1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and  the  default  if  this  mount
29                  option is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid]  directories  but  their  own  (the  /proc/[pid]
33                  directories  themselves  remain  visible).   Sensitive files
34                  such as /proc/[pid]/cmdline and /proc/[pid]/status  are  now
35                  protected  against other users.  This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an  attacker's  task  of  gathering
49                  information   about  running  processes  (e.g.,  discovering
50                  whether some daemon is  running  with  elevated  privileges,
51                  whether  another  user  is  running  some sensitive program,
52                  whether other users are running any program at all,  and  so
53                  on).
54
55       gid=gid (since Linux 3.3)
56              Specifies  the  ID  of  a  group whose members are authorized to
57              learn process information otherwise prohibited by hidepid (i.e.,
58              users  in  this  group  behave  as though /proc was mounted with
59              hidepid=0).  This group should be  used  instead  of  approaches
60              such as putting nonroot users into the sudoers(5) file.
61
62   Files and directories
63       The  following  list  describes many of the files and directories under
64       the /proc hierarchy.
65
66       /proc/[pid]
67              There is a numerical subdirectory for each running process;  the
68              subdirectory is named by the process ID.
69
70              Each  /proc/[pid]  subdirectory  contains  the  pseudo-files and
71              directories described below.  These files are normally owned  by
72              the  effective user and effective group ID of the process.  How‐
73              ever, as a security measure, the ownership is made root:root  if
74              the  process's "dumpable" attribute is set to a value other than
75              1.  This attribute may change for the following reasons:
76
77              *  The  attribute  was   explicitly   set   via   the   prctl(2)
78                 PR_SET_DUMPABLE operation.
79
80              *  The   attribute   was   reset   to  the  value  in  the  file
81                 /proc/sys/fs/suid_dumpable (described below), for the reasons
82                 described in prctl(2).
83
84              Resetting the "dumpable" attribute to 1 reverts the ownership of
85              the /proc/[pid]/* files to the process's real UID and real GID.
86
87       /proc/[pid]/attr
88              The files in this directory provide an API for security modules.
89              The  contents  of  this directory are files that can be read and
90              written in  order  to  set  security-related  attributes.   This
91              directory  was  added  to support SELinux, but the intention was
92              that the API be general enough to support  other  security  mod‐
93              ules.   For  the purpose of explanation, examples of how SELinux
94              uses these files are provided below.
95
96              This directory is present only if the kernel was configured with
97              CONFIG_SECURITY.
98
99       /proc/[pid]/attr/current (since Linux 2.6.0)
100              The  contents  of  this  file  represent  the  current  security
101              attributes of the process.
102
103              In SELinux, this file is used to get the security context  of  a
104              process.   Prior to Linux 2.6.11, this file could not be used to
105              set the security context (a  write  was  always  denied),  since
106              SELinux  limited  process security transitions to execve(2) (see
107              the description of /proc/[pid]/attr/exec, below).   Since  Linux
108              2.6.11,  SELinux  lifted  this  restriction and began supporting
109              "set" operations via writes to this node if authorized  by  pol‐
110              icy,  although use of this operation is only suitable for appli‐
111              cations that are trusted  to  maintain  any  desired  separation
112              between  the  old  and  new  security  contexts.  Prior to Linux
113              2.6.28, SELinux did not allow threads  within  a  multi-threaded
114              process  to set their security context via this node as it would
115              yield an  inconsistency  among  the  security  contexts  of  the
116              threads  sharing  the  same  memory  space.  Since Linux 2.6.28,
117              SELinux lifted this restriction and began supporting "set" oper‐
118              ations  for  threads  within  a multithreaded process if the new
119              security context is bounded by the old security  context,  where
120              the  bounded  relation  is defined in policy and guarantees that
121              the new security context has a subset of the permissions of  the
122              old security context.  Other security modules may choose to sup‐
123              port "set" operations via writes to this node.
124
125       /proc/[pid]/attr/exec (since Linux 2.6.0)
126              This file represents the attributes to  assign  to  the  process
127              upon a subsequent execve(2).
128
129              In  SELinux,  this is needed to support role/domain transitions,
130              and execve(2) is the preferred point to  make  such  transitions
131              because  it offers better control over the initialization of the
132              process in the new security label and the inheritance of  state.
133              In SELinux, this attribute is reset on execve(2) so that the new
134              program reverts to the default behavior for any execve(2)  calls
135              that  it  may  make.  In SELinux, a process can set only its own
136              /proc/[pid]/attr/exec attribute.
137
138       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
139              This file represents the attributes to assign to  files  created
140              by  subsequent  calls  to  open(2),  mkdir(2),  symlink(2),  and
141              mknod(2)
142
143              SELinux employs this file to support creation of a  file  (using
144              the  aforementioned  system  calls)  in  a secure state, so that
145              there is no risk of inappropriate access being obtained  between
146              the  time  of creation and the time that attributes are set.  In
147              SELinux, this attribute is reset on execve(2), so that  the  new
148              program  reverts  to  the default behavior for any file creation
149              calls it may make, but the attribute will persist across  multi‐
150              ple file creation calls within a program unless it is explicitly
151              reset.   In  SELinux,  a  process   can   set   only   its   own
152              /proc/[pid]/attr/fscreate attribute.
153
154       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
155              If  a process writes a security context into this file, all sub‐
156              sequently created keys (add_key(2)) will be  labeled  with  this
157              context.   For  further  information, see the kernel source file
158              Documentation/security/keys/core.rst   (or    file    Documenta‐
159              tion/security/keys.txt  on  Linux between 3.0 and 4.13, or Docu‐
160              mentation/keys.txt before Linux 3.0).
161
162       /proc/[pid]/attr/prev (since Linux 2.6.0)
163              This file contains the security context of  the  process  before
164              the   last   execve(2);   that   is,   the   previous  value  of
165              /proc/[pid]/attr/current.
166
167       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
168              If a process writes a security context into this file, all  sub‐
169              sequently created sockets will be labeled with this context.
170
171       /proc/[pid]/autogroup (since Linux 2.6.38)
172              See sched(7).
173
174       /proc/[pid]/auxv (since 2.6.0-test7)
175              This  contains  the  contents of the ELF interpreter information
176              passed to the process at exec time.  The format is one  unsigned
177              long  ID  plus one unsigned long value for each entry.  The last
178              entry contains two zeros.  See also getauxval(3).
179
180              Permission to access this file is governed by  a  ptrace  access
181              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
182
183       /proc/[pid]/cgroup (since Linux 2.6.24)
184              See cgroups(7).
185
186       /proc/[pid]/clear_refs (since Linux 2.6.22)
187
188              This  is  a  write-only  file,  writable  only  by  owner of the
189              process.
190
191              The following values may be written to the file:
192
193              1 (since Linux 2.6.22)
194                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
195                     the  pages  associated  with the process.  (Before kernel
196                     2.6.32, writing any nonzero value to this file  had  this
197                     effect.)
198
199              2 (since Linux 2.6.32)
200                     Reset  the  PG_Referenced and ACCESSED/YOUNG bits for all
201                     anonymous pages associated with the process.
202
203              3 (since Linux 2.6.32)
204                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
205                     file-mapped pages associated with the process.
206
207              Clearing  the  PG_Referenced  and ACCESSED/YOUNG bits provides a
208              method to measure approximately how much  memory  a  process  is
209              using.  One first inspects the values in the "Referenced" fields
210              for the VMAs shown in /proc/[pid]/smaps to get an  idea  of  the
211              memory  footprint of the process.  One then clears the PG_Refer‐
212              enced and ACCESSED/YOUNG bits  and,  after  some  measured  time
213              interval,  once  again  inspects  the values in the "Referenced"
214              fields to get an idea of the change in memory footprint  of  the
215              process during the measured interval.  If one is interested only
216              in inspecting the selected mapping types, then the value 2 or  3
217              can be used instead of 1.
218
219              Further values can be written to affect different properties:
220
221              4 (since Linux 3.11)
222                     Clear  the  soft-dirty  bit  for all the pages associated
223                     with the process.  This  is  used  (in  conjunction  with
224                     /proc/[pid]/pagemap) by the check-point restore system to
225                     discover which pages of a process have been dirtied since
226                     the file /proc/[pid]/clear_refs was written to.
227
228              5 (since Linux 4.0)
229                     Reset  the  peak resident set size ("high water mark") to
230                     the process's current resident set size value.
231
232              Writing any value to  /proc/[pid]/clear_refs  other  than  those
233              listed above has no effect.
234
235              The  /proc/[pid]/clear_refs  file  is  present  only if the CON‐
236              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
237
238       /proc/[pid]/cmdline
239              This read-only file holds the  complete  command  line  for  the
240              process,  unless  the  process is a zombie.  In the latter case,
241              there is nothing in this file: that is, a read on this file will
242              return  0 characters.  The command-line arguments appear in this
243              file as a set of strings separated by null bytes ('\0'), with  a
244              further null byte after the last string.
245
246       /proc/[pid]/comm (since Linux 2.6.33)
247              This  file exposes the process's comm value—that is, the command
248              name associated with the process.  Different threads in the same
249              process   may   have   different  comm  values,  accessible  via
250              /proc/[pid]/task/[tid]/comm.   A  thread  may  modify  its  comm
251              value,  or  that of any of other thread in the same thread group
252              (see the discussion of CLONE_THREAD in clone(2)), by writing  to
253              the   file   /proc/self/task/[tid]/comm.   Strings  longer  than
254              TASK_COMM_LEN (16) characters are silently truncated.
255
256              This file provides a superset of the  prctl(2)  PR_SET_NAME  and
257              PR_GET_NAME operations, and is employed by pthread_setname_np(3)
258              when used to rename threads other than the caller.
259
260       /proc/[pid]/coredump_filter (since Linux 2.6.23)
261              See core(5).
262
263       /proc/[pid]/cpuset (since Linux 2.6.12)
264              See cpuset(7).
265
266       /proc/[pid]/cwd
267              This is a symbolic link to the current working directory of  the
268              process.   To  find out the current working directory of process
269              20, for instance, you can do this:
270
271                  $ cd /proc/20/cwd; /bin/pwd
272
273              Note that the pwd command is often a shell built-in,  and  might
274              not work properly.  In bash(1), you may use pwd -P.
275
276              In  a  multithreaded process, the contents of this symbolic link
277              are not available if the  main  thread  has  already  terminated
278              (typically by calling pthread_exit(3)).
279
280              Permission  to  dereference  or read (readlink(2)) this symbolic
281              link    is    governed    by    a     ptrace     access     mode
282              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
283
284       /proc/[pid]/environ
285              This file contains the initial environment that was set when the
286              currently executing program  was  started  via  execve(2).   The
287              entries  are  separated by null bytes ('\0'), and there may be a
288              null byte at the end.  Thus, to print  out  the  environment  of
289              process 1, you would do:
290
291                  $ strings /proc/1/environ
292
293              If,  after  an  execve(2),  the process modifies its environment
294              (e.g., by calling functions such as putenv(3) or  modifying  the
295              environ(7)  variable directly), this file will not reflect those
296              changes.
297
298              Furthermore, a process may change the memory location that  this
299              file refers via prctl(2) operations such as PR_SET_MM_ENV_START.
300
301              Permission  to  access  this file is governed by a ptrace access
302              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
303
304       /proc/[pid]/exe
305              Under Linux 2.2 and later, this file is a symbolic link contain‐
306              ing  the actual pathname of the executed command.  This symbolic
307              link can be dereferenced normally; attempting to  open  it  will
308              open  the  executable.  You can even type /proc/[pid]/exe to run
309              another copy of the same executable that is being run by process
310              [pid].   If  the  pathname  has been unlinked, the symbolic link
311              will contain the string '(deleted)'  appended  to  the  original
312              pathname.  In a multithreaded process, the contents of this sym‐
313              bolic link are not available if the main thread has already ter‐
314              minated (typically by calling pthread_exit(3)).
315
316              Permission  to  dereference  or read (readlink(2)) this symbolic
317              link    is    governed    by    a     ptrace     access     mode
318              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
319
320              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the
321              binary which was executed, and appears as a  symbolic  link.   A
322              readlink(2)  call  on this file under Linux 2.0 returns a string
323              in the format:
324
325                  [device]:inode
326
327              For example, [0301]:1502 would be inode 1502 on device major  03
328              (IDE,  MFM,  etc. drives) minor 01 (first partition on the first
329              drive).
330
331              find(1) with the -inum option can be used to locate the file.
332
333       /proc/[pid]/fd/
334              This is a subdirectory containing one entry for each file  which
335              the process has open, named by its file descriptor, and which is
336              a symbolic link to the actual file.  Thus, 0 is standard  input,
337              1 standard output, 2 standard error, and so on.
338
339              For  file descriptors for pipes and sockets, the entries will be
340              symbolic links whose content is the file type with the inode.  A
341              readlink(2) call on this file returns a string in the format:
342
343                  type:[inode]
344
345              For  example, socket:[2248868] will be a socket and its inode is
346              2248868.  For sockets, that inode  can  be  used  to  find  more
347              information in one of the files under /proc/net/.
348
349              For  file  descriptors  that  have no corresponding inode (e.g.,
350              file   descriptors   produced   by   bpf(2),    epoll_create(2),
351              eventfd(2),  inotify_init(2),  perf_event_open(2),  signalfd(2),
352              timerfd_create(2), and userfaultfd(2)), the entry will be a sym‐
353              bolic link with contents of the form
354
355                  anon_inode:<file-type>
356
357              In  many  cases  (but  not  all), the file-type is surrounded by
358              square brackets.
359
360              For example, an epoll file descriptor will have a symbolic  link
361              whose content is the string anon_inode:[eventpoll].
362
363              In  a  multithreaded process, the contents of this directory are
364              not available if the main thread has already  terminated  (typi‐
365              cally by calling pthread_exit(3)).
366
367              Programs  that  take  a filename as a command-line argument, but
368              don't take input from standard input if no argument is supplied,
369              and  programs that write to a file named as a command-line argu‐
370              ment, but don't send their output to standard output if no argu‐
371              ment is supplied, can nevertheless be made to use standard input
372              or standard output by using /proc/[pid]/fd files as command-line
373              arguments.   For example, assuming that -i is the flag designat‐
374              ing an input file and -o is the flag designating an output file:
375
376                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
377
378              and you have a working filter.
379
380              /proc/self/fd/N is approximately the same as /dev/fd/N  in  some
381              UNIX and UNIX-like systems.  Most Linux MAKEDEV scripts symboli‐
382              cally link /dev/fd to /proc/self/fd, in fact.
383
384              Most systems provide symbolic links /dev/stdin, /dev/stdout, and
385              /dev/stderr, which respectively link to the files 0, 1, and 2 in
386              /proc/self/fd.  Thus the example command above could be  written
387              as:
388
389                  $ foobar -i /dev/stdin -o /dev/stdout ...
390
391              Permission  to  dereference  or  read (readlink(2)) the symbolic
392              links in this directory is governed  by  a  ptrace  access  mode
393              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
394
395              Note  that  for  file descriptors referring to inodes (pipes and
396              sockets, see above), those inodes still have permission bits and
397              ownership  information distinct from those of the /proc/[pid]/fd
398              entry, and that the owner may differ from the user and group IDs
399              of the process.  An unprivileged process may lack permissions to
400              open them, as in this example:
401
402                  $ echo test | sudo -u nobody cat
403                  test
404                  $ echo test | sudo -u nobody cat /proc/self/fd/0
405                  cat: /proc/self/fd/0: Permission denied
406
407              File descriptor 0 refers to the pipe created by  the  shell  and
408              owned by that shell's user, which is not nobody, so cat does not
409              have permission to create a new file  descriptor  to  read  from
410              that inode, even though it can still read from its existing file
411              descriptor 0.
412
413       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
414              This is a subdirectory containing one entry for each file  which
415              the  process  has open, named by its file descriptor.  The files
416              in this directory are readable only by the owner of the process.
417              The  contents  of  each  file  can be read to obtain information
418              about the corresponding file descriptor.  The content depends on
419              the  type of file referred to by the corresponding file descrip‐
420              tor.
421
422              For regular files and directories, we see something like:
423
424                  $ cat /proc/12015/fdinfo/4
425                  pos:    1000
426                  flags:  01002002
427                  mnt_id: 21
428
429              The fields are as follows:
430
431              pos    This is a decimal number showing the file offset.
432
433              flags  This is an octal number that  displays  the  file  access
434                     mode  and file status flags (see open(2)).  If the close-
435                     on-exec file descriptor flag is set, then flags will also
436                     include the value O_CLOEXEC.
437
438                     Before  Linux  3.1,  this field incorrectly displayed the
439                     setting of O_CLOEXEC at the time  the  file  was  opened,
440                     rather  than  the  current  setting  of the close-on-exec
441                     flag.
442
443              mnt_id This field, present since Linux 3.15, is the  ID  of  the
444                     mount point containing this file.  See the description of
445                     /proc/[pid]/mountinfo.
446
447              For eventfd file descriptors (see  eventfd(2)),  we  see  (since
448              Linux 3.8) the following fields:
449
450                  pos: 0
451                  flags:    02
452                  mnt_id:   10
453                  eventfd-count:               40
454
455              eventfd-count  is  the  current value of the eventfd counter, in
456              hexadecimal.
457
458              For epoll file descriptors (see epoll(7)), we see  (since  Linux
459              3.8) the following fields:
460
461                  pos: 0
462                  flags:    02
463                  mnt_id:   10
464                  tfd:        9 events:       19 data: 74253d2500000009
465                  tfd:        7 events:       19 data: 74253d2500000007
466
467              Each  of  the  lines  beginning  tfd  describes  one of the file
468              descriptors being monitored via the epoll file  descriptor  (see
469              epoll_ctl(2)  for some details).  The tfd field is the number of
470              the file descriptor.  The events field is a hexadecimal mask  of
471              the  events  being monitored for this file descriptor.  The data
472              field is the data value associated with this file descriptor.
473
474              For signalfd file descriptors (see signalfd(2)), we  see  (since
475              Linux 3.8) the following fields:
476
477                  pos: 0
478                  flags:    02
479                  mnt_id:   10
480                  sigmask:  0000000000000006
481
482              sigmask is the hexadecimal mask of signals that are accepted via
483              this signalfd file descriptor.  (In this example, bits 2  and  3
484              are  set,  corresponding  to the signals SIGINT and SIGQUIT; see
485              signal(7).)
486
487              For inotify file descriptors (see  inotify(7)),  we  see  (since
488              Linux 3.8) the following fields:
489
490                  pos: 0
491                  flags:    00
492                  mnt_id:   11
493                  inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
494                  inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73
495
496              Each  of the lines beginning with "inotify" displays information
497              about one file or directory that is being monitored.  The fields
498              in this line are as follows:
499
500              wd     A watch descriptor number (in decimal).
501
502              ino    The inode number of the target file (in hexadecimal).
503
504              sdev   The  ID  of  the device where the target file resides (in
505                     hexadecimal).
506
507              mask   The mask of events being monitored for  the  target  file
508                     (in hexadecimal).
509
510              If  the  kernel was built with exportfs support, the path to the
511              target file is exposed as a file handle, via  three  hexadecimal
512              fields: fhandle-bytes, fhandle-type, and f_handle.
513
514              For  fanotify  file descriptors (see fanotify(7)), we see (since
515              Linux 3.8) the following fields:
516
517                  pos: 0
518                  flags:    02
519                  mnt_id:   11
520                  fanotify flags:0 event-flags:88002
521                  fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73
522
523              The fourth line displays information defined when  the  fanotify
524              group was created via fanotify_init(2):
525
526              flags  The  flags  argument given to fanotify_init(2) (expressed
527                     in hexadecimal).
528
529              event-flags
530                     The  event_f_flags  argument  given  to  fanotify_init(2)
531                     (expressed in hexadecimal).
532
533              Each  additional  line  shown  in  the file contains information
534              about one of the marks in the fanotify  group.   Most  of  these
535              fields are as for inotify, except:
536
537              mflags The flags associated with the mark (expressed in hexadec‐
538                     imal).
539
540              mask   The events mask for this mark (expressed in hexadecimal).
541
542              ignored_mask
543                     The mask  of  events  that  are  ignored  for  this  mark
544                     (expressed in hexadecimal).
545
546              For details on these fields, see fanotify_mark(2).
547
548       /proc/[pid]/gid_map (since Linux 3.5)
549              See user_namespaces(7).
550
551       /proc/[pid]/io (since kernel 2.6.20)
552              This file contains I/O statistics for the process, for example:
553
554                  # cat /proc/3828/io
555                  rchar: 323934931
556                  wchar: 323929600
557                  syscr: 632687
558                  syscw: 632675
559                  read_bytes: 0
560                  write_bytes: 323932160
561                  cancelled_write_bytes: 0
562
563              The fields are as follows:
564
565              rchar: characters read
566                     The number of bytes which this task has caused to be read
567                     from storage.  This is simply the sum of bytes which this
568                     process  passed  to read(2) and similar system calls.  It
569                     includes things such as terminal I/O and is unaffected by
570                     whether or not actual physical disk I/O was required (the
571                     read might have been satisfied from pagecache).
572
573              wchar: characters written
574                     The number of bytes which this task has caused, or  shall
575                     cause  to be written to disk.  Similar caveats apply here
576                     as with rchar.
577
578              syscr: read syscalls
579                     Attempt to count the number of read  I/O  operations—that
580                     is, system calls such as read(2) and pread(2).
581
582              syscw: write syscalls
583                     Attempt  to count the number of write I/O operations—that
584                     is, system calls such as write(2) and pwrite(2).
585
586              read_bytes: bytes read
587                     Attempt to count the number of bytes which  this  process
588                     really  did  cause  to be fetched from the storage layer.
589                     This is accurate for block-backed filesystems.
590
591              write_bytes: bytes written
592                     Attempt to count the number of bytes which  this  process
593                     caused to be sent to the storage layer.
