Documentation/sysctl/kernel.txt at v4.14-rc6 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / Documentation / sysctl / kernel.txt
at v4.14-rc6 1062 lines 38 kB view raw
   1Documentation for /proc/sys/kernel/*	kernel version 2.2.10
   2	(c) 1998, 1999,  Rik van Riel <riel@nl.linux.org>
   3	(c) 2009,        Shen Feng<shen@cn.fujitsu.com>
   4
   5For general info and legal blurb, please look in README.
   6
   7==============================================================
   8
   9This file contains documentation for the sysctl files in
  10/proc/sys/kernel/ and is valid for Linux kernel version 2.2.
  11
  12The files in this directory can be used to tune and monitor
  13miscellaneous and general things in the operation of the Linux
  14kernel. Since some of the files _can_ be used to screw up your
  15system, it is advisable to read both documentation and source
  16before actually making adjustments.
  17
  18Currently, these files might (depending on your configuration)
  19show up in /proc/sys/kernel:
  20
  21- acct
  22- acpi_video_flags
  23- auto_msgmni
  24- bootloader_type	     [ X86 only ]
  25- bootloader_version	     [ X86 only ]
  26- callhome		     [ S390 only ]
  27- cap_last_cap
  28- core_pattern
  29- core_pipe_limit
  30- core_uses_pid
  31- ctrl-alt-del
  32- dmesg_restrict
  33- domainname
  34- hostname
  35- hotplug
  36- hardlockup_all_cpu_backtrace
  37- hung_task_panic
  38- hung_task_check_count
  39- hung_task_timeout_secs
  40- hung_task_warnings
  41- kexec_load_disabled
  42- kptr_restrict
  43- l2cr                        [ PPC only ]
  44- modprobe                    ==> Documentation/debugging-modules.txt
  45- modules_disabled
  46- msg_next_id		      [ sysv ipc ]
  47- msgmax
  48- msgmnb
  49- msgmni
  50- nmi_watchdog
  51- osrelease
  52- ostype
  53- overflowgid
  54- overflowuid
  55- panic
  56- panic_on_oops
  57- panic_on_stackoverflow
  58- panic_on_unrecovered_nmi
  59- panic_on_warn
  60- panic_on_rcu_stall
  61- perf_cpu_time_max_percent
  62- perf_event_paranoid
  63- perf_event_max_stack
  64- perf_event_mlock_kb
  65- perf_event_max_contexts_per_stack
  66- pid_max
  67- powersave-nap               [ PPC only ]
  68- printk
  69- printk_delay
  70- printk_ratelimit
  71- printk_ratelimit_burst
  72- pty                         ==> Documentation/filesystems/devpts.txt
  73- randomize_va_space
  74- real-root-dev               ==> Documentation/admin-guide/initrd.rst
  75- reboot-cmd                  [ SPARC only ]
  76- rtsig-max
  77- rtsig-nr
  78- seccomp/                    ==> Documentation/userspace-api/seccomp_filter.rst
  79- sem
  80- sem_next_id		      [ sysv ipc ]
  81- sg-big-buff                 [ generic SCSI device (sg) ]
  82- shm_next_id		      [ sysv ipc ]
  83- shm_rmid_forced
  84- shmall
  85- shmmax                      [ sysv ipc ]
  86- shmmni
  87- softlockup_all_cpu_backtrace
  88- soft_watchdog
  89- stop-a                      [ SPARC only ]
  90- sysrq                       ==> Documentation/admin-guide/sysrq.rst
  91- sysctl_writes_strict
  92- tainted
  93- threads-max
  94- unknown_nmi_panic
  95- watchdog
  96- watchdog_thresh
  97- version
  98
  99==============================================================
 100
 101acct:
 102
 103highwater lowwater frequency
 104
 105If BSD-style process accounting is enabled these values control
 106its behaviour. If free space on filesystem where the log lives
 107goes below <lowwater>% accounting suspends. If free space gets
 108above <highwater>% accounting resumes. <Frequency> determines
 109how often do we check the amount of free space (value is in
 110seconds). Default:
 1114 2 30
 112That is, suspend accounting if there left <= 2% free; resume it
 113if we got >=4%; consider information about amount of free space
 114valid for 30 seconds.
 115
 116==============================================================
 117
 118acpi_video_flags:
 119
 120flags
 121
 122See Doc*/kernel/power/video.txt, it allows mode of video boot to be
 123set during run time.
 124
 125==============================================================
 126
 127auto_msgmni:
 128
 129This variable has no effect and may be removed in future kernel
 130releases. Reading it always returns 0.
 131Up to Linux 3.17, it enabled/disabled automatic recomputing of msgmni
 132upon memory add/remove or upon ipc namespace creation/removal.
 133Echoing "1" into this file enabled msgmni automatic recomputing.
