proc.5

.\" Copyright (C) 1994, 1995 by Daniel Quinlan (quinlan@yggdrasil.com)
.\" and Copyright (C) 2002-2008,2017 Michael Kerrisk <mtk.manpages@gmail.com>
.\" with networking additions from Alan Cox (A.Cox@swansea.ac.uk)
.\" and scsi additions from Michael Neuffer (neuffer@mail.uni-mainz.de)
.\" and sysctl additions from Andries Brouwer (aeb@cwi.nl)
.\" and System V IPC (as well as various other) additions from
.\" Michael Kerrisk <mtk.manpages@gmail.com>
.\"
.\" %%%LICENSE_START(GPLv2+_DOC_FULL)
.\" This is free documentation; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License as
.\" published by the Free Software Foundation; either version 2 of
.\" the License, or (at your option) any later version.
.\"
.\" The GNU General Public License's references to "object code"
.\" and "executables" are to be interpreted as the output of any
.\" document formatting or typesetting system, including
.\" intermediate and printed output.
.\"
.\" This manual is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public
.\" License along with this manual; if not, see
.\" <http://www.gnu.org/licenses/>.
.\" %%%LICENSE_END
.\"
.\" Modified 1995-05-17 by faith@cs.unc.edu
.\" Minor changes by aeb and Marty Leisner (leisner@sdsp.mc.xerox.com).
.\" Modified 1996-04-13, 1996-07-22 by aeb@cwi.nl
.\" Modified 2001-12-16 by rwhron@earthlink.net
.\" Modified 2002-07-13 by jbelton@shaw.ca
.\" Modified 2002-07-22, 2003-05-27, 2004-04-06, 2004-05-25
.\"    by Michael Kerrisk <mtk.manpages@gmail.com>
.\" 2004-11-17, mtk -- updated notes on /proc/loadavg
.\" 2004-12-01, mtk, rtsig-max and rtsig-nr went away in 2.6.8
.\" 2004-12-14, mtk, updated 'statm', and fixed error in order of list
.\" 2005-05-12, mtk, updated 'stat'
.\" 2005-07-13, mtk, added /proc/sys/fs/mqueue/*
.\" 2005-09-16, mtk, Added /proc/sys/fs/suid_dumpable
.\" 2005-09-19, mtk, added /proc/zoneinfo
.\" 2005-03-01, mtk, moved /proc/sys/fs/mqueue/* material to mq_overview.7.
.\" 2008-06-05, mtk, Added /proc/[pid]/oom_score, /proc/[pid]/oom_adj,
.\"     /proc/[pid]/limits, /proc/[pid]/mountinfo, /proc/[pid]/mountstats,
.\"     and /proc/[pid]/fdinfo/*.
.\" 2008-06-19, mtk, Documented /proc/[pid]/status.
.\" 2008-07-15, mtk, added /proc/config.gz
.\"
.\" FIXME cross check against Documentation/filesystems/proc.txt
.\" to see what information could be imported from that file
.\" into this file.
.\"
.TH PROC 5 2021-08-27 "Linux" "Linux Programmer's Manual"
.SH NAME
proc \- process information pseudo-filesystem
.SH DESCRIPTION
The
.B proc
filesystem is a pseudo-filesystem which provides an interface to
kernel data structures.
It is commonly mounted at
.IR /proc .
Typically, it is mounted automatically by the system,
but it can also be mounted manually using a command such as:
.PP
.in +4n
.EX
mount \-t proc proc /proc
.EE
.in
.PP
Most of the files in the
.B proc
filesystem are read-only,
but some files are writable, allowing kernel variables to be changed.
.\"
.SS Mount options
The
.B proc
filesystem supports the following mount options:
.TP
.BR hidepid "=\fIn\fP (since Linux 3.3)"
.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
This option controls who can access the information in
.IR /proc/[pid]
directories.
The argument,
.IR n ,
is one of the following values:
.RS
.TP 4
0
Everybody may access all
.IR /proc/[pid]
directories.
This is the traditional behavior,
and the default if this mount option is not specified.
.TP
1
Users may not access files and subdirectories inside any
.IR /proc/[pid]
directories but their own (the
.IR /proc/[pid]
directories themselves remain visible).
Sensitive files such as
.IR /proc/[pid]/cmdline
and
.IR /proc/[pid]/status
are now protected against other users.
This makes it impossible to learn whether any user is running a
specific program
(so long as the program doesn't otherwise reveal itself by its behavior).
.\" As an additional bonus, since
.\" .IR /proc/[pid]/cmdline
.\" is inaccessible for other users,
.\" poorly written programs passing sensitive information via
.\" program arguments are now protected against local eavesdroppers.
.TP
2
As for mode 1, but in addition the
.IR /proc/[pid]
directories belonging to other users become invisible.
This means that
.IR /proc/[pid]
entries can no longer be used to discover the PIDs on the system.
This doesn't hide the fact that a process with a specific PID value exists
(it can be learned by other means, for example, by "kill \-0 $PID"),
but it hides a process's UID and GID,
which could otherwise be learned by employing
.BR stat (2)
on a
.IR /proc/[pid]
directory.
This greatly complicates an attacker's task of gathering
information about running processes (e.g., discovering whether
some daemon is running with elevated privileges,
whether another user is running some sensitive program,
whether other users are running any program at all, and so on).
.RE
.TP
.BR gid "=\fIgid\fP (since Linux 3.3)"
.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
Specifies the ID of a group whose members are authorized to
learn process information otherwise prohibited by
.BR hidepid
(i.e., users in this group behave as though
.I /proc
was mounted with
.IR hidepid=0 ).
This group should be used instead of approaches such as putting
nonroot users into the
.BR sudoers (5)
file.
.\"
.SS Overview
Underneath
.IR /proc ,
there are the following general groups of files and subdirectories:
.TP
.IR /proc/[pid] " subdirectories"
Each one of these subdirectories contains files and subdirectories
exposing information about the process with the corresponding process ID.
.IP
Underneath each of the
.I /proc/[pid]
directories, a
.I task
subdirectory contains subdirectories of the form
.IR task/[tid] ,
which contain corresponding information about each of the threads
in the process, where
.I tid
is the kernel thread ID of the thread.
.IP
The
.I /proc/[pid]
subdirectories are visible when iterating through
.I /proc
with
.BR getdents (2)
(and thus are visible when one uses
.BR ls (1)
to view the contents of
.IR /proc ).
.TP
.IR /proc/[tid] " subdirectories"
Each one of these subdirectories contains files and subdirectories
exposing information about the thread with the corresponding thread ID.
The contents of these directories are the same as the corresponding
.IR /proc/[pid]/task/[tid]
directories.
.IP
The
.I /proc/[tid]
subdirectories are
.I not
visible when iterating through
.I /proc
with
.BR getdents (2)
(and thus are
.I not
visible when one uses
.BR ls (1)
to view the contents of
.IR /proc ).
.TP
.I /proc/self
When a process accesses this magic symbolic link,
it resolves to the process's own
.I /proc/[pid]
directory.
.TP
.I /proc/thread\-self
When a thread accesses this magic symbolic link,
it resolves to the process's own
.I /proc/self/task/[tid]
directory.
.TP
.I /proc/[a\-z]*
Various other files and subdirectories under
.I /proc
expose system-wide information.
.PP
All of the above are described in more detail below.
.\"
.SS Files and directories
The following list provides details of many of the files and directories
under the
.I /proc
hierarchy.
.TP
.I /proc/[pid]
There is a numerical subdirectory for each running process; the
subdirectory is named by the process ID.
Each
.I /proc/[pid]
subdirectory contains the pseudo-files and directories described below.
.IP
The files inside each
.I /proc/[pid]
directory are normally owned by the effective user and
effective group ID of the process.
However, as a security measure, the ownership is made
.IR root:root
if the process's "dumpable" attribute is set to a value other than 1.
.IP
Before Linux 4.11,
.\" commit 68eb94f16227336a5773b83ecfa8290f1d6b78ce
.IR root:root
meant the "global" root user ID and group ID
(i.e., UID 0 and GID 0 in the initial user namespace).
Since Linux 4.11,
if the process is in a noninitial user namespace that has a
valid mapping for user (group) ID 0 inside the namespace, then
the user (group) ownership of the files under
.I /proc/[pid]
is instead made the same as the root user (group) ID of the namespace.
This means that inside a container,
things work as expected for the container "root" user.
.IP
The process's "dumpable" attribute may change for the following reasons:
.RS
.IP * 3
The attribute was explicitly set via the
.BR prctl (2)
.B PR_SET_DUMPABLE
operation.
.IP *
The attribute was reset to the value in the file
.IR /proc/sys/fs/suid_dumpable
(described below), for the reasons described in
.BR prctl (2).
.RE
.IP
Resetting the "dumpable" attribute to 1 reverts the ownership of the
.IR /proc/[pid]/*
files to the process's effective UID and GID.
Note, however, that if the effective UID or GID is subsequently modified,
then the "dumpable" attribute may be reset, as described in
.BR prctl (2).
Therefore, it may be desirable to reset the "dumpable" attribute
.I after
making any desired changes to the process's effective UID or GID.
.TP
.I /proc/[pid]/attr
.\" https://lwn.net/Articles/28222/
.\" From:    Stephen Smalley <sds@epoch.ncsc.mil>
.\" To:	     LKML and others
.\" Subject: [RFC][PATCH] Process Attribute API for Security Modules
.\" Date:    08 Apr 2003 16:17:52 -0400
.\"
.\"	http://www.nsa.gov/research/_files/selinux/papers/module/x362.shtml
.\"
The files in this directory provide an API for security modules.
The contents of this directory are files that can be read and written
in order to set security-related attributes.
This directory was added to support SELinux,
but the intention was that the API be general enough to support
other security modules.
For the purpose of explanation,
examples of how SELinux uses these files are provided below.
.IP
This directory is present only if the kernel was configured with
.BR CONFIG_SECURITY .
.TP
.IR /proc/[pid]/attr/current " (since Linux 2.6.0)"
The contents of this file represent the current
security attributes of the process.
.IP
In SELinux, this file is used to get the security context of a process.
Prior to Linux 2.6.11, this file could not be used to set the security
context (a write was always denied), since SELinux limited process security
transitions to
.BR execve (2)
(see the description of
.IR /proc/[pid]/attr/exec ,
below).
Since Linux 2.6.11, SELinux lifted this restriction and began supporting
"set" operations via writes to this node if authorized by policy,
although use of this operation is only suitable for applications that are
trusted to maintain any desired separation between the old and new security
contexts.
.IP
Prior to Linux 2.6.28, SELinux did not allow threads within a
multithreaded process to set their security context via this node
as it would yield an inconsistency among the security contexts of the
threads sharing the same memory space.
Since Linux 2.6.28, SELinux lifted
this restriction and began supporting "set" operations for threads within
a multithreaded process if the new security context is bounded by the old
security context, where the bounded relation is defined in policy and
guarantees that the new security context has a subset of the permissions
of the old security context.
.IP
Other security modules may choose to support "set" operations via
writes to this node.
.TP
.IR /proc/[pid]/attr/exec " (since Linux 2.6.0)"
This file represents the attributes to assign to the
process upon a subsequent
.BR execve (2).
.IP
In SELinux,
this is needed to support role/domain transitions, and
.BR execve (2)
is the preferred point to make such transitions because it offers better
control over the initialization of the process in the new security label
and the inheritance of state.
In SELinux, this attribute is reset on
.BR execve (2)
so that the new program reverts to the default behavior for any
.BR execve (2)
calls that it may make.
In SELinux, a process can set
only its own
.I /proc/[pid]/attr/exec
attribute.
.TP
.IR /proc/[pid]/attr/fscreate " (since Linux 2.6.0)"
This file represents the attributes to assign to files
created by subsequent calls to
.BR open (2),
.BR mkdir (2),
.BR symlink (2),
and
.BR mknod (2)
.IP
SELinux employs this file to support creation of a file
(using the aforementioned system calls)
in a secure state,
so that there is no risk of inappropriate access being obtained
between the time of creation and the time that attributes are set.
In SELinux, this attribute is reset on
.BR execve (2),
so that the new program reverts to the default behavior for
any file creation calls it may make, but the attribute will persist
across multiple file creation calls within a program unless it is
explicitly reset.
In SELinux, a process can set only its own
.IR /proc/[pid]/attr/fscreate
attribute.
.TP
.IR /proc/[pid]/attr/keycreate " (since Linux 2.6.18)"
.\" commit 4eb582cf1fbd7b9e5f466e3718a59c957e75254e
If a process writes a security context into this file,
all subsequently created keys
.RB ( add_key (2))
will be labeled with this context.
For further information, see the kernel source file
.I Documentation/security/keys/core.rst
(or file
.\" commit b68101a1e8f0263dbc7b8375d2a7c57c6216fb76
.I Documentation/security/keys.txt
on Linux between 3.0 and 4.13, or
.\" commit d410fa4ef99112386de5f218dd7df7b4fca910b4
.I Documentation/keys.txt
before Linux 3.0).
.TP
.IR /proc/[pid]/attr/prev " (since Linux 2.6.0)"
This file contains the security context of the process before the last
.BR execve (2);
that is, the previous value of
.IR /proc/[pid]/attr/current .
.TP
.IR /proc/[pid]/attr/socketcreate " (since Linux 2.6.18)"
.\" commit 42c3e03ef6b298813557cdb997bd6db619cd65a2
If a process writes a security context into this file,
all subsequently created sockets will be labeled with this context.
.TP
.IR /proc/[pid]/autogroup " (since Linux 2.6.38)"
.\" commit 5091faa449ee0b7d73bc296a93bca9540fc51d0a
See
.BR sched (7).
.TP
.IR /proc/[pid]/auxv " (since 2.6.0)"
.\" Precisely: Linux 2.6.0-test7
This contains the contents of the ELF interpreter information passed
to the process at exec time.
The format is one \fIunsigned long\fP ID
plus one \fIunsigned long\fP value for each entry.
The last entry contains two zeros.
See also
.BR getauxval (3).
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/cgroup " (since Linux 2.6.24)"
See
.BR cgroups (7).
.TP
.IR /proc/[pid]/clear_refs " (since Linux 2.6.22)"
.\" commit b813e931b4c8235bb42e301096ea97dbdee3e8fe (2.6.22)
.\" commit 398499d5f3613c47f2143b8c54a04efb5d7a6da9 (2.6.32)
.\" commit 040fa02077de01c7e08fa75be6125e4ca5636011 (3.11)
.\"
.\"       "Clears page referenced bits shown in smaps output"
.\"       write-only, writable only by the owner of the process
.IP
This is a write-only file, writable only by owner of the process.
.IP
The following values may be written to the file:
.RS
.TP
1 (since Linux 2.6.22)
.\" Internally: CLEAR_REFS_ALL
Reset the PG_Referenced and ACCESSED/YOUNG
bits for all the pages associated with the process.
(Before kernel 2.6.32, writing any nonzero value to this file
had this effect.)
.TP
2 (since Linux 2.6.32)
.\" Internally: CLEAR_REFS_ANON
Reset the PG_Referenced and ACCESSED/YOUNG
bits for all anonymous pages associated with the process.
.TP
3 (since Linux 2.6.32)
.\" Internally: CLEAR_REFS_MAPPED
Reset the PG_Referenced and ACCESSED/YOUNG
bits for all file-mapped pages associated with the process.
.RE
.IP
Clearing the PG_Referenced and ACCESSED/YOUNG bits provides a method
to measure approximately how much memory a process is using.
One first inspects the values in the "Referenced" fields
for the VMAs shown in
.IR /proc/[pid]/smaps
to get an idea of the memory footprint of the
process.
One then clears the PG_Referenced and ACCESSED/YOUNG bits
and, after some measured time interval,
once again inspects the values in the "Referenced" fields
to get an idea of the change in memory footprint of the
process during the measured interval.
If one is interested only in inspecting the selected mapping types,
then the value 2 or 3 can be used instead of 1.
.IP
Further values can be written to affect different properties:
.RS
.TP
4 (since Linux 3.11)
Clear the soft-dirty bit for all the pages associated with the process.
.\" Internally: CLEAR_REFS_SOFT_DIRTY
This is used (in conjunction with
.IR /proc/[pid]/pagemap )
by the check-point restore system to discover which pages of a process
have been dirtied since the file
.IR /proc/[pid]/clear_refs
was written to.
.TP
5 (since Linux 4.0)
.\" Internally: CLEAR_REFS_MM_HIWATER_RSS
Reset the peak resident set size ("high water mark") to the process's
current resident set size value.
.RE
.IP
Writing any value to
.IR /proc/[pid]/clear_refs
other than those listed above has no effect.
.IP
The
.IR /proc/[pid]/clear_refs
file is present only if the
.B CONFIG_PROC_PAGE_MONITOR
kernel configuration option is enabled.
.TP
.I /proc/[pid]/cmdline
This read-only file holds the complete command line for the process,
unless the process is a zombie.
.\" In 2.3.26, this also used to be true if the process was swapped out.
In the latter case, there is nothing in this file:
that is, a read on this file will return 0 characters.
The command-line arguments appear in this file as a set of
strings separated by null bytes (\(aq\e0\(aq),
with a further null byte after the last string.
.IP
If, after an
.BR execve (2),
the process modifies its
.I argv
strings, those changes will show up here.
This is not the same thing as modifying the
.I argv
array.
.IP
Furthermore, a process may change the memory location that this file refers via
.BR prctl (2)
operations such as
.BR PR_SET_MM_ARG_START .
.IP
Think of this file as the command line that the process wants you to see.
.TP
.IR /proc/[pid]/comm " (since Linux 2.6.33)"
.\" commit 4614a696bd1c3a9af3a08f0e5874830a85b889d4
This file exposes the process's
.I comm
value\(emthat is, the command name associated with the process.
Different threads in the same process may have different
.I comm
values, accessible via
.IR /proc/[pid]/task/[tid]/comm .
A thread may modify its
.I comm
value, or that of any of other thread in the same thread group (see
the discussion of
.B CLONE_THREAD
in
.BR clone (2)),
by writing to the file
.IR /proc/self/task/[tid]/comm .
Strings longer than
.B TASK_COMM_LEN
(16) characters (including the terminating null byte) are silently truncated.
.IP
This file provides a superset of the
.BR prctl (2)
.B PR_SET_NAME
and
.B PR_GET_NAME
operations, and is employed by
.BR pthread_setname_np (3)
when used to rename threads other than the caller.
The value in this file is used for the
.I %e
specifier in
.IR /proc/sys/kernel/core_pattern ;
see
.BR core (5).
.TP
.IR /proc/[pid]/coredump_filter " (since Linux 2.6.23)"
See
.BR core (5).
.TP
.IR /proc/[pid]/cpuset " (since Linux 2.6.12)"
.\" and/proc/[pid]/task/[tid]/cpuset
See
.BR cpuset (7).
.TP
.I /proc/[pid]/cwd
This is a symbolic link to the current working directory of the process.
To find out the current working directory of process 20,
for instance, you can do this:
.IP
.in +4n
.EX
.RB "$" " cd /proc/20/cwd; pwd \-P"
.EE
.in
.IP
.\" The following was still true as at kernel 2.6.13
In a multithreaded process, the contents of this symbolic link
are not available if the main thread has already terminated
(typically by calling
.BR pthread_exit (3)).
.IP
Permission to dereference or read
.RB ( readlink (2))
this symbolic link is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.I /proc/[pid]/environ
This file contains the initial environment that was set
when the currently executing program was started via
.BR execve (2).
The entries are separated by null bytes (\(aq\e0\(aq),
and there may be a null byte at the end.
Thus, to print out the environment of process 1, you would do:
.IP
.in +4n
.EX
.RB "$" " cat /proc/1/environ | tr \(aq\e000\(aq \(aq\en\(aq"
.EE
.in
.IP
If, after an
.BR execve (2),
the process modifies its environment
(e.g., by calling functions such as
.BR putenv (3)
or modifying the
.BR environ (7)
variable directly),
this file will
.I not
reflect those changes.
.IP
Furthermore, a process may change the memory location that this file refers via
.BR prctl (2)
operations such as
.BR PR_SET_MM_ENV_START .
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.I /proc/[pid]/exe
Under Linux 2.2 and later, this file is a symbolic link
containing the actual pathname of the executed command.
This symbolic link can be dereferenced normally; attempting to open
it will open the executable.
You can even type
.I /proc/[pid]/exe
to run another copy of the same executable that is being run by
process [pid].
If the pathname has been unlinked, the symbolic link will contain the
string \(aq(deleted)\(aq appended to the original pathname.
.\" The following was still true as at kernel 2.6.13
In a multithreaded process, the contents of this symbolic link
are not available if the main thread has already terminated
(typically by calling
.BR pthread_exit (3)).
.IP
Permission to dereference or read
.RB ( readlink (2))
this symbolic link is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.IP
Under Linux 2.0 and earlier,
.I /proc/[pid]/exe
is a pointer to the binary which was executed,
and appears as a symbolic link.
A
.BR readlink (2)
call on this file under Linux 2.0 returns a string in the format:
.IP
    [device]:inode
.IP
For example, [0301]:1502 would be inode 1502 on device major 03 (IDE,
MFM, etc. drives) minor 01 (first partition on the first drive).
.IP
.BR find (1)
with the
.I \-inum
option can be used to locate the file.
.TP
.I /proc/[pid]/fd/
This is a subdirectory containing one entry for each file which the
process has open, named by its file descriptor, and which is a
symbolic link to the actual file.
Thus, 0 is standard input, 1 standard output, 2 standard error, and so on.
.IP
For file descriptors for pipes and sockets,
the entries will be symbolic links whose content is the
file type with the inode.
A
.BR readlink (2)
call on this file returns a string in the format:
.IP
    type:[inode]
.IP
For example,
.I socket:[2248868]
will be a socket and its inode is 2248868.
For sockets, that inode can be used to find more information
in one of the files under
.IR /proc/net/ .
.IP
For file descriptors that have no corresponding inode
(e.g., file descriptors produced by
.BR bpf (2),
.BR epoll_create (2),
.BR eventfd (2),
.BR inotify_init (2),
.BR perf_event_open (2),
.BR signalfd (2),
.BR timerfd_create (2),
and
.BR userfaultfd (2)),
the entry will be a symbolic link with contents of the form
.IP
    anon_inode:<file-type>
.IP
In many cases (but not all), the
.I file-type
is surrounded by square brackets.
.IP
For example, an epoll file descriptor will have a symbolic link
whose content is the string
.IR "anon_inode:[eventpoll]" .
.IP
.\"The following was still true as at kernel 2.6.13
In a multithreaded process, the contents of this directory
are not available if the main thread has already terminated
(typically by calling
.BR pthread_exit (3)).
.IP
Programs that take a filename as a command-line argument,
but don't take input from standard input if no argument is supplied,
and programs that write to a file named as a command-line argument,
but don't send their output to standard output
if no argument is supplied, can nevertheless be made to use
standard input or standard output by using
.IR /proc/[pid]/fd
files as command-line arguments.
For example, assuming that
.I \-i
is the flag designating an input file and
.I \-o
is the flag designating an output file:
.IP
.in +4n
.EX
.RB "$" " foobar \-i /proc/self/fd/0 \-o /proc/self/fd/1 ..."
.EE
.in
.IP
and you have a working filter.
.\" The following is not true in my tests (MTK):
.\" Note that this will not work for
.\" programs that seek on their files, as the files in the fd directory
.\" are not seekable.
.IP
.I /proc/self/fd/N
is approximately the same as
.I /dev/fd/N
in some UNIX and UNIX-like systems.
Most Linux MAKEDEV scripts symbolically link
.I /dev/fd
to
.IR /proc/self/fd ,
in fact.
.IP
Most systems provide symbolic links
.IR /dev/stdin ,
.IR /dev/stdout ,
and
.IR /dev/stderr ,
which respectively link to the files
.IR 0 ,
.IR 1 ,
and
.IR 2
in
.IR /proc/self/fd .
Thus the example command above could be written as:
.IP
.in +4n
.EX
.RB "$" " foobar \-i /dev/stdin \-o /dev/stdout ..."
.EE
.in
.IP
Permission to dereference or read
.RB ( readlink (2))
the symbolic links in this directory is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.IP
Note that for file descriptors referring to inodes (pipes and sockets, see above),
those inodes still have permission bits and ownership information
distinct from those of the
.I /proc/[pid]/fd
entry,
and that the owner may differ from the user and group IDs of the process.
An unprivileged process may lack permissions to open them, as in this example:
.IP
.in +4n
.EX
.RB "$" " echo test | sudo \-u nobody cat"
test
.RB "$" " echo test | sudo \-u nobody cat /proc/self/fd/0"
cat: /proc/self/fd/0: Permission denied
.EE
.in
.IP
File descriptor 0 refers to the pipe created by the shell
and owned by that shell's user, which is not
.IR nobody ,
so
.B cat
does not have permission to create a new file descriptor to read from that inode,
even though it can still read from its existing file descriptor 0.
.TP
.IR /proc/[pid]/fdinfo/ " (since Linux 2.6.22)"
This is a subdirectory containing one entry for each file which the
process has open, named by its file descriptor.
The files in this directory are readable only by the owner of the process.
The contents of each file can be read to obtain information
about the corresponding file descriptor.
The content depends on the type of file referred to by the
corresponding file descriptor.
