1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and  the  default  if  this  mount
29                  option is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid]  directories  but  their  own  (the  /proc/[pid]
33                  directories  themselves  remain  visible).   Sensitive files
34                  such as /proc/[pid]/cmdline and /proc/[pid]/status  are  now
35                  protected  against other users.  This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an  attacker's  task  of  gathering
49                  information   about  running  processes  (e.g.,  discovering
50                  whether some daemon is  running  with  elevated  privileges,
51                  whether  another  user  is  running  some sensitive program,
52                  whether other users are running any program at all,  and  so
53                  on).
54
55       gid=gid (since Linux 3.3)
56              Specifies  the  ID  of  a  group whose members are authorized to
57              learn process information otherwise prohibited by hidepid (i.e.,
58              users  in  this  group  behave  as though /proc was mounted with
59              hidepid=0).  This group should be  used  instead  of  approaches
60              such as putting nonroot users into the sudoers(5) file.
61
62   Files and directories
63       The  following  list  describes many of the files and directories under
64       the /proc hierarchy.
65
66       /proc/[pid]
67              There is a numerical subdirectory for each running process;  the
68              subdirectory is named by the process ID.
69
70              Each  /proc/[pid]  subdirectory  contains  the  pseudo-files and
71              directories described below.  These files are normally owned  by
72              the  effective user and effective group ID of the process.  How‐
73              ever, as a security measure, the ownership is made root:root  if
74              the  process's "dumpable" attribute is set to a value other than
75              1.  This attribute may change for the following reasons:
76
77              *  The  attribute  was   explicitly   set   via   the   prctl(2)
78                 PR_SET_DUMPABLE operation.
79
80              *  The   attribute   was   reset   to  the  value  in  the  file
81                 /proc/sys/fs/suid_dumpable (described below), for the reasons
82                 described in prctl(2).
83
84              Resetting the "dumpable" attribute to 1 reverts the ownership of
85              the /proc/[pid]/* files to the process's real UID and real GID.
86
87       /proc/[pid]/attr
88              The files in this directory provide an API for security modules.
89              The  contents  of  this directory are files that can be read and
90              written in  order  to  set  security-related  attributes.   This
91              directory  was  added  to support SELinux, but the intention was
92              that the API be general enough to support  other  security  mod‐
93              ules.   For  the purpose of explanation, examples of how SELinux
94              uses these files are provided below.
95
96              This directory is present only if the kernel was configured with
97              CONFIG_SECURITY.
98
99       /proc/[pid]/attr/current (since Linux 2.6.0)
100              The  contents  of  this  file  represent  the  current  security
101              attributes of the process.
102
103              In SELinux, this file is used to get the security context  of  a
104              process.   Prior to Linux 2.6.11, this file could not be used to
105              set the security context (a  write  was  always  denied),  since
106              SELinux  limited  process security transitions to execve(2) (see
107              the description of /proc/[pid]/attr/exec, below).   Since  Linux
108              2.6.11,  SELinux  lifted  this  restriction and began supporting
109              "set" operations via writes to this node if authorized  by  pol‐
110              icy,  although use of this operation is only suitable for appli‐
111              cations that are trusted  to  maintain  any  desired  separation
112              between  the  old  and  new  security  contexts.  Prior to Linux
113              2.6.28, SELinux did not allow threads  within  a  multi-threaded
114              process  to set their security context via this node as it would
115              yield an  inconsistency  among  the  security  contexts  of  the
116              threads  sharing  the  same  memory  space.  Since Linux 2.6.28,
117              SELinux lifted this restriction and began supporting "set" oper‐
118              ations  for  threads  within  a multithreaded process if the new
119              security context is bounded by the old security  context,  where
120              the  bounded  relation  is defined in policy and guarantees that
121              the new security context has a subset of the permissions of  the
122              old security context.  Other security modules may choose to sup‐
123              port "set" operations via writes to this node.
124
125       /proc/[pid]/attr/exec (since Linux 2.6.0)
126              This file represents the attributes to  assign  to  the  process
127              upon a subsequent execve(2).
128
129              In  SELinux,  this is needed to support role/domain transitions,
130              and execve(2) is the preferred point to  make  such  transitions
131              because  it offers better control over the initialization of the
132              process in the new security label and the inheritance of  state.
133              In SELinux, this attribute is reset on execve(2) so that the new
134              program reverts to the default behavior for any execve(2)  calls
135              that  it  may  make.  In SELinux, a process can set only its own
136              /proc/[pid]/attr/exec attribute.
137
138       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
139              This file represents the attributes to assign to  files  created
140              by  subsequent  calls  to  open(2),  mkdir(2),  symlink(2),  and
141              mknod(2)
142
143              SELinux employs this file to support creation of a  file  (using
144              the  aforementioned  system  calls)  in  a secure state, so that
145              there is no risk of inappropriate access being obtained  between
146              the  time  of creation and the time that attributes are set.  In
147              SELinux, this attribute is reset on execve(2), so that  the  new
148              program  reverts  to  the default behavior for any file creation
149              calls it may make, but the attribute will persist across  multi‐
150              ple file creation calls within a program unless it is explicitly
151              reset.   In  SELinux,  a  process   can   set   only   its   own
152              /proc/[pid]/attr/fscreate attribute.
153
154       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
155              If  a process writes a security context into this file, all sub‐
156              sequently created keys (add_key(2)) will be  labeled  with  this
157              context.   For  further  information, see the kernel source file
158              Documentation/security/keys/core.rst   (or    file    Documenta‐
159              tion/security/keys.txt  on  Linux between 3.0 and 4.13, or Docu‐
160              mentation/keys.txt before Linux 3.0).
161
162       /proc/[pid]/attr/prev (since Linux 2.6.0)
163              This file contains the security context of  the  process  before
164              the   last   execve(2);   that   is,   the   previous  value  of
165              /proc/[pid]/attr/current.
166
167       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
168              If a process writes a security context into this file, all  sub‐
169              sequently created sockets will be labeled with this context.
170
171       /proc/[pid]/autogroup (since Linux 2.6.38)
172              See sched(7).
173
174       /proc/[pid]/auxv (since 2.6.0-test7)
175              This  contains  the  contents of the ELF interpreter information
176              passed to the process at exec time.  The format is one  unsigned
177              long  ID  plus one unsigned long value for each entry.  The last
178              entry contains two zeros.  See also getauxval(3).
179
180              Permission to access this file is governed by  a  ptrace  access
181              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
182
183       /proc/[pid]/cgroup (since Linux 2.6.24)
184              See cgroups(7).
185
186       /proc/[pid]/clear_refs (since Linux 2.6.22)
187
188              This  is  a  write-only  file,  writable  only  by  owner of the
189              process.
190
191              The following values may be written to the file:
192
193              1 (since Linux 2.6.22)
194                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
195                     the  pages  associated  with the process.  (Before kernel
196                     2.6.32, writing any nonzero value to this file  had  this
197                     effect.)
198
199              2 (since Linux 2.6.32)
200                     Reset  the  PG_Referenced and ACCESSED/YOUNG bits for all
201                     anonymous pages associated with the process.
202
203              3 (since Linux 2.6.32)
204                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
205                     file-mapped pages associated with the process.
206
207              Clearing  the  PG_Referenced  and ACCESSED/YOUNG bits provides a
208              method to measure approximately how much  memory  a  process  is
209              using.  One first inspects the values in the "Referenced" fields
210              for the VMAs shown in /proc/[pid]/smaps to get an  idea  of  the
211              memory  footprint of the process.  One then clears the PG_Refer‐
212              enced and ACCESSED/YOUNG bits  and,  after  some  measured  time
213              interval,  once  again  inspects  the values in the "Referenced"
214              fields to get an idea of the change in memory footprint  of  the
215              process during the measured interval.  If one is interested only
216              in inspecting the selected mapping types, then the value 2 or  3
217              can be used instead of 1.
218
219              Further values can be written to affect different properties:
220
221              4 (since Linux 3.11)
222                     Clear  the  soft-dirty  bit  for all the pages associated
223                     with the process.  This  is  used  (in  conjunction  with
224                     /proc/[pid]/pagemap) by the check-point restore system to
225                     discover which pages of a process have been dirtied since
226                     the file /proc/[pid]/clear_refs was written to.
227
228              5 (since Linux 4.0)
229                     Reset  the  peak resident set size ("high water mark") to
230                     the process's current resident set size value.
231
232              Writing any value to  /proc/[pid]/clear_refs  other  than  those
233              listed above has no effect.
234
235              The  /proc/[pid]/clear_refs  file  is  present  only if the CON‐
236              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
237
238       /proc/[pid]/cmdline
239              This read-only file holds the  complete  command  line  for  the
240              process,  unless  the  process is a zombie.  In the latter case,
241              there is nothing in this file: that is, a read on this file will
242              return  0 characters.  The command-line arguments appear in this
243              file as a set of strings separated by null bytes ('\0'), with  a
244              further null byte after the last string.
245
246       /proc/[pid]/comm (since Linux 2.6.33)
247              This  file exposes the process's comm value—that is, the command
248              name associated with the process.  Different threads in the same
249              process   may   have   different  comm  values,  accessible  via
250              /proc/[pid]/task/[tid]/comm.   A  thread  may  modify  its  comm
251              value,  or  that of any of other thread in the same thread group
252              (see the discussion of CLONE_THREAD in clone(2)), by writing  to
253              the   file   /proc/self/task/[tid]/comm.   Strings  longer  than
254              TASK_COMM_LEN (16) characters are silently truncated.
255
256              This file provides a superset of the  prctl(2)  PR_SET_NAME  and
257              PR_GET_NAME operations, and is employed by pthread_setname_np(3)
258              when used to rename threads other than the caller.
259
260       /proc/[pid]/coredump_filter (since Linux 2.6.23)
261              See core(5).
262
263       /proc/[pid]/cpuset (since Linux 2.6.12)
264              See cpuset(7).
265
266       /proc/[pid]/cwd
267              This is a symbolic link to the current working directory of  the
268              process.   To  find out the current working directory of process
269              20, for instance, you can do this:
270
271                  $ cd /proc/20/cwd; /bin/pwd
272
273              Note that the pwd command is often a shell built-in,  and  might
274              not work properly.  In bash(1), you may use pwd -P.
275
276              In  a  multithreaded process, the contents of this symbolic link
277              are not available if the  main  thread  has  already  terminated
278              (typically by calling pthread_exit(3)).
279
280              Permission  to  dereference  or read (readlink(2)) this symbolic
281              link    is    governed    by    a     ptrace     access     mode
282              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
283
284       /proc/[pid]/environ
285              This file contains the initial environment that was set when the
286              currently executing program  was  started  via  execve(2).   The
287              entries  are  separated by null bytes ('\0'), and there may be a
288              null byte at the end.  Thus, to print  out  the  environment  of
289              process 1, you would do:
290
291                  $ strings /proc/1/environ
292
293              If,  after  an  execve(2),  the process modifies its environment
294              (e.g., by calling functions such as putenv(3) or  modifying  the
295              environ(7)  variable directly), this file will not reflect those
296              changes.
297
298              Furthermore, a process may change the memory location that  this
299              file refers via prctl(2) operations such as PR_SET_MM_ENV_START.
300
301              Permission  to  access  this file is governed by a ptrace access
302              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
303
304       /proc/[pid]/exe
305              Under Linux 2.2 and later, this file is a symbolic link contain‐
306              ing  the actual pathname of the executed command.  This symbolic
307              link can be dereferenced normally; attempting to  open  it  will
308              open  the  executable.  You can even type /proc/[pid]/exe to run
309              another copy of the same executable that is being run by process
310              [pid].   If  the  pathname  has been unlinked, the symbolic link
311              will contain the string '(deleted)'  appended  to  the  original
312              pathname.  In a multithreaded process, the contents of this sym‐
313              bolic link are not available if the main thread has already ter‐
314              minated (typically by calling pthread_exit(3)).
315
316              Permission  to  dereference  or read (readlink(2)) this symbolic
317              link    is    governed    by    a     ptrace     access     mode
318              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
319
320              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the
321              binary which was executed, and appears as a  symbolic  link.   A
322              readlink(2)  call  on this file under Linux 2.0 returns a string
323              in the format:
324
325                  [device]:inode
326
327              For example, [0301]:1502 would be inode 1502 on device major  03
328              (IDE,  MFM,  etc. drives) minor 01 (first partition on the first
329              drive).
330
331              find(1) with the -inum option can be used to locate the file.
332
333       /proc/[pid]/fd/
334              This is a subdirectory containing one entry for each file  which
335              the process has open, named by its file descriptor, and which is
336              a symbolic link to the actual file.  Thus, 0 is standard  input,
337              1 standard output, 2 standard error, and so on.
338
339              For  file descriptors for pipes and sockets, the entries will be
340              symbolic links whose content is the file type with the inode.  A
341              readlink(2) call on this file returns a string in the format:
342
343                  type:[inode]
344
345              For  example, socket:[2248868] will be a socket and its inode is
346              2248868.  For sockets, that inode  can  be  used  to  find  more
347              information in one of the files under /proc/net/.
348
349              For  file  descriptors  that  have no corresponding inode (e.g.,
350              file   descriptors   produced   by   bpf(2),    epoll_create(2),
351              eventfd(2),  inotify_init(2),  perf_event_open(2),  signalfd(2),
352              timerfd_create(2), and userfaultfd(2)), the entry will be a sym‐
353              bolic link with contents of the form
354
355                  anon_inode:<file-type>
356
357              In  many  cases  (but  not  all), the file-type is surrounded by
358              square brackets.
359
360              For example, an epoll file descriptor will have a symbolic  link
361              whose content is the string anon_inode:[eventpoll].
362
363              In  a  multithreaded process, the contents of this directory are
364              not available if the main thread has already  terminated  (typi‐
365              cally by calling pthread_exit(3)).
366
367              Programs  that  take  a filename as a command-line argument, but
368              don't take input from standard input if no argument is supplied,
369              and  programs that write to a file named as a command-line argu‐
370              ment, but don't send their output to standard output if no argu‐
371              ment is supplied, can nevertheless be made to use standard input
372              or standard output by using /proc/[pid]/fd files as command-line
373              arguments.   For example, assuming that -i is the flag designat‐
374              ing an input file and -o is the flag designating an output file:
375
376                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
377
378              and you have a working filter.
379
380              /proc/self/fd/N is approximately the same as /dev/fd/N  in  some
381              UNIX and UNIX-like systems.  Most Linux MAKEDEV scripts symboli‐
382              cally link /dev/fd to /proc/self/fd, in fact.
383
384              Most systems provide symbolic links /dev/stdin, /dev/stdout, and
385              /dev/stderr, which respectively link to the files 0, 1, and 2 in
386              /proc/self/fd.  Thus the example command above could be  written
387              as:
388
389                  $ foobar -i /dev/stdin -o /dev/stdout ...
390
391              Permission  to  dereference  or  read (readlink(2)) the symbolic
392              links in this directory is governed  by  a  ptrace  access  mode
393              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
394
395              Note  that  for  file descriptors referring to inodes (pipes and
396              sockets, see above), those inodes still have permission bits and
397              ownership  information distinct from those of the /proc/[pid]/fd
398              entry, and that the owner may differ from the user and group IDs
399              of the process.  An unprivileged process may lack permissions to
400              open them, as in this example:
401
402                  $ echo test | sudo -u nobody cat
403                  test
404                  $ echo test | sudo -u nobody cat /proc/self/fd/0
405                  cat: /proc/self/fd/0: Permission denied
406
407              File descriptor 0 refers to the pipe created by  the  shell  and
408              owned by that shell's user, which is not nobody, so cat does not
409              have permission to create a new file  descriptor  to  read  from
410              that inode, even though it can still read from its existing file
411              descriptor 0.
412
413       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
414              This is a subdirectory containing one entry for each file  which
415              the  process  has open, named by its file descriptor.  The files
416              in this directory are readable only by the owner of the process.
417              The  contents  of  each  file  can be read to obtain information
418              about the corresponding file descriptor.  The content depends on
419              the  type of file referred to by the corresponding file descrip‐
420              tor.
421
422              For regular files and directories, we see something like:
423
424                  $ cat /proc/12015/fdinfo/4
425                  pos:    1000
426                  flags:  01002002
427                  mnt_id: 21
428
429              The fields are as follows:
430
431              pos    This is a decimal number showing the file offset.
432
433              flags  This is an octal number that  displays  the  file  access
434                     mode  and file status flags (see open(2)).  If the close-
435                     on-exec file descriptor flag is set, then flags will also
436                     include the value O_CLOEXEC.
437
438                     Before  Linux  3.1,  this field incorrectly displayed the
439                     setting of O_CLOEXEC at the time  the  file  was  opened,
440                     rather  than  the  current  setting  of the close-on-exec
441                     flag.
442
443              mnt_id This field, present since Linux 3.15, is the  ID  of  the
444                     mount point containing this file.  See the description of
445                     /proc/[pid]/mountinfo.
446
447              For eventfd file descriptors (see  eventfd(2)),  we  see  (since
448              Linux 3.8) the following fields:
449
450                  pos: 0
451                  flags:    02
452                  mnt_id:   10
453                  eventfd-count:               40
454
455              eventfd-count  is  the  current value of the eventfd counter, in
456              hexadecimal.
457
458              For epoll file descriptors (see epoll(7)), we see  (since  Linux
459              3.8) the following fields:
460
461                  pos: 0
462                  flags:    02
463                  mnt_id:   10
464                  tfd:        9 events:       19 data: 74253d2500000009
465                  tfd:        7 events:       19 data: 74253d2500000007
466
467              Each  of  the  lines  beginning  tfd  describes  one of the file
468              descriptors being monitored via the epoll file  descriptor  (see
469              epoll_ctl(2)  for some details).  The tfd field is the number of
470              the file descriptor.  The events field is a hexadecimal mask  of
471              the  events  being monitored for this file descriptor.  The data
472              field is the data value associated with this file descriptor.
473
474              For signalfd file descriptors (see signalfd(2)), we  see  (since
475              Linux 3.8) the following fields:
476
477                  pos: 0
478                  flags:    02
479                  mnt_id:   10
480                  sigmask:  0000000000000006
481
482              sigmask is the hexadecimal mask of signals that are accepted via
483              this signalfd file descriptor.  (In this example, bits 2  and  3
484              are  set,  corresponding  to the signals SIGINT and SIGQUIT; see
485              signal(7).)
486
487              For inotify file descriptors (see  inotify(7)),  we  see  (since
488              Linux 3.8) the following fields:
489
490                  pos: 0
491                  flags:    00
492                  mnt_id:   11
493                  inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
494                  inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73
495
496              Each  of the lines beginning with "inotify" displays information
497              about one file or directory that is being monitored.  The fields
498              in this line are as follows:
499
500              wd     A watch descriptor number (in decimal).
501
502              ino    The inode number of the target file (in hexadecimal).
503
504              sdev   The  ID  of  the device where the target file resides (in
505                     hexadecimal).
506
507              mask   The mask of events being monitored for  the  target  file
508                     (in hexadecimal).
509
510              If  the  kernel was built with exportfs support, the path to the
511              target file is exposed as a file handle, via  three  hexadecimal
512              fields: fhandle-bytes, fhandle-type, and f_handle.
513
514              For  fanotify  file descriptors (see fanotify(7)), we see (since
515              Linux 3.8) the following fields:
516
517                  pos: 0
518                  flags:    02
519                  mnt_id:   11
520                  fanotify flags:0 event-flags:88002
521                  fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73
522
523              The fourth line displays information defined when  the  fanotify
524              group was created via fanotify_init(2):
525
526              flags  The  flags  argument given to fanotify_init(2) (expressed
527                     in hexadecimal).
528
529              event-flags
530                     The  event_f_flags  argument  given  to  fanotify_init(2)
531                     (expressed in hexadecimal).
532
533              Each  additional  line  shown  in  the file contains information
534              about one of the marks in the fanotify  group.   Most  of  these
535              fields are as for inotify, except:
536
537              mflags The flags associated with the mark (expressed in hexadec‐
538                     imal).
539
540              mask   The events mask for this mark (expressed in hexadecimal).
541
542              ignored_mask
543                     The mask  of  events  that  are  ignored  for  this  mark
544                     (expressed in hexadecimal).
545
546              For details on these fields, see fanotify_mark(2).
547
548       /proc/[pid]/gid_map (since Linux 3.5)
549              See user_namespaces(7).
550
551       /proc/[pid]/io (since kernel 2.6.20)
552              This file contains I/O statistics for the process, for example:
553
554                  # cat /proc/3828/io
555                  rchar: 323934931
556                  wchar: 323929600
557                  syscr: 632687
558                  syscw: 632675
559                  read_bytes: 0
560                  write_bytes: 323932160
561                  cancelled_write_bytes: 0
562
563              The fields are as follows:
564
565              rchar: characters read
566                     The number of bytes which this task has caused to be read
567                     from storage.  This is simply the sum of bytes which this
568                     process  passed  to read(2) and similar system calls.  It
569                     includes things such as terminal I/O and is unaffected by
570                     whether or not actual physical disk I/O was required (the
571                     read might have been satisfied from pagecache).
572
573              wchar: characters written
574                     The number of bytes which this task has caused, or  shall
575                     cause  to be written to disk.  Similar caveats apply here
576                     as with rchar.
577
578              syscr: read syscalls
579                     Attempt to count the number of read  I/O  operations—that
580                     is, system calls such as read(2) and pread(2).
581
582              syscw: write syscalls
583                     Attempt  to count the number of write I/O operations—that
584                     is, system calls such as write(2) and pwrite(2).
585
586              read_bytes: bytes read
587                     Attempt to count the number of bytes which  this  process
588                     really  did  cause  to be fetched from the storage layer.
