1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and the default if this mount  op‐
29                  tion is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid] directories but their own (the  /proc/[pid]  di‐
33                  rectories  themselves remain visible).  Sensitive files such
34                  as /proc/[pid]/cmdline and /proc/[pid]/status are  now  pro‐
35                  tected  against  other  users.   This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an attacker's task of gathering in‐
49                  formation about running processes (e.g., discovering whether
50                  some daemon is running with elevated privileges, whether an‐
51                  other  user is running some sensitive program, whether other
52                  users are running any program at all, and so on).
53
54       gid=gid (since Linux 3.3)
55              Specifies the ID of a group  whose  members  are  authorized  to
56              learn process information otherwise prohibited by hidepid (i.e.,
57              users in this group behave as  though  /proc  was  mounted  with
58              hidepid=0).   This  group  should  be used instead of approaches
59              such as putting nonroot users into the sudoers(5) file.
60
61   Overview
62       Underneath /proc, there are the following general groups of  files  and
63       subdirectories:
64
65       /proc/[pid] subdirectories
66              Each  one of these subdirectories contains files and subdirecto‐
67              ries exposing information about the process with the correspond‐
68              ing process ID.
69
70              Underneath each of the /proc/[pid] directories, a task subdirec‐
71              tory contains subdirectories of the form task/[tid], which  con‐
72              tain  corresponding information about each of the threads in the
73              process, where tid is the kernel thread ID of the thread.
74
75              The  /proc/[pid]  subdirectories  are  visible  when   iterating
76              through  /proc  with  getdents(2) (and thus are visible when one
77              uses ls(1) to view the contents of /proc).
78
79       /proc/[tid] subdirectories
80              Each one of these subdirectories contains files and  subdirecto‐
81              ries  exposing information about the thread with the correspond‐
82              ing thread ID.  The contents of these directories are  the  same
83              as the corresponding /proc/[pid]/task/[tid] directories.
84
85              The  /proc/[tid]  subdirectories  are not visible when iterating
86              through /proc with getdents(2) (and thus are  not  visible  when
87              one uses ls(1) to view the contents of /proc).
88
89       /proc/self
90              When a process accesses this magic symbolic link, it resolves to
91              the process's own /proc/[pid] directory.
92
93       /proc/thread-self
94              When a thread accesses this magic symbolic link, it resolves  to
95              the process's own /proc/self/task/[tid] directory.
96
97       /proc/[a-z]*
98              Various  other  files and subdirectories under /proc expose sys‐
99              tem-wide information.
100
101       All of the above are described in more detail below.
102
103   Files and directories
104       The following list provides details of many of the files  and  directo‐
105       ries under the /proc hierarchy.
106
107       /proc/[pid]
108              There  is a numerical subdirectory for each running process; the
109              subdirectory is named by the process ID.  Each /proc/[pid]  sub‐
110              directory  contains  the  pseudo-files and directories described
111              below.
112
113              The files inside each /proc/[pid] directory are  normally  owned
114              by  the  effective  user  and effective group ID of the process.
115              However, as a security measure, the ownership is made  root:root
116              if  the  process's  "dumpable" attribute is set to a value other
117              than 1.
118
119              Before Linux 4.11, root:root meant the "global" root user ID and
120              group  ID (i.e., UID 0 and GID 0 in the initial user namespace).
121              Since Linux 4.11, if the process is in a noninitial  user  name‐
122              space  that has a valid mapping for user (group) ID 0 inside the
123              namespace, then the user (group) ownership of  the  files  under
124              /proc/[pid] is instead made the same as the root user (group) ID
125              of the namespace.  This means that inside  a  container,  things
126              work as expected for the container "root" user.
127
128              The  process's "dumpable" attribute may change for the following
129              reasons:
130
131              *  The  attribute  was   explicitly   set   via   the   prctl(2)
132                 PR_SET_DUMPABLE operation.
133
134              *  The   attribute   was   reset   to  the  value  in  the  file
135                 /proc/sys/fs/suid_dumpable (described below), for the reasons
136                 described in prctl(2).
137
138              Resetting the "dumpable" attribute to 1 reverts the ownership of
139              the /proc/[pid]/* files to the process's effective UID and  GID.
140              Note,  however, that if the effective UID or GID is subsequently
141              modified, then the "dumpable" attribute may  be  reset,  as  de‐
142              scribed  in  prctl(2).   Therefore, it may be desirable to reset
143              the "dumpable" attribute after making any desired changes to the
144              process's effective UID or GID.
145
146       /proc/[pid]/attr
147              The files in this directory provide an API for security modules.
148              The contents of this directory are files that can  be  read  and
149              written  in  order to set security-related attributes.  This di‐
150              rectory was added to support SELinux, but the intention was that
151              the  API  be  general  enough to support other security modules.
152              For the purpose of explanation, examples  of  how  SELinux  uses
153              these files are provided below.
154
155              This directory is present only if the kernel was configured with
156              CONFIG_SECURITY.
157
158       /proc/[pid]/attr/current (since Linux 2.6.0)
159              The contents of this file represent  the  current  security  at‐
160              tributes of the process.
161
162              In  SELinux,  this file is used to get the security context of a
163              process.  Prior to Linux 2.6.11, this file could not be used  to
164              set  the  security  context  (a  write was always denied), since
165              SELinux limited process security transitions to  execve(2)  (see
166              the  description  of /proc/[pid]/attr/exec, below).  Since Linux
167              2.6.11, SELinux lifted this  restriction  and  began  supporting
168              "set"  operations  via writes to this node if authorized by pol‐
169              icy, although use of this operation is only suitable for  appli‐
170              cations  that are trusted to maintain any desired separation be‐
171              tween the old and new security contexts.
172
173              Prior to Linux 2.6.28, SELinux did not allow  threads  within  a
174              multithreaded  process  to  set  their security context via this
175              node as it would yield an inconsistency among the security  con‐
176              texts of the threads sharing the same memory space.  Since Linux
177              2.6.28, SELinux lifted this  restriction  and  began  supporting
178              "set"  operations  for threads within a multithreaded process if
179              the new security context is bounded by the old security context,
180              where  the  bounded relation is defined in policy and guarantees
181              that the new security context has a subset of the permissions of
182              the old security context.
183
184              Other  security  modules  may choose to support "set" operations
185              via writes to this node.
186
187       /proc/[pid]/attr/exec (since Linux 2.6.0)
188              This file represents the attributes to  assign  to  the  process
189              upon a subsequent execve(2).
190
191              In  SELinux,  this is needed to support role/domain transitions,
192              and execve(2) is the preferred point to  make  such  transitions
193              because  it offers better control over the initialization of the
194              process in the new security label and the inheritance of  state.
195              In SELinux, this attribute is reset on execve(2) so that the new
196              program reverts to the default behavior for any execve(2)  calls
197              that  it  may  make.  In SELinux, a process can set only its own
198              /proc/[pid]/attr/exec attribute.
199
200       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
201              This file represents the attributes to assign to  files  created
202              by  subsequent  calls  to  open(2),  mkdir(2),  symlink(2),  and
203              mknod(2)
204
205              SELinux employs this file to support creation of a  file  (using
206              the  aforementioned  system  calls)  in  a secure state, so that
207              there is no risk of inappropriate access being obtained  between
208              the  time  of creation and the time that attributes are set.  In
209              SELinux, this attribute is reset on execve(2), so that  the  new
210              program  reverts  to  the default behavior for any file creation
211              calls it may make, but the attribute will persist across  multi‐
212              ple file creation calls within a program unless it is explicitly
213              reset.   In  SELinux,  a  process   can   set   only   its   own
214              /proc/[pid]/attr/fscreate attribute.
215
216       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
217              If  a process writes a security context into this file, all sub‐
218              sequently created keys (add_key(2)) will be  labeled  with  this
219              context.   For  further  information, see the kernel source file
220              Documentation/security/keys/core.rst (or file  Documentation/se‐
221              curity/keys.txt  on  Linux  between  3.0 and 4.13, or Documenta‐
222              tion/keys.txt before Linux 3.0).
223
224       /proc/[pid]/attr/prev (since Linux 2.6.0)
225              This file contains the security context of  the  process  before
226              the   last   execve(2);   that   is,   the   previous  value  of
227              /proc/[pid]/attr/current.
228
229       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
230              If a process writes a security context into this file, all  sub‐
231              sequently created sockets will be labeled with this context.
232
233       /proc/[pid]/autogroup (since Linux 2.6.38)
234              See sched(7).
235
236       /proc/[pid]/auxv (since 2.6.0)
237              This  contains  the  contents of the ELF interpreter information
238              passed to the process at exec time.  The format is one  unsigned
239              long  ID  plus one unsigned long value for each entry.  The last
240              entry contains two zeros.  See also getauxval(3).
241
242              Permission to access this file is governed by  a  ptrace  access
243              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
244
245       /proc/[pid]/cgroup (since Linux 2.6.24)
246              See cgroups(7).
247
248       /proc/[pid]/clear_refs (since Linux 2.6.22)
249
250              This  is  a  write-only  file,  writable  only  by  owner of the
251              process.
252
253              The following values may be written to the file:
254
255              1 (since Linux 2.6.22)
256                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
257                     the  pages  associated  with the process.  (Before kernel
258                     2.6.32, writing any nonzero value to this file  had  this
259                     effect.)
260
261              2 (since Linux 2.6.32)
262                     Reset  the  PG_Referenced and ACCESSED/YOUNG bits for all
263                     anonymous pages associated with the process.
264
265              3 (since Linux 2.6.32)
266                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
267                     file-mapped pages associated with the process.
268
269              Clearing  the  PG_Referenced  and ACCESSED/YOUNG bits provides a
270              method to measure approximately how much memory a process is us‐
271              ing.   One  first inspects the values in the "Referenced" fields
272              for the VMAs shown in /proc/[pid]/smaps to get an  idea  of  the
273              memory  footprint of the process.  One then clears the PG_Refer‐
274              enced and ACCESSED/YOUNG bits and, after some measured time  in‐
275              terval,  once  again  inspects  the  values  in the "Referenced"
276              fields to get an idea of the change in memory footprint  of  the
277              process during the measured interval.  If one is interested only
278              in inspecting the selected mapping types, then the value 2 or  3
279              can be used instead of 1.
280
281              Further values can be written to affect different properties:
282
283              4 (since Linux 3.11)
284                     Clear  the  soft-dirty  bit  for all the pages associated
285                     with the process.  This  is  used  (in  conjunction  with
286                     /proc/[pid]/pagemap) by the check-point restore system to
287                     discover which pages of a process have been dirtied since
288                     the file /proc/[pid]/clear_refs was written to.
289
290              5 (since Linux 4.0)
291                     Reset  the  peak resident set size ("high water mark") to
292                     the process's current resident set size value.
293
294              Writing any value to  /proc/[pid]/clear_refs  other  than  those
295              listed above has no effect.
296
297              The  /proc/[pid]/clear_refs  file  is  present  only if the CON‐
298              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
299
300       /proc/[pid]/cmdline
301              This read-only file holds the  complete  command  line  for  the
302              process,  unless  the  process is a zombie.  In the latter case,
303              there is nothing in this file: that is, a read on this file will
304              return  0 characters.  The command-line arguments appear in this
305              file as a set of strings separated by null bytes ('\0'), with  a
306              further null byte after the last string.
307
308              If,  after  an execve(2), the process modifies its argv strings,
309              those changes will show up here.  This is not the same thing  as
310              modifying the argv array.
311
312              Furthermore,  a process may change the memory location that this
313              file refers via prctl(2) operations such as PR_SET_MM_ARG_START.
314
315              Think of this file as the command line that  the  process  wants
316              you to see.
317
318       /proc/[pid]/comm (since Linux 2.6.33)
319              This  file exposes the process's comm value—that is, the command
320              name associated with the process.  Different threads in the same
321              process   may   have   different  comm  values,  accessible  via
322              /proc/[pid]/task/[tid]/comm.   A  thread  may  modify  its  comm
323              value,  or  that of any of other thread in the same thread group
324              (see the discussion of CLONE_THREAD in clone(2)), by writing  to
325              the   file   /proc/self/task/[tid]/comm.   Strings  longer  than
326              TASK_COMM_LEN (16) characters (including  the  terminating  null
327              byte) are silently truncated.
328
329              This  file  provides  a superset of the prctl(2) PR_SET_NAME and
330              PR_GET_NAME operations, and is employed by pthread_setname_np(3)
331              when used to rename threads other than the caller.  The value in
332              this file  is  used  for  the  %e  specifier  in  /proc/sys/ker‐
333              nel/core_pattern; see core(5).
334
335       /proc/[pid]/coredump_filter (since Linux 2.6.23)
336              See core(5).
337
338       /proc/[pid]/cpuset (since Linux 2.6.12)
339              See cpuset(7).
340
341       /proc/[pid]/cwd
342              This  is a symbolic link to the current working directory of the
343              process.  To find out the current working directory  of  process
344              20, for instance, you can do this:
345
346                  $ cd /proc/20/cwd; pwd -P
347
348              In  a  multithreaded process, the contents of this symbolic link
349              are not available if the  main  thread  has  already  terminated
350              (typically by calling pthread_exit(3)).
