is set to the value 0, +the kernel's OOM-killer will kill some rogue process. +Usually, the OOM-killer is able to kill a rogue process and the +system will survive. +.IP +If this file is set to the value 1, +then the kernel normally panics when out-of-memory happens. +However, if a process limits allocations to certain nodes +using memory policies +.RB ( mbind (2) +.BR MPOL_BIND ) +or cpusets +.RB ( cpuset (7)) +and those nodes reach memory exhaustion status, +one process may be killed by the OOM-killer. +No panic occurs in this case: +because other nodes' memory may be free, +this means the system as a whole may not have reached +an out-of-memory situation yet. +.IP +If this file is set to the value 2, +the kernel always panics when an out-of-memory condition occurs. +.IP +The default value is 0. +1 and 2 are for failover of clustering. +Select either according to your policy of failover. +.TP +.I /proc/sys/vm/swappiness +.\" The following is from Documentation/sysctl/vm.txt +The value in this file controls how aggressively the kernel will swap +memory pages. +Higher values increase aggressiveness, lower values +decrease aggressiveness. +The default value is 60. +.TP +.IR /proc/sys/vm/user_reserve_kbytes " (since Linux 3.10)" +.\" commit c9b1d0981fcce3d9976d7b7a56e4e0503bc610dd +Specifies an amount of memory (in KiB) to reserve for user processes. +This is intended to prevent a user from starting a single memory hogging +process, such that they cannot recover (kill the hog). +The value in this file has an effect only when +.I /proc/sys/vm/overcommit_memory +is set to 2 ("overcommit never" mode). +In this case, the system reserves an amount of memory that is the minimum +of [3% of current process size, +.IR user_reserve_kbytes ]. +.IP +The default value in this file is the minimum of [3% of free pages, 128MiB] +expressed as KiB. +.IP +If the value in this file is set to zero, +then a user will be allowed to allocate all free memory with a single process +(minus the amount reserved by +.IR /proc/sys/vm/admin_reserve_kbytes ). +Any subsequent attempts to execute a command will result in +"fork: Cannot allocate memory". +.IP +Changing the value in this file takes effect whenever +an application requests memory. +.TP +.IR /proc/sys/vm/unprivileged_userfaultfd " (since Linux 5.2)" +.\" cefdca0a86be517bc390fc4541e3674b8e7803b0 +This (writable) file exposes a flag that controls whether +unprivileged processes are allowed to employ +.BR userfaultfd (2). +If this file has the value 1, then unprivileged processes may use +.BR userfaultfd (2). +If this file has the value 0, then only processes that have the +.B CAP_SYS_PTRACE +capability may employ +.BR userfaultfd (2). +The default value in this file is 1. +.TP +.IR /proc/sysrq\-trigger " (since Linux 2.4.21)" +Writing a character to this file triggers the same SysRq function as +typing ALT-SysRq-<character> (see the description of +.IR /proc/sys/kernel/sysrq ). +This file is normally writable only by +.IR root . +For further details see the Linux kernel source file +.I Documentation/admin\-guide/sysrq.rst +.\" commit 9d85025b0418163fae079c9ba8f8445212de8568 +(or +.I Documentation/sysrq.txt +before Linux 4.10). +.TP +.I /proc/sysvipc +Subdirectory containing the pseudo-files +.IR msg ", " sem " and " shm "." +These files list the System V Interprocess Communication (IPC) objects +(respectively: message queues, semaphores, and shared memory) +that currently exist on the system, +providing similar information to that available via +.BR ipcs (1). +These files have headers and are formatted (one IPC object per line) +for easy understanding. +.BR sysvipc (7) +provides further background on the information shown by these files. +.TP +.IR /proc/thread\-self " (since Linux 3.17)" +.\" commit 0097875bd41528922fb3bb5f348c53f17e00e2fd +This directory refers to the thread accessing the +.I /proc +filesystem, +and is identical to the +.IR /proc/self/task/ tid +directory named by the process thread ID +.RI ( tid ) +of the same thread. +.TP +.IR /proc/timer_list " (since Linux 2.6.21)" +.