589                     This is accurate for block-backed filesystems.
590
591              write_bytes: bytes written
592                     Attempt to count the number of bytes which  this  process
593                     caused to be sent to the storage layer.
594
595              cancelled_write_bytes:
596                     The big inaccuracy here is truncate.  If a process writes
597                     1MB to a file and then deletes the file, it will in  fact
598                     perform  no writeout.  But it will have been accounted as
599                     having caused 1MB of write.  In other words:  this  field
600                     represents  the number of bytes which this process caused
601                     to not happen, by truncating pagecache.  A task can cause
602                     "negative"  I/O  too.   If this task truncates some dirty
603                     pagecache, some I/O which another task has been accounted
604                     for (in its write_bytes) will not be happening.
605
606              Note:  In  the  current implementation, things are a bit racy on
607              32-bit systems: if process A reads  process  B's  /proc/[pid]/io
608              while  process  B  is  updating  one  of  these 64-bit counters,
609              process A could see an intermediate result.
610
611              Permission to access this file is governed by  a  ptrace  access
612              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
613
614       /proc/[pid]/limits (since Linux 2.6.24)
615              This file displays the soft limit, hard limit, and units of mea‐
616              surement for each of the process's resource  limits  (see  getr‐
617              limit(2)).   Up to and including Linux 2.6.35, this file is pro‐
618              tected to allow reading only by the real  UID  of  the  process.
619              Since  Linux  2.6.36,  this file is readable by all users on the
620              system.
621
622       /proc/[pid]/map_files/ (since kernel 3.3)
623              This subdirectory  contains  entries  corresponding  to  memory-
624              mapped  files (see mmap(2)).  Entries are named by memory region
625              start and end address pair (expressed as  hexadecimal  numbers),
626              and  are symbolic links to the mapped files themselves.  Here is
627              an example, with the output wrapped and reformatted to fit on an
628              80-column display:
629
630                  # ls -l /proc/self/map_files/
631                  lr--------. 1 root root 64 Apr 16 21:31
632                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
633                  ...
634
635              Although  these entries are present for memory regions that were
636              mapped with the MAP_FILE flag, the way anonymous  shared  memory
637              (regions created with the MAP_ANON | MAP_SHARED flags) is imple‐
638              mented in Linux means that such  regions  also  appear  on  this
639              directory.   Here  is  an  example  where the target file is the
640              deleted /dev/zero one:
641
642                  lrw-------. 1 root root 64 Apr 16 21:33
643                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)
644
645              This directory appears  only  if  the  CONFIG_CHECKPOINT_RESTORE
646              kernel    configuration    option    is    enabled.    Privilege
647              (CAP_SYS_ADMIN) is required to view the contents of this  direc‐
648              tory.
649
650       /proc/[pid]/maps
651              A  file containing the currently mapped memory regions and their
652              access permissions.  See mmap(2) for  some  further  information
653              about memory mappings.
654
655              Permission  to  access  this file is governed by a ptrace access
656              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
657
658              The format of the file is:
659
660    address           perms offset  dev   inode       pathname
661    00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
662    00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
663    00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
664    00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
665    00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
666    ...
667    35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
668    35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
669    35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
670    35b1a21000-35b1a22000 rw-p 00000000 00:00 0
671    35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
672    35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
673    35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
674    35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
675    ...
676    f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
677    ...
678    7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
679    7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]
680
681              The address field is the address space in the process  that  the
682              mapping occupies.  The perms field is a set of permissions:
683
684                  r = read
685                  w = write
686                  x = execute
687                  s = shared
688                  p = private (copy on write)
689
690              The  offset  field  is the offset into the file/whatever; dev is
691              the device (major:minor); inode is the inode on that device.   0
692              indicates that no inode is associated with the memory region, as
693              would be the case with BSS (uninitialized data).
694
695              The pathname field will usually be the file that is backing  the
696              mapping.  For ELF files, you can easily coordinate with the off‐
697              set field by looking at the Offset  field  in  the  ELF  program
698              headers (readelf -l).
699
700              There are additional helpful pseudo-paths:
701
702                   [stack]
703                          The  initial  process's  (also  known  as  the  main
704                          thread's) stack.
705
706                   [stack:<tid>] (since Linux 3.4)
707                          A thread's stack (where the <tid> is a  thread  ID).
708                          It corresponds to the /proc/[pid]/task/[tid]/ path.
709
710                   [vdso] The  virtual  dynamically linked shared object.  See
711                          vdso(7).
712
713                   [heap] The process's heap.
714
715              If the pathname field is blank, this is an anonymous mapping  as
716              obtained  via  mmap(2).  There is no easy way to coordinate this
717              back to a process's source, short of running it through  gdb(1),
718              strace(1), or similar.
719
720              Under Linux 2.0, there is no field giving pathname.
721
722       /proc/[pid]/mem
723              This  file can be used to access the pages of a process's memory
724              through open(2), read(2), and lseek(2).
725
726              Permission to access this file is governed by  a  ptrace  access
727              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
728
729       /proc/[pid]/mountinfo (since Linux 2.6.26)
730              This  file  contains  information  about  mount  points  in  the
731              process's mount namespace (see  mount_namespaces(7)).   It  sup‐
732              plies  various  information  (e.g.,  propagation  state, root of
733              mount for bind mounts, identifier for each mount and its parent)
734              that  is  missing  from the (older) /proc/[pid]/mounts file, and
735              fixes various other problems with that file  (e.g.,  nonextensi‐
736              bility,  failure  to distinguish per-mount versus per-superblock
737              options).
738
739              The file contains lines of the form:
740
74136 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
742(1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
743
744              The numbers in  parentheses  are  labels  for  the  descriptions
745              below:
746
747              (1)  mount  ID:  a  unique ID for the mount (may be reused after
748                   umount(2)).
749
750              (2)  parent ID: the ID of the parent mount (or of self  for  the
751                   root of this mount namespace's mount tree).
752
753                   If  the  parent mount point lies outside the process's root
754                   directory (see chroot(2)), the ID shown here won't  have  a
755                   corresponding  record in mountinfo whose mount ID (field 1)
756                   matches this parent mount ID (because mount points that lie
757                   outside  the  process's  root  directory  are  not shown in
758                   mountinfo).  As a special case of this point, the process's
759                   root mount point may have a parent mount (for the initramfs
760                   filesystem) that lies outside the process's root directory,
761                   and  an  entry  for  that  mount  point  will not appear in
762                   mountinfo.
763
764              (3)  major:minor: the value of st_dev for files on this filesys‐
765                   tem (see stat(2)).
766
767              (4)  root: the pathname of the directory in the filesystem which
768                   forms the root of this mount.
769
770              (5)  mount point: the pathname of the mount  point  relative  to
771                   the process's root directory.
772
773              (6)  mount options: per-mount options.
774
775              (7)  optional   fields:   zero   or  more  fields  of  the  form
776                   "tag[:value]"; see below.
777
778              (8)  separator: the end of the optional fields is  marked  by  a
779                   single hyphen.
780
781              (9)  filesystem   type:   the   filesystem   type  in  the  form
782                   "type[.subtype]".
783
784              (10) mount source: filesystem-specific information or "none".
785
786              (11) super options: per-superblock options.
787
788              Currently, the possible  optional  fields  are  shared,  master,
789              propagate_from,  and  unbindable.  See mount_namespaces(7) for a
790              description of these fields.  Parsers should ignore all unrecog‐
791              nized optional fields.
792
793              For  more  information  on  mount  propagation  see:  Documenta‐
794              tion/filesystems/sharedsubtree.txt in the  Linux  kernel  source
795              tree.
796
797       /proc/[pid]/mounts (since Linux 2.4.19)
798              This  file  lists  all  the filesystems currently mounted in the
799              process's mount namespace (see mount_namespaces(7)).  The format
800              of this file is documented in fstab(5).
801
802              Since  kernel version 2.6.15, this file is pollable: after open‐
803              ing the file for  reading,  a  change  in  this  file  (i.e.,  a
804              filesystem  mount  or unmount) causes select(2) to mark the file
805              descriptor as having an exceptional condition, and  poll(2)  and
806              epoll_wait(2)  mark  the  file as having a priority event (POLL‐
807              PRI).  (Before Linux 2.6.30, a change in this file was indicated
808              by  the  file descriptor being marked as readable for select(2),
809              and being marked as having an error condition  for  poll(2)  and
810              epoll_wait(2).)
811
812       /proc/[pid]/mountstats (since Linux 2.6.17)
813              This  file exports information (statistics, configuration infor‐
814              mation) about the mount points in the process's mount  namespace
815              (see mount_namespaces(7)).  Lines in this file have the form:
816
817                  device /dev/sda7 mounted on /home with fstype ext3 [statistics]
818                  (       1      )            ( 2 )             (3 ) (4)
819
820              The fields in each line are:
821
822              (1)  The  name  of the mounted device (or "nodevice" if there is
823                   no corresponding device).
824
825              (2)  The mount point within the filesystem tree.
826
827              (3)  The filesystem type.
828
829              (4)  Optional statistics and  configuration  information.   Cur‐
830                   rently  (as  at  Linux 2.6.26), only NFS filesystems export
831                   information via this field.
832
833              This file is readable only by the owner of the process.
834
835       /proc/[pid]/net (since Linux 2.6.25)
836              See the description of /proc/net.
837
838       /proc/[pid]/ns/ (since Linux 3.0)
839              This is a subdirectory containing one entry for  each  namespace
840              that  supports being manipulated by setns(2).  For more informa‐
841              tion, see namespaces(7).
842
843       /proc/[pid]/numa_maps (since Linux 2.6.14)
844              See numa(7).
845
846       /proc/[pid]/oom_adj (since Linux 2.6.11)
847              This file can be used to adjust the score used to  select  which
848              process  should  be  killed in an out-of-memory (OOM) situation.
849              The kernel uses this value for  a  bit-shift  operation  of  the
850              process's  oom_score value: valid values are in the range -16 to
851              +15, plus the special  value  -17,  which  disables  OOM-killing
852              altogether  for  this  process.   A positive score increases the
853              likelihood of this process being killed  by  the  OOM-killer;  a
854              negative score decreases the likelihood.
855
856              The default value for this file is 0; a new process inherits its
857              parent's  oom_adj  setting.   A  process  must   be   privileged
858              (CAP_SYS_RESOURCE) to update this file.
859
860              Since  Linux  2.6.36, use of this file is deprecated in favor of
861              /proc/[pid]/oom_score_adj.
862
863       /proc/[pid]/oom_score (since Linux 2.6.11)
864              This file displays the current score that the  kernel  gives  to
865              this process for the purpose of selecting a process for the OOM-
866              killer.  A higher score means that the process is more likely to
867              be  selected by the OOM-killer.  The basis for this score is the
868              amount of memory used by the  process,  with  increases  (+)  or
869              decreases (-) for factors including:
870
871              * whether the process is privileged (-).
872
873              Before kernel 2.6.36 the following factors were also used in the
874              calculation of oom_score:
875
876              * whether the process creates a lot of  children  using  fork(2)
877                (+);
878
879              * whether  the process has been running a long time, or has used
880                a lot of CPU time (-);
881
882              * whether the process has a low nice value (i.e., > 0) (+); and
883
884              * whether the process is making direct hardware access (-).
885
886              The oom_score also reflects  the  adjustment  specified  by  the
887              oom_score_adj or oom_adj setting for the process.
888
889       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
890              This  file  can  be used to adjust the badness heuristic used to
891              select which process gets killed in out-of-memory conditions.
892
893              The badness heuristic assigns a value  to  each  candidate  task
894              ranging  from  0 (never kill) to 1000 (always kill) to determine
895              which process is targeted.  The units are roughly  a  proportion
896              along  that  range  of  allowed  memory the process may allocate
897              from, based on an estimation of its current memory and swap use.
898              For  example, if a task is using all allowed memory, its badness
899              score will be 1000.  If it is using half of its allowed  memory,
900              its score will be 500.
901
902              There  is  an  additional  factor included in the badness score:
903              root processes are given 3% extra memory over other tasks.
904
905              The amount of "allowed" memory depends on the context  in  which
906              the  OOM-killer was called.  If it is due to the memory assigned
907              to the allocating task's cpuset  being  exhausted,  the  allowed
908              memory  represents  the set of mems assigned to that cpuset (see
909              cpuset(7)).  If  it  is  due  to  a  mempolicy's  node(s)  being
910              exhausted,  the  allowed  memory represents the set of mempolicy
911              nodes.  If it is due to a memory limit  (or  swap  limit)  being
912              reached,  the allowed memory is that configured limit.  Finally,
913              if it is due to the entire  system  being  out  of  memory,  the
914              allowed memory represents all allocatable resources.
915
916              The  value of oom_score_adj is added to the badness score before
917              it is used to determine which task to kill.   Acceptable  values
918              range     from     -1000     (OOM_SCORE_ADJ_MIN)     to    +1000
919              (OOM_SCORE_ADJ_MAX).  This allows  user  space  to  control  the
920              preference  for  OOM-killing,  ranging  from always preferring a
921              certain task or completely disabling it from OOM  killing.   The
922              lowest  possible  value,  -1000, is equivalent to disabling OOM-
923              killing entirely for that task, since it will  always  report  a
924              badness score of 0.
925
926              Consequently,  it  is  very  simple for user space to define the
927              amount  of  memory  to  consider  for  each  task.   Setting  an
928              oom_score_adj  value of +500, for example, is roughly equivalent
929              to allowing the remainder of  tasks  sharing  the  same  system,
930              cpuset,  mempolicy,  or  memory  controller  resources to use at
931              least 50% more memory.  A value of  -500,  on  the  other  hand,
932              would  be  roughly  equivalent  to discounting 50% of the task's
933              allowed memory from being  considered  as  scoring  against  the
934              task.
935
936              For    backward    compatibility    with    previous    kernels,
937              /proc/[pid]/oom_adj can still be used to tune the badness score.
938              Its value is scaled linearly with oom_score_adj.
939
940              Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will
941              change the other with its scaled value.
942
943       /proc/[pid]/pagemap (since Linux 2.6.25)
944              This file shows the mapping of each  of  the  process's  virtual
945              pages  into  physical page frames or swap area.  It contains one
946              64-bit value for each virtual page, with the bits  set  as  fol‐
947              lows:
948
949                   63     If set, the page is present in RAM.
950
951                   62     If set, the page is in swap space
952
953                   61 (since Linux 3.5)
954                          The page is a file-mapped page or a shared anonymous
955                          page.
956
957                   60–57 (since Linux 3.11)
958                          Zero
959
960                   56 (since Linux 4.2)
961                          The page is exclusively mapped.
962
963                   55 (since Linux 3.11)
964                          PTE is soft-dirty (see the kernel source file  Docu‐
965                          mentation/vm/soft-dirty.txt).
966
967                   54–0   If  the  page is present in RAM (bit 63), then these
968                          bits provide the page frame  number,  which  can  be
969                          used to index /proc/kpageflags and /proc/kpagecount.
970                          If the page is present in swap (bit 62),  then  bits
971                          4–0  give  the  swap  type, and bits 54–5 encode the
972                          swap offset.
973
974              Before Linux 3.11, bits 60–55 were used to encode the base-2 log
975              of the page size.
976
977              To  employ /proc/[pid]/pagemap efficiently, use /proc/[pid]/maps
978              to determine which areas of memory are actually mapped and  seek
979              to skip over unmapped regions.
980
981              The  /proc/[pid]/pagemap  file  is  present  only  if  the  CON‐
982              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
983
984              Permission to access this file is governed by  a  ptrace  access
985              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
986
987       /proc/[pid]/personality (since Linux 2.6.28)
988              This  read-only  file exposes the process's execution domain, as
989              set by personality(2).  The value is  displayed  in  hexadecimal
990              notation.
991
992              Permission  to  access  this file is governed by a ptrace access
993              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
994
995       /proc/[pid]/root
996              UNIX and Linux support the idea of a  per-process  root  of  the
997              filesystem,  set  by  the chroot(2) system call.  This file is a
998              symbolic link that points to the process's root  directory,  and
999              behaves in the same way as exe, and fd/*.
1000
1001              Note  however  that this file is not merely a symbolic link.  It
1002              provides the same view of the filesystem  (including  namespaces
1003              and  the  set  of per-process mounts) as the process itself.  An
1004              example illustrates this point.  In one  terminal,  we  start  a
1005              shell  in  new  user  and mount namespaces, and in that shell we
1006              create some new mount points:
1007
1008                  $ PS1='sh1# ' unshare -Urnm
1009                  sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
1010                  sh1# mount --bind /usr /dev     # Mount /usr at /dev
1011                  sh1# echo $$
1012                  27123
1013
1014              In a second terminal window, in the initial mount namespace,  we
1015              look  at the contents of the corresponding mounts in the initial
1016              and new namespaces:
1017
1018                  $ PS1='sh2# ' sudo sh
1019                  sh2# ls /etc | wc -l                  # In initial NS
1020                  309
1021                  sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
1022                  0                                     # The empty tmpfs dir
1023                  sh2# ls /dev | wc -l                  # In initial NS
1024                  205
1025                  sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
1026                  11                                    # Actually bind
1027                                                        # mounted to /usr
1028                  sh2# ls /usr | wc -l                  # /usr in initial NS
1029                  11
1030
1031              In a multithreaded process, the contents of the /proc/[pid]/root
1032              symbolic  link  are not available if the main thread has already
1033              terminated (typically by calling pthread_exit(3)).
1034
1035              Permission to dereference or read  (readlink(2))  this  symbolic
1036              link     is     governed     by    a    ptrace    access    mode
1037              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1038
1039       /proc/[pid]/seccomp (Linux 2.6.12 to 2.6.22)
1040              This file can be used to read and change  the  process's  secure
1041              computing  (seccomp)  mode  setting.  It contains the value 0 if
1042              the process is not in seccomp mode, and 1 if the process  is  in
1043              strict  seccomp  mode  (see seccomp(2)).  Writing 1 to this file
1044              places the process irreversibly in strict seccomp  mode.   (Fur‐
1045              ther attempts to write to the file fail with the EPERM error.)
1046
1047              In  Linux  2.6.23,  this  file  went away, to be replaced by the
1048              prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP operations (and later
1049              by seccomp(2) and the Seccomp field in /proc/[pid]/status).
1050
1051       /proc/[pid]/setgroups (since Linux 3.19)
1052              See user_namespaces(7).
1053
1054       /proc/[pid]/smaps (since Linux 2.6.14)
1055              This  file  shows  memory  consumption for each of the process's
1056              mappings.  (The pmap(1) command displays similar information, in
1057              a  form that may be easier for parsing.)  For each mapping there
1058              is a series of lines such as the following:
1059
1060                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
1061                  Size:                552 kB
1062                  Rss:                 460 kB
1063                  Pss:                 100 kB
1064                  Shared_Clean:        452 kB
1065                  Shared_Dirty:          0 kB
1066                  Private_Clean:         8 kB
1067                  Private_Dirty:         0 kB
1068                  Referenced:          460 kB
1069                  Anonymous:             0 kB
1070                  AnonHugePages:         0 kB
1071                  ShmemHugePages:        0 kB
1072                  ShmemPmdMapped:        0 kB
1073                  Swap:                  0 kB
1074                  KernelPageSize:        4 kB
1075                  MMUPageSize:           4 kB
1076                  KernelPageSize:        4 kB
1077                  MMUPageSize:           4 kB
1078                  Locked:                0 kB
1079                  ProtectionKey:         0
1080                  VmFlags: rd ex mr mw me dw
1081
1082              The first of these lines shows the same information as  is  dis‐
1083              played for the mapping in /proc/[pid]/maps.  The following lines
1084              show the size of the mapping, the amount of the mapping that  is
1085              currently  resident  in  RAM ("Rss"), the process's proportional
1086              share of this mapping ("Pss"), the number  of  clean  and  dirty
1087              shared  pages  in the mapping, and the number of clean and dirty
1088              private pages in the mapping.  "Referenced" indicates the amount
1089              of  memory  currently marked as referenced or accessed.  "Anony‐
1090              mous" shows the amount of memory that does  not  belong  to  any
1091              file.   "Swap"  shows how much would-be-anonymous memory is also
1092              used, but out on swap.
1093
1094              The "KernelPageSize" line (available since Linux 2.6.29) is  the
1095              page  size  used  by the kernel to back the virtual memory area.
1096              This matches the size used by the MMU in the majority of  cases.
1097              However,  one  counter-example occurs on PPC64 kernels whereby a
1098              kernel using 64kB as a base page size may still  use  4kB  pages
1099              for  the  MMU  on  older  processors.   To  distinguish  the two
1100              attributes, the "MMUPageSize" line (also available  since  Linux
1101              2.6.29) reports the page size used by the MMU.
1102
1103              The  "Locked"  indicates whether the mapping is locked in memory
1104              or not.
1105
1106              The "ProtectionKey" line (available  since  Linux  4.9,  on  x86
1107              only)  contains the memory protection key (see pkeys(7)) associ‐
1108              ated with the virtual memory area.  This entry is  present  only
1109              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1110              TION_KEYS configuration option.