351
352              Permission  to  dereference  or read (readlink(2)) this symbolic
353              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
354              CREDS check; see ptrace(2).
355
356       /proc/[pid]/environ
357              This file contains the initial environment that was set when the
358              currently executing program was started via execve(2).  The  en‐
359              tries  are  separated  by  null bytes ('\0'), and there may be a
360              null byte at the end.  Thus, to print  out  the  environment  of
361              process 1, you would do:
362
363                  $ cat /proc/1/environ | tr '\000' '\n'
364
365              If,  after  an  execve(2),  the process modifies its environment
366              (e.g., by calling functions such as putenv(3) or  modifying  the
367              environ(7)  variable directly), this file will not reflect those
368              changes.
369
370              Furthermore, a process may change the memory location that  this
371              file refers via prctl(2) operations such as PR_SET_MM_ENV_START.
372
373              Permission  to  access  this file is governed by a ptrace access
374              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
375
376       /proc/[pid]/exe
377              Under Linux 2.2 and later, this file is a symbolic link contain‐
378              ing  the actual pathname of the executed command.  This symbolic
379              link can be dereferenced normally; attempting to  open  it  will
380              open  the  executable.  You can even type /proc/[pid]/exe to run
381              another copy of the same executable that is being run by process
382              [pid].   If  the  pathname  has been unlinked, the symbolic link
383              will contain the string '(deleted)'  appended  to  the  original
384              pathname.  In a multithreaded process, the contents of this sym‐
385              bolic link are not available if the main thread has already ter‐
386              minated (typically by calling pthread_exit(3)).
387
388              Permission  to  dereference  or read (readlink(2)) this symbolic
389              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
390              CREDS check; see ptrace(2).
391
392              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the
393              binary which was executed, and appears as a  symbolic  link.   A
394              readlink(2)  call  on this file under Linux 2.0 returns a string
395              in the format:
396
397                  [device]:inode
398
399              For example, [0301]:1502 would be inode 1502 on device major  03
400              (IDE,  MFM,  etc. drives) minor 01 (first partition on the first
401              drive).
402
403              find(1) with the -inum option can be used to locate the file.
404
405       /proc/[pid]/fd/
406              This is a subdirectory containing one entry for each file  which
407              the process has open, named by its file descriptor, and which is
408              a symbolic link to the actual file.  Thus, 0 is standard  input,
409              1 standard output, 2 standard error, and so on.
410
411              For  file descriptors for pipes and sockets, the entries will be
412              symbolic links whose content is the file type with the inode.  A
413              readlink(2) call on this file returns a string in the format:
414
415                  type:[inode]
416
417              For  example, socket:[2248868] will be a socket and its inode is
418              2248868.  For sockets, that inode can be used to find  more  in‐
419              formation in one of the files under /proc/net/.
420
421              For  file  descriptors  that  have no corresponding inode (e.g.,
422              file   descriptors   produced   by   bpf(2),    epoll_create(2),
423              eventfd(2),  inotify_init(2),  perf_event_open(2),  signalfd(2),
424              timerfd_create(2), and userfaultfd(2)), the entry will be a sym‐
425              bolic link with contents of the form
426
427                  anon_inode:<file-type>
428
429              In  many  cases  (but  not  all), the file-type is surrounded by
430              square brackets.
431
432              For example, an epoll file descriptor will have a symbolic  link
433              whose content is the string anon_inode:[eventpoll].
434
435              In  a  multithreaded process, the contents of this directory are
436              not available if the main thread has already  terminated  (typi‐
437              cally by calling pthread_exit(3)).
438
439              Programs  that  take  a filename as a command-line argument, but
440              don't take input from standard input if no argument is supplied,
441              and  programs that write to a file named as a command-line argu‐
442              ment, but don't send their output to standard output if no argu‐
443              ment is supplied, can nevertheless be made to use standard input
444              or standard output by using /proc/[pid]/fd files as command-line
445              arguments.   For example, assuming that -i is the flag designat‐
446              ing an input file and -o is the flag designating an output file:
447
448                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
449
450              and you have a working filter.
451
452              /proc/self/fd/N is approximately the same as /dev/fd/N  in  some
453              UNIX and UNIX-like systems.  Most Linux MAKEDEV scripts symboli‐
454              cally link /dev/fd to /proc/self/fd, in fact.
455
456              Most systems provide symbolic links /dev/stdin, /dev/stdout, and
457              /dev/stderr, which respectively link to the files 0, 1, and 2 in
458              /proc/self/fd.  Thus the example command above could be  written
459              as:
460
461                  $ foobar -i /dev/stdin -o /dev/stdout ...
462
463              Permission  to  dereference  or  read (readlink(2)) the symbolic
464              links in this directory is governed  by  a  ptrace  access  mode
465              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
466
467              Note  that  for  file descriptors referring to inodes (pipes and
468              sockets, see above), those inodes still have permission bits and
469              ownership  information distinct from those of the /proc/[pid]/fd
470              entry, and that the owner may differ from the user and group IDs
471              of the process.  An unprivileged process may lack permissions to
472              open them, as in this example:
473
474                  $ echo test | sudo -u nobody cat
475                  test
476                  $ echo test | sudo -u nobody cat /proc/self/fd/0
477                  cat: /proc/self/fd/0: Permission denied
478
479              File descriptor 0 refers to the pipe created by  the  shell  and
480              owned by that shell's user, which is not nobody, so cat does not
481              have permission to create a new file  descriptor  to  read  from
482              that inode, even though it can still read from its existing file
483              descriptor 0.
484
485       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
486              This is a subdirectory containing one entry for each file  which
487              the  process  has open, named by its file descriptor.  The files
488              in this directory are readable only by the owner of the process.
489              The  contents  of  each  file  can be read to obtain information
490              about the corresponding file descriptor.  The content depends on
491              the  type of file referred to by the corresponding file descrip‐
492              tor.
493
494              For regular files and directories, we see something like:
495
496                  $ cat /proc/12015/fdinfo/4
497                  pos:    1000
498                  flags:  01002002
499                  mnt_id: 21
500
501              The fields are as follows:
502
503              pos    This is a decimal number showing the file offset.
504
505              flags  This is an octal number that  displays  the  file  access
506                     mode  and file status flags (see open(2)).  If the close-
507                     on-exec file descriptor flag is set, then flags will also
508                     include the value O_CLOEXEC.
509
510                     Before  Linux  3.1,  this field incorrectly displayed the
511                     setting of O_CLOEXEC at the time  the  file  was  opened,
512                     rather  than  the  current  setting  of the close-on-exec
513                     flag.
514
515              mnt_id This field, present since Linux 3.15, is the  ID  of  the
516                     mount  containing  this  file.   See  the  description of
517                     /proc/[pid]/mountinfo.
518
519              For eventfd file descriptors (see  eventfd(2)),  we  see  (since
520              Linux 3.8) the following fields:
521
522                  pos: 0
523                  flags:    02
524                  mnt_id:   10
525                  eventfd-count:               40
526
527              eventfd-count  is  the  current value of the eventfd counter, in
528              hexadecimal.
529
530              For epoll file descriptors (see epoll(7)), we see  (since  Linux
531              3.8) the following fields:
532
533                  pos: 0
534                  flags:    02
535                  mnt_id:   10
536                  tfd:        9 events:       19 data: 74253d2500000009
537                  tfd:        7 events:       19 data: 74253d2500000007
538
539              Each  of  the  lines beginning tfd describes one of the file de‐
540              scriptors being monitored via the  epoll  file  descriptor  (see
541              epoll_ctl(2)  for some details).  The tfd field is the number of
542              the file descriptor.  The events field is a hexadecimal mask  of
543              the  events  being monitored for this file descriptor.  The data
544              field is the data value associated with this file descriptor.
545
546              For signalfd file descriptors (see signalfd(2)), we  see  (since
547              Linux 3.8) the following fields:
548
549                  pos: 0
550                  flags:    02
551                  mnt_id:   10
552                  sigmask:  0000000000000006
553
554              sigmask is the hexadecimal mask of signals that are accepted via
555              this signalfd file descriptor.  (In this example, bits 2  and  3
556              are  set,  corresponding  to the signals SIGINT and SIGQUIT; see
557              signal(7).)
558
559              For inotify file descriptors (see  inotify(7)),  we  see  (since
560              Linux 3.8) the following fields:
561
562                  pos: 0
563                  flags:    00
564                  mnt_id:   11
565                  inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
566                  inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73
567
568              Each  of the lines beginning with "inotify" displays information
569              about one file or directory that is being monitored.  The fields
570              in this line are as follows:
571
572              wd     A watch descriptor number (in decimal).
573
574              ino    The inode number of the target file (in hexadecimal).
575
576              sdev   The  ID  of  the device where the target file resides (in
577                     hexadecimal).
578
579              mask   The mask of events being monitored for  the  target  file
580                     (in hexadecimal).
581
582              If  the  kernel was built with exportfs support, the path to the
583              target file is exposed as a file handle, via  three  hexadecimal
584              fields: fhandle-bytes, fhandle-type, and f_handle.
585
586              For  fanotify  file descriptors (see fanotify(7)), we see (since
587              Linux 3.8) the following fields:
588
589                  pos: 0
590                  flags:    02
591                  mnt_id:   11
592                  fanotify flags:0 event-flags:88002
593                  fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73
594
595              The fourth line displays information defined when  the  fanotify
596              group was created via fanotify_init(2):
597
598              flags  The  flags  argument given to fanotify_init(2) (expressed
599                     in hexadecimal).
600
601              event-flags
602                     The event_f_flags argument given to fanotify_init(2) (ex‐
603                     pressed in hexadecimal).
604
605              Each  additional  line  shown  in  the file contains information
606              about one of the marks in the fanotify  group.   Most  of  these
607              fields are as for inotify, except:
608
609              mflags The flags associated with the mark (expressed in hexadec‐
610                     imal).
611
612              mask   The events mask for this mark (expressed in hexadecimal).
613
614              ignored_mask
615                     The mask of events that are ignored for  this  mark  (ex‐
616                     pressed in hexadecimal).
617
618              For details on these fields, see fanotify_mark(2).
619
620              For  timerfd  file  descriptors  (see timerfd(2)), we see (since
621              Linux 3.17) the following fields:
622
623                  pos:    0
624                  flags:  02004002
625                  mnt_id: 13
626                  clockid: 0
627                  ticks: 0
628                  settime flags: 03
629                  it_value: (7695568592, 640020877)
630                  it_interval: (0, 0)
631
632              clockid
633                     This is the numeric value of the clock ID  (corresponding
634                     to  one  of  the  CLOCK_* constants defined via <time.h>)
635                     that is used to mark the progress of the timer  (in  this
636                     example, 0 is CLOCK_REALTIME).
637
638              ticks  This  is  the  number  of timer expirations that have oc‐
639                     curred, (i.e., the value that read(2)  on  it  would  re‐
640                     turn).
641
642              settime flags
643                     This  field  lists  the  flags with which the timerfd was
644                     last armed (see timerfd_settime(2)), in  octal  (in  this
645                     example,   both   TFD_TIMER_ABSTIME   and  TFD_TIMER_CAN‐
646                     CEL_ON_SET are set).
647
648              it_value
649                     This field contains the amount of time  until  the  timer
650                     will  next  expire, expressed in seconds and nanoseconds.
651                     This is always expressed as a relative value,  regardless
652                     of  whether the timer was created using the TFD_TIMER_AB‐
653                     STIME flag.
654
655              it_interval
656                     This field contains the interval of the timer, in seconds
657                     and  nanoseconds.   (The  it_value and it_interval fields
658                     contain the values that timerfd_gettime(2) on  this  file
659                     descriptor would return.)
660
661       /proc/[pid]/gid_map (since Linux 3.5)
662              See user_namespaces(7).
663
664       /proc/[pid]/io (since kernel 2.6.20)
665              This file contains I/O statistics for the process, for example:
666
667                  # cat /proc/3828/io
668                  rchar: 323934931
669                  wchar: 323929600
670                  syscr: 632687
671                  syscw: 632675
672                  read_bytes: 0
673                  write_bytes: 323932160
674                  cancelled_write_bytes: 0
675
676              The fields are as follows:
677
678              rchar: characters read
679                     The number of bytes which this task has caused to be read
680                     from storage.  This is simply the sum of bytes which this
681                     process  passed  to read(2) and similar system calls.  It
682                     includes things such as terminal I/O and is unaffected by
683                     whether or not actual physical disk I/O was required (the
684                     read might have been satisfied from pagecache).
685
686              wchar: characters written
687                     The number of bytes which this task has caused, or  shall
688                     cause  to be written to disk.  Similar caveats apply here
689                     as with rchar.
690
691              syscr: read syscalls
692                     Attempt to count the number of read  I/O  operations—that
693                     is, system calls such as read(2) and pread(2).
