Documentation/sysctl/kernel.txt at v4.16-rc2 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / Documentation / sysctl / kernel.txt
at v4.16-rc2 39 kB view raw
   1Documentation for /proc/sys/kernel/*	kernel version 2.2.10
   2	(c) 1998, 1999,  Rik van Riel <riel@nl.linux.org>
   3	(c) 2009,        Shen Feng<shen@cn.fujitsu.com>
   4
   5For general info and legal blurb, please look in README.
   6
   7==============================================================
   8
   9This file contains documentation for the sysctl files in
  10/proc/sys/kernel/ and is valid for Linux kernel version 2.2.
  11
  12The files in this directory can be used to tune and monitor
  13miscellaneous and general things in the operation of the Linux
  14kernel. Since some of the files _can_ be used to screw up your
  15system, it is advisable to read both documentation and source
  16before actually making adjustments.
  17
  18Currently, these files might (depending on your configuration)
  19show up in /proc/sys/kernel:
  20
  21- acct
  22- acpi_video_flags
  23- auto_msgmni
  24- bootloader_type	     [ X86 only ]
  25- bootloader_version	     [ X86 only ]
  26- callhome		     [ S390 only ]
  27- cap_last_cap
  28- core_pattern
  29- core_pipe_limit
  30- core_uses_pid
  31- ctrl-alt-del
  32- dmesg_restrict
  33- domainname
  34- hostname
  35- hotplug
  36- hardlockup_all_cpu_backtrace
  37- hardlockup_panic
  38- hung_task_panic
  39- hung_task_check_count
  40- hung_task_timeout_secs
  41- hung_task_warnings
  42- kexec_load_disabled
  43- kptr_restrict
  44- l2cr                        [ PPC only ]
  45- modprobe                    ==> Documentation/debugging-modules.txt
  46- modules_disabled
  47- msg_next_id		      [ sysv ipc ]
  48- msgmax
  49- msgmnb
  50- msgmni
  51- nmi_watchdog
  52- osrelease
  53- ostype
  54- overflowgid
  55- overflowuid
  56- panic
  57- panic_on_oops
  58- panic_on_stackoverflow
  59- panic_on_unrecovered_nmi
  60- panic_on_warn
  61- panic_on_rcu_stall
  62- perf_cpu_time_max_percent
  63- perf_event_paranoid
  64- perf_event_max_stack
  65- perf_event_mlock_kb
  66- perf_event_max_contexts_per_stack
  67- pid_max
  68- powersave-nap               [ PPC only ]
  69- printk
  70- printk_delay
  71- printk_ratelimit
  72- printk_ratelimit_burst
  73- pty                         ==> Documentation/filesystems/devpts.txt
  74- randomize_va_space
  75- real-root-dev               ==> Documentation/admin-guide/initrd.rst
  76- reboot-cmd                  [ SPARC only ]
  77- rtsig-max
  78- rtsig-nr
  79- seccomp/                    ==> Documentation/userspace-api/seccomp_filter.rst
  80- sem
  81- sem_next_id		      [ sysv ipc ]
  82- sg-big-buff                 [ generic SCSI device (sg) ]
  83- shm_next_id		      [ sysv ipc ]
  84- shm_rmid_forced
  85- shmall
  86- shmmax                      [ sysv ipc ]
  87- shmmni
  88- softlockup_all_cpu_backtrace
  89- soft_watchdog
  90- stop-a                      [ SPARC only ]
  91- sysrq                       ==> Documentation/admin-guide/sysrq.rst
  92- sysctl_writes_strict
  93- tainted
  94- threads-max
  95- unknown_nmi_panic
  96- watchdog
  97- watchdog_thresh
  98- version
  99
 100==============================================================
 101
 102acct:
 103
 104highwater lowwater frequency
 105
 106If BSD-style process accounting is enabled these values control
 107its behaviour. If free space on filesystem where the log lives
 108goes below <lowwater>% accounting suspends. If free space gets
 109above <highwater>% accounting resumes. <Frequency> determines
 110how often do we check the amount of free space (value is in
 111seconds). Default:
 1124 2 30
 113That is, suspend accounting if there left <= 2% free; resume it
 114if we got >=4%; consider information about amount of free space
 115valid for 30 seconds.
 116
 117==============================================================
 118
 119acpi_video_flags:
 120
 121flags
 122
 123See Doc*/kernel/power/video.txt, it allows mode of video boot to be
 124set during run time.
 125
 126==============================================================
 127
 128auto_msgmni:
 129
 130This variable has no effect and may be removed in future kernel
 131releases. Reading it always returns 0.
 132Up to Linux 3.17, it enabled/disabled automatic recomputing of msgmni
 133upon memory add/remove or upon ipc namespace creation/removal.
 134Echoing "1" into this file enabled msgmni automatic recomputing.
 135Echoing "0" turned it off. auto_msgmni default value was 1.