 134Echoing "0" turned it off. auto_msgmni default value was 1.
 135
 136
 137==============================================================
 138
 139bootloader_type:
 140
 141x86 bootloader identification
 142
 143This gives the bootloader type number as indicated by the bootloader,
 144shifted left by 4, and OR'd with the low four bits of the bootloader
 145version.  The reason for this encoding is that this used to match the
 146type_of_loader field in the kernel header; the encoding is kept for
 147backwards compatibility.  That is, if the full bootloader type number
 148is 0x15 and the full version number is 0x234, this file will contain
 149the value 340 = 0x154.
 150
 151See the type_of_loader and ext_loader_type fields in
 152Documentation/x86/boot.txt for additional information.
 153
 154==============================================================
 155
 156bootloader_version:
 157
 158x86 bootloader version
 159
 160The complete bootloader version number.  In the example above, this
 161file will contain the value 564 = 0x234.
 162
 163See the type_of_loader and ext_loader_ver fields in
 164Documentation/x86/boot.txt for additional information.
 165
 166==============================================================
 167
 168callhome:
 169
 170Controls the kernel's callhome behavior in case of a kernel panic.
 171
 172The s390 hardware allows an operating system to send a notification
 173to a service organization (callhome) in case of an operating system panic.
 174
 175When the value in this file is 0 (which is the default behavior)
 176nothing happens in case of a kernel panic. If this value is set to "1"
 177the complete kernel oops message is send to the IBM customer service
 178organization in case the mainframe the Linux operating system is running
 179on has a service contract with IBM.
 180
 181==============================================================
 182
 183cap_last_cap
 184
 185Highest valid capability of the running kernel.  Exports
 186CAP_LAST_CAP from the kernel.
 187
 188==============================================================
 189
 190core_pattern:
 191
 192core_pattern is used to specify a core dumpfile pattern name.
 193. max length 128 characters; default value is "core"
 194. core_pattern is used as a pattern template for the output filename;
 195  certain string patterns (beginning with '%') are substituted with
 196  their actual values.
 197. backward compatibility with core_uses_pid:
 198	If core_pattern does not include "%p" (default does not)
 199	and core_uses_pid is set, then .PID will be appended to
 200	the filename.
 201. corename format specifiers:
 202	%<NUL>	'%' is dropped
 203	%%	output one '%'
 204	%p	pid
 205	%P	global pid (init PID namespace)
 206	%i	tid
 207	%I	global tid (init PID namespace)
 208	%u	uid (in initial user namespace)
 209	%g	gid (in initial user namespace)
 210	%d	dump mode, matches PR_SET_DUMPABLE and
 211		/proc/sys/fs/suid_dumpable
 212	%s	signal number
 213	%t	UNIX time of dump
 214	%h	hostname
 215	%e	executable filename (may be shortened)
 216	%E	executable path
 217	%<OTHER> both are dropped
 218. If the first character of the pattern is a '|', the kernel will treat
 219  the rest of the pattern as a command to run.  The core dump will be
 220  written to the standard input of that program instead of to a file.
 221
 222==============================================================
 223
 224core_pipe_limit:
 225
 226This sysctl is only applicable when core_pattern is configured to pipe
 227core files to a user space helper (when the first character of
 228core_pattern is a '|', see above).  When collecting cores via a pipe
 229to an application, it is occasionally useful for the collecting
 230application to gather data about the crashing process from its
 231/proc/pid directory.  In order to do this safely, the kernel must wait
 232for the collecting process to exit, so as not to remove the crashing
 233processes proc files prematurely.  This in turn creates the
 234possibility that a misbehaving userspace collecting process can block
 235the reaping of a crashed process simply by never exiting.  This sysctl
 236defends against that.  It defines how many concurrent crashing
 237processes may be piped to user space applications in parallel.  If
 238this value is exceeded, then those crashing processes above that value
 239are noted via the kernel log and their cores are skipped.  0 is a
 240special value, indicating that unlimited processes may be captured in
 241parallel, but that no waiting will take place (i.e. the collecting
 242process is not guaranteed access to /proc/<crashing pid>/).  This
 243value defaults to 0.
 244
 245==============================================================
 246
 247core_uses_pid:
 248
 249The default coredump filename is "core".  By setting
 250core_uses_pid to 1, the coredump filename becomes core.PID.
 251If core_pattern does not include "%p" (default does not)
 252and core_uses_pid is set, then .PID will be appended to
 253the filename.
 254
 255==============================================================
 256
 257ctrl-alt-del:
 258
 259When the value in this file is 0, ctrl-alt-del is trapped and
 260sent to the init(1) program to handle a graceful restart.
 261When, however, the value is > 0, Linux's reaction to a Vulcan
 262Nerve Pinch (tm) will be an immediate reboot, without even
 263syncing its dirty buffers.