.IP
For regular files and directories, we see something like:
.IP
.in +4n
.EX
.RB "$" " cat /proc/12015/fdinfo/4"
pos:    1000
flags:  01002002
mnt_id: 21
.EE
.in
.IP
The fields are as follows:
.RS
.TP
.I pos
This is a decimal number showing the file offset.
.TP
.I flags
This is an octal number that displays the
file access mode and file status flags (see
.BR open (2)).
If the close-on-exec file descriptor flag is set, then
.I flags
will also include the value
.BR O_CLOEXEC .
.IP
Before Linux 3.1,
.\" commit 1117f72ea0217ba0cc19f05adbbd8b9a397f5ab7
this field incorrectly displayed the setting of
.B O_CLOEXEC
at the time the file was opened,
rather than the current setting of the close-on-exec flag.
.TP
.I
.I mnt_id
This field, present since Linux 3.15,
.\" commit 49d063cb353265c3af701bab215ac438ca7df36d
is the ID of the mount containing this file.
See the description of
.IR /proc/[pid]/mountinfo .
.RE
.IP
For eventfd file descriptors (see
.BR eventfd (2)),
we see (since Linux 3.8)
.\" commit cbac5542d48127b546a23d816380a7926eee1c25
the following fields:
.IP
.in +4n
.EX
pos:	0
flags:	02
mnt_id:	10
eventfd\-count:               40
.EE
.in
.IP
.I eventfd\-count
is the current value of the eventfd counter, in hexadecimal.
.IP
For epoll file descriptors (see
.BR epoll (7)),
we see (since Linux 3.8)
.\" commit 138d22b58696c506799f8de759804083ff9effae
the following fields:
.IP
.in +4n
.EX
pos:	0
flags:	02
mnt_id:	10
tfd:        9 events:       19 data: 74253d2500000009
tfd:        7 events:       19 data: 74253d2500000007
.EE
.in
.IP
Each of the lines beginning
.I tfd
describes one of the file descriptors being monitored via
the epoll file descriptor (see
.BR epoll_ctl (2)
for some details).
The
.IR tfd
field is the number of the file descriptor.
The
.I events
field is a hexadecimal mask of the events being monitored for this file
descriptor.
The
.I data
field is the data value associated with this file descriptor.
.IP
For signalfd file descriptors (see
.BR signalfd (2)),
we see (since Linux 3.8)
.\" commit 138d22b58696c506799f8de759804083ff9effae
the following fields:
.IP
.in +4n
.EX
pos:	0
flags:	02
mnt_id:	10
sigmask:	0000000000000006
.EE
.in
.IP
.I sigmask
is the hexadecimal mask of signals that are accepted via this
signalfd file descriptor.
(In this example, bits 2 and 3 are set, corresponding to the signals
.B SIGINT
and
.BR SIGQUIT ;
see
.BR signal (7).)
.IP
For inotify file descriptors (see
.BR inotify (7)),
we see (since Linux 3.8)
the following fields:
.IP
.in +4n
.EX
pos:	0
flags:	00
mnt_id:	11
inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:2af87e00220ffd73
inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:27261900802dfd73
.EE
.in
.IP
Each of the lines beginning with "inotify" displays information about
one file or directory that is being monitored.
The fields in this line are as follows:
.RS
.TP
.I wd
A watch descriptor number (in decimal).
.TP
.I ino
The inode number of the target file (in hexadecimal).
.TP
.I sdev
The ID of the device where the target file resides (in hexadecimal).
.TP
.I mask
The mask of events being monitored for the target file (in hexadecimal).
.RE
.IP
If the kernel was built with exportfs support, the path to the target
file is exposed as a file handle, via three hexadecimal fields:
.IR fhandle\-bytes ,
.IR fhandle\-type ,
and
.IR f_handle .
.IP
For fanotify file descriptors (see
.BR fanotify (7)),
we see (since Linux 3.8)
the following fields:
.IP
.in +4n
.EX
pos:	0
flags:	02
mnt_id:	11
fanotify flags:0 event\-flags:88002
fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle\-bytes:8 fhandle\-type:1 f_handle:4f261900a82dfd73
.EE
.in
.IP
The fourth line displays information defined when the fanotify group
was created via
.BR fanotify_init (2):
.RS
.TP
.I flags
The
.I flags
argument given to
.BR fanotify_init (2)
(expressed in hexadecimal).
.TP
.I event\-flags
The
.I event_f_flags
argument given to
.BR fanotify_init (2)
(expressed in hexadecimal).
.RE
.IP
Each additional line shown in the file contains information
about one of the marks in the fanotify group.
Most of these fields are as for inotify, except:
.RS
.TP
.I mflags
The flags associated with the mark
(expressed in hexadecimal).
.TP
.I mask
The events mask for this mark
(expressed in hexadecimal).
.TP
.I ignored_mask
The mask of events that are ignored for this mark
(expressed in hexadecimal).
.RE
.IP
For details on these fields, see
.BR fanotify_mark (2).
.IP
For timerfd file descriptors (see
.BR timerfd (2)),
we see (since Linux 3.17)
.\" commit af9c4957cf212ad9cf0bee34c95cb11de5426e85
the following fields:
.IP
.in +4n
.EX
pos:    0
flags:  02004002
mnt_id: 13
clockid: 0
ticks: 0
settime flags: 03
it_value: (7695568592, 640020877)
it_interval: (0, 0)
.EE
.in
.RS
.TP
.I clockid
This is the numeric value of the clock ID
(corresponding to one of the
.B CLOCK_*
constants defined via
.IR <time.h> )
that is used to mark the progress of the timer (in this example, 0 is
.BR CLOCK_REALTIME ).
.TP
.I ticks
This is the number of timer expirations that have occurred,
(i.e., the value that
.BR read (2)
on it would return).
.TP
.I settime flags
This field lists the flags with which the timerfd was last armed (see
.BR timerfd_settime (2)),
in octal
(in this example, both
.B TFD_TIMER_ABSTIME
and
.B TFD_TIMER_CANCEL_ON_SET
are set).
.TP
.I it_value
This field contains the amount of time until the timer will next expire,
expressed in seconds and nanoseconds.
This is always expressed as a relative value,
regardless of whether the timer was created using the
.B TFD_TIMER_ABSTIME
flag.
.TP
.I it_interval
This field contains the interval of the timer,
in seconds and nanoseconds.
(The
.I it_value
and
.I it_interval
fields contain the values that
.BR timerfd_gettime (2)
on this file descriptor would return.)
.RE
.TP
.IR /proc/[pid]/gid_map " (since Linux 3.5)"
See
.BR user_namespaces (7).
.TP
.IR /proc/[pid]/io " (since kernel 2.6.20)"
.\" commit 7c3ab7381e79dfc7db14a67c6f4f3285664e1ec2
This file contains I/O statistics for the process, for example:
.IP
.in +4n
.EX
.RB "#" " cat /proc/3828/io"
rchar: 323934931
wchar: 323929600
syscr: 632687
syscw: 632675
read_bytes: 0
write_bytes: 323932160
cancelled_write_bytes: 0
.EE
.in
.IP
The fields are as follows:
.RS
.TP
.IR rchar ": characters read"
The number of bytes which this task has caused to be read from storage.
This is simply the sum of bytes which this process passed to
.BR read (2)
and similar system calls.
It includes things such as terminal I/O and
is unaffected by whether or not actual
physical disk I/O was required (the read might have been satisfied from
pagecache).
.TP
.IR wchar ": characters written"
The number of bytes which this task has caused, or shall cause to be written
to disk.
Similar caveats apply here as with
.IR rchar .
.TP
.IR syscr ": read syscalls"
Attempt to count the number of read I/O operations\(emthat is,
system calls such as
.BR read (2)
and
.BR pread (2).
.TP
.IR syscw ": write syscalls"
Attempt to count the number of write I/O operations\(emthat is,
system calls such as
.BR write (2)
and
.BR pwrite (2).
.TP
.IR read_bytes ": bytes read"
Attempt to count the number of bytes which this process really did cause to
be fetched from the storage layer.
This is accurate for block-backed filesystems.
.TP
.IR write_bytes ": bytes written"
Attempt to count the number of bytes which this process caused to be sent to
the storage layer.
.TP
.IR cancelled_write_bytes :
The big inaccuracy here is truncate.
If a process writes 1 MB to a file and then deletes the file,
it will in fact perform no writeout.
But it will have been accounted as having caused 1 MB of write.
In other words: this field represents the number of bytes which this process
caused to not happen, by truncating pagecache.
A task can cause "negative" I/O too.
If this task truncates some dirty pagecache,
some I/O which another task has been accounted for
(in its
.IR write_bytes )
will not be happening.
.RE
.IP
.IR Note :
In the current implementation, things are a bit racy on 32-bit systems:
if process A reads process B's
.I /proc/[pid]/io
while process B is updating one of these 64-bit counters,
process A could see an intermediate result.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/limits " (since Linux 2.6.24)"
This file displays the soft limit, hard limit, and units of measurement
for each of the process's resource limits (see
.BR getrlimit (2)).
Up to and including Linux 2.6.35,
this file is protected to allow reading only by the real UID of the process.
Since Linux 2.6.36,
.\" commit 3036e7b490bf7878c6dae952eec5fb87b1106589
this file is readable by all users on the system.
.\" FIXME Describe /proc/[pid]/loginuid
.\"       Added in 2.6.11; updating requires CAP_AUDIT_CONTROL
.\"       CONFIG_AUDITSYSCALL
.TP
.IR /proc/[pid]/map_files/ " (since kernel 3.3)"
.\" commit 640708a2cff7f81e246243b0073c66e6ece7e53e
This subdirectory contains entries corresponding to memory-mapped
files (see
.BR mmap (2)).
Entries are named by memory region start and end
address pair (expressed as hexadecimal numbers),
and are symbolic links to the mapped files themselves.
Here is an example, with the output wrapped and reformatted to fit on an 80-column display:
.IP
.in +4n
.EX
.RB "#" " ls \-l /proc/self/map_files/"
lr\-\-\-\-\-\-\-\-. 1 root root 64 Apr 16 21:31
            3252e00000\-3252e20000 \-> /usr/lib64/ld\-2.15.so
\&...
.EE
.in
.IP
Although these entries are present for memory regions that were
mapped with the
.BR MAP_FILE
flag, the way anonymous shared memory (regions created with the
.B MAP_ANON | MAP_SHARED
flags)
is implemented in Linux
means that such regions also appear on this directory.
Here is an example where the target file is the deleted
.I /dev/zero
one:
.IP
.in +4n
.EX
lrw\-\-\-\-\-\-\-. 1 root root 64 Apr 16 21:33
            7fc075d2f000\-7fc075e6f000 \-> /dev/zero (deleted)
.EE
.in
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.IP
Until kernel version 4.3,
.\" commit bdb4d100afe9818aebd1d98ced575c5ef143456c
this directory appeared only if the
.B CONFIG_CHECKPOINT_RESTORE
kernel configuration option was enabled.
.IP
Capabilities are required to read the contents of the symbolic links in
this directory: before Linux 5.9, the reading process requires
.BR CAP_SYS_ADMIN
in the initial user namespace;
since Linux 5.9, the reading process must have either
.BR CAP_SYS_ADMIN
or
.BR CAP_CHECKPOINT_RESTORE
in the user namespace where it resides.
.TP
.I /proc/[pid]/maps
A file containing the currently mapped memory regions and their access
permissions.
See
.BR mmap (2)
for some further information about memory mappings.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.IP
The format of the file is:
.IP
.in +4n
.EX
.I "address           perms offset  dev   inode       pathname"
00400000\-00452000 r\-xp 00000000 08:02 173521      /usr/bin/dbus\-daemon
00651000\-00652000 r\-\-p 00051000 08:02 173521      /usr/bin/dbus\-daemon
00652000\-00655000 rw\-p 00052000 08:02 173521      /usr/bin/dbus\-daemon
00e03000\-00e24000 rw\-p 00000000 00:00 0           [heap]
00e24000\-011f7000 rw\-p 00000000 00:00 0           [heap]
\&...
35b1800000\-35b1820000 r\-xp 00000000 08:02 135522  /usr/lib64/ld\-2.15.so
35b1a1f000\-35b1a20000 r\-\-p 0001f000 08:02 135522  /usr/lib64/ld\-2.15.so
35b1a20000\-35b1a21000 rw\-p 00020000 08:02 135522  /usr/lib64/ld\-2.15.so
35b1a21000\-35b1a22000 rw\-p 00000000 00:00 0
35b1c00000\-35b1dac000 r\-xp 00000000 08:02 135870  /usr/lib64/libc\-2.15.so
35b1dac000\-35b1fac000 \-\-\-p 001ac000 08:02 135870  /usr/lib64/libc\-2.15.so
35b1fac000\-35b1fb0000 r\-\-p 001ac000 08:02 135870  /usr/lib64/libc\-2.15.so
35b1fb0000\-35b1fb2000 rw\-p 001b0000 08:02 135870  /usr/lib64/libc\-2.15.so
\&...
f2c6ff8c000\-7f2c7078c000 rw\-p 00000000 00:00 0    [stack:986]
\&...
7fffb2c0d000\-7fffb2c2e000 rw\-p 00000000 00:00 0   [stack]
7fffb2d48000\-7fffb2d49000 r\-xp 00000000 00:00 0   [vdso]
.EE
.in
.IP
The
.I address
field is the address space in the process that the mapping occupies.
The
.I perms
field is a set of permissions:
.IP
.in +4n
.EX
r = read
w = write
x = execute
s = shared
p = private (copy on write)
.EE
.in
.IP
The
.I offset
field is the offset into the file/whatever;
.I dev
is the device
(major:minor);
.I inode
is the inode on that device.
0 indicates that no inode is associated with the memory region,
as would be the case with BSS (uninitialized data).
.IP
The
.I pathname
field will usually be the file that is backing the mapping.
For ELF files,
you can easily coordinate with the
.I offset
field by looking at the
Offset field in the ELF program headers
.RI ( "readelf\ \-l" ).
.IP
There are additional helpful pseudo-paths:
.RS
.TP
.IR [stack]
The initial process's (also known as the main thread's) stack.
.TP
.IR [stack:<tid>] " (from Linux 3.4 to 4.4)"
.\" commit b76437579d1344b612cf1851ae610c636cec7db0 (added)
.\" commit 65376df582174ffcec9e6471bf5b0dd79ba05e4a (removed)
A thread's stack (where the
.IR <tid>
is a thread ID).
It corresponds to the
.IR /proc/[pid]/task/[tid]/
path.
This field was removed in Linux 4.5, since providing this information
for a process with large numbers of threads is expensive.
.TP
.IR [vdso]
The virtual dynamically linked shared object.
See
.BR vdso (7).
.TP
.IR [heap]
The process's heap.
.in
.RE
.IP
If the
.I pathname
field is blank,
this is an anonymous mapping as obtained via
.BR mmap (2).
There is no easy way to coordinate this back to a process's source,
short of running it through
.BR gdb (1),
.BR strace (1),
or similar.
.IP
.I pathname
is shown unescaped except for newline characters, which are replaced
with an octal escape sequence.
As a result, it is not possible to determine whether the original
pathname contained a newline character or the literal
.I \e012
character sequence.
.IP
If the mapping is file-backed and the file has been deleted, the string
" (deleted)" is appended to the pathname.
Note that this is ambiguous too.
.IP
Under Linux 2.0, there is no field giving pathname.
.TP
.I /proc/[pid]/mem
This file can be used to access the pages of a process's memory through
.BR open (2),
.BR read (2),
and
.BR lseek (2).
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_ATTACH_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/mountinfo " (since Linux 2.6.26)"
.\" This info adapted from Documentation/filesystems/proc.txt
.\" commit 2d4d4864ac08caff5c204a752bd004eed4f08760
This file contains information about mounts
in the process's mount namespace (see
.BR mount_namespaces (7)).
It supplies various information
(e.g., propagation state, root of mount for bind mounts,
identifier for each mount and its parent) that is missing from the (older)
.IR /proc/[pid]/mounts
file, and fixes various other problems with that file
(e.g., nonextensibility,
failure to distinguish per-mount versus per-superblock options).
.IP
The file contains lines of the form:
.IP
.EX
36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 \- ext3 /dev/root rw,errors=continue
(1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
.EE
.IP
The numbers in parentheses are labels for the descriptions below:
.RS 7
.TP 5
(1)
mount ID: a unique ID for the mount (may be reused after
.BR umount (2)).
.TP
(2)
parent ID: the ID of the parent mount
(or of self for the root of this mount namespace's mount tree).
.IP
If a new mount is stacked on top of a previous existing mount
(so that it hides the existing mount) at pathname P,
then the parent of the new mount is the previous mount at that location.
Thus, when looking at all the mounts stacked at a particular location,
the top-most mount is the one that is not the parent
of any other mount at the same location.
(Note, however, that this top-most mount will be accessible only if
the longest path subprefix of P that is a mount point
is not itself hidden by a stacked mount.)
.IP
If the parent mount lies outside the process's root directory (see
.BR chroot (2)),
the ID shown here won't have a corresponding record in
.I mountinfo
whose mount ID (field 1) matches this parent mount ID
(because mounts that lie outside the process's root directory
are not shown in
.IR mountinfo ).
As a special case of this point,
the process's root mount may have a parent mount
(for the initramfs filesystem) that lies
.\" Miklos Szeredi, Nov 2017: The hidden one is the initramfs, I believe
.\" mtk: In the initial mount namespace, this hidden ID has the value 0
outside the process's root directory,
and an entry for that mount will not appear in
.IR mountinfo .
.TP
(3)
major:minor: the value of
.I st_dev
for files on this filesystem (see
.BR stat (2)).
.TP
(4)
root: the pathname of the directory in the filesystem
which forms the root of this mount.
.TP
(5)
mount point: the pathname of the mount point relative
to the process's root directory.
.TP
(6)
mount options: per-mount options (see
.BR mount (2)).
.TP
(7)
optional fields: zero or more fields of the form "tag[:value]"; see below.
.TP
(8)
separator: the end of the optional fields is marked by a single hyphen.
.TP
(9)
filesystem type: the filesystem type in the form "type[.subtype]".
.TP
(10)
mount source: filesystem-specific information or "none".
.TP
(11)
super options: per-superblock options (see
.BR mount (2)).
.RE
.IP
Currently, the possible optional fields are
.IR shared ,
.IR master ,
.IR propagate_from ,
and
.IR unbindable .
See
.BR mount_namespaces (7)
for a description of these fields.
Parsers should ignore all unrecognized optional fields.
.IP
For more information on mount propagation see
.I Documentation/filesystems/sharedsubtree.rst
(or
.I Documentation/filesystems/sharedsubtree.txt
before Linux 5.8)
in the Linux kernel source tree.
.TP
.IR /proc/[pid]/mounts " (since Linux 2.4.19)"
This file lists all the filesystems currently mounted in the
process's mount namespace (see
.BR mount_namespaces (7)).
The format of this file is documented in
.BR fstab (5).
.IP
Since kernel version 2.6.15, this file is pollable:
after opening the file for reading, a change in this file
(i.e., a filesystem mount or unmount) causes
.BR select (2)
to mark the file descriptor as having an exceptional condition, and
.BR poll (2)
and
.BR epoll_wait (2)
mark the file as having a priority event
.RB ( POLLPRI ).
(Before Linux 2.6.30,
a change in this file was indicated by the file descriptor
being marked as readable for
.BR select (2),
and being marked as having an error condition for
.BR poll (2)
and
.BR epoll_wait (2).)
.TP
.IR /proc/[pid]/mountstats " (since Linux 2.6.17)"
This file exports information (statistics, configuration information)
about the mounts in the process's mount namespace (see
.BR mount_namespaces (7)).
Lines in this file have the form:
.IP
.in +4n
.EX
device /dev/sda7 mounted on /home with fstype ext3 [stats]
(       1      )            ( 2 )             (3 ) (  4  )
.EE
.in
.IP
The fields in each line are:
.RS 7
.TP 5
(1)
The name of the mounted device
(or "nodevice" if there is no corresponding device).
.TP
(2)
The mount point within the filesystem tree.
.TP
(3)
The filesystem type.
.TP
(4)
Optional statistics and configuration information.
Currently (as at Linux 2.6.26), only NFS filesystems export
information via this field.
.RE
.IP
This file is readable only by the owner of the process.
.TP
.IR /proc/[pid]/net " (since Linux 2.6.25)"
See the description of
.IR /proc/net .
.TP
.IR /proc/[pid]/ns/ " (since Linux 3.0)"
.\" See commit 6b4e306aa3dc94a0545eb9279475b1ab6209a31f
This is a subdirectory containing one entry for each namespace that
supports being manipulated by
.BR setns (2).
For more information, see
.BR namespaces (7).
.TP
.IR /proc/[pid]/numa_maps " (since Linux 2.6.14)"
See
.BR numa (7).
.TP
.IR /proc/[pid]/oom_adj " (since Linux 2.6.11)"
This file can be used to adjust the score used to select which process
should be killed in an out-of-memory (OOM) situation.
The kernel uses this value for a bit-shift operation of the process's
.IR oom_score
value:
valid values are in the range \-16 to +15,
plus the special value \-17,
which disables OOM-killing altogether for this process.
A positive score increases the likelihood of this
process being killed by the OOM-killer;
a negative score decreases the likelihood.
.IP
The default value for this file is 0;
a new process inherits its parent's
.I oom_adj
setting.
A process must be privileged
.RB ( CAP_SYS_RESOURCE )
to update this file.
.IP
Since Linux 2.6.36, use of this file is deprecated in favor of
.IR /proc/[pid]/oom_score_adj .
.TP
.IR /proc/[pid]/oom_score " (since Linux 2.6.11)"
.\" See mm/oom_kill.c::badness() in pre 2.6.36 sources
.\" See mm/oom_kill.c::oom_badness() after 2.6.36
.\" commit a63d83f427fbce97a6cea0db2e64b0eb8435cd10
This file displays the current score that the kernel gives to
this process for the purpose of selecting a process
for the OOM-killer.
A higher score means that the process is more likely to be
selected by the OOM-killer.
The basis for this score is the amount of memory used by the process,
with increases (+) or decreases (\-) for factors including:
.\" See mm/oom_kill.c::badness() in pre 2.6.36 sources
.\" See mm/oom_kill.c::oom_badness() after 2.6.36
.\" commit a63d83f427fbce97a6cea0db2e64b0eb8435cd10
.RS
.IP * 2
whether the process is privileged (\-).
.\" More precisely, if it has CAP_SYS_ADMIN or (pre 2.6.36) CAP_SYS_RESOURCE
.RE
.IP
Before kernel 2.6.36 the following factors were also used in the calculation of oom_score:
.RS
.IP * 2
whether the process creates a lot of children using
.BR fork (2)
(+);
.IP *
whether the process has been running a long time,
or has used a lot of CPU time (\-);
.IP *
whether the process has a low nice value (i.e., > 0) (+); and
.IP *
whether the process is making direct hardware access (\-).
.\" More precisely, if it has CAP_SYS_RAWIO
.RE
.IP
The
.I oom_score
also reflects the adjustment specified by the
.I oom_score_adj
or
.I oom_adj
setting for the process.
.TP
.IR /proc/[pid]/oom_score_adj " (since Linux 2.6.36)"
.\" Text taken from 3.7 Documentation/filesystems/proc.txt
This file can be used to adjust the badness heuristic used to select which
process gets killed in out-of-memory conditions.
.IP
The badness heuristic assigns a value to each candidate task ranging from 0
(never kill) to 1000 (always kill) to determine which process is targeted.
The units are roughly a proportion along that range of
allowed memory the process may allocate from,
based on an estimation of its current memory and swap use.
For example, if a task is using all allowed memory,
its badness score will be 1000.
If it is using half of its allowed memory, its score will be 500.
.IP
There is an additional factor included in the badness score: root
processes are given 3% extra memory over other tasks.
.IP
The amount of "allowed" memory depends on the context
in which the OOM-killer was called.
If it is due to the memory assigned to the allocating task's cpuset
being exhausted,
the allowed memory represents the set of mems assigned to that
cpuset (see
.BR cpuset (7)).
If it is due to a mempolicy's node(s) being exhausted,
the allowed memory represents the set of mempolicy nodes.
If it is due to a memory limit (or swap limit) being reached,
the allowed memory is that configured limit.
Finally, if it is due to the entire system being out of memory, the
allowed memory represents all allocatable resources.
.IP
The value of
.I oom_score_adj
is added to the badness score before it
is used to determine which task to kill.
Acceptable values range from \-1000
(OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX).
This allows user space to control the preference for OOM-killing,
ranging from always preferring a certain
task or completely disabling it from OOM-killing.
The lowest possible value, \-1000, is
equivalent to disabling OOM-killing entirely for that task,
since it will always report a badness score of 0.
.IP
Consequently, it is very simple for user space to define
the amount of memory to consider for each task.
Setting an
.I oom_score_adj
value of +500, for example,
is roughly equivalent to allowing the remainder of tasks sharing the
same system, cpuset, mempolicy, or memory controller resources
to use at least 50% more memory.
A value of \-500, on the other hand, would be roughly
equivalent to discounting 50% of the task's
allowed memory from being considered as scoring against the task.
.IP
For backward compatibility with previous kernels,
.I /proc/[pid]/oom_adj
can still be used to tune the badness score.