694
695              syscw: write syscalls
696                     Attempt  to count the number of write I/O operations—that
697                     is, system calls such as write(2) and pwrite(2).
698
699              read_bytes: bytes read
700                     Attempt to count the number of bytes which  this  process
701                     really  did  cause  to be fetched from the storage layer.
702                     This is accurate for block-backed filesystems.
703
704              write_bytes: bytes written
705                     Attempt to count the number of bytes which  this  process
706                     caused to be sent to the storage layer.
707
708              cancelled_write_bytes:
709                     The big inaccuracy here is truncate.  If a process writes
710                     1 MB to a file and then deletes the file, it will in fact
711                     perform  no writeout.  But it will have been accounted as
712                     having caused 1 MB of write.  In other words: this  field
713                     represents  the number of bytes which this process caused
714                     to not happen, by truncating pagecache.  A task can cause
715                     "negative"  I/O  too.   If this task truncates some dirty
716                     pagecache, some I/O which another task has been accounted
717                     for (in its write_bytes) will not be happening.
718
719              Note:  In  the  current implementation, things are a bit racy on
720              32-bit systems: if process A reads  process  B's  /proc/[pid]/io
721              while  process  B  is  updating  one  of  these 64-bit counters,
722              process A could see an intermediate result.
723
724              Permission to access this file is governed by  a  ptrace  access
725              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
726
727       /proc/[pid]/limits (since Linux 2.6.24)
728              This file displays the soft limit, hard limit, and units of mea‐
729              surement for each of the process's resource  limits  (see  getr‐
730              limit(2)).   Up to and including Linux 2.6.35, this file is pro‐
731              tected to allow reading only by the real  UID  of  the  process.
732              Since  Linux  2.6.36,  this file is readable by all users on the
733              system.
734
735       /proc/[pid]/map_files/ (since kernel 3.3)
736              This subdirectory  contains  entries  corresponding  to  memory-
737              mapped  files (see mmap(2)).  Entries are named by memory region
738              start and end address pair (expressed as  hexadecimal  numbers),
739              and  are symbolic links to the mapped files themselves.  Here is
740              an example, with the output wrapped and reformatted to fit on an
741              80-column display:
742
743                  # ls -l /proc/self/map_files/
744                  lr--------. 1 root root 64 Apr 16 21:31
745                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
746                  ...
747
748              Although  these entries are present for memory regions that were
749              mapped with the MAP_FILE flag, the way anonymous  shared  memory
750              (regions created with the MAP_ANON | MAP_SHARED flags) is imple‐
751              mented in Linux means that such regions also appear on this  di‐
752              rectory.   Here  is  an  example  where  the  target file is the
753              deleted /dev/zero one:
754
755                  lrw-------. 1 root root 64 Apr 16 21:33
756                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)
757
758              Permission to access this file is governed by  a  ptrace  access
759              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
760
761              Until  kernel  version  4.3, this directory appeared only if the
762              CONFIG_CHECKPOINT_RESTORE kernel configuration  option  was  en‐
763              abled.
764
765              Capabilities  are  required to read the contents of the symbolic
766              links in this directory: before Linux 5.9, the  reading  process
767              requires  CAP_SYS_ADMIN  in  the  initial  user namespace; since
768              Linux 5.9, the reading process must have either CAP_SYS_ADMIN or
769              CAP_CHECKPOINT_RESTORE in the user namespace where it resides.
770
771       /proc/[pid]/maps
772              A  file containing the currently mapped memory regions and their
773              access permissions.  See mmap(2) for  some  further  information
774              about memory mappings.
775
776              Permission  to  access  this file is governed by a ptrace access
777              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
778
779              The format of the file is:
780
781                  address           perms offset  dev   inode       pathname
782                  00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
783                  00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
784                  00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
785                  00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
786                  00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
787                  ...
788                  35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
789                  35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
790                  35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
791                  35b1a21000-35b1a22000 rw-p 00000000 00:00 0
792                  35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
793                  35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
794                  35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
795                  35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
796                  ...
797                  f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
798                  ...
799                  7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
800                  7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]
801
802              The address field is the address space in the process  that  the
803              mapping occupies.  The perms field is a set of permissions:
804
805                  r = read
806                  w = write
807                  x = execute
808                  s = shared
809                  p = private (copy on write)
810
811              The  offset  field  is the offset into the file/whatever; dev is
812              the device (major:minor); inode is the inode on that device.   0
813              indicates that no inode is associated with the memory region, as
814              would be the case with BSS (uninitialized data).
815
816              The pathname field will usually be the file that is backing  the
817              mapping.  For ELF files, you can easily coordinate with the off‐
818              set field by looking at the Offset  field  in  the  ELF  program
819              headers (readelf -l).
820
821              There are additional helpful pseudo-paths:
822
823              [stack]
824                     The  initial  process's (also known as the main thread's)
825                     stack.
826
827              [stack:<tid>] (from Linux 3.4 to 4.4)
828                     A thread's stack (where the <tid> is a  thread  ID).   It
829                     corresponds  to  the  /proc/[pid]/task/[tid]/ path.  This
830                     field was removed in Linux 4.5, since providing this  in‐
831                     formation  for a process with large numbers of threads is
832                     expensive.
833
834              [vdso] The  virtual  dynamically  linked  shared  object.    See
835                     vdso(7).
836
837              [heap] The process's heap.
838
839              If  the pathname field is blank, this is an anonymous mapping as
840              obtained via mmap(2).  There is no easy way to  coordinate  this
841              back  to a process's source, short of running it through gdb(1),
842              strace(1), or similar.
843
844              pathname is shown unescaped except for newline characters, which
845              are  replaced with an octal escape sequence.  As a result, it is
846              not possible to determine whether  the  original  pathname  con‐
847              tained  a  newline  character  or the literal \012 character se‐
848              quence.
849
850              If the mapping is file-backed and the file has been deleted, the
851              string " (deleted)" is appended to the pathname.  Note that this
852              is ambiguous too.
853
854              Under Linux 2.0, there is no field giving pathname.
855
856       /proc/[pid]/mem
857              This file can be used to access the pages of a process's  memory
858              through open(2), read(2), and lseek(2).
859
860              Permission  to  access  this file is governed by a ptrace access
861              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
862
863       /proc/[pid]/mountinfo (since Linux 2.6.26)
864              This file contains information about  mounts  in  the  process's
865              mount  namespace (see mount_namespaces(7)).  It supplies various
866              information (e.g., propagation state, root  of  mount  for  bind
867              mounts,  identifier for each mount and its parent) that is miss‐
868              ing from the (older) /proc/[pid]/mounts file, and fixes  various
869              other  problems  with that file (e.g., nonextensibility, failure
870              to distinguish per-mount versus per-superblock options).
871
872              The file contains lines of the form:
873
874              36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
875              (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
876
877              The numbers in parentheses are labels for the  descriptions  be‐
878              low:
879
880              (1)  mount  ID:  a  unique ID for the mount (may be reused after
881                   umount(2)).
882
883              (2)  parent ID: the ID of the parent mount (or of self  for  the
884                   root of this mount namespace's mount tree).
885
886                   If  a  new  mount  is stacked on top of a previous existing
887                   mount (so that it hides the existing mount) at pathname  P,
888                   then  the  parent of the new mount is the previous mount at
889                   that location.   Thus,  when  looking  at  all  the  mounts
890                   stacked at a particular location, the top-most mount is the
891                   one that is not the parent of any other mount at  the  same
892                   location.  (Note, however, that this top-most mount will be
893                   accessible only if the longest path subprefix of P that  is
894                   a mount point is not itself hidden by a stacked mount.)
895
896                   If  the parent mount lies outside the process's root direc‐
897                   tory (see chroot(2)), the ID shown here won't have a corre‐
898                   sponding  record  in  mountinfo  whose  mount  ID (field 1)
899                   matches this parent mount ID (because mounts that lie  out‐
900                   side   the  process's  root  directory  are  not  shown  in
901                   mountinfo).  As a special case of this point, the process's
902                   root  mount  may  have  a  parent  mount (for the initramfs
903                   filesystem) that lies outside the process's root directory,
904                   and an entry for that mount will not appear in mountinfo.
905
906              (3)  major:minor: the value of st_dev for files on this filesys‐
907                   tem (see stat(2)).
908
909              (4)  root: the pathname of the directory in the filesystem which
910                   forms the root of this mount.
911
912              (5)  mount  point:  the  pathname of the mount point relative to
913                   the process's root directory.
914
915              (6)  mount options: per-mount options (see mount(2)).
916
917              (7)  optional  fields:  zero  or  more  fields   of   the   form
918                   "tag[:value]"; see below.
919
920              (8)  separator:  the  end  of the optional fields is marked by a
921                   single hyphen.
922
923              (9)  filesystem  type:  the  filesystem   type   in   the   form
924                   "type[.subtype]".
925
926              (10) mount source: filesystem-specific information or "none".
927
928              (11) super options: per-superblock options (see mount(2)).
929
930              Currently,  the  possible  optional  fields  are shared, master,
931              propagate_from, and unbindable.  See mount_namespaces(7)  for  a
932              description of these fields.  Parsers should ignore all unrecog‐
933              nized optional fields.
934
935              For  more  information  on  mount  propagation  see:  Documenta‐
936              tion/filesystems/sharedsubtree.txt  in  the  Linux kernel source
937              tree.
938
939       /proc/[pid]/mounts (since Linux 2.4.19)
940              This file lists all the filesystems  currently  mounted  in  the
941              process's mount namespace (see mount_namespaces(7)).  The format
942              of this file is documented in fstab(5).
943
944              Since kernel version 2.6.15, this file is pollable: after  open‐
945              ing  the  file  for  reading,  a  change  in  this file (i.e., a
946              filesystem mount or unmount) causes select(2) to mark  the  file
947              descriptor  as  having an exceptional condition, and poll(2) and
948              epoll_wait(2) mark the file as having a  priority  event  (POLL‐
949              PRI).  (Before Linux 2.6.30, a change in this file was indicated
950              by the file descriptor being marked as readable  for  select(2),
951              and  being  marked  as having an error condition for poll(2) and
952              epoll_wait(2).)
953
954       /proc/[pid]/mountstats (since Linux 2.6.17)
955              This file exports information (statistics, configuration  infor‐
956              mation)  about  the mounts in the process's mount namespace (see
957              mount_namespaces(7)).  Lines in this file have the form:
958
959                  device /dev/sda7 mounted on /home with fstype ext3 [stats]
960                  (       1      )            ( 2 )             (3 ) (  4  )
961
962              The fields in each line are:
963
964              (1)  The name of the mounted device (or "nodevice" if  there  is
965                   no corresponding device).
966
967              (2)  The mount point within the filesystem tree.
968
969              (3)  The filesystem type.
970
971              (4)  Optional  statistics  and  configuration information.  Cur‐
972                   rently (as at Linux 2.6.26), only  NFS  filesystems  export
973                   information via this field.
974
975              This file is readable only by the owner of the process.
976
977       /proc/[pid]/net (since Linux 2.6.25)
978              See the description of /proc/net.
979
980       /proc/[pid]/ns/ (since Linux 3.0)
981              This  is  a subdirectory containing one entry for each namespace
982              that supports being manipulated by setns(2).  For more  informa‐
983              tion, see namespaces(7).
984
985       /proc/[pid]/numa_maps (since Linux 2.6.14)
986              See numa(7).
987
988       /proc/[pid]/oom_adj (since Linux 2.6.11)
989              This  file  can be used to adjust the score used to select which
990              process should be killed in an  out-of-memory  (OOM)  situation.
991              The  kernel  uses  this  value  for a bit-shift operation of the
992              process's oom_score value: valid values are in the range -16  to
993              +15,  plus the special value -17, which disables OOM-killing al‐
994              together for this process.  A positive score increases the like‐
995              lihood  of  this process being killed by the OOM-killer; a nega‐
996              tive score decreases the likelihood.
997
998              The default value for this file is 0; a new process inherits its
999              parent's   oom_adj   setting.   A  process  must  be  privileged
1000              (CAP_SYS_RESOURCE) to update this file.
1001
1002              Since Linux 2.6.36, use of this file is deprecated in  favor  of
1003              /proc/[pid]/oom_score_adj.
1004
1005       /proc/[pid]/oom_score (since Linux 2.6.11)
1006              This  file  displays  the current score that the kernel gives to
1007              this process for the purpose of selecting a process for the OOM-
1008              killer.  A higher score means that the process is more likely to
1009              be selected by the OOM-killer.  The basis for this score is  the
1010              amount  of memory used by the process, with increases (+) or de‐
1011              creases (-) for factors including:
1012
1013              * whether the process is privileged (-).
1014
1015              Before kernel 2.6.36 the following factors were also used in the
1016              calculation of oom_score:
1017
1018              * whether  the  process  creates a lot of children using fork(2)
1019                (+);
1020
1021              * whether the process has been running a long time, or has  used
1022                a lot of CPU time (-);
1023
1024              * whether the process has a low nice value (i.e., > 0) (+); and
1025
1026              * whether the process is making direct hardware access (-).