1111
1112              The "VmFlags" line (available since Linux  3.8)  represents  the
1113              kernel  flags  associated  with the virtual memory area, encoded
1114              using the following two-letter codes:
1115
1116                  rd  - readable
1117                  wr  - writable
1118                  ex  - executable
1119                  sh  - shared
1120                  mr  - may read
1121                  mw  - may write
1122                  me  - may execute
1123                  ms  - may share
1124                  gd  - stack segment grows down
1125                  pf  - pure PFN range
1126                  dw  - disabled write to the mapped file
1127                  lo  - pages are locked in memory
1128                  io  - memory mapped I/O area
1129                  sr  - sequential read advise provided
1130                  rr  - random read advise provided
1131                  dc  - do not copy area on fork
1132                  de  - do not expand area on remapping
1133                  ac  - area is accountable
1134                  nr  - swap space is not reserved for the area
1135                  ht  - area uses huge tlb pages
1136                  nl  - non-linear mapping
1137                  ar  - architecture specific flag
1138                  dd  - do not include area into core dump
1139                  sd  - soft-dirty flag
1140                  mm  - mixed map area
1141                  hg  - huge page advise flag
1142                  nh  - no-huge page advise flag
1143                  mg  - mergeable advise flag
1144
1145              "ProtectionKey" field contains the memory  protection  key  (see
1146              pkeys(5)) associated with the virtual memory area.  Present only
1147              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1148              TION_KEYS configuration option. (since Linux 4.6)
1149
1150              The   /proc/[pid]/smaps   file  is  present  only  if  the  CON‐
1151              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1152
1153       /proc/[pid]/stack (since Linux 2.6.29)
1154              This file provides a symbolic trace of  the  function  calls  in
1155              this  process's kernel stack.  This file is provided only if the
1156              kernel  was  built  with  the  CONFIG_STACKTRACE   configuration
1157              option.
1158
1159              Permission  to  access  this file is governed by a ptrace access
1160              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1161
1162       /proc/[pid]/stat
1163              Status information about the process.  This is  used  by  ps(1).
1164              It is defined in the kernel source file fs/proc/array.c.
1165
1166              The  fields,  in order, with their proper scanf(3) format speci‐
1167              fiers, are listed below.  Whether or not certain of these fields
1168              display  valid  information  is governed by a ptrace access mode
1169              PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT check  (refer  to
1170              ptrace(2)).  If the check denies access, then the field value is
1171              displayed as 0.  The affected  fields  are  indicated  with  the
1172              marking [PT].
1173
1174              (1) pid  %d
1175                        The process ID.
1176
1177              (2) comm  %s
1178                        The  filename of the executable, in parentheses.  This
1179                        is visible whether or not the  executable  is  swapped
1180                        out.
1181
1182              (3) state  %c
1183                        One  of  the  following characters, indicating process
1184                        state:
1185
1186                        R  Running
1187
1188                        S  Sleeping in an interruptible wait
1189
1190                        D  Waiting in uninterruptible disk sleep
1191
1192                        Z  Zombie
1193
1194                        T  Stopped (on a  signal)  or  (before  Linux  2.6.33)
1195                           trace stopped
1196
1197                        t  Tracing stop (Linux 2.6.33 onward)
1198
1199                        W  Paging (only before Linux 2.6.0)
1200
1201                        X  Dead (from Linux 2.6.0 onward)
1202
1203                        x  Dead (Linux 2.6.33 to 3.13 only)
1204
1205                        K  Wakekill (Linux 2.6.33 to 3.13 only)
1206
1207                        W  Waking (Linux 2.6.33 to 3.13 only)
1208
1209                        P  Parked (Linux 3.9 to 3.13 only)
1210
1211              (4) ppid  %d
1212                        The PID of the parent of this process.
1213
1214              (5) pgrp  %d
1215                        The process group ID of the process.
1216
1217              (6) session  %d
1218                        The session ID of the process.
1219
1220              (7) tty_nr  %d
1221                        The  controlling  terminal of the process.  (The minor
1222                        device number is contained in the combination of  bits
1223                        31  to  20  and  7 to 0; the major device number is in
1224                        bits 15 to 8.)
1225
1226              (8) tpgid  %d
1227                        The ID of the foreground process group of the control‐
1228                        ling terminal of the process.
1229
1230              (9) flags  %u
1231                        The  kernel  flags word of the process.  For bit mean‐
1232                        ings, see the PF_* defines in the Linux kernel  source
1233                        file  include/linux/sched.h.   Details  depend  on the
1234                        kernel version.
1235
1236                        The format for this field was %lu before Linux 2.6.
1237
1238              (10) minflt  %lu
1239                        The number of minor faults the process has made  which
1240                        have not required loading a memory page from disk.
1241
1242              (11) cminflt  %lu
1243                        The  number of minor faults that the process's waited-
1244                        for children have made.
1245
1246              (12) majflt  %lu
1247                        The number of major faults the process has made  which
1248                        have required loading a memory page from disk.
1249
1250              (13) cmajflt  %lu
1251                        The  number of major faults that the process's waited-
1252                        for children have made.
1253
1254              (14) utime  %lu
1255                        Amount of time that this process has been scheduled in
1256                        user   mode,   measured  in  clock  ticks  (divide  by
1257                        sysconf(_SC_CLK_TCK)).   This  includes  guest   time,
1258                        guest_time  (time  spent  running  a  virtual CPU, see
1259                        below), so that applications that are not aware of the
1260                        guest time field do not lose that time from their cal‐
1261                        culations.
1262
1263              (15) stime  %lu
1264                        Amount of time that this process has been scheduled in
1265                        kernel  mode,  measured  in  clock  ticks  (divide  by
1266                        sysconf(_SC_CLK_TCK)).
1267
1268              (16) cutime  %ld
1269                        Amount of time that this process's waited-for children
1270                        have  been  scheduled  in user mode, measured in clock
1271                        ticks (divide  by  sysconf(_SC_CLK_TCK)).   (See  also
1272                        times(2).)   This  includes  guest  time,  cguest_time
1273                        (time spent running a virtual CPU, see below).
1274
1275              (17) cstime  %ld
1276                        Amount of time that this process's waited-for children
1277                        have  been scheduled in kernel mode, measured in clock
1278                        ticks (divide by sysconf(_SC_CLK_TCK)).
1279
1280              (18) priority  %ld
1281                        (Explanation for Linux 2.6) For  processes  running  a
1282                        real-time   scheduling   policy   (policy  below;  see
1283                        sched_setscheduler(2)), this is the negated scheduling
1284                        priority, minus one; that is, a number in the range -2
1285                        to -100, corresponding to real-time  priorities  1  to
1286                        99.   For  processes  running  under  a  non-real-time
1287                        scheduling policy, this is the raw nice value (setpri‐
1288                        ority(2))  as  represented  in the kernel.  The kernel
1289                        stores nice values as numbers in the range 0 (high) to
1290                        39 (low), corresponding to the user-visible nice range
1291                        of -20 to 19.
1292
1293                        Before Linux 2.6, this was a scaled value based on the
1294                        scheduler weighting given to this process.
1295
1296              (19) nice  %ld
1297                        The  nice  value  (see setpriority(2)), a value in the
1298                        range 19 (low priority) to -20 (high priority).
1299
1300              (20) num_threads  %ld
1301                        Number of threads in this process (since  Linux  2.6).
1302                        Before kernel 2.6, this field was hard coded to 0 as a
1303                        placeholder for an earlier removed field.
1304
1305              (21) itrealvalue  %ld
1306                        The time in jiffies before the next SIGALRM is sent to
1307                        the  process  due  to an interval timer.  Since kernel
1308                        2.6.17, this field is no  longer  maintained,  and  is
1309                        hard coded as 0.
1310
1311              (22) starttime  %llu
1312                        The  time  the  process started after system boot.  In
1313                        kernels before Linux 2.6, this value was expressed  in
1314                        jiffies.   Since  Linux 2.6, the value is expressed in
1315                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1316
1317                        The format for this field was %lu before Linux 2.6.
1318
1319              (23) vsize  %lu
1320                        Virtual memory size in bytes.
1321
1322              (24) rss  %ld
1323                        Resident Set Size: number of pages the process has  in
1324                        real  memory.   This  is  just  the  pages which count
1325                        toward text, data, or  stack  space.   This  does  not
1326                        include pages which have not been demand-loaded in, or
1327                        which are swapped out.
1328
1329              (25) rsslim  %lu
1330                        Current soft limit in bytes on the rss of the process;
1331                        see the description of RLIMIT_RSS in getrlimit(2).
1332
1333              (26) startcode  %lu  [PT]
1334                        The address above which program text can run.
1335
1336              (27) endcode  %lu  [PT]
1337                        The address below which program text can run.
1338
1339              (28) startstack  %lu  [PT]
1340                        The address of the start (i.e., bottom) of the stack.
1341
1342              (29) kstkesp  %lu  [PT]
1343                        The  current value of ESP (stack pointer), as found in
1344                        the kernel stack page for the process.
1345
1346              (30) kstkeip  %lu  [PT]
1347                        The current EIP (instruction pointer).
1348
1349              (31) signal  %lu
1350                        The bitmap of pending signals, displayed as a  decimal
1351                        number.   Obsolete, because it does not provide infor‐
1352                        mation on real-time  signals;  use  /proc/[pid]/status
1353                        instead.
1354
1355              (32) blocked  %lu
1356                        The  bitmap of blocked signals, displayed as a decimal
1357                        number.  Obsolete, because it does not provide  infor‐
1358                        mation  on  real-time  signals; use /proc/[pid]/status
1359                        instead.
1360
1361              (33) sigignore  %lu
1362                        The bitmap of ignored signals, displayed as a  decimal
1363                        number.   Obsolete, because it does not provide infor‐
1364                        mation on real-time  signals;  use  /proc/[pid]/status
1365                        instead.
1366
1367              (34) sigcatch  %lu
1368                        The  bitmap  of caught signals, displayed as a decimal
1369                        number.  Obsolete, because it does not provide  infor‐
1370                        mation  on  real-time  signals; use /proc/[pid]/status
1371                        instead.
1372
1373              (35) wchan  %lu  [PT]
1374                        This is the "channel" in which the process is waiting.
1375                        It  is  the  address of a location in the kernel where
1376                        the process is sleeping.  The  corresponding  symbolic
1377                        name can be found in /proc/[pid]/wchan.
1378
1379              (36) nswap  %lu
1380                        Number of pages swapped (not maintained).
1381
1382              (37) cnswap  %lu
1383                        Cumulative nswap for child processes (not maintained).
1384
1385              (38) exit_signal  %d  (since Linux 2.1.22)
1386                        Signal to be sent to parent when we die.
1387
1388              (39) processor  %d  (since Linux 2.2.8)
1389                        CPU number last executed on.
1390
1391              (40) rt_priority  %u  (since Linux 2.5.19)
1392                        Real-time scheduling priority, a number in the range 1
1393                        to 99 for processes scheduled under a  real-time  pol‐
1394                        icy,   or   0,   for   non-real-time   processes  (see
1395                        sched_setscheduler(2)).
1396
1397              (41) policy  %u  (since Linux 2.5.19)
1398                        Scheduling policy (see sched_setscheduler(2)).  Decode
1399                        using the SCHED_* constants in linux/sched.h.
1400
1401                        The format for this field was %lu before Linux 2.6.22.
1402
1403              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
1404                        Aggregated  block  I/O delays, measured in clock ticks
1405                        (centiseconds).
1406
1407              (43) guest_time  %lu  (since Linux 2.6.24)
1408                        Guest time of the process (time spent running  a  vir‐
1409                        tual  CPU  for  a guest operating system), measured in
1410                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1411
1412              (44) cguest_time  %ld  (since Linux 2.6.24)
1413                        Guest time of  the  process's  children,  measured  in
1414                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1415
1416              (45) start_data  %lu  (since Linux 3.3)  [PT]
1417                        Address above which program initialized and uninitial‐
1418                        ized (BSS) data are placed.
1419
1420              (46) end_data  %lu  (since Linux 3.3)  [PT]
1421                        Address below which program initialized and uninitial‐
1422                        ized (BSS) data are placed.
1423
1424              (47) start_brk  %lu  (since Linux 3.3)  [PT]
1425                        Address  above which program heap can be expanded with
1426                        brk(2).
1427
1428              (48) arg_start  %lu  (since Linux 3.5)  [PT]
1429                        Address above  which  program  command-line  arguments
1430                        (argv) are placed.
1431
1432              (49) arg_end  %lu  (since Linux 3.5)  [PT]
1433                        Address  below  program  command-line arguments (argv)
1434                        are placed.
1435
1436              (50) env_start  %lu  (since Linux 3.5)  [PT]
1437                        Address above which program environment is placed.
1438
1439              (51) env_end  %lu  (since Linux 3.5)  [PT]
1440                        Address below which program environment is placed.
1441
1442              (52) exit_code  %d  (since Linux 3.5)  [PT]
1443                        The thread's exit status in the form reported by wait‐
1444                        pid(2).
1445
1446       /proc/[pid]/statm
1447              Provides information about memory usage, measured in pages.  The
1448              columns are:
1449
1450                  size       (1) total program size
1451                             (same as VmSize in /proc/[pid]/status)
1452                  resident   (2) resident set size
1453                             (same as VmRSS in /proc/[pid]/status)
1454                  shared     (3) number of resident shared pages (i.e., backed by a file)
1455                             (same as RssFile+RssShmem in /proc/[pid]/status)
1456                  text       (4) text (code)
1457                  lib        (5) library (unused since Linux 2.6; always 0)
1458                  data       (6) data + stack
1459                  dt         (7) dirty pages (unused since Linux 2.6; always 0)
1460
1461       /proc/[pid]/status
1462              Provides  much  of  the  information  in  /proc/[pid]/stat   and
1463              /proc/[pid]/statm in a format that's easier for humans to parse.
1464              Here's an example:
1465
1466                  $ cat /proc/$$/status
1467                  Name:   bash
1468                  Umask:  0022
1469                  State:  S (sleeping)
1470                  Tgid:   17248
1471                  Ngid:   0
1472                  Pid:    17248
1473                  PPid:   17200
1474                  TracerPid:      0
1475                  Uid:    1000    1000    1000    1000
1476                  Gid:    100     100     100     100
1477                  FDSize: 256
1478                  Groups: 16 33 100
1479                  NStgid: 17248
1480                  NSpid:  17248
1481                  NSpgid: 17248
1482                  NSsid:  17200
1483                  VmPeak:     131168 kB
1484                  VmSize:     131168 kB
1485                  VmLck:           0 kB
1486                  VmPin:           0 kB
1487                  VmHWM:       13484 kB
1488                  VmRSS:       13484 kB
1489                  RssAnon:     10264 kB
1490                  RssFile:      3220 kB
1491                  RssShmem:        0 kB
1492                  VmData:      10332 kB
1493                  VmStk:         136 kB
1494                  VmExe:         992 kB
1495                  VmLib:        2104 kB
1496                  VmPTE:          76 kB
1497                  VmPMD:          12 kB
1498                  VmSwap:          0 kB
1499                  HugetlbPages:          0 kB        # 4.4
1500                  Threads:        1
1501                  SigQ:   0/3067
1502                  SigPnd: 0000000000000000
1503                  ShdPnd: 0000000000000000
1504                  SigBlk: 0000000000010000
1505                  SigIgn: 0000000000384004
1506                  SigCgt: 000000004b813efb
1507                  CapInh: 0000000000000000
1508                  CapPrm: 0000000000000000
1509                  CapEff: 0000000000000000
1510                  CapBnd: ffffffffffffffff
1511                  CapAmb:   0000000000000000
1512                  NoNewPrivs:     0
1513                  Seccomp:        0
1514                  Cpus_allowed:   00000001
1515                  Cpus_allowed_list:      0
1516                  Mems_allowed:   1
1517                  Mems_allowed_list:      0
1518                  voluntary_ctxt_switches:        150
1519                  nonvoluntary_ctxt_switches:     545
1520
1521              The fields are as follows:
1522
1523              * Name: Command run by this process.
1524
1525              * Umask: Process umask, expressed in octal with a leading  zero;
1526                see umask(2).  (Since Linux 4.7.)
1527
1528              * State: Current state of the process.  One of "R (running)", "S
1529                (sleeping)", "D (disk  sleep)",  "T  (stopped)",  "T  (tracing
1530                stop)", "Z (zombie)", or "X (dead)".
1531
1532              * Tgid: Thread group ID (i.e., Process ID).
1533
1534              * Ngid: NUMA group ID (0 if none; since Linux 3.13).
1535
1536              * Pid: Thread ID (see gettid(2)).
1537
1538              * PPid: PID of parent process.
1539
1540              * TracerPid: PID of process tracing this process (0 if not being
1541                traced).
1542
1543              * Uid, Gid: Real, effective,  saved  set,  and  filesystem  UIDs
1544                (GIDs).
1545
1546              * FDSize: Number of file descriptor slots currently allocated.
1547
1548              * Groups: Supplementary group list.
1549
1550              * NStgid : Thread group ID (i.e., PID) in each of the PID names‐
1551                paces of which [pid] is a member.  The  leftmost  entry  shows
1552                the  value  with  respect  to the PID namespace of the reading
1553                process, followed by the value in  successively  nested  inner
1554                namespaces.  (Since Linux 4.1.)
1555
1556              * NSpid:  Thread ID in each of the PID namespaces of which [pid]
1557                is a member.  The fields are ordered as  for  NStgid.   (Since
1558                Linux 4.1.)
1559
1560              * NSpgid:  Process  group  ID  in  each of the PID namespaces of
1561                which [pid] is a member.  The fields are ordered as  for  NSt‐
1562                gid.  (Since Linux 4.1.)
1563
1564              * NSsid: descendant namespace session ID hierarchy Session ID in
1565                each of the PID namespaces of which [pid] is  a  member.   The
1566                fields are ordered as for NStgid.  (Since Linux 4.1.)
1567
1568              * VmPeak: Peak virtual memory size.
1569
1570              * VmSize: Virtual memory size.
1571
1572              * VmLck: Locked memory size (see mlock(3)).
1573
1574              * VmPin:  Pinned memory size (since Linux 3.2).  These are pages
1575                that can't be moved because something needs to directly access
1576                physical memory.
1577
1578              * VmHWM: Peak resident set size ("high water mark").
1579
1580              * VmRSS: Resident set size.  Note that the value here is the sum
1581                of RssAnon, RssFile, and RssShmem.
1582
1583              * RssAnon: Size of  resident  anonymous  memory.   (since  Linux
1584                4.5).
1585
1586              * RssFile: Size of resident file mappings.  (since Linux 4.5).
1587
1588              * RssShmem:  Size  of  resident shared memory (includes System V
1589                shared memory, mappings from tmpfs(5),  and  shared  anonymous
1590                mappings).  (since Linux 4.5).
1591
1592              * VmData, VmStk, VmExe: Size of data, stack, and text segments.
1593
1594              * VmLib: Shared library code size.
1595
1596              * VmPTE: Page table entries size (since Linux 2.6.10).
1597
1598              * VmPMD: Size of second-level page tables (since Linux 4.0).
1599
1600              * VmSwap:  Swapped-out  virtual memory size by anonymous private
1601                pages; shmem swap usage is not included (since Linux 2.6.34).
1602
1603              * HugetlbPages: Size of hugetlb memory portions.   (since  Linux
1604                4.4).
1605
1606              * Threads: Number of threads in process containing this thread.
1607
1608              * SigQ:  This  field  contains  two slash-separated numbers that
1609                relate to queued signals for the real user ID of this process.
1610                The  first  of these is the number of currently queued signals
1611                for this real user ID, and the second is the resource limit on
1612                the  number  of  queued  signals  for  this  process  (see the
1613                description of RLIMIT_SIGPENDING in getrlimit(2)).
1614
1615              * SigPnd, ShdPnd: Number of signals pending for thread  and  for
1616                process as a whole (see pthreads(7) and signal(7)).
1617
1618              * SigBlk,   SigIgn,   SigCgt:  Masks  indicating  signals  being
1619                blocked, ignored, and caught (see signal(7)).
1620
1621              * CapInh, CapPrm,  CapEff:  Masks  of  capabilities  enabled  in
1622                inheritable,  permitted,  and  effective  sets  (see capabili‐
1623                ties(7)).
1624
1625              * CapBnd: Capability Bounding set (since Linux 2.6.26, see capa‐
1626                bilities(7)).
1627
1628              * CapAmb: Ambient capability set (since Linux 4.3, see capabili‐
1629                ties(7)).
1630
1631              * NoNewPrivs: Value of the no_new_privs bit (since  Linux  4.10,
1632                see prctl(2)).
1633
1634              * Seccomp:  Seccomp  mode  of  the process (since Linux 3.8, see
1635                seccomp(2)).  0  means  SECCOMP_MODE_DISABLED;  1  means  SEC‐
1636                COMP_MODE_STRICT;  2 means SECCOMP_MODE_FILTER.  This field is
1637                provided only if the kernel was built with the  CONFIG_SECCOMP
1638                kernel configuration option enabled.
1639
1640              * Cpus_allowed:  Mask  of  CPUs  on  which  this process may run
1641                (since Linux 2.6.24, see cpuset(7)).
1642
1643              * Cpus_allowed_list: Same as  previous,  but  in  "list  format"
1644                (since Linux 2.6.26, see cpuset(7)).
1645
1646              * Mems_allowed:  Mask  of  memory  nodes allowed to this process
1647                (since Linux 2.6.24, see cpuset(7)).
1648
1649              * Mems_allowed_list: Same as  previous,  but  in  "list  format"
1650                (since Linux 2.6.26, see cpuset(7)).
1651
1652              * voluntary_ctxt_switches, nonvoluntary_ctxt_switches: Number of
1653                voluntary  and  involuntary  context  switches  (since   Linux
1654                2.6.23).
1655
1656       /proc/[pid]/syscall (since Linux 2.6.27)
1657              This  file exposes the system call number and argument registers
1658              for the system call currently being  executed  by  the  process,
1659              followed  by the values of the stack pointer and program counter
1660              registers.   The  values  of  all  six  argument  registers  are
1661              exposed, although most system calls use fewer registers.
1662
1663              If  the  process  is blocked, but not in a system call, then the
1664              file displays -1 in place of the system call number, followed by
1665              just  the  values  of the stack pointer and program counter.  If
1666              process is not blocked, then the file contains just  the  string
1667              "running".