594
595              cancelled_write_bytes:
596                     The big inaccuracy here is truncate.  If a process writes
597                     1MB to a file and then deletes the file, it will in  fact
598                     perform  no writeout.  But it will have been accounted as
599                     having caused 1MB of write.  In other words:  this  field
600                     represents  the number of bytes which this process caused
601                     to not happen, by truncating pagecache.  A task can cause
602                     "negative"  I/O  too.   If this task truncates some dirty
603                     pagecache, some I/O which another task has been accounted
604                     for (in its write_bytes) will not be happening.
605
606              Note:  In  the  current implementation, things are a bit racy on
607              32-bit systems: if process A reads  process  B's  /proc/[pid]/io
608              while  process  B  is  updating  one  of  these 64-bit counters,
609              process A could see an intermediate result.
610
611              Permission to access this file is governed by  a  ptrace  access
612              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
613
614       /proc/[pid]/limits (since Linux 2.6.24)
615              This file displays the soft limit, hard limit, and units of mea‐
616              surement for each of the process's resource  limits  (see  getr‐
617              limit(2)).   Up to and including Linux 2.6.35, this file is pro‐
618              tected to allow reading only by the real  UID  of  the  process.
619              Since  Linux  2.6.36,  this file is readable by all users on the
620              system.
621
622       /proc/[pid]/map_files/ (since kernel 3.3)
623              This subdirectory  contains  entries  corresponding  to  memory-
624              mapped  files (see mmap(2)).  Entries are named by memory region
625              start and end address pair (expressed as  hexadecimal  numbers),
626              and  are symbolic links to the mapped files themselves.  Here is
627              an example, with the output wrapped and reformatted to fit on an
628              80-column display:
629
630                  # ls -l /proc/self/map_files/
631                  lr--------. 1 root root 64 Apr 16 21:31
632                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
633                  ...
634
635              Although  these entries are present for memory regions that were
636              mapped with the MAP_FILE flag, the way anonymous  shared  memory
637              (regions created with the MAP_ANON | MAP_SHARED flags) is imple‐
638              mented in Linux means that such  regions  also  appear  on  this
639              directory.   Here  is  an  example  where the target file is the
640              deleted /dev/zero one:
641
642                  lrw-------. 1 root root 64 Apr 16 21:33
643                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)
644
645              This directory appears  only  if  the  CONFIG_CHECKPOINT_RESTORE
646              kernel    configuration    option    is    enabled.    Privilege
647              (CAP_SYS_ADMIN) is required to view the contents of this  direc‐
648              tory.
649
650       /proc/[pid]/maps
651              A  file containing the currently mapped memory regions and their
652              access permissions.  See mmap(2) for  some  further  information
653              about memory mappings.
654
655              Permission  to  access  this file is governed by a ptrace access
656              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
657
658              The format of the file is:
659
660    address           perms offset  dev   inode       pathname
661    00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
662    00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
663    00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
664    00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
665    00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
666    ...
667    35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
668    35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
669    35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
670    35b1a21000-35b1a22000 rw-p 00000000 00:00 0
671    35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
672    35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
673    35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
674    35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
675    ...
676    f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
677    ...
678    7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
679    7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]
680
681              The address field is the address space in the process  that  the
682              mapping occupies.  The perms field is a set of permissions:
683
684                  r = read
685                  w = write
686                  x = execute
687                  s = shared
688                  p = private (copy on write)
689
690              The  offset  field  is the offset into the file/whatever; dev is
691              the device (major:minor); inode is the inode on that device.   0
692              indicates that no inode is associated with the memory region, as
693              would be the case with BSS (uninitialized data).
694
695              The pathname field will usually be the file that is backing  the
696              mapping.  For ELF files, you can easily coordinate with the off‐
697              set field by looking at the Offset  field  in  the  ELF  program
698              headers (readelf -l).
699
700              There are additional helpful pseudo-paths:
701
702                   [stack]
703                          The  initial  process's  (also  known  as  the  main
704                          thread's) stack.
705
706                   [stack:<tid>] (since Linux 3.4)
707                          A thread's stack (where the <tid> is a  thread  ID).
708                          It corresponds to the /proc/[pid]/task/[tid]/ path.
709
710                   [vdso] The  virtual  dynamically linked shared object.  See
711                          vdso(7).
712
713                   [heap] The process's heap.
714
715              If the pathname field is blank, this is an anonymous mapping  as
716              obtained  via  mmap(2).  There is no easy way to coordinate this
717              back to a process's source, short of running it through  gdb(1),
718              strace(1), or similar.
719
720              Under Linux 2.0, there is no field giving pathname.
721
722       /proc/[pid]/mem
723              This  file can be used to access the pages of a process's memory
724              through open(2), read(2), and lseek(2).
725
726              Permission to access this file is governed by  a  ptrace  access
727              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
728
729       /proc/[pid]/mountinfo (since Linux 2.6.26)
730              This  file  contains  information  about  mount  points  in  the
731              process's mount namespace (see  mount_namespaces(7)).   It  sup‐
732              plies  various  information  (e.g.,  propagation  state, root of
733              mount for bind mounts, identifier for each mount and its parent)
734              that  is  missing  from the (older) /proc/[pid]/mounts file, and
735              fixes various other problems with that file  (e.g.,  nonextensi‐
736              bility,  failure  to distinguish per-mount versus per-superblock
737              options).
738
739              The file contains lines of the form:
740
74136 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
742(1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
743
744              The numbers in  parentheses  are  labels  for  the  descriptions
745              below:
746
747              (1)  mount  ID:  a  unique ID for the mount (may be reused after
748                   umount(2)).
749
750              (2)  parent ID: the ID of the parent mount (or of self  for  the
751                   root of this mount namespace's mount tree).
752
753                   If  the  parent mount point lies outside the process's root
754                   directory (see chroot(2)), the ID shown here won't  have  a
755                   corresponding  record in mountinfo whose mount ID (field 1)
756                   matches this parent mount ID (because mount points that lie
757                   outside  the  process's  root  directory  are  not shown in
758                   mountinfo).  As a special case of this point, the process's
759                   root mount point may have a parent mount (for the initramfs
760                   filesystem) that lies outside the process's root directory,
761                   and  an  entry  for  that  mount  point  will not appear in
762                   mountinfo.
763
764              (3)  major:minor: the value of st_dev for files on this filesys‐
765                   tem (see stat(2)).
766
767              (4)  root: the pathname of the directory in the filesystem which
768                   forms the root of this mount.
769
770              (5)  mount point: the pathname of the mount  point  relative  to
771                   the process's root directory.
772
773              (6)  mount options: per-mount options.
774
775              (7)  optional   fields:   zero   or  more  fields  of  the  form
776                   "tag[:value]"; see below.
777
778              (8)  separator: the end of the optional fields is  marked  by  a
779                   single hyphen.
780
781              (9)  filesystem   type:   the   filesystem   type  in  the  form
782                   "type[.subtype]".
783
784              (10) mount source: filesystem-specific information or "none".
785
786              (11) super options: per-superblock options.
787
788              Currently, the possible  optional  fields  are  shared,  master,
789              propagate_from,  and  unbindable.  See mount_namespaces(7) for a
790              description of these fields.  Parsers should ignore all unrecog‐
791              nized optional fields.
792
793              For  more  information  on  mount  propagation  see:  Documenta‐
794              tion/filesystems/sharedsubtree.txt in the  Linux  kernel  source
795              tree.
796
797       /proc/[pid]/mounts (since Linux 2.4.19)
798              This  file  lists  all  the filesystems currently mounted in the
799              process's mount namespace (see mount_namespaces(7)).  The format
800              of this file is documented in fstab(5).
801
802              Since  kernel version 2.6.15, this file is pollable: after open‐
803              ing the file for  reading,  a  change  in  this  file  (i.e.,  a
804              filesystem  mount  or unmount) causes select(2) to mark the file
805              descriptor as having an exceptional condition, and  poll(2)  and
806              epoll_wait(2)  mark  the  file as having a priority event (POLL‐
807              PRI).  (Before Linux 2.6.30, a change in this file was indicated
808              by  the  file descriptor being marked as readable for select(2),
809              and being marked as having an error condition  for  poll(2)  and
810              epoll_wait(2).)
811
812       /proc/[pid]/mountstats (since Linux 2.6.17)
813              This  file exports information (statistics, configuration infor‐
814              mation) about the mount points in the process's mount  namespace
815              (see mount_namespaces(7)).  Lines in this file have the form:
816
817                  device /dev/sda7 mounted on /home with fstype ext3 [statistics]
818                  (       1      )            ( 2 )             (3 ) (4)
819
820              The fields in each line are:
821
822              (1)  The  name  of the mounted device (or "nodevice" if there is
823                   no corresponding device).
824
825              (2)  The mount point within the filesystem tree.
826
827              (3)  The filesystem type.
828
829              (4)  Optional statistics and  configuration  information.   Cur‐
830                   rently  (as  at  Linux 2.6.26), only NFS filesystems export
831                   information via this field.
832
833              This file is readable only by the owner of the process.
834
835       /proc/[pid]/net (since Linux 2.6.25)
836              See the description of /proc/net.
837
838       /proc/[pid]/ns/ (since Linux 3.0)
839              This is a subdirectory containing one entry for  each  namespace
840              that  supports being manipulated by setns(2).  For more informa‐
841              tion, see namespaces(7).
842
843       /proc/[pid]/numa_maps (since Linux 2.6.14)
844              See numa(7).
845
846       /proc/[pid]/oom_adj (since Linux 2.6.11)
847              This file can be used to adjust the score used to  select  which
848              process  should  be  killed in an out-of-memory (OOM) situation.
849              The kernel uses this value for  a  bit-shift  operation  of  the
850              process's  oom_score value: valid values are in the range -16 to
851              +15, plus the special  value  -17,  which  disables  OOM-killing
852              altogether  for  this  process.   A positive score increases the
853              likelihood of this process being killed  by  the  OOM-killer;  a
854              negative score decreases the likelihood.
855
856              The default value for this file is 0; a new process inherits its
857              parent's  oom_adj  setting.   A  process  must   be   privileged
858              (CAP_SYS_RESOURCE) to update this file.
859
860              Since  Linux  2.6.36, use of this file is deprecated in favor of
861              /proc/[pid]/oom_score_adj.
862
863       /proc/[pid]/oom_score (since Linux 2.6.11)
864              This file displays the current score that the  kernel  gives  to
865              this process for the purpose of selecting a process for the OOM-
866              killer.  A higher score means that the process is more likely to
867              be  selected by the OOM-killer.  The basis for this score is the
868              amount of memory used by the  process,  with  increases  (+)  or
869              decreases (-) for factors including:
870
871              * whether the process is privileged (-).
872
873              Before kernel 2.6.36 the following factors were also used in the
874              calculation of oom_score:
875
876              * whether the process creates a lot of  children  using  fork(2)
877                (+);
878
879              * whether  the process has been running a long time, or has used
880                a lot of CPU time (-);
881
882              * whether the process has a low nice value (i.e., > 0) (+); and
883
884              * whether the process is making direct hardware access (-).
885
886              The oom_score also reflects  the  adjustment  specified  by  the
887              oom_score_adj or oom_adj setting for the process.
888
889       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
890              This  file  can  be used to adjust the badness heuristic used to
891              select which process gets killed in out-of-memory conditions.
892
893              The badness heuristic assigns a value  to  each  candidate  task
894              ranging  from  0 (never kill) to 1000 (always kill) to determine
895              which process is targeted.  The units are roughly  a  proportion
896              along  that  range  of  allowed  memory the process may allocate
897              from, based on an estimation of its current memory and swap use.
898              For  example, if a task is using all allowed memory, its badness
899              score will be 1000.  If it is using half of its allowed  memory,
900              its score will be 500.
901
902              There  is  an  additional  factor included in the badness score:
903              root processes are given 3% extra memory over other tasks.
904
905              The amount of "allowed" memory depends on the context  in  which
906              the  OOM-killer was called.  If it is due to the memory assigned
907              to the allocating task's cpuset  being  exhausted,  the  allowed
908              memory  represents  the set of mems assigned to that cpuset (see
909              cpuset(7)).  If  it  is  due  to  a  mempolicy's  node(s)  being
910              exhausted,  the  allowed  memory represents the set of mempolicy
911              nodes.  If it is due to a memory limit  (or  swap  limit)  being
912              reached,  the allowed memory is that configured limit.  Finally,
913              if it is due to the entire  system  being  out  of  memory,  the
914              allowed memory represents all allocatable resources.
915
916              The  value of oom_score_adj is added to the badness score before
917              it is used to determine which task to kill.   Acceptable  values
918              range     from     -1000     (OOM_SCORE_ADJ_MIN)     to    +1000
919              (OOM_SCORE_ADJ_MAX).  This allows  user  space  to  control  the
920              preference  for  OOM-killing,  ranging  from always preferring a
921              certain task or completely disabling it from OOM  killing.   The
922              lowest  possible  value,  -1000, is equivalent to disabling OOM-
923              killing entirely for that task, since it will  always  report  a
924              badness score of 0.
925
926              Consequently,  it  is  very  simple for user space to define the
927              amount  of  memory  to  consider  for  each  task.   Setting  an
928              oom_score_adj  value of +500, for example, is roughly equivalent
929              to allowing the remainder of  tasks  sharing  the  same  system,
930              cpuset,  mempolicy,  or  memory  controller  resources to use at
931              least 50% more memory.  A value of  -500,  on  the  other  hand,
932              would  be  roughly  equivalent  to discounting 50% of the task's
933              allowed memory from being  considered  as  scoring  against  the
934              task.
935
936              For    backward    compatibility    with    previous    kernels,
937              /proc/[pid]/oom_adj can still be used to tune the badness score.
938              Its value is scaled linearly with oom_score_adj.
939
940              Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will
941              change the other with its scaled value.
942
943       /proc/[pid]/pagemap (since Linux 2.6.25)
944              This file shows the mapping of each  of  the  process's  virtual
945              pages  into  physical page frames or swap area.  It contains one
946              64-bit value for each virtual page, with the bits  set  as  fol‐
947              lows:
948
949                   63     If set, the page is present in RAM.
950
951                   62     If set, the page is in swap space
952
953                   61 (since Linux 3.5)
954                          The page is a file-mapped page or a shared anonymous
955                          page.
956
957                   60–57 (since Linux 3.11)
958                          Zero
959
960                   56 (since Linux 4.2)
961                          The page is exclusively mapped.
962
963                   55 (since Linux 3.11)
964                          PTE is soft-dirty (see the kernel source file  Docu‐
965                          mentation/vm/soft-dirty.txt).
966
967                   54–0   If  the  page is present in RAM (bit 63), then these
968                          bits provide the page frame  number,  which  can  be
969                          used to index /proc/kpageflags and /proc/kpagecount.
970                          If the page is present in swap (bit 62),  then  bits
971                          4–0  give  the  swap  type, and bits 54–5 encode the
972                          swap offset.
973
974              Before Linux 3.11, bits 60–55 were used to encode the base-2 log
975              of the page size.
976
977              To  employ /proc/[pid]/pagemap efficiently, use /proc/[pid]/maps
978              to determine which areas of memory are actually mapped and  seek
979              to skip over unmapped regions.
980
981              The  /proc/[pid]/pagemap  file  is  present  only  if  the  CON‐
982              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
983
984              Permission to access this file is governed by  a  ptrace  access
985              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
986
987       /proc/[pid]/personality (since Linux 2.6.28)
988              This  read-only  file exposes the process's execution domain, as
989              set by personality(2).  The value is  displayed  in  hexadecimal
990              notation.
991
992              Permission  to  access  this file is governed by a ptrace access
993              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
994
995       /proc/[pid]/root
996              UNIX and Linux support the idea of a  per-process  root  of  the
997              filesystem,  set  by  the chroot(2) system call.  This file is a
998              symbolic link that points to the process's root  directory,  and
999              behaves in the same way as exe, and fd/*.
1000
1001              Note  however  that this file is not merely a symbolic link.  It
1002              provides the same view of the filesystem  (including  namespaces
1003              and  the  set  of per-process mounts) as the process itself.  An
1004              example illustrates this point.  In one  terminal,  we  start  a
1005              shell  in  new  user  and mount namespaces, and in that shell we
1006              create some new mount points:
1007
1008                  $ PS1='sh1# ' unshare -Urnm
1009                  sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
1010                  sh1# mount --bind /usr /dev     # Mount /usr at /dev
1011                  sh1# echo $$
1012                  27123
1013
1014              In a second terminal window, in the initial mount namespace,  we
1015              look  at the contents of the corresponding mounts in the initial
1016              and new namespaces:
1017
1018                  $ PS1='sh2# ' sudo sh
1019                  sh2# ls /etc | wc -l                  # In initial NS
1020                  309
1021                  sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
1022                  0                                     # The empty tmpfs dir
1023                  sh2# ls /dev | wc -l                  # In initial NS
1024                  205
1025                  sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
1026                  11                                    # Actually bind
1027                                                        # mounted to /usr
1028                  sh2# ls /usr | wc -l                  # /usr in initial NS
1029                  11
1030
1031              In a multithreaded process, the contents of the /proc/[pid]/root
1032              symbolic  link  are not available if the main thread has already
1033              terminated (typically by calling pthread_exit(3)).
1034
1035              Permission to dereference or read  (readlink(2))  this  symbolic
1036              link     is     governed     by    a    ptrace    access    mode
1037              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1038
1039       /proc/[pid]/seccomp (Linux 2.6.12 to 2.6.22)
1040              This file can be used to read and change  the  process's  secure
1041              computing  (seccomp)  mode  setting.  It contains the value 0 if
1042              the process is not in seccomp mode, and 1 if the process  is  in
1043              strict  seccomp  mode  (see seccomp(2)).  Writing 1 to this file
1044              places the process irreversibly in strict seccomp  mode.   (Fur‐
1045              ther attempts to write to the file fail with the EPERM error.)
1046
1047              In  Linux  2.6.23,  this  file  went away, to be replaced by the
1048              prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP operations (and later
1049              by seccomp(2) and the Seccomp field in /proc/[pid]/status).
1050
1051       /proc/[pid]/setgroups (since Linux 3.19)
1052              See user_namespaces(7).
1053
1054       /proc/[pid]/smaps (since Linux 2.6.14)
1055              This  file  shows  memory  consumption for each of the process's
1056              mappings.  (The pmap(1) command displays similar information, in
1057              a  form that may be easier for parsing.)  For each mapping there
1058              is a series of lines such as the following:
1059
1060                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
1061                  Size:                552 kB
1062                  Rss:                 460 kB
1063                  Pss:                 100 kB
1064                  Shared_Clean:        452 kB
1065                  Shared_Dirty:          0 kB
1066                  Private_Clean:         8 kB
1067                  Private_Dirty:         0 kB
1068                  Referenced:          460 kB
1069                  Anonymous:             0 kB
1070                  AnonHugePages:         0 kB
1071                  ShmemHugePages:        0 kB
1072                  ShmemPmdMapped:        0 kB
1073                  Swap:                  0 kB
1074                  KernelPageSize:        4 kB
1075                  MMUPageSize:           4 kB
1076                  KernelPageSize:        4 kB
1077                  MMUPageSize:           4 kB
1078                  Locked:                0 kB
1079                  ProtectionKey:         0
1080                  VmFlags: rd ex mr mw me dw
1081
1082              The first of these lines shows the same information as  is  dis‐
1083              played for the mapping in /proc/[pid]/maps.  The following lines
1084              show the size of the mapping, the amount of the mapping that  is
1085              currently  resident  in  RAM ("Rss"), the process's proportional
1086              share of this mapping ("Pss"), the number  of  clean  and  dirty
1087              shared  pages  in the mapping, and the number of clean and dirty
1088              private pages in the mapping.  "Referenced" indicates the amount
1089              of  memory  currently marked as referenced or accessed.  "Anony‐
1090              mous" shows the amount of memory that does  not  belong  to  any
1091              file.   "Swap"  shows how much would-be-anonymous memory is also
1092              used, but out on swap.
1093
1094              The "KernelPageSize" line (available since Linux 2.6.29) is  the
1095              page  size  used  by the kernel to back the virtual memory area.
1096              This matches the size used by the MMU in the majority of  cases.
1097              However,  one  counter-example occurs on PPC64 kernels whereby a
1098              kernel using 64kB as a base page size may still  use  4kB  pages
1099              for  the  MMU  on  older  processors.   To  distinguish  the two
1100              attributes, the "MMUPageSize" line (also available  since  Linux
1101              2.6.29) reports the page size used by the MMU.
1102
1103              The  "Locked"  indicates whether the mapping is locked in memory
1104              or not.
1105
1106              The "ProtectionKey" line (available  since  Linux  4.9,  on  x86
1107              only)  contains the memory protection key (see pkeys(7)) associ‐
1108              ated with the virtual memory area.  This entry is  present  only
1109              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1110              TION_KEYS configuration option.