\" commit 289f480af87e45f7a6de6ba9b4c061c2e259fe98 +This read-only file exposes a list of all currently pending +(high-resolution) timers, +all clock-event sources, and their parameters in a human-readable form. +.TP +.IR /proc/timer_stats " (from Linux 2.6.21 until Linux 4.10)" +.\" commit 82f67cd9fca8c8762c15ba7ed0d5747588c1e221 +.\" Date: Fri Feb 16 01:28:13 2007 -0800 +.\" Text largely derived from Documentation/timers/timer_stats.txt +.\" removed in commit dfb4357da6ddbdf57d583ba64361c9d792b0e0b1 +.\" Date: Wed Feb 8 11:26:59 2017 -0800 +This is a debugging facility to make timer (ab)use in a Linux +system visible to kernel and user-space developers. +It can be used by kernel and user-space developers to verify that +their code does not make undue use of timers. +The goal is to avoid unnecessary wakeups, +thereby optimizing power consumption. +.IP +If enabled in the kernel +.RB ( CONFIG_TIMER_STATS ), +but not used, +it has almost zero run-time overhead and a relatively small +data-structure overhead. +Even if collection is enabled at run time, overhead is low: +all the locking is per-CPU and lookup is hashed. +.IP +The +.I /proc/timer_stats +file is used both to control sampling facility and to read out the +sampled information. +.IP +The +.I timer_stats +functionality is inactive on bootup. +A sampling period can be started using the following command: +.IP +.in +4n +.EX +# echo 1 > /proc/timer_stats +.EE +.in +.IP +The following command stops a sampling period: +.IP +.in +4n +.EX +# echo 0 > /proc/timer_stats +.EE +.in +.IP +The statistics can be retrieved by: +.IP +.in +4n +.EX +$ cat /proc/timer_stats +.EE +.in +.IP +While sampling is enabled, each readout from +.I /proc/timer_stats +will see +newly updated statistics. +Once sampling is disabled, the sampled information +is kept until a new sample period is started. +This allows multiple readouts. +.IP +Sample output from +.IR /proc/timer_stats : +.IP +.in +4n +.EX +.RB $ " cat /proc/timer_stats" +Timer Stats Version: v0.3 +Sample period: 1.764 s +Collection: active + 255, 0 swapper/3 hrtimer_start_range_ns (tick_sched_timer) + 71, 0 swapper/1 hrtimer_start_range_ns (tick_sched_timer) + 58, 0 swapper/0 hrtimer_start_range_ns (tick_sched_timer) + 4, 1694 gnome\-shell mod_delayed_work_on (delayed_work_timer_fn) + 17, 7 rcu_sched rcu_gp_kthread (process_timeout) +\&... + 1, 4911 kworker/u16:0 mod_delayed_work_on (delayed_work_timer_fn) + 1D, 2522 kworker/0:0 queue_delayed_work_on (delayed_work_timer_fn) +1029 total events, 583.333 events/sec +.EE +.in +.IP +The output columns are: +.RS +.IP [1] 5 +a count of the number of events, +optionally (since Linux 2.6.23) followed by the letter \[aq]D\[aq] +.\" commit c5c061b8f9726bc2c25e19dec227933a13d1e6b7 deferrable timers +if this is a deferrable timer; +.IP [2] +the PID of the process that initialized the timer; +.IP [3] +the name of the process that initialized the timer; +.IP [4] +the function where the timer was initialized; and +(in parentheses) +the callback function that is associated with the timer. +.RE +.IP +During the Linux 4.11 development cycle, +this file was removed because of security concerns, +as it exposes information across namespaces. +Furthermore, it is possible to obtain +the same information via in-kernel tracing facilities such as ftrace. +.TP +.I /proc/tty +Subdirectory containing the pseudo-files and subdirectories for +tty drivers and line disciplines. +.TP +.I /proc/uptime +This file contains two numbers (values in seconds): the uptime of the +system (including time spent in suspend) and the amount of time spent +in the idle process. +.TP +.I /proc/version +This string identifies the kernel version that is currently running. +It includes the contents of +.IR /proc/sys/kernel/ostype , +.IR /proc/sys/kernel/osrelease , +and +.IR /proc/sys/kernel/version . +For example: +.IP +.in +4n +.EX +Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994 +.EE +.in +.\" FIXME 2.6.13 seems to have /proc/vmcore implemented; document this +.\" See Documentation/kdump/kdump.txt +.\" commit 666bfddbe8b8fd4fd44617d6c55193d5ac7edb29 +.\" Needs CONFIG_VMCORE +.