1668
1669              This file is present only if the kernel was configured with CON‐
1670              FIG_HAVE_ARCH_TRACEHOOK.
1671
1672              Permission to access this file is governed by  a  ptrace  access
1673              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1674
1675       /proc/[pid]/task (since Linux 2.6.0-test6)
1676              This  is  a  directory  that  contains one subdirectory for each
1677              thread in the process.  The name of  each  subdirectory  is  the
1678              numerical  thread  ID  ([tid])  of  the  thread (see gettid(2)).
1679              Within each of these subdirectories, there is  a  set  of  files
1680              with the same names and contents as under the /proc/[pid] direc‐
1681              tories.  For attributes that are shared by all threads, the con‐
1682              tents  for each of the files under the task/[tid] subdirectories
1683              will be the same as in the  corresponding  file  in  the  parent
1684              /proc/[pid]  directory (e.g., in a multithreaded process, all of
1685              the task/[tid]/cwd  files  will  have  the  same  value  as  the
1686              /proc/[pid]/cwd  file  in the parent directory, since all of the
1687              threads in a process share a working directory).  For attributes
1688              that are distinct for each thread, the corresponding files under
1689              task/[tid] may have different values (e.g.,  various  fields  in
1690              each  of  the  task/[tid]/status files may be different for each
1691              thread), or they might not exist in /proc/[pid] at  all.   In  a
1692              multithreaded  process,  the  contents  of  the /proc/[pid]/task
1693              directory are not available if the main thread has already  ter‐
1694              minated (typically by calling pthread_exit(3)).
1695
1696       /proc/[pid]/task/[tid]/children (since Linux 3.5)
1697              A  space-separated list of child tasks of this task.  Each child
1698              task is represented by its TID.
1699
1700              This option is intended for use by the checkpoint-restore (CRIU)
1701              system,  and reliably provides a list of children only if all of
1702              the child processes are stopped or frozen.   It  does  not  work
1703              properly  if  children of the target task exit while the file is
1704              being read!  Exiting children may cause non-exiting children  to
1705              be  omitted  from the list.  This makes this interface even more
1706              unreliable than classic PID-based approaches  if  the  inspected
1707              task and its children aren't frozen, and most code should proba‐
1708              bly not use this interface.
1709
1710              Until Linux 4.2, the presence of this file was governed  by  the
1711              CONFIG_CHECKPOINT_RESTORE  kernel  configuration  option.  Since
1712              Linux 4.2, it is governed by the CONFIG_PROC_CHILDREN option.
1713
1714       /proc/[pid]/timers (since Linux 3.10)
1715              A list of the POSIX timers for  this  process.   Each  timer  is
1716              listed with a line that starts with the string "ID:".  For exam‐
1717              ple:
1718
1719                  ID: 1
1720                  signal: 60/00007fff86e452a8
1721                  notify: signal/pid.2634
1722                  ClockID: 0
1723                  ID: 0
1724                  signal: 60/00007fff86e452a8
1725                  notify: signal/pid.2634
1726                  ClockID: 1
1727
1728              The lines shown for each timer have the following meanings:
1729
1730              ID     The ID for this timer.  This is not the same as the timer
1731                     ID  returned  by  timer_create(2); rather, it is the same
1732                     kernel-internal ID that is available via  the  si_timerid
1733                     field of the siginfo_t structure (see sigaction(2)).
1734
1735              signal This is the signal number that this timer uses to deliver
1736                     notifications  followed  by  a  slash,   and   then   the
1737                     sigev_value  value supplied to the signal handler.  Valid
1738                     only for timers that notify via a signal.
1739
1740              notify The part before the slash specifies  the  mechanism  that
1741                     this  timer  uses to deliver notifications, and is one of
1742                     "thread", "signal", or "none".  Immediately following the
1743                     slash   is  either  the  string  "tid"  for  timers  with
1744                     SIGEV_THREAD_ID notification, or "pid"  for  timers  that
1745                     notify by other mechanisms.  Following the "." is the PID
1746                     of the process (or the kernel thread ID  of  the  thread)
1747                     that  will  be  delivered  a signal if the timer delivers
1748                     notifications via a signal.
1749
1750              ClockID
1751                     This field identifies the clock that the timer  uses  for
1752                     measuring  time.   For most clocks, this is a number that
1753                     matches one of the user-space CLOCK_*  constants  exposed
1754                     via  <time.h>.   CLOCK_PROCESS_CPUTIME_ID  timers display
1755                     with    a    value    of    -6     in     this     field.
1756                     CLOCK_THREAD_CPUTIME_ID timers display with a value of -2
1757                     in this field.
1758
1759              This file is available only when the kernel was configured  with
1760              CONFIG_CHECKPOINT_RESTORE.
1761
1762       /proc/[pid]/timerslack_ns (since Linux 4.6)
1763              This  file  exposes  the  process's "current" timer slack value,
1764              expressed in nanoseconds.  The file is  writable,  allowing  the
1765              process's  timer  slack  value to be changed.  Writing 0 to this
1766              file resets the "current" timer slack  to  the  "default"  timer
1767              slack  value.   For  further  details,  see  the  discussion  of
1768              PR_SET_TIMERSLACK in prctl(2).
1769
1770              Initially, permission to access this  file  was  governed  by  a
1771              ptrace   access   mode   PTRACE_MODE_ATTACH_FSCREDS  check  (see
1772              ptrace(2)).  However, this was subsequently deemed too strict  a
1773              requirement (and had the side effect that requiring a process to
1774              have the CAP_SYS_PTRACE capability would also allow it  to  view
1775              and  change  any process's memory).  Therefore, since Linux 4.9,
1776              only the (weaker) CAP_SYS_NICE capability is required to  access
1777              this file.
1778
1779       /proc/[pid]/uid_map, /proc/[pid]/gid_map (since Linux 3.5)
1780              See user_namespaces(7).
1781
1782       /proc/[pid]/wchan (since Linux 2.6.0)
1783              The  symbolic  name  corresponding to the location in the kernel
1784              where the process is sleeping.
1785
1786              Permission to access this file is governed by  a  ptrace  access
1787              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1788
1789       /proc/apm
1790              Advanced  power  management version and battery information when
1791              CONFIG_APM is defined at kernel compilation time.
1792
1793       /proc/buddyinfo
1794              This file contains information which is used for diagnosing mem‐
1795              ory fragmentation issues.  Each line starts with the identifica‐
1796              tion of the node and the name of the zone which  together  iden‐
1797              tify  a  memory  region  This  is  then followed by the count of
1798              available chunks of a certain order in  which  these  zones  are
1799              split.   The  size  in  bytes of a certain order is given by the
1800              formula:
1801
1802                  (2^order) * PAGE_SIZE
1803
1804              The binary buddy allocator  algorithm  inside  the  kernel  will
1805              split  one  chunk  into two chunks of a smaller order (thus with
1806              half the size) or combine two contiguous chunks into one  larger
1807              chunk  of  a higher order (thus with double the size) to satisfy
1808              allocation requests and to counter  memory  fragmentation.   The
1809              order matches the column number, when starting to count at zero.
1810
1811              For example on an x86-64 system:
1812
1813  Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
1814  Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
1815  Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
1816
1817              In  this  example,  there is one node containing three zones and
1818              there are 11 different chunk sizes.  If the page size is 4 kilo‐
1819              bytes,  then  the  first  zone  called  DMA (on x86 the first 16
1820              megabyte of memory) has 1 chunk of 4 kilobytes (order 0)  avail‐
1821              able and has 3 chunks of 4 megabytes (order 10) available.
1822
1823              If  the  memory  is  heavily fragmented, the counters for higher
1824              order chunks will be zero and  allocation  of  large  contiguous
1825              areas will fail.
1826
1827              Further  information about the zones can be found in /proc/zone‐
1828              info.
1829
1830       /proc/bus
1831              Contains subdirectories for installed busses.
1832
1833       /proc/bus/pccard
1834              Subdirectory for PCMCIA devices when  CONFIG_PCMCIA  is  set  at
1835              kernel compilation time.
1836
1837       /proc/bus/pccard/drivers
1838
1839       /proc/bus/pci
1840              Contains  various bus subdirectories and pseudo-files containing
1841              information about PCI  busses,  installed  devices,  and  device
1842              drivers.  Some of these files are not ASCII.
1843
1844       /proc/bus/pci/devices
1845              Information  about  PCI  devices.   They may be accessed through
1846              lspci(8) and setpci(8).
1847
1848       /proc/cgroups (since Linux 2.6.24)
1849              See cgroups(7).
1850
1851       /proc/cmdline
1852              Arguments passed to the Linux kernel at boot time.   Often  done
1853              via a boot manager such as lilo(8) or grub(8).
1854
1855       /proc/config.gz (since Linux 2.6)
1856              This  file  exposes  the configuration options that were used to
1857              build the currently running kernel, in the same format  as  they
1858              would  be shown in the .config file that resulted when configur‐
1859              ing the kernel (using make xconfig, make  config,  or  similar).
1860              The  file  contents  are  compressed;  view or search them using
1861              zcat(1) and zgrep(1).  As long as no changes have been  made  to
1862              the following file, the contents of /proc/config.gz are the same
1863              as those provided by:
1864
1865                  cat /lib/modules/$(uname -r)/build/.config
1866
1867              /proc/config.gz is provided only if  the  kernel  is  configured
1868              with CONFIG_IKCONFIG_PROC.
1869
1870       /proc/crypto
1871              A  list  of  the ciphers provided by the kernel crypto API.  For
1872              details, see the kernel Linux Kernel  Crypto  API  documentation
1873              available   under   the   kernel   source  directory  Documenta‐
1874              tion/crypto/ (or Documentation/DocBook before 4.10; the documen‐
1875              tation can be built using a command such as make htmldocs in the
1876              root directory of the kernel source tree).
1877
1878       /proc/cpuinfo
1879              This is a collection of CPU and  system  architecture  dependent
1880              items,  for  each  supported architecture a different list.  Two
1881              common  entries  are  processor  which  gives  CPU  number   and
1882              bogomips;  a  system  constant  that is calculated during kernel
1883              initialization.  SMP machines have  information  for  each  CPU.
1884              The lscpu(1) command gathers its information from this file.
1885
1886       /proc/devices
1887              Text  listing  of  major numbers and device groups.  This can be
1888              used by MAKEDEV scripts for consistency with the kernel.
1889
1890       /proc/diskstats (since Linux 2.5.69)
1891              This file contains disk I/O statistics  for  each  disk  device.
1892              See  the  Linux kernel source file Documentation/iostats.txt for
1893              further information.
1894
1895       /proc/dma
1896              This is a list of the registered ISA DMA (direct memory  access)
1897              channels in use.
1898
1899       /proc/driver
1900              Empty subdirectory.
1901
1902       /proc/execdomains
1903              List of the execution domains (ABI personalities).
1904
1905       /proc/fb
1906              Frame buffer information when CONFIG_FB is defined during kernel
1907              compilation.
1908
1909       /proc/filesystems
1910              A text listing of the filesystems which  are  supported  by  the
1911              kernel,  namely  filesystems which were compiled into the kernel
1912              or  whose  kernel  modules  are  currently  loaded.   (See  also
1913              filesystems(5).)   If  a filesystem is marked with "nodev", this
1914              means that it does not require a  block  device  to  be  mounted
1915              (e.g., virtual filesystem, network filesystem).
1916
1917              Incidentally, this file may be used by mount(8) when no filesys‐
1918              tem is specified and it didn't manage to determine the  filesys‐
1919              tem  type.   Then  filesystems  contained in this file are tried
1920              (excepted those that are marked with "nodev").
1921
1922       /proc/fs
1923              Contains subdirectories that in turn contain files with informa‐
1924              tion about (certain) mounted filesystems.
1925
1926       /proc/ide
1927              This  directory  exists  on systems with the IDE bus.  There are
1928              directories for each IDE channel  and  attached  device.   Files
1929              include:
1930
1931                  cache              buffer size in KB
1932                  capacity           number of sectors
1933                  driver             driver version
1934                  geometry           physical and logical geometry
1935                  identify           in hexadecimal
1936                  media              media type
1937                  model              manufacturer's model number
1938                  settings           drive settings
1939                  smart_thresholds   in hexadecimal
1940                  smart_values       in hexadecimal
1941
1942              The  hdparm(8)  utility provides access to this information in a
1943              friendly format.
1944
1945       /proc/interrupts
1946              This is used to record the number of interrupts per CPU  per  IO
1947              device.   Since  Linux 2.6.24, for the i386 and x86-64 architec‐
1948              tures, at least, this also includes interrupts internal  to  the
1949              system  (that is, not associated with a device as such), such as
1950              NMI (nonmaskable interrupt), LOC (local  timer  interrupt),  and
1951              for  SMP  systems,  TLB (TLB flush interrupt), RES (rescheduling
1952              interrupt), CAL (remote function call interrupt),  and  possibly
1953              others.  Very easy to read formatting, done in ASCII.
1954
1955       /proc/iomem
1956              I/O memory map in Linux 2.4.
1957
1958       /proc/ioports
1959              This is a list of currently registered Input-Output port regions
1960              that are in use.
1961
1962       /proc/kallsyms (since Linux 2.5.71)
1963              This holds the kernel exported symbol definitions  used  by  the
1964              modules(X)  tools to dynamically link and bind loadable modules.
1965              In Linux 2.5.47 and earlier, a similar file with  slightly  dif‐
1966              ferent syntax was named ksyms.
1967
1968       /proc/kcore
1969              This  file  represents  the physical memory of the system and is
1970              stored in the ELF core file format.  With this pseudo-file,  and
1971              an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be
1972              used to examine the current state of any kernel data structures.
1973
1974              The total length of the file is  the  size  of  physical  memory
1975              (RAM) plus 4 KiB.
1976
1977       /proc/keys (since Linux 2.6.10)
1978              See keyrings(7).
1979
1980       /proc/key-users (since Linux 2.6.10)
1981              See keyrings(7).
1982
1983       /proc/kmsg
1984              This  file  can  be used instead of the syslog(2) system call to
1985              read kernel messages.  A process must have superuser  privileges
1986              to  read  this file, and only one process should read this file.
1987              This file should not be read if  a  syslog  process  is  running
1988              which uses the syslog(2) system call facility to log kernel mes‐
1989              sages.
1990
1991              Information in this file is retrieved with the dmesg(1) program.
1992
1993       /proc/kpagecgroup (since Linux 4.3)
1994              This file contains a 64-bit inode number of  the  memory  cgroup
1995              each  page  is charged to, indexed by page frame number (see the
1996              discussion of /proc/[pid]/pagemap).
1997
1998              The /proc/kpagecgroup file is present only if  the  CONFIG_MEMCG
1999              kernel configuration option is enabled.
2000
2001       /proc/kpagecount (since Linux 2.6.25)
2002              This  file  contains  a 64-bit count of the number of times each
2003              physical page frame is mapped, indexed by page frame number (see
2004              the discussion of /proc/[pid]/pagemap).
2005
2006              The   /proc/kpagecount   file   is  present  only  if  the  CON‐
2007              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2008
2009       /proc/kpageflags (since Linux 2.6.25)
2010              This file contains 64-bit masks corresponding to  each  physical
2011              page  frame; it is indexed by page frame number (see the discus‐
2012              sion of /proc/[pid]/pagemap).  The bits are as follows:
2013
2014                   0 - KPF_LOCKED
2015                   1 - KPF_ERROR
2016                   2 - KPF_REFERENCED
2017                   3 - KPF_UPTODATE
2018                   4 - KPF_DIRTY
2019                   5 - KPF_LRU
2020                   6 - KPF_ACTIVE
2021                   7 - KPF_SLAB
2022                   8 - KPF_WRITEBACK
2023                   9 - KPF_RECLAIM
2024                  10 - KPF_BUDDY
2025                  11 - KPF_MMAP           (since Linux 2.6.31)
2026                  12 - KPF_ANON           (since Linux 2.6.31)
2027                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
2028                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
2029                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
2030                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
2031                  17 - KPF_HUGE           (since Linux 2.6.31)
2032                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
2033                  19 - KPF_HWPOISON       (since Linux 2.6.31)
2034                  20 - KPF_NOPAGE         (since Linux 2.6.31)
2035                  21 - KPF_KSM            (since Linux 2.6.32)
2036                  22 - KPF_THP            (since Linux 3.4)
2037                  23 - KPF_BALLOON        (since Linux 3.18)
2038                  24 - KPF_ZERO_PAGE      (since Linux 4.0)
2039                  25 - KPF_IDLE           (since Linux 4.3)
2040
2041              For further details on the meanings of these bits, see the  ker‐
2042              nel  source  file  Documentation/vm/pagemap.txt.   Before kernel
2043              2.6.29, KPF_WRITEBACK, KPF_RECLAIM,  KPF_BUDDY,  and  KPF_LOCKED
2044              did not report correctly.
2045
2046              The   /proc/kpageflags   file   is  present  only  if  the  CON‐
2047              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2048
2049       /proc/ksyms (Linux 1.1.23–2.5.47)
2050              See /proc/kallsyms.
2051
2052       /proc/loadavg
2053              The first three fields in this file  are  load  average  figures
2054              giving  the number of jobs in the run queue (state R) or waiting
2055              for disk I/O (state D) averaged over 1, 5, and 15 minutes.  They
2056              are  the same as the load average numbers given by uptime(1) and
2057              other programs.  The fourth field consists of two numbers  sepa‐
2058              rated  by a slash (/).  The first of these is the number of cur‐
2059              rently runnable kernel scheduling entities (processes, threads).
2060              The  value  after  the  slash is the number of kernel scheduling
2061              entities that currently exist on the system.  The fifth field is
2062              the  PID  of  the  process that was most recently created on the
2063              system.
2064
2065       /proc/locks
2066              This file shows current file locks (flock(2) and  fcntl(2))  and
2067              leases (fcntl(2)).
2068
2069              An example of the content shown in this file is the following:
2070
2071                  1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2072                  2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
2073                  3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
2074                  4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
2075                  5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
2076                  6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
2077                  7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
2078                  8: OFDLCK ADVISORY  WRITE -1 08:01:8713209 128 191
2079
2080              The fields shown in each line are as follows:
2081
2082              (1) The ordinal position of the lock in the list.
2083
2084              (2) The lock type.  Values that may appear here include:
2085
2086                  FLOCK  This is a BSD file lock created using flock(2).
2087
2088                  OFDLCK This  is  an open file description (OFD) lock created
2089                         using fcntl(2).
2090
2091                  POSIX  This  is  a  POSIX  byte-range  lock  created   using
2092                         fcntl(2).
2093
2094              (3) Among the strings that can appear here are the following:
2095
2096                  ADVISORY
2097                         This is an advisory lock.
2098
2099                  MANDATORY
2100                         This is a mandatory lock.
2101
2102              (4) The type of lock.  Values that can appear here are:
2103
2104                  READ   This  is  a  POSIX  or OFD read lock, or a BSD shared
2105                         lock.
2106
2107                  WRITE  This is a POSIX or OFD write lock, or a BSD exclusive
2108                         lock.
2109
2110              (5) The PID of the process that owns the lock.
2111
2112                  Because  OFD  locks are not owned by a single process (since
2113                  multiple processes may have file descriptors that  refer  to
2114                  the  same  open file description), the value -1 is displayed
2115                  in this field for OFD locks.  (Before  kernel  4.14,  a  bug
2116                  meant  that  the  PID of the process that initially acquired
2117                  the lock was displayed instead of the value -1.)
2118
2119              (6) Three colon-separated subfields that identify the major  and
2120                  minor  device  ID  of  the  device containing the filesystem
2121                  where the locked file resides, followed by the inode  number
2122                  of the locked file.
2123
2124              (7) The  byte  offset  of  the  first byte of the lock.  For BSD
2125                  locks, this value is always 0.
2126
2127              (8) The byte offset of the last byte of the lock.  EOF  in  this
2128                  field  means  that  the lock extends to the end of the file.
2129                  For BSD locks, the value shown is always EOF.
2130
2131              Since Linux 4.9, the list of locks shown in /proc/locks is  fil‐
2132              tered to show just the locks for the processes in the PID names‐
2133              pace (see pid_namespaces(7)) for which the /proc filesystem  was
2134              mounted.   (In  the initial PID namespace, there is no filtering
2135              of the records shown in this file.)
2136
2137              The lslocks(8) command provides a  bit  more  information  about
2138              each lock.
2139
2140       /proc/malloc (only up to and including Linux 2.2)
2141              This  file  is  present  only if CONFIG_DEBUG_MALLOC was defined
2142              during compilation.
2143
2144       /proc/meminfo
2145              This file reports statistics about memory usage on  the  system.
2146              It is used by free(1) to report the amount of free and used mem‐
2147              ory (both physical and swap) on the system as well as the shared
2148              memory  and  buffers  used by the kernel.  Each line of the file
2149              consists of a parameter name, followed by a colon, the value  of
2150              the  parameter,  and an option unit of measurement (e.g., "kB").
2151              The list below describes the  parameter  names  and  the  format
2152              specifier  required  to  read  the field value.  Except as noted
2153              below, all of the fields have been present since at least  Linux
2154              2.6.0.  Some fields are displayed only if the kernel was config‐
2155              ured with various options; those dependencies are noted  in  the
2156              list.
2157
2158              MemTotal %lu
2159                     Total usable RAM (i.e., physical RAM minus a few reserved
2160                     bits and the kernel binary code).
2161
2162              MemFree %lu
2163                     The sum of LowFree+HighFree.
2164
2165              MemAvailable %lu (since Linux 3.14)
2166                     An estimate of how much memory is available for  starting
2167                     new applications, without swapping.
2168
2169              Buffers %lu
2170                     Relatively  temporary  storage  for  raw disk blocks that
2171                     shouldn't get tremendously large (20MB or so).
2172
2173              Cached %lu
2174                     In-memory cache for files read from the  disk  (the  page
2175                     cache).  Doesn't include SwapCached.