 264
 265Note: when a program (like dosemu) has the keyboard in 'raw'
 266mode, the ctrl-alt-del is intercepted by the program before it
 267ever reaches the kernel tty layer, and it's up to the program
 268to decide what to do with it.
 269
 270==============================================================
 271
 272dmesg_restrict:
 273
 274This toggle indicates whether unprivileged users are prevented
 275from using dmesg(8) to view messages from the kernel's log buffer.
 276When dmesg_restrict is set to (0) there are no restrictions. When
 277dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use
 278dmesg(8).
 279
 280The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the
 281default value of dmesg_restrict.
 282
 283==============================================================
 284
 285domainname & hostname:
 286
 287These files can be used to set the NIS/YP domainname and the
 288hostname of your box in exactly the same way as the commands
 289domainname and hostname, i.e.:
 290# echo "darkstar" > /proc/sys/kernel/hostname
 291# echo "mydomain" > /proc/sys/kernel/domainname
 292has the same effect as
 293# hostname "darkstar"
 294# domainname "mydomain"
 295
 296Note, however, that the classic darkstar.frop.org has the
 297hostname "darkstar" and DNS (Internet Domain Name Server)
 298domainname "frop.org", not to be confused with the NIS (Network
 299Information Service) or YP (Yellow Pages) domainname. These two
 300domain names are in general different. For a detailed discussion
 301see the hostname(1) man page.
 302
 303==============================================================
 304hardlockup_all_cpu_backtrace:
 305
 306This value controls the hard lockup detector behavior when a hard
 307lockup condition is detected as to whether or not to gather further
 308debug information. If enabled, arch-specific all-CPU stack dumping
 309will be initiated.
 310
 3110: do nothing. This is the default behavior.
 312
 3131: on detection capture more debug information.
 314==============================================================
 315
 316hotplug:
 317
 318Path for the hotplug policy agent.
 319Default value is "/sbin/hotplug".
 320
 321==============================================================
 322
 323hung_task_panic:
 324
 325Controls the kernel's behavior when a hung task is detected.
 326This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 327
 3280: continue operation. This is the default behavior.
 329
 3301: panic immediately.
 331
 332==============================================================
 333
 334hung_task_check_count:
 335
 336The upper bound on the number of tasks that are checked.
 337This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 338
 339==============================================================
 340
 341hung_task_timeout_secs:
 342
 343Check interval. When a task in D state did not get scheduled
 344for more than this value report a warning.
 345This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 346
 3470: means infinite timeout - no checking done.
 348Possible values to set are in range {0..LONG_MAX/HZ}.
 349
 350==============================================================
 351
 352hung_task_warnings:
 353
 354The maximum number of warnings to report. During a check interval
 355if a hung task is detected, this value is decreased by 1.
 356When this value reaches 0, no more warnings will be reported.
 357This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 358
 359-1: report an infinite number of warnings.
 360
 361==============================================================
 362
 363kexec_load_disabled:
 364
 365A toggle indicating if the kexec_load syscall has been disabled. This
 366value defaults to 0 (false: kexec_load enabled), but can be set to 1
 367(true: kexec_load disabled). Once true, kexec can no longer be used, and
 368the toggle cannot be set back to false. This allows a kexec image to be
 369loaded before disabling the syscall, allowing a system to set up (and
 370later use) an image without it being altered. Generally used together
 371with the "modules_disabled" sysctl.
 372
 373==============================================================
 374
 375kptr_restrict:
 376
 377This toggle indicates whether restrictions are placed on
 378exposing kernel addresses via /proc and other interfaces.
 379
 380When kptr_restrict is set to (0), the default, there are no restrictions.
 381
 382When kptr_restrict is set to (1), kernel pointers printed using the %pK
 383format specifier will be replaced with 0's unless the user has CAP_SYSLOG
 384and effective user and group ids are equal to the real ids. This is
 385because %pK checks are done at read() time rather than open() time, so
 386if permissions are elevated between the open() and the read() (e.g via
 387a setuid binary) then %pK will not leak kernel pointers to unprivileged
 388users. Note, this is a temporary solution only. The correct long-term
 389solution is to do the permission checks at open() time. Consider removing
 390world read permissions from files that use %pK, and using dmesg_restrict
 391to protect against uses of %pK in dmesg(8) if leaking kernel pointer
 392values to unprivileged users is a concern.
 393
 394When kptr_restrict is set to (2), kernel pointers printed using
 395%pK will be replaced with 0's regardless of privileges.
 396
 397==============================================================
 398
 399l2cr: (PPC only)
 400
 401This flag controls the L2 cache of G3 processor boards. If
 4020, the cache is disabled. Enabled if nonzero.