\" +.TP +.IR /proc/vmstat " (since Linux 2.6.0)" +This file displays various virtual memory statistics. +Each line of this file contains a single name-value pair, +delimited by white space. +Some lines are present only if the kernel was configured with +suitable options. +(In some cases, the options required for particular files have changed +across kernel versions, so they are not listed here. +Details can be found by consulting the kernel source code.) +The following fields may be present: +.\" FIXME We need explanations for each of the following fields... +.RS +.TP +.IR nr_free_pages " (since Linux 2.6.31)" +.\" commit d23ad42324cc4378132e51f2fc5c9ba6cbe75182 +.TP +.IR nr_alloc_batch " (since Linux 3.12)" +.\" commit 81c0a2bb515fd4daae8cab64352877480792b515 +.TP +.IR nr_inactive_anon " (since Linux 2.6.28)" +.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db +.TP +.IR nr_active_anon " (since Linux 2.6.28)" +.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db +.TP +.IR nr_inactive_file " (since Linux 2.6.28)" +.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db +.TP +.IR nr_active_file " (since Linux 2.6.28)" +.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db +.TP +.IR nr_unevictable " (since Linux 2.6.28)" +.\" commit 7b854121eb3e5ba0241882ff939e2c485228c9c5 +.TP +.IR nr_mlock " (since Linux 2.6.28)" +.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820 +.TP +.IR nr_anon_pages " (since Linux 2.6.18)" +.\" commit f3dbd34460ff54962d3e3244b6bcb7f5295356e6 +.TP +.IR nr_mapped " (since Linux 2.6.0)" +.TP +.IR nr_file_pages " (since Linux 2.6.18)" +.\" commit 347ce434d57da80fd5809c0c836f206a50999c26 +.TP +.IR nr_dirty " (since Linux 2.6.0)" +.TP +.IR nr_writeback " (since Linux 2.6.0)" +.TP +.IR nr_slab_reclaimable " (since Linux 2.6.19)" +.\" commit 972d1a7b140569084439a81265a0f15b74e924e0 +.\" Linux 2.6.0 had nr_slab +.TP +.IR nr_slab_unreclaimable " (since Linux 2.6.19)" +.\" commit 972d1a7b140569084439a81265a0f15b74e924e0 +.TP +.IR nr_page_table_pages " (since Linux 2.6.0)" +.TP +.IR nr_kernel_stack " (since Linux 2.6.32)" +.\" commit c6a7f5728a1db45d30df55a01adc130b4ab0327c +Amount of memory allocated to kernel stacks. +.TP +.IR nr_unstable " (since Linux 2.6.0)" +.TP +.IR nr_bounce " (since Linux 2.6.12)" +.\" commit edfbe2b0038723e5699ab22695ccd62b5542a5c1 +.TP +.IR nr_vmscan_write " (since Linux 2.6.19)" +.\" commit e129b5c23c2b471d47f1c5d2b8b193fc2034af43 +.TP +.IR nr_vmscan_immediate_reclaim " (since Linux 3.2)" +.\" commit 49ea7eb65e7c5060807fb9312b1ad4c3eab82e2c +.TP +.IR nr_writeback_temp " (since Linux 2.6.26)" +.\" commit fc3ba692a4d19019387c5acaea63131f9eab05dd +.TP +.IR nr_isolated_anon " (since Linux 2.6.32)" +.\" commit a731286de62294b63d8ceb3c5914ac52cc17e690 +.TP +.IR nr_isolated_file " (since Linux 2.6.32)" +.\" commit a731286de62294b63d8ceb3c5914ac52cc17e690 +.TP +.IR nr_shmem " (since Linux 2.6.32)" +.\" commit 4b02108ac1b3354a22b0d83c684797692efdc395 +Pages used by shmem and +.BR tmpfs (5). +.TP +.IR nr_dirtied " (since Linux 2.6.37)" +.\" commit ea941f0e2a8c02ae876cd73deb4e1557248f258c +.TP +.IR nr_written " (since Linux 2.6.37)" +.\" commit ea941f0e2a8c02ae876cd73deb4e1557248f258c +.TP +.IR nr_pages_scanned " (since Linux 3.17)" +.\" commit 0d5d823ab4e608ec7b52ac4410de4cb74bbe0edd +.TP +.IR numa_hit " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR numa_miss " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR numa_foreign " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR numa_interleave " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR numa_local " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR numa_other " (since Linux 2.6.18)" +.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_NUMA . +.TP +.IR workingset_refault " (since Linux 3.15)" +.\" commit a528910e12ec7ee203095eb1711468a66b9b60b0 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR workingset_activate " (since Linux 3.15)" +.\" commit a528910e12ec7ee203095eb1711468a66b9b60b0 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR workingset_nodereclaim " (since Linux 3.15)" +.\" commit 449dd6984d0e47643c04c807f609dd56d48d5bcc +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR nr_anon_transparent_hugepages " (since Linux 2.6.38)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR nr_free_cma " (since Linux 3.7)" +.