1111
1112              The "VmFlags" line (available since Linux  3.8)  represents  the
1113              kernel  flags  associated  with the virtual memory area, encoded
1114              using the following two-letter codes:
1115
1116                  rd  - readable
1117                  wr  - writable
1118                  ex  - executable
1119                  sh  - shared
1120                  mr  - may read
1121                  mw  - may write
1122                  me  - may execute
1123                  ms  - may share
1124                  gd  - stack segment grows down
1125                  pf  - pure PFN range
1126                  dw  - disabled write to the mapped file
1127                  lo  - pages are locked in memory
1128                  io  - memory mapped I/O area
1129                  sr  - sequential read advise provided
1130                  rr  - random read advise provided
1131                  dc  - do not copy area on fork
1132                  de  - do not expand area on remapping
1133                  ac  - area is accountable
1134                  nr  - swap space is not reserved for the area
1135                  ht  - area uses huge tlb pages
1136                  nl  - non-linear mapping
1137                  ar  - architecture specific flag
1138                  dd  - do not include area into core dump
1139                  sd  - soft-dirty flag
1140                  mm  - mixed map area
1141                  hg  - huge page advise flag
1142                  nh  - no-huge page advise flag
1143                  mg  - mergeable advise flag
1144
1145              "ProtectionKey" field contains the memory  protection  key  (see
1146              pkeys(5)) associated with the virtual memory area.  Present only
1147              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1148              TION_KEYS configuration option. (since Linux 4.6)
1149
1150              The   /proc/[pid]/smaps   file  is  present  only  if  the  CON‐
1151              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1152
1153       /proc/[pid]/stack (since Linux 2.6.29)
1154              This file provides a symbolic trace of  the  function  calls  in
1155              this  process's kernel stack.  This file is provided only if the
1156              kernel  was  built  with  the  CONFIG_STACKTRACE   configuration
1157              option.
1158
1159              Permission  to  access  this file is governed by a ptrace access
1160              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1161
1162       /proc/[pid]/stat
1163              Status information about the process.  This is  used  by  ps(1).
1164              It is defined in the kernel source file fs/proc/array.c.
1165
1166              The  fields,  in order, with their proper scanf(3) format speci‐
1167              fiers, are listed below.  Whether or not certain of these fields
1168              display  valid  information  is governed by a ptrace access mode
1169              PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT check  (refer  to
1170              ptrace(2)).  If the check denies access, then the field value is
1171              displayed as 0.  The affected  fields  are  indicated  with  the
1172              marking [PT].
1173
1174              (1) pid  %d
1175                        The process ID.
1176
1177              (2) comm  %s
1178                        The  filename of the executable, in parentheses.  This
1179                        is visible whether or not the  executable  is  swapped
1180                        out.
1181
1182              (3) state  %c
1183                        One  of  the  following characters, indicating process
1184                        state:
1185
1186                        R  Running
1187
1188                        S  Sleeping in an interruptible wait
1189
1190                        D  Waiting in uninterruptible disk sleep
1191
1192                        Z  Zombie
1193
1194                        T  Stopped (on a  signal)  or  (before  Linux  2.6.33)
1195                           trace stopped
1196
1197                        t  Tracing stop (Linux 2.6.33 onward)
1198
1199                        W  Paging (only before Linux 2.6.0)
1200
1201                        X  Dead (from Linux 2.6.0 onward)
1202
1203                        x  Dead (Linux 2.6.33 to 3.13 only)
1204
1205                        K  Wakekill (Linux 2.6.33 to 3.13 only)
1206
1207                        W  Waking (Linux 2.6.33 to 3.13 only)
1208
1209                        P  Parked (Linux 3.9 to 3.13 only)
1210
1211              (4) ppid  %d
1212                        The PID of the parent of this process.
1213
1214              (5) pgrp  %d
1215                        The process group ID of the process.
1216
1217              (6) session  %d
1218                        The session ID of the process.
1219
1220              (7) tty_nr  %d
1221                        The  controlling  terminal of the process.  (The minor
1222                        device number is contained in the combination of  bits
1223                        31  to  20  and  7 to 0; the major device number is in
1224                        bits 15 to 8.)
1225
1226              (8) tpgid  %d
1227                        The ID of the foreground process group of the control‐
1228                        ling terminal of the process.
1229
1230              (9) flags  %u
1231                        The  kernel  flags word of the process.  For bit mean‐
1232                        ings, see the PF_* defines in the Linux kernel  source
1233                        file  include/linux/sched.h.   Details  depend  on the
1234                        kernel version.
1235
1236                        The format for this field was %lu before Linux 2.6.
1237
1238              (10) minflt  %lu
1239                        The number of minor faults the process has made  which
1240                        have not required loading a memory page from disk.
1241
1242              (11) cminflt  %lu
1243                        The  number of minor faults that the process's waited-
1244                        for children have made.
1245
1246              (12) majflt  %lu
1247                        The number of major faults the process has made  which
1248                        have required loading a memory page from disk.
1249
1250              (13) cmajflt  %lu
1251                        The  number of major faults that the process's waited-
1252                        for children have made.
1253
1254              (14) utime  %lu
1255                        Amount of time that this process has been scheduled in
1256                        user   mode,   measured  in  clock  ticks  (divide  by
1257                        sysconf(_SC_CLK_TCK)).   This  includes  guest   time,
1258                        guest_time  (time  spent  running  a  virtual CPU, see
1259                        below), so that applications that are not aware of the
1260                        guest time field do not lose that time from their cal‐
1261                        culations.
1262
1263              (15) stime  %lu
1264                        Amount of time that this process has been scheduled in
1265                        kernel  mode,  measured  in  clock  ticks  (divide  by
1266                        sysconf(_SC_CLK_TCK)).
1267
1268              (16) cutime  %ld
1269                        Amount of time that this process's waited-for children
1270                        have  been  scheduled  in user mode, measured in clock
1271                        ticks (divide  by  sysconf(_SC_CLK_TCK)).   (See  also
1272                        times(2).)   This  includes  guest  time,  cguest_time
1273                        (time spent running a virtual CPU, see below).
1274
1275              (17) cstime  %ld
1276                        Amount of time that this process's waited-for children
1277                        have  been scheduled in kernel mode, measured in clock
1278                        ticks (divide by sysconf(_SC_CLK_TCK)).
1279
1280              (18) priority  %ld
1281                        (Explanation for Linux 2.6) For  processes  running  a
1282                        real-time   scheduling   policy   (policy  below;  see
1283                        sched_setscheduler(2)), this is the negated scheduling
1284                        priority, minus one; that is, a number in the range -2
1285                        to -100, corresponding to real-time  priorities  1  to
1286                        99.   For  processes  running  under  a  non-real-time
1287                        scheduling policy, this is the raw nice value (setpri‐
1288                        ority(2))  as  represented  in the kernel.  The kernel
1289                        stores nice values as numbers in the range 0 (high) to
1290                        39 (low), corresponding to the user-visible nice range
1291                        of -20 to 19.
1292
1293                        Before Linux 2.6, this was a scaled value based on the
1294                        scheduler weighting given to this process.
1295
1296              (19) nice  %ld
1297                        The  nice  value  (see setpriority(2)), a value in the
1298                        range 19 (low priority) to -20 (high priority).
1299
1300              (20) num_threads  %ld
1301                        Number of threads in this process (since  Linux  2.6).
1302                        Before kernel 2.6, this field was hard coded to 0 as a
1303                        placeholder for an earlier removed field.
1304
1305              (21) itrealvalue  %ld
1306                        The time in jiffies before the next SIGALRM is sent to
1307                        the  process  due  to an interval timer.  Since kernel
1308                        2.6.17, this field is no  longer  maintained,  and  is
1309                        hard coded as 0.
1310
1311              (22) starttime  %llu
1312                        The  time  the  process started after system boot.  In
1313                        kernels before Linux 2.6, this value was expressed  in
1314                        jiffies.   Since  Linux 2.6, the value is expressed in
1315                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1316
1317                        The format for this field was %lu before Linux 2.6.
1318
1319              (23) vsize  %lu
1320                        Virtual memory size in bytes.
1321
1322              (24) rss  %ld
1323                        Resident Set Size: number of pages the process has  in
1324                        real  memory.   This  is  just  the  pages which count
1325                        toward text, data, or  stack  space.   This  does  not
1326                        include pages which have not been demand-loaded in, or
1327                        which are swapped out.
1328
1329              (25) rsslim  %lu
1330                        Current soft limit in bytes on the rss of the process;
1331                        see the description of RLIMIT_RSS in getrlimit(2).
1332
1333              (26) startcode  %lu  [PT]
1334                        The address above which program text can run.
1335
1336              (27) endcode  %lu  [PT]
1337                        The address below which program text can run.
1338
1339              (28) startstack  %lu  [PT]
1340                        The address of the start (i.e., bottom) of the stack.
1341
1342              (29) kstkesp  %lu  [PT]
1343                        The  current value of ESP (stack pointer), as found in
1344                        the kernel stack page for the process.
1345
1346              (30) kstkeip  %lu  [PT]
1347                        The current EIP (instruction pointer).
1348
1349              (31) signal  %lu
1350                        The bitmap of pending signals, displayed as a  decimal
1351                        number.   Obsolete, because it does not provide infor‐
1352                        mation on real-time  signals;  use  /proc/[pid]/status
1353                        instead.
1354
1355              (32) blocked  %lu
1356                        The  bitmap of blocked signals, displayed as a decimal
1357                        number.  Obsolete, because it does not provide  infor‐
1358                        mation  on  real-time  signals; use /proc/[pid]/status
1359                        instead.
1360
1361              (33) sigignore  %lu
1362                        The bitmap of ignored signals, displayed as a  decimal
1363                        number.   Obsolete, because it does not provide infor‐
1364                        mation on real-time  signals;  use  /proc/[pid]/status
1365                        instead.
1366
1367              (34) sigcatch  %lu
1368                        The  bitmap  of caught signals, displayed as a decimal
1369                        number.  Obsolete, because it does not provide  infor‐
1370                        mation  on  real-time  signals; use /proc/[pid]/status
1371                        instead.
1372
1373              (35) wchan  %lu  [PT]
1374                        This is the "channel" in which the process is waiting.
1375                        It  is  the  address of a location in the kernel where
1376                        the process is sleeping.  The  corresponding  symbolic
1377                        name can be found in /proc/[pid]/wchan.
1378
1379              (36) nswap  %lu
1380                        Number of pages swapped (not maintained).
1381
1382              (37) cnswap  %lu
1383                        Cumulative nswap for child processes (not maintained).
1384
1385              (38) exit_signal  %d  (since Linux 2.1.22)
1386                        Signal to be sent to parent when we die.
1387
1388              (39) processor  %d  (since Linux 2.2.8)
1389                        CPU number last executed on.
1390
1391              (40) rt_priority  %u  (since Linux 2.5.19)
1392                        Real-time scheduling priority, a number in the range 1
1393                        to 99 for processes scheduled under a  real-time  pol‐
1394                        icy,   or   0,   for   non-real-time   processes  (see
1395                        sched_setscheduler(2)).
1396
1397              (41) policy  %u  (since Linux 2.5.19)
1398                        Scheduling policy (see sched_setscheduler(2)).  Decode
1399                        using the SCHED_* constants in linux/sched.h.
1400
1401                        The format for this field was %lu before Linux 2.6.22.
1402
1403              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
1404                        Aggregated  block  I/O delays, measured in clock ticks
1405                        (centiseconds).
1406
1407              (43) guest_time  %lu  (since Linux 2.6.24)
1408                        Guest time of the process (time spent running  a  vir‐
1409                        tual  CPU  for  a guest operating system), measured in
1410                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1411
1412              (44) cguest_time  %ld  (since Linux 2.6.24)
1413                        Guest time of  the  process's  children,  measured  in
1414                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1415
1416              (45) start_data  %lu  (since Linux 3.3)  [PT]
1417                        Address above which program initialized and uninitial‐
1418                        ized (BSS) data are placed.
1419
1420              (46) end_data  %lu  (since Linux 3.3)  [PT]
1421                        Address below which program initialized and uninitial‐
1422                        ized (BSS) data are placed.
1423
1424              (47) start_brk  %lu  (since Linux 3.3)  [PT]
1425                        Address  above which program heap can be expanded with
1426                        brk(2).
1427
1428              (48) arg_start  %lu  (since Linux 3.5)  [PT]
1429                        Address above  which  program  command-line  arguments
1430                        (argv) are placed.
1431
1432              (49) arg_end  %lu  (since Linux 3.5)  [PT]
1433                        Address  below  program  command-line arguments (argv)
1434                        are placed.
1435
1436              (50) env_start  %lu  (since Linux 3.5)  [PT]
1437                        Address above which program environment is placed.
1438
1439              (51) env_end  %lu  (since Linux 3.5)  [PT]
1440                        Address below which program environment is placed.
1441
1442              (52) exit_code  %d  (since Linux 3.5)  [PT]
1443                        The thread's exit status in the form reported by wait‐
1444                        pid(2).
1445
1446       /proc/[pid]/statm
1447              Provides information about memory usage, measured in pages.  The
1448              columns are:
1449
1450                  size       (1) total program size
1451                             (same as VmSize in /proc/[pid]/status)
1452                  resident   (2) resident set size
1453                             (same as VmRSS in /proc/[pid]/status)
1454                  shared     (3) number of resident shared pages (i.e., backed by a file)
1455                             (same as RssFile+RssShmem in /proc/[pid]/status)
1456                  text       (4) text (code)
1457                  lib        (5) library (unused since Linux 2.6; always 0)
1458                  data       (6) data + stack
1459                  dt         (7) dirty pages (unused since Linux 2.6; always 0)
1460
1461       /proc/[pid]/status
1462              Provides  much  of  the  information  in  /proc/[pid]/stat   and
1463              /proc/[pid]/statm in a format that's easier for humans to parse.
1464              Here's an example:
1465
1466                  $ cat /proc/$$/status
1467                  Name:   bash
1468                  Umask:  0022
1469                  State:  S (sleeping)
1470                  Tgid:   17248
1471                  Ngid:   0
1472                  Pid:    17248
1473                  PPid:   17200
1474                  TracerPid:      0
1475                  Uid:    1000    1000    1000    1000
1476                  Gid:    100     100     100     100
1477                  FDSize: 256
1478                  Groups: 16 33 100
1479                  NStgid: 17248
1480                  NSpid:  17248
1481                  NSpgid: 17248
1482                  NSsid:  17200
1483                  VmPeak:     131168 kB
1484                  VmSize:     131168 kB
1485                  VmLck:           0 kB
1486                  VmPin:           0 kB
1487                  VmHWM:       13484 kB
1488                  VmRSS:       13484 kB
1489                  RssAnon:     10264 kB
1490                  RssFile:      3220 kB
1491                  RssShmem:        0 kB
1492                  VmData:      10332 kB
1493                  VmStk:         136 kB
1494                  VmExe:         992 kB
1495                  VmLib:        2104 kB
1496                  VmPTE:          76 kB
1497                  VmPMD:          12 kB
1498                  VmSwap:          0 kB
1499                  HugetlbPages:          0 kB        # 4.4
1500                  Threads:        1
1501                  SigQ:   0/3067
1502                  SigPnd: 0000000000000000
1503                  ShdPnd: 0000000000000000
1504                  SigBlk: 0000000000010000
1505                  SigIgn: 0000000000384004
1506                  SigCgt: 000000004b813efb
1507                  CapInh: 0000000000000000
1508                  CapPrm: 0000000000000000
1509                  CapEff: 0000000000000000
1510                  CapBnd: ffffffffffffffff
1511                  CapAmb:   0000000000000000
1512                  NoNewPrivs:     0
1513                  Seccomp:        0
1514                  Speculation_Store_Bypass:       vulnerable
1515                  Cpus_allowed:   00000001
1516                  Cpus_allowed_list:      0
1517                  Mems_allowed:   1
1518                  Mems_allowed_list:      0
1519                  voluntary_ctxt_switches:        150
1520                  nonvoluntary_ctxt_switches:     545
1521
1522              The fields are as follows:
1523
1524              * Name: Command run by this process.
1525
1526              * Umask: Process umask, expressed in octal with a leading  zero;
1527                see umask(2).  (Since Linux 4.7.)
1528
1529              * State: Current state of the process.  One of "R (running)", "S
1530                (sleeping)", "D (disk  sleep)",  "T  (stopped)",  "T  (tracing
1531                stop)", "Z (zombie)", or "X (dead)".
1532
1533              * Tgid: Thread group ID (i.e., Process ID).
1534
1535              * Ngid: NUMA group ID (0 if none; since Linux 3.13).
1536
1537              * Pid: Thread ID (see gettid(2)).
1538
1539              * PPid: PID of parent process.
1540
1541              * TracerPid: PID of process tracing this process (0 if not being
1542                traced).
1543
1544              * Uid, Gid: Real, effective,  saved  set,  and  filesystem  UIDs
1545                (GIDs).
1546
1547              * FDSize: Number of file descriptor slots currently allocated.
1548
1549              * Groups: Supplementary group list.
1550
1551              * NStgid : Thread group ID (i.e., PID) in each of the PID names‐
1552                paces of which [pid] is a member.  The  leftmost  entry  shows
1553                the  value  with  respect  to the PID namespace of the reading
1554                process, followed by the value in  successively  nested  inner
1555                namespaces.  (Since Linux 4.1.)
1556
1557              * NSpid:  Thread ID in each of the PID namespaces of which [pid]
1558                is a member.  The fields are ordered as  for  NStgid.   (Since
1559                Linux 4.1.)
1560
1561              * NSpgid:  Process  group  ID  in  each of the PID namespaces of
1562                which [pid] is a member.  The fields are ordered as  for  NSt‐
1563                gid.  (Since Linux 4.1.)
1564
1565              * NSsid: descendant namespace session ID hierarchy Session ID in
1566                each of the PID namespaces of which [pid] is  a  member.   The
1567                fields are ordered as for NStgid.  (Since Linux 4.1.)
1568
1569              * VmPeak: Peak virtual memory size.
1570
1571              * VmSize: Virtual memory size.
1572
1573              * VmLck: Locked memory size (see mlock(3)).
1574
1575              * VmPin:  Pinned memory size (since Linux 3.2).  These are pages
1576                that can't be moved because something needs to directly access
1577                physical memory.
1578
1579              * VmHWM: Peak resident set size ("high water mark").
1580
1581              * VmRSS: Resident set size.  Note that the value here is the sum
1582                of RssAnon, RssFile, and RssShmem.
1583
1584              * RssAnon: Size of  resident  anonymous  memory.   (since  Linux
1585                4.5).
1586
1587              * RssFile: Size of resident file mappings.  (since Linux 4.5).
1588
1589              * RssShmem:  Size  of  resident shared memory (includes System V
1590                shared memory, mappings from tmpfs(5),  and  shared  anonymous
1591                mappings).  (since Linux 4.5).
1592
1593              * VmData, VmStk, VmExe: Size of data, stack, and text segments.
1594
1595              * VmLib: Shared library code size.
1596
1597              * VmPTE: Page table entries size (since Linux 2.6.10).
1598
1599              * VmPMD: Size of second-level page tables (since Linux 4.0).
1600
1601              * VmSwap:  Swapped-out  virtual memory size by anonymous private
1602                pages; shmem swap usage is not included (since Linux 2.6.34).
1603
1604              * HugetlbPages: Size of hugetlb memory portions.   (since  Linux
1605                4.4).
1606
1607              * Threads: Number of threads in process containing this thread.
1608
1609              * SigQ:  This  field  contains  two slash-separated numbers that
1610                relate to queued signals for the real user ID of this process.
1611                The  first  of these is the number of currently queued signals
1612                for this real user ID, and the second is the resource limit on
1613                the  number  of  queued  signals  for  this  process  (see the
1614                description of RLIMIT_SIGPENDING in getrlimit(2)).
1615
1616              * SigPnd, ShdPnd: Number of signals pending for thread  and  for
1617                process as a whole (see pthreads(7) and signal(7)).
1618
1619              * SigBlk,   SigIgn,   SigCgt:  Masks  indicating  signals  being
1620                blocked, ignored, and caught (see signal(7)).
1621
1622              * CapInh, CapPrm,  CapEff:  Masks  of  capabilities  enabled  in
1623                inheritable,  permitted,  and  effective  sets  (see capabili‐
1624                ties(7)).
1625
1626              * CapBnd: Capability Bounding set (since Linux 2.6.26, see capa‐
1627                bilities(7)).
1628
1629              * CapAmb: Ambient capability set (since Linux 4.3, see capabili‐
1630                ties(7)).
1631
1632              * NoNewPrivs: Value of the no_new_privs bit (since  Linux  4.10,
1633                see prctl(2)).
1634
1635              * Seccomp:  Seccomp  mode  of  the process (since Linux 3.8, see
1636                seccomp(2)).  0  means  SECCOMP_MODE_DISABLED;  1  means  SEC‐
1637                COMP_MODE_STRICT;  2 means SECCOMP_MODE_FILTER.  This field is
1638                provided only if the kernel was built with the  CONFIG_SECCOMP
1639                kernel configuration option enabled.
1640
1641              * Speculation_Store_Bypass:  Speculation  flaw  mitigation state
1642                (since Linux 4.17, see prctl(2)).
1643
1644              * Cpus_allowed: Mask of CPUs  on  which  this  process  may  run
1645                (since Linux 2.6.24, see cpuset(7)).
1646
1647              * Cpus_allowed_list:  Same  as  previous,  but  in "list format"
1648                (since Linux 2.6.26, see cpuset(7)).
1649
1650              * Mems_allowed: Mask of memory nodes  allowed  to  this  process
1651                (since Linux 2.6.24, see cpuset(7)).
1652
1653              * Mems_allowed_list:  Same  as  previous,  but  in "list format"
1654                (since Linux 2.6.26, see cpuset(7)).
1655
1656              * voluntary_ctxt_switches, nonvoluntary_ctxt_switches: Number of
1657                voluntary   and  involuntary  context  switches  (since  Linux
1658                2.6.23).
1659
1660       /proc/[pid]/syscall (since Linux 2.6.27)
1661              This file exposes the system call number and argument  registers
1662              for  the  system  call  currently being executed by the process,
1663              followed by the values of the stack pointer and program  counter
1664              registers.   The  values  of  all  six  argument  registers  are
1665              exposed, although most system calls use fewer registers.
1666
1667              If the process is blocked, but not in a system  call,  then  the
1668              file displays -1 in place of the system call number, followed by
1669              just the values of the stack pointer and  program  counter.   If
1670              process  is  not blocked, then the file contains just the string
1671              "running".