 136
 137
 138==============================================================
 139
 140bootloader_type:
 141
 142x86 bootloader identification
 143
 144This gives the bootloader type number as indicated by the bootloader,
 145shifted left by 4, and OR'd with the low four bits of the bootloader
 146version.  The reason for this encoding is that this used to match the
 147type_of_loader field in the kernel header; the encoding is kept for
 148backwards compatibility.  That is, if the full bootloader type number
 149is 0x15 and the full version number is 0x234, this file will contain
 150the value 340 = 0x154.
 151
 152See the type_of_loader and ext_loader_type fields in
 153Documentation/x86/boot.txt for additional information.
 154
 155==============================================================
 156
 157bootloader_version:
 158
 159x86 bootloader version
 160
 161The complete bootloader version number.  In the example above, this
 162file will contain the value 564 = 0x234.
 163
 164See the type_of_loader and ext_loader_ver fields in
 165Documentation/x86/boot.txt for additional information.
 166
 167==============================================================
 168
 169callhome:
 170
 171Controls the kernel's callhome behavior in case of a kernel panic.
 172
 173The s390 hardware allows an operating system to send a notification
 174to a service organization (callhome) in case of an operating system panic.
 175
 176When the value in this file is 0 (which is the default behavior)
 177nothing happens in case of a kernel panic. If this value is set to "1"
 178the complete kernel oops message is send to the IBM customer service
 179organization in case the mainframe the Linux operating system is running
 180on has a service contract with IBM.
 181
 182==============================================================
 183
 184cap_last_cap
 185
 186Highest valid capability of the running kernel.  Exports
 187CAP_LAST_CAP from the kernel.
 188
 189==============================================================
 190
 191core_pattern:
 192
 193core_pattern is used to specify a core dumpfile pattern name.
 194. max length 128 characters; default value is "core"
 195. core_pattern is used as a pattern template for the output filename;
 196  certain string patterns (beginning with '%') are substituted with
 197  their actual values.
 198. backward compatibility with core_uses_pid:
 199	If core_pattern does not include "%p" (default does not)
 200	and core_uses_pid is set, then .PID will be appended to
 201	the filename.
 202. corename format specifiers:
 203	%<NUL>	'%' is dropped
 204	%%	output one '%'
 205	%p	pid
 206	%P	global pid (init PID namespace)
 207	%i	tid
 208	%I	global tid (init PID namespace)
 209	%u	uid (in initial user namespace)
 210	%g	gid (in initial user namespace)
 211	%d	dump mode, matches PR_SET_DUMPABLE and
 212		/proc/sys/fs/suid_dumpable
 213	%s	signal number
 214	%t	UNIX time of dump
 215	%h	hostname
 216	%e	executable filename (may be shortened)
 217	%E	executable path
 218	%<OTHER> both are dropped
 219. If the first character of the pattern is a '|', the kernel will treat
 220  the rest of the pattern as a command to run.  The core dump will be
 221  written to the standard input of that program instead of to a file.
 222
 223==============================================================
 224
 225core_pipe_limit:
 226
 227This sysctl is only applicable when core_pattern is configured to pipe
 228core files to a user space helper (when the first character of
 229core_pattern is a '|', see above).  When collecting cores via a pipe
 230to an application, it is occasionally useful for the collecting
 231application to gather data about the crashing process from its
 232/proc/pid directory.  In order to do this safely, the kernel must wait
 233for the collecting process to exit, so as not to remove the crashing
 234processes proc files prematurely.  This in turn creates the
 235possibility that a misbehaving userspace collecting process can block
 236the reaping of a crashed process simply by never exiting.  This sysctl
 237defends against that.  It defines how many concurrent crashing
 238processes may be piped to user space applications in parallel.  If
 239this value is exceeded, then those crashing processes above that value
 240are noted via the kernel log and their cores are skipped.  0 is a
 241special value, indicating that unlimited processes may be captured in
 242parallel, but that no waiting will take place (i.e. the collecting
 243process is not guaranteed access to /proc/<crashing pid>/).  This
 244value defaults to 0.
 245
 246==============================================================
 247
 248core_uses_pid:
 249
 250The default coredump filename is "core".  By setting
 251core_uses_pid to 1, the coredump filename becomes core.PID.
 252If core_pattern does not include "%p" (default does not)
 253and core_uses_pid is set, then .PID will be appended to
 254the filename.
 255
 256==============================================================
 257
 258ctrl-alt-del:
 259
 260When the value in this file is 0, ctrl-alt-del is trapped and
 261sent to the init(1) program to handle a graceful restart.
 262When, however, the value is > 0, Linux's reaction to a Vulcan
 263Nerve Pinch (tm) will be an immediate reboot, without even
 264syncing its dirty buffers.