 403
 404==============================================================
 405
 406modules_disabled:
 407
 408A toggle value indicating if modules are allowed to be loaded
 409in an otherwise modular kernel.  This toggle defaults to off
 410(0), but can be set true (1).  Once true, modules can be
 411neither loaded nor unloaded, and the toggle cannot be set back
 412to false.  Generally used with the "kexec_load_disabled" toggle.
 413
 414==============================================================
 415
 416msg_next_id, sem_next_id, and shm_next_id:
 417
 418These three toggles allows to specify desired id for next allocated IPC
 419object: message, semaphore or shared memory respectively.
 420
 421By default they are equal to -1, which means generic allocation logic.
 422Possible values to set are in range {0..INT_MAX}.
 423
 424Notes:
 4251) kernel doesn't guarantee, that new object will have desired id. So,
 426it's up to userspace, how to handle an object with "wrong" id.
 4272) Toggle with non-default value will be set back to -1 by kernel after
 428successful IPC object allocation.
 429
 430==============================================================
 431
 432nmi_watchdog:
 433
 434This parameter can be used to control the NMI watchdog
 435(i.e. the hard lockup detector) on x86 systems.
 436
 437   0 - disable the hard lockup detector
 438   1 - enable the hard lockup detector
 439
 440The hard lockup detector monitors each CPU for its ability to respond to
 441timer interrupts. The mechanism utilizes CPU performance counter registers
 442that are programmed to generate Non-Maskable Interrupts (NMIs) periodically
 443while a CPU is busy. Hence, the alternative name 'NMI watchdog'.
 444
 445The NMI watchdog is disabled by default if the kernel is running as a guest
 446in a KVM virtual machine. This default can be overridden by adding
 447
 448   nmi_watchdog=1
 449
 450to the guest kernel command line (see Documentation/admin-guide/kernel-parameters.rst).
 451
 452==============================================================
 453
 454numa_balancing
 455
 456Enables/disables automatic page fault based NUMA memory
 457balancing. Memory is moved automatically to nodes
 458that access it often.
 459
 460Enables/disables automatic NUMA memory balancing. On NUMA machines, there
 461is a performance penalty if remote memory is accessed by a CPU. When this
 462feature is enabled the kernel samples what task thread is accessing memory
 463by periodically unmapping pages and later trapping a page fault. At the
 464time of the page fault, it is determined if the data being accessed should
 465be migrated to a local memory node.
 466
 467The unmapping of pages and trapping faults incur additional overhead that
 468ideally is offset by improved memory locality but there is no universal
 469guarantee. If the target workload is already bound to NUMA nodes then this
 470feature should be disabled. Otherwise, if the system overhead from the
 471feature is too high then the rate the kernel samples for NUMA hinting
 472faults may be controlled by the numa_balancing_scan_period_min_ms,
 473numa_balancing_scan_delay_ms, numa_balancing_scan_period_max_ms,
 474numa_balancing_scan_size_mb, and numa_balancing_settle_count sysctls.
 475
 476==============================================================
 477
 478numa_balancing_scan_period_min_ms, numa_balancing_scan_delay_ms,
 479numa_balancing_scan_period_max_ms, numa_balancing_scan_size_mb
 480
 481Automatic NUMA balancing scans tasks address space and unmaps pages to
 482detect if pages are properly placed or if the data should be migrated to a
 483memory node local to where the task is running.  Every "scan delay" the task
 484scans the next "scan size" number of pages in its address space. When the
 485end of the address space is reached the scanner restarts from the beginning.
 486
 487In combination, the "scan delay" and "scan size" determine the scan rate.
 488When "scan delay" decreases, the scan rate increases.  The scan delay and
 489hence the scan rate of every task is adaptive and depends on historical
 490behaviour. If pages are properly placed then the scan delay increases,
 491otherwise the scan delay decreases.  The "scan size" is not adaptive but
 492the higher the "scan size", the higher the scan rate.
 493
 494Higher scan rates incur higher system overhead as page faults must be
 495trapped and potentially data must be migrated. However, the higher the scan
 496rate, the more quickly a tasks memory is migrated to a local node if the
 497workload pattern changes and minimises performance impact due to remote
 498memory accesses. These sysctls control the thresholds for scan delays and
 499the number of pages scanned.
 500
 501numa_balancing_scan_period_min_ms is the minimum time in milliseconds to
 502scan a tasks virtual memory. It effectively controls the maximum scanning
 503rate for each task.
 504
 505numa_balancing_scan_delay_ms is the starting "scan delay" used for a task
 506when it initially forks.
 507
 508numa_balancing_scan_period_max_ms is the maximum time in milliseconds to
 509scan a tasks virtual memory. It effectively controls the minimum scanning
 510rate for each task.
 511
 512numa_balancing_scan_size_mb is how many megabytes worth of pages are
 513scanned for a given scan.