2176
2177              SwapCached %lu
2178                     Memory  that once was swapped out, is swapped back in but
2179                     still also is in the swap file.  (If memory  pressure  is
2180                     high,  these  pages  don't  need  to be swapped out again
2181                     because they are already in the swap  file.   This  saves
2182                     I/O.)
2183
2184              Active %lu
2185                     Memory  that  has been used more recently and usually not
2186                     reclaimed unless absolutely necessary.
2187
2188              Inactive %lu
2189                     Memory which has been less recently  used.   It  is  more
2190                     eligible to be reclaimed for other purposes.
2191
2192              Active(anon) %lu (since Linux 2.6.28)
2193                     [To be documented.]
2194
2195              Inactive(anon) %lu (since Linux 2.6.28)
2196                     [To be documented.]
2197
2198              Active(file) %lu (since Linux 2.6.28)
2199                     [To be documented.]
2200
2201              Inactive(file) %lu (since Linux 2.6.28)
2202                     [To be documented.]
2203
2204              Unevictable %lu (since Linux 2.6.28)
2205                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was
2206                     required.)  [To be documented.]
2207
2208              Mlocked %lu (since Linux 2.6.28)
2209                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU  was
2210                     required.)  [To be documented.]
2211
2212              HighTotal %lu
2213                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2214                     Total amount of highmem.  Highmem  is  all  memory  above
2215                     ~860MB  of physical memory.  Highmem areas are for use by
2216                     user-space programs, or for the page cache.   The  kernel
2217                     must  use  tricks to access this memory, making it slower
2218                     to access than lowmem.
2219
2220              HighFree %lu
2221                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2222                     Amount of free highmem.
2223
2224              LowTotal %lu
2225                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2226                     Total amount of lowmem.  Lowmem is memory  which  can  be
2227                     used  for everything that highmem can be used for, but it
2228                     is also available for the kernel's use for its  own  data
2229                     structures.   Among many other things, it is where every‐
2230                     thing from Slab is allocated.   Bad  things  happen  when
2231                     you're out of lowmem.
2232
2233              LowFree %lu
2234                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2235                     Amount of free lowmem.
2236
2237              MmapCopy %lu (since Linux 2.6.29)
2238                     (CONFIG_MMU is required.)  [To be documented.]
2239
2240              SwapTotal %lu
2241                     Total amount of swap space available.
2242
2243              SwapFree %lu
2244                     Amount of swap space that is currently unused.
2245
2246              Dirty %lu
2247                     Memory which is waiting to get written back to the disk.
2248
2249              Writeback %lu
2250                     Memory which is actively being written back to the disk.
2251
2252              AnonPages %lu (since Linux 2.6.18)
2253                     Non-file backed pages mapped into user-space page tables.
2254
2255              Mapped %lu
2256                     Files which have been mapped into memory (with  mmap(2)),
2257                     such as libraries.
2258
2259              Shmem %lu (since Linux 2.6.32)
2260                     Amount of memory consumed in tmpfs(5) filesystems.
2261
2262              Slab %lu
2263                     In-kernel data structures cache.  (See slabinfo(5).)
2264
2265              SReclaimable %lu (since Linux 2.6.19)
2266                     Part of Slab, that might be reclaimed, such as caches.
2267
2268              SUnreclaim %lu (since Linux 2.6.19)
2269                     Part  of  Slab,  that cannot be reclaimed on memory pres‐
2270                     sure.
2271
2272              KernelStack %lu (since Linux 2.6.32)
2273                     Amount of memory allocated to kernel stacks.
2274
2275              PageTables %lu (since Linux 2.6.18)
2276                     Amount of memory dedicated to the lowest  level  of  page
2277                     tables.
2278
2279              Quicklists %lu (since Linux 2.6.27)
2280                     (CONFIG_QUICKLIST is required.)  [To be documented.]
2281
2282              NFS_Unstable %lu (since Linux 2.6.18)
2283                     NFS  pages  sent  to the server, but not yet committed to
2284                     stable storage.
2285
2286              Bounce %lu (since Linux 2.6.18)
2287                     Memory used for block device "bounce buffers".
2288
2289              WritebackTmp %lu (since Linux 2.6.26)
2290                     Memory used by FUSE for temporary writeback buffers.
2291
2292              CommitLimit %lu (since Linux 2.6.10)
2293                     This is the total amount of memory currently available to
2294                     be allocated on the system, expressed in kilobytes.  This
2295                     limit is adhered to only if strict overcommit  accounting
2296                     is  enabled  (mode  2 in /proc/sys/vm/overcommit_memory).
2297                     The  limit  is  calculated  according  to   the   formula
2298                     described under /proc/sys/vm/overcommit_memory.  For fur‐
2299                     ther details,  see  the  kernel  source  file  Documenta‐
2300                     tion/vm/overcommit-accounting.
2301
2302              Committed_AS %lu
2303                     The  amount  of memory presently allocated on the system.
2304                     The committed memory is a sum of all of the memory  which
2305                     has  been allocated by processes, even if it has not been
2306                     "used" by them as of yet.  A process which allocates  1GB
2307                     of  memory (using malloc(3) or similar), but touches only
2308                     300MB of that memory will show up as using only 300MB  of
2309                     memory even if it has the address space allocated for the
2310                     entire 1GB.
2311
2312                     This 1GB is memory which has been "committed" to  by  the
2313                     VM and can be used at any time by the allocating applica‐
2314                     tion.  With strict overcommit enabled on the system (mode
2315                     2  in  /proc/sys/vm/overcommit_memory), allocations which
2316                     would exceed the CommitLimit will not be permitted.  This
2317                     is  useful  if one needs to guarantee that processes will
2318                     not fail due to lack of memory once that memory has  been
2319                     successfully allocated.
2320
2321              VmallocTotal %lu
2322                     Total size of vmalloc memory area.
2323
2324              VmallocUsed %lu
2325                     Amount of vmalloc area which is used.
2326
2327              VmallocChunk %lu
2328                     Largest contiguous block of vmalloc area which is free.
2329
2330              HardwareCorrupted %lu (since Linux 2.6.32)
2331                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]
2332
2333              AnonHugePages %lu (since Linux 2.6.38)
2334                     (CONFIG_TRANSPARENT_HUGEPAGE   is   required.)   Non-file
2335                     backed huge pages mapped into user-space page tables.
2336
2337              ShmemHugePages %lu (since Linux 4.8)
2338                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)   Memory  used
2339                     by shared memory (shmem) and tmpfs(5) allocated with huge
2340                     pages
2341
2342              ShmemPmdMapped %lu (since Linux 4.8)
2343                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared memory
2344                     mapped into user space with huge pages.
2345
2346              CmaTotal %lu (since Linux 3.1)
2347                     Total  CMA  (Contiguous  Memory  Allocator) pages.  (CON‐
2348                     FIG_CMA is required.)
2349
2350              CmaFree %lu (since Linux 3.1)
2351                     Free CMA  (Contiguous  Memory  Allocator)  pages.   (CON‐
2352                     FIG_CMA is required.)
2353
2354              HugePages_Total %lu
2355                     (CONFIG_HUGETLB_PAGE  is required.)  The size of the pool
2356                     of huge pages.
2357
2358              HugePages_Free %lu
2359                     (CONFIG_HUGETLB_PAGE is required.)  The  number  of  huge
2360                     pages in the pool that are not yet allocated.
2361
2362              HugePages_Rsvd %lu (since Linux 2.6.17)
2363                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2364                     huge pages for which a commitment to  allocate  from  the
2365                     pool  has been made, but no allocation has yet been made.
2366                     These reserved huge pages guarantee that  an  application
2367                     will  be  able  to  allocate a huge page from the pool of
2368                     huge pages at fault time.
2369
2370              HugePages_Surp %lu (since Linux 2.6.24)
2371                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2372                     huge   pages   in   the   pool   above   the   value   in
2373                     /proc/sys/vm/nr_hugepages.  The maximum number of surplus
2374                     huge  pages  is  controlled  by  /proc/sys/vm/nr_overcom‐
2375                     mit_hugepages.
2376
2377              Hugepagesize %lu
2378                     (CONFIG_HUGETLB_PAGE is  required.)   The  size  of  huge
2379                     pages.
2380
2381              DirectMap4k %lu (since Linux 2.6.27)
2382                     Number  of  bytes of RAM linearly mapped by kernel in 4kB
2383                     pages.  (x86.)
2384
2385              DirectMap4M %lu (since Linux 2.6.27)
2386                     Number of bytes of RAM linearly mapped by kernel  in  4MB
2387                     pages.    (x86   with   CONFIG_X86_64  or  CONFIG_X86_PAE
2388                     enabled.)
2389
2390              DirectMap2M %lu (since Linux 2.6.27)
2391                     Number of bytes of RAM linearly mapped by kernel  in  2MB
2392                     pages.    (x86   with   neither  CONFIG_X86_64  nor  CON‐
2393                     FIG_X86_PAE enabled.)
2394
2395              DirectMap1G %lu (since Linux 2.6.27)
2396                     (x86  with  CONFIG_X86_64  and  CONFIG_X86_DIRECT_GBPAGES
2397                     enabled.)
2398
2399       /proc/modules
2400              A  text list of the modules that have been loaded by the system.
2401              See also lsmod(8).
2402
2403       /proc/mounts
2404              Before kernel 2.4.19, this file was a list of all  the  filesys‐
2405              tems  currently mounted on the system.  With the introduction of
2406              per-process mount namespaces in Linux 2.4.19  (see  mount_names‐
2407              paces(7)),  this  file became a link to /proc/self/mounts, which
2408              lists the mount points of the  process's  own  mount  namespace.
2409              The format of this file is documented in fstab(5).
2410
2411       /proc/mtrr
2412              Memory  Type  Range Registers.  See the Linux kernel source file
2413              Documentation/x86/mtrr.txt  (or  Documentation/mtrr.txt   before
2414              Linux 2.6.28) for details.
2415
2416       /proc/net
2417              This  directory  contains  various files and subdirectories con‐
2418              taining information about the networking layer.  The files  con‐
2419              tain  ASCII structures and are, therefore, readable with cat(1).
2420              However, the standard netstat(8)  suite  provides  much  cleaner
2421              access to these files.
2422
2423              With  the  advent  of  network  namespaces,  various information
2424              relating  to  the  network  stack  is  virtualized  (see  names‐
2425              paces(7)).   Thus,  since  Linux 2.6.25, /proc/net is a symbolic
2426              link to the directory /proc/self/net, which  contains  the  same
2427              files and directories as listed below.  However, these files and
2428              directories now expose information for the network namespace  of
2429              which the process is a member.
2430
2431       /proc/net/arp
2432              This  holds  an ASCII readable dump of the kernel ARP table used
2433              for address resolutions.  It will show both dynamically  learned
2434              and preprogrammed ARP entries.  The format is:
2435
2436       IP address     HW type   Flags     HW address          Mask   Device
2437       192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
2438       192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
2439
2440              Here "IP address" is the IPv4 address of the machine and the "HW
2441              type" is the hardware type of the  address  from  RFC 826.   The
2442              flags are the internal flags of the ARP structure (as defined in
2443              /usr/include/linux/if_arp.h) and the "HW address"  is  the  data
2444              link layer mapping for that IP address if it is known.
2445
2446       /proc/net/dev
2447              The  dev pseudo-file contains network device status information.
2448              This gives the number of received and sent packets,  the  number
2449              of  errors and collisions and other basic statistics.  These are
2450              used by the ifconfig(8) program to report  device  status.   The
2451              format is:
2452
2453 Inter-|   Receive                                                |  Transmit
2454  face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
2455     lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
2456   eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
2457   ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
2458   tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
2459
2460       /proc/net/dev_mcast
2461              Defined in /usr/src/linux/net/core/dev_mcast.c:
2462
2463                  indx interface_name  dmi_u dmi_g dmi_address
2464                  2    eth0            1     0     01005e000001
2465                  3    eth1            1     0     01005e000001
2466                  4    eth2            1     0     01005e000001
2467
2468       /proc/net/igmp
2469              Internet     Group     Management    Protocol.     Defined    in
2470              /usr/src/linux/net/core/igmp.c.
2471
2472       /proc/net/rarp
2473              This file uses the same format as the arp file and contains  the
2474              current reverse mapping database used to provide rarp(8) reverse
2475              address lookup services.  If RARP is  not  configured  into  the
2476              kernel, this file will not be present.
2477
2478       /proc/net/raw
2479              Holds  a  dump of the RAW socket table.  Much of the information
2480              is not of use apart from debugging.  The "sl" value is the  ker‐
2481              nel  hash  slot for the socket, the "local_address" is the local
2482              address and protocol number pair.  "St" is the  internal  status
2483              of  the  socket.  The "tx_queue" and "rx_queue" are the outgoing
2484              and incoming data queue in terms of kernel  memory  usage.   The
2485              "tr", "tm->when", and "rexmits" fields are not used by RAW.  The
2486              "uid" field holds the  effective  UID  of  the  creator  of  the
2487              socket.
2488
2489       /proc/net/snmp
2490              This file holds the ASCII data needed for the IP, ICMP, TCP, and
2491              UDP management information bases for an SNMP agent.
2492
2493       /proc/net/tcp
2494              Holds a dump of the TCP socket table.  Much of  the  information
2495              is  not of use apart from debugging.  The "sl" value is the ker‐
2496              nel hash slot for the socket, the "local_address" is  the  local
2497              address  and  port number pair.  The "rem_address" is the remote
2498              address and port number pair (if connected).  "St" is the inter‐
2499              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2500              outgoing and incoming data  queue  in  terms  of  kernel  memory
2501              usage.  The "tr", "tm->when", and "rexmits" fields hold internal
2502              information of the kernel socket state and are useful  only  for
2503              debugging.   The "uid" field holds the effective UID of the cre‐
2504              ator of the socket.
2505
2506       /proc/net/udp
2507              Holds a dump of the UDP socket table.  Much of  the  information
2508              is  not of use apart from debugging.  The "sl" value is the ker‐
2509              nel hash slot for the socket, the "local_address" is  the  local
2510              address  and  port number pair.  The "rem_address" is the remote
2511              address and port number pair (if connected).  "St" is the inter‐
2512              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2513              outgoing and incoming data  queue  in  terms  of  kernel  memory
2514              usage.   The "tr", "tm->when", and "rexmits" fields are not used
2515              by UDP.  The "uid" field holds the effective UID of the  creator
2516              of the socket.  The format is:
2517
2518 sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
2519  1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
2520  1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
2521  1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
2522
2523       /proc/net/unix
2524              Lists  the  UNIX  domain  sockets  present within the system and
2525              their status.  The format is:
2526
2527 Num RefCount Protocol Flags    Type St Path
2528  0: 00000002 00000000 00000000 0001 03
2529  1: 00000001 00000000 00010000 0001 01 /dev/printer
2530
2531              The fields are as follows:
2532
2533              Num:      the kernel table slot number.
2534
2535              RefCount: the number of users of the socket.
2536
2537              Protocol: currently always 0.
2538
2539              Flags:    the internal kernel flags holding the  status  of  the
2540                        socket.
2541
2542              Type:     the  socket  type.   For  SOCK_STREAM sockets, this is
2543                        0001; for SOCK_DGRAM sockets,  it  is  0002;  and  for
2544                        SOCK_SEQPACKET sockets, it is 0005.
2545
2546              St:       the internal state of the socket.
2547
2548              Path:     the bound path (if any) of the socket.  Sockets in the
2549                        abstract namespace are included in the list,  and  are
2550                        shown  with  a  Path that commences with the character
2551                        '@'.
2552
2553       /proc/net/netfilter/nfnetlink_queue
2554              This file contains information about netfilter user-space queue‐
2555              ing,  if  used.  Each line represents a queue.  Queues that have
2556              not been subscribed to by user space are not shown.
2557
2558                     1   4207     0  2 65535     0     0        0  1
2559                    (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
2560
2561              The fields in each line are:
2562
2563              (1)  The ID of the queue.  This matches what is specified in the
2564                   --queue-num  or  --queue-balance options to the iptables(8)
2565                   NFQUEUE target.  See iptables-extensions(8) for more infor‐
2566                   mation.
2567
2568              (2)  The netlink port ID subscribed to the queue.
2569
2570              (3)  The  number  of  packets currently queued and waiting to be
2571                   processed by the application.
2572
2573              (4)  The copy mode of the queue.  It is either 1 (metadata only)
2574                   or 2 (also copy payload data to user space).
2575
2576              (5)  Copy  range;  that  is,  how  many  bytes of packet payload
2577                   should be copied to user space at most.
2578
2579              (6)  queue dropped.  Number of packets that had to be dropped by
2580                   the kernel because too many packets are already waiting for
2581                   user space to send back the mandatory accept/drop verdicts.
2582
2583              (7)  queue user dropped.  Number of packets  that  were  dropped
2584                   within  the  netlink  subsystem.  Such drops usually happen
2585                   when the corresponding socket buffer is full; that is, user
2586                   space is not able to read messages fast enough.
2587
2588              (8)  sequence  number.  Every queued packet is associated with a
2589                   (32-bit) monotonically-increasing  sequence  number.   This
2590                   shows the ID of the most recent packet queued.
2591
2592              The  last  number  exists  only for compatibility reasons and is
2593              always 1.
2594
2595       /proc/partitions
2596              Contains the major and minor numbers of each partition  as  well
2597              as the number of 1024-byte blocks and the partition name.
2598
2599       /proc/pci
2600              This  is  a  listing of all PCI devices found during kernel ini‐
2601              tialization and their configuration.
2602
2603              This file has been deprecated in favor of a new /proc  interface
2604              for  PCI  (/proc/bus/pci).   It  became  optional  in  Linux 2.2
2605              (available with CONFIG_PCI_OLD_PROC set at kernel  compilation).
2606              It  became  once more nonoptionally enabled in Linux 2.4.  Next,
2607              it was deprecated  in  Linux  2.6  (still  available  with  CON‐
2608              FIG_PCI_LEGACY_PROC  set),  and finally removed altogether since
2609              Linux 2.6.17.
2610
2611       /proc/profile (since Linux 2.4)
2612              This file is present only if the kernel was booted with the pro‐
2613              file=1  command-line option.  It exposes kernel profiling infor‐
2614              mation in a binary format for use  by  readprofile(1).   Writing
2615              (e.g.,  an empty string) to this file resets the profiling coun‐
2616              ters; on some architectures, writing a binary integer "profiling
2617              multiplier"  of  size  sizeof(int)  sets the profiling interrupt
2618              frequency.
2619
2620       /proc/scsi
2621              A directory with the scsi mid-level pseudo-file and various SCSI
2622              low-level driver directories, which contain a file for each SCSI
2623              host in this system, all of which give the status of  some  part
2624              of  the SCSI IO subsystem.  These files contain ASCII structures
2625              and are, therefore, readable with cat(1).
2626
2627              You can also write to some of the files to reconfigure the  sub‐
2628              system or switch certain features on or off.
2629
2630       /proc/scsi/scsi
2631              This  is a listing of all SCSI devices known to the kernel.  The
2632              listing is similar to the one seen  during  bootup.   scsi  cur‐
2633              rently  supports only the add-single-device command which allows
2634              root to add a hotplugged device to the list of known devices.
2635
2636              The command
2637
2638                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
2639
2640              will cause host scsi1 to scan on SCSI channel 0 for a device  on
2641              ID  5 LUN 0.  If there is already a device known on this address
2642              or the address is invalid, an error will be returned.
2643
2644       /proc/scsi/[drivername]
2645              [drivername]  can  currently  be  NCR53c7xx,  aha152x,  aha1542,
2646              aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000,
2647              pas16, qlogic, scsi_debug, seagate, t128,  u15-24f,  ultrastore,
2648              or  wd7000.  These directories show up for all drivers that reg‐
2649              istered at least one SCSI HBA.   Every  directory  contains  one
2650              file  per  registered  host.  Every host-file is named after the
2651              number the host was assigned during initialization.
2652
2653              Reading these files will usually show driver and host configura‐
2654              tion, statistics, and so on.
2655
2656              Writing  to  these  files  allows  different things on different
2657              hosts.  For example, with the latency  and  nolatency  commands,
2658              root  can  switch on and off command latency measurement code in
2659              the eata_dma driver.  With the lockup and unlock commands,  root
2660              can control bus lockups simulated by the scsi_debug driver.
2661
2662       /proc/self
2663              This  directory  refers  to  the  process  accessing  the  /proc
2664              filesystem, and is identical to the /proc directory named by the
2665              process ID of the same process.
2666
2667       /proc/slabinfo
2668              Information about kernel caches.  See slabinfo(5) for details.
2669
2670       /proc/stat
2671              kernel/system  statistics.   Varies  with  architecture.  Common
2672              entries include:
2673
2674              cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
2675              cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
2676                     The  amount  of  time,  measured  in  units  of   USER_HZ
2677                     (1/100ths   of   a  second  on  most  architectures,  use
2678                     sysconf(_SC_CLK_TCK) to obtain the right value), that the
2679                     system  ("cpu"  line)  or  the specific CPU ("cpuN" line)
2680                     spent in various states:
2681
2682                     user   (1) Time spent in user mode.
2683
2684                     nice   (2) Time spent in  user  mode  with  low  priority
2685                            (nice).
2686
2687                     system (3) Time spent in system mode.
2688
2689                     idle   (4)  Time  spent  in  the  idle  task.  This value
2690                            should be USER_HZ times the second  entry  in  the
2691                            /proc/uptime pseudo-file.
2692
2693                     iowait (since Linux 2.5.41)
2694                            (5)  Time waiting for I/O to complete.  This value
2695                            is not reliable, for the following reasons:
2696
2697                            1. The CPU will not  wait  for  I/O  to  complete;
2698                               iowait  is  the time that a task is waiting for
2699                               I/O to complete.  When a  CPU  goes  into  idle
2700                               state  for  outstanding  task I/O, another task
2701                               will be scheduled on this CPU.