 265
 266Note: when a program (like dosemu) has the keyboard in 'raw'
 267mode, the ctrl-alt-del is intercepted by the program before it
 268ever reaches the kernel tty layer, and it's up to the program
 269to decide what to do with it.
 270
 271==============================================================
 272
 273dmesg_restrict:
 274
 275This toggle indicates whether unprivileged users are prevented
 276from using dmesg(8) to view messages from the kernel's log buffer.
 277When dmesg_restrict is set to (0) there are no restrictions. When
 278dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use
 279dmesg(8).
 280
 281The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the
 282default value of dmesg_restrict.
 283
 284==============================================================
 285
 286domainname & hostname:
 287
 288These files can be used to set the NIS/YP domainname and the
 289hostname of your box in exactly the same way as the commands
 290domainname and hostname, i.e.:
 291# echo "darkstar" > /proc/sys/kernel/hostname
 292# echo "mydomain" > /proc/sys/kernel/domainname
 293has the same effect as
 294# hostname "darkstar"
 295# domainname "mydomain"
 296
 297Note, however, that the classic darkstar.frop.org has the
 298hostname "darkstar" and DNS (Internet Domain Name Server)
 299domainname "frop.org", not to be confused with the NIS (Network
 300Information Service) or YP (Yellow Pages) domainname. These two
 301domain names are in general different. For a detailed discussion
 302see the hostname(1) man page.
 303
 304==============================================================
 305hardlockup_all_cpu_backtrace:
 306
 307This value controls the hard lockup detector behavior when a hard
 308lockup condition is detected as to whether or not to gather further
 309debug information. If enabled, arch-specific all-CPU stack dumping
 310will be initiated.
 311
 3120: do nothing. This is the default behavior.
 313
 3141: on detection capture more debug information.
 315==============================================================
 316
 317hardlockup_panic:
 318
 319This parameter can be used to control whether the kernel panics
 320when a hard lockup is detected.
 321
 322   0 - don't panic on hard lockup
 323   1 - panic on hard lockup
 324
 325See Documentation/lockup-watchdogs.txt for more information.  This can
 326also be set using the nmi_watchdog kernel parameter.
 327
 328==============================================================
 329
 330hotplug:
 331
 332Path for the hotplug policy agent.
 333Default value is "/sbin/hotplug".
 334
 335==============================================================
 336
 337hung_task_panic:
 338
 339Controls the kernel's behavior when a hung task is detected.
 340This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 341
 3420: continue operation. This is the default behavior.
 343
 3441: panic immediately.
 345
 346==============================================================
 347
 348hung_task_check_count:
 349
 350The upper bound on the number of tasks that are checked.
 351This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 352
 353==============================================================
 354
 355hung_task_timeout_secs:
 356
 357Check interval. When a task in D state did not get scheduled
 358for more than this value report a warning.
 359This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 360
 3610: means infinite timeout - no checking done.
 362Possible values to set are in range {0..LONG_MAX/HZ}.
 363
 364==============================================================
 365
 366hung_task_warnings:
 367
 368The maximum number of warnings to report. During a check interval
 369if a hung task is detected, this value is decreased by 1.
 370When this value reaches 0, no more warnings will be reported.
 371This file shows up if CONFIG_DETECT_HUNG_TASK is enabled.
 372
 373-1: report an infinite number of warnings.
 374
 375==============================================================
 376
 377kexec_load_disabled:
 378
 379A toggle indicating if the kexec_load syscall has been disabled. This
 380value defaults to 0 (false: kexec_load enabled), but can be set to 1
 381(true: kexec_load disabled). Once true, kexec can no longer be used, and
 382the toggle cannot be set back to false. This allows a kexec image to be
 383loaded before disabling the syscall, allowing a system to set up (and
 384later use) an image without it being altered. Generally used together
 385with the "modules_disabled" sysctl.
 386
 387==============================================================
 388
 389kptr_restrict:
 390
 391This toggle indicates whether restrictions are placed on
 392exposing kernel addresses via /proc and other interfaces.
 393
 394When kptr_restrict is set to 0 (the default) the address is hashed before
 395printing. (This is the equivalent to %p.)
 396
 397When kptr_restrict is set to (1), kernel pointers printed using the %pK
 398format specifier will be replaced with 0's unless the user has CAP_SYSLOG
 399and effective user and group ids are equal to the real ids. This is
 400because %pK checks are done at read() time rather than open() time, so
 401if permissions are elevated between the open() and the read() (e.g via
 402a setuid binary) then %pK will not leak kernel pointers to unprivileged
 403users. Note, this is a temporary solution only. The correct long-term
 404solution is to do the permission checks at open() time. Consider removing
 405world read permissions from files that use %pK, and using dmesg_restrict
 406to protect against uses of %pK in dmesg(8) if leaking kernel pointer
 407values to unprivileged users is a concern.
 408
 409When kptr_restrict is set to (2), kernel pointers printed using
 410%pK will be replaced with 0's regardless of privileges.