Its value is
scaled linearly with
.IR oom_score_adj .
.IP
Writing to
.IR /proc/[pid]/oom_score_adj
or
.IR /proc/[pid]/oom_adj
will change the other with its scaled value.
.IP
The
.BR choom (1)
program provides a command-line interface for adjusting the
.I oom_score_adj
value of a running process or a newly executed command.
.TP
.IR /proc/[pid]/pagemap " (since Linux 2.6.25)"
This file shows the mapping of each of the process's virtual pages
into physical page frames or swap area.
It contains one 64-bit value for each virtual page,
with the bits set as follows:
.RS
.TP
63
If set, the page is present in RAM.
.TP
62
If set, the page is in swap space
.TP
61 (since Linux 3.5)
The page is a file-mapped page or a shared anonymous page.
.TP
60\(en57 (since Linux 3.11)
Zero
.\" Not quite true; see commit 541c237c0923f567c9c4cabb8a81635baadc713f
.TP
56 (since Linux 4.2)
.\" commit 77bb499bb60f4b79cca7d139c8041662860fcf87
.\" commit 83b4b0bb635eee2b8e075062e4e008d1bc110ed7
The page is exclusively mapped.
.TP
55 (since Linux 3.11)
PTE is soft-dirty
(see the kernel source file
.IR Documentation/admin\-guide/mm/soft\-dirty.rst ).
.TP
54\(en0
If the page is present in RAM (bit 63), then these bits
provide the page frame number, which can be used to index
.IR /proc/kpageflags
and
.IR /proc/kpagecount .
If the page is present in swap (bit 62),
then bits 4\(en0 give the swap type, and bits 54\(en5 encode the swap offset.
.RE
.IP
Before Linux 3.11, bits 60\(en55 were
used to encode the base-2 log of the page size.
.IP
To employ
.IR /proc/[pid]/pagemap
efficiently, use
.IR /proc/[pid]/maps
to determine which areas of memory are actually mapped and seek
to skip over unmapped regions.
.IP
The
.IR /proc/[pid]/pagemap
file is present only if the
.B CONFIG_PROC_PAGE_MONITOR
kernel configuration option is enabled.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/personality " (since Linux 2.6.28)"
.\" commit 478307230810d7e2a753ed220db9066dfdf88718
This read-only file exposes the process's execution domain, as set by
.BR personality (2).
The value is displayed in hexadecimal notation.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_ATTACH_FSCREDS
check; see
.BR ptrace (2).
.TP
.I /proc/[pid]/root
UNIX and Linux support the idea of a per-process root of the
filesystem, set by the
.BR chroot (2)
system call.
This file is a symbolic link that points to the process's
root directory, and behaves in the same way as
.IR exe ,
and
.IR fd/* .
.IP
Note however that this file is not merely a symbolic link.
It provides the same view of the filesystem (including namespaces and the
set of per-process mounts) as the process itself.
An example illustrates this point.
In one terminal, we start a shell in new user and mount namespaces,
and in that shell we create some new mounts:
.IP
.in +4n
.EX
$ \fBPS1=\(aqsh1# \(aq unshare \-Urnm\fP
sh1# \fBmount \-t tmpfs tmpfs /etc\fP  # Mount empty tmpfs at /etc
sh1# \fBmount \-\-bind /usr /dev\fP     # Mount /usr at /dev
sh1# \fBecho $$\fP
27123
.EE
.in
.IP
In a second terminal window, in the initial mount namespace,
we look at the contents of the corresponding mounts in
the initial and new namespaces:
.IP
.in +4n
.EX
$ \fBPS1=\(aqsh2# \(aq sudo sh\fP
sh2# \fBls /etc | wc \-l\fP                  # In initial NS
309
sh2# \fBls /proc/27123/root/etc | wc \-l\fP  # /etc in other NS
0                                     # The empty tmpfs dir
sh2# \fBls /dev | wc \-l\fP                  # In initial NS
205
sh2# \fBls /proc/27123/root/dev | wc \-l\fP  # /dev in other NS
11                                    # Actually bind
                                      # mounted to /usr
sh2# \fBls /usr | wc \-l\fP                  # /usr in initial NS
11
.EE
.in
.IP
.\" The following was still true as at kernel 2.6.13
In a multithreaded process, the contents of the
.I /proc/[pid]/root
symbolic link are not available if the main thread has already terminated
(typically by calling
.BR pthread_exit (3)).
.IP
Permission to dereference or read
.RB ( readlink (2))
this symbolic link is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/projid_map " (since Linux 3.7)"
.\"       commit f76d207a66c3a53defea67e7d36c3eb1b7d6d61d
See
.BR user_namespaces (7).
.TP
.IR /proc/[pid]/seccomp " (Linux 2.6.12 to 2.6.22)"
This file can be used to read and change the process's
secure computing (seccomp) mode setting.
It contains the value 0 if the process is not in seccomp mode,
and 1 if the process is in strict seccomp mode (see
.BR seccomp (2)).
Writing 1 to this file places the process irreversibly in strict seccomp mode.
(Further attempts to write to the file fail with the
.B EPERM
error.)
.IP
In Linux 2.6.23,
this file went away, to be replaced by the
.BR prctl (2)
.BR PR_GET_SECCOMP
and
.BR PR_SET_SECCOMP
operations (and later by
.BR seccomp (2)
and the
.I Seccomp
field in
.IR /proc/[pid]/status ).
.\" FIXME Describe /proc/[pid]/sessionid
.\"	  commit 1e0bd7550ea9cf474b1ad4c6ff5729a507f75fdc
.\"       CONFIG_AUDITSYSCALL
.\"       Added in 2.6.25; read-only; only readable by real UID
.\"
.\" FIXME Describe /proc/[pid]/sched
.\"       Added in 2.6.23
.\"       CONFIG_SCHED_DEBUG, and additional fields if CONFIG_SCHEDSTATS
.\"       Displays various scheduling parameters
.\"       This file can be written, to reset stats
.\"       The set of fields exposed by this file have changed
.\"	  significantly over time.
.\"       commit 43ae34cb4cd650d1eb4460a8253a8e747ba052ac
.\"
.\" FIXME Describe /proc/[pid]/schedstats and
.\"       /proc/[pid]/task/[tid]/schedstats
.\"       Added in 2.6.9
.\"       CONFIG_SCHEDSTATS
.TP
.IR /proc/[pid]/setgroups " (since Linux 3.19)"
See
.BR user_namespaces (7).
.TP
.IR /proc/[pid]/smaps " (since Linux 2.6.14)"
This file shows memory consumption for each of the process's mappings.
(The
.BR pmap (1)
command displays similar information,
in a form that may be easier for parsing.)
For each mapping there is a series of lines such as the following:
.IP
.in +4n
.EX
00400000\-0048a000 r\-xp 00000000 fd:03 960637       /bin/bash
Size:                552 kB
Rss:                 460 kB
Pss:                 100 kB
Shared_Clean:        452 kB
Shared_Dirty:          0 kB
Private_Clean:         8 kB
Private_Dirty:         0 kB
Referenced:          460 kB
Anonymous:             0 kB
AnonHugePages:         0 kB
ShmemHugePages:        0 kB
ShmemPmdMapped:        0 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
Locked:                0 kB
ProtectionKey:         0
VmFlags: rd ex mr mw me dw
.EE
.in
.IP
The first of these lines shows the same information as is displayed
for the mapping in
.IR /proc/[pid]/maps .
The following lines show the size of the mapping,
the amount of the mapping that is currently resident in RAM ("Rss"),
the process's proportional share of this mapping ("Pss"),
the number of clean and dirty shared pages in the mapping,
and the number of clean and dirty private pages in the mapping.
"Referenced" indicates the amount of memory currently marked as
referenced or accessed.
"Anonymous" shows the amount of memory
that does not belong to any file.
"Swap" shows how much
would-be-anonymous memory is also used, but out on swap.
.IP
The "KernelPageSize" line (available since Linux 2.6.29)
is the page size used by the kernel to back the virtual memory area.
This matches the size used by the MMU in the majority of cases.
However, one counter-example occurs on PPC64 kernels
whereby a kernel using 64 kB as a base page size may still use 4 kB
pages for the MMU on older processors.
To distinguish the two attributes, the "MMUPageSize" line
(also available since Linux 2.6.29)
reports the page size used by the MMU.
.IP
The "Locked" indicates whether the mapping is locked in memory
or not.
.IP
The "ProtectionKey" line (available since Linux 4.9, on x86 only)
contains the memory protection key (see
.BR pkeys (7))
associated with the virtual memory area.
This entry is present only if the kernel was built with the
.B CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
configuration option (since Linux 4.6).
.IP
The "VmFlags" line (available since Linux 3.8)
represents the kernel flags associated with the virtual memory area,
encoded using the following two-letter codes:
.IP
    rd  - readable
    wr  - writable
    ex  - executable
    sh  - shared
    mr  - may read
    mw  - may write
    me  - may execute
    ms  - may share
    gd  - stack segment grows down
    pf  - pure PFN range
    dw  - disabled write to the mapped file
    lo  - pages are locked in memory
    io  - memory mapped I/O area
    sr  - sequential read advise provided
    rr  - random read advise provided
    dc  - do not copy area on fork
    de  - do not expand area on remapping
    ac  - area is accountable
    nr  - swap space is not reserved for the area
    ht  - area uses huge tlb pages
    sf  - perform synchronous page faults (since Linux 4.15)
    nl  - non-linear mapping (removed in Linux 4.0)
    ar  - architecture specific flag
    wf  - wipe on fork (since Linux 4.14)
    dd  - do not include area into core dump
    sd  - soft-dirty flag (since Linux 3.13)
    mm  - mixed map area
    hg  - huge page advise flag
    nh  - no-huge page advise flag
    mg  - mergeable advise flag
    um  - userfaultfd missing pages tracking (since Linux 4.3)
    uw  - userfaultfd wprotect pages tracking (since Linux 4.3)
.IP
The
.IR /proc/[pid]/smaps
file is present only if the
.B CONFIG_PROC_PAGE_MONITOR
kernel configuration option is enabled.
.TP
.IR /proc/[pid]/stack " (since Linux 2.6.29)"
.\" 2ec220e27f5040aec1e88901c1b6ea3d135787ad
This file provides a symbolic trace of the function calls in this
process's kernel stack.
This file is provided only if the kernel was built with the
.B CONFIG_STACKTRACE
configuration option.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_ATTACH_FSCREDS
check; see
.BR ptrace (2).
.TP
.I /proc/[pid]/stat
Status information about the process.
This is used by
.BR ps (1).
It is defined in the kernel source file
.IR fs/proc/array.c "."
.IP
The fields, in order, with their proper
.BR scanf (3)
format specifiers, are listed below.
Whether or not certain of these fields display valid information is governed by
a ptrace access mode
.BR PTRACE_MODE_READ_FSCREDS " | " PTRACE_MODE_NOAUDIT
check (refer to
.BR ptrace (2)).
If the check denies access, then the field value is displayed as 0.
The affected fields are indicated with the marking [PT].
.RS
.TP
(1) \fIpid\fP \ %d
.br
The process ID.
.TP
(2) \fIcomm\fP \ %s
The filename of the executable, in parentheses.
Strings longer than
.B TASK_COMM_LEN
(16) characters (including the terminating null byte) are silently truncated.
This is visible whether or not the executable is swapped out.
.TP
(3) \fIstate\fP \ %c
One of the following characters, indicating process state:
.RS
.IP R 3
Running
.IP S
Sleeping in an interruptible wait
.IP D
Waiting in uninterruptible
disk sleep
.IP Z
Zombie
.IP T
Stopped (on a signal) or (before Linux 2.6.33) trace stopped
.IP t
.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29
Tracing stop (Linux 2.6.33 onward)
.IP W
Paging (only before Linux 2.6.0)
.IP X
Dead (from Linux 2.6.0 onward)
.IP x
.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29
Dead (Linux 2.6.33 to
.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457
3.13 only)
.IP K
.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29
Wakekill (Linux 2.6.33 to
.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457
3.13 only)
.IP W
.\" commit 44d90df6b757c59651ddd55f1a84f28132b50d29
Waking (Linux 2.6.33 to
.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457
3.13 only)
.IP P
.\" commit f2530dc71cf0822f90bb63ea4600caaef33a66bb
Parked (Linux 3.9 to
.\" commit 74e37200de8e9c4e09b70c21c3f13c2071e77457
3.13 only)
.RE
.TP
(4) \fIppid\fP \ %d
The PID of the parent of this process.
.TP
(5) \fIpgrp\fP \ %d
The process group ID of the process.
.TP
(6) \fIsession\fP \ %d
The session ID of the process.
.TP
(7) \fItty_nr\fP \ %d
The controlling terminal of the process.
(The minor device number is contained in the combination of bits
31 to 20 and 7 to 0;
the major device number is in bits 15 to 8.)
.TP
(8) \fItpgid\fP \ %d
.\" This field and following, up to and including wchan added 0.99.1
The ID of the foreground process group of the controlling
terminal of the process.
.TP
(9) \fIflags\fP \ %u
The kernel flags word of the process.
For bit meanings,
see the PF_* defines in the Linux kernel source file
.IR include/linux/sched.h .
Details depend on the kernel version.
.IP
The format for this field was %lu before Linux 2.6.
.TP
(10) \fIminflt\fP \ %lu
The number of minor faults the process has made which have not
required loading a memory page from disk.
.TP
(11) \fIcminflt\fP \ %lu
The number of minor faults that the process's
waited-for children have made.
.TP
(12) \fImajflt\fP \ %lu
The number of major faults the process has made which have
required loading a memory page from disk.
.TP
(13) \fIcmajflt\fP \ %lu
The number of major faults that the process's
waited-for children have made.
.TP
(14) \fIutime\fP \ %lu
Amount of time that this process has been scheduled in user mode,
measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
This includes guest time, \fIguest_time\fP
(time spent running a virtual CPU, see below),
so that applications that are not aware of the guest time field
do not lose that time from their calculations.
.TP
(15) \fIstime\fP \ %lu
Amount of time that this process has been scheduled in kernel mode,
measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
.TP
(16) \fIcutime\fP \ %ld
Amount of time that this process's
waited-for children have been scheduled in user mode,
measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
(See also
.BR times (2).)
This includes guest time, \fIcguest_time\fP
(time spent running a virtual CPU, see below).
.TP
(17) \fIcstime\fP \ %ld
Amount of time that this process's
waited-for children have been scheduled in kernel mode,
measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
.TP
(18) \fIpriority\fP \ %ld
(Explanation for Linux 2.6)
For processes running a real-time scheduling policy
.RI ( policy
below; see
.BR sched_setscheduler (2)),
this is the negated scheduling priority, minus one;
that is, a number in the range \-2 to \-100,
corresponding to real-time priorities 1 to 99.
For processes running under a non-real-time scheduling policy,
this is the raw nice value
.RB ( setpriority (2))
as represented in the kernel.
The kernel stores nice values as numbers
in the range 0 (high) to 39 (low),
corresponding to the user-visible nice range of \-20 to 19.
.IP
Before Linux 2.6, this was a scaled value based on
the scheduler weighting given to this process.
.\" And back in kernel 1.2 days things were different again.
.TP
(19) \fInice\fP \ %ld
The nice value (see
.BR setpriority (2)),
a value in the range 19 (low priority) to \-20 (high priority).
.\" Back in kernel 1.2 days things were different.
.\" .TP
.\" \fIcounter\fP %ld
.\" The current maximum size in jiffies of the process's next timeslice,
.\" or what is currently left of its current timeslice, if it is the
.\" currently running process.
.\" .TP
.\" \fItimeout\fP %u
.\" The time in jiffies of the process's next timeout.
.\" timeout was removed sometime around 2.1/2.2
.TP
(20) \fInum_threads\fP \ %ld
Number of threads in this process (since Linux 2.6).
Before kernel 2.6, this field was hard coded to 0 as a placeholder
for an earlier removed field.
.TP
(21) \fIitrealvalue\fP \ %ld
The time in jiffies before the next
.B SIGALRM
is sent to the process due to an interval timer.
Since kernel 2.6.17, this field is no longer maintained,
and is hard coded as 0.
.TP
(22) \fIstarttime\fP \ %llu
The time the process started after system boot.
In kernels before Linux 2.6, this value was expressed in jiffies.
Since Linux 2.6, the value is expressed in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
.IP
The format for this field was %lu before Linux 2.6.
.TP
(23) \fIvsize\fP \ %lu
Virtual memory size in bytes.
.TP
(24) \fIrss\fP \ %ld
Resident Set Size: number of pages the process has in real memory.
This is just the pages which
count toward text, data, or stack space.
This does not include pages
which have not been demand-loaded in, or which are swapped out.
This value is inaccurate; see
.I /proc/[pid]/statm
below.
.TP
(25) \fIrsslim\fP \ %lu
Current soft limit in bytes on the rss of the process;
see the description of
.B RLIMIT_RSS
in
.BR getrlimit (2).
.TP
(26) \fIstartcode\fP \ %lu \ [PT]
The address above which program text can run.
.TP
(27) \fIendcode\fP \ %lu \ [PT]
The address below which program text can run.
.TP
(28) \fIstartstack\fP \ %lu \ [PT]
The address of the start (i.e., bottom) of the stack.
.TP
(29) \fIkstkesp\fP \ %lu \ [PT]
The current value of ESP (stack pointer), as found in the
kernel stack page for the process.
.TP
(30) \fIkstkeip\fP \ %lu \ [PT]
The current EIP (instruction pointer).
.TP
(31) \fIsignal\fP \ %lu
The bitmap of pending signals, displayed as a decimal number.
Obsolete, because it does not provide information on real-time signals; use
.I /proc/[pid]/status
instead.
.TP
(32) \fIblocked\fP \ %lu
The bitmap of blocked signals, displayed as a decimal number.
Obsolete, because it does not provide information on real-time signals; use
.I /proc/[pid]/status
instead.
.TP
(33) \fIsigignore\fP \ %lu
The bitmap of ignored signals, displayed as a decimal number.
Obsolete, because it does not provide information on real-time signals; use
.I /proc/[pid]/status
instead.
.TP
(34) \fIsigcatch\fP \ %lu
The bitmap of caught signals, displayed as a decimal number.
Obsolete, because it does not provide information on real-time signals; use
.I /proc/[pid]/status
instead.
.TP
(35) \fIwchan\fP \ %lu \ [PT]
This is the "channel" in which the process is waiting.
It is the address of a location in the kernel where the process is sleeping.
The corresponding symbolic name can be found in
.IR /proc/[pid]/wchan .
.TP
(36) \fInswap\fP \ %lu
.\" nswap was added in 2.0
Number of pages swapped (not maintained).
.TP
(37) \fIcnswap\fP \ %lu
.\" cnswap was added in 2.0
Cumulative \fInswap\fP for child processes (not maintained).
.TP
(38) \fIexit_signal\fP \ %d \ (since Linux 2.1.22)
Signal to be sent to parent when we die.
.TP
(39) \fIprocessor\fP \ %d \ (since Linux 2.2.8)
CPU number last executed on.
.TP
(40) \fIrt_priority\fP \ %u \ (since Linux 2.5.19)
Real-time scheduling priority, a number in the range 1 to 99 for
processes scheduled under a real-time policy,
or 0, for non-real-time processes (see
.BR sched_setscheduler (2)).
.TP
(41) \fIpolicy\fP \ %u \ (since Linux 2.5.19)
Scheduling policy (see
.BR sched_setscheduler (2)).
Decode using the SCHED_* constants in
.IR linux/sched.h .
.IP
The format for this field was %lu before Linux 2.6.22.
.TP
(42) \fIdelayacct_blkio_ticks\fP \ %llu \ (since Linux 2.6.18)
Aggregated block I/O delays, measured in clock ticks (centiseconds).
.TP
(43) \fIguest_time\fP \ %lu \ (since Linux 2.6.24)
Guest time of the process (time spent running a virtual CPU
for a guest operating system), measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
.TP
(44) \fIcguest_time\fP \ %ld \ (since Linux 2.6.24)
Guest time of the process's children, measured in clock ticks (divide by
.IR sysconf(_SC_CLK_TCK) ).
.TP
(45) \fIstart_data\fP \ %lu \ (since Linux 3.3) \ [PT]
.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff
Address above which program initialized and
uninitialized (BSS) data are placed.
.TP
(46) \fIend_data\fP \ %lu \ (since Linux 3.3) \ [PT]
.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff
Address below which program initialized and
uninitialized (BSS) data are placed.
.TP
(47) \fIstart_brk\fP \ %lu \ (since Linux 3.3) \ [PT]
.\" commit b3f7f573a20081910e34e99cbc91831f4f02f1ff
Address above which program heap can be expanded with
.BR brk (2).
.TP
(48) \fIarg_start\fP \ %lu \ (since Linux 3.5) \ [PT]
.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3
Address above which program command-line arguments
.RI ( argv )
are placed.
.TP
(49) \fIarg_end\fP \ %lu \ (since Linux 3.5) \ [PT]
.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3
Address below program command-line arguments
.RI ( argv )
are placed.
.TP
(50) \fIenv_start\fP \ %lu \ (since Linux 3.5) \ [PT]
.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3
Address above which program environment is placed.
.TP
(51) \fIenv_end\fP \ %lu \ (since Linux 3.5) \ [PT]
.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3
Address below which program environment is placed.
.TP
(52) \fIexit_code\fP \ %d \ (since Linux 3.5) \ [PT]
.\" commit 5b172087f99189416d5f47fd7ab5e6fb762a9ba3
The thread's exit status in the form reported by
.BR waitpid (2).
.RE
.TP
.I /proc/[pid]/statm
Provides information about memory usage, measured in pages.
The columns are:
.IP
.in +4n
.EX
size       (1) total program size
           (same as VmSize in \fI/proc/[pid]/status\fP)
resident   (2) resident set size
           (inaccurate; same as VmRSS in \fI/proc/[pid]/status\fP)
shared     (3) number of resident shared pages
           (i.e., backed by a file)
           (inaccurate; same as RssFile+RssShmem in
           \fI/proc/[pid]/status\fP)
text       (4) text (code)
.\" (not including libs; broken, includes data segment)
lib        (5) library (unused since Linux 2.6; always 0)
data       (6) data + stack
.\" (including libs; broken, includes library text)
dt         (7) dirty pages (unused since Linux 2.6; always 0)
.EE
.in
.IP
.\" See SPLIT_RSS_COUNTING in the kernel.
.\" Inaccuracy is bounded by TASK_RSS_EVENTS_THRESH.
Some of these values are inaccurate because
of a kernel-internal scalability optimization.
If accurate values are required, use
.I /proc/[pid]/smaps
or
.I /proc/[pid]/smaps_rollup
instead, which are much slower but provide accurate, detailed information.
.TP
.I /proc/[pid]/status
Provides much of the information in
.I /proc/[pid]/stat
and
.I /proc/[pid]/statm
in a format that's easier for humans to parse.
Here's an example:
.IP
.in +4n
.EX
.RB "$" " cat /proc/$$/status"
Name:   bash
Umask:  0022
State:  S (sleeping)
Tgid:   17248
Ngid:   0
Pid:    17248
PPid:   17200
TracerPid:      0
Uid:    1000    1000    1000    1000
Gid:    100     100     100     100
FDSize: 256
Groups: 16 33 100
NStgid: 17248
NSpid:  17248
NSpgid: 17248
NSsid:  17200
VmPeak:	  131168 kB
VmSize:	  131168 kB
VmLck:	       0 kB
VmPin:	       0 kB
VmHWM:	   13484 kB
VmRSS:	   13484 kB
RssAnon:	   10264 kB
RssFile:	    3220 kB
RssShmem:	       0 kB
VmData:	   10332 kB
VmStk:	     136 kB
VmExe:	     992 kB
VmLib:	    2104 kB
VmPTE:	      76 kB
VmPMD:	      12 kB
VmSwap:	       0 kB
HugetlbPages:          0 kB		# 4.4
CoreDumping:	0                       # 4.15
Threads:        1
SigQ:   0/3067
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000010000
SigIgn: 0000000000384004
SigCgt: 000000004b813efb
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: ffffffffffffffff
CapAmb:	0000000000000000
NoNewPrivs:     0
Seccomp:        0
Speculation_Store_Bypass:       vulnerable
Cpus_allowed:   00000001
Cpus_allowed_list:      0
Mems_allowed:   1
Mems_allowed_list:      0
voluntary_ctxt_switches:        150
nonvoluntary_ctxt_switches:     545
.EE
.in
.IP
The fields are as follows:
.RS
.TP
.IR Name
Command run by this process.
Strings longer than
.B TASK_COMM_LEN
(16) characters (including the terminating null byte) are silently truncated.
.TP
.IR Umask
Process umask, expressed in octal with a leading zero; see
.BR umask (2).
(Since Linux 4.7.)
.TP
.IR State
Current state of the process.
One of
"R (running)",
"S (sleeping)",
"D (disk sleep)",
"T (stopped)",
"t (tracing stop)",
"Z (zombie)",
or
"X (dead)".
.TP
.IR Tgid
Thread group ID (i.e., Process ID).
.TP
.IR Ngid
NUMA group ID (0 if none; since Linux 3.13).
.TP
.IR Pid
Thread ID (see
.BR gettid (2)).
.TP
.IR PPid
PID of parent process.