1672
1673              This file is present only if the kernel was configured with CON‐
1674              FIG_HAVE_ARCH_TRACEHOOK.
1675
1676              Permission  to  access  this file is governed by a ptrace access
1677              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1678
1679       /proc/[pid]/task (since Linux 2.6.0-test6)
1680              This is a directory that  contains  one  subdirectory  for  each
1681              thread  in  the  process.   The name of each subdirectory is the
1682              numerical thread ID  ([tid])  of  the  thread  (see  gettid(2)).
1683              Within  each  of  these  subdirectories, there is a set of files
1684              with the same names and contents as under the /proc/[pid] direc‐
1685              tories.  For attributes that are shared by all threads, the con‐
1686              tents for each of the files under the task/[tid]  subdirectories
1687              will  be  the  same  as  in the corresponding file in the parent
1688              /proc/[pid] directory (e.g., in a multithreaded process, all  of
1689              the  task/[tid]/cwd  files  will  have  the  same  value  as the
1690              /proc/[pid]/cwd file in the parent directory, since all  of  the
1691              threads in a process share a working directory).  For attributes
1692              that are distinct for each thread, the corresponding files under
1693              task/[tid]  may  have  different values (e.g., various fields in
1694              each of the task/[tid]/status files may be  different  for  each
1695              thread),  or  they  might not exist in /proc/[pid] at all.  In a
1696              multithreaded process,  the  contents  of  the  /proc/[pid]/task
1697              directory  are not available if the main thread has already ter‐
1698              minated (typically by calling pthread_exit(3)).
1699
1700       /proc/[pid]/task/[tid]/children (since Linux 3.5)
1701              A space-separated list of child tasks of this task.  Each  child
1702              task is represented by its TID.
1703
1704              This option is intended for use by the checkpoint-restore (CRIU)
1705              system, and reliably provides a list of children only if all  of
1706              the  child  processes  are  stopped or frozen.  It does not work
1707              properly if children of the target task exit while the  file  is
1708              being  read!  Exiting children may cause non-exiting children to
1709              be omitted from the list.  This makes this interface  even  more
1710              unreliable  than  classic  PID-based approaches if the inspected
1711              task and its children aren't frozen, and most code should proba‐
1712              bly not use this interface.
1713
1714              Until  Linux  4.2, the presence of this file was governed by the
1715              CONFIG_CHECKPOINT_RESTORE kernel  configuration  option.   Since
1716              Linux 4.2, it is governed by the CONFIG_PROC_CHILDREN option.
1717
1718       /proc/[pid]/timers (since Linux 3.10)
1719              A  list  of  the  POSIX  timers for this process.  Each timer is
1720              listed with a line that starts with the string "ID:".  For exam‐
1721              ple:
1722
1723                  ID: 1
1724                  signal: 60/00007fff86e452a8
1725                  notify: signal/pid.2634
1726                  ClockID: 0
1727                  ID: 0
1728                  signal: 60/00007fff86e452a8
1729                  notify: signal/pid.2634
1730                  ClockID: 1
1731
1732              The lines shown for each timer have the following meanings:
1733
1734              ID     The ID for this timer.  This is not the same as the timer
1735                     ID returned by timer_create(2); rather, it  is  the  same
1736                     kernel-internal  ID  that is available via the si_timerid
1737                     field of the siginfo_t structure (see sigaction(2)).
1738
1739              signal This is the signal number that this timer uses to deliver
1740                     notifications   followed   by   a  slash,  and  then  the
1741                     sigev_value value supplied to the signal handler.   Valid
1742                     only for timers that notify via a signal.
1743
1744              notify The  part  before  the slash specifies the mechanism that
1745                     this timer uses to deliver notifications, and is  one  of
1746                     "thread", "signal", or "none".  Immediately following the
1747                     slash  is  either  the  string  "tid"  for  timers   with
1748                     SIGEV_THREAD_ID  notification,  or  "pid" for timers that
1749                     notify by other mechanisms.  Following the "." is the PID
1750                     of  the  process  (or the kernel thread ID of the thread)
1751                     that will be delivered a signal  if  the  timer  delivers
1752                     notifications via a signal.
1753
1754              ClockID
1755                     This  field  identifies the clock that the timer uses for
1756                     measuring time.  For most clocks, this is a  number  that
1757                     matches  one  of the user-space CLOCK_* constants exposed
1758                     via <time.h>.   CLOCK_PROCESS_CPUTIME_ID  timers  display
1759                     with     a     value     of    -6    in    this    field.
1760                     CLOCK_THREAD_CPUTIME_ID timers display with a value of -2
1761                     in this field.
1762
1763              This  file is available only when the kernel was configured with
1764              CONFIG_CHECKPOINT_RESTORE.
1765
1766       /proc/[pid]/timerslack_ns (since Linux 4.6)
1767              This file exposes the process's  "current"  timer  slack  value,
1768              expressed  in  nanoseconds.   The file is writable, allowing the
1769              process's timer slack value to be changed.  Writing  0  to  this
1770              file  resets  the  "current"  timer slack to the "default" timer
1771              slack  value.   For  further  details,  see  the  discussion  of
1772              PR_SET_TIMERSLACK in prctl(2).
1773
1774              Initially,  permission  to  access  this  file was governed by a
1775              ptrace  access  mode   PTRACE_MODE_ATTACH_FSCREDS   check   (see
1776              ptrace(2)).   However, this was subsequently deemed too strict a
1777              requirement (and had the side effect that requiring a process to
1778              have  the  CAP_SYS_PTRACE capability would also allow it to view
1779              and change any process's memory).  Therefore, since  Linux  4.9,
1780              only  the (weaker) CAP_SYS_NICE capability is required to access
1781              this file.
1782
1783       /proc/[pid]/uid_map, /proc/[pid]/gid_map (since Linux 3.5)
1784              See user_namespaces(7).
1785
1786       /proc/[pid]/wchan (since Linux 2.6.0)
1787              The symbolic name corresponding to the location  in  the  kernel
1788              where the process is sleeping.
1789
1790              Permission  to  access  this file is governed by a ptrace access
1791              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1792
1793       /proc/apm
1794              Advanced power management version and battery  information  when
1795              CONFIG_APM is defined at kernel compilation time.
1796
1797       /proc/buddyinfo
1798              This file contains information which is used for diagnosing mem‐
1799              ory fragmentation issues.  Each line starts with the identifica‐
1800              tion  of  the node and the name of the zone which together iden‐
1801              tify a memory region This is  then  followed  by  the  count  of
1802              available  chunks  of  a  certain order in which these zones are
1803              split.  The size in bytes of a certain order  is  given  by  the
1804              formula:
1805
1806                  (2^order) * PAGE_SIZE
1807
1808              The  binary  buddy  allocator  algorithm  inside the kernel will
1809              split one chunk into two chunks of a smaller  order  (thus  with
1810              half  the size) or combine two contiguous chunks into one larger
1811              chunk of a higher order (thus with double the size)  to  satisfy
1812              allocation  requests  and  to counter memory fragmentation.  The
1813              order matches the column number, when starting to count at zero.
1814
1815              For example on an x86-64 system:
1816
1817  Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
1818  Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
1819  Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
1820
1821              In this example, there is one node containing  three  zones  and
1822              there are 11 different chunk sizes.  If the page size is 4 kilo‐
1823              bytes, then the first zone called  DMA  (on  x86  the  first  16
1824              megabyte  of memory) has 1 chunk of 4 kilobytes (order 0) avail‐
1825              able and has 3 chunks of 4 megabytes (order 10) available.
1826
1827              If the memory is heavily fragmented,  the  counters  for  higher
1828              order  chunks  will  be  zero and allocation of large contiguous
1829              areas will fail.
1830
1831              Further information about the zones can be found in  /proc/zone‐
1832              info.
1833
1834       /proc/bus
1835              Contains subdirectories for installed busses.
1836
1837       /proc/bus/pccard
1838              Subdirectory  for  PCMCIA  devices  when CONFIG_PCMCIA is set at
1839              kernel compilation time.
1840
1841       /proc/bus/pccard/drivers
1842
1843       /proc/bus/pci
1844              Contains various bus subdirectories and pseudo-files  containing
1845              information  about  PCI  busses,  installed  devices, and device
1846              drivers.  Some of these files are not ASCII.
1847
1848       /proc/bus/pci/devices
1849              Information about PCI devices.  They  may  be  accessed  through
1850              lspci(8) and setpci(8).
1851
1852       /proc/cgroups (since Linux 2.6.24)
1853              See cgroups(7).
1854
1855       /proc/cmdline
1856              Arguments  passed  to the Linux kernel at boot time.  Often done
1857              via a boot manager such as lilo(8) or grub(8).
1858
1859       /proc/config.gz (since Linux 2.6)
1860              This file exposes the configuration options that  were  used  to
1861              build  the  currently running kernel, in the same format as they
1862              would be shown in the .config file that resulted when  configur‐
1863              ing  the  kernel  (using make xconfig, make config, or similar).
1864              The file contents are compressed;  view  or  search  them  using
1865              zcat(1)  and  zgrep(1).  As long as no changes have been made to
1866              the following file, the contents of /proc/config.gz are the same
1867              as those provided by:
1868
1869                  cat /lib/modules/$(uname -r)/build/.config
1870
1871              /proc/config.gz  is  provided  only  if the kernel is configured
1872              with CONFIG_IKCONFIG_PROC.
1873
1874       /proc/crypto
1875              A list of the ciphers provided by the kernel  crypto  API.   For
1876              details,  see  the  kernel Linux Kernel Crypto API documentation
1877              available  under  the   kernel   source   directory   Documenta‐
1878              tion/crypto/ (or Documentation/DocBook before 4.10; the documen‐
1879              tation can be built using a command such as make htmldocs in the
1880              root directory of the kernel source tree).
1881
1882       /proc/cpuinfo
1883              This  is  a  collection of CPU and system architecture dependent
1884              items, for each supported architecture a  different  list.   Two
1885              common   entries  are  processor  which  gives  CPU  number  and
1886              bogomips; a system constant that  is  calculated  during  kernel
1887              initialization.   SMP  machines  have  information for each CPU.
1888              The lscpu(1) command gathers its information from this file.
1889
1890       /proc/devices
1891              Text listing of major numbers and device groups.   This  can  be
1892              used by MAKEDEV scripts for consistency with the kernel.
1893
1894       /proc/diskstats (since Linux 2.5.69)
1895              This  file  contains  disk  I/O statistics for each disk device.
1896              See the Linux kernel source file  Documentation/iostats.txt  for
1897              further information.
1898
1899       /proc/dma
1900              This  is a list of the registered ISA DMA (direct memory access)
1901              channels in use.
1902
1903       /proc/driver
1904              Empty subdirectory.
1905
1906       /proc/execdomains
1907              List of the execution domains (ABI personalities).
1908
1909       /proc/fb
1910              Frame buffer information when CONFIG_FB is defined during kernel
1911              compilation.
1912
1913       /proc/filesystems
1914              A  text  listing  of  the filesystems which are supported by the
1915              kernel, namely filesystems which were compiled into  the  kernel
1916              or  whose  kernel  modules  are  currently  loaded.   (See  also
1917              filesystems(5).)  If a filesystem is marked with  "nodev",  this
1918              means  that  it  does  not  require a block device to be mounted
1919              (e.g., virtual filesystem, network filesystem).
1920
1921              Incidentally, this file may be used by mount(8) when no filesys‐
1922              tem  is specified and it didn't manage to determine the filesys‐
1923              tem type.  Then filesystems contained in  this  file  are  tried
1924              (excepted those that are marked with "nodev").
1925
1926       /proc/fs
1927              Contains subdirectories that in turn contain files with informa‐
1928              tion about (certain) mounted filesystems.
1929
1930       /proc/ide
1931              This directory exists on systems with the IDE  bus.   There  are
1932              directories  for  each  IDE  channel and attached device.  Files
1933              include:
1934
1935                  cache              buffer size in KB
1936                  capacity           number of sectors
1937                  driver             driver version
1938                  geometry           physical and logical geometry
1939                  identify           in hexadecimal
1940                  media              media type
1941                  model              manufacturer's model number
1942                  settings           drive settings
1943                  smart_thresholds   in hexadecimal
1944                  smart_values       in hexadecimal
1945
1946              The hdparm(8) utility provides access to this information  in  a
1947              friendly format.
1948
1949       /proc/interrupts
1950              This  is  used to record the number of interrupts per CPU per IO
1951              device.  Since Linux 2.6.24, for the i386 and  x86-64  architec‐
1952              tures,  at  least, this also includes interrupts internal to the
1953              system (that is, not associated with a device as such), such  as
1954              NMI  (nonmaskable  interrupt),  LOC (local timer interrupt), and
1955              for SMP systems, TLB (TLB flush  interrupt),  RES  (rescheduling
1956              interrupt),  CAL  (remote function call interrupt), and possibly
1957              others.  Very easy to read formatting, done in ASCII.
1958
1959       /proc/iomem
1960              I/O memory map in Linux 2.4.
1961
1962       /proc/ioports
1963              This is a list of currently registered Input-Output port regions
1964              that are in use.
1965
1966       /proc/kallsyms (since Linux 2.5.71)
1967              This  holds  the  kernel exported symbol definitions used by the
1968              modules(X) tools to dynamically link and bind loadable  modules.
1969              In  Linux  2.5.47 and earlier, a similar file with slightly dif‐
1970              ferent syntax was named ksyms.
1971
1972       /proc/kcore
1973              This file represents the physical memory of the  system  and  is
1974              stored  in the ELF core file format.  With this pseudo-file, and
1975              an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be
1976              used to examine the current state of any kernel data structures.
1977
1978              The  total  length  of  the  file is the size of physical memory
1979              (RAM) plus 4 KiB.
1980
1981       /proc/keys (since Linux 2.6.10)
1982              See keyrings(7).
1983
1984       /proc/key-users (since Linux 2.6.10)
1985              See keyrings(7).
1986
1987       /proc/kmsg
1988              This file can be used instead of the syslog(2)  system  call  to
1989              read  kernel messages.  A process must have superuser privileges
1990              to read this file, and only one process should read  this  file.
1991              This  file  should  not  be  read if a syslog process is running
1992              which uses the syslog(2) system call facility to log kernel mes‐
1993              sages.
1994
1995              Information in this file is retrieved with the dmesg(1) program.
1996
1997       /proc/kpagecgroup (since Linux 4.3)
1998              This  file  contains  a 64-bit inode number of the memory cgroup
1999              each page is charged to, indexed by page frame number  (see  the
2000              discussion of /proc/[pid]/pagemap).
2001
2002              The  /proc/kpagecgroup  file is present only if the CONFIG_MEMCG
2003              kernel configuration option is enabled.
2004
2005       /proc/kpagecount (since Linux 2.6.25)
2006              This file contains a 64-bit count of the number  of  times  each
2007              physical page frame is mapped, indexed by page frame number (see
2008              the discussion of /proc/[pid]/pagemap).
2009
2010              The  /proc/kpagecount  file  is  present  only   if   the   CON‐
2011              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2012
2013       /proc/kpageflags (since Linux 2.6.25)
2014              This  file  contains 64-bit masks corresponding to each physical
2015              page frame; it is indexed by page frame number (see the  discus‐
2016              sion of /proc/[pid]/pagemap).  The bits are as follows:
2017
2018                   0 - KPF_LOCKED
2019                   1 - KPF_ERROR
2020                   2 - KPF_REFERENCED
2021                   3 - KPF_UPTODATE
2022                   4 - KPF_DIRTY
2023                   5 - KPF_LRU
2024                   6 - KPF_ACTIVE
2025                   7 - KPF_SLAB
2026                   8 - KPF_WRITEBACK
2027                   9 - KPF_RECLAIM
2028                  10 - KPF_BUDDY
2029                  11 - KPF_MMAP           (since Linux 2.6.31)
2030                  12 - KPF_ANON           (since Linux 2.6.31)
2031                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
2032                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
2033                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
2034                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
2035                  17 - KPF_HUGE           (since Linux 2.6.31)
2036                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
2037                  19 - KPF_HWPOISON       (since Linux 2.6.31)
2038                  20 - KPF_NOPAGE         (since Linux 2.6.31)
2039                  21 - KPF_KSM            (since Linux 2.6.32)
2040                  22 - KPF_THP            (since Linux 3.4)
2041                  23 - KPF_BALLOON        (since Linux 3.18)
2042                  24 - KPF_ZERO_PAGE      (since Linux 4.0)
2043                  25 - KPF_IDLE           (since Linux 4.3)
2044
2045              For  further details on the meanings of these bits, see the ker‐
2046              nel source  file  Documentation/vm/pagemap.txt.   Before  kernel
2047              2.6.29,  KPF_WRITEBACK,  KPF_RECLAIM,  KPF_BUDDY, and KPF_LOCKED
2048              did not report correctly.
2049
2050              The  /proc/kpageflags  file  is  present  only   if   the   CON‐
2051              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2052
2053       /proc/ksyms (Linux 1.1.23–2.5.47)
2054              See /proc/kallsyms.
2055
2056       /proc/loadavg
2057              The  first  three  fields  in this file are load average figures
2058              giving the number of jobs in the run queue (state R) or  waiting
2059              for disk I/O (state D) averaged over 1, 5, and 15 minutes.  They
2060              are the same as the load average numbers given by uptime(1)  and
2061              other  programs.  The fourth field consists of two numbers sepa‐
2062              rated by a slash (/).  The first of these is the number of  cur‐
2063              rently runnable kernel scheduling entities (processes, threads).
2064              The value after the slash is the  number  of  kernel  scheduling
2065              entities that currently exist on the system.  The fifth field is
2066              the PID of the process that was most  recently  created  on  the
2067              system.
2068
2069       /proc/locks
2070              This  file  shows current file locks (flock(2) and fcntl(2)) and
2071              leases (fcntl(2)).
2072
2073              An example of the content shown in this file is the following:
2074
2075                  1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2076                  2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
2077                  3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
2078                  4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
2079                  5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
2080                  6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
2081                  7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
2082                  8: OFDLCK ADVISORY  WRITE -1 08:01:8713209 128 191
2083
2084              The fields shown in each line are as follows:
2085
2086              (1) The ordinal position of the lock in the list.
2087
2088              (2) The lock type.  Values that may appear here include:
2089
2090                  FLOCK  This is a BSD file lock created using flock(2).
2091
2092                  OFDLCK This is an open file description (OFD)  lock  created
2093                         using fcntl(2).
2094
2095                  POSIX  This   is  a  POSIX  byte-range  lock  created  using
2096                         fcntl(2).
2097
2098              (3) Among the strings that can appear here are the following:
2099
2100                  ADVISORY
2101                         This is an advisory lock.
2102
2103                  MANDATORY
2104                         This is a mandatory lock.
2105
2106              (4) The type of lock.  Values that can appear here are:
2107
2108                  READ   This is a POSIX or OFD read lock,  or  a  BSD  shared
2109                         lock.
2110
2111                  WRITE  This is a POSIX or OFD write lock, or a BSD exclusive
2112                         lock.
2113
2114              (5) The PID of the process that owns the lock.
2115
2116                  Because OFD locks are not owned by a single  process  (since
2117                  multiple  processes  may have file descriptors that refer to
2118                  the same open file description), the value -1  is  displayed
2119                  in  this  field  for  OFD locks.  (Before kernel 4.14, a bug
2120                  meant that the PID of the process  that  initially  acquired
2121                  the lock was displayed instead of the value -1.)
2122
2123              (6) Three  colon-separated subfields that identify the major and
2124                  minor device ID of  the  device  containing  the  filesystem
2125                  where  the locked file resides, followed by the inode number
2126                  of the locked file.
2127
2128              (7) The byte offset of the first byte  of  the  lock.   For  BSD
2129                  locks, this value is always 0.
2130
2131              (8) The  byte  offset of the last byte of the lock.  EOF in this
2132                  field means that the lock extends to the end  of  the  file.
2133                  For BSD locks, the value shown is always EOF.
2134
2135              Since  Linux 4.9, the list of locks shown in /proc/locks is fil‐
2136              tered to show just the locks for the processes in the PID names‐
2137              pace  (see pid_namespaces(7)) for which the /proc filesystem was
2138              mounted.  (In the initial PID namespace, there is  no  filtering
2139              of the records shown in this file.)
2140
2141              The  lslocks(8)  command  provides  a bit more information about
2142              each lock.
2143
2144       /proc/malloc (only up to and including Linux 2.2)
2145              This file is present only  if  CONFIG_DEBUG_MALLOC  was  defined
2146              during compilation.
2147
2148       /proc/meminfo
2149              This  file  reports statistics about memory usage on the system.
2150              It is used by free(1) to report the amount of free and used mem‐
2151              ory (both physical and swap) on the system as well as the shared
2152              memory and buffers used by the kernel.  Each line  of  the  file
2153              consists  of a parameter name, followed by a colon, the value of
2154              the parameter, and an option unit of measurement  (e.g.,  "kB").
2155              The  list  below  describes  the  parameter names and the format
2156              specifier required to read the field  value.   Except  as  noted
2157              below,  all of the fields have been present since at least Linux
2158              2.6.0.  Some fields are displayed only if the kernel was config‐
2159              ured  with  various options; those dependencies are noted in the
2160              list.
2161
2162              MemTotal %lu
2163                     Total usable RAM (i.e., physical RAM minus a few reserved
2164                     bits and the kernel binary code).
2165
2166              MemFree %lu
2167                     The sum of LowFree+HighFree.
2168
2169              MemAvailable %lu (since Linux 3.14)
2170                     An  estimate of how much memory is available for starting
2171                     new applications, without swapping.
2172
2173              Buffers %lu
2174                     Relatively temporary storage for  raw  disk  blocks  that
2175                     shouldn't get tremendously large (20MB or so).
2176
2177              Cached %lu
2178                     In-memory  cache  for  files read from the disk (the page
2179                     cache).  Doesn't include SwapCached.