\" commit d1ce749a0db12202b711d1aba1d29e823034648d +Number of free CMA (Contiguous Memory Allocator) pages. +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR nr_dirty_threshold " (since Linux 2.6.37)" +.\" commit 79da826aee6a10902ef411bc65864bd02102fa83 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR nr_dirty_background_threshold " (since Linux 2.6.37)" +.\" commit 79da826aee6a10902ef411bc65864bd02102fa83 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgpgin " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgpgout " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pswpin " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pswpout " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgalloc_dma " (since Linux 2.6.5)" +.\" Linux 2.6.0 had pgalloc +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgalloc_dma32 " (since Linux 2.6.16)" +.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgalloc_normal " (since Linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgalloc_high " (since Linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgalloc_movable " (since Linux 2.6.23)" +.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgfree " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgactivate " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgdeactivate " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgfault " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgmajfault " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgrefill_dma " (since Linux 2.6.5)" +.\" Linux 2.6.0 had pgrefill +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgrefill_dma32 " (since Linux 2.6.16)" +.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgrefill_normal " (since Linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgrefill_high " (since Linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgrefill_movable " (since Linux 2.6.23)" +.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.\" Formerly there were +.\" pgsteal_high +.\" pgsteal_normal +.\" pgsteal_dma32 +.\" pgsteal_dma +.\" These were split out into pgsteal_kswapd* and pgsteal_direct* +.\" in commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.TP +.IR pgsteal_kswapd_dma " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Linux 2.6.0 had pgsteal +.\" Present only if the kernel was configured with +.\" .\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_kswapd_dma32 " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_kswapd_normal " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_kswapd_high " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgsteal_kswapd_movable " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgsteal_direct_dma +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_direct_dma32 " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_direct_normal " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgsteal_direct_high " (since Linux 3.4)" +.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgsteal_direct_movable " (since Linux 2.6.23)" +.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgscan_kswapd_dma +.\" Linux 2.6.0 had pgscan +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgscan_kswapd_dma32 " (since Linux 2.6.16)" +.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgscan_kswapd_normal " (since Linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgscan_kswapd_high +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgscan_kswapd_movable " (since Linux 2.6.23)" +.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgscan_direct_dma +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgscan_direct_dma32 " (since Linux 2.6.16)" +.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgscan_direct_normal +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.I pgscan_direct_high +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HIGHMEM . +.TP +.IR pgscan_direct_movable " (since Linux 2.6.23)" +.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgscan_direct_throttle " (since Linux 3.6)" +.\" commit 68243e76ee343d63c6cf76978588a885951e2818 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR zone_reclaim_failed " (since linux 2.6.31)" +.