.TP
.IR TracerPid
PID of process tracing this process (0 if not being traced).
.TP
.IR Uid ", " Gid
Real, effective, saved set, and filesystem UIDs (GIDs).
.TP
.IR FDSize
Number of file descriptor slots currently allocated.
.TP
.IR Groups
Supplementary group list.
.TP
.IR NStgid
Thread group ID (i.e., PID) in each of the PID namespaces of which
.I [pid]
is a member.
The leftmost entry shows the value with respect to the PID namespace
of the process that mounted this procfs (or the root namespace
if mounted by the kernel),
followed by the value in successively nested inner namespaces.
.\" commit e4bc33245124db69b74a6d853ac76c2976f472d5
(Since Linux 4.1.)
.TP
.IR NSpid
Thread ID in each of the PID namespaces of which
.I [pid]
is a member.
The fields are ordered as for
.IR NStgid .
(Since Linux 4.1.)
.TP
.IR NSpgid
Process group ID in each of the PID namespaces of which
.I [pid]
is a member.
The fields are ordered as for
.IR NStgid .
(Since Linux 4.1.)
.TP
.IR NSsid
descendant namespace session ID hierarchy
Session ID in each of the PID namespaces of which
.I [pid]
is a member.
The fields are ordered as for
.IR NStgid .
(Since Linux 4.1.)
.TP
.IR VmPeak
Peak virtual memory size.
.TP
.IR VmSize
Virtual memory size.
.TP
.IR VmLck
Locked memory size (see
.BR mlock (2)).
.TP
.IR VmPin
Pinned memory size
.\" commit bc3e53f682d93df677dbd5006a404722b3adfe18
(since Linux 3.2).
These are pages that can't be moved because something needs to
directly access physical memory.
.TP
.IR VmHWM
Peak resident set size ("high water mark").
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR VmRSS
Resident set size.
Note that the value here is the sum of
.IR RssAnon ,
.IR RssFile ,
and
.IR RssShmem .
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR RssAnon
Size of resident anonymous memory.
.\" commit bf9683d6990589390b5178dafe8fd06808869293
(since Linux 4.5).
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR RssFile
Size of resident file mappings.
.\" commit bf9683d6990589390b5178dafe8fd06808869293
(since Linux 4.5).
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR RssShmem
Size of resident shared memory (includes System V shared memory,
mappings from
.BR tmpfs (5),
and shared anonymous mappings).
.\" commit bf9683d6990589390b5178dafe8fd06808869293
(since Linux 4.5).
.TP
.IR VmData ", " VmStk ", " VmExe
Size of data, stack, and text segments.
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR VmLib
Shared library code size.
.TP
.IR VmPTE
Page table entries size (since Linux 2.6.10).
.TP
.IR VmPMD
.\" commit dc6c9a35b66b520cf67e05d8ca60ebecad3b0479
Size of second-level page tables (added in Linux 4.0; removed in Linux 4.15).
.TP
.IR VmSwap
.\" commit b084d4353ff99d824d3bc5a5c2c22c70b1fba722
Swapped-out virtual memory size by anonymous private pages;
shmem swap usage is not included (since Linux 2.6.34).
This value is inaccurate; see
.I /proc/[pid]/statm
above.
.TP
.IR HugetlbPages
Size of hugetlb memory portions
.\" commit 5d317b2b6536592a9b51fe65faed43d65ca9158e
(since Linux 4.4).
.TP
.IR CoreDumping
Contains the value 1 if the process is currently dumping core,
and 0 if it is not
.\" commit c643401218be0f4ab3522e0c0a63016596d6e9ca
(since Linux 4.15).
This information can be used by a monitoring process to avoid killing
a process that is currently dumping core,
which could result in a corrupted core dump file.
.TP
.IR Threads
Number of threads in process containing this thread.
.TP
.IR SigQ
This field contains two slash-separated numbers that relate to
queued signals for the real user ID of this process.
The first of these is the number of currently queued
signals for this real user ID, and the second is the
resource limit on the number of queued signals for this process
(see the description of
.BR RLIMIT_SIGPENDING
in
.BR getrlimit (2)).
.TP
.IR SigPnd ", " ShdPnd
Mask (expressed in hexadecimal)
of signals pending for thread and for process as a whole (see
.BR pthreads (7)
and
.BR signal (7)).
.TP
.IR SigBlk ", " SigIgn ", " SigCgt
Masks (expressed in hexadecimal)
indicating signals being blocked, ignored, and caught (see
.BR signal (7)).
.TP
.IR CapInh ", " CapPrm ", " CapEff
Masks (expressed in hexadecimal)
of capabilities enabled in inheritable, permitted, and effective sets
(see
.BR capabilities (7)).
.TP
.IR CapBnd
Capability bounding set, expressed in hexadecimal
(since Linux 2.6.26, see
.BR capabilities (7)).
.TP
.IR CapAmb
Ambient capability set, expressed in hexadecimal
(since Linux 4.3, see
.BR capabilities (7)).
.TP
.IR NoNewPrivs
.\" commit af884cd4a5ae62fcf5e321fecf0ec1014730353d
Value of the
.I no_new_privs
bit
(since Linux 4.10, see
.BR prctl (2)).
.TP
.IR Seccomp
.\" commit 2f4b3bf6b2318cfaa177ec5a802f4d8d6afbd816
Seccomp mode of the process
(since Linux 3.8, see
.BR seccomp (2)).
0 means
.BR SECCOMP_MODE_DISABLED ;
1 means
.BR SECCOMP_MODE_STRICT ;
2 means
.BR SECCOMP_MODE_FILTER .
This field is provided only if the kernel was built with the
.BR CONFIG_SECCOMP
kernel configuration option enabled.
.TP
.IR Speculation_Store_Bypass
.\" commit fae1fa0fc6cca8beee3ab8ed71d54f9a78fa3f64
Speculation flaw mitigation state
(since Linux 4.17, see
.BR prctl (2)).
.TP
.IR Cpus_allowed
Hexadecimal mask of CPUs on which this process may run
(since Linux 2.6.24, see
.BR cpuset (7)).
.TP
.IR Cpus_allowed_list
Same as previous, but in "list format"
(since Linux 2.6.26, see
.BR cpuset (7)).
.TP
.IR Mems_allowed
Mask of memory nodes allowed to this process
(since Linux 2.6.24, see
.BR cpuset (7)).
.TP
.IR Mems_allowed_list
Same as previous, but in "list format"
(since Linux 2.6.26, see
.BR cpuset (7)).
.TP
.IR voluntary_ctxt_switches ", " nonvoluntary_ctxt_switches
Number of voluntary and involuntary context switches (since Linux 2.6.23).
.RE
.TP
.IR /proc/[pid]/syscall " (since Linux 2.6.27)"
.\" commit ebcb67341fee34061430f3367f2e507e52ee051b
This file exposes the system call number and argument registers for the
system call currently being executed by the process,
followed by the values of the stack pointer and program counter registers.
The values of all six argument registers are exposed,
although most system calls use fewer registers.
.IP
If the process is blocked, but not in a system call,
then the file displays \-1 in place of the system call number,
followed by just the values of the stack pointer and program counter.
If process is not blocked, then the file contains just the string "running".
.IP
This file is present only if the kernel was configured with
.BR CONFIG_HAVE_ARCH_TRACEHOOK .
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_ATTACH_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[pid]/task " (since Linux 2.6.0)"
.\" Precisely: Linux 2.6.0-test6
This is a directory that contains one subdirectory
for each thread in the process.
The name of each subdirectory is the numerical thread ID
.RI ( [tid] )
of the thread (see
.BR gettid (2)).
.IP
Within each of these subdirectories, there is a set of
files with the same names and contents as under the
.I /proc/[pid]
directories.
For attributes that are shared by all threads, the contents for
each of the files under the
.I task/[tid]
subdirectories will be the same as in the corresponding
file in the parent
.I /proc/[pid]
directory
(e.g., in a multithreaded process, all of the
.I task/[tid]/cwd
files will have the same value as the
.I /proc/[pid]/cwd
file in the parent directory, since all of the threads in a process
share a working directory).
For attributes that are distinct for each thread,
the corresponding files under
.I task/[tid]
may have different values (e.g., various fields in each of the
.I task/[tid]/status
files may be different for each thread),
.\" in particular: "children" :/
or they might not exist in
.I /proc/[pid]
at all.
.IP
.\" The following was still true as at kernel 2.6.13
In a multithreaded process, the contents of the
.I /proc/[pid]/task
directory are not available if the main thread has already terminated
(typically by calling
.BR pthread_exit (3)).
.TP
.IR /proc/[pid]/task/[tid]/children " (since Linux 3.5)"
.\" commit 818411616baf46ceba0cff6f05af3a9b294734f7
A space-separated list of child tasks of this task.
Each child task is represented by its TID.
.IP
.\" see comments in get_children_pid() in fs/proc/array.c
This option is intended for use by the checkpoint-restore (CRIU) system,
and reliably provides a list of children only if all of the child processes
are stopped or frozen.
It does not work properly if children of the target task exit while
the file is being read!
Exiting children may cause non-exiting children to be omitted from the list.
This makes this interface even more unreliable than classic PID-based
approaches if the inspected task and its children aren't frozen,
and most code should probably not use this interface.
.IP
Until Linux 4.2, the presence of this file was governed by the
.B CONFIG_CHECKPOINT_RESTORE
kernel configuration option.
Since Linux 4.2,
.\" commit 2e13ba54a2682eea24918b87ad3edf70c2cf085b
it is governed by the
.B CONFIG_PROC_CHILDREN
option.
.TP
.IR /proc/[pid]/timers " (since Linux 3.10)"
.\" commit 5ed67f05f66c41e39880a6d61358438a25f9fee5
.\" commit 48f6a7a511ef8823fdff39afee0320092d43a8a0
A list of the POSIX timers for this process.
Each timer is listed with a line that starts with the string "ID:".
For example:
.IP
.in +4n
.EX
ID: 1
signal: 60/00007fff86e452a8
notify: signal/pid.2634
ClockID: 0
ID: 0
signal: 60/00007fff86e452a8
notify: signal/pid.2634
ClockID: 1
.EE
.in
.IP
The lines shown for each timer have the following meanings:
.RS
.TP
.I ID
The ID for this timer.
This is not the same as the timer ID returned by
.BR timer_create (2);
rather, it is the same kernel-internal ID that is available via the
.I si_timerid
field of the
.IR siginfo_t
structure (see
.BR sigaction (2)).
.TP
.I signal
This is the signal number that this timer uses to deliver notifications
followed by a slash, and then the
.I sigev_value
value supplied to the signal handler.
Valid only for timers that notify via a signal.
.TP
.I notify
The part before the slash specifies the mechanism
that this timer uses to deliver notifications,
and is one of "thread", "signal", or "none".
Immediately following the slash is either the string "tid" for timers
with
.B SIGEV_THREAD_ID
notification, or "pid" for timers that notify by other mechanisms.
Following the "." is the PID of the process
(or the kernel thread ID of the thread)  that will be delivered
a signal if the timer delivers notifications via a signal.
.TP
.I ClockID
This field identifies the clock that the timer uses for measuring time.
For most clocks, this is a number that matches one of the user-space
.BR CLOCK_*
constants exposed via
.IR <time.h> .
.B CLOCK_PROCESS_CPUTIME_ID
timers display with a value of \-6
in this field.
.B CLOCK_THREAD_CPUTIME_ID
timers display with a value of \-2
in this field.
.RE
.IP
This file is available only when the kernel was configured with
.BR CONFIG_CHECKPOINT_RESTORE .
.TP
.IR /proc/[pid]/timerslack_ns " (since Linux 4.6)"
.\" commit da8b44d5a9f8bf26da637b7336508ca534d6b319
.\" commit 5de23d435e88996b1efe0e2cebe242074ce67c9e
This file exposes the process's "current" timer slack value,
expressed in nanoseconds.
The file is writable,
allowing the process's timer slack value to be changed.
Writing 0 to this file resets the "current" timer slack to the
"default" timer slack value.
For further details, see the discussion of
.BR PR_SET_TIMERSLACK
in
.BR prctl (2).
.IP
Initially,
permission to access this file was governed by a ptrace access mode
.B PTRACE_MODE_ATTACH_FSCREDS
check (see
.BR ptrace (2)).
However, this was subsequently deemed too strict a requirement
(and had the side effect that requiring a process to have the
.B CAP_SYS_PTRACE
capability would also allow it to view and change any process's memory).
Therefore, since Linux 4.9,
.\" commit 7abbaf94049914f074306d960b0f968ffe52e59f
only the (weaker)
.B CAP_SYS_NICE
capability is required to access this file.
.TP
.IR /proc/[pid]/uid_map " (since Linux 3.5)"
See
.BR user_namespaces (7).
.TP
.IR /proc/[pid]/wchan " (since Linux 2.6.0)"
The symbolic name corresponding to the location
in the kernel where the process is sleeping.
.IP
Permission to access this file is governed by a ptrace access mode
.B PTRACE_MODE_READ_FSCREDS
check; see
.BR ptrace (2).
.TP
.IR /proc/[tid]
There  is a numerical subdirectory for each running thread
that is not a thread group leader
(i.e., a thread whose thread ID is not the same as its process ID);
the subdirectory is named by the thread ID.
Each one of these subdirectories contains files and subdirectories
exposing information about the thread with the thread ID
.IR tid .
The contents of these directories are the same as the corresponding
.IR /proc/[pid]/task/[tid]
directories.
.IP
The
.I /proc/[tid]
subdirectories are
.I not
visible when iterating through
.I /proc
with
.BR getdents (2)
(and thus are
.I not
visible when one uses
.BR ls (1)
to view the contents of
.IR /proc ).
However, the pathnames of these directories are visible to
(i.e., usable as arguments in)
system calls that operate on pathnames.
.TP
.I /proc/apm
Advanced power management version and battery information when
.B CONFIG_APM
is defined at kernel compilation time.
.TP
.I /proc/buddyinfo
This file contains information which is used for diagnosing memory
fragmentation issues.
Each line starts with the identification of the node and the name
of the zone which together identify a memory region.
This is then
followed by the count of available chunks of a certain order in
which these zones are split.
The size in bytes of a certain order is given by the formula:
.IP
    (2^order)\ *\ PAGE_SIZE
.IP
The binary buddy allocator algorithm inside the kernel will split
one chunk into two chunks of a smaller order (thus with half the
size) or combine two contiguous chunks into one larger chunk of
a higher order (thus with double the size) to satisfy allocation
requests and to counter memory fragmentation.
The order matches the column number, when starting to count at zero.
.IP
For example on an x86-64 system:
.RS -12
.EX
Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
.EE
.RE
.IP
In this example, there is one node containing three zones and there
are 11 different chunk sizes.
If the page size is 4 kilobytes, then the first zone called
.I DMA
(on x86 the first 16 megabyte of memory) has 1 chunk of 4 kilobytes
(order 0) available and has 3 chunks of 4 megabytes (order 10) available.
.IP
If the memory is heavily fragmented, the counters for higher
order chunks will be zero and allocation of large contiguous areas
will fail.
.IP
Further information about the zones can be found in
.IR /proc/zoneinfo .
.TP
.I /proc/bus
Contains subdirectories for installed busses.
.TP
.I /proc/bus/pccard
Subdirectory for PCMCIA devices when
.B CONFIG_PCMCIA
is set at kernel compilation time.
.TP
.I /proc/bus/pccard/drivers
.TP
.I /proc/bus/pci
Contains various bus subdirectories and pseudo-files containing
information about PCI busses, installed devices, and device
drivers.
Some of these files are not ASCII.
.TP
.I /proc/bus/pci/devices
Information about PCI devices.
They may be accessed through
.BR lspci (8)
and
.BR setpci (8).
.TP
.IR /proc/cgroups " (since Linux 2.6.24)"
See
.BR cgroups (7).
.TP
.I /proc/cmdline
Arguments passed to the Linux kernel at boot time.
Often done via a boot manager such as
.BR lilo (8)
or
.BR grub (8).
.TP
.IR /proc/config.gz " (since Linux 2.6)"
This file exposes the configuration options that were used
to build the currently running kernel,
in the same format as they would be shown in the
.I .config
file that resulted when configuring the kernel (using
.IR "make xconfig" ,
.IR "make config" ,
or similar).
The file contents are compressed; view or search them using
.BR zcat (1)
and
.BR zgrep (1).
As long as no changes have been made to the following file,
the contents of
.I /proc/config.gz
are the same as those provided by:
.IP
.in +4n
.EX
cat /lib/modules/$(uname \-r)/build/.config
.EE
.in
.IP
.I /proc/config.gz
is provided only if the kernel is configured with
.BR CONFIG_IKCONFIG_PROC .
.TP
.I /proc/crypto
A list of the ciphers provided by the kernel crypto API.
For details, see the kernel
.I "Linux Kernel Crypto API"
documentation available under the kernel source directory
.I Documentation/crypto/
.\" commit 3b72c814a8e8cd638e1ba0da4dfce501e9dff5af
(or
.I Documentation/DocBook
before 4.10;
the documentation can be built using a command such as
.IR "make htmldocs"
in the root directory of the kernel source tree).
.TP
.I /proc/cpuinfo
This is a collection of CPU and system architecture dependent items,
for each supported architecture a different list.
Two common entries are \fIprocessor\fP which gives CPU number and
\fIbogomips\fP; a system constant that is calculated
during kernel initialization.
SMP machines have information for
each CPU.
The
.BR lscpu (1)
command gathers its information from this file.
.TP
.I /proc/devices
Text listing of major numbers and device groups.
This can be used by MAKEDEV scripts for consistency with the kernel.
.TP
.IR /proc/diskstats " (since Linux 2.5.69)"
This file contains disk I/O statistics for each disk device.
See the Linux kernel source file
.I ./Documentation/admin\-guide/iostats.rst
(or
.I Documentation/iostats.txt
before Linux 5.3)
for further information.
.TP
.I /proc/dma
This is a list of the registered \fIISA\fP DMA (direct memory access)
channels in use.
.TP
.I /proc/driver
Empty subdirectory.
.TP
.I /proc/execdomains
List of the execution domains (ABI personalities).
.TP
.I /proc/fb
Frame buffer information when
.B CONFIG_FB
is defined during kernel compilation.
.TP
.I /proc/filesystems
A text listing of the filesystems which are supported by the kernel,
namely filesystems which were compiled into the kernel or whose kernel
modules are currently loaded.
(See also
.BR filesystems (5).)
If a filesystem is marked with "nodev",
this means that it does not require a block device to be mounted
(e.g., virtual filesystem, network filesystem).
.IP
Incidentally, this file may be used by
.BR mount (8)
when no filesystem is specified and it didn't manage to determine the
filesystem type.
Then filesystems contained in this file are tried
(excepted those that are marked with "nodev").
.TP
.I /proc/fs
.\" FIXME Much more needs to be said about /proc/fs
.\"
Contains subdirectories that in turn contain files
with information about (certain) mounted filesystems.
.TP
.I /proc/ide
This directory
exists on systems with the IDE bus.
There are directories for each IDE channel and attached device.
Files include:
.IP
.in +4n
.EX
cache              buffer size in KB
capacity           number of sectors
driver             driver version
geometry           physical and logical geometry
identify           in hexadecimal
media              media type
model              manufacturer\(aqs model number
settings           drive settings
smart_thresholds   IDE disk management thresholds (in hex)
smart_values       IDE disk management values (in hex)
.EE
.in
.IP
The
.BR hdparm (8)
utility provides access to this information in a friendly format.
.TP
.I /proc/interrupts
This is used to record the number of interrupts per CPU per IO device.
Since Linux 2.6.24,
for the i386 and x86-64 architectures, at least, this also includes
interrupts internal to the system (that is, not associated with a device
as such), such as NMI (nonmaskable interrupt), LOC (local timer interrupt),
and for SMP systems, TLB (TLB flush interrupt), RES (rescheduling
interrupt), CAL (remote function call interrupt), and possibly others.
Very easy to read formatting, done in ASCII.
.TP
.I /proc/iomem
I/O memory map in Linux 2.4.
.TP
.I /proc/ioports
This is a list of currently registered Input-Output port regions that
are in use.
.TP
.IR /proc/kallsyms " (since Linux 2.5.71)"
This holds the kernel exported symbol definitions used by the
.BR modules (X)
tools to dynamically link and bind loadable modules.
In Linux 2.5.47 and earlier, a similar file with slightly different syntax
was named
.IR ksyms .
.TP
.I /proc/kcore
This file represents the physical memory of the system and is stored
in the ELF core file format.
With this pseudo-file, and an unstripped
kernel
.RI ( /usr/src/linux/vmlinux )
binary, GDB can be used to
examine the current state of any kernel data structures.
.IP
The total length of the file is the size of physical memory (RAM) plus
4\ KiB.
.TP
.IR /proc/keys " (since Linux 2.6.10)"
See
.BR keyrings (7).
.TP
.IR /proc/key\-users " (since Linux 2.6.10)"
See
.BR keyrings (7).
.TP
.I /proc/kmsg
This file can be used instead of the
.BR syslog (2)
system call to read kernel messages.
A process must have superuser
privileges to read this file, and only one process should read this
file.
This file should not be read if a syslog process is running
which uses the
.BR syslog (2)
system call facility to log kernel messages.
.IP
Information in this file is retrieved with the
.BR dmesg (1)
program.
.TP
.IR /proc/kpagecgroup " (since Linux 4.3)"
.\" commit 80ae2fdceba8313b0433f899bdd9c6c463291a17
This file contains a 64-bit inode number of
the memory cgroup each page is charged to,
indexed by page frame number (see the discussion of
.IR /proc/[pid]/pagemap ).
.IP
The
.IR /proc/kpagecgroup
file is present only if the
.B CONFIG_MEMCG
kernel configuration option is enabled.
.TP
.IR /proc/kpagecount " (since Linux 2.6.25)"
This file contains a 64-bit count of the number of
times each physical page frame is mapped,
indexed by page frame number (see the discussion of
.IR /proc/[pid]/pagemap ).
.IP
The
.IR /proc/kpagecount
file is present only if the
.B CONFIG_PROC_PAGE_MONITOR
kernel configuration option is enabled.
.TP
.IR /proc/kpageflags " (since Linux 2.6.25)"
This file contains 64-bit masks corresponding to each physical page frame;
it is indexed by page frame number (see the discussion of
.IR /proc/[pid]/pagemap ).
The bits are as follows:
.IP
     0 - KPF_LOCKED
     1 - KPF_ERROR
     2 - KPF_REFERENCED
     3 - KPF_UPTODATE
     4 - KPF_DIRTY
     5 - KPF_LRU
     6 - KPF_ACTIVE
     7 - KPF_SLAB
     8 - KPF_WRITEBACK
     9 - KPF_RECLAIM
    10 - KPF_BUDDY
    11 - KPF_MMAP           (since Linux 2.6.31)
    12 - KPF_ANON           (since Linux 2.6.31)
    13 - KPF_SWAPCACHE      (since Linux 2.6.31)
    14 - KPF_SWAPBACKED     (since Linux 2.6.31)
    15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
    16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
    17 - KPF_HUGE           (since Linux 2.6.31)
    18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
    19 - KPF_HWPOISON       (since Linux 2.6.31)
    20 - KPF_NOPAGE         (since Linux 2.6.31)
    21 - KPF_KSM            (since Linux 2.6.32)
    22 - KPF_THP            (since Linux 3.4)
    23 - KPF_BALLOON        (since Linux 3.18)
.\" KPF_BALLOON: commit 09316c09dde33aae14f34489d9e3d243ec0d5938
    24 - KPF_ZERO_PAGE      (since Linux 4.0)
.\" KPF_ZERO_PAGE: commit 56873f43abdcd574b25105867a990f067747b2f4
    25 - KPF_IDLE           (since Linux 4.3)
.\" KPF_IDLE: commit f074a8f49eb87cde95ac9d040ad5e7ea4f029738
.IP
For further details on the meanings of these bits,
see the kernel source file
.IR Documentation/admin\-guide/mm/pagemap.rst .
Before kernel 2.6.29,
.\" commit ad3bdefe877afb47480418fdb05ecd42842de65e
.\" commit e07a4b9217d1e97d2f3a62b6b070efdc61212110
.BR KPF_WRITEBACK ,
.BR KPF_RECLAIM ,
.BR KPF_BUDDY ,
and
.BR KPF_LOCKED
did not report correctly.
.IP
The
.IR /proc/kpageflags
file is present only if the
.B CONFIG_PROC_PAGE_MONITOR
kernel configuration option is enabled.
.TP
.IR /proc/ksyms " (Linux 1.1.23\(en2.5.47)"
See
.IR /proc/kallsyms .
.TP
.I /proc/loadavg
The first three fields in this file are load average figures
giving the number of jobs in the run queue (state R)
or waiting for disk I/O (state D) averaged over 1, 5, and 15 minutes.
They are the same as the load average numbers given by
.BR uptime (1)
and other programs.
The fourth field consists of two numbers separated by a slash (/).
The first of these is the number of currently runnable kernel
scheduling entities (processes, threads).
The value after the slash is the number of kernel scheduling entities
that currently exist on the system.
The fifth field is the PID of the process that was most
recently created on the system.
.TP
.I /proc/locks
This file shows current file locks
.RB ( flock "(2) and " fcntl (2))
and leases
.RB ( fcntl (2)).