1027
1028              The  oom_score  also  reflects  the  adjustment specified by the
1029              oom_score_adj or oom_adj setting for the process.
1030
1031       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
1032              This file can be used to adjust the badness  heuristic  used  to
1033              select which process gets killed in out-of-memory conditions.
1034
1035              The  badness  heuristic  assigns  a value to each candidate task
1036              ranging from 0 (never kill) to 1000 (always kill)  to  determine
1037              which  process  is targeted.  The units are roughly a proportion
1038              along that range of allowed  memory  the  process  may  allocate
1039              from, based on an estimation of its current memory and swap use.
1040              For example, if a task is using all allowed memory, its  badness
1041              score  will be 1000.  If it is using half of its allowed memory,
1042              its score will be 500.
1043
1044              There is an additional factor included  in  the  badness  score:
1045              root processes are given 3% extra memory over other tasks.
1046
1047              The  amount  of "allowed" memory depends on the context in which
1048              the OOM-killer was called.  If it is due to the memory  assigned
1049              to  the  allocating  task's  cpuset being exhausted, the allowed
1050              memory represents the set of mems assigned to that  cpuset  (see
1051              cpuset(7)).   If  it  is  due to a mempolicy's node(s) being ex‐
1052              hausted, the allowed memory  represents  the  set  of  mempolicy
1053              nodes.   If  it  is  due to a memory limit (or swap limit) being
1054              reached, the allowed memory is that configured limit.   Finally,
1055              if  it  is due to the entire system being out of memory, the al‐
1056              lowed memory represents all allocatable resources.
1057
1058              The value of oom_score_adj is added to the badness score  before
1059              it  is  used to determine which task to kill.  Acceptable values
1060              range    from     -1000     (OOM_SCORE_ADJ_MIN)     to     +1000
1061              (OOM_SCORE_ADJ_MAX).   This  allows  user  space  to control the
1062              preference for OOM-killing, ranging  from  always  preferring  a
1063              certain  task  or completely disabling it from OOM-killing.  The
1064              lowest possible value, -1000, is equivalent  to  disabling  OOM-
1065              killing  entirely  for  that task, since it will always report a
1066              badness score of 0.
1067
1068              Consequently, it is very simple for user  space  to  define  the
1069              amount  of  memory  to  consider  for  each  task.   Setting  an
1070              oom_score_adj value of +500, for example, is roughly  equivalent
1071              to  allowing  the  remainder  of  tasks sharing the same system,
1072              cpuset, mempolicy, or memory  controller  resources  to  use  at
1073              least  50%  more  memory.   A  value of -500, on the other hand,
1074              would be roughly equivalent to discounting 50% of the task's al‐
1075              lowed memory from being considered as scoring against the task.
1076
1077              For    backward    compatibility    with    previous    kernels,
1078              /proc/[pid]/oom_adj can still be used to tune the badness score.
1079              Its value is scaled linearly with oom_score_adj.
1080
1081              Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will
1082              change the other with its scaled value.
1083
1084              The choom(1) program provides a command-line interface  for  ad‐
1085              justing  the oom_score_adj value of a running process or a newly
1086              executed command.
1087
1088       /proc/[pid]/pagemap (since Linux 2.6.25)
1089              This file shows the mapping of each  of  the  process's  virtual
1090              pages  into  physical page frames or swap area.  It contains one
1091              64-bit value for each virtual page, with the bits  set  as  fol‐
1092              lows:
1093
1094              63     If set, the page is present in RAM.
1095
1096              62     If set, the page is in swap space
1097
1098              61 (since Linux 3.5)
1099                     The  page  is  a  file-mapped  page or a shared anonymous
1100                     page.
1101
1102              60–57 (since Linux 3.11)
1103                     Zero
1104
1105              56 (since Linux 4.2)
1106                     The page is exclusively mapped.
1107
1108              55 (since Linux 3.11)
1109                     PTE is soft-dirty (see the kernel source file  Documenta‐
1110                     tion/admin-guide/mm/soft-dirty.rst).
1111
1112              54–0   If  the  page is present in RAM (bit 63), then these bits
1113                     provide the page frame number, which can be used to index
1114                     /proc/kpageflags  and  /proc/kpagecount.   If the page is
1115                     present in swap (bit 62), then bits  4–0  give  the  swap
1116                     type, and bits 54–5 encode the swap offset.
1117
1118              Before Linux 3.11, bits 60–55 were used to encode the base-2 log
1119              of the page size.
1120
1121              To employ /proc/[pid]/pagemap efficiently, use  /proc/[pid]/maps
1122              to  determine which areas of memory are actually mapped and seek
1123              to skip over unmapped regions.
1124
1125              The  /proc/[pid]/pagemap  file  is  present  only  if  the  CON‐
1126              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1127
1128              Permission  to  access  this file is governed by a ptrace access
1129              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1130
1131       /proc/[pid]/personality (since Linux 2.6.28)
1132              This read-only file exposes the process's execution  domain,  as
1133              set  by  personality(2).   The value is displayed in hexadecimal
1134              notation.
1135
1136              Permission to access this file is governed by  a  ptrace  access
1137              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1138
1139       /proc/[pid]/root
1140              UNIX  and  Linux  support  the idea of a per-process root of the
1141              filesystem, set by the chroot(2) system call.  This  file  is  a
1142              symbolic  link  that points to the process's root directory, and
1143              behaves in the same way as exe, and fd/*.
1144
1145              Note however that this file is not merely a symbolic  link.   It
1146              provides  the  same view of the filesystem (including namespaces
1147              and the set of per-process mounts) as the  process  itself.   An
1148              example  illustrates  this  point.   In one terminal, we start a
1149              shell in new user and mount namespaces, and  in  that  shell  we
1150              create some new mounts:
1151
1152                  $ PS1='sh1# ' unshare -Urnm
1153                  sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
1154                  sh1# mount --bind /usr /dev     # Mount /usr at /dev
1155                  sh1# echo $$
1156                  27123
1157
1158              In  a second terminal window, in the initial mount namespace, we
1159              look at the contents of the corresponding mounts in the  initial
1160              and new namespaces:
1161
1162                  $ PS1='sh2# ' sudo sh
1163                  sh2# ls /etc | wc -l                  # In initial NS
1164                  309
1165                  sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
1166                  0                                     # The empty tmpfs dir
1167                  sh2# ls /dev | wc -l                  # In initial NS
1168                  205
1169                  sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
1170                  11                                    # Actually bind
1171                                                        # mounted to /usr
1172                  sh2# ls /usr | wc -l                  # /usr in initial NS
1173                  11
1174
1175              In a multithreaded process, the contents of the /proc/[pid]/root
1176              symbolic link are not available if the main thread  has  already
1177              terminated (typically by calling pthread_exit(3)).
1178
1179              Permission  to  dereference  or read (readlink(2)) this symbolic
1180              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
1181              CREDS check; see ptrace(2).
1182
1183       /proc/[pid]/projid_map (since Linux 3.7)
1184              See user_namespaces(7).
1185
1186       /proc/[pid]/seccomp (Linux 2.6.12 to 2.6.22)
1187              This  file  can  be used to read and change the process's secure
1188              computing (seccomp) mode setting.  It contains the  value  0  if
1189              the  process  is not in seccomp mode, and 1 if the process is in
1190              strict seccomp mode (see seccomp(2)).  Writing 1  to  this  file
1191              places  the  process irreversibly in strict seccomp mode.  (Fur‐
1192              ther attempts to write to the file fail with the EPERM error.)
1193
1194              In Linux 2.6.23, this file went away,  to  be  replaced  by  the
1195              prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP operations (and later
1196              by seccomp(2) and the Seccomp field in /proc/[pid]/status).
1197
1198       /proc/[pid]/setgroups (since Linux 3.19)
1199              See user_namespaces(7).
1200
1201       /proc/[pid]/smaps (since Linux 2.6.14)
1202              This file shows memory consumption for  each  of  the  process's
1203              mappings.  (The pmap(1) command displays similar information, in
1204              a form that may be easier for parsing.)  For each mapping  there
1205              is a series of lines such as the following:
1206
1207                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
1208                  Size:                552 kB
1209                  Rss:                 460 kB
1210                  Pss:                 100 kB
1211                  Shared_Clean:        452 kB
1212                  Shared_Dirty:          0 kB
1213                  Private_Clean:         8 kB
1214                  Private_Dirty:         0 kB
1215                  Referenced:          460 kB
1216                  Anonymous:             0 kB
1217                  AnonHugePages:         0 kB
1218                  ShmemHugePages:        0 kB
1219                  ShmemPmdMapped:        0 kB
1220                  Swap:                  0 kB
1221                  KernelPageSize:        4 kB
1222                  MMUPageSize:           4 kB
1223                  KernelPageSize:        4 kB
1224                  MMUPageSize:           4 kB
1225                  Locked:                0 kB
1226                  ProtectionKey:         0
1227                  VmFlags: rd ex mr mw me dw
1228
1229              The  first  of these lines shows the same information as is dis‐
1230              played for the mapping in /proc/[pid]/maps.  The following lines
1231              show  the size of the mapping, the amount of the mapping that is
1232              currently resident in RAM ("Rss"),  the  process's  proportional
1233              share  of  this  mapping  ("Pss"), the number of clean and dirty
1234              shared pages in the mapping, and the number of clean  and  dirty
1235              private pages in the mapping.  "Referenced" indicates the amount
1236              of memory currently marked as referenced or  accessed.   "Anony‐
1237              mous"  shows  the  amount  of memory that does not belong to any
1238              file.  "Swap" shows how much would-be-anonymous memory  is  also
1239              used, but out on swap.
1240
1241              The  "KernelPageSize" line (available since Linux 2.6.29) is the
1242              page size used by the kernel to back the  virtual  memory  area.
1243              This  matches the size used by the MMU in the majority of cases.
1244              However, one counter-example occurs on PPC64 kernels  whereby  a
1245              kernel  using 64 kB as a base page size may still use 4 kB pages
1246              for the MMU on older processors.  To  distinguish  the  two  at‐
1247              tributes,  the  "MMUPageSize"  line  (also available since Linux
1248              2.6.29) reports the page size used by the MMU.
1249
1250              The "Locked" indicates whether the mapping is locked  in  memory
1251              or not.
1252
1253              The  "ProtectionKey"  line  (available  since  Linux 4.9, on x86
1254              only) contains the memory protection key (see pkeys(7))  associ‐
1255              ated  with  the virtual memory area.  This entry is present only
1256              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1257              TION_KEYS configuration option (since Linux 4.6).
1258
1259              The  "VmFlags"  line  (available since Linux 3.8) represents the
1260              kernel flags associated with the virtual  memory  area,  encoded
1261              using the following two-letter codes:
1262
1263                  rd  - readable
1264                  wr  - writable
1265                  ex  - executable
1266                  sh  - shared
1267                  mr  - may read
1268                  mw  - may write
1269                  me  - may execute
1270                  ms  - may share
1271                  gd  - stack segment grows down
1272                  pf  - pure PFN range
1273                  dw  - disabled write to the mapped file
1274                  lo  - pages are locked in memory
1275                  io  - memory mapped I/O area
1276                  sr  - sequential read advise provided
1277                  rr  - random read advise provided
1278                  dc  - do not copy area on fork
1279                  de  - do not expand area on remapping
1280                  ac  - area is accountable
1281                  nr  - swap space is not reserved for the area
1282                  ht  - area uses huge tlb pages
1283                  sf  - perform synchronous page faults (since Linux 4.15)
1284                  nl  - non-linear mapping (removed in Linux 4.0)
1285                  ar  - architecture specific flag
1286                  wf  - wipe on fork (since Linux 4.14)
1287                  dd  - do not include area into core dump
1288                  sd  - soft-dirty flag (since Linux 3.13)
1289                  mm  - mixed map area
1290                  hg  - huge page advise flag
1291                  nh  - no-huge page advise flag
1292                  mg  - mergeable advise flag
1293                  um  - userfaultfd missing pages tracking (since Linux 4.3)
1294                  uw  - userfaultfd wprotect pages tracking (since Linux 4.3)
1295
1296              The   /proc/[pid]/smaps   file  is  present  only  if  the  CON‐
1297              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1298
1299       /proc/[pid]/stack (since Linux 2.6.29)
1300              This file provides a symbolic trace of  the  function  calls  in
1301              this  process's kernel stack.  This file is provided only if the
1302              kernel was built with the  CONFIG_STACKTRACE  configuration  op‐
1303              tion.
1304
1305              Permission  to  access  this file is governed by a ptrace access
1306              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1307
1308       /proc/[pid]/stat
1309              Status information about the process.  This is  used  by  ps(1).
1310              It is defined in the kernel source file fs/proc/array.c.
1311
1312              The  fields,  in order, with their proper scanf(3) format speci‐
1313              fiers, are listed below.  Whether or not certain of these fields
1314              display  valid  information  is governed by a ptrace access mode
1315              PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT check  (refer  to
1316              ptrace(2)).  If the check denies access, then the field value is
1317              displayed as 0.  The affected  fields  are  indicated  with  the
1318              marking [PT].