2180
2181              SwapCached %lu
2182                     Memory that once was swapped out, is swapped back in  but
2183                     still  also  is in the swap file.  (If memory pressure is
2184                     high, these pages don't need  to  be  swapped  out  again
2185                     because  they  are  already in the swap file.  This saves
2186                     I/O.)
2187
2188              Active %lu
2189                     Memory that has been used more recently and  usually  not
2190                     reclaimed unless absolutely necessary.
2191
2192              Inactive %lu
2193                     Memory  which  has  been  less recently used.  It is more
2194                     eligible to be reclaimed for other purposes.
2195
2196              Active(anon) %lu (since Linux 2.6.28)
2197                     [To be documented.]
2198
2199              Inactive(anon) %lu (since Linux 2.6.28)
2200                     [To be documented.]
2201
2202              Active(file) %lu (since Linux 2.6.28)
2203                     [To be documented.]
2204
2205              Inactive(file) %lu (since Linux 2.6.28)
2206                     [To be documented.]
2207
2208              Unevictable %lu (since Linux 2.6.28)
2209                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU  was
2210                     required.)  [To be documented.]
2211
2212              Mlocked %lu (since Linux 2.6.28)
2213                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was
2214                     required.)  [To be documented.]
2215
2216              HighTotal %lu
2217                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2218                     Total  amount  of  highmem.   Highmem is all memory above
2219                     ~860MB of physical memory.  Highmem areas are for use  by
2220                     user-space  programs,  or for the page cache.  The kernel
2221                     must use tricks to access this memory, making  it  slower
2222                     to access than lowmem.
2223
2224              HighFree %lu
2225                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2226                     Amount of free highmem.
2227
2228              LowTotal %lu
2229                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2230                     Total  amount  of  lowmem.  Lowmem is memory which can be
2231                     used for everything that highmem can be used for, but  it
2232                     is  also  available for the kernel's use for its own data
2233                     structures.  Among many other things, it is where  every‐
2234                     thing  from  Slab  is  allocated.  Bad things happen when
2235                     you're out of lowmem.
2236
2237              LowFree %lu
2238                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2239                     Amount of free lowmem.
2240
2241              MmapCopy %lu (since Linux 2.6.29)
2242                     (CONFIG_MMU is required.)  [To be documented.]
2243
2244              SwapTotal %lu
2245                     Total amount of swap space available.
2246
2247              SwapFree %lu
2248                     Amount of swap space that is currently unused.
2249
2250              Dirty %lu
2251                     Memory which is waiting to get written back to the disk.
2252
2253              Writeback %lu
2254                     Memory which is actively being written back to the disk.
2255
2256              AnonPages %lu (since Linux 2.6.18)
2257                     Non-file backed pages mapped into user-space page tables.
2258
2259              Mapped %lu
2260                     Files  which have been mapped into memory (with mmap(2)),
2261                     such as libraries.
2262
2263              Shmem %lu (since Linux 2.6.32)
2264                     Amount of memory consumed in tmpfs(5) filesystems.
2265
2266              Slab %lu
2267                     In-kernel data structures cache.  (See slabinfo(5).)
2268
2269              SReclaimable %lu (since Linux 2.6.19)
2270                     Part of Slab, that might be reclaimed, such as caches.
2271
2272              SUnreclaim %lu (since Linux 2.6.19)
2273                     Part of Slab, that cannot be reclaimed  on  memory  pres‐
2274                     sure.
2275
2276              KernelStack %lu (since Linux 2.6.32)
2277                     Amount of memory allocated to kernel stacks.
2278
2279              PageTables %lu (since Linux 2.6.18)
2280                     Amount  of  memory  dedicated to the lowest level of page
2281                     tables.
2282
2283              Quicklists %lu (since Linux 2.6.27)
2284                     (CONFIG_QUICKLIST is required.)  [To be documented.]
2285
2286              NFS_Unstable %lu (since Linux 2.6.18)
2287                     NFS pages sent to the server, but not  yet  committed  to
2288                     stable storage.
2289
2290              Bounce %lu (since Linux 2.6.18)
2291                     Memory used for block device "bounce buffers".
2292
2293              WritebackTmp %lu (since Linux 2.6.26)
2294                     Memory used by FUSE for temporary writeback buffers.
2295
2296              CommitLimit %lu (since Linux 2.6.10)
2297                     This is the total amount of memory currently available to
2298                     be allocated on the system, expressed in kilobytes.  This
2299                     limit  is adhered to only if strict overcommit accounting
2300                     is enabled (mode  2  in  /proc/sys/vm/overcommit_memory).
2301                     The   limit   is  calculated  according  to  the  formula
2302                     described under /proc/sys/vm/overcommit_memory.  For fur‐
2303                     ther  details,  see  the  kernel  source  file Documenta‐
2304                     tion/vm/overcommit-accounting.
2305
2306              Committed_AS %lu
2307                     The amount of memory presently allocated on  the  system.
2308                     The  committed memory is a sum of all of the memory which
2309                     has been allocated by processes, even if it has not  been
2310                     "used"  by them as of yet.  A process which allocates 1GB
2311                     of memory (using malloc(3) or similar), but touches  only
2312                     300MB  of that memory will show up as using only 300MB of
2313                     memory even if it has the address space allocated for the
2314                     entire 1GB.
2315
2316                     This  1GB  is memory which has been "committed" to by the
2317                     VM and can be used at any time by the allocating applica‐
2318                     tion.  With strict overcommit enabled on the system (mode
2319                     2 in /proc/sys/vm/overcommit_memory),  allocations  which
2320                     would exceed the CommitLimit will not be permitted.  This
2321                     is useful if one needs to guarantee that  processes  will
2322                     not  fail due to lack of memory once that memory has been
2323                     successfully allocated.
2324
2325              VmallocTotal %lu
2326                     Total size of vmalloc memory area.
2327
2328              VmallocUsed %lu
2329                     Amount of vmalloc area which is used.
2330
2331              VmallocChunk %lu
2332                     Largest contiguous block of vmalloc area which is free.
2333
2334              HardwareCorrupted %lu (since Linux 2.6.32)
2335                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]
2336
2337              AnonHugePages %lu (since Linux 2.6.38)
2338                     (CONFIG_TRANSPARENT_HUGEPAGE  is   required.)    Non-file
2339                     backed huge pages mapped into user-space page tables.
2340
2341              ShmemHugePages %lu (since Linux 4.8)
2342                     (CONFIG_TRANSPARENT_HUGEPAGE  is  required.)  Memory used
2343                     by shared memory (shmem) and tmpfs(5) allocated with huge
2344                     pages
2345
2346              ShmemPmdMapped %lu (since Linux 4.8)
2347                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared memory
2348                     mapped into user space with huge pages.
2349
2350              CmaTotal %lu (since Linux 3.1)
2351                     Total CMA (Contiguous  Memory  Allocator)  pages.   (CON‐
2352                     FIG_CMA is required.)
2353
2354              CmaFree %lu (since Linux 3.1)
2355                     Free  CMA  (Contiguous  Memory  Allocator)  pages.  (CON‐
2356                     FIG_CMA is required.)
2357
2358              HugePages_Total %lu
2359                     (CONFIG_HUGETLB_PAGE is required.)  The size of the  pool
2360                     of huge pages.
2361
2362              HugePages_Free %lu
2363                     (CONFIG_HUGETLB_PAGE  is  required.)   The number of huge
2364                     pages in the pool that are not yet allocated.
2365
2366              HugePages_Rsvd %lu (since Linux 2.6.17)
2367                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2368                     huge  pages  for  which a commitment to allocate from the
2369                     pool has been made, but no allocation has yet been  made.
2370                     These  reserved  huge pages guarantee that an application
2371                     will be able to allocate a huge page  from  the  pool  of
2372                     huge pages at fault time.
2373
2374              HugePages_Surp %lu (since Linux 2.6.24)
2375                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2376                     huge   pages   in   the   pool   above   the   value   in
2377                     /proc/sys/vm/nr_hugepages.  The maximum number of surplus
2378                     huge  pages  is  controlled  by  /proc/sys/vm/nr_overcom‐
2379                     mit_hugepages.
2380
2381              Hugepagesize %lu
2382                     (CONFIG_HUGETLB_PAGE  is  required.)   The  size  of huge
2383                     pages.
2384
2385              DirectMap4k %lu (since Linux 2.6.27)
2386                     Number of bytes of RAM linearly mapped by kernel  in  4kB
2387                     pages.  (x86.)
2388
2389              DirectMap4M %lu (since Linux 2.6.27)
2390                     Number  of  bytes of RAM linearly mapped by kernel in 4MB
2391                     pages.   (x86  with   CONFIG_X86_64   or   CONFIG_X86_PAE
2392                     enabled.)
2393
2394              DirectMap2M %lu (since Linux 2.6.27)
2395                     Number  of  bytes of RAM linearly mapped by kernel in 2MB
2396                     pages.   (x86  with  neither   CONFIG_X86_64   nor   CON‐
2397                     FIG_X86_PAE enabled.)
2398
2399              DirectMap1G %lu (since Linux 2.6.27)
2400                     (x86  with  CONFIG_X86_64  and  CONFIG_X86_DIRECT_GBPAGES
2401                     enabled.)
2402
2403       /proc/modules
2404              A text list of the modules that have been loaded by the  system.
2405              See also lsmod(8).
2406
2407       /proc/mounts
2408              Before  kernel  2.4.19, this file was a list of all the filesys‐
2409              tems currently mounted on the system.  With the introduction  of
2410              per-process  mount  namespaces in Linux 2.4.19 (see mount_names‐
2411              paces(7)), this file became a link to  /proc/self/mounts,  which
2412              lists  the  mount  points  of the process's own mount namespace.
2413              The format of this file is documented in fstab(5).
2414
2415       /proc/mtrr
2416              Memory Type Range Registers.  See the Linux kernel  source  file
2417              Documentation/x86/mtrr.txt   (or  Documentation/mtrr.txt  before
2418              Linux 2.6.28) for details.
2419
2420       /proc/net
2421              This directory contains various files  and  subdirectories  con‐
2422              taining  information about the networking layer.  The files con‐
2423              tain ASCII structures and are, therefore, readable with  cat(1).
2424              However,  the  standard  netstat(8)  suite provides much cleaner
2425              access to these files.
2426
2427              With the  advent  of  network  namespaces,  various  information
2428              relating  to  the  network  stack  is  virtualized  (see  names‐
2429              paces(7)).  Thus, since Linux 2.6.25, /proc/net  is  a  symbolic
2430              link  to  the  directory /proc/self/net, which contains the same
2431              files and directories as listed below.  However, these files and
2432              directories  now expose information for the network namespace of
2433              which the process is a member.
2434
2435       /proc/net/arp
2436              This holds an ASCII readable dump of the kernel ARP  table  used
2437              for  address resolutions.  It will show both dynamically learned
2438              and preprogrammed ARP entries.  The format is:
2439
2440       IP address     HW type   Flags     HW address          Mask   Device
2441       192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
2442       192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
2443
2444              Here "IP address" is the IPv4 address of the machine and the "HW
2445              type"  is  the  hardware  type of the address from RFC 826.  The
2446              flags are the internal flags of the ARP structure (as defined in
2447              /usr/include/linux/if_arp.h)  and  the  "HW address" is the data
2448              link layer mapping for that IP address if it is known.
2449
2450       /proc/net/dev
2451              The dev pseudo-file contains network device status  information.
2452              This  gives  the number of received and sent packets, the number
2453              of errors and collisions and other basic statistics.  These  are
2454              used  by  the  ifconfig(8) program to report device status.  The
2455              format is:
2456
2457 Inter-|   Receive                                                |  Transmit
2458  face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
2459     lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
2460   eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
2461   ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
2462   tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
2463
2464       /proc/net/dev_mcast
2465              Defined in /usr/src/linux/net/core/dev_mcast.c:
2466
2467                  indx interface_name  dmi_u dmi_g dmi_address
2468                  2    eth0            1     0     01005e000001
2469                  3    eth1            1     0     01005e000001
2470                  4    eth2            1     0     01005e000001
2471
2472       /proc/net/igmp
2473              Internet    Group    Management    Protocol.      Defined     in
2474              /usr/src/linux/net/core/igmp.c.
2475
2476       /proc/net/rarp
2477              This  file uses the same format as the arp file and contains the
2478              current reverse mapping database used to provide rarp(8) reverse
2479              address  lookup  services.   If  RARP is not configured into the
2480              kernel, this file will not be present.
2481
2482       /proc/net/raw
2483              Holds a dump of the RAW socket table.  Much of  the  information
2484              is  not of use apart from debugging.  The "sl" value is the ker‐
2485              nel hash slot for the socket, the "local_address" is  the  local
2486              address  and  protocol number pair.  "St" is the internal status
2487              of the socket.  The "tx_queue" and "rx_queue" are  the  outgoing
2488              and  incoming  data  queue in terms of kernel memory usage.  The
2489              "tr", "tm->when", and "rexmits" fields are not used by RAW.  The
2490              "uid"  field  holds  the  effective  UID  of  the creator of the
2491              socket.
2492
2493       /proc/net/snmp
2494              This file holds the ASCII data needed for the IP, ICMP, TCP, and
2495              UDP management information bases for an SNMP agent.
2496
2497       /proc/net/tcp
2498              Holds  a  dump of the TCP socket table.  Much of the information
2499              is not of use apart from debugging.  The "sl" value is the  ker‐
2500              nel  hash  slot for the socket, the "local_address" is the local
2501              address and port number pair.  The "rem_address" is  the  remote
2502              address and port number pair (if connected).  "St" is the inter‐
2503              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2504              outgoing  and  incoming  data  queue  in  terms of kernel memory
2505              usage.  The "tr", "tm->when", and "rexmits" fields hold internal
2506              information  of  the kernel socket state and are useful only for
2507              debugging.  The "uid" field holds the effective UID of the  cre‐
2508              ator of the socket.
2509
2510       /proc/net/udp
2511              Holds  a  dump of the UDP socket table.  Much of the information
2512              is not of use apart from debugging.  The "sl" value is the  ker‐
2513              nel  hash  slot for the socket, the "local_address" is the local
2514              address and port number pair.  The "rem_address" is  the  remote
2515              address and port number pair (if connected).  "St" is the inter‐
2516              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2517              outgoing  and  incoming  data  queue  in  terms of kernel memory
2518              usage.  The "tr", "tm->when", and "rexmits" fields are not  used
2519              by  UDP.  The "uid" field holds the effective UID of the creator
2520              of the socket.  The format is:
2521
2522 sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
2523  1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
2524  1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
2525  1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
2526
2527       /proc/net/unix
2528              Lists the UNIX domain sockets  present  within  the  system  and
2529              their status.  The format is:
2530
2531 Num RefCount Protocol Flags    Type St Path
2532  0: 00000002 00000000 00000000 0001 03
2533  1: 00000001 00000000 00010000 0001 01 /dev/printer
2534
2535              The fields are as follows:
2536
2537              Num:      the kernel table slot number.
2538
2539              RefCount: the number of users of the socket.
2540
2541              Protocol: currently always 0.
2542
2543              Flags:    the  internal  kernel  flags holding the status of the
2544                        socket.
2545
2546              Type:     the socket type.  For  SOCK_STREAM  sockets,  this  is
2547                        0001;  for  SOCK_DGRAM  sockets,  it  is 0002; and for
2548                        SOCK_SEQPACKET sockets, it is 0005.
2549
2550              St:       the internal state of the socket.
2551
2552              Path:     the bound path (if any) of the socket.  Sockets in the
2553                        abstract  namespace  are included in the list, and are
2554                        shown with a Path that commences  with  the  character
2555                        '@'.
2556
2557       /proc/net/netfilter/nfnetlink_queue
2558              This file contains information about netfilter user-space queue‐
2559              ing, if used.  Each line represents a queue.  Queues  that  have
2560              not been subscribed to by user space are not shown.
2561
2562                     1   4207     0  2 65535     0     0        0  1
2563                    (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
2564
2565              The fields in each line are:
2566
2567              (1)  The ID of the queue.  This matches what is specified in the
2568                   --queue-num or --queue-balance options to  the  iptables(8)
2569                   NFQUEUE target.  See iptables-extensions(8) for more infor‐
2570                   mation.
2571
2572              (2)  The netlink port ID subscribed to the queue.
2573
2574              (3)  The number of packets currently queued and  waiting  to  be
2575                   processed by the application.
2576
2577              (4)  The copy mode of the queue.  It is either 1 (metadata only)
2578                   or 2 (also copy payload data to user space).
2579
2580              (5)  Copy range; that is,  how  many  bytes  of  packet  payload
2581                   should be copied to user space at most.
2582
2583              (6)  queue dropped.  Number of packets that had to be dropped by
2584                   the kernel because too many packets are already waiting for
2585                   user space to send back the mandatory accept/drop verdicts.
2586
2587              (7)  queue  user  dropped.   Number of packets that were dropped
2588                   within the netlink subsystem.  Such  drops  usually  happen
2589                   when the corresponding socket buffer is full; that is, user
2590                   space is not able to read messages fast enough.
2591
2592              (8)  sequence number.  Every queued packet is associated with  a
2593                   (32-bit)  monotonically-increasing  sequence  number.  This
2594                   shows the ID of the most recent packet queued.
2595
2596              The last number exists only for  compatibility  reasons  and  is
2597              always 1.
2598
2599       /proc/partitions
2600              Contains  the  major and minor numbers of each partition as well
2601              as the number of 1024-byte blocks and the partition name.
2602
2603       /proc/pci
2604              This is a listing of all PCI devices found  during  kernel  ini‐
2605              tialization and their configuration.
2606
2607              This  file has been deprecated in favor of a new /proc interface
2608              for PCI  (/proc/bus/pci).   It  became  optional  in  Linux  2.2
2609              (available  with CONFIG_PCI_OLD_PROC set at kernel compilation).
2610              It became once more nonoptionally enabled in Linux  2.4.   Next,
2611              it  was  deprecated  in  Linux  2.6  (still  available with CON‐
2612              FIG_PCI_LEGACY_PROC set), and finally removed  altogether  since
2613              Linux 2.6.17.
2614
2615       /proc/profile (since Linux 2.4)
2616              This file is present only if the kernel was booted with the pro‐
2617              file=1 command-line option.  It exposes kernel profiling  infor‐
2618              mation  in  a  binary format for use by readprofile(1).  Writing
2619              (e.g., an empty string) to this file resets the profiling  coun‐
2620              ters; on some architectures, writing a binary integer "profiling
2621              multiplier" of size sizeof(int)  sets  the  profiling  interrupt
2622              frequency.
2623
2624       /proc/scsi
2625              A directory with the scsi mid-level pseudo-file and various SCSI
2626              low-level driver directories, which contain a file for each SCSI
2627              host  in  this system, all of which give the status of some part
2628              of the SCSI IO subsystem.  These files contain ASCII  structures
2629              and are, therefore, readable with cat(1).
2630
2631              You  can also write to some of the files to reconfigure the sub‐
2632              system or switch certain features on or off.
2633
2634       /proc/scsi/scsi
2635              This is a listing of all SCSI devices known to the kernel.   The
2636              listing  is  similar  to  the one seen during bootup.  scsi cur‐
2637              rently supports only the add-single-device command which  allows
2638              root to add a hotplugged device to the list of known devices.
2639
2640              The command
2641
2642                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
2643
2644              will  cause host scsi1 to scan on SCSI channel 0 for a device on
2645              ID 5 LUN 0.  If there is already a device known on this  address
2646              or the address is invalid, an error will be returned.
2647
2648       /proc/scsi/[drivername]
2649              [drivername]  can  currently  be  NCR53c7xx,  aha152x,  aha1542,
2650              aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000,
2651              pas16,  qlogic,  scsi_debug, seagate, t128, u15-24f, ultrastore,
2652              or wd7000.  These directories show up for all drivers that  reg‐
2653              istered  at  least  one  SCSI HBA.  Every directory contains one
2654              file per registered host.  Every host-file is  named  after  the
2655              number the host was assigned during initialization.
2656
2657              Reading these files will usually show driver and host configura‐
2658              tion, statistics, and so on.
2659
2660              Writing to these files  allows  different  things  on  different
2661              hosts.   For  example,  with the latency and nolatency commands,
2662              root can switch on and off command latency measurement  code  in
2663              the  eata_dma driver.  With the lockup and unlock commands, root
2664              can control bus lockups simulated by the scsi_debug driver.
2665
2666       /proc/self
2667              This  directory  refers  to  the  process  accessing  the  /proc
2668              filesystem, and is identical to the /proc directory named by the
2669              process ID of the same process.
2670
2671       /proc/slabinfo
2672              Information about kernel caches.  See slabinfo(5) for details.
2673
2674       /proc/stat
2675              kernel/system statistics.   Varies  with  architecture.   Common
2676              entries include:
2677
2678              cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
2679              cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
2680                     The   amount  of  time,  measured  in  units  of  USER_HZ
2681                     (1/100ths  of  a  second  on  most   architectures,   use
2682                     sysconf(_SC_CLK_TCK) to obtain the right value), that the
2683                     system ("cpu" line) or the  specific  CPU  ("cpuN"  line)
2684                     spent in various states:
2685
2686                     user   (1) Time spent in user mode.
2687
2688                     nice   (2)  Time  spent  in  user  mode with low priority
2689                            (nice).
2690
2691                     system (3) Time spent in system mode.
2692
2693                     idle   (4) Time spent  in  the  idle  task.   This  value
2694                            should  be  USER_HZ  times the second entry in the
2695                            /proc/uptime pseudo-file.
2696
2697                     iowait (since Linux 2.5.41)
2698                            (5) Time waiting for I/O to complete.  This  value
2699                            is not reliable, for the following reasons:
2700
2701                            1. The  CPU  will  not  wait  for I/O to complete;
2702                               iowait is the time that a task is  waiting  for
2703                               I/O  to  complete.   When  a CPU goes into idle
2704                               state for outstanding task  I/O,  another  task
2705                               will be scheduled on this CPU.