.IP
An example of the content shown in this file is the following:
.IP
.in +4n
.EX
1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
8: OFDLCK ADVISORY  WRITE \-1 08:01:8713209 128 191
.EE
.in
.IP
The fields shown in each line are as follows:
.RS
.IP (1) 4
The ordinal position of the lock in the list.
.IP (2)
The lock type.
Values that may appear here include:
.RS
.TP
.B FLOCK
This is a BSD file lock created using
.BR flock (2).
.TP
.B OFDLCK
This is an open file description (OFD) lock created using
.BR fcntl (2).
.TP
.B POSIX
This is a POSIX byte-range lock created using
.BR fcntl (2).
.RE
.IP (3)
Among the strings that can appear here are the following:
.RS
.TP
.B ADVISORY
This is an advisory lock.
.TP
.B MANDATORY
This is a mandatory lock.
.RE
.IP (4)
The type of lock.
Values that can appear here are:
.RS
.TP
.B READ
This is a POSIX or OFD read lock, or a BSD shared lock.
.TP
.B WRITE
This is a POSIX or OFD write lock, or a BSD exclusive lock.
.RE
.IP (5)
The PID of the process that owns the lock.
.IP
Because OFD locks are not owned by a single process
(since multiple processes may have file descriptors that
refer to the same open file description),
the value \-1 is displayed in this field for OFD locks.
(Before kernel 4.14,
.\" commit 9d5b86ac13c573795525ecac6ed2db39ab23e2a8
a bug meant that the PID of the process that
initially acquired the lock was displayed instead of the value \-1.)
.IP (6)
Three colon-separated subfields that identify the major and minor device
ID of the device containing the filesystem where the locked file resides,
followed by the inode number of the locked file.
.IP (7)
The byte offset of the first byte of the lock.
For BSD locks, this value is always 0.
.IP (8)
The byte offset of the last byte of the lock.
.B EOF
in this field means that the lock extends to the end of the file.
For BSD locks, the value shown is always
.IR EOF .
.RE
.IP
Since Linux 4.9,
.\" commit d67fd44f697dff293d7cdc29af929241b669affe
the list of locks shown in
.I /proc/locks
is filtered to show just the locks for the processes in the PID
namespace (see
.BR pid_namespaces (7))
for which the
.I /proc
filesystem was mounted.
(In the initial PID namespace,
there is no filtering of the records shown in this file.)
.IP
The
.BR lslocks (8)
command provides a bit more information about each lock.
.TP
.IR /proc/malloc " (only up to and including Linux 2.2)"
.\" It looks like this only ever did something back in 1.0 days
This file is present only if
.B CONFIG_DEBUG_MALLOC
was defined during compilation.
.TP
.I /proc/meminfo
This file reports statistics about memory usage on the system.
It is used by
.BR free (1)
to report the amount of free and used memory (both physical and swap)
on the system as well as the shared memory and buffers used by the
kernel.
Each line of the file consists of a parameter name, followed by a colon,
the value of the parameter, and an option unit of measurement (e.g., "kB").
The list below describes the parameter names and
the format specifier required to read the field value.
Except as noted below,
all of the fields have been present since at least Linux 2.6.0.
Some fields are displayed only if the kernel was configured
with various options; those dependencies are noted in the list.
.RS
.TP
.IR MemTotal " %lu"
Total usable RAM (i.e., physical RAM minus a few reserved
bits and the kernel binary code).
.TP
.IR MemFree " %lu"
The sum of
.IR LowFree + HighFree .
.TP
.IR MemAvailable " %lu (since Linux 3.14)"
An estimate of how much memory is available for starting new
applications, without swapping.
.TP
.IR Buffers " %lu"
Relatively temporary storage for raw disk blocks that
shouldn't get tremendously large (20 MB or so).
.TP
.IR Cached " %lu"
In-memory cache for files read from the disk (the page cache).
Doesn't include
.IR SwapCached .
.TP
.IR SwapCached " %lu"
Memory that once was swapped out, is swapped back in but
still also is in the swap file.
(If memory pressure is high, these pages
don't need to be swapped out again because they are already
in the swap file.
This saves I/O.)
.TP
.IR Active " %lu"
Memory that has been used more recently and usually not
reclaimed unless absolutely necessary.
.TP
.IR Inactive " %lu"
Memory which has been less recently used.
It is more eligible to be reclaimed for other purposes.
.TP
.IR Active(anon) " %lu (since Linux 2.6.28)"
[To be documented.]
.TP
.IR Inactive(anon) " %lu (since Linux 2.6.28)"
[To be documented.]
.TP
.IR Active(file) " %lu (since Linux 2.6.28)"
[To be documented.]
.TP
.IR Inactive(file) " %lu (since Linux 2.6.28)"
[To be documented.]
.TP
.IR Unevictable " %lu (since Linux 2.6.28)"
(From Linux 2.6.28 to 2.6.30,
\fBCONFIG_UNEVICTABLE_LRU\fP was required.)
[To be documented.]
.TP
.IR Mlocked " %lu (since Linux 2.6.28)"
(From Linux 2.6.28 to 2.6.30,
\fBCONFIG_UNEVICTABLE_LRU\fP was required.)
[To be documented.]
.TP
.IR HighTotal " %lu"
(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.)
Total amount of highmem.
Highmem is all memory above \(ti860 MB of physical memory.
Highmem areas are for use by user-space programs,
or for the page cache.
The kernel must use tricks to access
this memory, making it slower to access than lowmem.
.TP
.IR HighFree " %lu"
(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.)
Amount of free highmem.
.TP
.IR LowTotal " %lu"
(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.)
Total amount of lowmem.
Lowmem is memory which can be used for everything that
highmem can be used for, but it is also available for the
kernel's use for its own data structures.
Among many other things,
it is where everything from
.I Slab
is allocated.
Bad things happen when you're out of lowmem.
.TP
.IR LowFree " %lu"
(Starting with Linux 2.6.19, \fBCONFIG_HIGHMEM\fP is required.)
Amount of free lowmem.
.TP
.IR MmapCopy " %lu (since Linux 2.6.29)"
.RB ( CONFIG_MMU
is required.)
[To be documented.]
.TP
.IR SwapTotal " %lu"
Total amount of swap space available.
.TP
.IR SwapFree " %lu"
Amount of swap space that is currently unused.
.TP
.IR Dirty " %lu"
Memory which is waiting to get written back to the disk.
.TP
.IR Writeback " %lu"
Memory which is actively being written back to the disk.
.TP
.IR AnonPages " %lu (since Linux 2.6.18)"
Non-file backed pages mapped into user-space page tables.
.TP
.IR Mapped " %lu"
Files which have been mapped into memory (with
.BR mmap (2)),
such as libraries.
.TP
.IR Shmem " %lu (since Linux 2.6.32)"
Amount of memory consumed in
.BR tmpfs (5)
filesystems.
.TP
.IR KReclaimable " %lu (since Linux 4.20)"
Kernel allocations that the kernel will attempt to reclaim
under memory pressure.
Includes
.I SReclaimable
(below), and other direct allocations with a shrinker.
.TP
.IR Slab " %lu"
In-kernel data structures cache.
(See
.BR slabinfo (5).)
.TP
.IR SReclaimable " %lu (since Linux 2.6.19)"
Part of
.IR Slab ,
that might be reclaimed, such as caches.
.TP
.IR SUnreclaim " %lu (since Linux 2.6.19)"
Part of
.IR Slab ,
that cannot be reclaimed on memory pressure.
.TP
.IR KernelStack " %lu (since Linux 2.6.32)"
Amount of memory allocated to kernel stacks.
.TP
.IR PageTables " %lu (since Linux 2.6.18)"
Amount of memory dedicated to the lowest level of page tables.
.TP
.IR Quicklists " %lu (since Linux 2.6.27)"
(\fBCONFIG_QUICKLIST\fP is required.)
[To be documented.]
.TP
.IR NFS_Unstable " %lu (since Linux 2.6.18)"
NFS pages sent to the server, but not yet committed to stable storage.
.TP
.IR Bounce " %lu (since Linux 2.6.18)"
Memory used for block device "bounce buffers".
.TP
.IR WritebackTmp " %lu (since Linux 2.6.26)"
Memory used by FUSE for temporary writeback buffers.
.TP
.IR CommitLimit " %lu (since Linux 2.6.10)"
This is the total amount of memory currently available to
be allocated on the system, expressed in kilobytes.
This limit is adhered to
only if strict overcommit accounting is enabled (mode 2 in
.IR /proc/sys/vm/overcommit_memory ).
The limit is calculated according to the formula described under
.IR /proc/sys/vm/overcommit_memory .
For further details, see the kernel source file
.IR Documentation/vm/overcommit\-accounting.rst .
.TP
.IR Committed_AS " %lu"
The amount of memory presently allocated on the system.
The committed memory is a sum of all of the memory which
has been allocated by processes, even if it has not been
"used" by them as of yet.
A process which allocates 1 GB of memory (using
.BR malloc (3)
or similar), but touches only 300 MB of that memory will show up
as using only 300 MB of memory even if it has the address space
allocated for the entire 1 GB.
.IP
This 1 GB is memory which has been "committed" to by the VM
and can be used at any time by the allocating application.
With strict overcommit enabled on the system (mode 2 in
.IR /proc/sys/vm/overcommit_memory ),
allocations which would exceed the
.I CommitLimit
will not be permitted.
This is useful if one needs to guarantee that processes will not
fail due to lack of memory once that memory has been successfully allocated.
.TP
.IR VmallocTotal " %lu"
Total size of vmalloc memory area.
.TP
.IR VmallocUsed " %lu"
Amount of vmalloc area which is used.
Since Linux 4.4,
.\" commit a5ad88ce8c7fae7ddc72ee49a11a75aa837788e0
this field is no longer calculated, and is hard coded as 0.
See
.IR /proc/vmallocinfo .
.TP
.IR VmallocChunk " %lu"
Largest contiguous block of vmalloc area which is free.
Since Linux 4.4,
.\" commit a5ad88ce8c7fae7ddc72ee49a11a75aa837788e0
this field is no longer calculated and is hard coded as 0.
See
.IR /proc/vmallocinfo .
.TP
.IR HardwareCorrupted " %lu (since Linux 2.6.32)"
(\fBCONFIG_MEMORY_FAILURE\fP is required.)
[To be documented.]
.TP
.IR LazyFree " %lu (since Linux 4.12)"
Shows the amount of memory marked by
.BR madvise (2)
.BR MADV_FREE .
.TP
.IR AnonHugePages " %lu (since Linux 2.6.38)"
(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.)
Non-file backed huge pages mapped into user-space page tables.
.TP
.IR ShmemHugePages " %lu (since Linux 4.8)"
(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.)
Memory used by shared memory (shmem) and
.BR tmpfs (5)
allocated with huge pages.
.TP
.IR ShmemPmdMapped " %lu (since Linux 4.8)"
(\fBCONFIG_TRANSPARENT_HUGEPAGE\fP is required.)
Shared memory mapped into user space with huge pages.
.TP
.IR CmaTotal " %lu (since Linux 3.1)"
Total CMA (Contiguous Memory Allocator) pages.
(\fBCONFIG_CMA\fP is required.)
.TP
.IR CmaFree " %lu (since Linux 3.1)"
Free CMA (Contiguous Memory Allocator) pages.
(\fBCONFIG_CMA\fP is required.)
.TP
.IR HugePages_Total " %lu"
(\fBCONFIG_HUGETLB_PAGE\fP is required.)
The size of the pool of huge pages.
.TP
.IR HugePages_Free " %lu"
(\fBCONFIG_HUGETLB_PAGE\fP is required.)
The number of huge pages in the pool that are not yet allocated.
.TP
.IR HugePages_Rsvd " %lu (since Linux 2.6.17)"
(\fBCONFIG_HUGETLB_PAGE\fP is required.)
This is the number of huge pages for
which a commitment to allocate from the pool has been made,
but no allocation has yet been made.
These reserved huge pages
guarantee that an application will be able to allocate a
huge page from the pool of huge pages at fault time.
.TP
.IR HugePages_Surp " %lu (since Linux 2.6.24)"
(\fBCONFIG_HUGETLB_PAGE\fP is required.)
This is the number of huge pages in
the pool above the value in
.IR /proc/sys/vm/nr_hugepages .
The maximum number of surplus huge pages is controlled by
.IR /proc/sys/vm/nr_overcommit_hugepages .
.TP
.IR Hugepagesize " %lu"
(\fBCONFIG_HUGETLB_PAGE\fP is required.)
The size of huge pages.
.TP
.IR DirectMap4k " %lu (since Linux 2.6.27)"
Number of bytes of RAM linearly mapped by kernel in 4 kB pages.
(x86.)
.TP
.IR DirectMap4M " %lu (since Linux 2.6.27)"
Number of bytes of RAM linearly mapped by kernel in 4 MB pages.
(x86 with
.BR CONFIG_X86_64
or
.BR CONFIG_X86_PAE
enabled.)
.TP
.IR DirectMap2M " %lu (since Linux 2.6.27)"
Number of bytes of RAM linearly mapped by kernel in 2 MB pages.
(x86 with neither
.BR CONFIG_X86_64
nor
.BR CONFIG_X86_PAE
enabled.)
.TP
.IR DirectMap1G " %lu (since Linux 2.6.27)"
(x86 with
.BR CONFIG_X86_64
and
.B CONFIG_X86_DIRECT_GBPAGES
enabled.)
.RE
.TP
.I /proc/modules
A text list of the modules that have been loaded by the system.
See also
.BR lsmod (8).
.TP
.I /proc/mounts
Before kernel 2.4.19, this file was a list
of all the filesystems currently mounted on the system.
With the introduction of per-process mount namespaces in Linux 2.4.19 (see
.BR mount_namespaces (7)),
this file became a link to
.IR /proc/self/mounts ,
which lists the mounts of the process's own mount namespace.
The format of this file is documented in
.BR fstab (5).
.TP
.I /proc/mtrr
Memory Type Range Registers.
See the Linux kernel source file
.I Documentation/x86/mtrr.rst
(or
.I Documentation/x86/mtrr.txt
.\" commit 7225e75144b9718cbbe1820d9c011c809d5773fd
before Linux 5.2, or
.I Documentation/mtrr.txt
before Linux 2.6.28)
for details.
.TP
.I /proc/net
This directory contains various files and subdirectories containing
information about the networking layer.
The files contain ASCII structures and are,
therefore, readable with
.BR cat (1).
However, the standard
.BR netstat (8)
suite provides much cleaner access to these files.
.IP
With the advent of network namespaces,
various information relating to the network stack is virtualized (see
.BR network_namespaces (7)).
Thus, since Linux 2.6.25,
.\" commit e9720acd728a46cb40daa52c99a979f7c4ff195c
.IR /proc/net
is a symbolic link to the directory
.IR /proc/self/net ,
which contains the same files and directories as listed below.
However, these files and directories now expose information
for the network namespace of which the process is a member.
.TP
.I /proc/net/arp
This holds an ASCII readable dump of the kernel ARP table used for
address resolutions.
It will show both dynamically learned and preprogrammed ARP entries.
The format is:
.IP
.in +4n
.EX
IP address     HW type   Flags     HW address          Mask   Device
192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
.EE
.in
.IP
Here "IP address" is the IPv4 address of the machine and the "HW type"
is the hardware type of the address from RFC\ 826.
The flags are the internal
flags of the ARP structure (as defined in
.IR /usr/include/linux/if_arp.h )
and
the "HW address" is the data link layer mapping for that IP address if
it is known.
.TP
.I /proc/net/dev
The dev pseudo-file contains network device status information.
This gives
the number of received and sent packets, the number of errors and
collisions
and other basic statistics.
These are used by the
.BR ifconfig (8)
program to report device status.
The format is:
.IP
.EX
Inter\-|   Receive                                                |  Transmit
 face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
    lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
  eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
  ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
  tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
.EE
.\" .TP
.\" .I /proc/net/ipx
.\" No information.
.\" .TP
.\" .I /proc/net/ipx_route
.\" No information.
.TP
.I /proc/net/dev_mcast
Defined in
.IR /usr/src/linux/net/core/dev_mcast.c :
.IP
.in +4n
.EX
indx interface_name  dmi_u dmi_g dmi_address
2    eth0            1     0     01005e000001
3    eth1            1     0     01005e000001
4    eth2            1     0     01005e000001
.EE
.in
.TP
.I /proc/net/igmp
Internet Group Management Protocol.
Defined in
.IR /usr/src/linux/net/core/igmp.c .
.TP
.I /proc/net/rarp
This file uses the same format as the
.I arp
file and contains the current reverse mapping database used to provide
.BR rarp (8)
reverse address lookup services.
If RARP is not configured into the
kernel,
this file will not be present.
.TP
.I /proc/net/raw
Holds a dump of the RAW socket table.
Much of the information is not of
use
apart from debugging.
The "sl" value is the kernel hash slot for the
socket,
the "local_address" is the local address and protocol number pair.
\&"St" is
the internal status of the socket.
The "tx_queue" and "rx_queue" are the
outgoing and incoming data queue in terms of kernel memory usage.
The "tr", "tm\->when", and "rexmits" fields are not used by RAW.
The "uid"
field holds the effective UID of the creator of the socket.
.\" .TP
.\" .I /proc/net/route
.\" No information, but looks similar to
.\" .BR route (8).
.TP
.I /proc/net/snmp
This file holds the ASCII data needed for the IP, ICMP, TCP, and UDP
management
information bases for an SNMP agent.
.TP
.I /proc/net/tcp
Holds a dump of the TCP socket table.
Much of the information is not
of use apart from debugging.
The "sl" value is the kernel hash slot
for the socket, the "local_address" is the local address and port number pair.
The "rem_address" is the remote address and port number pair
(if connected).
\&"St" is the internal status of the socket.
The "tx_queue" and "rx_queue" are the
outgoing and incoming data queue in terms of kernel memory usage.
The "tr", "tm\->when", and "rexmits" fields hold internal information of
the kernel socket state and are useful only for debugging.
The "uid"
field holds the effective UID of the creator of the socket.
.TP
.I /proc/net/udp
Holds a dump of the UDP socket table.
Much of the information is not of
use apart from debugging.
The "sl" value is the kernel hash slot for the
socket, the "local_address" is the local address and port number pair.
The "rem_address" is the remote address and port number pair
(if connected).
"St" is the internal status of the socket.
The "tx_queue" and "rx_queue" are the outgoing and incoming data queue
in terms of kernel memory usage.
The "tr", "tm\->when", and "rexmits" fields
are not used by UDP.
The "uid"
field holds the effective UID of the creator of the socket.
The format is:
.IP
.EX
sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm\->when uid
 1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
 1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
 1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
.EE
.TP
.I /proc/net/unix
Lists the UNIX domain sockets present within the system and their
status.
The format is:
.IP
.EX
Num RefCount Protocol Flags    Type St Inode Path
 0: 00000002 00000000 00000000 0001 03    42
 1: 00000001 00000000 00010000 0001 01  1948 /dev/printer
.EE
.IP
The fields are as follows:
.RS
.TP 10
.IR Num :
the kernel table slot number.
.TP
.IR RefCount :
the number of users of the socket.
.TP
.IR Protocol :
currently always 0.
.TP
.IR Flags :
the internal kernel flags holding the status of the socket.
.TP
.IR Type :
the socket type.
For
.BR SOCK_STREAM
sockets, this is 0001; for
.BR SOCK_DGRAM
sockets, it is 0002; and for
.BR SOCK_SEQPACKET
sockets, it is 0005.
.TP
.IR St :
the internal state of the socket.
.TP
.IR Inode :
the inode number of the socket.
.TP
.IR Path :
the bound pathname (if any) of the socket.
Sockets in the abstract namespace are included in the list,
and are shown with a
.I Path
that commences with the character '@'.
.RE
.TP
.I /proc/net/netfilter/nfnetlink_queue
This file contains information about netfilter user-space queueing, if used.
Each line represents a queue.
Queues that have not been subscribed to
by user space are not shown.
.IP
.in +4n
.EX
   1   4207     0  2 65535     0     0        0  1
  (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
.EE
.in
.IP
The fields in each line are:
.RS 7
.TP 5
(1)
The ID of the queue.
This matches what is specified in the
.B \-\-queue\-num
or
.B \-\-queue\-balance
options to the
.BR iptables (8)
NFQUEUE target.
See
.BR iptables\-extensions (8)
for more information.
.TP
(2)
The netlink port ID subscribed to the queue.
.TP
(3)
The number of packets currently queued and waiting to be processed by
the application.
.TP
(4)
The copy mode of the queue.
It is either 1 (metadata only) or 2
(also copy payload data to user space).
.TP
(5)
Copy range; that is, how many bytes of packet payload should be copied to
user space at most.
.TP
(6)
queue dropped.
Number of packets that had to be dropped by the kernel because
too many packets are already waiting for user space to send back the mandatory
accept/drop verdicts.
.TP
(7)
queue user dropped.
Number of packets that were dropped within the netlink
subsystem.
Such drops usually happen when the corresponding socket buffer is
full; that is, user space is not able to read messages fast enough.
.TP
(8)
sequence number.
Every queued packet is associated with a (32-bit)
monotonically increasing sequence number.
This shows the ID of the most recent packet queued.
.RE
.IP
The last number exists only for compatibility reasons and is always 1.
.TP
.I /proc/partitions
Contains the major and minor numbers of each partition as well as the number
of 1024-byte blocks and the partition name.
.TP
.I /proc/pci
This is a listing of all PCI devices found during kernel initialization
and their configuration.
.IP
This file has been deprecated in favor of a new
.I /proc
interface for PCI
.RI ( /proc/bus/pci ).
It became optional in Linux 2.2 (available with
.B CONFIG_PCI_OLD_PROC
set at kernel compilation).
It became once more nonoptionally enabled in Linux 2.4.
Next, it was deprecated in Linux 2.6 (still available with
.B CONFIG_PCI_LEGACY_PROC
set), and finally removed altogether since Linux 2.6.17.
.\" FIXME Document /proc/sched_debug (since Linux 2.6.23)
.\" See also /proc/[pid]/sched
.TP
.IR /proc/profile " (since Linux 2.4)"
This file is present only if the kernel was booted with the
.I profile=1
command-line option.
It exposes kernel profiling information in a binary format for use by
.BR readprofile (1).
Writing (e.g., an empty string) to this file resets the profiling counters;
on some architectures,
writing a binary integer "profiling multiplier" of size
.IR sizeof(int)
sets the profiling interrupt frequency.
.TP
.I /proc/scsi
A directory with the
.I scsi
mid-level pseudo-file and various SCSI low-level
driver directories,
which contain a file for each SCSI host in this system, all of
which give the status of some part of the SCSI IO subsystem.
These files contain ASCII structures and are, therefore, readable with
.BR cat (1).
.IP
You can also write to some of the files to reconfigure the subsystem or
switch certain features on or off.
.TP
.I /proc/scsi/scsi
This is a listing of all SCSI devices known to the kernel.
The listing is similar to the one seen during bootup.
scsi currently supports only the \fIadd\-single\-device\fP command which
allows root to add a hotplugged device to the list of known devices.
.IP
The command
.IP
.in +4n
.EX
echo \(aqscsi add\-single\-device 1 0 5 0\(aq > /proc/scsi/scsi
.EE
.in
.IP
will cause
host scsi1 to scan on SCSI channel 0 for a device on ID 5 LUN 0.
If there
is already a device known on this address or the address is invalid, an
error will be returned.
.TP
.I /proc/scsi/[drivername]
\fI[drivername]\fP can currently be NCR53c7xx, aha152x, aha1542, aha1740,
aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000, pas16, qlogic,
scsi_debug, seagate, t128, u15\-24f, ultrastore, or wd7000.
These directories show up for all drivers that registered at least one
SCSI HBA.
Every directory contains one file per registered host.
Every host-file is named after the number the host was assigned during
initialization.
.IP
Reading these files will usually show driver and host configuration,
statistics, and so on.
.IP
Writing to these files allows different things on different hosts.
For example, with the \fIlatency\fP and \fInolatency\fP commands,
root can switch on and off command latency measurement code in the
eata_dma driver.
With the \fIlockup\fP and \fIunlock\fP commands,
root can control bus lockups simulated by the scsi_debug driver.
.TP
.I /proc/self
This directory refers to the process accessing the
.I /proc
filesystem,
and is identical to the
.I /proc
directory named by the process ID of the same process.
.TP
.I /proc/slabinfo
Information about kernel caches.
See
.BR slabinfo (5)
for details.
.TP
.I /proc/stat
kernel/system statistics.
Varies with architecture.
Common
entries include:
.RS
.TP
.I cpu  10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
.TQ
.I cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
The amount of time, measured in units of
USER_HZ (1/100ths of a second on most architectures, use
.IR sysconf(_SC_CLK_TCK)
to obtain the right value),
.\" 1024 on Alpha and ia64
that the system ("cpu" line) or the specific CPU ("cpu\fIN\fR" line)
spent in various states:
.RS
.TP
.I user
(1) Time spent in user mode.
.TP
.I nice
(2) Time spent in user mode with low priority (nice).
.TP
.I system
(3) Time spent in system mode.
.TP
.I idle
(4) Time spent in the idle task.