1319
1320              (1) pid  %d
1321                     The process ID.
1322
1323              (2) comm  %s
1324                     The  filename of the executable, in parentheses.  Strings
1325                     longer than TASK_COMM_LEN (16) characters (including  the
1326                     terminating  null  byte) are silently truncated.  This is
1327                     visible whether or not the executable is swapped out.
1328
1329              (3) state  %c
1330                     One  of  the  following  characters,  indicating  process
1331                     state:
1332
1333                     R  Running
1334
1335                     S  Sleeping in an interruptible wait
1336
1337                     D  Waiting in uninterruptible disk sleep
1338
1339                     Z  Zombie
1340
1341                     T  Stopped  (on  a signal) or (before Linux 2.6.33) trace
1342                        stopped
1343
1344                     t  Tracing stop (Linux 2.6.33 onward)
1345
1346                     W  Paging (only before Linux 2.6.0)
1347
1348                     X  Dead (from Linux 2.6.0 onward)
1349
1350                     x  Dead (Linux 2.6.33 to 3.13 only)
1351
1352                     K  Wakekill (Linux 2.6.33 to 3.13 only)
1353
1354                     W  Waking (Linux 2.6.33 to 3.13 only)
1355
1356                     P  Parked (Linux 3.9 to 3.13 only)
1357
1358              (4) ppid  %d
1359                     The PID of the parent of this process.
1360
1361              (5) pgrp  %d
1362                     The process group ID of the process.
1363
1364              (6) session  %d
1365                     The session ID of the process.
1366
1367              (7) tty_nr  %d
1368                     The controlling terminal of the process.  (The minor  de‐
1369                     vice number is contained in the combination of bits 31 to
1370                     20 and 7 to 0; the major device number is in bits  15  to
1371                     8.)
1372
1373              (8) tpgid  %d
1374                     The ID of the foreground process group of the controlling
1375                     terminal of the process.
1376
1377              (9) flags  %u
1378                     The kernel flags word of the process.  For bit  meanings,
1379                     see  the PF_* defines in the Linux kernel source file in‐
1380                     clude/linux/sched.h.  Details depend on the  kernel  ver‐
1381                     sion.
1382
1383                     The format for this field was %lu before Linux 2.6.
1384
1385              (10) minflt  %lu
1386                     The  number  of  minor  faults the process has made which
1387                     have not required loading a memory page from disk.
1388
1389              (11) cminflt  %lu
1390                     The number of minor faults that the process's  waited-for
1391                     children have made.
1392
1393              (12) majflt  %lu
1394                     The  number  of  major  faults the process has made which
1395                     have required loading a memory page from disk.
1396
1397              (13) cmajflt  %lu
1398                     The number of major faults that the process's  waited-for
1399                     children have made.
1400
1401              (14) utime  %lu
1402                     Amount  of  time  that this process has been scheduled in
1403                     user  mode,  measured   in   clock   ticks   (divide   by
1404                     sysconf(_SC_CLK_TCK)).    This   includes   guest   time,
1405                     guest_time (time spent running a virtual CPU, see below),
1406                     so that applications that are not aware of the guest time
1407                     field do not lose that time from their calculations.
1408
1409              (15) stime  %lu
1410                     Amount of time that this process has  been  scheduled  in
1411                     kernel   mode,   measured   in  clock  ticks  (divide  by
1412                     sysconf(_SC_CLK_TCK)).
1413
1414              (16) cutime  %ld
1415                     Amount of time that this  process's  waited-for  children
1416                     have been scheduled in user mode, measured in clock ticks
1417                     (divide by sysconf(_SC_CLK_TCK)).  (See  also  times(2).)
1418                     This includes guest time, cguest_time (time spent running
1419                     a virtual CPU, see below).
1420
1421              (17) cstime  %ld
1422                     Amount of time that this  process's  waited-for  children
1423                     have  been  scheduled  in  kernel mode, measured in clock
1424                     ticks (divide by sysconf(_SC_CLK_TCK)).
1425
1426              (18) priority  %ld
1427                     (Explanation for Linux 2.6) For processes running a real-
1428                     time scheduling policy (policy below; see sched_setsched‐
1429                     uler(2)), this is the negated scheduling priority,  minus
1430                     one;  that  is,  a number in the range -2 to -100, corre‐
1431                     sponding to real-time priorities 1 to 99.  For  processes
1432                     running  under a non-real-time scheduling policy, this is
1433                     the raw nice value (setpriority(2)) as represented in the
1434                     kernel.   The kernel stores nice values as numbers in the
1435                     range 0 (high) to 39 (low), corresponding  to  the  user-
1436                     visible nice range of -20 to 19.
1437
1438                     Before  Linux  2.6,  this was a scaled value based on the
1439                     scheduler weighting given to this process.
1440
1441              (19) nice  %ld
1442                     The nice value (see setpriority(2)), a value in the range
1443                     19 (low priority) to -20 (high priority).
1444
1445              (20) num_threads  %ld
1446                     Number of threads in this process (since Linux 2.6).  Be‐
1447                     fore kernel 2.6, this field was hard  coded  to  0  as  a
1448                     placeholder for an earlier removed field.
1449
1450              (21) itrealvalue  %ld
1451                     The  time  in  jiffies before the next SIGALRM is sent to
1452                     the process due  to  an  interval  timer.   Since  kernel
1453                     2.6.17,  this  field is no longer maintained, and is hard
1454                     coded as 0.
1455
1456              (22) starttime  %llu
1457                     The time the process started after system boot.  In  ker‐
1458                     nels  before  Linux  2.6,  this  value  was  expressed in
1459                     jiffies.  Since Linux 2.6,  the  value  is  expressed  in
1460                     clock ticks (divide by sysconf(_SC_CLK_TCK)).
1461
1462                     The format for this field was %lu before Linux 2.6.
1463
1464              (23) vsize  %lu
1465                     Virtual memory size in bytes.
1466
1467              (24) rss  %ld
1468                     Resident  Set  Size:  number  of pages the process has in
1469                     real memory.  This is just the pages which  count  toward
1470                     text,  data, or stack space.  This does not include pages
1471                     which have  not  been  demand-loaded  in,  or  which  are
1472                     swapped    out.     This   value   is   inaccurate;   see
1473                     /proc/[pid]/statm below.
1474
1475              (25) rsslim  %lu
1476                     Current soft limit in bytes on the rss  of  the  process;
1477                     see the description of RLIMIT_RSS in getrlimit(2).
1478
1479              (26) startcode  %lu  [PT]
1480                     The address above which program text can run.
1481
1482              (27) endcode  %lu  [PT]
1483                     The address below which program text can run.
1484
1485              (28) startstack  %lu  [PT]
1486                     The address of the start (i.e., bottom) of the stack.
1487
1488              (29) kstkesp  %lu  [PT]
1489                     The current value of ESP (stack pointer), as found in the
1490                     kernel stack page for the process.
1491
1492              (30) kstkeip  %lu  [PT]
1493                     The current EIP (instruction pointer).
1494
1495              (31) signal  %lu
1496                     The bitmap of pending signals,  displayed  as  a  decimal
1497                     number.   Obsolete,  because it does not provide informa‐
1498                     tion on real-time  signals;  use  /proc/[pid]/status  in‐
1499                     stead.
1500
1501              (32) blocked  %lu
1502                     The  bitmap  of  blocked  signals, displayed as a decimal
1503                     number.  Obsolete, because it does not  provide  informa‐
1504                     tion  on  real-time  signals;  use /proc/[pid]/status in‐
1505                     stead.
1506
1507              (33) sigignore  %lu
1508                     The bitmap of ignored signals,  displayed  as  a  decimal
1509                     number.   Obsolete,  because it does not provide informa‐
1510                     tion on real-time  signals;  use  /proc/[pid]/status  in‐
1511                     stead.
1512
1513              (34) sigcatch  %lu
1514                     The bitmap of caught signals, displayed as a decimal num‐
1515                     ber.  Obsolete, because it does not  provide  information
1516                     on real-time signals; use /proc/[pid]/status instead.
1517
1518              (35) wchan  %lu  [PT]
1519                     This  is  the  "channel" in which the process is waiting.
1520                     It is the address of a location in the kernel  where  the
1521                     process is sleeping.  The corresponding symbolic name can
1522                     be found in /proc/[pid]/wchan.
1523
1524              (36) nswap  %lu
1525                     Number of pages swapped (not maintained).
1526
1527              (37) cnswap  %lu
1528                     Cumulative nswap for child processes (not maintained).
1529
1530              (38) exit_signal  %d  (since Linux 2.1.22)
1531                     Signal to be sent to parent when we die.
1532
1533              (39) processor  %d  (since Linux 2.2.8)
1534                     CPU number last executed on.
1535
1536              (40) rt_priority  %u  (since Linux 2.5.19)
1537                     Real-time scheduling priority, a number in the range 1 to
1538                     99  for  processes scheduled under a real-time policy, or
1539                     0,  for  non-real-time  processes  (see   sched_setsched‐
1540                     uler(2)).
1541
1542              (41) policy  %u  (since Linux 2.5.19)
1543                     Scheduling  policy  (see  sched_setscheduler(2)).  Decode
1544                     using the SCHED_* constants in linux/sched.h.
1545
1546                     The format for this field was %lu before Linux 2.6.22.
1547
1548              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
1549                     Aggregated block I/O  delays,  measured  in  clock  ticks
1550                     (centiseconds).
1551
1552              (43) guest_time  %lu  (since Linux 2.6.24)
1553                     Guest  time  of the process (time spent running a virtual
1554                     CPU for a guest  operating  system),  measured  in  clock
1555                     ticks (divide by sysconf(_SC_CLK_TCK)).
1556
1557              (44) cguest_time  %ld  (since Linux 2.6.24)
1558                     Guest  time  of the process's children, measured in clock
1559                     ticks (divide by sysconf(_SC_CLK_TCK)).
1560
1561              (45) start_data  %lu  (since Linux 3.3)  [PT]
1562                     Address above which program initialized and uninitialized
1563                     (BSS) data are placed.
1564
1565              (46) end_data  %lu  (since Linux 3.3)  [PT]
1566                     Address below which program initialized and uninitialized
1567                     (BSS) data are placed.
1568
1569              (47) start_brk  %lu  (since Linux 3.3)  [PT]
1570                     Address above which program heap  can  be  expanded  with
1571                     brk(2).
1572
1573              (48) arg_start  %lu  (since Linux 3.5)  [PT]
1574                     Address above which program command-line arguments (argv)
1575                     are placed.
1576
1577              (49) arg_end  %lu  (since Linux 3.5)  [PT]
1578                     Address below program command-line arguments  (argv)  are
1579                     placed.
1580
1581              (50) env_start  %lu  (since Linux 3.5)  [PT]
1582                     Address above which program environment is placed.
1583
1584              (51) env_end  %lu  (since Linux 3.5)  [PT]
1585                     Address below which program environment is placed.
1586
1587              (52) exit_code  %d  (since Linux 3.5)  [PT]
1588                     The  thread's  exit  status in the form reported by wait‐
1589                     pid(2).
1590
1591       /proc/[pid]/statm
1592              Provides information about memory usage, measured in pages.  The
1593              columns are:
1594
1595                  size       (1) total program size
1596                             (same as VmSize in /proc/[pid]/status)
1597                  resident   (2) resident set size
1598                             (inaccurate; same as VmRSS in /proc/[pid]/status)
1599                  shared     (3) number of resident shared pages
1600                             (i.e., backed by a file)
1601                             (inaccurate; same as RssFile+RssShmem in
1602                             /proc/[pid]/status)
1603                  text       (4) text (code)
1604                  lib        (5) library (unused since Linux 2.6; always 0)
1605                  data       (6) data + stack
1606                  dt         (7) dirty pages (unused since Linux 2.6; always 0)
1607
1608              Some of these values are inaccurate because of a kernel-internal
1609              scalability optimization.  If accurate values are required,  use
1610              /proc/[pid]/smaps or /proc/[pid]/smaps_rollup instead, which are
1611              much slower but provide accurate, detailed information.
1612
1613       /proc/[pid]/status
1614              Provides  much  of  the  information  in  /proc/[pid]/stat   and
1615              /proc/[pid]/statm in a format that's easier for humans to parse.