 411
 412==============================================================
 413
 414l2cr: (PPC only)
 415
 416This flag controls the L2 cache of G3 processor boards. If
 4170, the cache is disabled. Enabled if nonzero.
 418
 419==============================================================
 420
 421modules_disabled:
 422
 423A toggle value indicating if modules are allowed to be loaded
 424in an otherwise modular kernel.  This toggle defaults to off
 425(0), but can be set true (1).  Once true, modules can be
 426neither loaded nor unloaded, and the toggle cannot be set back
 427to false.  Generally used with the "kexec_load_disabled" toggle.
 428
 429==============================================================
 430
 431msg_next_id, sem_next_id, and shm_next_id:
 432
 433These three toggles allows to specify desired id for next allocated IPC
 434object: message, semaphore or shared memory respectively.
 435
 436By default they are equal to -1, which means generic allocation logic.
 437Possible values to set are in range {0..INT_MAX}.
 438
 439Notes:
 4401) kernel doesn't guarantee, that new object will have desired id. So,
 441it's up to userspace, how to handle an object with "wrong" id.
 4422) Toggle with non-default value will be set back to -1 by kernel after
 443successful IPC object allocation.
 444
 445==============================================================
 446
 447nmi_watchdog:
 448
 449This parameter can be used to control the NMI watchdog
 450(i.e. the hard lockup detector) on x86 systems.
 451
 452   0 - disable the hard lockup detector
 453   1 - enable the hard lockup detector
 454
 455The hard lockup detector monitors each CPU for its ability to respond to
 456timer interrupts. The mechanism utilizes CPU performance counter registers
 457that are programmed to generate Non-Maskable Interrupts (NMIs) periodically
 458while a CPU is busy. Hence, the alternative name 'NMI watchdog'.
 459
 460The NMI watchdog is disabled by default if the kernel is running as a guest
 461in a KVM virtual machine. This default can be overridden by adding
 462
 463   nmi_watchdog=1
 464
 465to the guest kernel command line (see Documentation/admin-guide/kernel-parameters.rst).
 466
 467==============================================================
 468
 469numa_balancing
 470
 471Enables/disables automatic page fault based NUMA memory
 472balancing. Memory is moved automatically to nodes
 473that access it often.
 474
 475Enables/disables automatic NUMA memory balancing. On NUMA machines, there
 476is a performance penalty if remote memory is accessed by a CPU. When this
 477feature is enabled the kernel samples what task thread is accessing memory
 478by periodically unmapping pages and later trapping a page fault. At the
 479time of the page fault, it is determined if the data being accessed should
 480be migrated to a local memory node.
 481
 482The unmapping of pages and trapping faults incur additional overhead that
 483ideally is offset by improved memory locality but there is no universal
 484guarantee. If the target workload is already bound to NUMA nodes then this
 485feature should be disabled. Otherwise, if the system overhead from the
 486feature is too high then the rate the kernel samples for NUMA hinting
 487faults may be controlled by the numa_balancing_scan_period_min_ms,
 488numa_balancing_scan_delay_ms, numa_balancing_scan_period_max_ms,
 489numa_balancing_scan_size_mb, and numa_balancing_settle_count sysctls.
 490
 491==============================================================
 492
 493numa_balancing_scan_period_min_ms, numa_balancing_scan_delay_ms,
 494numa_balancing_scan_period_max_ms, numa_balancing_scan_size_mb
 495
 496Automatic NUMA balancing scans tasks address space and unmaps pages to
 497detect if pages are properly placed or if the data should be migrated to a
 498memory node local to where the task is running.  Every "scan delay" the task
 499scans the next "scan size" number of pages in its address space. When the
 500end of the address space is reached the scanner restarts from the beginning.
 501
 502In combination, the "scan delay" and "scan size" determine the scan rate.
 503When "scan delay" decreases, the scan rate increases.  The scan delay and
 504hence the scan rate of every task is adaptive and depends on historical
 505behaviour. If pages are properly placed then the scan delay increases,
 506otherwise the scan delay decreases.  The "scan size" is not adaptive but
 507the higher the "scan size", the higher the scan rate.
 508
 509Higher scan rates incur higher system overhead as page faults must be
 510trapped and potentially data must be migrated. However, the higher the scan
 511rate, the more quickly a tasks memory is migrated to a local node if the
 512workload pattern changes and minimises performance impact due to remote
 513memory accesses. These sysctls control the thresholds for scan delays and
 514the number of pages scanned.
 515
 516numa_balancing_scan_period_min_ms is the minimum time in milliseconds to
 517scan a tasks virtual memory. It effectively controls the maximum scanning
 518rate for each task.
 519
 520numa_balancing_scan_delay_ms is the starting "scan delay" used for a task
 521when it initially forks.