 514
 515==============================================================
 516
 517osrelease, ostype & version:
 518
 519# cat osrelease
 5202.1.88
 521# cat ostype
 522Linux
 523# cat version
 524#5 Wed Feb 25 21:49:24 MET 1998
 525
 526The files osrelease and ostype should be clear enough. Version
 527needs a little more clarification however. The '#5' means that
 528this is the fifth kernel built from this source base and the
 529date behind it indicates the time the kernel was built.
 530The only way to tune these values is to rebuild the kernel :-)
 531
 532==============================================================
 533
 534overflowgid & overflowuid:
 535
 536if your architecture did not always support 32-bit UIDs (i.e. arm,
 537i386, m68k, sh, and sparc32), a fixed UID and GID will be returned to
 538applications that use the old 16-bit UID/GID system calls, if the
 539actual UID or GID would exceed 65535.
 540
 541These sysctls allow you to change the value of the fixed UID and GID.
 542The default is 65534.
 543
 544==============================================================
 545
 546panic:
 547
 548The value in this file represents the number of seconds the kernel
 549waits before rebooting on a panic. When you use the software watchdog,
 550the recommended setting is 60.
 551
 552==============================================================
 553
 554panic_on_io_nmi:
 555
 556Controls the kernel's behavior when a CPU receives an NMI caused by
 557an IO error.
 558
 5590: try to continue operation (default)
 560
 5611: panic immediately. The IO error triggered an NMI. This indicates a
 562   serious system condition which could result in IO data corruption.
 563   Rather than continuing, panicking might be a better choice. Some
 564   servers issue this sort of NMI when the dump button is pushed,
 565   and you can use this option to take a crash dump.
 566
 567==============================================================
 568
 569panic_on_oops:
 570
 571Controls the kernel's behaviour when an oops or BUG is encountered.
 572
 5730: try to continue operation
 574
 5751: panic immediately.  If the `panic' sysctl is also non-zero then the
 576   machine will be rebooted.
 577
 578==============================================================
 579
 580panic_on_stackoverflow:
 581
 582Controls the kernel's behavior when detecting the overflows of
 583kernel, IRQ and exception stacks except a user stack.
 584This file shows up if CONFIG_DEBUG_STACKOVERFLOW is enabled.
 585
 5860: try to continue operation.
 587
 5881: panic immediately.
 589
 590==============================================================
 591
 592panic_on_unrecovered_nmi:
 593
 594The default Linux behaviour on an NMI of either memory or unknown is
 595to continue operation. For many environments such as scientific
 596computing it is preferable that the box is taken out and the error
 597dealt with than an uncorrected parity/ECC error get propagated.
 598
 599A small number of systems do generate NMI's for bizarre random reasons
 600such as power management so the default is off. That sysctl works like
 601the existing panic controls already in that directory.
 602
 603==============================================================
 604
 605panic_on_warn:
 606
 607Calls panic() in the WARN() path when set to 1.  This is useful to avoid
 608a kernel rebuild when attempting to kdump at the location of a WARN().
 609
 6100: only WARN(), default behaviour.
 611
 6121: call panic() after printing out WARN() location.
 613
 614==============================================================
 615
 616panic_on_rcu_stall:
 617
 618When set to 1, calls panic() after RCU stall detection messages. This
 619is useful to define the root cause of RCU stalls using a vmcore.
 620
 6210: do not panic() when RCU stall takes place, default behavior.
 622
 6231: panic() after printing RCU stall messages.
 624
 625==============================================================
 626
 627perf_cpu_time_max_percent:
 628
 629Hints to the kernel how much CPU time it should be allowed to
 630use to handle perf sampling events.  If the perf subsystem
 631is informed that its samples are exceeding this limit, it
 632will drop its sampling frequency to attempt to reduce its CPU
 633usage.
 634
 635Some perf sampling happens in NMIs.  If these samples
 636unexpectedly take too long to execute, the NMIs can become
 637stacked up next to each other so much that nothing else is
 638allowed to execute.
 639
 6400: disable the mechanism.  Do not monitor or correct perf's
 641   sampling rate no matter how CPU time it takes.
 642
 6431-100: attempt to throttle perf's sample rate to this
 644   percentage of CPU.  Note: the kernel calculates an
 645   "expected" length of each sample event.  100 here means
 646   100% of that expected length.  Even if this is set to
 647   100, you may still see sample throttling if this
 648   length is exceeded.  Set to 0 if you truly do not care
 649   how much CPU is consumed.
 650
 651==============================================================
 652
 653perf_event_paranoid:
 654
 655Controls use of the performance events system by unprivileged
 656users (without CAP_SYS_ADMIN).  The default value is 2.