2706
2707                            2. On  a  multi-core CPU, the task waiting for I/O
2708                               to complete is not running on any CPU,  so  the
2709                               iowait of each CPU is difficult to calculate.
2710
2711                            3. The value in this field may decrease in certain
2712                               conditions.
2713
2714                     irq (since Linux 2.6.0-test4)
2715                            (6) Time servicing interrupts.
2716
2717                     softirq (since Linux 2.6.0-test4)
2718                            (7) Time servicing softirqs.
2719
2720                     steal (since Linux 2.6.11)
2721                            (8) Stolen time, which is the time spent in  other
2722                            operating  systems  when  running in a virtualized
2723                            environment
2724
2725                     guest (since Linux 2.6.24)
2726                            (9) Time spent running a  virtual  CPU  for  guest
2727                            operating  systems  under the control of the Linux
2728                            kernel.
2729
2730                     guest_nice (since Linux 2.6.33)
2731                            (10) Time spent running a niced guest (virtual CPU
2732                            for  guest  operating systems under the control of
2733                            the Linux kernel).
2734
2735              page 5741 1808
2736                     The number of pages the system paged in  and  the  number
2737                     that were paged out (from disk).
2738
2739              swap 1 0
2740                     The  number  of  swap pages that have been brought in and
2741                     out.
2742
2743              intr 1462898
2744                     This line shows counts of interrupts serviced since  boot
2745                     time,  for  each  of the possible system interrupts.  The
2746                     first column is the  total  of  all  interrupts  serviced
2747                     including  unnumbered  architecture  specific interrupts;
2748                     each subsequent column is the total for  that  particular
2749                     numbered interrupt.  Unnumbered interrupts are not shown,
2750                     only summed into the total.
2751
2752              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
2753                     (major,disk_idx):(noinfo,     read_io_ops,     blks_read,
2754                     write_io_ops, blks_written)
2755                     (Linux 2.4 only)
2756
2757              ctxt 115315
2758                     The number of context switches that the system underwent.
2759
2760              btime 769041601
2761                     boot   time,  in  seconds  since  the  Epoch,  1970-01-01
2762                     00:00:00 +0000 (UTC).
2763
2764              processes 86031
2765                     Number of forks since boot.
2766
2767              procs_running 6
2768                     Number of processes in  runnable  state.   (Linux  2.5.45
2769                     onward.)
2770
2771              procs_blocked 2
2772                     Number  of processes blocked waiting for I/O to complete.
2773                     (Linux 2.5.45 onward.)
2774
2775              softirq 229245889 94 60001584 13619 5175704 2471304 28  51212741
2776              59130143 0 51240672
2777                     This  line shows the number of softirq for all CPUs.  The
2778                     first column is the total of all softirqs and each subse‐
2779                     quent column is the total for particular softirq.  (Linux
2780                     2.6.31 onward.)
2781
2782       /proc/swaps
2783              Swap areas in use.  See also swapon(8).
2784
2785       /proc/sys
2786              This directory (present since 1.3.57) contains a number of files
2787              and  subdirectories  corresponding  to  kernel variables.  These
2788              variables can be read and sometimes  modified  using  the  /proc
2789              filesystem, and the (deprecated) sysctl(2) system call.
2790
2791              String values may be terminated by either '\0' or '\n'.
2792
2793              Integer  and  long values may be written either in decimal or in
2794              hexadecimal notation (e.g. 0x3FFF).  When writing multiple inte‐
2795              ger or long values, these may be separated by any of the follow‐
2796              ing whitespace characters: ' ', '\t', or '\n'.  Using other sep‐
2797              arators leads to the error EINVAL.
2798
2799       /proc/sys/abi (since Linux 2.4.10)
2800              This  directory may contain files with application binary infor‐
2801              mation.   See  the   Linux   kernel   source   file   Documenta‐
2802              tion/sysctl/abi.txt for more information.
2803
2804       /proc/sys/debug
2805              This directory may be empty.
2806
2807       /proc/sys/dev
2808              This   directory  contains  device-specific  information  (e.g.,
2809              dev/cdrom/info).  On some systems, it may be empty.
2810
2811       /proc/sys/fs
2812              This directory contains the files and subdirectories for  kernel
2813              variables related to filesystems.
2814
2815       /proc/sys/fs/binfmt_misc
2816              Documentation  for  files  in this directory can be found in the
2817              Linux   kernel   source   in   the   file   Documentation/admin-
2818              guide/binfmt-misc.rst  (or  in  Documentation/binfmt_misc.txt on
2819              older kernels).
2820
2821       /proc/sys/fs/dentry-state (since Linux 2.2)
2822              This file contains information about the status of the directory
2823              cache  (dcache).   The  file  contains  six  numbers, nr_dentry,
2824              nr_unused,  age_limit  (age  in  seconds),   want_pages   (pages
2825              requested by system) and two dummy values.
2826
2827              * nr_dentry   is   the  number  of  allocated  dentries  (dcache
2828                entries).  This field is unused in Linux 2.2.
2829
2830              * nr_unused is the number of unused dentries.
2831
2832              * age_limit is the age in seconds after which dcache entries can
2833                be reclaimed when memory is short.
2834
2835              * want_pages   is   nonzero   when   the   kernel   has   called
2836                shrink_dcache_pages() and the dcache isn't pruned yet.
2837
2838       /proc/sys/fs/dir-notify-enable
2839              This file can be used to disable or enable the dnotify interface
2840              described  in  fcntl(2) on a system-wide basis.  A value of 0 in
2841              this file disables the interface, and a value of 1 enables it.
2842
2843       /proc/sys/fs/dquot-max
2844              This file shows the maximum number of cached disk quota entries.
2845              On some (2.4) systems, it is not present.  If the number of free
2846              cached disk quota entries is very low and you have some  awesome
2847              number of simultaneous system users, you might want to raise the
2848              limit.
2849
2850       /proc/sys/fs/dquot-nr
2851              This file shows the number of allocated disk quota  entries  and
2852              the number of free disk quota entries.
2853
2854       /proc/sys/fs/epoll (since Linux 2.6.28)
2855              This  directory contains the file max_user_watches, which can be
2856              used to limit the amount of kernel memory consumed by the  epoll
2857              interface.  For further details, see epoll(7).
2858
2859       /proc/sys/fs/file-max
2860              This  file  defines  a  system-wide  limit on the number of open
2861              files for all processes.  System calls that fail when encounter‐
2862              ing  this  limit  fail  with  the error ENFILE.  (See also setr‐
2863              limit(2), which can be used by a process to set the  per-process
2864              limit,  RLIMIT_NOFILE,  on the number of files it may open.)  If
2865              you get lots of error messages in the kernel log  about  running
2866              out  of  file  handles  (look  for "VFS: file-max limit <number>
2867              reached"), try increasing this value:
2868
2869                  echo 100000 > /proc/sys/fs/file-max
2870
2871              Privileged processes (CAP_SYS_ADMIN) can override  the  file-max
2872              limit.
2873
2874       /proc/sys/fs/file-nr
2875              This  (read-only)  file  contains  three  numbers: the number of
2876              allocated file handles (i.e.,  the  number  of  files  presently
2877              opened); the number of free file handles; and the maximum number
2878              of file handles (i.e., the same value as /proc/sys/fs/file-max).
2879              If the number of allocated file handles is close to the maximum,
2880              you should consider increasing the maximum.  Before  Linux  2.6,
2881              the  kernel  allocated  file  handles dynamically, but it didn't
2882              free them again.  Instead the free file handles were kept  in  a
2883              list  for  reallocation; the "free file handles" value indicates
2884              the size of that list.  A large  number  of  free  file  handles
2885              indicates  that  there was a past peak in the usage of open file
2886              handles.  Since Linux 2.6, the kernel does deallocate freed file
2887              handles, and the "free file handles" value is always zero.
2888
2889       /proc/sys/fs/inode-max (only present until Linux 2.2)
2890              This file contains the maximum number of in-memory inodes.  This
2891              value should be 3–4 times larger than  the  value  in  file-max,
2892              since  stdin,  stdout  and network sockets also need an inode to
2893              handle them.  When you regularly run out of inodes, you need  to
2894              increase this value.
2895
2896              Starting  with  Linux  2.4, there is no longer a static limit on
2897              the number of inodes, and this file is removed.
2898
2899       /proc/sys/fs/inode-nr
2900              This file contains the first two values from inode-state.
2901
2902       /proc/sys/fs/inode-state
2903              This file contains  seven  numbers:  nr_inodes,  nr_free_inodes,
2904              preshrink, and four dummy values (always zero).
2905
2906              nr_inodes  is  the  number  of  inodes the system has allocated.
2907              nr_free_inodes represents the number of free inodes.
2908
2909              preshrink is nonzero when the nr_inodes > inode-max and the sys‐
2910              tem  needs  to  prune the inode list instead of allocating more;
2911              since Linux 2.4, this field is a dummy value (always zero).
2912
2913       /proc/sys/fs/inotify (since Linux 2.6.13)
2914              This     directory     contains     files     max_queued_events,
2915              max_user_instances,  and  max_user_watches,  that can be used to
2916              limit the amount of kernel memory consumed by the inotify inter‐
2917              face.  For further details, see inotify(7).
2918
2919       /proc/sys/fs/lease-break-time
2920              This file specifies the grace period that the kernel grants to a
2921              process holding a file lease (fcntl(2)) after it has sent a sig‐
2922              nal to that process notifying it that another process is waiting
2923              to open the file.  If the lease holder does not remove or  down‐
2924              grade  the  lease  within this grace period, the kernel forcibly
2925              breaks the lease.
2926
2927       /proc/sys/fs/leases-enable
2928              This  file  can  be  used  to  enable  or  disable  file  leases
2929              (fcntl(2))  on  a  system-wide basis.  If this file contains the
2930              value 0, leases are disabled.  A nonzero value enables leases.
2931
2932       /proc/sys/fs/mount-max (since Linux 4.9)
2933              The value in this file specifies the maximum  number  of  mounts
2934              that  may exist in a mount namespace.  The default value in this
2935              file is 100,000.
2936
2937       /proc/sys/fs/mqueue (since Linux 2.6.6)
2938              This  directory  contains  files   msg_max,   msgsize_max,   and
2939              queues_max,  controlling  the  resources  used  by POSIX message
2940              queues.  See mq_overview(7) for details.
2941
2942       /proc/sys/fs/nr_open (since Linux 2.6.25)
2943              This  file  imposes  ceiling  on  the   value   to   which   the
2944              RLIMIT_NOFILE  resource  limit can be raised (see getrlimit(2)).
2945              This ceiling is enforced for both  unprivileged  and  privileged
2946              process.   The  default  value in this file is 1048576.  (Before
2947              Linux 2.6.25, the ceiling for RLIMIT_NOFILE  was  hard-coded  to
2948              the same value.)
2949
2950       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
2951              These  files  allow you to change the value of the fixed UID and
2952              GID.  The default  is  65534.   Some  filesystems  support  only
2953              16-bit  UIDs  and  GIDs,  although in Linux UIDs and GIDs are 32
2954              bits.  When one of these  filesystems  is  mounted  with  writes
2955              enabled, any UID or GID that would exceed 65535 is translated to
2956              the overflow value before being written to disk.
2957
2958       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
2959              See pipe(7).
2960
2961       /proc/sys/fs/pipe-user-pages-hard (since Linux 4.5)
2962              See pipe(7).
2963
2964       /proc/sys/fs/pipe-user-pages-soft (since Linux 4.5)
2965              See pipe(7).
2966
2967       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
2968              When the value in this file is 0, no restrictions are placed  on
2969              the  creation of hard links (i.e., this is the historical behav‐
2970              ior before Linux 3.6).  When the value in this file is 1, a hard
2971              link  can be created to a target file only if one of the follow‐
2972              ing conditions is true:
2973
2974              *  The calling process has the CAP_FOWNER capability in its user
2975                 namespace and the file UID has a mapping in the namespace.
2976
2977              *  The  filesystem  UID of the process creating the link matches
2978                 the owner (UID) of the target file (as described  in  creden‐
2979                 tials(7),  a process's filesystem UID is normally the same as
2980                 its effective UID).
2981
2982              *  All of the following conditions are true:
2983
2984                  ·  the target is a regular file;
2985
2986                  ·  the target file does not have its  set-user-ID  mode  bit
2987                     enabled;
2988
2989                  ·  the  target  file does not have both its set-group-ID and
2990                     group-executable mode bits enabled; and
2991
2992                  ·  the caller has permission to read and  write  the  target
2993                     file  (either  via the file's permissions mask or because
2994                     it has suitable capabilities).
2995
2996              The default value in this file is 0.  Setting  the  value  to  1
2997              prevents a longstanding class of security issues caused by hard-
2998              link-based time-of-check, time-of-use races, most commonly  seen
2999              in  world-writable  directories such as /tmp.  The common method
3000              of exploiting this flaw is to cross  privilege  boundaries  when
3001              following a given hard link (i.e., a root process follows a hard
3002              link created by another user).  Additionally, on systems without
3003              separated  partitions,  this stops unauthorized users from "pin‐
3004              ning" vulnerable  set-user-ID  and  set-group-ID  files  against
3005              being  upgraded  by  the  administrator,  or  linking to special
3006              files.
3007
3008       /proc/sys/fs/protected_symlinks (since Linux 3.6)
3009              When the value in this file is 0, no restrictions are placed  on
3010              following  symbolic links (i.e., this is the historical behavior
3011              before Linux 3.6).  When the value in this file is  1,  symbolic
3012              links are followed only in the following circumstances:
3013
3014              *  the  filesystem UID of the process following the link matches
3015                 the owner (UID) of the symbolic link (as described in creden‐
3016                 tials(7),  a process's filesystem UID is normally the same as
3017                 its effective UID);
3018
3019              *  the link is not in a sticky world-writable directory; or
3020
3021              *  the symbolic link and its  parent  directory  have  the  same
3022                 owner (UID)
3023
3024              A  system  call  that fails to follow a symbolic link because of
3025              the above restrictions returns the error EACCES in errno.
3026
3027              The default value in this file is 0.  Setting  the  value  to  1
3028              avoids a longstanding class of security issues based on time-of-
3029              check, time-of-use races when accessing symbolic links.
3030
3031       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
3032              The value in this file is assigned  to  a  process's  "dumpable"
3033              flag in the circumstances described in prctl(2).  In effect, the
3034              value in this file determines whether core dump files  are  pro‐
3035              duced  for  set-user-ID or otherwise protected/tainted binaries.
3036              The "dumpable" setting also affects the ownership of files in  a
3037              process's /proc/[pid] directory, as described above.
3038
3039              Three different integer values can be specified:
3040
3041              0 (default)
3042                     This  provides  the traditional (pre-Linux 2.6.13) behav‐
3043                     ior.  A core dump will not  be  produced  for  a  process
3044                     which  has  changed  credentials  (by calling seteuid(2),
3045                     setgid(2), or similar, or by executing a  set-user-ID  or
3046                     set-group-ID  program) or whose binary does not have read
3047                     permission enabled.
3048
3049              1 ("debug")
3050                     All processes dump core when possible.   (Reasons  why  a
3051                     process might nevertheless not dump core are described in
3052                     core(5).)  The core dump is owned by the filesystem  user
3053                     ID  of  the  dumping  process and no security is applied.
3054                     This is intended for system  debugging  situations  only:
3055                     this  mode  is  insecure  because  it allows unprivileged
3056                     users to examine the memory contents of  privileged  pro‐
3057                     cesses.
3058
3059              2 ("suidsafe")
3060                     Any  binary  which  normally would not be dumped (see "0"
3061                     above) is dumped readable by root only.  This allows  the
3062                     user  to  remove  the  core dump file but not to read it.
3063                     For security reasons core dumps in  this  mode  will  not
3064                     overwrite  one  another  or  other  files.   This mode is
3065                     appropriate when administrators are attempting  to  debug
3066                     problems in a normal environment.
3067
3068                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pat‐
3069                     tern must either be an absolute pathname or a  pipe  com‐
3070                     mand,  as  detailed in core(5).  Warnings will be written
3071                     to the kernel log if core_pattern does not  follow  these
3072                     rules, and no core dump will be produced.
3073
3074              For  details  of the effect of a process's "dumpable" setting on
3075              ptrace access mode checking, see ptrace(2).
3076
3077       /proc/sys/fs/super-max
3078              This file controls the maximum number of superblocks,  and  thus
3079              the  maximum  number of mounted filesystems the kernel can have.
3080              You need increase only super-max  if  you  need  to  mount  more
3081              filesystems than the current value in super-max allows you to.
3082
3083       /proc/sys/fs/super-nr
3084              This file contains the number of filesystems currently mounted.
3085
3086       /proc/sys/kernel
3087              This  directory  contains  files  controlling  a range of kernel
3088              parameters, as described below.
3089
3090       /proc/sys/kernel/acct
3091              This file contains three numbers: highwater, lowwater, and  fre‐
3092              quency.   If BSD-style process accounting is enabled, these val‐
3093              ues control its behavior.  If free space on filesystem where the
3094              log  lives goes below lowwater percent, accounting suspends.  If
3095              free space gets above  highwater  percent,  accounting  resumes.
3096              frequency  determines  how often the kernel checks the amount of
3097              free space (value is in seconds).  Default values are 4,  2  and
3098              30.   That  is,  suspend accounting if 2% or less space is free;
3099              resume it if 4% or more  space  is  free;  consider  information
3100              about amount of free space valid for 30 seconds.
3101
3102       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
3103              From  Linux 2.6.27 to 3.18, this file was used to control recom‐
3104              puting of the value in /proc/sys/kernel/msgmni upon the addition
3105              or  removal  of  memory  or upon IPC namespace creation/removal.
3106              Echoing "1" into this file enabled msgmni automatic  recomputing
3107              (and  triggered  a  recomputation of msgmni based on the current
3108              amount of available memory and number of IPC namespaces).  Echo‐
3109              ing  "0" disabled automatic recomputing.  (Automatic recomputing
3110              was  also  disabled  if  a  value  was  explicitly  assigned  to
3111              /proc/sys/kernel/msgmni.)   The default value in auto_msgmni was
3112              1.
3113
3114              Since Linux 3.19,  the  content  of  this  file  has  no  effect
3115              (because  msgmni  defaults  to near the maximum value possible),
3116              and reads from this file always return the value "0".
3117
3118       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
3119              See capabilities(7).
3120
3121       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
3122              This file holds the value of the kernel capability bounding  set
3123              (expressed  as  a  signed  decimal  number).   This set is ANDed
3124              against  the  capabilities  permitted  to   a   process   during
3125              execve(2).  Starting with Linux 2.6.25, the system-wide capabil‐
3126              ity bounding set disappeared, and was replaced by  a  per-thread
3127              bounding set; see capabilities(7).
3128
3129       /proc/sys/kernel/core_pattern
3130              See core(5).
3131
3132       /proc/sys/kernel/core_pipe_limit
3133              See core(5).
3134
3135       /proc/sys/kernel/core_uses_pid
3136              See core(5).
3137
3138       /proc/sys/kernel/ctrl-alt-del
3139              This  file  controls  the handling of Ctrl-Alt-Del from the key‐
3140              board.  When the value  in  this  file  is  0,  Ctrl-Alt-Del  is
3141              trapped  and  sent  to  the init(1) program to handle a graceful
3142              restart.  When the value is greater than zero, Linux's  reaction
3143              to  a Vulcan Nerve Pinch (tm) will be an immediate reboot, with‐
3144              out even syncing its dirty buffers.  Note: when a program  (like
3145              dosemu)  has  the  keyboard  in  "raw" mode, the ctrl-alt-del is
3146              intercepted by the program before it ever reaches the kernel tty
3147              layer, and it's up to the program to decide what to do with it.
3148
3149       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
3150              The value in this file determines who can see kernel syslog con‐
3151              tents.  A value of 0 in this file imposes no  restrictions.   If
3152              the  value  is 1, only privileged users can read the kernel sys‐
3153              log.  (See syslog(2) for more details.)  Since Linux  3.4,  only
3154              users  with the CAP_SYS_ADMIN capability may change the value in
3155              this file.
3156
3157       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
3158              can be used to set the NIS/YP domainname  and  the  hostname  of
3159              your  box  in exactly the same way as the commands domainname(1)
3160              and hostname(1), that is:
3161
3162                  # echo 'darkstar' > /proc/sys/kernel/hostname
3163                  # echo 'mydomain' > /proc/sys/kernel/domainname
3164
3165              has the same effect as
3166
3167                  # hostname 'darkstar'
3168                  # domainname 'mydomain'
3169
3170              Note, however, that the classic darkstar.frop.org has the  host‐
3171              name "darkstar" and DNS (Internet Domain Name Server) domainname
3172              "frop.org", not to be confused with the NIS (Network Information
3173              Service)  or  YP  (Yellow  Pages)  domainname.  These two domain
3174              names are in general different.  For a detailed  discussion  see
3175              the hostname(1) man page.
3176
3177       /proc/sys/kernel/hotplug
3178              This  file  contains the path for the hotplug policy agent.  The
3179              default value in this file is /sbin/hotplug.
3180
3181       /proc/sys/kernel/htab-reclaim (before Linux 2.4.9.2)
3182              (PowerPC only) If this file is set to a nonzero value, the  Pow‐
3183              erPC  htab  (see kernel file Documentation/powerpc/ppc_htab.txt)
3184              is pruned each time the system hits the idle loop.
3185
3186       /proc/sys/kernel/keys/*
3187              This directory contains various files that define parameters and
3188              limits   for  the  key-management  facility.   These  files  are
3189              described in keyrings(7).