2702
2703                            2. On a multi-core CPU, the task waiting  for  I/O
2704                               to  complete  is not running on any CPU, so the
2705                               iowait of each CPU is difficult to calculate.
2706
2707                            3. The value in this field may decrease in certain
2708                               conditions.
2709
2710                     irq (since Linux 2.6.0-test4)
2711                            (6) Time servicing interrupts.
2712
2713                     softirq (since Linux 2.6.0-test4)
2714                            (7) Time servicing softirqs.
2715
2716                     steal (since Linux 2.6.11)
2717                            (8)  Stolen time, which is the time spent in other
2718                            operating systems when running  in  a  virtualized
2719                            environment
2720
2721                     guest (since Linux 2.6.24)
2722                            (9)  Time  spent  running  a virtual CPU for guest
2723                            operating systems under the control of  the  Linux
2724                            kernel.
2725
2726                     guest_nice (since Linux 2.6.33)
2727                            (10) Time spent running a niced guest (virtual CPU
2728                            for guest operating systems under the  control  of
2729                            the Linux kernel).
2730
2731              page 5741 1808
2732                     The  number  of  pages the system paged in and the number
2733                     that were paged out (from disk).
2734
2735              swap 1 0
2736                     The number of swap pages that have been  brought  in  and
2737                     out.
2738
2739              intr 1462898
2740                     This  line shows counts of interrupts serviced since boot
2741                     time, for each of the possible  system  interrupts.   The
2742                     first  column  is  the  total  of all interrupts serviced
2743                     including unnumbered  architecture  specific  interrupts;
2744                     each  subsequent  column is the total for that particular
2745                     numbered interrupt.  Unnumbered interrupts are not shown,
2746                     only summed into the total.
2747
2748              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
2749                     (major,disk_idx):(noinfo,     read_io_ops,     blks_read,
2750                     write_io_ops, blks_written)
2751                     (Linux 2.4 only)
2752
2753              ctxt 115315
2754                     The number of context switches that the system underwent.
2755
2756              btime 769041601
2757                     boot  time,  in  seconds  since  the  Epoch,   1970-01-01
2758                     00:00:00 +0000 (UTC).
2759
2760              processes 86031
2761                     Number of forks since boot.
2762
2763              procs_running 6
2764                     Number  of  processes  in  runnable state.  (Linux 2.5.45
2765                     onward.)
2766
2767              procs_blocked 2
2768                     Number of processes blocked waiting for I/O to  complete.
2769                     (Linux 2.5.45 onward.)
2770
2771              softirq  229245889 94 60001584 13619 5175704 2471304 28 51212741
2772              59130143 0 51240672
2773                     This line shows the number of softirq for all CPUs.   The
2774                     first column is the total of all softirqs and each subse‐
2775                     quent column is the total for particular softirq.  (Linux
2776                     2.6.31 onward.)
2777
2778       /proc/swaps
2779              Swap areas in use.  See also swapon(8).
2780
2781       /proc/sys
2782              This directory (present since 1.3.57) contains a number of files
2783              and subdirectories corresponding  to  kernel  variables.   These
2784              variables  can  be  read  and sometimes modified using the /proc
2785              filesystem, and the (deprecated) sysctl(2) system call.
2786
2787              String values may be terminated by either '\0' or '\n'.
2788
2789              Integer and long values may be written either in decimal  or  in
2790              hexadecimal notation (e.g. 0x3FFF).  When writing multiple inte‐
2791              ger or long values, these may be separated by any of the follow‐
2792              ing whitespace characters: ' ', '\t', or '\n'.  Using other sep‐
2793              arators leads to the error EINVAL.
2794
2795       /proc/sys/abi (since Linux 2.4.10)
2796              This directory may contain files with application binary  infor‐
2797              mation.    See   the   Linux   kernel   source  file  Documenta‐
2798              tion/sysctl/abi.txt for more information.
2799
2800       /proc/sys/debug
2801              This directory may be empty.
2802
2803       /proc/sys/dev
2804              This  directory  contains  device-specific  information   (e.g.,
2805              dev/cdrom/info).  On some systems, it may be empty.
2806
2807       /proc/sys/fs
2808              This  directory contains the files and subdirectories for kernel
2809              variables related to filesystems.
2810
2811       /proc/sys/fs/binfmt_misc
2812              Documentation for files in this directory can be  found  in  the
2813              Linux   kernel   source   in   the   file   Documentation/admin-
2814              guide/binfmt-misc.rst (or  in  Documentation/binfmt_misc.txt  on
2815              older kernels).
2816
2817       /proc/sys/fs/dentry-state (since Linux 2.2)
2818              This file contains information about the status of the directory
2819              cache (dcache).   The  file  contains  six  numbers,  nr_dentry,
2820              nr_unused,   age_limit   (age  in  seconds),  want_pages  (pages
2821              requested by system) and two dummy values.
2822
2823              * nr_dentry  is  the  number  of  allocated   dentries   (dcache
2824                entries).  This field is unused in Linux 2.2.
2825
2826              * nr_unused is the number of unused dentries.
2827
2828              * age_limit is the age in seconds after which dcache entries can
2829                be reclaimed when memory is short.
2830
2831              * want_pages   is   nonzero   when   the   kernel   has   called
2832                shrink_dcache_pages() and the dcache isn't pruned yet.
2833
2834       /proc/sys/fs/dir-notify-enable
2835              This file can be used to disable or enable the dnotify interface
2836              described in fcntl(2) on a system-wide basis.  A value of  0  in
2837              this file disables the interface, and a value of 1 enables it.
2838
2839       /proc/sys/fs/dquot-max
2840              This file shows the maximum number of cached disk quota entries.
2841              On some (2.4) systems, it is not present.  If the number of free
2842              cached  disk quota entries is very low and you have some awesome
2843              number of simultaneous system users, you might want to raise the
2844              limit.
2845
2846       /proc/sys/fs/dquot-nr
2847              This  file  shows the number of allocated disk quota entries and
2848              the number of free disk quota entries.
2849
2850       /proc/sys/fs/epoll (since Linux 2.6.28)
2851              This directory contains the file max_user_watches, which can  be
2852              used  to limit the amount of kernel memory consumed by the epoll
2853              interface.  For further details, see epoll(7).
2854
2855       /proc/sys/fs/file-max
2856              This file defines a system-wide limit  on  the  number  of  open
2857              files for all processes.  System calls that fail when encounter‐
2858              ing this limit fail with the  error  ENFILE.   (See  also  setr‐
2859              limit(2),  which can be used by a process to set the per-process
2860              limit, RLIMIT_NOFILE, on the number of files it may  open.)   If
2861              you  get  lots of error messages in the kernel log about running
2862              out of file handles (look  for  "VFS:  file-max  limit  <number>
2863              reached"), try increasing this value:
2864
2865                  echo 100000 > /proc/sys/fs/file-max
2866
2867              Privileged  processes  (CAP_SYS_ADMIN) can override the file-max
2868              limit.
2869
2870       /proc/sys/fs/file-nr
2871              This (read-only) file contains  three  numbers:  the  number  of
2872              allocated  file  handles  (i.e.,  the  number of files presently
2873              opened); the number of free file handles; and the maximum number
2874              of file handles (i.e., the same value as /proc/sys/fs/file-max).
2875              If the number of allocated file handles is close to the maximum,
2876              you  should  consider increasing the maximum.  Before Linux 2.6,
2877              the kernel allocated file handles  dynamically,  but  it  didn't
2878              free  them  again.  Instead the free file handles were kept in a
2879              list for reallocation; the "free file handles"  value  indicates
2880              the  size  of  that  list.   A large number of free file handles
2881              indicates that there was a past peak in the usage of  open  file
2882              handles.  Since Linux 2.6, the kernel does deallocate freed file
2883              handles, and the "free file handles" value is always zero.
2884
2885       /proc/sys/fs/inode-max (only present until Linux 2.2)
2886              This file contains the maximum number of in-memory inodes.  This
2887              value  should  be  3–4  times larger than the value in file-max,
2888              since stdin, stdout and network sockets also need  an  inode  to
2889              handle  them.  When you regularly run out of inodes, you need to
2890              increase this value.
2891
2892              Starting with Linux 2.4, there is no longer a  static  limit  on
2893              the number of inodes, and this file is removed.
2894
2895       /proc/sys/fs/inode-nr
2896              This file contains the first two values from inode-state.
2897
2898       /proc/sys/fs/inode-state
2899              This  file  contains  seven  numbers: nr_inodes, nr_free_inodes,
2900              preshrink, and four dummy values (always zero).
2901
2902              nr_inodes is the number of  inodes  the  system  has  allocated.
2903              nr_free_inodes represents the number of free inodes.
2904
2905              preshrink is nonzero when the nr_inodes > inode-max and the sys‐
2906              tem needs to prune the inode list instead  of  allocating  more;
2907              since Linux 2.4, this field is a dummy value (always zero).
2908
2909       /proc/sys/fs/inotify (since Linux 2.6.13)
2910              This     directory     contains     files     max_queued_events,
2911              max_user_instances, and max_user_watches, that can  be  used  to
2912              limit the amount of kernel memory consumed by the inotify inter‐
2913              face.  For further details, see inotify(7).
2914
2915       /proc/sys/fs/lease-break-time
2916              This file specifies the grace period that the kernel grants to a
2917              process holding a file lease (fcntl(2)) after it has sent a sig‐
2918              nal to that process notifying it that another process is waiting
2919              to  open the file.  If the lease holder does not remove or down‐
2920              grade the lease within this grace period,  the  kernel  forcibly
2921              breaks the lease.
2922
2923       /proc/sys/fs/leases-enable
2924              This  file  can  be  used  to  enable  or  disable  file  leases
2925              (fcntl(2)) on a system-wide basis.  If this  file  contains  the
2926              value 0, leases are disabled.  A nonzero value enables leases.
2927
2928       /proc/sys/fs/mount-max (since Linux 4.9)
2929              The  value  in  this file specifies the maximum number of mounts
2930              that may exist in a mount namespace.  The default value in  this
2931              file is 100,000.
2932
2933       /proc/sys/fs/mqueue (since Linux 2.6.6)
2934              This   directory   contains   files  msg_max,  msgsize_max,  and
2935              queues_max, controlling the  resources  used  by  POSIX  message
2936              queues.  See mq_overview(7) for details.
2937
2938       /proc/sys/fs/nr_open (since Linux 2.6.25)
2939              This   file   imposes   ceiling   on  the  value  to  which  the
2940              RLIMIT_NOFILE resource limit can be raised  (see  getrlimit(2)).
2941              This  ceiling  is  enforced for both unprivileged and privileged
2942              process.  The default value in this file  is  1048576.   (Before
2943              Linux  2.6.25,  the  ceiling for RLIMIT_NOFILE was hard-coded to
2944              the same value.)
2945
2946       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
2947              These files allow you to change the value of the fixed  UID  and
2948              GID.   The  default  is  65534.   Some  filesystems support only
2949              16-bit UIDs and GIDs, although in Linux UIDs  and  GIDs  are  32
2950              bits.   When  one  of  these  filesystems is mounted with writes
2951              enabled, any UID or GID that would exceed 65535 is translated to
2952              the overflow value before being written to disk.
2953
2954       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
2955              See pipe(7).
2956
2957       /proc/sys/fs/pipe-user-pages-hard (since Linux 4.5)
2958              See pipe(7).
2959
2960       /proc/sys/fs/pipe-user-pages-soft (since Linux 4.5)
2961              See pipe(7).
2962
2963       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
2964              When  the value in this file is 0, no restrictions are placed on
2965              the creation of hard links (i.e., this is the historical  behav‐
2966              ior before Linux 3.6).  When the value in this file is 1, a hard
2967              link can be created to a target file only if one of the  follow‐
2968              ing conditions is true:
2969
2970              *  The calling process has the CAP_FOWNER capability in its user
2971                 namespace and the file UID has a mapping in the namespace.
2972
2973              *  The filesystem UID of the process creating the  link  matches
2974                 the  owner  (UID) of the target file (as described in creden‐
2975                 tials(7), a process's filesystem UID is normally the same  as
2976                 its effective UID).
2977
2978              *  All of the following conditions are true:
2979
2980                  ·  the target is a regular file;
2981
2982                  ·  the  target  file  does not have its set-user-ID mode bit
2983                     enabled;
2984
2985                  ·  the target file does not have both its  set-group-ID  and
2986                     group-executable mode bits enabled; and
2987
2988                  ·  the  caller  has  permission to read and write the target
2989                     file (either via the file's permissions mask  or  because
2990                     it has suitable capabilities).
2991
2992              The  default  value  in  this file is 0.  Setting the value to 1
2993              prevents a longstanding class of security issues caused by hard-
2994              link-based  time-of-check, time-of-use races, most commonly seen
2995              in world-writable directories such as /tmp.  The  common  method
2996              of  exploiting  this  flaw is to cross privilege boundaries when
2997              following a given hard link (i.e., a root process follows a hard
2998              link created by another user).  Additionally, on systems without
2999              separated partitions, this stops unauthorized users  from  "pin‐
3000              ning"  vulnerable  set-user-ID  and  set-group-ID  files against
3001              being upgraded by  the  administrator,  or  linking  to  special
3002              files.
3003
3004       /proc/sys/fs/protected_symlinks (since Linux 3.6)
3005              When  the value in this file is 0, no restrictions are placed on
3006              following symbolic links (i.e., this is the historical  behavior
3007              before  Linux  3.6).  When the value in this file is 1, symbolic
3008              links are followed only in the following circumstances:
3009
3010              *  the filesystem UID of the process following the link  matches
3011                 the owner (UID) of the symbolic link (as described in creden‐
3012                 tials(7), a process's filesystem UID is normally the same  as
3013                 its effective UID);
3014
3015              *  the link is not in a sticky world-writable directory; or
3016
3017              *  the  symbolic  link  and  its  parent directory have the same
3018                 owner (UID)
3019
3020              A system call that fails to follow a symbolic  link  because  of
3021              the above restrictions returns the error EACCES in errno.
3022
3023              The  default  value  in  this file is 0.  Setting the value to 1
3024              avoids a longstanding class of security issues based on time-of-
3025              check, time-of-use races when accessing symbolic links.
3026
3027       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
3028              The  value  in  this  file is assigned to a process's "dumpable"
3029              flag in the circumstances described in prctl(2).  In effect, the
3030              value  in  this file determines whether core dump files are pro‐
3031              duced for set-user-ID or otherwise  protected/tainted  binaries.
3032              The  "dumpable" setting also affects the ownership of files in a
3033              process's /proc/[pid] directory, as described above.
3034
3035              Three different integer values can be specified:
3036
3037              0 (default)
3038                     This provides the traditional (pre-Linux  2.6.13)  behav‐
3039                     ior.   A  core  dump  will  not be produced for a process
3040                     which has changed  credentials  (by  calling  seteuid(2),
3041                     setgid(2),  or  similar, or by executing a set-user-ID or
3042                     set-group-ID program) or whose binary does not have  read
3043                     permission enabled.
3044
3045              1 ("debug")
3046                     All  processes  dump  core when possible.  (Reasons why a
3047                     process might nevertheless not dump core are described in
3048                     core(5).)   The core dump is owned by the filesystem user
3049                     ID of the dumping process and  no  security  is  applied.
3050                     This  is  intended  for system debugging situations only:
3051                     this mode is  insecure  because  it  allows  unprivileged
3052                     users  to  examine the memory contents of privileged pro‐
3053                     cesses.
3054
3055              2 ("suidsafe")
3056                     Any binary which normally would not be  dumped  (see  "0"
3057                     above)  is dumped readable by root only.  This allows the
3058                     user to remove the core dump file but  not  to  read  it.
3059                     For  security  reasons  core  dumps in this mode will not
3060                     overwrite one another  or  other  files.   This  mode  is
3061                     appropriate  when  administrators are attempting to debug
3062                     problems in a normal environment.
3063
3064                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pat‐
3065                     tern  must  either be an absolute pathname or a pipe com‐
3066                     mand, as detailed in core(5).  Warnings will  be  written
3067                     to  the  kernel log if core_pattern does not follow these
3068                     rules, and no core dump will be produced.
3069
3070              For details of the effect of a process's "dumpable"  setting  on
3071              ptrace access mode checking, see ptrace(2).
3072
3073       /proc/sys/fs/super-max
3074              This  file  controls the maximum number of superblocks, and thus
3075              the maximum number of mounted filesystems the kernel  can  have.
3076              You  need  increase  only  super-max  if  you need to mount more
3077              filesystems than the current value in super-max allows you to.
3078
3079       /proc/sys/fs/super-nr
3080              This file contains the number of filesystems currently mounted.
3081
3082       /proc/sys/kernel
3083              This directory contains files  controlling  a  range  of  kernel
3084              parameters, as described below.
3085
3086       /proc/sys/kernel/acct
3087              This  file contains three numbers: highwater, lowwater, and fre‐
3088              quency.  If BSD-style process accounting is enabled, these  val‐
3089              ues control its behavior.  If free space on filesystem where the
3090              log lives goes below lowwater percent, accounting suspends.   If
3091              free  space  gets  above  highwater percent, accounting resumes.
3092              frequency determines how often the kernel checks the  amount  of
3093              free  space  (value is in seconds).  Default values are 4, 2 and
3094              30.  That is, suspend accounting if 2% or less  space  is  free;
3095              resume  it  if  4%  or  more space is free; consider information
3096              about amount of free space valid for 30 seconds.
3097
3098       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
3099              From Linux 2.6.27 to 3.18, this file was used to control  recom‐
3100              puting of the value in /proc/sys/kernel/msgmni upon the addition
3101              or removal of memory or  upon  IPC  namespace  creation/removal.
3102              Echoing  "1" into this file enabled msgmni automatic recomputing
3103              (and triggered a recomputation of msgmni based  on  the  current
3104              amount of available memory and number of IPC namespaces).  Echo‐
3105              ing "0" disabled automatic recomputing.  (Automatic  recomputing
3106              was  also  disabled  if  a  value  was  explicitly  assigned  to
3107              /proc/sys/kernel/msgmni.)  The default value in auto_msgmni  was
3108              1.
3109
3110              Since  Linux  3.19,  the  content  of  this  file  has no effect
3111              (because msgmni defaults to near the  maximum  value  possible),
3112              and reads from this file always return the value "0".
3113
3114       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
3115              See capabilities(7).
3116
3117       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
3118              This  file holds the value of the kernel capability bounding set
3119              (expressed as a signed  decimal  number).   This  set  is  ANDed
3120              against   the   capabilities   permitted  to  a  process  during
3121              execve(2).  Starting with Linux 2.6.25, the system-wide capabil‐
3122              ity  bounding  set disappeared, and was replaced by a per-thread
3123              bounding set; see capabilities(7).
3124
3125       /proc/sys/kernel/core_pattern
3126              See core(5).
3127
3128       /proc/sys/kernel/core_pipe_limit
3129              See core(5).
3130
3131       /proc/sys/kernel/core_uses_pid
3132              See core(5).
3133
3134       /proc/sys/kernel/ctrl-alt-del
3135              This file controls the handling of Ctrl-Alt-Del  from  the  key‐
3136              board.   When  the  value  in  this  file  is 0, Ctrl-Alt-Del is
3137              trapped and sent to the init(1) program  to  handle  a  graceful
3138              restart.   When the value is greater than zero, Linux's reaction
3139              to a Vulcan Nerve Pinch (tm) will be an immediate reboot,  with‐
3140              out  even syncing its dirty buffers.  Note: when a program (like
3141              dosemu) has the keyboard in  "raw"  mode,  the  ctrl-alt-del  is
3142              intercepted by the program before it ever reaches the kernel tty
3143              layer, and it's up to the program to decide what to do with it.
3144
3145       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
3146              The value in this file determines who can see kernel syslog con‐
3147              tents.   A  value of 0 in this file imposes no restrictions.  If
3148              the value is 1, only privileged users can read the  kernel  sys‐
3149              log.   (See  syslog(2) for more details.)  Since Linux 3.4, only
3150              users with the CAP_SYS_ADMIN capability may change the value  in
3151              this file.
3152
3153       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
3154              can  be  used  to  set the NIS/YP domainname and the hostname of
3155              your box in exactly the same way as the  commands  domainname(1)
3156              and hostname(1), that is:
3157
3158                  # echo 'darkstar' > /proc/sys/kernel/hostname
3159                  # echo 'mydomain' > /proc/sys/kernel/domainname
3160
3161              has the same effect as
3162
3163                  # hostname 'darkstar'
3164                  # domainname 'mydomain'
3165
3166              Note,  however, that the classic darkstar.frop.org has the host‐
3167              name "darkstar" and DNS (Internet Domain Name Server) domainname
3168              "frop.org", not to be confused with the NIS (Network Information
3169              Service) or YP (Yellow  Pages)  domainname.   These  two  domain
3170              names  are  in general different.  For a detailed discussion see
3171              the hostname(1) man page.
3172
3173       /proc/sys/kernel/hotplug
3174              This file contains the path for the hotplug policy  agent.   The
3175              default value in this file is /sbin/hotplug.
3176
3177       /proc/sys/kernel/htab-reclaim (before Linux 2.4.9.2)
3178              (PowerPC  only) If this file is set to a nonzero value, the Pow‐
3179              erPC htab (see kernel  file  Documentation/powerpc/ppc_htab.txt)
3180              is pruned each time the system hits the idle loop.
3181
3182       /proc/sys/kernel/keys/*
3183              This directory contains various files that define parameters and
3184              limits  for  the  key-management  facility.   These  files   are
3185              described in keyrings(7).