 657
 658 -1: Allow use of (almost) all events by all users
 659     Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK
 660>=0: Disallow ftrace function tracepoint by users without CAP_SYS_ADMIN
 661     Disallow raw tracepoint access by users without CAP_SYS_ADMIN
 662>=1: Disallow CPU event access by users without CAP_SYS_ADMIN
 663>=2: Disallow kernel profiling by users without CAP_SYS_ADMIN
 664
 665==============================================================
 666
 667perf_event_max_stack:
 668
 669Controls maximum number of stack frames to copy for (attr.sample_type &
 670PERF_SAMPLE_CALLCHAIN) configured events, for instance, when using
 671'perf record -g' or 'perf trace --call-graph fp'.
 672
 673This can only be done when no events are in use that have callchains
 674enabled, otherwise writing to this file will return -EBUSY.
 675
 676The default value is 127.
 677
 678==============================================================
 679
 680perf_event_mlock_kb:
 681
 682Control size of per-cpu ring buffer not counted agains mlock limit.
 683
 684The default value is 512 + 1 page
 685
 686==============================================================
 687
 688perf_event_max_contexts_per_stack:
 689
 690Controls maximum number of stack frame context entries for
 691(attr.sample_type & PERF_SAMPLE_CALLCHAIN) configured events, for
 692instance, when using 'perf record -g' or 'perf trace --call-graph fp'.
 693
 694This can only be done when no events are in use that have callchains
 695enabled, otherwise writing to this file will return -EBUSY.
 696
 697The default value is 8.
 698
 699==============================================================
 700
 701pid_max:
 702
 703PID allocation wrap value.  When the kernel's next PID value
 704reaches this value, it wraps back to a minimum PID value.
 705PIDs of value pid_max or larger are not allocated.
 706
 707==============================================================
 708
 709ns_last_pid:
 710
 711The last pid allocated in the current (the one task using this sysctl
 712lives in) pid namespace. When selecting a pid for a next task on fork
 713kernel tries to allocate a number starting from this one.
 714
 715==============================================================
 716
 717powersave-nap: (PPC only)
 718
 719If set, Linux-PPC will use the 'nap' mode of powersaving,
 720otherwise the 'doze' mode will be used.
 721
 722==============================================================
 723
 724printk:
 725
 726The four values in printk denote: console_loglevel,
 727default_message_loglevel, minimum_console_loglevel and
 728default_console_loglevel respectively.
 729
 730These values influence printk() behavior when printing or
 731logging error messages. See 'man 2 syslog' for more info on
 732the different loglevels.
 733
 734- console_loglevel: messages with a higher priority than
 735  this will be printed to the console
 736- default_message_loglevel: messages without an explicit priority
 737  will be printed with this priority
 738- minimum_console_loglevel: minimum (highest) value to which
 739  console_loglevel can be set
 740- default_console_loglevel: default value for console_loglevel
 741
 742==============================================================
 743
 744printk_delay:
 745
 746Delay each printk message in printk_delay milliseconds
 747
 748Value from 0 - 10000 is allowed.
 749
 750==============================================================
 751
 752printk_ratelimit:
 753
 754Some warning messages are rate limited. printk_ratelimit specifies
 755the minimum length of time between these messages (in jiffies), by
 756default we allow one every 5 seconds.
 757
 758A value of 0 will disable rate limiting.
 759
 760==============================================================
 761
 762printk_ratelimit_burst:
 763
 764While long term we enforce one message per printk_ratelimit
 765seconds, we do allow a burst of messages to pass through.
 766printk_ratelimit_burst specifies the number of messages we can
 767send before ratelimiting kicks in.
 768
 769==============================================================
 770
 771printk_devkmsg:
 772
 773Control the logging to /dev/kmsg from userspace:
 774
 775ratelimit: default, ratelimited
 776on: unlimited logging to /dev/kmsg from userspace
 777off: logging to /dev/kmsg disabled
 778
 779The kernel command line parameter printk.devkmsg= overrides this and is
 780a one-time setting until next reboot: once set, it cannot be changed by
 781this sysctl interface anymore.
 782
 783==============================================================
 784
 785randomize_va_space:
 786
 787This option can be used to select the type of process address
 788space randomization that is used in the system, for architectures
 789that support this feature.
 790
 7910 - Turn the process address space randomization off.  This is the
 792    default for architectures that do not support this feature anyways,
 793    and kernels that are booted with the "norandmaps" parameter.
 794
 7951 - Make the addresses of mmap base, stack and VDSO page randomized.
 796    This, among other things, implies that shared libraries will be
 797    loaded to random addresses.  Also for PIE-linked binaries, the
 798    location of code start is randomized.  This is the default if the
 799    CONFIG_COMPAT_BRK option is enabled.
 800
 8012 - Additionally enable heap randomization.  This is the default if
 802    CONFIG_COMPAT_BRK is disabled.
 803
 804    There are a few legacy applications out there (such as some ancient
 805    versions of libc.so.5 from 1996) that assume that brk area starts
 806    just after the end of the code+bss.  These applications break when
 807    start of the brk area is randomized.  There are however no known
 808    non-legacy applications that would be broken this way, so for most
 809    systems it is safe to choose full randomization.