3190
3191       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
3192              The value in this file determines whether kernel  addresses  are
3193              exposed  via  /proc files and other interfaces.  A value of 0 in
3194              this file imposes no restrictions.  If the value  is  1,  kernel
3195              pointers printed using the %pK format specifier will be replaced
3196              with zeros unless the user has the  CAP_SYSLOG  capability.   If
3197              the  value  is  2,  kernel pointers printed using the %pK format
3198              specifier will be replaced with zeros regardless of  the  user's
3199              capabilities.   The  initial  default value for this file was 1,
3200              but the default was changed to 0 in Linux 2.6.39.   Since  Linux
3201              3.4, only users with the CAP_SYS_ADMIN capability can change the
3202              value in this file.
3203
3204       /proc/sys/kernel/l2cr
3205              (PowerPC only) This file contains a flag that  controls  the  L2
3206              cache  of  G3  processor  boards.   If 0, the cache is disabled.
3207              Enabled if nonzero.
3208
3209       /proc/sys/kernel/modprobe
3210              This file contains the path for the kernel module  loader.   The
3211              default  value  is  /sbin/modprobe.  The file is present only if
3212              the kernel is built  with  the  CONFIG_MODULES  (CONFIG_KMOD  in
3213              Linux  2.6.26  and  earlier) option enabled.  It is described by
3214              the Linux kernel  source  file  Documentation/kmod.txt  (present
3215              only in kernel 2.4 and earlier).
3216
3217       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
3218              A toggle value indicating if modules are allowed to be loaded in
3219              an otherwise modular kernel.  This toggle defaults to  off  (0),
3220              but  can  be  set  true  (1).  Once true, modules can be neither
3221              loaded nor unloaded, and the toggle cannot be set back to false.
3222              The  file  is  present only if the kernel is built with the CON‐
3223              FIG_MODULES option enabled.
3224
3225       /proc/sys/kernel/msgmax (since Linux 2.2)
3226              This file defines a system-wide  limit  specifying  the  maximum
3227              number  of  bytes in a single message written on a System V mes‐
3228              sage queue.
3229
3230       /proc/sys/kernel/msgmni (since Linux 2.4)
3231              This file defines the system-wide limit on the number of message
3232              queue identifiers.  See also /proc/sys/kernel/auto_msgmni.
3233
3234       /proc/sys/kernel/msgmnb (since Linux 2.2)
3235              This file defines a system-wide parameter used to initialize the
3236              msg_qbytes setting for subsequently created message queues.  The
3237              msg_qbytes  setting  specifies  the maximum number of bytes that
3238              may be written to the message queue.
3239
3240       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
3241              This is a read-only file that displays the upper  limit  on  the
3242              number of a process's group memberships.
3243
3244       /proc/sys/kernel/ns_last_pid (since Linux 3.3)
3245              See pid_namespaces(7).
3246
3247       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
3248              These files give substrings of /proc/version.
3249
3250       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
3251              These  files  duplicate  the  files /proc/sys/fs/overflowgid and
3252              /proc/sys/fs/overflowuid.
3253
3254       /proc/sys/kernel/panic
3255              This  file  gives  read/write  access  to  the  kernel  variable
3256              panic_timeout.   If  this  is  zero,  the  kernel will loop on a
3257              panic; if nonzero, it indicates that the kernel  should  autore‐
3258              boot  after  this  number of seconds.  When you use the software
3259              watchdog device driver, the recommended setting is 60.
3260
3261       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
3262              This file controls the kernel's behavior when an oops or BUG  is
3263              encountered.   If this file contains 0, then the system tries to
3264              continue operation.  If it contains 1, then the system delays  a
3265              few  seconds  (to give klogd time to record the oops output) and
3266              then  panics.   If  the  /proc/sys/kernel/panic  file  is   also
3267              nonzero, then the machine will be rebooted.
3268
3269       /proc/sys/kernel/pid_max (since Linux 2.5.34)
3270              This  file  specifies the value at which PIDs wrap around (i.e.,
3271              the value in this file is one greater  than  the  maximum  PID).
3272              PIDs  greater than this value are not allocated; thus, the value
3273              in this file also acts as a system-wide limit on the total  num‐
3274              ber  of processes and threads.  The default value for this file,
3275              32768, results in the same range of PIDs as on earlier  kernels.
3276              On 32-bit platforms, 32768 is the maximum value for pid_max.  On
3277              64-bit systems, pid_max can be set  to  any  value  up  to  2^22
3278              (PID_MAX_LIMIT, approximately 4 million).
3279
3280       /proc/sys/kernel/powersave-nap (PowerPC only)
3281              This file contains a flag.  If set, Linux-PPC will use the "nap"
3282              mode of powersaving, otherwise the "doze" mode will be used.
3283
3284       /proc/sys/kernel/printk
3285              See syslog(2).
3286
3287       /proc/sys/kernel/pty (since Linux 2.6.4)
3288              This directory contains two files relating to the number of UNIX
3289              98 pseudoterminals (see pts(4)) on the system.
3290
3291       /proc/sys/kernel/pty/max
3292              This file defines the maximum number of pseudoterminals.
3293
3294       /proc/sys/kernel/pty/nr
3295              This  read-only file indicates how many pseudoterminals are cur‐
3296              rently in use.
3297
3298       /proc/sys/kernel/random
3299              This directory contains various parameters controlling the oper‐
3300              ation of the file /dev/random.  See random(4) for further infor‐
3301              mation.
3302
3303       /proc/sys/kernel/random/uuid (since Linux 2.4)
3304              Each read from this read-only file returns a randomly  generated
3305              128-bit UUID, as a string in the standard UUID format.
3306
3307       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
3308              Select  the address space layout randomization (ASLR) policy for
3309              the system (on architectures that support ASLR).   Three  values
3310              are supported for this file:
3311
3312              0  Turn  ASLR  off.   This is the default for architectures that
3313                 don't support ASLR, and when the kernel is  booted  with  the
3314                 norandmaps parameter.
3315
3316              1  Make the addresses of mmap(2) allocations, the stack, and the
3317                 VDSO page randomized.  Among other things,  this  means  that
3318                 shared libraries will be loaded at randomized addresses.  The
3319                 text segment of PIE-linked binaries will also be loaded at  a
3320                 randomized  address.  This value is the default if the kernel
3321                 was configured with CONFIG_COMPAT_BRK.
3322
3323              2  (Since Linux 2.6.25) Also support heap  randomization.   This
3324                 value  is  the  default if the kernel was not configured with
3325                 CONFIG_COMPAT_BRK.
3326
3327       /proc/sys/kernel/real-root-dev
3328              This file is documented in the Linux kernel source file Documen‐
3329              tation/admin-guide/initrd.rst    (or    Documentation/initrd.txt
3330              before Linux 4.10).
3331
3332       /proc/sys/kernel/reboot-cmd (Sparc only)
3333              This file seems to be a way to give an  argument  to  the  SPARC
3334              ROM/Flash  boot  loader.   Maybe  to  tell  it  what to do after
3335              rebooting?
3336
3337       /proc/sys/kernel/rtsig-max
3338              (Only in kernels up to and including  2.6.7;  see  setrlimit(2))
3339              This  file can be used to tune the maximum number of POSIX real-
3340              time (queued) signals that can be outstanding in the system.
3341
3342       /proc/sys/kernel/rtsig-nr
3343              (Only in kernels up to and including 2.6.7.)   This  file  shows
3344              the number of POSIX real-time signals currently queued.
3345
3346       /proc/[pid]/sched_autogroup_enabled (since Linux 2.6.38)
3347              See sched(7).
3348
3349       /proc/sys/kernel/sched_child_runs_first (since Linux 2.6.23)
3350              If this file contains the value zero, then, after a fork(2), the
3351              parent is first scheduled on the CPU.  If the  file  contains  a
3352              nonzero  value,  then  the  child is scheduled first on the CPU.
3353              (Of course, on a multiprocessor system, the parent and the child
3354              might both immediately be scheduled on a CPU.)
3355
3356       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
3357              See sched_rr_get_interval(2).
3358
3359       /proc/sys/kernel/sched_rt_period_us (since Linux 2.6.25)
3360              See sched(7).
3361
3362       /proc/sys/kernel/sched_rt_runtime_us (since Linux 2.6.25)
3363              See sched(7).
3364
3365       /proc/sys/kernel/seccomp (since Linux 4.14)
3366              This  directory provides additional seccomp information and con‐
3367              figuration.  See seccomp(2) for further details.
3368
3369       /proc/sys/kernel/sem (since Linux 2.4)
3370              This file contains 4 numbers defining limits for  System  V  IPC
3371              semaphores.  These fields are, in order:
3372
3373              SEMMSL  The maximum semaphores per semaphore set.
3374
3375              SEMMNS  A  system-wide  limit on the number of semaphores in all
3376                      semaphore sets.
3377
3378              SEMOPM  The maximum number of operations that may  be  specified
3379                      in a semop(2) call.
3380
3381              SEMMNI  A  system-wide  limit on the maximum number of semaphore
3382                      identifiers.
3383
3384       /proc/sys/kernel/sg-big-buff
3385              This file shows the size of the generic SCSI device (sg) buffer.
3386              You  can't  tune it just yet, but you could change it at compile
3387              time by editing include/scsi/sg.h  and  changing  the  value  of
3388              SG_BIG_BUFF.   However,  there shouldn't be any reason to change
3389              this value.
3390
3391       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
3392              If this file is set to 1, all System V  shared  memory  segments
3393              will be marked for destruction as soon as the number of attached
3394              processes falls to zero; in other words, it is no longer  possi‐
3395              ble to create shared memory segments that exist independently of
3396              any attached process.
3397
3398              The effect is as though a shmctl(2) IPC_RMID is performed on all
3399              existing  segments as well as all segments created in the future
3400              (until this file is reset to 0).  Note  that  existing  segments
3401              that  are  attached  to no process will be immediately destroyed
3402              when this file is set to  1.   Setting  this  option  will  also
3403              destroy  segments  that  were  created, but never attached, upon
3404              termination  of  the  process  that  created  the  segment  with
3405              shmget(2).
3406
3407              Setting  this file to 1 provides a way of ensuring that all Sys‐
3408              tem V shared memory segments are counted  against  the  resource
3409              usage  and  resource limits (see the description of RLIMIT_AS in
3410              getrlimit(2)) of at least one process.
3411
3412              Because setting this file to 1 produces behavior  that  is  non‐
3413              standard and could also break existing applications, the default
3414              value in this file is 0.  Set this file to 1 only if you have  a
3415              good  understanding  of  the semantics of the applications using
3416              System V shared memory on your system.
3417
3418       /proc/sys/kernel/shmall (since Linux 2.2)
3419              This file contains the system-wide limit on the total number  of
3420              pages of System V shared memory.
3421
3422       /proc/sys/kernel/shmmax (since Linux 2.2)
3423              This file can be used to query and set the run-time limit on the
3424              maximum (System V IPC) shared memory segment size  that  can  be
3425              created.   Shared memory segments up to 1GB are now supported in
3426              the kernel.  This value defaults to SHMMAX.
3427
3428       /proc/sys/kernel/shmmni (since Linux 2.4)
3429              This file specifies the system-wide maximum number of  System  V
3430              shared memory segments that can be created.
3431
3432       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
3433              The  value  in  this file determines how the file offset affects
3434              the behavior of updating entries in files under /proc/sys.   The
3435              file has three possible values:
3436
3437              -1  This  provides  legacy  handling,  with  no printk warnings.
3438                  Each write(2) must fully contain the value  to  be  written,
3439                  and  multiple  writes on the same file descriptor will over‐
3440                  write the entire value, regardless of the file position.
3441
3442              0   (default) This provides the same behavior  as  for  -1,  but
3443                  printk  warnings  are  written  for  processes  that perform
3444                  writes when the file offset is not 0.
3445
3446              1   Respect the file offset when writing strings into  /proc/sys
3447                  files.   Multiple  writes  will  append to the value buffer.
3448                  Anything written beyond the maximum length of the value buf‐
3449                  fer  will  be  ignored.  Writes to numeric /proc/sys entries
3450                  must always be at file offset 0 and the value must be  fully
3451                  contained in the buffer provided to write(2).
3452
3453       /proc/sys/kernel/sysrq
3454              This  file  controls  the functions allowed to be invoked by the
3455              SysRq key.  By default, the file contains 1 meaning  that  every
3456              possible  SysRq  request  is  allowed (in older kernel versions,
3457              SysRq was disabled by default, and you were required to specifi‐
3458              cally enable it at run-time, but this is not the case any more).
3459              Possible values in this file are:
3460
3461              0    Disable sysrq completely
3462
3463              1    Enable all functions of sysrq
3464
3465              > 1  Bit mask of allowed sysrq functions, as follows:
3466                     2  Enable control of console logging level
3467                     4  Enable control of keyboard (SAK, unraw)
3468                     8  Enable debugging dumps of processes etc.
3469                    16  Enable sync command
3470                    32  Enable remount read-only
3471                    64  Enable signaling of processes (term, kill, oom-kill)
3472                   128  Allow reboot/poweroff
3473                   256  Allow nicing of all real-time tasks
3474
3475              This file is present only if the CONFIG_MAGIC_SYSRQ kernel  con‐
3476              figuration option is enabled.  For further details see the Linux
3477              kernel source file Documentation/admin-guide/sysrq.rst (or Docu‐
3478              mentation/sysrq.txt before Linux 4.10).
3479
3480       /proc/sys/kernel/version
3481              This file contains a string such as:
3482
3483                  #5 Wed Feb 25 21:49:24 MET 1998
3484
3485              The  "#5"  means  that  this is the fifth kernel built from this
3486              source base and the date following it  indicates  the  time  the
3487              kernel was built.
3488
3489       /proc/sys/kernel/threads-max (since Linux 2.3.11)
3490              This  file  specifies  the  system-wide  limit  on the number of
3491              threads (tasks) that can be created on the system.
3492
3493              Since Linux 4.1, the value that can be written to threads-max is
3494              bounded.  The minimum value that can be written is 20.  The max‐
3495              imum value  that  can  be  written  is  given  by  the  constant
3496              FUTEX_TID_MASK  (0x3fffffff).   If a value outside of this range
3497              is written to threads-max, the error EINVAL occurs.
3498
3499              The value written is checked against the  available  RAM  pages.
3500              If the thread structures would occupy too much (more than 1/8th)
3501              of the available RAM pages, threads-max is reduced accordingly.
3502
3503       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
3504              See ptrace(2).
3505
3506       /proc/sys/kernel/zero-paged (PowerPC only)
3507              This file contains a flag.  When  enabled  (nonzero),  Linux-PPC
3508              will  pre-zero  pages  in  the  idle  loop, possibly speeding up
3509              get_free_pages.
3510
3511       /proc/sys/net
3512              This directory contains networking stuff.  Explanations for some
3513              of  the  files  under  this directory can be found in tcp(7) and
3514              ip(7).
3515
3516       /proc/sys/net/core/bpf_jit_enable
3517              See bpf(2).
3518
3519       /proc/sys/net/core/somaxconn
3520              This file defines a ceiling value for the  backlog  argument  of
3521              listen(2); see the listen(2) manual page for details.
3522
3523       /proc/sys/proc
3524              This directory may be empty.
3525
3526       /proc/sys/sunrpc
3527              This  directory  supports  Sun remote procedure call for network
3528              filesystem (NFS).  On some systems, it is not present.
3529
3530       /proc/sys/user (since Linux 4.9)
3531              See namespaces(7).
3532
3533       /proc/sys/vm
3534              This directory contains files for memory management tuning, buf‐
3535              fer and cache management.
3536
3537       /proc/sys/vm/admin_reserve_kbytes (since Linux 3.10)
3538              This file defines the amount of free memory (in KiB) on the sys‐
3539              tem that should  be  reserved  for  users  with  the  capability
3540              CAP_SYS_ADMIN.
3541
3542              The  default  value  in  this file is the minimum of [3% of free
3543              pages, 8MiB] expressed as KiB.  The default is intended to  pro‐
3544              vide  enough  for the superuser to log in and kill a process, if
3545              necessary, under the default overcommit 'guess' mode (i.e., 0 in
3546              /proc/sys/vm/overcommit_memory).
3547
3548              Systems   running   in  "overcommit  never"  mode  (i.e.,  2  in
3549              /proc/sys/vm/overcommit_memory) should  increase  the  value  in
3550              this  file  to  account  for the full virtual memory size of the
3551              programs used to recover (e.g.,  login(1)  ssh(1),  and  top(1))
3552              Otherwise,  the  superuser  may not be able to log in to recover
3553              the system.  For example, on x86-64 a suitable value  is  131072
3554              (128MiB reserved).
3555
3556              Changing  the value in this file takes effect whenever an appli‐
3557              cation requests memory.
3558
3559       /proc/sys/vm/compact_memory (since Linux 2.6.35)
3560              When 1 is written to this file, all  zones  are  compacted  such
3561              that  free memory is available in contiguous blocks where possi‐
3562              ble.  The effect  of  this  action  can  be  seen  by  examining
3563              /proc/buddyinfo.
3564
3565              Present  only  if  the  kernel  was  configured with CONFIG_COM‐
3566              PACTION.
3567
3568       /proc/sys/vm/drop_caches (since Linux 2.6.16)
3569              Writing to this file causes the kernel  to  drop  clean  caches,
3570              dentries,  and inodes from memory, causing that memory to become
3571              free.  This can be useful for memory management testing and per‐
3572              forming  reproducible filesystem benchmarks.  Because writing to
3573              this file causes the benefits of caching  to  be  lost,  it  can
3574              degrade overall system performance.
3575
3576              To free pagecache, use:
3577
3578                  echo 1 > /proc/sys/vm/drop_caches
3579
3580              To free dentries and inodes, use:
3581
3582                  echo 2 > /proc/sys/vm/drop_caches
3583
3584              To free pagecache, dentries and inodes, use:
3585
3586                  echo 3 > /proc/sys/vm/drop_caches
3587
3588              Because  writing  to this file is a nondestructive operation and
3589              dirty objects are not freeable,  the  user  should  run  sync(1)
3590              first.
3591
3592       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
3593              If  nonzero, this disables the new 32-bit memory-mapping layout;
3594              the kernel will use the legacy (2.4) layout for all processes.
3595
3596       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
3597              Control how to kill processes when an uncorrected  memory  error
3598              (typically a 2-bit error in a memory module) that cannot be han‐
3599              dled by the kernel is detected in the  background  by  hardware.
3600              In some cases (like the page still having a valid copy on disk),
3601              the kernel will handle the failure transparently without affect‐
3602              ing  any applications.  But if there is no other up-to-date copy
3603              of the data, it will kill processes to prevent any data  corrup‐
3604              tions from propagating.
3605
3606              The file has one of the following values:
3607
3608              1:  Kill  all  processes that have the corrupted-and-not-reload‐
3609                  able page mapped as soon  as  the  corruption  is  detected.
3610                  Note  that  this  is not supported for a few types of pages,
3611                  such as kernel internally allocated data or the swap  cache,
3612                  but works for the majority of user pages.
3613
3614              0:  Unmap  the  corrupted  page  from  all  processes and kill a
3615                  process only if it tries to access the page.
3616
3617              The kill is performed using a SIGBUS signal with si_code set  to
3618              BUS_MCEERR_AO.   Processes  can handle this if they want to; see
3619              sigaction(2) for more details.
3620
3621              This feature is  active  only  on  architectures/platforms  with
3622              advanced  machine  check  handling  and  depends on the hardware
3623              capabilities.
3624
3625              Applications can override the memory_failure_early_kill  setting
3626              individually with the prctl(2) PR_MCE_KILL operation.
3627
3628              Present  only  if  the  kernel  was  configured with CONFIG_MEM‐
3629              ORY_FAILURE.
3630
3631       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
3632              Enable memory failure recovery (when supported by the platform)
3633
3634              1:  Attempt recovery.
3635
3636              0:  Always panic on a memory failure.
3637
3638              Present only if  the  kernel  was  configured  with  CONFIG_MEM‐
3639              ORY_FAILURE.
3640
3641       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
3642              Enables a system-wide task dump (excluding kernel threads) to be
3643              produced when the kernel  performs  an  OOM-killing.   The  dump
3644              includes  the  following  information  for  each  task  (thread,
3645              process): thread ID, real user ID, thread group ID (process ID),
3646              virtual memory size, resident set size, the CPU that the task is
3647              scheduled  on,   oom_adj   score   (see   the   description   of
3648              /proc/[pid]/oom_adj),  and  command  name.   This  is helpful to
3649              determine why the OOM-killer was invoked  and  to  identify  the
3650              rogue task that caused it.
3651
3652              If this contains the value zero, this information is suppressed.
3653              On very large systems with thousands of tasks,  it  may  not  be
3654              feasible  to  dump  the  memory  state information for each one.
3655              Such systems should not be forced to incur a performance penalty
3656              in OOM situations when the information may not be desired.
3657
3658              If  this  is  set to nonzero, this information is shown whenever
3659              the OOM-killer actually kills a memory-hogging task.
3660
3661              The default value is 0.
3662
3663       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
3664              This enables or disables killing the OOM-triggering task in out-
3665              of-memory situations.
3666
3667              If  this  is  set  to zero, the OOM-killer will scan through the
3668              entire tasklist and select a task based on heuristics  to  kill.
3669              This  normally selects a rogue memory-hogging task that frees up
3670              a large amount of memory when killed.
3671
3672              If this is set to nonzero, the OOM-killer simply kills the  task
3673              that  triggered the out-of-memory condition.  This avoids a pos‐
3674              sibly expensive tasklist scan.
3675
3676              If /proc/sys/vm/panic_on_oom is  nonzero,  it  takes  precedence
3677              over  whatever  value  is used in /proc/sys/vm/oom_kill_allocat‐
3678              ing_task.