.\" FIXME . Actually, the following info about the /proc/stat 'cpu' field
.\"       does not seem to be quite right (at least in 2.6.12 or 3.6):
.\"       the idle time in /proc/uptime does not quite match this value
This value should be USER_HZ times the
second entry in the
.I /proc/uptime
pseudo-file.
.TP
.IR iowait " (since Linux 2.5.41)"
(5) Time waiting for I/O to complete.
This value is not reliable, for the following reasons:
.\" See kernel commit 9c240d757658a3ae9968dd309e674c61f07c7f48
.RS
.IP 1. 3
The CPU will not wait for I/O to complete;
iowait is the time that a task is waiting for I/O to complete.
When a CPU goes into idle state for outstanding task I/O,
another task will be scheduled on this CPU.
.IP 2.
On a multi-core CPU,
the task waiting for I/O to complete is not running on any CPU,
so the iowait of each CPU is difficult to calculate.
.IP 3.
The value in this field may
.I decrease
in certain conditions.
.RE
.TP
.IR irq " (since Linux 2.6.0)"
.\" Precisely: Linux 2.6.0-test4
(6) Time servicing interrupts.
.TP
.IR softirq " (since Linux 2.6.0)"
.\" Precisely: Linux 2.6.0-test4
(7) Time servicing softirqs.
.TP
.IR steal " (since Linux 2.6.11)"
(8) Stolen time, which is the time spent in other operating systems when
running in a virtualized environment
.TP
.IR guest " (since Linux 2.6.24)"
(9) Time spent running a virtual CPU for guest
operating systems under the control of the Linux kernel.
.\" See Changelog entry for 5e84cfde51cf303d368fcb48f22059f37b3872de
.TP
.IR guest_nice " (since Linux 2.6.33)"
.\" commit ce0e7b28fb75cb003cfc8d0238613aaf1c55e797
(10) Time spent running a niced guest (virtual CPU for guest
operating systems under the control of the Linux kernel).
.RE
.TP
\fIpage 5741 1808\fP
The number of pages the system paged in and the number that were paged
out (from disk).
.TP
\fIswap 1 0\fP
The number of swap pages that have been brought in and out.
.TP
.\" FIXME . The following is not the full picture for the 'intr' of
.\"       /proc/stat on 2.6:
\fIintr 1462898\fP
This line shows counts of interrupts serviced since boot time,
for each of the possible system interrupts.
The first column is the total of all interrupts serviced
including unnumbered architecture specific interrupts;
each subsequent column is the total for that particular numbered interrupt.
Unnumbered interrupts are not shown, only summed into the total.
.TP
\fIdisk_io: (2,0):(31,30,5764,1,2) (3,0):\fP...
(major,disk_idx):(noinfo, read_io_ops, blks_read, write_io_ops, blks_written)
.br
(Linux 2.4 only)
.TP
\fIctxt 115315\fP
The number of context switches that the system underwent.
.TP
\fIbtime 769041601\fP
boot time, in seconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).
.TP
\fIprocesses 86031\fP
Number of forks since boot.
.TP
\fIprocs_running 6\fP
Number of processes in runnable state.
(Linux 2.5.45 onward.)
.TP
\fIprocs_blocked 2\fP
Number of processes blocked waiting for I/O to complete.
(Linux 2.5.45 onward.)
.TP
.I softirq 229245889 94 60001584 13619 5175704 2471304 28 51212741 59130143 0 51240672
.\" commit d3d64df21d3d0de675a0d3ffa7c10514f3644b30
This line shows the number of softirq for all CPUs.
The first column is the total of all softirqs and
each subsequent column is the total for particular softirq.
(Linux 2.6.31 onward.)
.RE
.TP
.I /proc/swaps
Swap areas in use.
See also
.BR swapon (8).
.TP
.I /proc/sys
This directory (present since 1.3.57) contains a number of files
and subdirectories corresponding to kernel variables.
These variables can be read and in some cases modified using
the \fI/proc\fP filesystem, and the (deprecated)
.BR sysctl (2)
system call.
.IP
String values may be terminated by either \(aq\e0\(aq or \(aq\en\(aq.
.IP
Integer and long values may be written either in decimal or in
hexadecimal notation (e.g., 0x3FFF).
When writing multiple integer or long values, these may be separated
by any of the following whitespace characters:
\(aq\ \(aq, \(aq\et\(aq, or \(aq\en\(aq.
Using other separators leads to the error
.BR EINVAL .
.TP
.IR /proc/sys/abi " (since Linux 2.4.10)"
This directory may contain files with application binary information.
.\" On some systems, it is not present.
See the Linux kernel source file
.I Documentation/sysctl/abi.rst
(or
.I Documentation/sysctl/abi.txt
before Linux 5.3)
for more information.
.TP
.I /proc/sys/debug
This directory may be empty.
.TP
.I /proc/sys/dev
This directory contains device-specific information (e.g.,
.IR dev/cdrom/info ).
On
some systems, it may be empty.
.TP
.I /proc/sys/fs
This directory contains the files and subdirectories for kernel variables
related to filesystems.
.TP
.IR /proc/sys/fs/aio\-max\-nr " and " /proc/sys/fs/aio\-nr " (since Linux 2.6.4)"
.I aio\-nr
is the running total of the number of events specified by
.BR io_setup (2)
calls for all currently active AIO contexts.
If
.I aio\-nr
reaches
.IR aio\-max\-nr ,
then
.BR io_setup (2)
will fail with the error
.BR EAGAIN .
Raising
.I aio\-max\-nr
does not result in the preallocation or resizing
of any kernel data structures.
.TP
.I /proc/sys/fs/binfmt_misc
Documentation for files in this directory can be found
in the Linux kernel source in the file
.IR Documentation/admin\-guide/binfmt\-misc.rst
(or in
.IR Documentation/binfmt_misc.txt
on older kernels).
.TP
.IR /proc/sys/fs/dentry\-state " (since Linux 2.2)"
This file contains information about the status of the
directory cache (dcache).
The file contains six numbers,
.IR nr_dentry ", " nr_unused ", " age_limit " (age in seconds),"
.I want_pages
(pages requested by system) and two dummy values.
.RS
.IP * 2
.I nr_dentry
is the number of allocated dentries (dcache entries).
This field is unused in Linux 2.2.
.IP *
.I nr_unused
is the number of unused dentries.
.IP *
.I age_limit
.\" looks like this is unused in kernels 2.2 to 2.6
is the age in seconds after which dcache entries
can be reclaimed when memory is short.
.IP *
.I want_pages
.\" looks like this is unused in kernels 2.2 to 2.6
is nonzero when the kernel has called shrink_dcache_pages() and the
dcache isn't pruned yet.
.RE
.TP
.I /proc/sys/fs/dir\-notify\-enable
This file can be used to disable or enable the
.I dnotify
interface described in
.BR fcntl (2)
on a system-wide basis.
A value of 0 in this file disables the interface,
and a value of 1 enables it.
.TP
.I /proc/sys/fs/dquot\-max
This file shows the maximum number of cached disk quota entries.
On some (2.4) systems, it is not present.
If the number of free cached disk quota entries is very low and
you have some awesome number of simultaneous system users,
you might want to raise the limit.
.TP
.I /proc/sys/fs/dquot\-nr
This file shows the number of allocated disk quota
entries and the number of free disk quota entries.
.TP
.IR /proc/sys/fs/epoll " (since Linux 2.6.28)"
This directory contains the file
.IR max_user_watches ,
which can be used to limit the amount of kernel memory consumed by the
.I epoll
interface.
For further details, see
.BR epoll (7).
.TP
.I /proc/sys/fs/file\-max
This file defines
a system-wide limit on the number of open files for all processes.
System calls that fail when encountering this limit fail with the error
.BR ENFILE .
(See also
.BR setrlimit (2),
which can be used by a process to set the per-process limit,
.BR RLIMIT_NOFILE ,
on the number of files it may open.)
If you get lots
of error messages in the kernel log about running out of file handles
(open file descriptions)
(look for "VFS: file\-max limit <number> reached"),
try increasing this value:
.IP
.in +4n
.EX
echo 100000 > /proc/sys/fs/file\-max
.EE
.in
.IP
Privileged processes
.RB ( CAP_SYS_ADMIN )
can override the
.I file\-max
limit.
.TP
.I /proc/sys/fs/file\-nr
This (read-only) file contains three numbers:
the number of allocated file handles
(i.e., the number of open file descriptions; see
.BR open (2));
the number of free file handles;
and the maximum number of file handles (i.e., the same value as
.IR /proc/sys/fs/file\-max ).
If the number of allocated file handles is close to the
maximum, you should consider increasing the maximum.
Before Linux 2.6,
the kernel allocated file handles dynamically,
but it didn't free them again.
Instead the free file handles were kept in a list for reallocation;
the "free file handles" value indicates the size of that list.
A large number of free file handles indicates that there was
a past peak in the usage of open file handles.
Since Linux 2.6, the kernel does deallocate freed file handles,
and the "free file handles" value is always zero.
.TP
.IR /proc/sys/fs/inode\-max " (only present until Linux 2.2)"
This file contains the maximum number of in-memory inodes.
This value should be 3\(en4 times larger
than the value in
.IR file\-max ,
since \fIstdin\fP, \fIstdout\fP
and network sockets also need an inode to handle them.
When you regularly run out of inodes, you need to increase this value.
.IP
Starting with Linux 2.4,
there is no longer a static limit on the number of inodes,
and this file is removed.
.TP
.I /proc/sys/fs/inode\-nr
This file contains the first two values from
.IR inode\-state .
.TP
.I /proc/sys/fs/inode\-state
This file
contains seven numbers:
.IR nr_inodes ,
.IR nr_free_inodes ,
.IR preshrink ,
and four dummy values (always zero).
.IP
.I nr_inodes
is the number of inodes the system has allocated.
.\" This can be slightly more than
.\" .I inode\-max
.\" because Linux allocates them one page full at a time.
.I nr_free_inodes
represents the number of free inodes.
.IP
.I preshrink
is nonzero when the
.I nr_inodes
>
.I inode\-max
and the system needs to prune the inode list instead of allocating more;
since Linux 2.4, this field is a dummy value (always zero).
.TP
.IR /proc/sys/fs/inotify " (since Linux 2.6.13)"
This directory contains files
.IR max_queued_events ", " max_user_instances ", and " max_user_watches ,
that can be used to limit the amount of kernel memory consumed by the
.I inotify
interface.
For further details, see
.BR inotify (7).
.TP
.I /proc/sys/fs/lease\-break\-time
This file specifies the grace period that the kernel grants to a process
holding a file lease
.RB ( fcntl (2))
after it has sent a signal to that process notifying it
that another process is waiting to open the file.
If the lease holder does not remove or downgrade the lease within
this grace period, the kernel forcibly breaks the lease.
.TP
.I /proc/sys/fs/leases\-enable
This file can be used to enable or disable file leases
.RB ( fcntl (2))
on a system-wide basis.
If this file contains the value 0, leases are disabled.
A nonzero value enables leases.
.TP
.IR /proc/sys/fs/mount\-max " (since Linux 4.9)"
.\" commit d29216842a85c7970c536108e093963f02714498
The value in this file specifies the maximum number of mounts that may exist
in a mount namespace.
The default value in this file is 100,000.
.TP
.IR /proc/sys/fs/mqueue " (since Linux 2.6.6)"
This directory contains files
.IR msg_max ", " msgsize_max ", and " queues_max ,
controlling the resources used by POSIX message queues.
See
.BR mq_overview (7)
for details.
.TP
.IR /proc/sys/fs/nr_open " (since Linux 2.6.25)"
.\" commit 9cfe015aa424b3c003baba3841a60dd9b5ad319b
This file imposes a ceiling on the value to which the
.BR RLIMIT_NOFILE
resource limit can be raised (see
.BR getrlimit (2)).
This ceiling is enforced for both unprivileged and privileged process.
The default value in this file is 1048576.
(Before Linux 2.6.25, the ceiling for
.BR RLIMIT_NOFILE
was hard-coded to the same value.)
.TP
.IR /proc/sys/fs/overflowgid " and " /proc/sys/fs/overflowuid
These files
allow you to change the value of the fixed UID and GID.
The default is 65534.
Some filesystems support only 16-bit UIDs and GIDs, although in Linux
UIDs and GIDs are 32 bits.
When one of these filesystems is mounted
with writes enabled, any UID or GID that would exceed 65535 is translated
to the overflow value before being written to disk.
.TP
.IR /proc/sys/fs/pipe\-max\-size " (since Linux 2.6.35)"
See
.BR pipe (7).
.TP
.IR /proc/sys/fs/pipe\-user\-pages\-hard " (since Linux 4.5)"
See
.BR pipe (7).
.TP
.IR /proc/sys/fs/pipe\-user\-pages\-soft " (since Linux 4.5)"
See
.BR pipe (7).
.TP
.IR /proc/sys/fs/protected_fifos " (since Linux 4.19)"
The value in this file is/can be set to one of the following:
.RS
.TP 4
0
Writing to FIFOs is unrestricted.
.TP
1
Don't allow
.B O_CREAT
.BR open (2)
on FIFOs that the caller doesn't own in world-writable sticky directories,
unless the FIFO is owned by the owner of the directory.
.TP
2
As for the value 1,
but the restriction also applies to group-writable sticky directories.
.RE
.IP
The intent of the above protections is to avoid unintentional writes to an
attacker-controlled FIFO when a program expected to create a regular file.
.TP
.IR /proc/sys/fs/protected_hardlinks " (since Linux 3.6)"
.\" commit 800179c9b8a1e796e441674776d11cd4c05d61d7
When the value in this file is 0,
no restrictions are placed on the creation of hard links
(i.e., this is the historical behavior before Linux 3.6).
When the value in this file is 1,
a hard link can be created to a target file
only if one of the following conditions is true:
.RS
.IP * 3
The calling process has the
.BR CAP_FOWNER
capability in its user namespace
and the file UID has a mapping in the namespace.
.IP *
The filesystem UID of the process creating the link matches
the owner (UID) of the target file
(as described in
.BR credentials (7),
a process's filesystem UID is normally the same as its effective UID).
.IP *
All of the following conditions are true:
.RS 4
.IP \(bu 3
the target is a regular file;
.IP \(bu
the target file does not have its set-user-ID mode bit enabled;
.IP \(bu
the target file does not have both its set-group-ID and
group-executable mode bits enabled; and
.IP \(bu
the caller has permission to read and write the target file
(either via the file's permissions mask or because it has
suitable capabilities).
.RE
.RE
.IP
The default value in this file is 0.
Setting the value to 1
prevents a longstanding class of security issues caused by
hard-link-based time-of-check, time-of-use races,
most commonly seen in world-writable directories such as
.IR /tmp .
The common method of exploiting this flaw
is to cross privilege boundaries when following a given hard link
(i.e., a root process follows a hard link created by another user).
Additionally, on systems without separated partitions,
this stops unauthorized users from "pinning" vulnerable set-user-ID and
set-group-ID files against being upgraded by
the administrator, or linking to special files.
.TP
.IR /proc/sys/fs/protected_regular " (since Linux 4.19)"
The value in this file is/can be set to one of the following:
.RS
.TP 4
0
Writing to regular files is unrestricted.
.TP
1
Don't allow
.B O_CREAT
.BR open (2)
on regular files that the caller doesn't own in
world-writable sticky directories,
unless the regular file is owned by the owner of the directory.
.TP
2
As for the value 1,
but the restriction also applies to group-writable sticky directories.
.RE
.IP
The intent of the above protections is similar to
.IR protected_fifos ,
but allows an application to
avoid writes to an attacker-controlled regular file,
where the application expected to create one.
.TP
.IR /proc/sys/fs/protected_symlinks " (since Linux 3.6)"
.\" commit 800179c9b8a1e796e441674776d11cd4c05d61d7
When the value in this file is 0,
no restrictions are placed on following symbolic links
(i.e., this is the historical behavior before Linux 3.6).
When the value in this file is 1, symbolic links are followed only
in the following circumstances:
.RS
.IP * 3
the filesystem UID of the process following the link matches
the owner (UID) of the symbolic link
(as described in
.BR credentials (7),
a process's filesystem UID is normally the same as its effective UID);
.IP *
the link is not in a sticky world-writable directory; or
.IP *
the symbolic link and its parent directory have the same owner (UID)
.RE
.IP
A system call that fails to follow a symbolic link
because of the above restrictions returns the error
.BR EACCES
in
.IR errno .
.IP
The default value in this file is 0.
Setting the value to 1 avoids a longstanding class of security issues
based on time-of-check, time-of-use races when accessing symbolic links.
.TP
.IR /proc/sys/fs/suid_dumpable " (since Linux 2.6.13)"
.\" The following is based on text from Documentation/sysctl/kernel.txt
The value in this file is assigned to a process's "dumpable" flag
in the circumstances described in
.BR prctl (2).
In effect,
the value in this file determines whether core dump files are
produced for set-user-ID or otherwise protected/tainted binaries.
The "dumpable" setting also affects the ownership of files in a process's
.IR /proc/[pid]
directory, as described above.
.IP
Three different integer values can be specified:
.RS
.TP
\fI0\ (default)\fP
.\" In kernel source: SUID_DUMP_DISABLE
This provides the traditional (pre-Linux 2.6.13) behavior.
A core dump will not be produced for a process which has
changed credentials (by calling
.BR seteuid (2),
.BR setgid (2),
or similar, or by executing a set-user-ID or set-group-ID program)
or whose binary does not have read permission enabled.
.TP
\fI1\ ("debug")\fP
.\" In kernel source: SUID_DUMP_USER
All processes dump core when possible.
(Reasons why a process might nevertheless not dump core are described in
.BR core (5).)
The core dump is owned by the filesystem user ID of the dumping process
and no security is applied.
This is intended for system debugging situations only:
this mode is insecure because it allows unprivileged users to
examine the memory contents of privileged processes.
.TP
\fI2\ ("suidsafe")\fP
.\" In kernel source: SUID_DUMP_ROOT
Any binary which normally would not be dumped (see "0" above)
is dumped readable by root only.
This allows the user to remove the core dump file but not to read it.
For security reasons core dumps in this mode will not overwrite one
another or other files.
This mode is appropriate when administrators are
attempting to debug problems in a normal environment.
.IP
Additionally, since Linux 3.6,
.\" 9520628e8ceb69fa9a4aee6b57f22675d9e1b709
.I /proc/sys/kernel/core_pattern
must either be an absolute pathname
or a pipe command, as detailed in
.BR core (5).
Warnings will be written to the kernel log if
.I core_pattern
does not follow these rules, and no core dump will be produced.
.\" 54b501992dd2a839e94e76aa392c392b55080ce8
.RE
.IP
For details of the effect of a process's "dumpable" setting
on ptrace access mode checking, see
.BR ptrace (2).
.TP
.I /proc/sys/fs/super\-max
This file
controls the maximum number of superblocks, and
thus the maximum number of mounted filesystems the kernel
can have.
You need increase only
.I super\-max
if you need to mount more filesystems than the current value in
.I super\-max
allows you to.
.TP
.I /proc/sys/fs/super\-nr
This file
contains the number of filesystems currently mounted.
.TP
.I /proc/sys/kernel
This directory contains files controlling a range of kernel parameters,
as described below.
.TP
.I /proc/sys/kernel/acct
This file
contains three numbers:
.IR highwater ,
.IR lowwater ,
and
.IR frequency .
If BSD-style process accounting is enabled, these values control
its behavior.
If free space on filesystem where the log lives goes below
.I lowwater
percent, accounting suspends.
If free space gets above
.I highwater
percent, accounting resumes.
.I frequency
determines
how often the kernel checks the amount of free space (value is in
seconds).
Default values are 4, 2, and 30.
That is, suspend accounting if 2% or less space is free; resume it
if 4% or more space is free; consider information about amount of free space
valid for 30 seconds.
.TP
.IR /proc/sys/kernel/auto_msgmni " (Linux 2.6.27 to 3.18)"
.\" commit 9eefe520c814f6f62c5d36a2ddcd3fb99dfdb30e (introduces feature)
.\" commit 0050ee059f7fc86b1df2527aaa14ed5dc72f9973 (rendered redundant)
From Linux 2.6.27 to 3.18,
this file was used to control recomputing of the value in
.IR /proc/sys/kernel/msgmni
upon the addition or removal of memory or upon IPC namespace creation/removal.
Echoing "1" into this file enabled
.I msgmni
automatic recomputing (and triggered a recomputation of
.I msgmni
based on the current amount of available memory and number of IPC namespaces).
Echoing "0" disabled automatic recomputing.
(Automatic recomputing was also disabled if a value was explicitly assigned to
.IR /proc/sys/kernel/msgmni .)
The default value in
.I auto_msgmni
was 1.
.IP
Since Linux 3.19, the content of this file has no effect (because
.IR msgmni
.\" FIXME Must document the 3.19 'msgmni' changes.
defaults to near the maximum value possible),
and reads from this file always return the value "0".
.TP
.IR /proc/sys/kernel/cap_last_cap " (since Linux 3.2)"
See
.BR capabilities (7).
.TP
.IR /proc/sys/kernel/cap\-bound " (from Linux 2.2 to 2.6.24)"
This file holds the value of the kernel
.I "capability bounding set"
(expressed as a signed decimal number).
This set is ANDed against the capabilities permitted to a process
during
.BR execve (2).
Starting with Linux 2.6.25,
the system-wide capability bounding set disappeared,
and was replaced by a per-thread bounding set; see
.BR capabilities (7).
.TP
.I /proc/sys/kernel/core_pattern
See
.BR core (5).
.TP
.I /proc/sys/kernel/core_pipe_limit
See
.BR core (5).
.TP
.I /proc/sys/kernel/core_uses_pid
See
.BR core (5).
.TP
.I /proc/sys/kernel/ctrl\-alt\-del
This file
controls the handling of Ctrl-Alt-Del from the keyboard.
When the value in this file is 0, Ctrl-Alt-Del is trapped and
sent to the
.BR init (1)
program to handle a graceful restart.
When the value is greater than zero, Linux's reaction to a Vulcan
Nerve Pinch (tm) will be an immediate reboot, without even
syncing its dirty buffers.
Note: when a program (like dosemu) has the keyboard in "raw"
mode, the ctrl-alt-del is intercepted by the program before it
ever reaches the kernel tty layer, and it's up to the program
to decide what to do with it.
.TP
.IR /proc/sys/kernel/dmesg_restrict " (since Linux 2.6.37)"
The value in this file determines who can see kernel syslog contents.
A value of 0 in this file imposes no restrictions.
If the value is 1, only privileged users can read the kernel syslog.
(See
.BR syslog (2)
for more details.)
Since Linux 3.4,
.\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8
only users with the
.BR CAP_SYS_ADMIN
capability may change the value in this file.
.TP
.IR /proc/sys/kernel/domainname " and " /proc/sys/kernel/hostname
can be used to set the NIS/YP domainname and the
hostname of your box in exactly the same way as the commands
.BR domainname (1)
and
.BR hostname (1),
that is:
.IP
.in +4n
.EX
.RB "#" " echo \(aqdarkstar\(aq > /proc/sys/kernel/hostname"
.RB "#" " echo \(aqmydomain\(aq > /proc/sys/kernel/domainname"
.EE
.in
.IP
has the same effect as
.IP
.in +4n
.EX
.RB "#" " hostname \(aqdarkstar\(aq"
.RB "#" " domainname \(aqmydomain\(aq"
.EE
.in
.IP
Note, however, that the classic darkstar.frop.org has the
hostname "darkstar" and DNS (Internet Domain Name Server)
domainname "frop.org", not to be confused with the NIS (Network
Information Service) or YP (Yellow Pages) domainname.
These two
domain names are in general different.
For a detailed discussion
see the
.BR hostname (1)
man page.
.TP
.I /proc/sys/kernel/hotplug
This file
contains the pathname for the hotplug policy agent.
The default value in this file is
.IR /sbin/hotplug .
.TP
.\" Removed in commit 87f504e5c78b910b0c1d6ffb89bc95e492322c84 (tglx/history.git)
.IR /proc/sys/kernel/htab\-reclaim " (before Linux 2.4.9.2)"
(PowerPC only) If this file is set to a nonzero value,
the PowerPC htab
.\" removed in commit 1b483a6a7b2998e9c98ad985d7494b9b725bd228, before 2.6.28
(see kernel file
.IR Documentation/powerpc/ppc_htab.txt )
is pruned
each time the system hits the idle loop.
.TP
.IR /proc/sys/kernel/keys/*
This directory contains various files that define parameters and limits
for the key-management facility.
These files are described in
.BR keyrings (7).
.TP
.IR /proc/sys/kernel/kptr_restrict " (since Linux 2.6.38)"
.\" 455cd5ab305c90ffc422dd2e0fb634730942b257
The value in this file determines whether kernel addresses are exposed via
.I /proc
files and other interfaces.
A value of 0 in this file imposes no restrictions.
If the value is 1, kernel pointers printed using the
.I %pK
format specifier will be replaced with zeros unless the user has the
.BR CAP_SYSLOG
capability.
If the value is 2, kernel pointers printed using the
.I %pK
format specifier will be replaced with zeros regardless
of the user's capabilities.
The initial default value for this file was 1,
but the default was changed
.\" commit 411f05f123cbd7f8aa1edcae86970755a6e2a9d9
to 0 in Linux 2.6.39.