1616              Here's an example:
1617
1618                  $ cat /proc/$$/status
1619                  Name:   bash
1620                  Umask:  0022
1621                  State:  S (sleeping)
1622                  Tgid:   17248
1623                  Ngid:   0
1624                  Pid:    17248
1625                  PPid:   17200
1626                  TracerPid:      0
1627                  Uid:    1000    1000    1000    1000
1628                  Gid:    100     100     100     100
1629                  FDSize: 256
1630                  Groups: 16 33 100
1631                  NStgid: 17248
1632                  NSpid:  17248
1633                  NSpgid: 17248
1634                  NSsid:  17200
1635                  VmPeak:     131168 kB
1636                  VmSize:     131168 kB
1637                  VmLck:           0 kB
1638                  VmPin:           0 kB
1639                  VmHWM:       13484 kB
1640                  VmRSS:       13484 kB
1641                  RssAnon:     10264 kB
1642                  RssFile:      3220 kB
1643                  RssShmem:        0 kB
1644                  VmData:      10332 kB
1645                  VmStk:         136 kB
1646                  VmExe:         992 kB
1647                  VmLib:        2104 kB
1648                  VmPTE:          76 kB
1649                  VmPMD:          12 kB
1650                  VmSwap:          0 kB
1651                  HugetlbPages:          0 kB        # 4.4
1652                  CoreDumping:   0                       # 4.15
1653                  Threads:        1
1654                  SigQ:   0/3067
1655                  SigPnd: 0000000000000000
1656                  ShdPnd: 0000000000000000
1657                  SigBlk: 0000000000010000
1658                  SigIgn: 0000000000384004
1659                  SigCgt: 000000004b813efb
1660                  CapInh: 0000000000000000
1661                  CapPrm: 0000000000000000
1662                  CapEff: 0000000000000000
1663                  CapBnd: ffffffffffffffff
1664                  CapAmb:   0000000000000000
1665                  NoNewPrivs:     0
1666                  Seccomp:        0
1667                  Speculation_Store_Bypass:       vulnerable
1668                  Cpus_allowed:   00000001
1669                  Cpus_allowed_list:      0
1670                  Mems_allowed:   1
1671                  Mems_allowed_list:      0
1672                  voluntary_ctxt_switches:        150
1673                  nonvoluntary_ctxt_switches:     545
1674
1675              The fields are as follows:
1676
1677              Name   Command  run  by  this  process.   Strings  longer   than
1678                     TASK_COMM_LEN  (16) characters (including the terminating
1679                     null byte) are silently truncated.
1680
1681              Umask  Process umask, expressed in octal with  a  leading  zero;
1682                     see umask(2).  (Since Linux 4.7.)
1683
1684              State  Current  state  of the process.  One of "R (running)", "S
1685                     (sleeping)", "D (disk sleep)", "T (stopped)", "t (tracing
1686                     stop)", "Z (zombie)", or "X (dead)".
1687
1688              Tgid   Thread group ID (i.e., Process ID).
1689
1690              Ngid   NUMA group ID (0 if none; since Linux 3.13).
1691
1692              Pid    Thread ID (see gettid(2)).
1693
1694              PPid   PID of parent process.
1695
1696              TracerPid
1697                     PID  of  process  tracing  this  process  (0 if not being
1698                     traced).
1699
1700              Uid, Gid
1701                     Real, effective, saved set, and filesystem UIDs (GIDs).
1702
1703              FDSize Number of file descriptor slots currently allocated.
1704
1705              Groups Supplementary group list.
1706
1707              NStgid Thread group ID (i.e., PID) in each of the PID namespaces
1708                     of which [pid] is a member.  The leftmost entry shows the
1709                     value with respect to the PID namespace  of  the  process
1710                     that  mounted  this  procfs  (or  the  root  namespace if
1711                     mounted by the kernel), followed by the value in  succes‐
1712                     sively nested inner namespaces.  (Since Linux 4.1.)
1713
1714              NSpid  Thread ID in each of the PID namespaces of which [pid] is
1715                     a member.  The fields are ordered as for NStgid.   (Since
1716                     Linux 4.1.)
1717
1718              NSpgid Process  group  ID in each of the PID namespaces of which
1719                     [pid] is a member.  The fields are ordered as for NStgid.
1720                     (Since Linux 4.1.)
1721
1722              NSsid  descendant  namespace  session ID hierarchy Session ID in
1723                     each of the PID namespaces of which [pid]  is  a  member.
1724                     The fields are ordered as for NStgid.  (Since Linux 4.1.)
1725
1726              VmPeak Peak virtual memory size.
1727
1728              VmSize Virtual memory size.
1729
1730              VmLck  Locked memory size (see mlock(2)).
1731
1732              VmPin  Pinned  memory  size  (since Linux 3.2).  These are pages
1733                     that can't be moved because something needs  to  directly
1734                     access physical memory.
1735
1736              VmHWM  Peak  resident  set size ("high water mark").  This value
1737                     is inaccurate; see /proc/[pid]/statm above.
1738
1739              VmRSS  Resident set size.  Note that the value here is  the  sum
1740                     of RssAnon, RssFile, and RssShmem.  This value is inaccu‐
1741                     rate; see /proc/[pid]/statm above.
1742
1743              RssAnon
1744                     Size of resident anonymous memory.   (since  Linux  4.5).
1745                     This value is inaccurate; see /proc/[pid]/statm above.
1746
1747              RssFile
1748                     Size of resident file mappings.  (since Linux 4.5).  This
1749                     value is inaccurate; see /proc/[pid]/statm above.
1750
1751              RssShmem
1752                     Size of resident shared memory (includes System V  shared
1753                     memory, mappings from tmpfs(5), and shared anonymous map‐
1754                     pings).  (since Linux 4.5).
1755
1756              VmData, VmStk, VmExe
1757                     Size of data, stack, and text segments.   This  value  is
1758                     inaccurate; see /proc/[pid]/statm above.
1759
1760              VmLib  Shared library code size.
1761
1762              VmPTE  Page table entries size (since Linux 2.6.10).
1763
1764              VmPMD  Size of second-level page tables (added in Linux 4.0; re‐
1765                     moved in Linux 4.15).
1766
1767              VmSwap Swapped-out virtual  memory  size  by  anonymous  private
1768                     pages;  shmem  swap  usage  is  not included (since Linux
1769                     2.6.34).  This value is inaccurate; see /proc/[pid]/statm
1770                     above.
1771
1772              HugetlbPages
1773                     Size of hugetlb memory portions (since Linux 4.4).
1774
1775              CoreDumping
1776                     Contains  the value 1 if the process is currently dumping
1777                     core, and 0 if it is not (since Linux 4.15).  This infor‐
1778                     mation  can  be  used  by  a  monitoring process to avoid
1779                     killing a process that is currently dumping  core,  which
1780                     could result in a corrupted core dump file.
1781
1782              Threads
1783                     Number of threads in process containing this thread.
1784
1785              SigQ   This  field contains two slash-separated numbers that re‐
1786                     late to queued signals for  the  real  user  ID  of  this
1787                     process.   The  first of these is the number of currently
1788                     queued signals for this real user ID, and the  second  is
1789                     the  resource  limit  on the number of queued signals for
1790                     this process (see the description of RLIMIT_SIGPENDING in
1791                     getrlimit(2)).
1792
1793              SigPnd, ShdPnd
1794                     Mask  (expressed  in  hexadecimal) of signals pending for
1795                     thread and for process as a whole  (see  pthreads(7)  and
1796                     signal(7)).
1797
1798              SigBlk, SigIgn, SigCgt
1799                     Masks (expressed in hexadecimal) indicating signals being
1800                     blocked, ignored, and caught (see signal(7)).
1801
1802              CapInh, CapPrm, CapEff
1803                     Masks (expressed in hexadecimal) of capabilities  enabled
1804                     in  inheritable, permitted, and effective sets (see capa‐
1805                     bilities(7)).
1806
1807              CapBnd Capability bounding set, expressed in hexadecimal  (since
1808                     Linux 2.6.26, see capabilities(7)).
1809
1810              CapAmb Ambient  capability  set, expressed in hexadecimal (since
1811                     Linux 4.3, see capabilities(7)).
1812
1813              NoNewPrivs
1814                     Value of the no_new_privs  bit  (since  Linux  4.10,  see
1815                     prctl(2)).
1816
1817              Seccomp
1818                     Seccomp  mode  of  the process (since Linux 3.8, see sec‐
1819                     comp(2)).  0 means SECCOMP_MODE_DISABLED;  1  means  SEC‐
1820                     COMP_MODE_STRICT;   2  means  SECCOMP_MODE_FILTER.   This
1821                     field is provided only if the kernel was built  with  the
1822                     CONFIG_SECCOMP kernel configuration option enabled.
1823
1824              Speculation_Store_Bypass
1825                     Speculation  flaw mitigation state (since Linux 4.17, see
1826                     prctl(2)).
1827
1828              Cpus_allowed
1829                     Hexadecimal mask of CPUs on which this  process  may  run
1830                     (since Linux 2.6.24, see cpuset(7)).
1831
1832              Cpus_allowed_list
1833                     Same  as  previous,  but  in  "list  format" (since Linux
1834                     2.6.26, see cpuset(7)).
1835
1836              Mems_allowed
1837                     Mask of memory nodes allowed to this process (since Linux
1838                     2.6.24, see cpuset(7)).
1839
1840              Mems_allowed_list
1841                     Same  as  previous,  but  in  "list  format" (since Linux
1842                     2.6.26, see cpuset(7)).
1843
1844              voluntary_ctxt_switches, nonvoluntary_ctxt_switches
1845                     Number of  voluntary  and  involuntary  context  switches
1846                     (since Linux 2.6.23).
1847
1848       /proc/[pid]/syscall (since Linux 2.6.27)
1849              This  file exposes the system call number and argument registers
1850              for the system call currently being  executed  by  the  process,
1851              followed  by the values of the stack pointer and program counter
1852              registers.  The values of all six  argument  registers  are  ex‐
1853              posed, although most system calls use fewer registers.
1854
1855              If  the  process  is blocked, but not in a system call, then the
1856              file displays -1 in place of the system call number, followed by
1857              just  the  values  of the stack pointer and program counter.  If
1858              process is not blocked, then the file contains just  the  string
1859              "running".
1860
1861              This file is present only if the kernel was configured with CON‐
1862              FIG_HAVE_ARCH_TRACEHOOK.
1863
1864              Permission to access this file is governed by  a  ptrace  access
1865              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1866
1867       /proc/[pid]/task (since Linux 2.6.0)
1868              This  is  a  directory  that  contains one subdirectory for each
1869              thread in the process.  The name of each subdirectory is the nu‐
1870              merical thread ID ([tid]) of the thread (see gettid(2)).
1871
1872              Within  each  of  these  subdirectories, there is a set of files
1873              with the same names and contents as under the /proc/[pid] direc‐
1874              tories.  For attributes that are shared by all threads, the con‐
1875              tents for each of the files under the task/[tid]  subdirectories
1876              will  be  the  same  as  in the corresponding file in the parent
1877              /proc/[pid] directory (e.g., in a multithreaded process, all  of
1878              the  task/[tid]/cwd  files  will  have  the  same  value  as the
1879              /proc/[pid]/cwd file in the parent directory, since all  of  the
1880              threads in a process share a working directory).  For attributes
1881              that are distinct for each thread, the corresponding files under
1882              task/[tid]  may  have  different values (e.g., various fields in
1883              each of the task/[tid]/status files may be  different  for  each
1884              thread), or they might not exist in /proc/[pid] at all.
1885
1886              In a multithreaded process, the contents of the /proc/[pid]/task
1887              directory are not available if the main thread has already  ter‐
1888              minated (typically by calling pthread_exit(3)).
1889
1890       /proc/[pid]/task/[tid]/children (since Linux 3.5)
1891              A  space-separated list of child tasks of this task.  Each child
1892              task is represented by its TID.
1893
1894              This option is intended for use by the checkpoint-restore (CRIU)
1895              system,  and reliably provides a list of children only if all of
1896              the child processes are stopped or frozen.   It  does  not  work
1897              properly  if  children of the target task exit while the file is
1898              being read!  Exiting children may cause non-exiting children  to
1899              be  omitted  from the list.  This makes this interface even more
1900              unreliable than classic PID-based approaches  if  the  inspected
1901              task and its children aren't frozen, and most code should proba‐
1902              bly not use this interface.
1903
1904              Until Linux 4.2, the presence of this file was governed  by  the
1905              CONFIG_CHECKPOINT_RESTORE  kernel  configuration  option.  Since
1906              Linux 4.2, it is governed by the CONFIG_PROC_CHILDREN option.
1907
1908       /proc/[pid]/timers (since Linux 3.10)
1909              A list of the POSIX timers for  this  process.   Each  timer  is
1910              listed with a line that starts with the string "ID:".  For exam‐
1911              ple:
1912
1913                  ID: 1
1914                  signal: 60/00007fff86e452a8
1915                  notify: signal/pid.2634
1916                  ClockID: 0
1917                  ID: 0
1918                  signal: 60/00007fff86e452a8
1919                  notify: signal/pid.2634
1920                  ClockID: 1
1921
1922              The lines shown for each timer have the following meanings:
1923
1924              ID     The ID for this timer.  This is not the same as the timer
1925                     ID  returned  by  timer_create(2); rather, it is the same
1926                     kernel-internal ID that is available via  the  si_timerid
1927                     field of the siginfo_t structure (see sigaction(2)).