3186
3187       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
3188              The  value  in this file determines whether kernel addresses are
3189              exposed via /proc files and other interfaces.  A value of  0  in
3190              this  file  imposes  no restrictions.  If the value is 1, kernel
3191              pointers printed using the %pK format specifier will be replaced
3192              with  zeros  unless  the user has the CAP_SYSLOG capability.  If
3193              the value is 2, kernel pointers printed  using  the  %pK  format
3194              specifier  will  be replaced with zeros regardless of the user's
3195              capabilities.  The initial default value for this  file  was  1,
3196              but  the  default was changed to 0 in Linux 2.6.39.  Since Linux
3197              3.4, only users with the CAP_SYS_ADMIN capability can change the
3198              value in this file.
3199
3200       /proc/sys/kernel/l2cr
3201              (PowerPC  only)  This  file contains a flag that controls the L2
3202              cache of G3 processor boards.  If  0,  the  cache  is  disabled.
3203              Enabled if nonzero.
3204
3205       /proc/sys/kernel/modprobe
3206              This  file  contains the path for the kernel module loader.  The
3207              default value is /sbin/modprobe.  The file is  present  only  if
3208              the  kernel  is  built  with  the CONFIG_MODULES (CONFIG_KMOD in
3209              Linux 2.6.26 and earlier) option enabled.  It  is  described  by
3210              the  Linux  kernel  source  file Documentation/kmod.txt (present
3211              only in kernel 2.4 and earlier).
3212
3213       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
3214              A toggle value indicating if modules are allowed to be loaded in
3215              an  otherwise  modular kernel.  This toggle defaults to off (0),
3216              but can be set true (1).  Once  true,  modules  can  be  neither
3217              loaded nor unloaded, and the toggle cannot be set back to false.
3218              The file is present only if the kernel is built  with  the  CON‐
3219              FIG_MODULES option enabled.
3220
3221       /proc/sys/kernel/msgmax (since Linux 2.2)
3222              This  file  defines  a  system-wide limit specifying the maximum
3223              number of bytes in a single message written on a System  V  mes‐
3224              sage queue.
3225
3226       /proc/sys/kernel/msgmni (since Linux 2.4)
3227              This file defines the system-wide limit on the number of message
3228              queue identifiers.  See also /proc/sys/kernel/auto_msgmni.
3229
3230       /proc/sys/kernel/msgmnb (since Linux 2.2)
3231              This file defines a system-wide parameter used to initialize the
3232              msg_qbytes setting for subsequently created message queues.  The
3233              msg_qbytes setting specifies the maximum number  of  bytes  that
3234              may be written to the message queue.
3235
3236       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
3237              This  is  a  read-only file that displays the upper limit on the
3238              number of a process's group memberships.
3239
3240       /proc/sys/kernel/ns_last_pid (since Linux 3.3)
3241              See pid_namespaces(7).
3242
3243       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
3244              These files give substrings of /proc/version.
3245
3246       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
3247              These files duplicate  the  files  /proc/sys/fs/overflowgid  and
3248              /proc/sys/fs/overflowuid.
3249
3250       /proc/sys/kernel/panic
3251              This  file  gives  read/write  access  to  the  kernel  variable
3252              panic_timeout.  If this is zero,  the  kernel  will  loop  on  a
3253              panic;  if  nonzero, it indicates that the kernel should autore‐
3254              boot after this number of seconds.  When you  use  the  software
3255              watchdog device driver, the recommended setting is 60.
3256
3257       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
3258              This  file controls the kernel's behavior when an oops or BUG is
3259              encountered.  If this file contains 0, then the system tries  to
3260              continue  operation.  If it contains 1, then the system delays a
3261              few seconds (to give klogd time to record the oops  output)  and
3262              then   panics.   If  the  /proc/sys/kernel/panic  file  is  also
3263              nonzero, then the machine will be rebooted.
3264
3265       /proc/sys/kernel/pid_max (since Linux 2.5.34)
3266              This file specifies the value at which PIDs wrap  around  (i.e.,
3267              the  value  in  this  file is one greater than the maximum PID).
3268              PIDs greater than this value are not allocated; thus, the  value
3269              in  this file also acts as a system-wide limit on the total num‐
3270              ber of processes and threads.  The default value for this  file,
3271              32768,  results in the same range of PIDs as on earlier kernels.
3272              On 32-bit platforms, 32768 is the maximum value for pid_max.  On
3273              64-bit  systems,  pid_max  can  be  set  to any value up to 2^22
3274              (PID_MAX_LIMIT, approximately 4 million).
3275
3276       /proc/sys/kernel/powersave-nap (PowerPC only)
3277              This file contains a flag.  If set, Linux-PPC will use the "nap"
3278              mode of powersaving, otherwise the "doze" mode will be used.
3279
3280       /proc/sys/kernel/printk
3281              See syslog(2).
3282
3283       /proc/sys/kernel/pty (since Linux 2.6.4)
3284              This directory contains two files relating to the number of UNIX
3285              98 pseudoterminals (see pts(4)) on the system.
3286
3287       /proc/sys/kernel/pty/max
3288              This file defines the maximum number of pseudoterminals.
3289
3290       /proc/sys/kernel/pty/nr
3291              This read-only file indicates how many pseudoterminals are  cur‐
3292              rently in use.
3293
3294       /proc/sys/kernel/random
3295              This directory contains various parameters controlling the oper‐
3296              ation of the file /dev/random.  See random(4) for further infor‐
3297              mation.
3298
3299       /proc/sys/kernel/random/uuid (since Linux 2.4)
3300              Each  read from this read-only file returns a randomly generated
3301              128-bit UUID, as a string in the standard UUID format.
3302
3303       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
3304              Select the address space layout randomization (ASLR) policy  for
3305              the  system  (on architectures that support ASLR).  Three values
3306              are supported for this file:
3307
3308              0  Turn ASLR off.  This is the default  for  architectures  that
3309                 don't  support  ASLR,  and when the kernel is booted with the
3310                 norandmaps parameter.
3311
3312              1  Make the addresses of mmap(2) allocations, the stack, and the
3313                 VDSO  page  randomized.   Among other things, this means that
3314                 shared libraries will be loaded at randomized addresses.  The
3315                 text  segment of PIE-linked binaries will also be loaded at a
3316                 randomized address.  This value is the default if the  kernel
3317                 was configured with CONFIG_COMPAT_BRK.
3318
3319              2  (Since  Linux  2.6.25) Also support heap randomization.  This
3320                 value is the default if the kernel was  not  configured  with
3321                 CONFIG_COMPAT_BRK.
3322
3323       /proc/sys/kernel/real-root-dev
3324              This file is documented in the Linux kernel source file Documen‐
3325              tation/admin-guide/initrd.rst    (or    Documentation/initrd.txt
3326              before Linux 4.10).
3327
3328       /proc/sys/kernel/reboot-cmd (Sparc only)
3329              This  file  seems  to  be a way to give an argument to the SPARC
3330              ROM/Flash boot loader.  Maybe  to  tell  it  what  to  do  after
3331              rebooting?
3332
3333       /proc/sys/kernel/rtsig-max
3334              (Only  in  kernels  up to and including 2.6.7; see setrlimit(2))
3335              This file can be used to tune the maximum number of POSIX  real-
3336              time (queued) signals that can be outstanding in the system.
3337
3338       /proc/sys/kernel/rtsig-nr
3339              (Only  in  kernels  up to and including 2.6.7.)  This file shows
3340              the number of POSIX real-time signals currently queued.
3341
3342       /proc/[pid]/sched_autogroup_enabled (since Linux 2.6.38)
3343              See sched(7).
3344
3345       /proc/sys/kernel/sched_child_runs_first (since Linux 2.6.23)
3346              If this file contains the value zero, then, after a fork(2), the
3347              parent  is  first  scheduled on the CPU.  If the file contains a
3348              nonzero value, then the child is scheduled  first  on  the  CPU.
3349              (Of course, on a multiprocessor system, the parent and the child
3350              might both immediately be scheduled on a CPU.)
3351
3352       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
3353              See sched_rr_get_interval(2).
3354
3355       /proc/sys/kernel/sched_rt_period_us (since Linux 2.6.25)
3356              See sched(7).
3357
3358       /proc/sys/kernel/sched_rt_runtime_us (since Linux 2.6.25)
3359              See sched(7).
3360
3361       /proc/sys/kernel/seccomp (since Linux 4.14)
3362              This directory provides additional seccomp information and  con‐
3363              figuration.  See seccomp(2) for further details.
3364
3365       /proc/sys/kernel/sem (since Linux 2.4)
3366              This  file  contains  4 numbers defining limits for System V IPC
3367              semaphores.  These fields are, in order:
3368
3369              SEMMSL  The maximum semaphores per semaphore set.
3370
3371              SEMMNS  A system-wide limit on the number of semaphores  in  all
3372                      semaphore sets.
3373
3374              SEMOPM  The  maximum  number of operations that may be specified
3375                      in a semop(2) call.
3376
3377              SEMMNI  A system-wide limit on the maximum number  of  semaphore
3378                      identifiers.
3379
3380       /proc/sys/kernel/sg-big-buff
3381              This file shows the size of the generic SCSI device (sg) buffer.
3382              You can't tune it just yet, but you could change it  at  compile
3383              time  by  editing  include/scsi/sg.h  and  changing the value of
3384              SG_BIG_BUFF.  However, there shouldn't be any reason  to  change
3385              this value.
3386
3387       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
3388              If  this  file  is set to 1, all System V shared memory segments
3389              will be marked for destruction as soon as the number of attached
3390              processes  falls to zero; in other words, it is no longer possi‐
3391              ble to create shared memory segments that exist independently of
3392              any attached process.
3393
3394              The effect is as though a shmctl(2) IPC_RMID is performed on all
3395              existing segments as well as all segments created in the  future
3396              (until  this  file  is reset to 0).  Note that existing segments
3397              that are attached to no process will  be  immediately  destroyed
3398              when  this  file  is  set  to  1.  Setting this option will also
3399              destroy segments that were created,  but  never  attached,  upon
3400              termination  of  the  process  that  created  the  segment  with
3401              shmget(2).
3402
3403              Setting this file to 1 provides a way of ensuring that all  Sys‐
3404              tem  V  shared  memory segments are counted against the resource
3405              usage and resource limits (see the description of  RLIMIT_AS  in
3406              getrlimit(2)) of at least one process.
3407
3408              Because  setting  this  file to 1 produces behavior that is non‐
3409              standard and could also break existing applications, the default
3410              value  in this file is 0.  Set this file to 1 only if you have a
3411              good understanding of the semantics of  the  applications  using
3412              System V shared memory on your system.
3413
3414       /proc/sys/kernel/shmall (since Linux 2.2)
3415              This  file contains the system-wide limit on the total number of
3416              pages of System V shared memory.
3417
3418       /proc/sys/kernel/shmmax (since Linux 2.2)
3419              This file can be used to query and set the run-time limit on the
3420              maximum  (System  V  IPC) shared memory segment size that can be
3421              created.  Shared memory segments up to 1GB are now supported  in
3422              the kernel.  This value defaults to SHMMAX.
3423
3424       /proc/sys/kernel/shmmni (since Linux 2.4)
3425              This  file  specifies the system-wide maximum number of System V
3426              shared memory segments that can be created.
3427
3428       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
3429              The value in this file determines how the  file  offset  affects
3430              the  behavior of updating entries in files under /proc/sys.  The
3431              file has three possible values:
3432
3433              -1  This provides legacy  handling,  with  no  printk  warnings.
3434                  Each  write(2)  must  fully contain the value to be written,
3435                  and multiple writes on the same file descriptor  will  over‐
3436                  write the entire value, regardless of the file position.
3437
3438              0   (default)  This  provides  the  same behavior as for -1, but
3439                  printk warnings  are  written  for  processes  that  perform
3440                  writes when the file offset is not 0.
3441
3442              1   Respect  the file offset when writing strings into /proc/sys
3443                  files.  Multiple writes will append  to  the  value  buffer.
3444                  Anything written beyond the maximum length of the value buf‐
3445                  fer will be ignored.  Writes to  numeric  /proc/sys  entries
3446                  must  always be at file offset 0 and the value must be fully
3447                  contained in the buffer provided to write(2).
3448
3449       /proc/sys/kernel/sysrq
3450              This file controls the functions allowed to be  invoked  by  the
3451              SysRq  key.   By default, the file contains 1 meaning that every
3452              possible SysRq request is allowed  (in  older  kernel  versions,
3453              SysRq was disabled by default, and you were required to specifi‐
3454              cally enable it at run-time, but this is not the case any more).
3455              Possible values in this file are:
3456
3457              0    Disable sysrq completely
3458
3459              1    Enable all functions of sysrq
3460
3461              > 1  Bit mask of allowed sysrq functions, as follows:
3462                     2  Enable control of console logging level
3463                     4  Enable control of keyboard (SAK, unraw)
3464                     8  Enable debugging dumps of processes etc.
3465                    16  Enable sync command
3466                    32  Enable remount read-only
3467                    64  Enable signaling of processes (term, kill, oom-kill)
3468                   128  Allow reboot/poweroff
3469                   256  Allow nicing of all real-time tasks
3470
3471              This  file is present only if the CONFIG_MAGIC_SYSRQ kernel con‐
3472              figuration option is enabled.  For further details see the Linux
3473              kernel source file Documentation/admin-guide/sysrq.rst (or Docu‐
3474              mentation/sysrq.txt before Linux 4.10).
3475
3476       /proc/sys/kernel/version
3477              This file contains a string such as:
3478
3479                  #5 Wed Feb 25 21:49:24 MET 1998
3480
3481              The "#5" means that this is the fifth  kernel  built  from  this
3482              source  base  and  the  date following it indicates the time the
3483              kernel was built.
3484
3485       /proc/sys/kernel/threads-max (since Linux 2.3.11)
3486              This file specifies the  system-wide  limit  on  the  number  of
3487              threads (tasks) that can be created on the system.
3488
3489              Since Linux 4.1, the value that can be written to threads-max is
3490              bounded.  The minimum value that can be written is 20.  The max‐
3491              imum  value  that  can  be  written  is  given  by  the constant
3492              FUTEX_TID_MASK (0x3fffffff).  If a value outside of  this  range
3493              is written to threads-max, the error EINVAL occurs.
3494
3495              The  value  written  is checked against the available RAM pages.
3496              If the thread structures would occupy too much (more than 1/8th)
3497              of the available RAM pages, threads-max is reduced accordingly.
3498
3499       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
3500              See ptrace(2).
3501
3502       /proc/sys/kernel/zero-paged (PowerPC only)
3503              This  file  contains  a flag.  When enabled (nonzero), Linux-PPC
3504              will pre-zero pages in  the  idle  loop,  possibly  speeding  up
3505              get_free_pages.
3506
3507       /proc/sys/net
3508              This directory contains networking stuff.  Explanations for some
3509              of the files under this directory can be  found  in  tcp(7)  and
3510              ip(7).
3511
3512       /proc/sys/net/core/bpf_jit_enable
3513              See bpf(2).
3514
3515       /proc/sys/net/core/somaxconn
3516              This  file  defines  a ceiling value for the backlog argument of
3517              listen(2); see the listen(2) manual page for details.
3518
3519       /proc/sys/proc
3520              This directory may be empty.
3521
3522       /proc/sys/sunrpc
3523              This directory supports Sun remote procedure  call  for  network
3524              filesystem (NFS).  On some systems, it is not present.
3525
3526       /proc/sys/user (since Linux 4.9)
3527              See namespaces(7).
3528
3529       /proc/sys/vm
3530              This directory contains files for memory management tuning, buf‐
3531              fer and cache management.
3532
3533       /proc/sys/vm/admin_reserve_kbytes (since Linux 3.10)
3534              This file defines the amount of free memory (in KiB) on the sys‐
3535              tem  that  should  be  reserved  for  users  with the capability
3536              CAP_SYS_ADMIN.
3537
3538              The default value in this file is the minimum  of  [3%  of  free
3539              pages,  8MiB] expressed as KiB.  The default is intended to pro‐
3540              vide enough for the superuser to log in and kill a  process,  if
3541              necessary, under the default overcommit 'guess' mode (i.e., 0 in
3542              /proc/sys/vm/overcommit_memory).
3543
3544              Systems  running  in  "overcommit  never"  mode  (i.e.,   2   in
3545              /proc/sys/vm/overcommit_memory)  should  increase  the  value in
3546              this file to account for the full virtual  memory  size  of  the
3547              programs  used  to  recover  (e.g., login(1) ssh(1), and top(1))
3548              Otherwise, the superuser may not be able to log  in  to  recover
3549              the  system.   For example, on x86-64 a suitable value is 131072
3550              (128MiB reserved).
3551
3552              Changing the value in this file takes effect whenever an  appli‐
3553              cation requests memory.
3554
3555       /proc/sys/vm/compact_memory (since Linux 2.6.35)
3556              When  1  is  written  to this file, all zones are compacted such
3557              that free memory is available in contiguous blocks where  possi‐
3558              ble.   The  effect  of  this  action  can  be  seen by examining
3559              /proc/buddyinfo.
3560
3561              Present only if  the  kernel  was  configured  with  CONFIG_COM‐
3562              PACTION.
3563
3564       /proc/sys/vm/drop_caches (since Linux 2.6.16)
3565              Writing  to  this  file  causes the kernel to drop clean caches,
3566              dentries, and inodes from memory, causing that memory to  become
3567              free.  This can be useful for memory management testing and per‐
3568              forming reproducible filesystem benchmarks.  Because writing  to
3569              this  file  causes  the  benefits  of caching to be lost, it can
3570              degrade overall system performance.
3571
3572              To free pagecache, use:
3573
3574                  echo 1 > /proc/sys/vm/drop_caches
3575
3576              To free dentries and inodes, use:
3577
3578                  echo 2 > /proc/sys/vm/drop_caches
3579
3580              To free pagecache, dentries and inodes, use:
3581
3582                  echo 3 > /proc/sys/vm/drop_caches
3583
3584              Because writing to this file is a nondestructive  operation  and
3585              dirty  objects  are  not  freeable,  the user should run sync(1)
3586              first.
3587
3588       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
3589              If nonzero, this disables the new 32-bit memory-mapping  layout;
3590              the kernel will use the legacy (2.4) layout for all processes.
3591
3592       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
3593              Control  how  to kill processes when an uncorrected memory error
3594              (typically a 2-bit error in a memory module) that cannot be han‐
3595              dled  by  the  kernel is detected in the background by hardware.
3596              In some cases (like the page still having a valid copy on disk),
3597              the kernel will handle the failure transparently without affect‐
3598              ing any applications.  But if there is no other up-to-date  copy
3599              of  the data, it will kill processes to prevent any data corrup‐
3600              tions from propagating.
3601
3602              The file has one of the following values:
3603
3604              1:  Kill all processes that have  the  corrupted-and-not-reload‐
3605                  able  page  mapped  as  soon  as the corruption is detected.
3606                  Note that this is not supported for a few  types  of  pages,
3607                  such  as kernel internally allocated data or the swap cache,
3608                  but works for the majority of user pages.
3609
3610              0:  Unmap the corrupted page  from  all  processes  and  kill  a
3611                  process only if it tries to access the page.
3612
3613              The  kill is performed using a SIGBUS signal with si_code set to
3614              BUS_MCEERR_AO.  Processes can handle this if they want  to;  see
3615              sigaction(2) for more details.
3616
3617              This  feature  is  active  only  on architectures/platforms with
3618              advanced machine check handling  and  depends  on  the  hardware
3619              capabilities.
3620
3621              Applications  can override the memory_failure_early_kill setting
3622              individually with the prctl(2) PR_MCE_KILL operation.
3623
3624              Present only if  the  kernel  was  configured  with  CONFIG_MEM‐
3625              ORY_FAILURE.
3626
3627       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
3628              Enable memory failure recovery (when supported by the platform)
3629
3630              1:  Attempt recovery.
3631
3632              0:  Always panic on a memory failure.
3633
3634              Present  only  if  the  kernel  was  configured with CONFIG_MEM‐
3635              ORY_FAILURE.
3636
3637       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
3638              Enables a system-wide task dump (excluding kernel threads) to be
3639              produced  when  the  kernel  performs  an OOM-killing.  The dump
3640              includes  the  following  information  for  each  task  (thread,
3641              process): thread ID, real user ID, thread group ID (process ID),
3642              virtual memory size, resident set size, the CPU that the task is
3643              scheduled   on,   oom_adj   score   (see   the   description  of
3644              /proc/[pid]/oom_adj), and command  name.   This  is  helpful  to
3645              determine  why  the  OOM-killer  was invoked and to identify the
3646              rogue task that caused it.
3647
3648              If this contains the value zero, this information is suppressed.
3649              On  very  large  systems  with thousands of tasks, it may not be
3650              feasible to dump the memory  state  information  for  each  one.
3651              Such systems should not be forced to incur a performance penalty
3652              in OOM situations when the information may not be desired.
3653
3654              If this is set to nonzero, this information  is  shown  whenever
3655              the OOM-killer actually kills a memory-hogging task.
3656
3657              The default value is 0.
3658
3659       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
3660              This enables or disables killing the OOM-triggering task in out-
3661              of-memory situations.
3662
3663              If this is set to zero, the OOM-killer  will  scan  through  the
3664              entire  tasklist  and select a task based on heuristics to kill.
3665              This normally selects a rogue memory-hogging task that frees  up
3666              a large amount of memory when killed.
3667
3668              If  this is set to nonzero, the OOM-killer simply kills the task
3669              that triggered the out-of-memory condition.  This avoids a  pos‐
3670              sibly expensive tasklist scan.
3671
3672              If  /proc/sys/vm/panic_on_oom  is  nonzero,  it takes precedence
3673              over whatever value is  used  in  /proc/sys/vm/oom_kill_allocat‐
3674              ing_task.