3679
3680              The default value is 0.
3681
3682       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
3683              This writable file provides an alternative to /proc/sys/vm/over‐
3684              commit_ratio    for    controlling    the    CommitLimit    when
3685              /proc/sys/vm/overcommit_memory has the value 2.  It  allows  the
3686              amount  of  memory overcommitting to be specified as an absolute
3687              value (in kB), rather than as a  percentage,  as  is  done  with
3688              overcommit_ratio.  This allows for finer-grained control of Com‐
3689              mitLimit on systems with extremely large memory sizes.
3690
3691              Only one of overcommit_kbytes or overcommit_ratio  can  have  an
3692              effect:  if  overcommit_kbytes  has  a nonzero value, then it is
3693              used to calculate  CommitLimit,  otherwise  overcommit_ratio  is
3694              used.  Writing a value to either of these files causes the value
3695              in the other file to be set to zero.
3696
3697       /proc/sys/vm/overcommit_memory
3698              This file contains the kernel virtual  memory  accounting  mode.
3699              Values are:
3700
3701                     0: heuristic overcommit (this is the default)
3702                     1: always overcommit, never check
3703                     2: always check, never overcommit
3704
3705              In  mode 0, calls of mmap(2) with MAP_NORESERVE are not checked,
3706              and the default check is very weak, leading to the risk of  get‐
3707              ting a process "OOM-killed".
3708
3709              In  mode  1,  the kernel pretends there is always enough memory,
3710              until memory actually runs out.  One use case for this  mode  is
3711              scientific  computing  applications  that  employ  large  sparse
3712              arrays.  In Linux kernel  versions  before  2.6.0,  any  nonzero
3713              value implies mode 1.
3714
3715              In mode 2 (available since Linux 2.6), the total virtual address
3716              space that can be allocated (CommitLimit  in  /proc/meminfo)  is
3717              calculated as
3718
3719                  CommitLimit = (total_RAM - total_huge_TLB) *
3720                                overcommit_ratio / 100 + total_swap
3721
3722              where:
3723
3724                   *  total_RAM is the total amount of RAM on the system;
3725
3726                   *  total_huge_TLB  is  the  amount  of memory set aside for
3727                      huge pages;
3728
3729                   *  overcommit_ratio is the value  in  /proc/sys/vm/overcom‐
3730                      mit_ratio; and
3731
3732                   *  total_swap is the amount of swap space.
3733
3734              For  example,  on  a  system  with 16GB of physical RAM, 16GB of
3735              swap, no space dedicated to huge pages, and an  overcommit_ratio
3736              of 50, this formula yields a CommitLimit of 24GB.
3737
3738              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes
3739              is nonzero, then CommitLimit is instead calculated as:
3740
3741                  CommitLimit = overcommit_kbytes + total_swap
3742
3743              See also the description  of  /proc/sys/vm/admiin_reserve_kbytes
3744              and /proc/sys/vm/user_reserve_kbytes.
3745
3746       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
3747              This  writable  file defines a percentage by which memory can be
3748              overcommitted.  The default value in the file is  50.   See  the
3749              description of /proc/sys/vm/overcommit_memory.
3750
3751       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
3752              This enables or disables a kernel panic in an out-of-memory sit‐
3753              uation.
3754
3755              If this file is set to the value 0, the kernel's OOM-killer will
3756              kill  some  rogue  process.   Usually, the OOM-killer is able to
3757              kill a rogue process and the system will survive.
3758
3759              If this file is set to the value 1,  then  the  kernel  normally
3760              panics when out-of-memory happens.  However, if a process limits
3761              allocations to certain nodes  using  memory  policies  (mbind(2)
3762              MPOL_BIND)  or  cpusets (cpuset(7)) and those nodes reach memory
3763              exhaustion status, one process may be killed by the  OOM-killer.
3764              No panic occurs in this case: because other nodes' memory may be
3765              free, this means the system as a whole may not have  reached  an
3766              out-of-memory situation yet.
3767
3768              If  this  file  is  set to the value 2, the kernel always panics
3769              when an out-of-memory condition occurs.
3770
3771              The default value is 0.  1 and 2 are for failover of clustering.
3772              Select either according to your policy of failover.
3773
3774       /proc/sys/vm/swappiness
3775              The value in this file controls how aggressively the kernel will
3776              swap memory pages.  Higher values increase aggressiveness, lower
3777              values decrease aggressiveness.  The default value is 60.
3778
3779       /proc/sys/vm/user_reserve_kbytes (since Linux 3.10)
3780              Specifies  an amount of memory (in KiB) to reserve for user pro‐
3781              cesses, This is intended to prevent a user from starting a  sin‐
3782              gle  memory hogging process, such that they cannot recover (kill
3783              the hog).  The value in  this  file  has  an  effect  only  when
3784              /proc/sys/vm/overcommit_memory  is  set to 2 ("overcommit never"
3785              mode).  In this case, the system reserves an  amount  of  memory
3786              that   is   the   minimum   of  [3%  of  current  process  size,
3787              user_reserve_kbytes].
3788
3789              The default value in this file is the minimum  of  [3%  of  free
3790              pages, 128MiB] expressed as KiB.
3791
3792              If  the  value  in this file is set to zero, then a user will be
3793              allowed to allocate all free memory with a single process (minus
3794              the  amount reserved by /proc/sys/vm/admin_reserve_kbytes).  Any
3795              subsequent attempts to execute a command will result  in  "fork:
3796              Cannot allocate memory".
3797
3798              Changing  the value in this file takes effect whenever an appli‐
3799              cation requests memory.
3800
3801       /proc/sysrq-trigger (since Linux 2.4.21)
3802              Writing a character to this file triggers the same  SysRq  func‐
3803              tion  as  typing  ALT-SysRq-<character>  (see the description of
3804              /proc/sys/kernel/sysrq).  This file is normally writable only by
3805              root.  For further details see the Linux kernel source file Doc‐
3806              umentation/admin-guide/sysrq.rst   (or   Documentation/sysrq.txt
3807              before Linux 4.10).
3808
3809       /proc/sysvipc
3810              Subdirectory  containing  the  pseudo-files  msg,  sem  and shm.
3811              These files list the System V Interprocess  Communication  (IPC)
3812              objects  (respectively:  message  queues, semaphores, and shared
3813              memory) that currently exist on the  system,  providing  similar
3814              information  to  that  available  via ipcs(1).  These files have
3815              headers and are formatted (one IPC object  per  line)  for  easy
3816              understanding.   svipc(7)  provides  further  background  on the
3817              information shown by these files.
3818
3819       /proc/thread-self (since Linux 3.17)
3820              This directory refers to the thread accessing the /proc filesys‐
3821              tem,  and  is  identical  to the /proc/self/task/[tid] directory
3822              named by the process thread ID ([tid]) of the same thread.
3823
3824       /proc/timer_list (since Linux 2.6.21)
3825              This read-only file exposes a  list  of  all  currently  pending
3826              (high-resolution)  timers,  all  clock-event  sources, and their
3827              parameters in a human-readable form.
3828
3829       /proc/timer_stats (from  Linux 2.6.21 until Linux 4.10)
3830              This is a debugging facility to make timer (ab)use  in  a  Linux
3831              system  visible  to kernel and user-space developers.  It can be
3832              used by kernel and user-space developers to  verify  that  their
3833              code  does  not  make undue use of timers.  The goal is to avoid
3834              unnecessary wakeups, thereby optimizing power consumption.
3835
3836              If enabled in the kernel (CONFIG_TIMER_STATS), but not used,  it
3837              has  almost  zero  runtime overhead and a relatively small data-
3838              structure overhead.  Even if collection is enabled  at  runtime,
3839              overhead  is  low:  all  the  locking  is  per-CPU and lookup is
3840              hashed.
3841
3842              The /proc/timer_stats file is  used  both  to  control  sampling
3843              facility and to read out the sampled information.
3844
3845              The timer_stats functionality is inactive on bootup.  A sampling
3846              period can be started using the following command:
3847
3848                  # echo 1 > /proc/timer_stats
3849
3850              The following command stops a sampling period:
3851
3852                  # echo 0 > /proc/timer_stats
3853
3854              The statistics can be retrieved by:
3855
3856                  $ cat /proc/timer_stats
3857
3858              While sampling is enabled, each readout  from  /proc/timer_stats
3859              will  see  newly updated statistics.  Once sampling is disabled,
3860              the sampled information is kept until a  new  sample  period  is
3861              started.  This allows multiple readouts.
3862
3863              Sample output from /proc/timer_stats:
3864
3865    $ cat /proc/timer_stats
3866    Timer Stats Version: v0.3
3867    Sample period: 1.764 s
3868    Collection: active
3869      255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
3870       71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
3871       58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
3872        4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
3873       17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
3874    ...
3875        1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
3876       1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
3877    1029 total events, 583.333 events/sec
3878
3879              The output columns are:
3880
3881              *  a  count  of  the  number  of events, optionally (since Linux
3882                 2.6.23) followed by the letter 'D' if this  is  a  deferrable
3883                 timer;
3884
3885              *  the PID of the process that initialized the timer;
3886
3887              *  the name of the process that initialized the timer;
3888
3889              *  the function where the timer was initialized; and
3890
3891              *  (in  parentheses)  the  callback  function that is associated
3892                 with the timer.
3893
3894              During the Linux 4.11 development cycle, this file  was  removed
3895              because  of  security concerns, as it exposes information across
3896              namespaces.  Furthermore, it is  possible  to  obtain  the  same
3897              information via in-kernel tracing facilities such as ftrace.
3898
3899       /proc/tty
3900              Subdirectory  containing the pseudo-files and subdirectories for
3901              tty drivers and line disciplines.
3902
3903       /proc/uptime
3904              This file contains two numbers: the uptime of the  system  (sec‐
3905              onds), and the amount of time spent in idle process (seconds).
3906
3907       /proc/version
3908              This string identifies the kernel version that is currently run‐
3909              ning.  It  includes  the  contents  of  /proc/sys/kernel/ostype,
3910              /proc/sys/kernel/osrelease  and  /proc/sys/kernel/version.   For
3911              example:
3912
3913        Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
3914
3915       /proc/vmstat (since Linux 2.6.0)
3916              This file displays various virtual memory statistics.  Each line
3917              of  this  file  contains  a single name-value pair, delimited by
3918              white space.  Some lines are present only if the kernel was con‐
3919              figured  with  suitable  options.   (In  some cases, the options
3920              required for particular files have changed  across  kernel  ver‐
3921              sions,  so  they  are  not listed here.  Details can be found by
3922              consulting the kernel source code.)  The following fields may be
3923              present:
3924
3925              nr_free_pages (since Linux 2.6.31)
3926
3927              nr_alloc_batch (since Linux 3.12)
3928
3929              nr_inactive_anon (since Linux 2.6.28)
3930
3931              nr_active_anon (since Linux 2.6.28)
3932
3933              nr_inactive_file (since Linux 2.6.28)
3934
3935              nr_active_file (since Linux 2.6.28)
3936
3937              nr_unevictable (since Linux 2.6.28)
3938
3939              nr_mlock (since Linux 2.6.28)
3940
3941              nr_anon_pages (since Linux 2.6.18)
3942
3943              nr_mapped (since Linux 2.6.0)
3944
3945              nr_file_pages (since Linux 2.6.18)
3946
3947              nr_dirty (since Linux 2.6.0)
3948
3949              nr_writeback (since Linux 2.6.0)
3950
3951              nr_slab_reclaimable (since Linux 2.6.19)
3952
3953              nr_slab_unreclaimable (since Linux 2.6.19)
3954
3955              nr_page_table_pages (since Linux 2.6.0)
3956
3957              nr_kernel_stack (since Linux 2.6.32)
3958                     Amount of memory allocated to kernel stacks.
3959
3960              nr_unstable (since Linux 2.6.0)
3961
3962              nr_bounce (since Linux 2.6.12)
3963
3964              nr_vmscan_write (since Linux 2.6.19)
3965
3966              nr_vmscan_immediate_reclaim (since Linux 3.2)
3967
3968              nr_writeback_temp (since Linux 2.6.26)
3969
3970              nr_isolated_anon (since Linux 2.6.32)
3971
3972              nr_isolated_file (since Linux 2.6.32)
3973
3974              nr_shmem (since Linux 2.6.32)
3975                     Pages used by shmem and tmpfs(5).
3976
3977              nr_dirtied (since Linux 2.6.37)
3978
3979              nr_written (since Linux 2.6.37)
3980
3981              nr_pages_scanned (since Linux 3.17)
3982
3983              numa_hit (since Linux 2.6.18)
3984
3985              numa_miss (since Linux 2.6.18)
3986
3987              numa_foreign (since Linux 2.6.18)
3988
3989              numa_interleave (since Linux 2.6.18)
3990
3991              numa_local (since Linux 2.6.18)
3992
3993              numa_other (since Linux 2.6.18)
3994
3995              workingset_refault (since Linux 3.15)
3996
3997              workingset_activate (since Linux 3.15)
3998
3999              workingset_nodereclaim (since Linux 3.15)
4000
4001              nr_anon_transparent_hugepages (since Linux 2.6.38)
4002
4003              nr_free_cma (since Linux 3.7)
4004                     Number of free CMA (Contiguous Memory Allocator) pages.
4005
4006              nr_dirty_threshold (since Linux 2.6.37)
4007
4008              nr_dirty_background_threshold (since Linux 2.6.37)
4009
4010              pgpgin (since Linux 2.6.0)
4011
4012              pgpgout (since Linux 2.6.0)
4013
4014              pswpin (since Linux 2.6.0)
4015
4016              pswpout (since Linux 2.6.0)
4017
4018              pgalloc_dma (since Linux 2.6.5)
4019
4020              pgalloc_dma32 (since Linux 2.6.16)
4021
4022              pgalloc_normal (since Linux 2.6.5)
4023
4024              pgalloc_high (since Linux 2.6.5)
4025
4026              pgalloc_movable (since Linux 2.6.23)
4027
4028              pgfree (since Linux 2.6.0)
4029
4030              pgactivate (since Linux 2.6.0)
4031
4032              pgdeactivate (since Linux 2.6.0)
4033
4034              pgfault (since Linux 2.6.0)
4035
4036              pgmajfault (since Linux 2.6.0)
4037
4038              pgrefill_dma (since Linux 2.6.5)
4039
4040              pgrefill_dma32 (since Linux 2.6.16)
4041
4042              pgrefill_normal (since Linux 2.6.5)
4043
4044              pgrefill_high (since Linux 2.6.5)
4045
4046              pgrefill_movable (since Linux 2.6.23)
4047
4048              pgsteal_kswapd_dma (since Linux 3.4)
4049
4050              pgsteal_kswapd_dma32 (since Linux 3.4)
4051
4052              pgsteal_kswapd_normal (since Linux 3.4)
4053
4054              pgsteal_kswapd_high (since Linux 3.4)
4055
4056              pgsteal_kswapd_movable (since Linux 3.4)
4057
4058              pgsteal_direct_dma
4059
4060              pgsteal_direct_dma32 (since Linux 3.4)
4061
4062              pgsteal_direct_normal (since Linux 3.4)
4063
4064              pgsteal_direct_high (since Linux 3.4)
4065
4066              pgsteal_direct_movable (since Linux 2.6.23)
4067
4068              pgscan_kswapd_dma
4069
4070              pgscan_kswapd_dma32 (since Linux 2.6.16)
4071
4072              pgscan_kswapd_normal (since Linux 2.6.5)
4073
4074              pgscan_kswapd_high
4075
4076              pgscan_kswapd_movable (since Linux 2.6.23)
4077
4078              pgscan_direct_dma
4079
4080              pgscan_direct_dma32 (since Linux 2.6.16)
4081
4082              pgscan_direct_normal
4083
4084              pgscan_direct_high
4085
4086              pgscan_direct_movable (since Linux 2.6.23)
4087
4088              pgscan_direct_throttle (since Linux 3.6)
4089
4090              zone_reclaim_failed (since linux 2.6.31)
4091
4092              pginodesteal (since linux 2.6.0)
4093
4094              slabs_scanned (since linux 2.6.5)
4095
4096              kswapd_inodesteal (since linux 2.6.0)
4097
4098              kswapd_low_wmark_hit_quickly (since 2.6.33)
4099
4100              kswapd_high_wmark_hit_quickly (since 2.6.33)
4101
4102              pageoutrun (since Linux 2.6.0)
4103
4104              allocstall (since Linux 2.6.0)
4105
4106              pgrotated (since Linux 2.6.0)
4107
4108              drop_pagecache (since Linux 3.15)
4109
4110              drop_slab (since Linux 3.15)
4111
4112              numa_pte_updates (since Linux 3.8)
4113
4114              numa_huge_pte_updates (since Linux 3.13)
4115
4116              numa_hint_faults (since Linux 3.8)
4117
4118              numa_hint_faults_local (since Linux 3.8)
4119
4120              numa_pages_migrated (since Linux 3.8)
4121
4122              pgmigrate_success (since Linux 3.8)
4123
4124              pgmigrate_fail (since Linux 3.8)
4125
4126              compact_migrate_scanned (since Linux 3.8)
4127
4128              compact_free_scanned (since Linux 3.8)
4129
4130              compact_isolated (since Linux 3.8)
4131
4132              compact_stall (since Linux 2.6.35)
4133                     See   the   kernel   source  file  Documentation/vm/tran‐
4134                     shuge.txt.
4135
4136              compact_fail (since Linux 2.6.35)
4137                     See  the  kernel   source   file   Documentation/vm/tran‐
4138                     shuge.txt.
4139
4140              compact_success (since Linux 2.6.35)
4141                     See   the   kernel   source  file  Documentation/vm/tran‐
4142                     shuge.txt.
4143
4144              htlb_buddy_alloc_success (since Linux 2.6.26)
4145
4146              htlb_buddy_alloc_fail (since Linux 2.6.26)
4147
4148              unevictable_pgs_culled (since Linux 2.6.28)
4149
4150              unevictable_pgs_scanned (since Linux 2.6.28)
4151
4152              unevictable_pgs_rescued (since Linux 2.6.28)
4153
4154              unevictable_pgs_mlocked (since Linux 2.6.28)
4155
4156              unevictable_pgs_munlocked (since Linux 2.6.28)
4157
4158              unevictable_pgs_cleared (since Linux 2.6.28)
4159
4160              unevictable_pgs_stranded (since Linux 2.6.28)
4161
4162              thp_fault_alloc (since Linux 2.6.39)
4163                     See  the  kernel   source   file   Documentation/vm/tran‐
4164                     shuge.txt.
4165
4166              thp_fault_fallback (since Linux 2.6.39)
4167                     See   the   kernel   source  file  Documentation/vm/tran‐
4168                     shuge.txt.
4169
4170              thp_collapse_alloc (since Linux 2.6.39)
4171                     See  the  kernel   source   file   Documentation/vm/tran‐
4172                     shuge.txt.
4173
4174              thp_collapse_alloc_failed (since Linux 2.6.39)
4175                     See   the   kernel   source  file  Documentation/vm/tran‐
4176                     shuge.txt.
4177
4178              thp_split (since Linux 2.6.39)
4179                     See  the  kernel   source   file   Documentation/vm/tran‐
4180                     shuge.txt.
4181
4182              thp_zero_page_alloc (since Linux 3.8)
4183                     See   the   kernel   source  file  Documentation/vm/tran‐
4184                     shuge.txt.
4185
4186              thp_zero_page_alloc_failed (since Linux 3.8)
4187                     See  the  kernel   source   file   Documentation/vm/tran‐
4188                     shuge.txt.
4189
4190              balloon_inflate (since Linux 3.18)
4191
4192              balloon_deflate (since Linux 3.18)
4193
4194              balloon_migrate (since Linux 3.18)
4195
4196              nr_tlb_remote_flush (since Linux 3.12)
4197
4198              nr_tlb_remote_flush_received (since Linux 3.12)
4199
4200              nr_tlb_local_flush_all (since Linux 3.12)
4201
4202              nr_tlb_local_flush_one (since Linux 3.12)
4203
4204              vmacache_find_calls (since Linux 3.16)
4205
4206              vmacache_find_hits (since Linux 3.16)
4207
4208              vmacache_full_flushes (since Linux 3.19)
4209
4210       /proc/zoneinfo (since Linux 2.6.13)
4211              This  file display information about memory zones.  This is use‐
4212              ful for analyzing virtual memory behavior.
4213

NOTES

4215       Many strings (i.e., the environment and command line) are in the inter‐
4216       nal  format, with subfields terminated by null bytes ('\0'), so you may
4217       find that things are more readable if you use od -c or tr  "\000"  "\n"
4218       to read them.  Alternatively, echo `cat <file>` works well.
4219
4220       This manual page is incomplete, possibly inaccurate, and is the kind of
4221       thing that needs to be updated very often.
4222

SEE ALSO

4224       cat(1), dmesg(1), find(1), free(1), init(1), ps(1),  tr(1),  uptime(1),
4225       chroot(2),  mmap(2),  readlink(2),  syslog(2),  slabinfo(5),  sysfs(5),
4226       hier(7),  namespaces(7),  time(7),  arp(8),   hdparm(8),   ifconfig(8),
4227       lsmod(8),   lspci(8),   mount(8),  netstat(8),  procinfo(8),  route(8),
4228       sysctl(8)
4229
4230       The Linux kernel source files: Documentation/filesystems/proc.txt Docu‐
4231       mentation/sysctl/fs.txt,   Documentation/sysctl/kernel.txt,  Documenta‐
4232       tion/sysctl/net.txt, and Documentation/sysctl/vm.txt.
4233

COLOPHON

4235       This page is part of release 4.15 of the Linux  man-pages  project.   A
4236       description  of  the project, information about reporting bugs, and the
4237       latest    version    of    this    page,    can     be     found     at
4238       https://www.kernel.org/doc/man-pages/.
4239
4240
4241
4242Linux                             2017-09-15                           PROC(5)
Impressum