1928
1929              signal This is the signal number that this timer uses to deliver
1930                     notifications  followed  by  a  slash,   and   then   the
1931                     sigev_value  value supplied to the signal handler.  Valid
1932                     only for timers that notify via a signal.
1933
1934              notify The part before the slash specifies  the  mechanism  that
1935                     this  timer  uses to deliver notifications, and is one of
1936                     "thread", "signal", or "none".  Immediately following the
1937                     slash   is  either  the  string  "tid"  for  timers  with
1938                     SIGEV_THREAD_ID notification, or "pid"  for  timers  that
1939                     notify by other mechanisms.  Following the "." is the PID
1940                     of the process (or the kernel thread ID  of  the  thread)
1941                     that will be delivered a signal if the timer delivers no‐
1942                     tifications via a signal.
1943
1944              ClockID
1945                     This field identifies the clock that the timer  uses  for
1946                     measuring  time.   For most clocks, this is a number that
1947                     matches one of the user-space CLOCK_*  constants  exposed
1948                     via  <time.h>.   CLOCK_PROCESS_CPUTIME_ID  timers display
1949                     with    a    value    of    -6     in     this     field.
1950                     CLOCK_THREAD_CPUTIME_ID timers display with a value of -2
1951                     in this field.
1952
1953              This file is available only when the kernel was configured  with
1954              CONFIG_CHECKPOINT_RESTORE.
1955
1956       /proc/[pid]/timerslack_ns (since Linux 4.6)
1957              This file exposes the process's "current" timer slack value, ex‐
1958              pressed in nanoseconds.  The  file  is  writable,  allowing  the
1959              process's  timer  slack  value to be changed.  Writing 0 to this
1960              file resets the "current" timer slack  to  the  "default"  timer
1961              slack  value.   For  further  details,  see  the  discussion  of
1962              PR_SET_TIMERSLACK in prctl(2).
1963
1964              Initially, permission to access this  file  was  governed  by  a
1965              ptrace   access   mode   PTRACE_MODE_ATTACH_FSCREDS  check  (see
1966              ptrace(2)).  However, this was subsequently deemed too strict  a
1967              requirement (and had the side effect that requiring a process to
1968              have the CAP_SYS_PTRACE capability would also allow it  to  view
1969              and  change  any process's memory).  Therefore, since Linux 4.9,
1970              only the (weaker) CAP_SYS_NICE capability is required to  access
1971              this file.
1972
1973       /proc/[pid]/uid_map (since Linux 3.5)
1974              See user_namespaces(7).
1975
1976       /proc/[pid]/wchan (since Linux 2.6.0)
1977              The  symbolic  name  corresponding to the location in the kernel
1978              where the process is sleeping.
1979
1980              Permission to access this file is governed by  a  ptrace  access
1981              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1982
1983       /proc/[tid]
1984              There   is a numerical subdirectory for each running thread that
1985              is not a thread group leader (i.e., a thread whose thread ID  is
1986              not  the  same  as its process ID); the subdirectory is named by
1987              the thread ID.  Each one of these subdirectories contains  files
1988              and  subdirectories  exposing  information about the thread with
1989              the thread ID tid.  The contents of these  directories  are  the
1990              same as the corresponding /proc/[pid]/task/[tid] directories.
1991
1992              The  /proc/[tid]  subdirectories  are not visible when iterating
1993              through /proc with getdents(2) (and thus are  not  visible  when
1994              one  uses  ls(1)  to  view the contents of /proc).  However, the
1995              pathnames of these directories are visible to (i.e.,  usable  as
1996              arguments in) system calls that operate on pathnames.
1997
1998       /proc/apm
1999              Advanced  power  management version and battery information when
2000              CONFIG_APM is defined at kernel compilation time.
2001
2002       /proc/buddyinfo
2003              This file contains information which is used for diagnosing mem‐
2004              ory fragmentation issues.  Each line starts with the identifica‐
2005              tion of the node and the name of the zone which  together  iden‐
2006              tify  a  memory  region.   This is then followed by the count of
2007              available chunks of a certain order in  which  these  zones  are
2008              split.   The  size  in  bytes of a certain order is given by the
2009              formula:
2010
2011                  (2^order) * PAGE_SIZE
2012
2013              The binary buddy allocator  algorithm  inside  the  kernel  will
2014              split  one  chunk  into two chunks of a smaller order (thus with
2015              half the size) or combine two contiguous chunks into one  larger
2016              chunk  of  a higher order (thus with double the size) to satisfy
2017              allocation requests and to counter  memory  fragmentation.   The
2018              order matches the column number, when starting to count at zero.
2019
2020              For example on an x86-64 system:
2021         Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
2022         Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
2023         Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
2024
2025              In  this  example,  there is one node containing three zones and
2026              there are 11 different chunk sizes.  If the page size is 4 kilo‐
2027              bytes,  then  the  first  zone  called  DMA (on x86 the first 16
2028              megabyte of memory) has 1 chunk of 4 kilobytes (order 0)  avail‐
2029              able and has 3 chunks of 4 megabytes (order 10) available.
2030
2031              If the memory is heavily fragmented, the counters for higher or‐
2032              der chunks will be zero and allocation of large contiguous areas
2033              will fail.
2034
2035              Further  information about the zones can be found in /proc/zone‐
2036              info.
2037
2038       /proc/bus
2039              Contains subdirectories for installed busses.
2040
2041       /proc/bus/pccard
2042              Subdirectory for PCMCIA devices when  CONFIG_PCMCIA  is  set  at
2043              kernel compilation time.
2044
2045       /proc/bus/pccard/drivers
2046
2047       /proc/bus/pci
2048              Contains  various bus subdirectories and pseudo-files containing
2049              information about PCI  busses,  installed  devices,  and  device
2050              drivers.  Some of these files are not ASCII.
2051
2052       /proc/bus/pci/devices
2053              Information  about  PCI  devices.   They may be accessed through
2054              lspci(8) and setpci(8).
2055
2056       /proc/cgroups (since Linux 2.6.24)
2057              See cgroups(7).
2058
2059       /proc/cmdline
2060              Arguments passed to the Linux kernel at boot time.   Often  done
2061              via a boot manager such as lilo(8) or grub(8).
2062
2063       /proc/config.gz (since Linux 2.6)
2064              This  file  exposes  the configuration options that were used to
2065              build the currently running kernel, in the same format  as  they
2066              would  be shown in the .config file that resulted when configur‐
2067              ing the kernel (using make xconfig, make  config,  or  similar).
2068              The  file  contents  are  compressed;  view or search them using
2069              zcat(1) and zgrep(1).  As long as no changes have been  made  to
2070              the following file, the contents of /proc/config.gz are the same
2071              as those provided by:
2072
2073                  cat /lib/modules/$(uname -r)/build/.config
2074
2075              /proc/config.gz is provided only if  the  kernel  is  configured
2076              with CONFIG_IKCONFIG_PROC.
2077
2078       /proc/crypto
2079              A  list  of  the ciphers provided by the kernel crypto API.  For
2080              details, see the kernel Linux Kernel  Crypto  API  documentation
2081              available   under   the   kernel   source  directory  Documenta‐
2082              tion/crypto/ (or Documentation/DocBook before 4.10; the documen‐
2083              tation can be built using a command such as make htmldocs in the
2084              root directory of the kernel source tree).
2085
2086       /proc/cpuinfo
2087              This is a collection of CPU and  system  architecture  dependent
2088              items,  for  each  supported architecture a different list.  Two
2089              common entries are processor which  gives  CPU  number  and  bo‐
2090              gomips;  a system constant that is calculated during kernel ini‐
2091              tialization.  SMP machines have information for each  CPU.   The
2092              lscpu(1) command gathers its information from this file.
2093
2094       /proc/devices
2095              Text  listing  of  major numbers and device groups.  This can be
2096              used by MAKEDEV scripts for consistency with the kernel.
2097
2098       /proc/diskstats (since Linux 2.5.69)
2099              This file contains disk I/O statistics  for  each  disk  device.
2100              See  the  Linux kernel source file Documentation/iostats.txt for
2101              further information.
2102
2103       /proc/dma
2104              This is a list of the registered ISA DMA (direct memory  access)
2105              channels in use.
2106
2107       /proc/driver
2108              Empty subdirectory.
2109
2110       /proc/execdomains
2111              List of the execution domains (ABI personalities).
2112
2113       /proc/fb
2114              Frame buffer information when CONFIG_FB is defined during kernel
2115              compilation.
2116
2117       /proc/filesystems
2118              A text listing of the filesystems which  are  supported  by  the
2119              kernel,  namely  filesystems which were compiled into the kernel
2120              or  whose  kernel  modules  are  currently  loaded.   (See  also
2121              filesystems(5).)   If  a filesystem is marked with "nodev", this
2122              means that it does not require a  block  device  to  be  mounted
2123              (e.g., virtual filesystem, network filesystem).
2124
2125              Incidentally, this file may be used by mount(8) when no filesys‐
2126              tem is specified and it didn't manage to determine the  filesys‐
2127              tem  type.   Then  filesystems  contained in this file are tried
2128              (excepted those that are marked with "nodev").
2129
2130       /proc/fs
2131              Contains subdirectories that in turn contain files with informa‐
2132              tion about (certain) mounted filesystems.
2133
2134       /proc/ide
2135              This  directory  exists  on systems with the IDE bus.  There are
2136              directories for each IDE channel and attached device.  Files in‐
2137              clude:
2138
2139                  cache              buffer size in KB
2140                  capacity           number of sectors
2141                  driver             driver version
2142                  geometry           physical and logical geometry
2143                  identify           in hexadecimal
2144                  media              media type
2145                  model              manufacturer's model number
2146                  settings           drive settings
2147                  smart_thresholds   IDE disk management thresholds (in hex)
2148                  smart_values       IDE disk management values (in hex)
2149
2150              The  hdparm(8)  utility provides access to this information in a
2151              friendly format.
2152
2153       /proc/interrupts
2154              This is used to record the number of interrupts per CPU  per  IO
2155              device.   Since  Linux 2.6.24, for the i386 and x86-64 architec‐
2156              tures, at least, this also includes interrupts internal  to  the
2157              system  (that is, not associated with a device as such), such as
2158              NMI (nonmaskable interrupt), LOC (local  timer  interrupt),  and
2159              for  SMP  systems,  TLB (TLB flush interrupt), RES (rescheduling
2160              interrupt), CAL (remote function call interrupt),  and  possibly
2161              others.  Very easy to read formatting, done in ASCII.
2162
2163       /proc/iomem
2164              I/O memory map in Linux 2.4.
2165
2166       /proc/ioports
2167              This is a list of currently registered Input-Output port regions
2168              that are in use.
2169
2170       /proc/kallsyms (since Linux 2.5.71)
2171              This holds the kernel exported symbol definitions  used  by  the
2172              modules(X)  tools to dynamically link and bind loadable modules.
2173              In Linux 2.5.47 and earlier, a similar file with  slightly  dif‐
2174              ferent syntax was named ksyms.
2175
2176       /proc/kcore
2177              This  file  represents  the physical memory of the system and is
2178              stored in the ELF core file format.  With this pseudo-file,  and
2179              an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be
2180              used to examine the current state of any kernel data structures.
2181
2182              The total length of the file is  the  size  of  physical  memory
2183              (RAM) plus 4 KiB.
2184
2185       /proc/keys (since Linux 2.6.10)
2186              See keyrings(7).
2187
2188       /proc/key-users (since Linux 2.6.10)
2189              See keyrings(7).
2190
2191       /proc/kmsg
2192              This  file  can  be used instead of the syslog(2) system call to
2193              read kernel messages.  A process must have superuser  privileges
2194              to  read  this file, and only one process should read this file.
2195              This file should not be read if  a  syslog  process  is  running
2196              which uses the syslog(2) system call facility to log kernel mes‐
2197              sages.
2198
2199              Information in this file is retrieved with the dmesg(1) program.
2200
2201       /proc/kpagecgroup (since Linux 4.3)
2202              This file contains a 64-bit inode number of  the  memory  cgroup
2203              each  page  is charged to, indexed by page frame number (see the
2204              discussion of /proc/[pid]/pagemap).
2205
2206              The /proc/kpagecgroup file is present only if  the  CONFIG_MEMCG
2207              kernel configuration option is enabled.
2208
2209       /proc/kpagecount (since Linux 2.6.25)
2210              This  file  contains  a 64-bit count of the number of times each
2211              physical page frame is mapped, indexed by page frame number (see
2212              the discussion of /proc/[pid]/pagemap).