Since Linux 3.4,
.\" commit 620f6e8e855d6d447688a5f67a4e176944a084e8
only users with the
.BR CAP_SYS_ADMIN
capability can change the value in this file.
.TP
.I /proc/sys/kernel/l2cr
(PowerPC only) This file
contains a flag that controls the L2 cache of G3 processor
boards.
If 0, the cache is disabled.
Enabled if nonzero.
.TP
.I /proc/sys/kernel/modprobe
This file contains the pathname for the kernel module loader.
The default value is
.IR /sbin/modprobe .
The file is present only if the kernel is built with the
.B CONFIG_MODULES
.RB ( CONFIG_KMOD
in Linux 2.6.26 and earlier)
option enabled.
It is described by the Linux kernel source file
.I Documentation/kmod.txt
(present only in kernel 2.4 and earlier).
.TP
.IR /proc/sys/kernel/modules_disabled " (since Linux 2.6.31)"
.\" 3d43321b7015387cfebbe26436d0e9d299162ea1
.\" From Documentation/sysctl/kernel.txt
A toggle value indicating if modules are allowed to be loaded
in an otherwise modular kernel.
This toggle defaults to off (0), but can be set true (1).
Once true, modules can be neither loaded nor unloaded,
and the toggle cannot be set back to false.
The file is present only if the kernel is built with the
.B CONFIG_MODULES
option enabled.
.TP
.IR /proc/sys/kernel/msgmax " (since Linux 2.2)"
This file defines
a system-wide limit specifying the maximum number of bytes in
a single message written on a System V message queue.
.TP
.IR /proc/sys/kernel/msgmni " (since Linux 2.4)"
This file defines the system-wide limit on the number of
message queue identifiers.
See also
.IR /proc/sys/kernel/auto_msgmni .
.TP
.IR /proc/sys/kernel/msgmnb " (since Linux 2.2)"
This file defines a system-wide parameter used to initialize the
.I msg_qbytes
setting for subsequently created message queues.
The
.I msg_qbytes
setting specifies the maximum number of bytes that may be written to the
message queue.
.TP
.IR /proc/sys/kernel/ngroups_max " (since Linux 2.6.4)"
This is a read-only file that displays the upper limit on the
number of a process's group memberships.
.TP
.IR /proc/sys/kernel/ns_last_pid " (since Linux 3.3)"
See
.BR pid_namespaces (7).
.TP
.IR /proc/sys/kernel/ostype " and " /proc/sys/kernel/osrelease
These files
give substrings of
.IR /proc/version .
.TP
.IR /proc/sys/kernel/overflowgid " and " /proc/sys/kernel/overflowuid
These files duplicate the files
.I /proc/sys/fs/overflowgid
and
.IR /proc/sys/fs/overflowuid .
.TP
.I /proc/sys/kernel/panic
This file gives read/write access to the kernel variable
.IR panic_timeout .
If this is zero, the kernel will loop on a panic; if nonzero,
it indicates that the kernel should autoreboot after this number
of seconds.
When you use the
software watchdog device driver, the recommended setting is 60.
.TP
.IR /proc/sys/kernel/panic_on_oops " (since Linux 2.5.68)"
This file controls the kernel's behavior when an oops
or BUG is encountered.
If this file contains 0, then the system
tries to continue operation.
If it contains 1, then the system
delays a few seconds (to give klogd time to record the oops output)
and then panics.
If the
.I /proc/sys/kernel/panic
file is also nonzero, then the machine will be rebooted.
.TP
.IR /proc/sys/kernel/pid_max " (since Linux 2.5.34)"
This file specifies the value at which PIDs wrap around
(i.e., the value in this file is one greater than the maximum PID).
PIDs greater than this value are not allocated;
thus, the value in this file also acts as a system-wide limit
on the total number of processes and threads.
The default value for this file, 32768,
results in the same range of PIDs as on earlier kernels.
On 32-bit platforms, 32768 is the maximum value for
.IR pid_max .
On 64-bit systems,
.I pid_max
can be set to any value up to 2^22
.RB ( PID_MAX_LIMIT ,
approximately 4 million).
.\" Prior to 2.6.10, pid_max could also be raised above 32768 on 32-bit
.\" platforms, but this broke /proc/[pid]
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=109513010926152&w=2
.TP
.IR /proc/sys/kernel/powersave\-nap " (PowerPC only)"
This file contains a flag.
If set, Linux-PPC will use the "nap" mode of
powersaving,
otherwise the "doze" mode will be used.
.TP
.I /proc/sys/kernel/printk
See
.BR syslog (2).
.TP
.IR /proc/sys/kernel/pty " (since Linux 2.6.4)"
This directory contains two files relating to the number of UNIX 98
pseudoterminals (see
.BR pts (4))
on the system.
.TP
.I /proc/sys/kernel/pty/max
This file defines the maximum number of pseudoterminals.
.\" FIXME Document /proc/sys/kernel/pty/reserve
.\"     New in Linux 3.3
.\"     commit e9aba5158a80098447ff207a452a3418ae7ee386
.TP
.I /proc/sys/kernel/pty/nr
This read-only file
indicates how many pseudoterminals are currently in use.
.TP
.I /proc/sys/kernel/random
This directory
contains various parameters controlling the operation of the file
.IR /dev/random .
See
.BR random (4)
for further information.
.TP
.IR /proc/sys/kernel/random/uuid " (since Linux 2.4)"
Each read from this read-only file returns a randomly generated 128-bit UUID,
as a string in the standard UUID format.
.TP
.IR /proc/sys/kernel/randomize_va_space " (since Linux 2.6.12)"
.\" Some further details can be found in Documentation/sysctl/kernel.txt
Select the address space layout randomization (ASLR) policy for the system
(on architectures that support ASLR).
Three values are supported for this file:
.RS
.IP 0 3
Turn ASLR off.
This is the default for architectures that don't support ASLR,
and when the kernel is booted with the
.I norandmaps
parameter.
.IP 1
Make the addresses of
.BR mmap (2)
allocations, the stack, and the VDSO page randomized.
Among other things, this means that shared libraries will be
loaded at randomized addresses.
The text segment of PIE-linked binaries will also be loaded
at a randomized address.
This value is the default if the kernel was configured with
.BR CONFIG_COMPAT_BRK .
.IP 2
(Since Linux 2.6.25)
.\" commit c1d171a002942ea2d93b4fbd0c9583c56fce0772
Also support heap randomization.
This value is the default if the kernel was not configured with
.BR CONFIG_COMPAT_BRK .
.RE
.TP
.I /proc/sys/kernel/real\-root\-dev
This file is documented in the Linux kernel source file
.I Documentation/admin\-guide/initrd.rst
.\" commit 9d85025b0418163fae079c9ba8f8445212de8568
(or
.I Documentation/initrd.txt
before Linux 4.10).
.TP
.IR /proc/sys/kernel/reboot\-cmd " (Sparc only)"
This file seems to be a way to give an argument to the SPARC
ROM/Flash boot loader.
Maybe to tell it what to do after
rebooting?
.TP
.I /proc/sys/kernel/rtsig\-max
(Only in kernels up to and including 2.6.7; see
.BR setrlimit (2))
This file can be used to tune the maximum number
of POSIX real-time (queued) signals that can be outstanding
in the system.
.TP
.I /proc/sys/kernel/rtsig\-nr
(Only in kernels up to and including 2.6.7.)
This file shows the number of POSIX real-time signals currently queued.
.TP
.IR /proc/[pid]/sched_autogroup_enabled " (since Linux 2.6.38)"
.\" commit 5091faa449ee0b7d73bc296a93bca9540fc51d0a
See
.BR sched (7).
.TP
.IR /proc/sys/kernel/sched_child_runs_first " (since Linux 2.6.23)"
If this file contains the value zero, then, after a
.BR fork (2),
the parent is first scheduled on the CPU.
If the file contains a nonzero value,
then the child is scheduled first on the CPU.
(Of course, on a multiprocessor system,
the parent and the child might both immediately be scheduled on a CPU.)
.TP
.IR /proc/sys/kernel/sched_rr_timeslice_ms " (since Linux 3.9)"
See
.BR sched_rr_get_interval (2).
.TP
.IR /proc/sys/kernel/sched_rt_period_us " (since Linux 2.6.25)"
See
.BR sched (7).
.TP
.IR /proc/sys/kernel/sched_rt_runtime_us " (since Linux 2.6.25)"
See
.BR sched (7).
.TP
.IR /proc/sys/kernel/seccomp " (since Linux 4.14)"
.\" commit 8e5f1ad116df6b0de65eac458d5e7c318d1c05af
This directory provides additional seccomp information and
configuration.
See
.BR seccomp (2)
for further details.
.TP
.IR /proc/sys/kernel/sem " (since Linux 2.4)"
This file contains 4 numbers defining limits for System V IPC semaphores.
These fields are, in order:
.RS
.IP SEMMSL 8
The maximum semaphores per semaphore set.
.IP SEMMNS 8
A system-wide limit on the number of semaphores in all semaphore sets.
.IP SEMOPM 8
The maximum number of operations that may be specified in a
.BR semop (2)
call.
.IP SEMMNI 8
A system-wide limit on the maximum number of semaphore identifiers.
.RE
.TP
.I /proc/sys/kernel/sg\-big\-buff
This file
shows the size of the generic SCSI device (sg) buffer.
You can't tune it just yet, but you could change it at
compile time by editing
.I include/scsi/sg.h
and changing
the value of
.BR SG_BIG_BUFF .
However, there shouldn't be any reason to change this value.
.TP
.IR /proc/sys/kernel/shm_rmid_forced " (since Linux 3.1)"
.\" commit b34a6b1da371ed8af1221459a18c67970f7e3d53
.\" See also Documentation/sysctl/kernel.txt
If this file is set to 1, all System V shared memory segments will
be marked for destruction as soon as the number of attached processes
falls to zero;
in other words, it is no longer possible to create shared memory segments
that exist independently of any attached process.
.IP
The effect is as though a
.BR shmctl (2)
.B IPC_RMID
is performed on all existing segments as well as all segments
created in the future (until this file is reset to 0).
Note that existing segments that are attached to no process will be
immediately destroyed when this file is set to 1.
Setting this option will also destroy segments that were created,
but never attached,
upon termination of the process that created the segment with
.BR shmget (2).
.IP
Setting this file to 1 provides a way of ensuring that
all System V shared memory segments are counted against the
resource usage and resource limits (see the description of
.B RLIMIT_AS
in
.BR getrlimit (2))
of at least one process.
.IP
Because setting this file to 1 produces behavior that is nonstandard
and could also break existing applications,
the default value in this file is 0.
Set this file to 1 only if you have a good understanding
of the semantics of the applications using
System V shared memory on your system.
.TP
.IR /proc/sys/kernel/shmall " (since Linux 2.2)"
This file
contains the system-wide limit on the total number of pages of
System V shared memory.
.TP
.IR /proc/sys/kernel/shmmax " (since Linux 2.2)"
This file
can be used to query and set the run-time limit
on the maximum (System V IPC) shared memory segment size that can be
created.
Shared memory segments up to 1 GB are now supported in the
kernel.
This value defaults to
.BR SHMMAX .
.TP
.IR /proc/sys/kernel/shmmni " (since Linux 2.4)"
This file
specifies the system-wide maximum number of System V shared memory
segments that can be created.
.TP
.IR /proc/sys/kernel/sysctl_writes_strict " (since Linux 3.16)"
.\" commit f88083005ab319abba5d0b2e4e997558245493c8
.\" commit 2ca9bb456ada8bcbdc8f77f8fc78207653bbaa92
.\" commit f4aacea2f5d1a5f7e3154e967d70cf3f711bcd61
.\" commit 24fe831c17ab8149413874f2fd4e5c8a41fcd294
The value in this file determines how the file offset affects
the behavior of updating entries in files under
.IR /proc/sys .
The file has three possible values:
.RS
.TP 4
\-1
This provides legacy handling, with no printk warnings.
Each
.BR write (2)
must fully contain the value to be written,
and multiple writes on the same file descriptor
will overwrite the entire value, regardless of the file position.
.TP
0
(default) This provides the same behavior as for \-1,
but printk warnings are written for processes that
perform writes when the file offset is not 0.
.TP
1
Respect the file offset when writing strings into
.I /proc/sys
files.
Multiple writes will
.I append
to the value buffer.
Anything written beyond the maximum length
of the value buffer will be ignored.
Writes to numeric
.I /proc/sys
entries must always be at file offset 0 and the value must be
fully contained in the buffer provided to
.BR write (2).
.\" FIXME .
.\"     With /proc/sys/kernel/sysctl_writes_strict==1, writes at an
.\"     offset other than 0 do not generate an error. Instead, the
.\"     write() succeeds, but the file is left unmodified.
.\"     This is surprising. The behavior may change in the future.
.\"     See thread.gmane.org/gmane.linux.man/9197
.\"		From: Michael Kerrisk (man-pages <mtk.manpages@...>
.\"		Subject: sysctl_writes_strict documentation + an oddity?
.\"		Newsgroups: gmane.linux.man, gmane.linux.kernel
.\"		Date: 2015-05-09 08:54:11 GMT
.RE
.TP
.I /proc/sys/kernel/sysrq
This file controls the functions allowed to be invoked by the SysRq key.
By default,
the file contains 1 meaning that every possible SysRq request is allowed
(in older kernel versions, SysRq was disabled by default,
and you were required to specifically enable it at run-time,
but this is not the case any more).
Possible values in this file are:
.RS
.TP 5
0
Disable sysrq completely
.TP
1
Enable all functions of sysrq
.TP
> 1
Bit mask of allowed sysrq functions, as follows:
.PD 0
.RS
.TP 5
\ \ 2
Enable control of console logging level
.TP
\ \ 4
Enable control of keyboard (SAK, unraw)
.TP
\ \ 8
Enable debugging dumps of processes etc.
.TP
\ 16
Enable sync command
.TP
\ 32
Enable remount read-only
.TP
\ 64
Enable signaling of processes (term, kill, oom-kill)
.TP
128
Allow reboot/poweroff
.TP
256
Allow nicing of all real-time tasks
.RE
.PD
.RE
.IP
This file is present only if the
.B CONFIG_MAGIC_SYSRQ
kernel configuration option is enabled.
For further details see the Linux kernel source file
.I Documentation/admin\-guide/sysrq.rst
.\" commit 9d85025b0418163fae079c9ba8f8445212de8568
(or
.I Documentation/sysrq.txt
before Linux 4.10).
.TP
.I /proc/sys/kernel/version
This file contains a string such as:
.IP
    #5 Wed Feb 25 21:49:24 MET 1998
.IP
The "#5" means that
this is the fifth kernel built from this source base and the
date following it indicates the time the kernel was built.
.TP
.IR /proc/sys/kernel/threads\-max " (since Linux 2.3.11)"
.\" The following is based on Documentation/sysctl/kernel.txt
This file specifies the system-wide limit on the number of
threads (tasks) that can be created on the system.
.IP
Since Linux 4.1,
.\" commit 230633d109e35b0a24277498e773edeb79b4a331
the value that can be written to
.I threads\-max
is bounded.
The minimum value that can be written is 20.
The maximum value that can be written is given by the
constant
.B FUTEX_TID_MASK
(0x3fffffff).
If a value outside of this range is written to
.IR threads\-max ,
the error
.B EINVAL
occurs.
.IP
The value written is checked against the available RAM pages.
If the thread structures would occupy too much (more than 1/8th)
of the available RAM pages,
.I threads\-max
is reduced accordingly.
.TP
.IR /proc/sys/kernel/yama/ptrace_scope " (since Linux 3.5)"
See
.BR ptrace (2).
.TP
.IR /proc/sys/kernel/zero\-paged " (PowerPC only)"
This file
contains a flag.
When enabled (nonzero), Linux-PPC will pre-zero pages in
the idle loop, possibly speeding up get_free_pages.
.TP
.I /proc/sys/net
This directory contains networking stuff.
Explanations for some of the files under this directory can be found in
.BR tcp (7)
and
.BR ip (7).
.TP
.I /proc/sys/net/core/bpf_jit_enable
See
.BR bpf (2).
.TP
.I /proc/sys/net/core/somaxconn
This file defines a ceiling value for the
.I backlog
argument of
.BR listen (2);
see the
.BR listen (2)
manual page for details.
.TP
.I /proc/sys/proc
This directory may be empty.
.TP
.I /proc/sys/sunrpc
This directory supports Sun remote procedure call for network filesystem
(NFS).
On some systems, it is not present.
.TP
.IR /proc/sys/user " (since Linux 4.9)"
See
.BR namespaces (7).
.TP
.I /proc/sys/vm
This directory contains files for memory management tuning, buffer, and
cache management.
.TP
.IR /proc/sys/vm/admin_reserve_kbytes " (since Linux 3.10)"
.\" commit 4eeab4f5580d11bffedc697684b91b0bca0d5009
This file defines the amount of free memory (in KiB) on the system that
should be reserved for users with the capability
.BR CAP_SYS_ADMIN .
.IP
The default value in this file is the minimum of [3% of free pages, 8MiB]
expressed as KiB.
The default is intended to provide enough for the superuser
to log in and kill a process, if necessary,
under the default overcommit 'guess' mode (i.e., 0 in
.IR /proc/sys/vm/overcommit_memory ).
.IP
Systems running in "overcommit never" mode (i.e., 2 in
.IR /proc/sys/vm/overcommit_memory )
should increase the value in this file to account
for the full virtual memory size of the programs used to recover (e.g.,
.BR login (1)
.BR ssh (1),
and
.BR top (1))
Otherwise, the superuser may not be able to log in to recover the system.
For example, on x86-64 a suitable value is 131072 (128MiB reserved).
.IP
Changing the value in this file takes effect whenever
an application requests memory.
.TP
.IR /proc/sys/vm/compact_memory " (since Linux 2.6.35)"
When 1 is written to this file, all zones are compacted such that free
memory is available in contiguous blocks where possible.
The effect of this action can be seen by examining
.IR /proc/buddyinfo .
.IP
Present only if the kernel was configured with
.BR CONFIG_COMPACTION .
.TP
.IR /proc/sys/vm/drop_caches " (since Linux 2.6.16)"
Writing to this file causes the kernel to drop clean caches, dentries, and
inodes from memory, causing that memory to become free.
This can be useful for memory management testing and
performing reproducible filesystem benchmarks.
Because writing to this file causes the benefits of caching to be lost,
it can degrade overall system performance.
.IP
To free pagecache, use:
.IP
    echo 1 > /proc/sys/vm/drop_caches
.IP
To free dentries and inodes, use:
.IP
    echo 2 > /proc/sys/vm/drop_caches
.IP
To free pagecache, dentries, and inodes, use:
.IP
    echo 3 > /proc/sys/vm/drop_caches
.IP
Because writing to this file is a nondestructive operation and dirty objects
are not freeable, the
user should run
.BR sync (1)
first.
.TP
.IR  /proc/sys/vm/sysctl_hugetlb_shm_group " (since Linux 2.6.7)"
This writable file contains a group ID that is allowed
to allocate memory using huge pages.
If a process has a filesystem group ID or any supplementary group ID that
matches this group ID,
then it can make huge-page allocations without holding the
.BR CAP_IPC_LOCK
capability; see
.BR memfd_create (2),
.BR mmap (2),
and
.BR shmget (2).
.TP
.IR /proc/sys/vm/legacy_va_layout " (since Linux 2.6.9)"
.\" The following is from Documentation/filesystems/proc.txt
If nonzero, this disables the new 32-bit memory-mapping layout;
the kernel will use the legacy (2.4) layout for all processes.
.TP
.IR /proc/sys/vm/memory_failure_early_kill " (since Linux 2.6.32)"
.\" The following is based on the text in Documentation/sysctl/vm.txt
Control how to kill processes when an uncorrected memory error
(typically a 2-bit error in a memory module)
that cannot be handled by the kernel
is detected in the background by hardware.
In some cases (like the page still having a valid copy on disk),
the kernel will handle the failure
transparently without affecting any applications.
But if there is no other up-to-date copy of the data,
it will kill processes to prevent any data corruptions from propagating.
.IP
The file has one of the following values:
.RS
.IP 1: 4
Kill all processes that have the corrupted-and-not-reloadable page mapped
as soon as the corruption is detected.
Note that this is not supported for a few types of pages,
such as kernel internally
allocated data or the swap cache, but works for the majority of user pages.
.IP 0: 4
Unmap the corrupted page from all processes and kill a process
only if it tries to access the page.
.RE
.IP
The kill is performed using a
.B SIGBUS
signal with
.I si_code
set to
.BR BUS_MCEERR_AO .
Processes can handle this if they want to; see
.BR sigaction (2)
for more details.
.IP
This feature is active only on architectures/platforms with advanced machine
check handling and depends on the hardware capabilities.
.IP
Applications can override the
.I memory_failure_early_kill
setting individually with the
.BR prctl (2)
.B PR_MCE_KILL
operation.
.IP
Present only if the kernel was configured with
.BR CONFIG_MEMORY_FAILURE .
.TP
.IR /proc/sys/vm/memory_failure_recovery " (since Linux 2.6.32)"
.\" The following is based on the text in Documentation/sysctl/vm.txt
Enable memory failure recovery (when supported by the platform).
.RS
.IP 1: 4
Attempt recovery.
.IP 0: 4
Always panic on a memory failure.
.RE
.IP
Present only if the kernel was configured with
.BR CONFIG_MEMORY_FAILURE .
.TP
.IR /proc/sys/vm/oom_dump_tasks " (since Linux 2.6.25)"
.\" The following is from Documentation/sysctl/vm.txt
Enables a system-wide task dump (excluding kernel threads) to be
produced when the kernel performs an OOM-killing.
The dump includes the following information
for each task (thread, process):
thread ID, real user ID, thread group ID (process ID),
virtual memory size, resident set size,
the CPU that the task is scheduled on,
oom_adj score (see the description of
.IR /proc/[pid]/oom_adj ),
and command name.
This is helpful to determine why the OOM-killer was invoked
and to identify the rogue task that caused it.
.IP
If this contains the value zero, this information is suppressed.
On very large systems with thousands of tasks,
it may not be feasible to dump the memory state information for each one.
Such systems should not be forced to incur a performance penalty in
OOM situations when the information may not be desired.
.IP
If this is set to nonzero, this information is shown whenever the
OOM-killer actually kills a memory-hogging task.
.IP
The default value is 0.
.TP
.IR /proc/sys/vm/oom_kill_allocating_task " (since Linux 2.6.24)"
.\" The following is from Documentation/sysctl/vm.txt
This enables or disables killing the OOM-triggering task in
out-of-memory situations.
.IP
If this is set to zero, the OOM-killer will scan through the entire
tasklist and select a task based on heuristics to kill.
This normally selects a rogue memory-hogging task that
frees up a large amount of memory when killed.
.IP
If this is set to nonzero, the OOM-killer simply kills the task that
triggered the out-of-memory condition.
This avoids a possibly expensive tasklist scan.
.IP
If
.I /proc/sys/vm/panic_on_oom
is nonzero, it takes precedence over whatever value is used in
.IR /proc/sys/vm/oom_kill_allocating_task .
.IP
The default value is 0.
.TP
.IR /proc/sys/vm/overcommit_kbytes " (since Linux 3.14)"
.\" commit 49f0ce5f92321cdcf741e35f385669a421013cb7
This writable file provides an alternative to
.IR /proc/sys/vm/overcommit_ratio
for controlling the
.I CommitLimit
when
.IR /proc/sys/vm/overcommit_memory
has the value 2.
It allows the amount of memory overcommitting to be specified as
an absolute value (in kB),
rather than as a percentage, as is done with
.IR overcommit_ratio .
This allows for finer-grained control of
.IR CommitLimit
on systems with extremely large memory sizes.
.IP
Only one of
.IR overcommit_kbytes
or
.IR overcommit_ratio
can have an effect:
if
.IR overcommit_kbytes
has a nonzero value, then it is used to calculate
.IR CommitLimit ,
otherwise
.IR overcommit_ratio
is used.
Writing a value to either of these files causes the
value in the other file to be set to zero.
.TP
.I /proc/sys/vm/overcommit_memory
This file contains the kernel virtual memory accounting mode.
Values are:
.RS
.IP
0: heuristic overcommit (this is the default)
.br
1: always overcommit, never check
.br
2: always check, never overcommit
.RE
.IP
In mode 0, calls of
.BR mmap (2)
with
.B MAP_NORESERVE
are not checked, and the default check is very weak,
leading to the risk of getting a process "OOM-killed".
.IP
In mode 1, the kernel pretends there is always enough memory,
until memory actually runs out.
One use case for this mode is scientific computing applications
that employ large sparse arrays.
In Linux kernel versions before 2.6.0, any nonzero value implies mode 1.
.IP
In mode 2 (available since Linux 2.6), the total virtual address space
that can be allocated
.RI ( CommitLimit
in
.IR /proc/meminfo )
is calculated as
.IP
    CommitLimit = (total_RAM \- total_huge_TLB) *
                  overcommit_ratio / 100 + total_swap
.IP
where:
.RS 12
.IP * 3
.I total_RAM
is the total amount of RAM on the system;
.IP *
.I total_huge_TLB
is the amount of memory set aside for huge pages;
.IP *
.I overcommit_ratio
is the value in
.IR /proc/sys/vm/overcommit_ratio ;
and
.IP *
.I total_swap
is the amount of swap space.