 810
 811    Systems with ancient and/or broken binaries should be configured
 812    with CONFIG_COMPAT_BRK enabled, which excludes the heap from process
 813    address space randomization.
 814
 815==============================================================
 816
 817reboot-cmd: (Sparc only)
 818
 819??? This seems to be a way to give an argument to the Sparc
 820ROM/Flash boot loader. Maybe to tell it what to do after
 821rebooting. ???
 822
 823==============================================================
 824
 825rtsig-max & rtsig-nr:
 826
 827The file rtsig-max can be used to tune the maximum number
 828of POSIX realtime (queued) signals that can be outstanding
 829in the system.
 830
 831rtsig-nr shows the number of RT signals currently queued.
 832
 833==============================================================
 834
 835sched_schedstats:
 836
 837Enables/disables scheduler statistics. Enabling this feature
 838incurs a small amount of overhead in the scheduler but is
 839useful for debugging and performance tuning.
 840
 841==============================================================
 842
 843sg-big-buff:
 844
 845This file shows the size of the generic SCSI (sg) buffer.
 846You can't tune it just yet, but you could change it on
 847compile time by editing include/scsi/sg.h and changing
 848the value of SG_BIG_BUFF.
 849
 850There shouldn't be any reason to change this value. If
 851you can come up with one, you probably know what you
 852are doing anyway :)
 853
 854==============================================================
 855
 856shmall:
 857
 858This parameter sets the total amount of shared memory pages that
 859can be used system wide. Hence, SHMALL should always be at least
 860ceil(shmmax/PAGE_SIZE).
 861
 862If you are not sure what the default PAGE_SIZE is on your Linux
 863system, you can run the following command:
 864
 865# getconf PAGE_SIZE
 866
 867==============================================================
 868
 869shmmax:
 870
 871This value can be used to query and set the run time limit
 872on the maximum shared memory segment size that can be created.
 873Shared memory segments up to 1Gb are now supported in the
 874kernel.  This value defaults to SHMMAX.
 875
 876==============================================================
 877
 878shm_rmid_forced:
 879
 880Linux lets you set resource limits, including how much memory one
 881process can consume, via setrlimit(2).  Unfortunately, shared memory
 882segments are allowed to exist without association with any process, and
 883thus might not be counted against any resource limits.  If enabled,
 884shared memory segments are automatically destroyed when their attach
 885count becomes zero after a detach or a process termination.  It will
 886also destroy segments that were created, but never attached to, on exit
 887from the process.  The only use left for IPC_RMID is to immediately
 888destroy an unattached segment.  Of course, this breaks the way things are
 889defined, so some applications might stop working.  Note that this
 890feature will do you no good unless you also configure your resource
 891limits (in particular, RLIMIT_AS and RLIMIT_NPROC).  Most systems don't
 892need this.
 893
 894Note that if you change this from 0 to 1, already created segments
 895without users and with a dead originative process will be destroyed.
 896
 897==============================================================
 898
 899sysctl_writes_strict:
 900
 901Control how file position affects the behavior of updating sysctl values
 902via the /proc/sys interface:
 903
 904  -1 - Legacy per-write sysctl value handling, with no printk warnings.
 905       Each write syscall must fully contain the sysctl value to be
 906       written, and multiple writes on the same sysctl file descriptor
 907       will rewrite the sysctl value, regardless of file position.
 908   0 - Same behavior as above, but warn about processes that perform writes
 909       to a sysctl file descriptor when the file position is not 0.
 910   1 - (default) Respect file position when writing sysctl strings. Multiple
 911       writes will append to the sysctl value buffer. Anything past the max
 912       length of the sysctl value buffer will be ignored. Writes to numeric
 913       sysctl entries must always be at file position 0 and the value must
 914       be fully contained in the buffer sent in the write syscall.
 915
 916==============================================================
 917
 918softlockup_all_cpu_backtrace:
 919
 920This value controls the soft lockup detector thread's behavior
 921when a soft lockup condition is detected as to whether or not
 922to gather further debug information. If enabled, each cpu will
 923be issued an NMI and instructed to capture stack trace.
 924
 925This feature is only applicable for architectures which support
 926NMI.
 927
 9280: do nothing. This is the default behavior.
 929
 9301: on detection capture more debug information.
 931
 932==============================================================
 933
 934soft_watchdog
 935
 936This parameter can be used to control the soft lockup detector.