 522
 523numa_balancing_scan_period_max_ms is the maximum time in milliseconds to
 524scan a tasks virtual memory. It effectively controls the minimum scanning
 525rate for each task.
 526
 527numa_balancing_scan_size_mb is how many megabytes worth of pages are
 528scanned for a given scan.
 529
 530==============================================================
 531
 532osrelease, ostype & version:
 533
 534# cat osrelease
 5352.1.88
 536# cat ostype
 537Linux
 538# cat version
 539#5 Wed Feb 25 21:49:24 MET 1998
 540
 541The files osrelease and ostype should be clear enough. Version
 542needs a little more clarification however. The '#5' means that
 543this is the fifth kernel built from this source base and the
 544date behind it indicates the time the kernel was built.
 545The only way to tune these values is to rebuild the kernel :-)
 546
 547==============================================================
 548
 549overflowgid & overflowuid:
 550
 551if your architecture did not always support 32-bit UIDs (i.e. arm,
 552i386, m68k, sh, and sparc32), a fixed UID and GID will be returned to
 553applications that use the old 16-bit UID/GID system calls, if the
 554actual UID or GID would exceed 65535.
 555
 556These sysctls allow you to change the value of the fixed UID and GID.
 557The default is 65534.
 558
 559==============================================================
 560
 561panic:
 562
 563The value in this file represents the number of seconds the kernel
 564waits before rebooting on a panic. When you use the software watchdog,
 565the recommended setting is 60.
 566
 567==============================================================
 568
 569panic_on_io_nmi:
 570
 571Controls the kernel's behavior when a CPU receives an NMI caused by
 572an IO error.
 573
 5740: try to continue operation (default)
 575
 5761: panic immediately. The IO error triggered an NMI. This indicates a
 577   serious system condition which could result in IO data corruption.
 578   Rather than continuing, panicking might be a better choice. Some
 579   servers issue this sort of NMI when the dump button is pushed,
 580   and you can use this option to take a crash dump.
 581
 582==============================================================
 583
 584panic_on_oops:
 585
 586Controls the kernel's behaviour when an oops or BUG is encountered.
 587
 5880: try to continue operation
 589
 5901: panic immediately.  If the `panic' sysctl is also non-zero then the
 591   machine will be rebooted.
 592
 593==============================================================
 594
 595panic_on_stackoverflow:
 596
 597Controls the kernel's behavior when detecting the overflows of
 598kernel, IRQ and exception stacks except a user stack.
 599This file shows up if CONFIG_DEBUG_STACKOVERFLOW is enabled.
 600
 6010: try to continue operation.
 602
 6031: panic immediately.
 604
 605==============================================================
 606
 607panic_on_unrecovered_nmi:
 608
 609The default Linux behaviour on an NMI of either memory or unknown is
 610to continue operation. For many environments such as scientific
 611computing it is preferable that the box is taken out and the error
 612dealt with than an uncorrected parity/ECC error get propagated.
 613
 614A small number of systems do generate NMI's for bizarre random reasons
 615such as power management so the default is off. That sysctl works like
 616the existing panic controls already in that directory.
 617
 618==============================================================
 619
 620panic_on_warn:
 621
 622Calls panic() in the WARN() path when set to 1.  This is useful to avoid
 623a kernel rebuild when attempting to kdump at the location of a WARN().
 624
 6250: only WARN(), default behaviour.
 626
 6271: call panic() after printing out WARN() location.
 628
 629==============================================================
 630
 631panic_on_rcu_stall:
 632
 633When set to 1, calls panic() after RCU stall detection messages. This
 634is useful to define the root cause of RCU stalls using a vmcore.
 635
 6360: do not panic() when RCU stall takes place, default behavior.
 637
 6381: panic() after printing RCU stall messages.
 639
 640==============================================================
 641
 642perf_cpu_time_max_percent:
 643
 644Hints to the kernel how much CPU time it should be allowed to
 645use to handle perf sampling events.  If the perf subsystem
 646is informed that its samples are exceeding this limit, it
 647will drop its sampling frequency to attempt to reduce its CPU
 648usage.
 649
 650Some perf sampling happens in NMIs.  If these samples
 651unexpectedly take too long to execute, the NMIs can become
 652stacked up next to each other so much that nothing else is
 653allowed to execute.
 654
 6550: disable the mechanism.  Do not monitor or correct perf's
 656   sampling rate no matter how CPU time it takes.
 657
 6581-100: attempt to throttle perf's sample rate to this
 659   percentage of CPU.  Note: the kernel calculates an
 660   "expected" length of each sample event.  100 here means
 661   100% of that expected length.  Even if this is set to
 662   100, you may still see sample throttling if this
 663   length is exceeded.  Set to 0 if you truly do not care
 664   how much CPU is consumed.
 665
 666==============================================================
 667
 668perf_event_paranoid:
 669
 670Controls use of the performance events system by unprivileged
 671users (without CAP_SYS_ADMIN).  The default value is 2.