3675
3676              The default value is 0.
3677
3678       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
3679              This writable file provides an alternative to /proc/sys/vm/over‐
3680              commit_ratio    for    controlling    the    CommitLimit    when
3681              /proc/sys/vm/overcommit_memory  has  the value 2.  It allows the
3682              amount of memory overcommitting to be specified as  an  absolute
3683              value  (in  kB),  rather  than  as a percentage, as is done with
3684              overcommit_ratio.  This allows for finer-grained control of Com‐
3685              mitLimit on systems with extremely large memory sizes.
3686
3687              Only  one  of  overcommit_kbytes or overcommit_ratio can have an
3688              effect: if overcommit_kbytes has a nonzero  value,  then  it  is
3689              used  to  calculate  CommitLimit,  otherwise overcommit_ratio is
3690              used.  Writing a value to either of these files causes the value
3691              in the other file to be set to zero.
3692
3693       /proc/sys/vm/overcommit_memory
3694              This  file  contains  the kernel virtual memory accounting mode.
3695              Values are:
3696
3697                     0: heuristic overcommit (this is the default)
3698                     1: always overcommit, never check
3699                     2: always check, never overcommit
3700
3701              In mode 0, calls of mmap(2) with MAP_NORESERVE are not  checked,
3702              and  the default check is very weak, leading to the risk of get‐
3703              ting a process "OOM-killed".
3704
3705              In mode 1, the kernel pretends there is  always  enough  memory,
3706              until  memory  actually runs out.  One use case for this mode is
3707              scientific  computing  applications  that  employ  large  sparse
3708              arrays.   In  Linux  kernel  versions  before 2.6.0, any nonzero
3709              value implies mode 1.
3710
3711              In mode 2 (available since Linux 2.6), the total virtual address
3712              space  that  can  be allocated (CommitLimit in /proc/meminfo) is
3713              calculated as
3714
3715                  CommitLimit = (total_RAM - total_huge_TLB) *
3716                                overcommit_ratio / 100 + total_swap
3717
3718              where:
3719
3720                   *  total_RAM is the total amount of RAM on the system;
3721
3722                   *  total_huge_TLB is the amount of  memory  set  aside  for
3723                      huge pages;
3724
3725                   *  overcommit_ratio  is  the value in /proc/sys/vm/overcom‐
3726                      mit_ratio; and
3727
3728                   *  total_swap is the amount of swap space.
3729
3730              For example, on a system with 16GB  of  physical  RAM,  16GB  of
3731              swap,  no space dedicated to huge pages, and an overcommit_ratio
3732              of 50, this formula yields a CommitLimit of 24GB.
3733
3734              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes
3735              is nonzero, then CommitLimit is instead calculated as:
3736
3737                  CommitLimit = overcommit_kbytes + total_swap
3738
3739              See  also  the description of /proc/sys/vm/admiin_reserve_kbytes
3740              and /proc/sys/vm/user_reserve_kbytes.
3741
3742       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
3743              This writable file defines a percentage by which memory  can  be
3744              overcommitted.   The  default  value in the file is 50.  See the
3745              description of /proc/sys/vm/overcommit_memory.
3746
3747       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
3748              This enables or disables a kernel panic in an out-of-memory sit‐
3749              uation.
3750
3751              If this file is set to the value 0, the kernel's OOM-killer will
3752              kill some rogue process.  Usually, the  OOM-killer  is  able  to
3753              kill a rogue process and the system will survive.
3754
3755              If  this  file  is  set to the value 1, then the kernel normally
3756              panics when out-of-memory happens.  However, if a process limits
3757              allocations  to  certain  nodes  using memory policies (mbind(2)
3758              MPOL_BIND) or cpusets (cpuset(7)) and those nodes  reach  memory
3759              exhaustion  status, one process may be killed by the OOM-killer.
3760              No panic occurs in this case: because other nodes' memory may be
3761              free,  this  means the system as a whole may not have reached an
3762              out-of-memory situation yet.
3763
3764              If this file is set to the value 2,  the  kernel  always  panics
3765              when an out-of-memory condition occurs.
3766
3767              The default value is 0.  1 and 2 are for failover of clustering.
3768              Select either according to your policy of failover.
3769
3770       /proc/sys/vm/swappiness
3771              The value in this file controls how aggressively the kernel will
3772              swap memory pages.  Higher values increase aggressiveness, lower
3773              values decrease aggressiveness.  The default value is 60.
3774
3775       /proc/sys/vm/user_reserve_kbytes (since Linux 3.10)
3776              Specifies an amount of memory (in KiB) to reserve for user  pro‐
3777              cesses,  This is intended to prevent a user from starting a sin‐
3778              gle memory hogging process, such that they cannot recover  (kill
3779              the  hog).   The  value  in  this  file  has an effect only when
3780              /proc/sys/vm/overcommit_memory is set to 2  ("overcommit  never"
3781              mode).   In  this  case, the system reserves an amount of memory
3782              that  is  the  minimum  of  [3%   of   current   process   size,
3783              user_reserve_kbytes].
3784
3785              The  default  value  in  this file is the minimum of [3% of free
3786              pages, 128MiB] expressed as KiB.
3787
3788              If the value in this file is set to zero, then a  user  will  be
3789              allowed to allocate all free memory with a single process (minus
3790              the amount reserved by /proc/sys/vm/admin_reserve_kbytes).   Any
3791              subsequent  attempts  to execute a command will result in "fork:
3792              Cannot allocate memory".
3793
3794              Changing the value in this file takes effect whenever an  appli‐
3795              cation requests memory.
3796
3797       /proc/sysrq-trigger (since Linux 2.4.21)
3798              Writing  a  character to this file triggers the same SysRq func‐
3799              tion as typing ALT-SysRq-<character>  (see  the  description  of
3800              /proc/sys/kernel/sysrq).  This file is normally writable only by
3801              root.  For further details see the Linux kernel source file Doc‐
3802              umentation/admin-guide/sysrq.rst   (or   Documentation/sysrq.txt
3803              before Linux 4.10).
3804
3805       /proc/sysvipc
3806              Subdirectory containing  the  pseudo-files  msg,  sem  and  shm.
3807              These  files  list the System V Interprocess Communication (IPC)
3808              objects (respectively: message queues,  semaphores,  and  shared
3809              memory)  that  currently  exist on the system, providing similar
3810              information to that available via  ipcs(1).   These  files  have
3811              headers  and  are  formatted  (one IPC object per line) for easy
3812              understanding.  svipc(7)  provides  further  background  on  the
3813              information shown by these files.
3814
3815       /proc/thread-self (since Linux 3.17)
3816              This directory refers to the thread accessing the /proc filesys‐
3817              tem, and is identical  to  the  /proc/self/task/[tid]  directory
3818              named by the process thread ID ([tid]) of the same thread.
3819
3820       /proc/timer_list (since Linux 2.6.21)
3821              This  read-only  file  exposes  a  list of all currently pending
3822              (high-resolution) timers, all  clock-event  sources,  and  their
3823              parameters in a human-readable form.
3824
3825       /proc/timer_stats (from  Linux 2.6.21 until Linux 4.10)
3826              This  is  a  debugging facility to make timer (ab)use in a Linux
3827              system visible to kernel and user-space developers.  It  can  be
3828              used  by  kernel  and user-space developers to verify that their
3829              code does not make undue use of timers.  The goal  is  to  avoid
3830              unnecessary wakeups, thereby optimizing power consumption.
3831
3832              If  enabled in the kernel (CONFIG_TIMER_STATS), but not used, it
3833              has almost zero run-time overhead and a relatively  small  data-
3834              structure  overhead.  Even if collection is enabled at run time,
3835              overhead is low: all  the  locking  is  per-CPU  and  lookup  is
3836              hashed.
3837
3838              The  /proc/timer_stats  file  is  used  both to control sampling
3839              facility and to read out the sampled information.
3840
3841              The timer_stats functionality is inactive on bootup.  A sampling
3842              period can be started using the following command:
3843
3844                  # echo 1 > /proc/timer_stats
3845
3846              The following command stops a sampling period:
3847
3848                  # echo 0 > /proc/timer_stats
3849
3850              The statistics can be retrieved by:
3851
3852                  $ cat /proc/timer_stats
3853
3854              While  sampling  is enabled, each readout from /proc/timer_stats
3855              will see newly updated statistics.  Once sampling  is  disabled,
3856              the  sampled  information  is  kept until a new sample period is
3857              started.  This allows multiple readouts.
3858
3859              Sample output from /proc/timer_stats:
3860
3861    $ cat /proc/timer_stats
3862    Timer Stats Version: v0.3
3863    Sample period: 1.764 s
3864    Collection: active
3865      255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
3866       71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
3867       58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
3868        4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
3869       17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
3870    ...
3871        1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
3872       1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
3873    1029 total events, 583.333 events/sec
3874
3875              The output columns are:
3876
3877              *  a count of the number  of  events,  optionally  (since  Linux
3878                 2.6.23)  followed  by  the letter 'D' if this is a deferrable
3879                 timer;
3880
3881              *  the PID of the process that initialized the timer;
3882
3883              *  the name of the process that initialized the timer;
3884
3885              *  the function where the timer was initialized; and
3886
3887              *  (in parentheses) the callback  function  that  is  associated
3888                 with the timer.
3889
3890              During  the Linux 4.11 development cycle, this file  was removed
3891              because of security concerns, as it exposes  information  across
3892              namespaces.   Furthermore,  it  is  possible  to obtain the same
3893              information via in-kernel tracing facilities such as ftrace.
3894
3895       /proc/tty
3896              Subdirectory containing the pseudo-files and subdirectories  for
3897              tty drivers and line disciplines.
3898
3899       /proc/uptime
3900              This  file  contains two numbers: the uptime of the system (sec‐
3901              onds), and the amount of time spent in idle process (seconds).
3902
3903       /proc/version
3904              This string identifies the kernel version that is currently run‐
3905              ning.   It  includes  the  contents  of /proc/sys/kernel/ostype,
3906              /proc/sys/kernel/osrelease  and  /proc/sys/kernel/version.   For
3907              example:
3908
3909        Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
3910
3911       /proc/vmstat (since Linux 2.6.0)
3912              This file displays various virtual memory statistics.  Each line
3913              of this file contains a single  name-value  pair,  delimited  by
3914              white space.  Some lines are present only if the kernel was con‐
3915              figured with suitable options.   (In  some  cases,  the  options
3916              required  for  particular  files have changed across kernel ver‐
3917              sions, so they are not listed here.  Details  can  be  found  by
3918              consulting the kernel source code.)  The following fields may be
3919              present:
3920
3921              nr_free_pages (since Linux 2.6.31)
3922
3923              nr_alloc_batch (since Linux 3.12)
3924
3925              nr_inactive_anon (since Linux 2.6.28)
3926
3927              nr_active_anon (since Linux 2.6.28)
3928
3929              nr_inactive_file (since Linux 2.6.28)
3930
3931              nr_active_file (since Linux 2.6.28)
3932
3933              nr_unevictable (since Linux 2.6.28)
3934
3935              nr_mlock (since Linux 2.6.28)
3936
3937              nr_anon_pages (since Linux 2.6.18)
3938
3939              nr_mapped (since Linux 2.6.0)
3940
3941              nr_file_pages (since Linux 2.6.18)
3942
3943              nr_dirty (since Linux 2.6.0)
3944
3945              nr_writeback (since Linux 2.6.0)
3946
3947              nr_slab_reclaimable (since Linux 2.6.19)
3948
3949              nr_slab_unreclaimable (since Linux 2.6.19)
3950
3951              nr_page_table_pages (since Linux 2.6.0)
3952
3953              nr_kernel_stack (since Linux 2.6.32)
3954                     Amount of memory allocated to kernel stacks.
3955
3956              nr_unstable (since Linux 2.6.0)
3957
3958              nr_bounce (since Linux 2.6.12)
3959
3960              nr_vmscan_write (since Linux 2.6.19)
3961
3962              nr_vmscan_immediate_reclaim (since Linux 3.2)
3963
3964              nr_writeback_temp (since Linux 2.6.26)
3965
3966              nr_isolated_anon (since Linux 2.6.32)
3967
3968              nr_isolated_file (since Linux 2.6.32)
3969
3970              nr_shmem (since Linux 2.6.32)
3971                     Pages used by shmem and tmpfs(5).
3972
3973              nr_dirtied (since Linux 2.6.37)
3974
3975              nr_written (since Linux 2.6.37)
3976
3977              nr_pages_scanned (since Linux 3.17)
3978
3979              numa_hit (since Linux 2.6.18)
3980
3981              numa_miss (since Linux 2.6.18)
3982
3983              numa_foreign (since Linux 2.6.18)
3984
3985              numa_interleave (since Linux 2.6.18)
3986
3987              numa_local (since Linux 2.6.18)
3988
3989              numa_other (since Linux 2.6.18)
3990
3991              workingset_refault (since Linux 3.15)
3992
3993              workingset_activate (since Linux 3.15)
3994
3995              workingset_nodereclaim (since Linux 3.15)
3996
3997              nr_anon_transparent_hugepages (since Linux 2.6.38)
3998
3999              nr_free_cma (since Linux 3.7)
4000                     Number of free CMA (Contiguous Memory Allocator) pages.
4001
4002              nr_dirty_threshold (since Linux 2.6.37)
4003
4004              nr_dirty_background_threshold (since Linux 2.6.37)
4005
4006              pgpgin (since Linux 2.6.0)
4007
4008              pgpgout (since Linux 2.6.0)
4009
4010              pswpin (since Linux 2.6.0)
4011
4012              pswpout (since Linux 2.6.0)
4013
4014              pgalloc_dma (since Linux 2.6.5)
4015
4016              pgalloc_dma32 (since Linux 2.6.16)
4017
4018              pgalloc_normal (since Linux 2.6.5)
4019
4020              pgalloc_high (since Linux 2.6.5)
4021
4022              pgalloc_movable (since Linux 2.6.23)
4023
4024              pgfree (since Linux 2.6.0)
4025
4026              pgactivate (since Linux 2.6.0)
4027
4028              pgdeactivate (since Linux 2.6.0)
4029
4030              pgfault (since Linux 2.6.0)
4031
4032              pgmajfault (since Linux 2.6.0)
4033
4034              pgrefill_dma (since Linux 2.6.5)
4035
4036              pgrefill_dma32 (since Linux 2.6.16)
4037
4038              pgrefill_normal (since Linux 2.6.5)
4039
4040              pgrefill_high (since Linux 2.6.5)
4041
4042              pgrefill_movable (since Linux 2.6.23)
4043
4044              pgsteal_kswapd_dma (since Linux 3.4)
4045
4046              pgsteal_kswapd_dma32 (since Linux 3.4)
4047
4048              pgsteal_kswapd_normal (since Linux 3.4)
4049
4050              pgsteal_kswapd_high (since Linux 3.4)
4051
4052              pgsteal_kswapd_movable (since Linux 3.4)
4053
4054              pgsteal_direct_dma
4055
4056              pgsteal_direct_dma32 (since Linux 3.4)
4057
4058              pgsteal_direct_normal (since Linux 3.4)
4059
4060              pgsteal_direct_high (since Linux 3.4)
4061
4062              pgsteal_direct_movable (since Linux 2.6.23)
4063
4064              pgscan_kswapd_dma
4065
4066              pgscan_kswapd_dma32 (since Linux 2.6.16)
4067
4068              pgscan_kswapd_normal (since Linux 2.6.5)
4069
4070              pgscan_kswapd_high
4071
4072              pgscan_kswapd_movable (since Linux 2.6.23)
4073
4074              pgscan_direct_dma
4075
4076              pgscan_direct_dma32 (since Linux 2.6.16)
4077
4078              pgscan_direct_normal
4079
4080              pgscan_direct_high
4081
4082              pgscan_direct_movable (since Linux 2.6.23)
4083
4084              pgscan_direct_throttle (since Linux 3.6)
4085
4086              zone_reclaim_failed (since linux 2.6.31)
4087
4088              pginodesteal (since linux 2.6.0)
4089
4090              slabs_scanned (since linux 2.6.5)
4091
4092              kswapd_inodesteal (since linux 2.6.0)
4093
4094              kswapd_low_wmark_hit_quickly (since 2.6.33)
4095
4096              kswapd_high_wmark_hit_quickly (since 2.6.33)
4097
4098              pageoutrun (since Linux 2.6.0)
4099
4100              allocstall (since Linux 2.6.0)
4101
4102              pgrotated (since Linux 2.6.0)
4103
4104              drop_pagecache (since Linux 3.15)
4105
4106              drop_slab (since Linux 3.15)
4107
4108              numa_pte_updates (since Linux 3.8)
4109
4110              numa_huge_pte_updates (since Linux 3.13)
4111
4112              numa_hint_faults (since Linux 3.8)
4113
4114              numa_hint_faults_local (since Linux 3.8)
4115
4116              numa_pages_migrated (since Linux 3.8)
4117
4118              pgmigrate_success (since Linux 3.8)
4119
4120              pgmigrate_fail (since Linux 3.8)
4121
4122              compact_migrate_scanned (since Linux 3.8)
4123
4124              compact_free_scanned (since Linux 3.8)
4125
4126              compact_isolated (since Linux 3.8)
4127
4128              compact_stall (since Linux 2.6.35)
4129                     See  the  kernel   source   file   Documentation/vm/tran‐
4130                     shuge.txt.
4131
4132              compact_fail (since Linux 2.6.35)
4133                     See   the   kernel   source  file  Documentation/vm/tran‐
4134                     shuge.txt.
4135
4136              compact_success (since Linux 2.6.35)
4137                     See  the  kernel   source   file   Documentation/vm/tran‐
4138                     shuge.txt.
4139
4140              htlb_buddy_alloc_success (since Linux 2.6.26)
4141
4142              htlb_buddy_alloc_fail (since Linux 2.6.26)
4143
4144              unevictable_pgs_culled (since Linux 2.6.28)
4145
4146              unevictable_pgs_scanned (since Linux 2.6.28)
4147
4148              unevictable_pgs_rescued (since Linux 2.6.28)
4149
4150              unevictable_pgs_mlocked (since Linux 2.6.28)
4151
4152              unevictable_pgs_munlocked (since Linux 2.6.28)
4153
4154              unevictable_pgs_cleared (since Linux 2.6.28)
4155
4156              unevictable_pgs_stranded (since Linux 2.6.28)
4157
4158              thp_fault_alloc (since Linux 2.6.39)
4159                     See   the   kernel   source  file  Documentation/vm/tran‐
4160                     shuge.txt.
4161
4162              thp_fault_fallback (since Linux 2.6.39)
4163                     See  the  kernel   source   file   Documentation/vm/tran‐
4164                     shuge.txt.
4165
4166              thp_collapse_alloc (since Linux 2.6.39)
4167                     See   the   kernel   source  file  Documentation/vm/tran‐
4168                     shuge.txt.
4169
4170              thp_collapse_alloc_failed (since Linux 2.6.39)
4171                     See  the  kernel   source   file   Documentation/vm/tran‐
4172                     shuge.txt.
4173
4174              thp_split (since Linux 2.6.39)
4175                     See   the   kernel   source  file  Documentation/vm/tran‐
4176                     shuge.txt.
4177
4178              thp_zero_page_alloc (since Linux 3.8)
4179                     See  the  kernel   source   file   Documentation/vm/tran‐
4180                     shuge.txt.
4181
4182              thp_zero_page_alloc_failed (since Linux 3.8)
4183                     See   the   kernel   source  file  Documentation/vm/tran‐
4184                     shuge.txt.
4185
4186              balloon_inflate (since Linux 3.18)
4187
4188              balloon_deflate (since Linux 3.18)
4189
4190              balloon_migrate (since Linux 3.18)
4191
4192              nr_tlb_remote_flush (since Linux 3.12)
4193
4194              nr_tlb_remote_flush_received (since Linux 3.12)
4195
4196              nr_tlb_local_flush_all (since Linux 3.12)
4197
4198              nr_tlb_local_flush_one (since Linux 3.12)
4199
4200              vmacache_find_calls (since Linux 3.16)
4201
4202              vmacache_find_hits (since Linux 3.16)
4203
4204              vmacache_full_flushes (since Linux 3.19)
4205
4206       /proc/zoneinfo (since Linux 2.6.13)
4207              This file display information about memory zones.  This is  use‐
4208              ful for analyzing virtual memory behavior.
4209

NOTES

4211       Many strings (i.e., the environment and command line) are in the inter‐
4212       nal format, with subfields terminated by null bytes ('\0'), so you  may
4213       find  that  things are more readable if you use od -c or tr "\000" "\n"
4214       to read them.  Alternatively, echo `cat <file>` works well.
4215
4216       This manual page is incomplete, possibly inaccurate, and is the kind of
4217       thing that needs to be updated very often.
4218

SEE ALSO

4220       cat(1),  dmesg(1),  find(1), free(1), init(1), ps(1), tr(1), uptime(1),
4221       chroot(2),  mmap(2),  readlink(2),  syslog(2),  slabinfo(5),  sysfs(5),
4222       hier(7),   namespaces(7),   time(7),  arp(8),  hdparm(8),  ifconfig(8),
4223       lsmod(8),  lspci(8),  mount(8),  netstat(8),   procinfo(8),   route(8),
4224       sysctl(8)
4225
4226       The Linux kernel source files: Documentation/filesystems/proc.txt Docu‐
4227       mentation/sysctl/fs.txt,  Documentation/sysctl/kernel.txt,   Documenta‐
4228       tion/sysctl/net.txt, and Documentation/sysctl/vm.txt.
4229

COLOPHON

4231       This  page  is  part of release 4.16 of the Linux man-pages project.  A
4232       description of the project, information about reporting bugs,  and  the
4233       latest     version     of     this    page,    can    be    found    at
4234       https://www.kernel.org/doc/man-pages/.
4235
4236
4237
4238Linux                             2017-09-15                           PROC(5)
Impressum