 937
 938   0 - disable the soft lockup detector
 939   1 - enable the soft lockup detector
 940
 941The soft lockup detector monitors CPUs for threads that are hogging the CPUs
 942without rescheduling voluntarily, and thus prevent the 'watchdog/N' threads
 943from running. The mechanism depends on the CPUs ability to respond to timer
 944interrupts which are needed for the 'watchdog/N' threads to be woken up by
 945the watchdog timer function, otherwise the NMI watchdog - if enabled - can
 946detect a hard lockup condition.
 947
 948==============================================================
 949
 950tainted:
 951
 952Non-zero if the kernel has been tainted.  Numeric values, which
 953can be ORed together:
 954
 955   1 - A module with a non-GPL license has been loaded, this
 956       includes modules with no license.
 957       Set by modutils >= 2.4.9 and module-init-tools.
 958   2 - A module was force loaded by insmod -f.
 959       Set by modutils >= 2.4.9 and module-init-tools.
 960   4 - Unsafe SMP processors: SMP with CPUs not designed for SMP.
 961   8 - A module was forcibly unloaded from the system by rmmod -f.
 962  16 - A hardware machine check error occurred on the system.
 963  32 - A bad page was discovered on the system.
 964  64 - The user has asked that the system be marked "tainted".  This
 965       could be because they are running software that directly modifies
 966       the hardware, or for other reasons.
 967 128 - The system has died.
 968 256 - The ACPI DSDT has been overridden with one supplied by the user
 969        instead of using the one provided by the hardware.
 970 512 - A kernel warning has occurred.
 9711024 - A module from drivers/staging was loaded.
 9722048 - The system is working around a severe firmware bug.
 9734096 - An out-of-tree module has been loaded.
 9748192 - An unsigned module has been loaded in a kernel supporting module
 975       signature.
 97616384 - A soft lockup has previously occurred on the system.
 97732768 - The kernel has been live patched.
 978
 979==============================================================
 980
 981threads-max
 982
 983This value controls the maximum number of threads that can be created
 984using fork().
 985
 986During initialization the kernel sets this value such that even if the
 987maximum number of threads is created, the thread structures occupy only
 988a part (1/8th) of the available RAM pages.
 989
 990The minimum value that can be written to threads-max is 20.
 991The maximum value that can be written to threads-max is given by the
 992constant FUTEX_TID_MASK (0x3fffffff).
 993If a value outside of this range is written to threads-max an error
 994EINVAL occurs.
 995
 996The value written is checked against the available RAM pages. If the
 997thread structures would occupy too much (more than 1/8th) of the
 998available RAM pages threads-max is reduced accordingly.
 999
1000==============================================================
1001
1002unknown_nmi_panic:
1003
1004The value in this file affects behavior of handling NMI. When the
1005value is non-zero, unknown NMI is trapped and then panic occurs. At
1006that time, kernel debugging information is displayed on console.
1007
1008NMI switch that most IA32 servers have fires unknown NMI up, for
1009example.  If a system hangs up, try pressing the NMI switch.
1010
1011==============================================================
1012
1013watchdog:
1014
1015This parameter can be used to disable or enable the soft lockup detector
1016_and_ the NMI watchdog (i.e. the hard lockup detector) at the same time.
1017
1018   0 - disable both lockup detectors
1019   1 - enable both lockup detectors
1020
1021The soft lockup detector and the NMI watchdog can also be disabled or
1022enabled individually, using the soft_watchdog and nmi_watchdog parameters.
1023If the watchdog parameter is read, for example by executing
1024
1025   cat /proc/sys/kernel/watchdog
1026
1027the output of this command (0 or 1) shows the logical OR of soft_watchdog
1028and nmi_watchdog.
1029
1030==============================================================
1031
1032watchdog_cpumask:
1033
1034This value can be used to control on which cpus the watchdog may run.
1035The default cpumask is all possible cores, but if NO_HZ_FULL is
1036enabled in the kernel config, and cores are specified with the
1037nohz_full= boot argument, those cores are excluded by default.
1038Offline cores can be included in this mask, and if the core is later
1039brought online, the watchdog will be started based on the mask value.
1040
1041Typically this value would only be touched in the nohz_full case
1042to re-enable cores that by default were not running the watchdog,
1043if a kernel lockup was suspected on those cores.
1044
1045The argument value is the standard cpulist format for cpumasks,
1046so for example to enable the watchdog on cores 0, 2, 3, and 4 you
1047might say:
1048
1049  echo 0,2-4 > /proc/sys/kernel/watchdog_cpumask
1050
1051==============================================================
1052
1053watchdog_thresh:
1054
1055This value can be used to control the frequency of hrtimer and NMI
1056events and the soft and hard lockup thresholds. The default threshold
1057is 10 seconds.
1058
1059The softlockup threshold is (2 * watchdog_thresh). Setting this
1060tunable to zero will disable lockup detection altogether.
1061
1062==============================================================