 672
 673 -1: Allow use of (almost) all events by all users
 674     Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK
 675>=0: Disallow ftrace function tracepoint by users without CAP_SYS_ADMIN
 676     Disallow raw tracepoint access by users without CAP_SYS_ADMIN
 677>=1: Disallow CPU event access by users without CAP_SYS_ADMIN
 678>=2: Disallow kernel profiling by users without CAP_SYS_ADMIN
 679
 680==============================================================
 681
 682perf_event_max_stack:
 683
 684Controls maximum number of stack frames to copy for (attr.sample_type &
 685PERF_SAMPLE_CALLCHAIN) configured events, for instance, when using
 686'perf record -g' or 'perf trace --call-graph fp'.
 687
 688This can only be done when no events are in use that have callchains
 689enabled, otherwise writing to this file will return -EBUSY.
 690
 691The default value is 127.
 692
 693==============================================================
 694
 695perf_event_mlock_kb:
 696
 697Control size of per-cpu ring buffer not counted agains mlock limit.
 698
 699The default value is 512 + 1 page
 700
 701==============================================================
 702
 703perf_event_max_contexts_per_stack:
 704
 705Controls maximum number of stack frame context entries for
 706(attr.sample_type & PERF_SAMPLE_CALLCHAIN) configured events, for
 707instance, when using 'perf record -g' or 'perf trace --call-graph fp'.
 708
 709This can only be done when no events are in use that have callchains
 710enabled, otherwise writing to this file will return -EBUSY.
 711
 712The default value is 8.
 713
 714==============================================================
 715
 716pid_max:
 717
 718PID allocation wrap value.  When the kernel's next PID value
 719reaches this value, it wraps back to a minimum PID value.
 720PIDs of value pid_max or larger are not allocated.
 721
 722==============================================================
 723
 724ns_last_pid:
 725
 726The last pid allocated in the current (the one task using this sysctl
 727lives in) pid namespace. When selecting a pid for a next task on fork
 728kernel tries to allocate a number starting from this one.
 729
 730==============================================================
 731
 732powersave-nap: (PPC only)
 733
 734If set, Linux-PPC will use the 'nap' mode of powersaving,
 735otherwise the 'doze' mode will be used.
 736
 737==============================================================
 738
 739printk:
 740
 741The four values in printk denote: console_loglevel,
 742default_message_loglevel, minimum_console_loglevel and
 743default_console_loglevel respectively.
 744
 745These values influence printk() behavior when printing or
 746logging error messages. See 'man 2 syslog' for more info on
 747the different loglevels.
 748
 749- console_loglevel: messages with a higher priority than
 750  this will be printed to the console
 751- default_message_loglevel: messages without an explicit priority
 752  will be printed with this priority
 753- minimum_console_loglevel: minimum (highest) value to which
 754  console_loglevel can be set
 755- default_console_loglevel: default value for console_loglevel
 756
 757==============================================================
 758
 759printk_delay:
 760
 761Delay each printk message in printk_delay milliseconds
 762
 763Value from 0 - 10000 is allowed.
 764
 765==============================================================
 766
 767printk_ratelimit:
 768
 769Some warning messages are rate limited. printk_ratelimit specifies
 770the minimum length of time between these messages (in jiffies), by
 771default we allow one every 5 seconds.
 772
 773A value of 0 will disable rate limiting.
 774
 775==============================================================
 776
 777printk_ratelimit_burst:
 778
 779While long term we enforce one message per printk_ratelimit
 780seconds, we do allow a burst of messages to pass through.
 781printk_ratelimit_burst specifies the number of messages we can
 782send before ratelimiting kicks in.
 783
 784==============================================================
 785
 786printk_devkmsg:
 787
 788Control the logging to /dev/kmsg from userspace:
 789
 790ratelimit: default, ratelimited
 791on: unlimited logging to /dev/kmsg from userspace
 792off: logging to /dev/kmsg disabled
 793
 794The kernel command line parameter printk.devkmsg= overrides this and is
 795a one-time setting until next reboot: once set, it cannot be changed by
 796this sysctl interface anymore.
 797
 798==============================================================
 799
 800randomize_va_space:
 801
 802This option can be used to select the type of process address
 803space randomization that is used in the system, for architectures
 804that support this feature.
 805
 8060 - Turn the process address space randomization off.  This is the
 807    default for architectures that do not support this feature anyways,
 808    and kernels that are booted with the "norandmaps" parameter.
 809
 8101 - Make the addresses of mmap base, stack and VDSO page randomized.