\" commit 24cf72518c79cdcda486ed26074ff8151291cf65 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA . +.TP +.IR pginodesteal " (since linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR slabs_scanned " (since linux 2.6.5)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR kswapd_inodesteal " (since linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR kswapd_low_wmark_hit_quickly " (since Linux 2.6.33)" +.\" commit bb3ab596832b920c703d1aea1ce76d69c0f71fb7 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR kswapd_high_wmark_hit_quickly " (since Linux 2.6.33)" +.\" commit bb3ab596832b920c703d1aea1ce76d69c0f71fb7 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pageoutrun " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR allocstall " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR pgrotated " (since Linux 2.6.0)" +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR drop_pagecache " (since Linux 3.15)" +.\" commit 5509a5d27b971a90b940e148ca9ca53312e4fa7a +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR drop_slab " (since Linux 3.15)" +.\" commit 5509a5d27b971a90b940e148ca9ca53312e4fa7a +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR numa_pte_updates " (since Linux 3.8)" +.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA_BALANCING . +.TP +.IR numa_huge_pte_updates " (since Linux 3.13)" +.\" commit 72403b4a0fbdf433c1fe0127e49864658f6f6468 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA_BALANCING . +.TP +.IR numa_hint_faults " (since Linux 3.8)" +.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA_BALANCING . +.TP +.IR numa_hint_faults_local " (since Linux 3.8)" +.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA_BALANCING . +.TP +.IR numa_pages_migrated " (since Linux 3.8)" +.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_NUMA_BALANCING +.\" and +.\" .BR CONFIG_NUMA_BALANCING . +.TP +.IR pgmigrate_success " (since Linux 3.8)" +.\" commit 5647bc293ab15f66a7b1cda850c5e9d162a6c7c2 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_MIGRATION . +.TP +.IR pgmigrate_fail " (since Linux 3.8)" +.\" commit 5647bc293ab15f66a7b1cda850c5e9d162a6c7c2 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_MIGRATION . +.TP +.IR compact_migrate_scanned " (since Linux 3.8)" +.\" commit 397487db696cae0b026a474a5cd66f4e372995e6 +.\" Linux 3.8 dropped compact_blocks_moved, compact_pages_moved, and +.\" compact_pagemigrate_failed +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR compact_free_scanned " (since Linux 3.8)" +.\" commit 397487db696cae0b026a474a5cd66f4e372995e6 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR compact_isolated " (since Linux 3.8)" +.\" commit 397487db696cae0b026a474a5cd66f4e372995e6 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR compact_stall " (since Linux 2.6.35)" +.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR compact_fail " (since Linux 2.6.35)" +.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR compact_success " (since Linux 2.6.35)" +.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_COMPACTION . +.TP +.IR htlb_buddy_alloc_success " (since Linux 2.6.26)" +.\" commit 3b1163006332302117b1b2acf226d4014ff46525 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HUGETLB_PAGE . +.TP +.IR htlb_buddy_alloc_fail " (since Linux 2.6.26)" +.\" commit 3b1163006332302117b1b2acf226d4014ff46525 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_HUGETLB_PAGE . +.TP +.IR unevictable_pgs_culled " (since Linux 2.6.28)" +.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_scanned " (since Linux 2.6.28)" +.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_rescued " (since Linux 2.6.28)" +.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_mlocked " (since Linux 2.6.28)" +.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_munlocked " (since Linux 2.6.28)" +.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_cleared " (since Linux 2.6.28)" +.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.TP +.IR unevictable_pgs_stranded " (since Linux 2.6.28)" +.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS . +.\" Linux 3.7 removed unevictable_pgs_mlockfreed +.TP +.IR thp_fault_alloc " (since Linux 2.6.39)" +.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_fault_fallback " (since Linux 2.6.39)" +.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_collapse_alloc " (since Linux 2.6.39)" +.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_collapse_alloc_failed " (since Linux 2.6.39)" +.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_split " (since Linux 2.6.39)" +.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_zero_page_alloc " (since Linux 3.8)" +.\" commit d8a8e1f0da3d29d7268b3300c96a059d63901b76 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR thp_zero_page_alloc_failed " (since Linux 3.8)" +.\" commit d8a8e1f0da3d29d7268b3300c96a059d63901b76 +See the kernel source file +.IR Documentation/admin\-guide/mm/transhuge.rst . +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_TRANSPARENT_HUGEPAGE . +.TP +.IR balloon_inflate " (since Linux 3.18)" +.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_MEMORY_BALLOON . +.TP +.IR balloon_deflate " (since Linux 3.18)" +.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS +.\" and +.\" .BR CONFIG_MEMORY_BALLOON . +.TP +.IR balloon_migrate " (since Linux 3.18)" +.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_VM_EVENT_COUNTERS , +.\" .BR CONFIG_MEMORY_BALLOON , +.\" and +.\" .BR CONFIG_BALLOON_COMPACTION . +.TP +.IR nr_tlb_remote_flush " (since Linux 3.12)" +.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_TLBFLUSH +.\" and +.\" .BR CONFIG_SMP . +.TP +.IR nr_tlb_remote_flush_received " (since Linux 3.12)" +.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_TLBFLUSH +.\" and +.\" .BR CONFIG_SMP . +.TP +.IR nr_tlb_local_flush_all " (since Linux 3.12)" +.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_TLBFLUSH . +.TP +.IR nr_tlb_local_flush_one " (since Linux 3.12)" +.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_TLBFLUSH . +.TP +.IR vmacache_find_calls " (since Linux 3.16)" +.\" commit 4f115147ff802267d0aa41e361c5aa5bd933d896 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_VM_VMACACHE . +.TP +.IR vmacache_find_hits " (since Linux 3.16)" +.\" commit 4f115147ff802267d0aa41e361c5aa5bd933d896 +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_VM_VMACACHE . +.TP +.IR vmacache_full_flushes " (since Linux 3.19)" +.\" commit f5f302e21257ebb0c074bbafc37606c26d28cc3d +.\" Present only if the kernel was configured with +.\" .BR CONFIG_DEBUG_VM_VMACACHE . +.RE +.TP +.IR /proc/zoneinfo " (since Linux 2.6.13)" +This file displays information about memory zones. +This is useful for analyzing virtual memory behavior. +.\" FIXME more should be said about /proc/zoneinfo +.SH NOTES +Many files contain strings (e.g., the environment and command line) +that are in the internal format, +with subfields terminated by null bytes (\[aq]\e0\[aq]). +When inspecting such files, you may find that the results are more readable +if you use a command of the following form to display them: +.PP +.in +4n +.EX +.RB "$" " cat \fIfile\fP | tr \[aq]\e000\[aq] \[aq]\en\[aq]" +.EE +.in +.PP +This manual page is incomplete, possibly inaccurate, and is the kind +of thing that needs to be updated very often. +.\" .SH ACKNOWLEDGEMENTS +.\" The material on /proc/sys/fs and /proc/sys/kernel is closely based on +.\" kernel source documentation files written by Rik van Riel. +.SH SEE ALSO +.BR cat (1), +.BR dmesg (1), +.BR find (1), +.BR free (1), +.BR htop (1), +.BR init (1), +.BR ps (1), +.BR pstree (1), +.BR tr (1), +.BR uptime (1), +.BR chroot (2), +.BR mmap (2), +.BR readlink (2), +.BR syslog (2), +.BR slabinfo (5), +.BR sysfs (5), +.BR hier (7), +.BR namespaces (7), +.BR time (7), +.BR arp (8), +.BR hdparm (8), +.BR ifconfig (8), +.BR lsmod (8), +.BR lspci (8), +.BR mount (8), +.BR netstat (8), +.BR procinfo (8), +.BR route (8), +.BR sysctl (8) +.PP +The Linux kernel source files: +.IR Documentation/filesystems/proc.rst , +.IR Documentation/admin\-guide/sysctl/fs.rst , +.IR Documentation/admin\-guide/sysctl/kernel.rst , +.IR Documentation/admin\-guide/sysctl/net.rst , +and +.IR Documentation/admin\-guide/sysctl/vm.rst . |