.RE
.IP
For example, on a system with 16 GB of physical RAM, 16 GB
of swap, no space dedicated to huge pages, and an
.I overcommit_ratio
of 50, this formula yields a
.I CommitLimit
of 24 GB.
.IP
Since Linux 3.14, if the value in
.I /proc/sys/vm/overcommit_kbytes
is nonzero, then
.I CommitLimit
is instead calculated as:
.IP
    CommitLimit = overcommit_kbytes + total_swap
.IP
See also the description of
.IR /proc/sys/vm/admin_reserve_kbytes
and
.IR /proc/sys/vm/user_reserve_kbytes .
.TP
.IR /proc/sys/vm/overcommit_ratio " (since Linux 2.6.0)"
This writable file defines a percentage by which memory
can be overcommitted.
The default value in the file is 50.
See the description of
.IR /proc/sys/vm/overcommit_memory .
.TP
.IR /proc/sys/vm/panic_on_oom " (since Linux 2.6.18)"
.\" The following is adapted from Documentation/sysctl/vm.txt
This enables or disables a kernel panic in
an out-of-memory situation.
.IP
If this file is set to the value 0,
the kernel's OOM-killer will kill some rogue process.
Usually, the OOM-killer is able to kill a rogue process and the
system will survive.
.IP
If this file is set to the value 1,
then the kernel normally panics when out-of-memory happens.
However, if a process limits allocations to certain nodes
using memory policies
.RB ( mbind (2)
.BR MPOL_BIND )
or cpusets
.RB ( cpuset (7))
and those nodes reach memory exhaustion status,
one process may be killed by the OOM-killer.
No panic occurs in this case:
because other nodes' memory may be free,
this means the system as a whole may not have reached
an out-of-memory situation yet.
.IP
If this file is set to the value 2,
the kernel always panics when an out-of-memory condition occurs.
.IP
The default value is 0.
1 and 2 are for failover of clustering.
Select either according to your policy of failover.
.TP
.IR /proc/sys/vm/swappiness
.\" The following is from Documentation/sysctl/vm.txt
The value in this file controls how aggressively the kernel will swap
memory pages.
Higher values increase aggressiveness, lower values
decrease aggressiveness.
The default value is 60.
.TP
.IR /proc/sys/vm/user_reserve_kbytes " (since Linux 3.10)"
.\" commit c9b1d0981fcce3d9976d7b7a56e4e0503bc610dd
Specifies an amount of memory (in KiB) to reserve for user processes.
This is intended to prevent a user from starting a single memory hogging
process, such that they cannot recover (kill the hog).
The value in this file has an effect only when
.IR /proc/sys/vm/overcommit_memory
is set to 2 ("overcommit never" mode).
In this case, the system reserves an amount of memory that is the minimum
of [3% of current process size,
.IR user_reserve_kbytes ].
.IP
The default value in this file is the minimum of [3% of free pages, 128MiB]
expressed as KiB.
.IP
If the value in this file is set to zero,
then a user will be allowed to allocate all free memory with a single process
(minus the amount reserved by
.IR /proc/sys/vm/admin_reserve_kbytes ).
Any subsequent attempts to execute a command will result in
"fork: Cannot allocate memory".
.IP
Changing the value in this file takes effect whenever
an application requests memory.
.TP
.IR /proc/sys/vm/unprivileged_userfaultfd " (since Linux 5.2)"
.\" cefdca0a86be517bc390fc4541e3674b8e7803b0
This (writable) file exposes a flag that controls whether
unprivileged processes are allowed to employ
.BR userfaultfd (2).
If this file has the value 1, then unprivileged processes may use
.BR userfaultfd (2).
If this file has the value 0, then only processes that have the
.B CAP_SYS_PTRACE
capability may employ
.BR userfaultfd (2).
The default value in this file is 1.
.TP
.IR /proc/sysrq\-trigger " (since Linux 2.4.21)"
Writing a character to this file triggers the same SysRq function as
typing ALT-SysRq-<character> (see the description of
.IR /proc/sys/kernel/sysrq ).
This file is normally writable only by
.IR root .
For further details see the Linux kernel source file
.I Documentation/admin\-guide/sysrq.rst
.\" commit 9d85025b0418163fae079c9ba8f8445212de8568
(or
.I Documentation/sysrq.txt
before Linux 4.10).
.TP
.I /proc/sysvipc
Subdirectory containing the pseudo-files
.IR msg ", " sem " and " shm "."
These files list the System V Interprocess Communication (IPC) objects
(respectively: message queues, semaphores, and shared memory)
that currently exist on the system,
providing similar information to that available via
.BR ipcs (1).
These files have headers and are formatted (one IPC object per line)
for easy understanding.
.BR sysvipc (7)
provides further background on the information shown by these files.
.TP
.IR /proc/thread\-self " (since Linux 3.17)"
.\" commit 0097875bd41528922fb3bb5f348c53f17e00e2fd
This directory refers to the thread accessing the
.I /proc
filesystem,
and is identical to the
.I /proc/self/task/[tid]
directory named by the process thread ID
.RI ( [tid] )
of the same thread.
.TP
.IR /proc/timer_list " (since Linux 2.6.21)"
.\" commit 289f480af87e45f7a6de6ba9b4c061c2e259fe98
This read-only file exposes a list of all currently pending
(high-resolution) timers,
all clock-event sources, and their parameters in a human-readable form.
.TP
.IR /proc/timer_stats " (from  Linux 2.6.21 until Linux 4.10)"
.\" commit 82f67cd9fca8c8762c15ba7ed0d5747588c1e221
.\"	Date:   Fri Feb 16 01:28:13 2007 -0800
.\" Text largely derived from Documentation/timers/timer_stats.txt
.\" removed in commit dfb4357da6ddbdf57d583ba64361c9d792b0e0b1
.\"     Date:   Wed Feb 8 11:26:59 2017 -0800
This is a debugging facility to make timer (ab)use in a Linux
system visible to kernel and user-space developers.
It can be used by kernel and user-space developers to verify that
their code does not make undue use of timers.
The goal is to avoid unnecessary wakeups,
thereby optimizing power consumption.
.IP
If enabled in the kernel
.RB ( CONFIG_TIMER_STATS ),
but not used,
it has almost zero run-time overhead and a relatively small
data-structure overhead.
Even if collection is enabled at run time, overhead is low:
all the locking is per-CPU and lookup is hashed.
.IP
The
.I /proc/timer_stats
file is used both to control sampling facility and to read out the
sampled information.
.IP
The
.I timer_stats
functionality is inactive on bootup.
A sampling period can be started using the following command:
.IP
.in +4n
.EX
# echo 1 > /proc/timer_stats
.EE
.in
.IP
The following command stops a sampling period:
.IP
.in +4n
.EX
# echo 0 > /proc/timer_stats
.EE
.in
.IP
The statistics can be retrieved by:
.IP
.in +4n
.EX
$ cat /proc/timer_stats
.EE
.in
.IP
While sampling is enabled, each readout from
.I /proc/timer_stats
will see
newly updated statistics.
Once sampling is disabled, the sampled information
is kept until a new sample period is started.
This allows multiple readouts.
.IP
Sample output from
.IR /proc/timer_stats :
.IP
.in +4n
.EX
.RB $ " cat /proc/timer_stats"
Timer Stats Version: v0.3
Sample period: 1.764 s
Collection: active
  255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
   71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
   58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
    4,  1694 gnome\-shell      mod_delayed_work_on (delayed_work_timer_fn)
   17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
\&...
    1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
   1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
1029 total events, 583.333 events/sec
.EE
.in
.IP
The output columns are:
.RS
.IP * 3
a count of the number of events,
optionally (since Linux 2.6.23) followed by the letter \(aqD\(aq
.\" commit c5c061b8f9726bc2c25e19dec227933a13d1e6b7 deferrable timers
if this is a deferrable timer;
.IP *
the PID of the process that initialized the timer;
.IP *
the name of the process that initialized the timer;
.IP *
the function where the timer was initialized; and
.IP *
(in parentheses)
the callback function that is associated with the timer.
.RE
.IP
During the Linux 4.11 development cycle,
this file  was removed because of security concerns,
as it exposes information across namespaces.
Furthermore, it is possible to obtain
the same information via in-kernel tracing facilities such as ftrace.
.TP
.I /proc/tty
Subdirectory containing the pseudo-files and subdirectories for
tty drivers and line disciplines.
.TP
.I /proc/uptime
This file contains two numbers (values in seconds): the uptime of the
system (including time spent in suspend) and the amount of time spent
in the idle process.
.TP
.I /proc/version
This string identifies the kernel version that is currently running.
It includes the contents of
.IR /proc/sys/kernel/ostype ,
.IR /proc/sys/kernel/osrelease ,
and
.IR /proc/sys/kernel/version .
For example:
.IP
.in +4n
.EX
Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
.EE
.in
.\" FIXME 2.6.13 seems to have /proc/vmcore implemented; document this
.\" 	See Documentation/kdump/kdump.txt
.\"	commit 666bfddbe8b8fd4fd44617d6c55193d5ac7edb29
.\" 	Needs CONFIG_VMCORE
.\"
.TP
.IR /proc/vmstat " (since Linux 2.6.0)"
This file displays various virtual memory statistics.
Each line of this file contains a single name-value pair,
delimited by white space.
Some lines are present only if the kernel was configured with
suitable options.
(In some cases, the options required for particular files have changed
across kernel versions, so they are not listed here.
Details can be found by consulting the kernel source code.)
The following fields may be present:
.\" FIXME We need explanations for each of the following fields...
.RS
.TP
.IR nr_free_pages " (since Linux 2.6.31)"
.\" commit d23ad42324cc4378132e51f2fc5c9ba6cbe75182
.TP
.IR nr_alloc_batch " (since Linux 3.12)"
.\" commit 81c0a2bb515fd4daae8cab64352877480792b515
.TP
.IR nr_inactive_anon " (since Linux 2.6.28)"
.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db
.TP
.IR nr_active_anon " (since Linux 2.6.28)"
.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db
.TP
.IR nr_inactive_file " (since Linux 2.6.28)"
.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db
.TP
.IR nr_active_file " (since Linux 2.6.28)"
.\" commit 4f98a2fee8acdb4ac84545df98cccecfd130f8db
.TP
.IR nr_unevictable " (since Linux 2.6.28)"
.\" commit 7b854121eb3e5ba0241882ff939e2c485228c9c5
.TP
.IR nr_mlock " (since Linux 2.6.28)"
.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820
.TP
.IR nr_anon_pages " (since Linux 2.6.18)"
.\" commit f3dbd34460ff54962d3e3244b6bcb7f5295356e6
.TP
.IR nr_mapped " (since Linux 2.6.0)"
.TP
.IR nr_file_pages " (since Linux 2.6.18)"
.\" commit 347ce434d57da80fd5809c0c836f206a50999c26
.TP
.IR nr_dirty " (since Linux 2.6.0)"
.TP
.IR nr_writeback " (since Linux 2.6.0)"
.TP
.IR nr_slab_reclaimable " (since Linux 2.6.19)"
.\" commit 972d1a7b140569084439a81265a0f15b74e924e0
.\" Linux 2.6.0 had nr_slab
.TP
.IR nr_slab_unreclaimable " (since Linux 2.6.19)"
.\" commit 972d1a7b140569084439a81265a0f15b74e924e0
.TP
.IR nr_page_table_pages " (since Linux 2.6.0)"
.TP
.IR nr_kernel_stack " (since Linux 2.6.32)"
.\" commit c6a7f5728a1db45d30df55a01adc130b4ab0327c
Amount of memory allocated to kernel stacks.
.TP
.IR nr_unstable " (since Linux 2.6.0)"
.TP
.IR nr_bounce " (since Linux 2.6.12)"
.\" commit edfbe2b0038723e5699ab22695ccd62b5542a5c1
.TP
.IR nr_vmscan_write " (since Linux 2.6.19)"
.\" commit e129b5c23c2b471d47f1c5d2b8b193fc2034af43
.TP
.IR nr_vmscan_immediate_reclaim " (since Linux 3.2)"
.\" commit 49ea7eb65e7c5060807fb9312b1ad4c3eab82e2c
.TP
.IR nr_writeback_temp " (since Linux 2.6.26)"
.\" commit fc3ba692a4d19019387c5acaea63131f9eab05dd
.TP
.IR nr_isolated_anon " (since Linux 2.6.32)"
.\" commit a731286de62294b63d8ceb3c5914ac52cc17e690
.TP
.IR nr_isolated_file " (since Linux 2.6.32)"
.\" commit a731286de62294b63d8ceb3c5914ac52cc17e690
.TP
.IR nr_shmem " (since Linux 2.6.32)"
.\" commit 4b02108ac1b3354a22b0d83c684797692efdc395
Pages used by shmem and
.BR tmpfs (5).
.TP
.IR nr_dirtied " (since Linux 2.6.37)"
.\" commit ea941f0e2a8c02ae876cd73deb4e1557248f258c
.TP
.IR nr_written " (since Linux 2.6.37)"
.\" commit ea941f0e2a8c02ae876cd73deb4e1557248f258c
.TP
.IR nr_pages_scanned " (since Linux 3.17)"
.\" commit 0d5d823ab4e608ec7b52ac4410de4cb74bbe0edd
.TP
.IR numa_hit " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR numa_miss " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR numa_foreign " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR numa_interleave " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR numa_local " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR numa_other " (since Linux 2.6.18)"
.\" commit ca889e6c45e0b112cb2ca9d35afc66297519b5d5
.\" Present only if the kernel was configured with
.\" .BR CONFIG_NUMA .
.TP
.IR workingset_refault " (since Linux 3.15)"
.\" commit a528910e12ec7ee203095eb1711468a66b9b60b0
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR workingset_activate " (since Linux 3.15)"
.\" commit a528910e12ec7ee203095eb1711468a66b9b60b0
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR workingset_nodereclaim " (since Linux 3.15)"
.\" commit 449dd6984d0e47643c04c807f609dd56d48d5bcc
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR nr_anon_transparent_hugepages " (since Linux 2.6.38)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR nr_free_cma " (since Linux 3.7)"
.\" commit d1ce749a0db12202b711d1aba1d29e823034648d
Number of free CMA (Contiguous Memory Allocator) pages.
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR nr_dirty_threshold " (since Linux 2.6.37)"
.\" commit 79da826aee6a10902ef411bc65864bd02102fa83
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR nr_dirty_background_threshold " (since Linux 2.6.37)"
.\" commit 79da826aee6a10902ef411bc65864bd02102fa83
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgpgin " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgpgout " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pswpin " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pswpout " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgalloc_dma " (since Linux 2.6.5)"
.\" Linux 2.6.0 had pgalloc
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgalloc_dma32 " (since Linux 2.6.16)"
.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgalloc_normal " (since Linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgalloc_high " (since Linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgalloc_movable " (since Linux 2.6.23)"
.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgfree " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgactivate " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgdeactivate " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgfault " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgmajfault " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgrefill_dma " (since Linux 2.6.5)"
.\" Linux 2.6.0 had pgrefill
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgrefill_dma32 " (since Linux 2.6.16)"
.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgrefill_normal " (since Linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgrefill_high " (since Linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgrefill_movable " (since Linux 2.6.23)"
.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.\" Formerly there were
.\"     pgsteal_high
.\"     pgsteal_normal
.\"     pgsteal_dma32
.\"     pgsteal_dma
.\" These were split out into pgsteal_kswapd* and pgsteal_direct*
.\" in commit 904249aa68010c8e223263c922fcbb840a3f42e4
.TP
.IR pgsteal_kswapd_dma " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Linux 2.6.0 had pgsteal
.\" Present only if the kernel was configured with
.\" .\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_kswapd_dma32 " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_kswapd_normal " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_kswapd_high " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgsteal_kswapd_movable " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_direct_dma
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_direct_dma32 " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_direct_normal " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgsteal_direct_high " (since Linux 3.4)"
.\" commit 904249aa68010c8e223263c922fcbb840a3f42e4
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgsteal_direct_movable " (since Linux 2.6.23)"
.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_kswapd_dma
.\" Linux 2.6.0 had pgscan
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_kswapd_dma32 " (since Linux 2.6.16)"
.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_kswapd_normal " (since Linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_kswapd_high
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgscan_kswapd_movable " (since Linux 2.6.23)"
.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_direct_dma
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_direct_dma32 " (since Linux 2.6.16)"
.\" commit 9328b8faae922e52073785ed6c1eaa8565648a0e
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_direct_normal
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_direct_high
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HIGHMEM .
.TP
.IR pgscan_direct_movable " (since Linux 2.6.23)"
.\" commit 2a1e274acf0b1c192face19a4be7c12d4503eaaf
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgscan_direct_throttle " (since Linux 3.6)"
.\" commit 68243e76ee343d63c6cf76978588a885951e2818
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR zone_reclaim_failed " (since linux 2.6.31)"
.\" commit 24cf72518c79cdcda486ed26074ff8151291cf65
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA .
.TP
.IR pginodesteal " (since linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR slabs_scanned " (since linux 2.6.5)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR kswapd_inodesteal " (since linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR kswapd_low_wmark_hit_quickly " (since 2.6.33)"
.\" commit bb3ab596832b920c703d1aea1ce76d69c0f71fb7
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR kswapd_high_wmark_hit_quickly " (since 2.6.33)"
.\" commit bb3ab596832b920c703d1aea1ce76d69c0f71fb7
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pageoutrun " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR allocstall " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR pgrotated " (since Linux 2.6.0)"
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR drop_pagecache " (since Linux 3.15)"
.\" commit 5509a5d27b971a90b940e148ca9ca53312e4fa7a
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR drop_slab " (since Linux 3.15)"
.\" commit 5509a5d27b971a90b940e148ca9ca53312e4fa7a
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR numa_pte_updates " (since Linux 3.8)"
.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA_BALANCING .
.TP
.IR numa_huge_pte_updates " (since Linux 3.13)"
.\" commit 72403b4a0fbdf433c1fe0127e49864658f6f6468
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA_BALANCING .
.TP
.IR numa_hint_faults " (since Linux 3.8)"
.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA_BALANCING .
.TP
.IR numa_hint_faults_local " (since Linux 3.8)"
.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA_BALANCING .
.TP
.IR numa_pages_migrated " (since Linux 3.8)"
.\" commit 03c5a6e16322c997bf8f264851bfa3f532ad515f
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_NUMA_BALANCING
.\" and
.\" .BR CONFIG_NUMA_BALANCING .
.TP
.IR pgmigrate_success " (since Linux 3.8)"
.\" commit 5647bc293ab15f66a7b1cda850c5e9d162a6c7c2
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_MIGRATION .
.TP
.IR pgmigrate_fail " (since Linux 3.8)"
.\" commit 5647bc293ab15f66a7b1cda850c5e9d162a6c7c2
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_MIGRATION .
.TP
.IR compact_migrate_scanned " (since Linux 3.8)"
.\" commit 397487db696cae0b026a474a5cd66f4e372995e6
.\" Linux 3.8 dropped compact_blocks_moved, compact_pages_moved, and
.\"           compact_pagemigrate_failed
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR compact_free_scanned " (since Linux 3.8)"
.\" commit 397487db696cae0b026a474a5cd66f4e372995e6
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR compact_isolated " (since Linux 3.8)"
.\" commit 397487db696cae0b026a474a5cd66f4e372995e6
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR compact_stall " (since Linux 2.6.35)"
.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR compact_fail " (since Linux 2.6.35)"
.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR compact_success " (since Linux 2.6.35)"
.\" commit 56de7263fcf3eb10c8dcdf8d59a9cec831795f3f
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_COMPACTION .
.TP
.IR htlb_buddy_alloc_success " (since Linux 2.6.26)"
.\" commit 3b1163006332302117b1b2acf226d4014ff46525
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HUGETLB_PAGE .
.TP
.IR htlb_buddy_alloc_fail " (since Linux 2.6.26)"
.\" commit 3b1163006332302117b1b2acf226d4014ff46525
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_HUGETLB_PAGE .
.TP
.IR unevictable_pgs_culled " (since Linux 2.6.28)"
.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_scanned " (since Linux 2.6.28)"
.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_rescued " (since Linux 2.6.28)"
.\" commit bbfd28eee9fbd73e780b19beb3dc562befbb94fa
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_mlocked " (since Linux 2.6.28)"
.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_munlocked " (since Linux 2.6.28)"
.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_cleared " (since Linux 2.6.28)"
.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.TP
.IR unevictable_pgs_stranded " (since Linux 2.6.28)"
.\" commit 5344b7e648980cc2ca613ec03a56a8222ff48820
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS .
.\" Linux 3.7 removed unevictable_pgs_mlockfreed
.TP
.IR thp_fault_alloc " (since Linux 2.6.39)"
.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_fault_fallback " (since Linux 2.6.39)"
.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_collapse_alloc " (since Linux 2.6.39)"
.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_collapse_alloc_failed " (since Linux 2.6.39)"
.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_split " (since Linux 2.6.39)"
.\" commit 81ab4201fb7d91d6b0cd9ad5b4b16776e4bed145
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_zero_page_alloc " (since Linux 3.8)"
.\" commit d8a8e1f0da3d29d7268b3300c96a059d63901b76
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR thp_zero_page_alloc_failed " (since Linux 3.8)"
.\" commit d8a8e1f0da3d29d7268b3300c96a059d63901b76
See the kernel source file
.IR Documentation/admin\-guide/mm/transhuge.rst .
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_TRANSPARENT_HUGEPAGE .
.TP
.IR balloon_inflate " (since Linux 3.18)"
.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_MEMORY_BALLOON .
.TP
.IR balloon_deflate " (since Linux 3.18)"
.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS
.\" and
.\" .BR CONFIG_MEMORY_BALLOON .
.TP
.IR balloon_migrate " (since Linux 3.18)"
.\" commit 09316c09dde33aae14f34489d9e3d243ec0d5938
.\" Present only if the kernel was configured with
.\" .BR CONFIG_VM_EVENT_COUNTERS ,
.\" .BR CONFIG_MEMORY_BALLOON ,
.\" and
.\" .BR CONFIG_BALLOON_COMPACTION .
.TP
.IR nr_tlb_remote_flush " (since Linux 3.12)"
.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_TLBFLUSH
.\" and
.\" .BR CONFIG_SMP .
.TP
.IR nr_tlb_remote_flush_received " (since Linux 3.12)"
.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_TLBFLUSH
.\" and
.\" .BR CONFIG_SMP .
.TP
.IR nr_tlb_local_flush_all " (since Linux 3.12)"
.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_TLBFLUSH .
.TP
.IR nr_tlb_local_flush_one " (since Linux 3.12)"
.\" commit 9824cf9753ecbe8f5b47aa9b2f218207defea211
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_TLBFLUSH .
.TP
.IR vmacache_find_calls " (since Linux 3.16)"
.\" commit 4f115147ff802267d0aa41e361c5aa5bd933d896
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_VM_VMACACHE .
.TP
.IR vmacache_find_hits " (since Linux 3.16)"
.\" commit 4f115147ff802267d0aa41e361c5aa5bd933d896
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_VM_VMACACHE .
.TP
.IR vmacache_full_flushes " (since Linux 3.19)"
.\" commit f5f302e21257ebb0c074bbafc37606c26d28cc3d
.\" Present only if the kernel was configured with
.\" .BR CONFIG_DEBUG_VM_VMACACHE .
.RE
.TP
.IR /proc/zoneinfo " (since Linux 2.6.13)"
This file displays information about memory zones.
This is useful for analyzing virtual memory behavior.
.\" FIXME more should be said about /proc/zoneinfo
.SH NOTES
Many files contain strings (e.g., the environment and command line)
that are in the internal format,
with subfields terminated by null bytes (\(aq\e0\(aq).
When inspecting such files, you may find that the results are more readable
if you use a command of the following form to display them:
.PP
.in +4n
.EX
.RB "$" " cat \fIfile\fP | tr \(aq\e000\(aq \(aq\en\(aq"
.EE
.in
.PP
This manual page is incomplete, possibly inaccurate, and is the kind
of thing that needs to be updated very often.
.\" .SH ACKNOWLEDGEMENTS
.\" The material on /proc/sys/fs and /proc/sys/kernel is closely based on
.\" kernel source documentation files written by Rik van Riel.
.SH SEE ALSO
.BR cat (1),
.BR dmesg (1),
.BR find (1),
.BR free (1),
.BR htop (1),
.BR init (1),
.BR ps (1),
.BR pstree (1),
.BR tr (1),
.BR uptime (1),
.BR chroot (2),
.BR mmap (2),
.BR readlink (2),
.BR syslog (2),
.BR slabinfo (5),
.BR sysfs (5),
.BR hier (7),
.BR namespaces (7),
.BR time (7),
.BR arp (8),
.BR hdparm (8),
.BR ifconfig (8),
.BR lsmod (8),
.BR lspci (8),
.BR mount (8),
.BR netstat (8),
.BR procinfo (8),
.BR route (8),
.BR sysctl (8)
.PP
The Linux kernel source files:
.IR Documentation/filesystems/proc.rst ,
.IR Documentation/admin\-guide/sysctl/fs.rst ,
.IR Documentation/admin\-guide/sysctl/kernel.rst ,
.IR Documentation/admin\-guide/sysctl/net.rst ,
and
.IR Documentation/admin\-guide/sysctl/vm.rst .