 811    This, among other things, implies that shared libraries will be
 812    loaded to random addresses.  Also for PIE-linked binaries, the
 813    location of code start is randomized.  This is the default if the
 814    CONFIG_COMPAT_BRK option is enabled.
 815
 8162 - Additionally enable heap randomization.  This is the default if
 817    CONFIG_COMPAT_BRK is disabled.
 818
 819    There are a few legacy applications out there (such as some ancient
 820    versions of libc.so.5 from 1996) that assume that brk area starts
 821    just after the end of the code+bss.  These applications break when
 822    start of the brk area is randomized.  There are however no known
 823    non-legacy applications that would be broken this way, so for most
 824    systems it is safe to choose full randomization.
 825
 826    Systems with ancient and/or broken binaries should be configured
 827    with CONFIG_COMPAT_BRK enabled, which excludes the heap from process
 828    address space randomization.
 829
 830==============================================================
 831
 832reboot-cmd: (Sparc only)
 833
 834??? This seems to be a way to give an argument to the Sparc
 835ROM/Flash boot loader. Maybe to tell it what to do after
 836rebooting. ???
 837
 838==============================================================
 839
 840rtsig-max & rtsig-nr:
 841
 842The file rtsig-max can be used to tune the maximum number
 843of POSIX realtime (queued) signals that can be outstanding
 844in the system.
 845
 846rtsig-nr shows the number of RT signals currently queued.
 847
 848==============================================================
 849
 850sched_schedstats:
 851
 852Enables/disables scheduler statistics. Enabling this feature
 853incurs a small amount of overhead in the scheduler but is
 854useful for debugging and performance tuning.
 855
 856==============================================================
 857
 858sg-big-buff:
 859
 860This file shows the size of the generic SCSI (sg) buffer.
 861You can't tune it just yet, but you could change it on
 862compile time by editing include/scsi/sg.h and changing
 863the value of SG_BIG_BUFF.
 864
 865There shouldn't be any reason to change this value. If
 866you can come up with one, you probably know what you
 867are doing anyway :)
 868
 869==============================================================
 870
 871shmall:
 872
 873This parameter sets the total amount of shared memory pages that
 874can be used system wide. Hence, SHMALL should always be at least
 875ceil(shmmax/PAGE_SIZE).
 876
 877If you are not sure what the default PAGE_SIZE is on your Linux
 878system, you can run the following command:
 879
 880# getconf PAGE_SIZE
 881
 882==============================================================
 883
 884shmmax:
 885
 886This value can be used to query and set the run time limit
 887on the maximum shared memory segment size that can be created.
 888Shared memory segments up to 1Gb are now supported in the
 889kernel.  This value defaults to SHMMAX.
 890
 891==============================================================
 892
 893shm_rmid_forced:
 894
 895Linux lets you set resource limits, including how much memory one
 896process can consume, via setrlimit(2).  Unfortunately, shared memory
 897segments are allowed to exist without association with any process, and
 898thus might not be counted against any resource limits.  If enabled,
 899shared memory segments are automatically destroyed when their attach
 900count becomes zero after a detach or a process termination.  It will
 901also destroy segments that were created, but never attached to, on exit
 902from the process.  The only use left for IPC_RMID is to immediately
 903destroy an unattached segment.  Of course, this breaks the way things are
 904defined, so some applications might stop working.  Note that this
 905feature will do you no good unless you also configure your resource
 906limits (in particular, RLIMIT_AS and RLIMIT_NPROC).  Most systems don't
 907need this.
 908
 909Note that if you change this from 0 to 1, already created segments
 910without users and with a dead originative process will be destroyed.
 911
 912==============================================================
 913
 914sysctl_writes_strict:
 915
 916Control how file position affects the behavior of updating sysctl values
 917via the /proc/sys interface:
 918
 919  -1 - Legacy per-write sysctl value handling, with no printk warnings.
 920       Each write syscall must fully contain the sysctl value to be
 921       written, and multiple writes on the same sysctl file descriptor
 922       will rewrite the sysctl value, regardless of file position.
 923   0 - Same behavior as above, but warn about processes that perform writes
 924       to a sysctl file descriptor when the file position is not 0.
 925   1 - (default) Respect file position when writing sysctl strings. Multiple
 926       writes will append to the sysctl value buffer. Anything past the max
 927       length of the sysctl value buffer will be ignored. Writes to numeric
 928       sysctl entries must always be at file position 0 and the value must
 929       be fully contained in the buffer sent in the write syscall.
 930
 931==============================================================
 932
 933softlockup_all_cpu_backtrace:
 934
 935This value controls the soft lockup detector thread's behavior
 936when a soft lockup condition is detected as to whether or not
 937to gather further debug information. If enabled, each cpu will
 938be issued an NMI and instructed to capture stack trace.
 939
 940This feature is only applicable for architectures which support
 941NMI.
 942
 9430: do nothing. This is the default behavior.
 944
 9451: on detection capture more debug information.
 946
 947==============================================================
 948
 949soft_watchdog
 950
 951This parameter can be used to control the soft lockup detector.
 952
 953   0 - disable the soft lockup detector
 954   1 - enable the soft lockup detector
 955
 956The soft lockup detector monitors CPUs for threads that are hogging the CPUs
 957without rescheduling voluntarily, and thus prevent the 'watchdog/N' threads
 958from running. The mechanism depends on the CPUs ability to respond to timer
 959interrupts which are needed for the 'watchdog/N' threads to be woken up by
 960the watchdog timer function, otherwise the NMI watchdog - if enabled - can
 961detect a hard lockup condition.
 962
 963==============================================================
 964
 965tainted:
 966
 967Non-zero if the kernel has been tainted.  Numeric values, which
 968can be ORed together:
 969
 970   1 - A module with a non-GPL license has been loaded, this
 971       includes modules with no license.
 972       Set by modutils >= 2.4.9 and module-init-tools.
 973   2 - A module was force loaded by insmod -f.
 974       Set by modutils >= 2.4.9 and module-init-tools.
 975   4 - Unsafe SMP processors: SMP with CPUs not designed for SMP.
 976   8 - A module was forcibly unloaded from the system by rmmod -f.
 977  16 - A hardware machine check error occurred on the system.
 978  32 - A bad page was discovered on the system.
 979  64 - The user has asked that the system be marked "tainted".  This
 980       could be because they are running software that directly modifies
 981       the hardware, or for other reasons.
 982 128 - The system has died.
 983 256 - The ACPI DSDT has been overridden with one supplied by the user
 984        instead of using the one provided by the hardware.
 985 512 - A kernel warning has occurred.
 9861024 - A module from drivers/staging was loaded.
 9872048 - The system is working around a severe firmware bug.
 9884096 - An out-of-tree module has been loaded.
 9898192 - An unsigned module has been loaded in a kernel supporting module
 990       signature.
 99116384 - A soft lockup has previously occurred on the system.
 99232768 - The kernel has been live patched.
 993
 994==============================================================
 995
 996threads-max
 997
 998This value controls the maximum number of threads that can be created
 999using fork().
1000
1001During initialization the kernel sets this value such that even if the
1002maximum number of threads is created, the thread structures occupy only
1003a part (1/8th) of the available RAM pages.
1004
1005The minimum value that can be written to threads-max is 20.
1006The maximum value that can be written to threads-max is given by the
1007constant FUTEX_TID_MASK (0x3fffffff).
1008If a value outside of this range is written to threads-max an error
1009EINVAL occurs.
1010
1011The value written is checked against the available RAM pages. If the
1012thread structures would occupy too much (more than 1/8th) of the
1013available RAM pages threads-max is reduced accordingly.
1014
1015==============================================================
1016
1017unknown_nmi_panic:
1018
1019The value in this file affects behavior of handling NMI. When the
1020value is non-zero, unknown NMI is trapped and then panic occurs. At
1021that time, kernel debugging information is displayed on console.
1022
1023NMI switch that most IA32 servers have fires unknown NMI up, for
1024example.  If a system hangs up, try pressing the NMI switch.
1025
1026==============================================================
1027
1028watchdog:
1029
1030This parameter can be used to disable or enable the soft lockup detector
1031_and_ the NMI watchdog (i.e. the hard lockup detector) at the same time.
1032
1033   0 - disable both lockup detectors
1034   1 - enable both lockup detectors
1035
1036The soft lockup detector and the NMI watchdog can also be disabled or
1037enabled individually, using the soft_watchdog and nmi_watchdog parameters.
1038If the watchdog parameter is read, for example by executing
1039
1040   cat /proc/sys/kernel/watchdog
1041
1042the output of this command (0 or 1) shows the logical OR of soft_watchdog
1043and nmi_watchdog.
1044
1045==============================================================
1046
1047watchdog_cpumask:
1048
1049This value can be used to control on which cpus the watchdog may run.
1050The default cpumask is all possible cores, but if NO_HZ_FULL is
1051enabled in the kernel config, and cores are specified with the
1052nohz_full= boot argument, those cores are excluded by default.
1053Offline cores can be included in this mask, and if the core is later
1054brought online, the watchdog will be started based on the mask value.
1055
1056Typically this value would only be touched in the nohz_full case
1057to re-enable cores that by default were not running the watchdog,
1058if a kernel lockup was suspected on those cores.
1059
1060The argument value is the standard cpulist format for cpumasks,
1061so for example to enable the watchdog on cores 0, 2, 3, and 4 you
1062might say:
1063
1064  echo 0,2-4 > /proc/sys/kernel/watchdog_cpumask
1065
1066==============================================================
1067
1068watchdog_thresh:
1069
1070This value can be used to control the frequency of hrtimer and NMI
1071events and the soft and hard lockup thresholds. The default threshold
1072is 10 seconds.
1073
1074The softlockup threshold is (2 * watchdog_thresh). Setting this
1075tunable to zero will disable lockup detection altogether.
1076
1077==============================================================