2213
2214              The   /proc/kpagecount   file   is  present  only  if  the  CON‐
2215              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2216
2217       /proc/kpageflags (since Linux 2.6.25)
2218              This file contains 64-bit masks corresponding to  each  physical
2219              page  frame; it is indexed by page frame number (see the discus‐
2220              sion of /proc/[pid]/pagemap).  The bits are as follows:
2221
2222                   0 - KPF_LOCKED
2223                   1 - KPF_ERROR
2224                   2 - KPF_REFERENCED
2225                   3 - KPF_UPTODATE
2226                   4 - KPF_DIRTY
2227                   5 - KPF_LRU
2228                   6 - KPF_ACTIVE
2229                   7 - KPF_SLAB
2230                   8 - KPF_WRITEBACK
2231                   9 - KPF_RECLAIM
2232                  10 - KPF_BUDDY
2233                  11 - KPF_MMAP           (since Linux 2.6.31)
2234                  12 - KPF_ANON           (since Linux 2.6.31)
2235                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
2236                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
2237                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
2238                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
2239                  17 - KPF_HUGE           (since Linux 2.6.31)
2240                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
2241                  19 - KPF_HWPOISON       (since Linux 2.6.31)
2242                  20 - KPF_NOPAGE         (since Linux 2.6.31)
2243                  21 - KPF_KSM            (since Linux 2.6.32)
2244                  22 - KPF_THP            (since Linux 3.4)
2245                  23 - KPF_BALLOON        (since Linux 3.18)
2246                  24 - KPF_ZERO_PAGE      (since Linux 4.0)
2247                  25 - KPF_IDLE           (since Linux 4.3)
2248
2249              For further details on the meanings of these bits, see the  ker‐
2250              nel  source  file Documentation/admin-guide/mm/pagemap.rst.  Be‐
2251              fore kernel 2.6.29, KPF_WRITEBACK, KPF_RECLAIM,  KPF_BUDDY,  and
2252              KPF_LOCKED did not report correctly.
2253
2254              The   /proc/kpageflags   file   is  present  only  if  the  CON‐
2255              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2256
2257       /proc/ksyms (Linux 1.1.23–2.5.47)
2258              See /proc/kallsyms.
2259
2260       /proc/loadavg
2261              The first three fields in this file  are  load  average  figures
2262              giving  the number of jobs in the run queue (state R) or waiting
2263              for disk I/O (state D) averaged over 1, 5, and 15 minutes.  They
2264              are  the same as the load average numbers given by uptime(1) and
2265              other programs.  The fourth field consists of two numbers  sepa‐
2266              rated  by a slash (/).  The first of these is the number of cur‐
2267              rently runnable kernel scheduling entities (processes, threads).
2268              The value after the slash is the number of kernel scheduling en‐
2269              tities that currently exist on the system.  The fifth  field  is
2270              the  PID  of  the  process that was most recently created on the
2271              system.
2272
2273       /proc/locks
2274              This file shows current file locks (flock(2) and  fcntl(2))  and
2275              leases (fcntl(2)).
2276
2277              An example of the content shown in this file is the following:
2278
2279                  1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2280                  2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
2281                  3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
2282                  4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
2283                  5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
2284                  6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
2285                  7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
2286                  8: OFDLCK ADVISORY  WRITE -1 08:01:8713209 128 191
2287
2288              The fields shown in each line are as follows:
2289
2290              (1) The ordinal position of the lock in the list.
2291
2292              (2) The lock type.  Values that may appear here include:
2293
2294                  FLOCK  This is a BSD file lock created using flock(2).
2295
2296                  OFDLCK This  is  an open file description (OFD) lock created
2297                         using fcntl(2).
2298
2299                  POSIX  This is a POSIX byte-range  lock  created  using  fc‐
2300                         ntl(2).
2301
2302              (3) Among the strings that can appear here are the following:
2303
2304                  ADVISORY
2305                         This is an advisory lock.
2306
2307                  MANDATORY
2308                         This is a mandatory lock.
2309
2310              (4) The type of lock.  Values that can appear here are:
2311
2312                  READ   This  is  a  POSIX  or OFD read lock, or a BSD shared
2313                         lock.
2314
2315                  WRITE  This is a POSIX or OFD write lock, or a BSD exclusive
2316                         lock.
2317
2318              (5) The PID of the process that owns the lock.
2319
2320                  Because  OFD  locks are not owned by a single process (since
2321                  multiple processes may have file descriptors that  refer  to
2322                  the  same  open file description), the value -1 is displayed
2323                  in this field for OFD locks.  (Before  kernel  4.14,  a  bug
2324                  meant  that  the  PID of the process that initially acquired
2325                  the lock was displayed instead of the value -1.)
2326
2327              (6) Three colon-separated subfields that identify the major  and
2328                  minor  device  ID  of  the  device containing the filesystem
2329                  where the locked file resides, followed by the inode  number
2330                  of the locked file.
2331
2332              (7) The  byte  offset  of  the  first byte of the lock.  For BSD
2333                  locks, this value is always 0.
2334
2335              (8) The byte offset of the last byte of the lock.  EOF  in  this
2336                  field  means  that  the lock extends to the end of the file.
2337                  For BSD locks, the value shown is always EOF.
2338
2339              Since Linux 4.9, the list of locks shown in /proc/locks is  fil‐
2340              tered  to show just the locks for the processes in the PID name‐
2341              space (see pid_namespaces(7)) for which the /proc filesystem was
2342              mounted.   (In  the initial PID namespace, there is no filtering
2343              of the records shown in this file.)
2344
2345              The lslocks(8) command provides a  bit  more  information  about
2346              each lock.
2347
2348       /proc/malloc (only up to and including Linux 2.2)
2349              This  file  is  present  only if CONFIG_DEBUG_MALLOC was defined
2350              during compilation.
2351
2352       /proc/meminfo
2353              This file reports statistics about memory usage on  the  system.
2354              It is used by free(1) to report the amount of free and used mem‐
2355              ory (both physical and swap) on the system as well as the shared
2356              memory  and  buffers  used by the kernel.  Each line of the file
2357              consists of a parameter name, followed by a colon, the value  of
2358              the  parameter,  and an option unit of measurement (e.g., "kB").
2359              The list below describes the  parameter  names  and  the  format
2360              specifier required to read the field value.  Except as noted be‐
2361              low, all of the fields have been present since  at  least  Linux
2362              2.6.0.  Some fields are displayed only if the kernel was config‐
2363              ured with various options; those dependencies are noted  in  the
2364              list.
2365
2366              MemTotal %lu
2367                     Total usable RAM (i.e., physical RAM minus a few reserved
2368                     bits and the kernel binary code).
2369
2370              MemFree %lu
2371                     The sum of LowFree+HighFree.
2372
2373              MemAvailable %lu (since Linux 3.14)
2374                     An estimate of how much memory is available for  starting
2375                     new applications, without swapping.
2376
2377              Buffers %lu
2378                     Relatively  temporary  storage  for  raw disk blocks that
2379                     shouldn't get tremendously large (20 MB or so).
2380
2381              Cached %lu
2382                     In-memory cache for files read from the  disk  (the  page
2383                     cache).  Doesn't include SwapCached.
2384
2385              SwapCached %lu
2386                     Memory  that once was swapped out, is swapped back in but
2387                     still also is in the swap file.  (If memory  pressure  is
2388                     high,  these pages don't need to be swapped out again be‐
2389                     cause they are already in  the  swap  file.   This  saves
2390                     I/O.)
2391
2392              Active %lu
2393                     Memory  that  has been used more recently and usually not
2394                     reclaimed unless absolutely necessary.
2395
2396              Inactive %lu
2397                     Memory which has been less recently used.  It is more el‐
2398                     igible to be reclaimed for other purposes.
2399
2400              Active(anon) %lu (since Linux 2.6.28)
2401                     [To be documented.]
2402
2403              Inactive(anon) %lu (since Linux 2.6.28)
2404                     [To be documented.]
2405
2406              Active(file) %lu (since Linux 2.6.28)
2407                     [To be documented.]
2408
2409              Inactive(file) %lu (since Linux 2.6.28)
2410                     [To be documented.]
2411
2412              Unevictable %lu (since Linux 2.6.28)
2413                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was
2414                     required.)  [To be documented.]
2415
2416              Mlocked %lu (since Linux 2.6.28)
2417                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU  was
2418                     required.)  [To be documented.]
2419
2420              HighTotal %lu
2421                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2422                     Total amount of highmem.  Highmem  is  all  memory  above
2423                     ~860 MB of physical memory.  Highmem areas are for use by
2424                     user-space programs, or for the page cache.   The  kernel
2425                     must  use  tricks to access this memory, making it slower
2426                     to access than lowmem.
2427
2428              HighFree %lu
2429                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2430                     Amount of free highmem.
2431
2432              LowTotal %lu
2433                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2434                     Total amount of lowmem.  Lowmem is memory  which  can  be
2435                     used  for everything that highmem can be used for, but it
2436                     is also available for the kernel's use for its  own  data
2437                     structures.   Among many other things, it is where every‐
2438                     thing from Slab is allocated.   Bad  things  happen  when
2439                     you're out of lowmem.
2440
2441              LowFree %lu
2442                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2443                     Amount of free lowmem.
2444
2445              MmapCopy %lu (since Linux 2.6.29)
2446                     (CONFIG_MMU is required.)  [To be documented.]
2447
2448              SwapTotal %lu
2449                     Total amount of swap space available.
2450
2451              SwapFree %lu
2452                     Amount of swap space that is currently unused.
2453
2454              Dirty %lu
2455                     Memory which is waiting to get written back to the disk.
2456
2457              Writeback %lu
2458                     Memory which is actively being written back to the disk.
2459
2460              AnonPages %lu (since Linux 2.6.18)
2461                     Non-file backed pages mapped into user-space page tables.
2462
2463              Mapped %lu
2464                     Files which have been mapped into memory (with  mmap(2)),
2465                     such as libraries.
2466
2467              Shmem %lu (since Linux 2.6.32)
2468                     Amount of memory consumed in tmpfs(5) filesystems.
2469
2470              KReclaimable %lu (since Linux 4.20)
2471                     Kernel  allocations  that  the kernel will attempt to re‐
2472                     claim under memory pressure.  Includes SReclaimable  (be‐
2473                     low), and other direct allocations with a shrinker.
2474
2475              Slab %lu
2476                     In-kernel data structures cache.  (See slabinfo(5).)
2477
2478              SReclaimable %lu (since Linux 2.6.19)
2479                     Part of Slab, that might be reclaimed, such as caches.
2480
2481              SUnreclaim %lu (since Linux 2.6.19)
2482                     Part  of  Slab,  that cannot be reclaimed on memory pres‐
2483                     sure.
2484
2485              KernelStack %lu (since Linux 2.6.32)
2486                     Amount of memory allocated to kernel stacks.
2487
2488              PageTables %lu (since Linux 2.6.18)
2489                     Amount of memory dedicated to the lowest  level  of  page
2490                     tables.
2491
2492              Quicklists %lu (since Linux 2.6.27)
2493                     (CONFIG_QUICKLIST is required.)  [To be documented.]
2494
2495              NFS_Unstable %lu (since Linux 2.6.18)
2496                     NFS  pages  sent  to the server, but not yet committed to
2497                     stable storage.
2498
2499              Bounce %lu (since Linux 2.6.18)
2500                     Memory used for block device "bounce buffers".
2501
2502              WritebackTmp %lu (since Linux 2.6.26)
2503                     Memory used by FUSE for temporary writeback buffers.
2504
2505              CommitLimit %lu (since Linux 2.6.10)
2506                     This is the total amount of memory currently available to
2507                     be allocated on the system, expressed in kilobytes.  This
2508                     limit is adhered to only if strict overcommit  accounting
2509                     is  enabled  (mode  2 in /proc/sys/vm/overcommit_memory).
2510                     The limit is calculated  according  to  the  formula  de‐
2511                     scribed  under  /proc/sys/vm/overcommit_memory.  For fur‐
2512                     ther details,  see  the  kernel  source  file  Documenta‐
2513                     tion/vm/overcommit-accounting.rst.
2514
2515              Committed_AS %lu
2516                     The  amount  of memory presently allocated on the system.
2517                     The committed memory is a sum of all of the memory  which
2518                     has  been allocated by processes, even if it has not been
2519                     "used" by them as of yet.  A process which allocates 1 GB
2520                     of  memory (using malloc(3) or similar), but touches only
2521                     300 MB of that memory will show up as using only  300  MB
2522                     of  memory even if it has the address space allocated for
2523                     the entire 1 GB.
2524
2525                     This 1 GB is memory which has been "committed" to by  the
2526                     VM and can be used at any time by the allocating applica‐
2527                     tion.  With strict overcommit enabled on the system (mode
2528                     2  in  /proc/sys/vm/overcommit_memory), allocations which
2529                     would exceed the CommitLimit will not be permitted.  This
2530                     is  useful  if one needs to guarantee that processes will
2531                     not fail due to lack of memory once that memory has  been
2532                     successfully allocated.
2533
2534              VmallocTotal %lu
2535                     Total size of vmalloc memory area.
2536
2537              VmallocUsed %lu
2538                     Amount  of  vmalloc area which is used.  Since Linux 4.4,
2539                     this field is no longer calculated, and is hard coded  as
2540                     0.  See /proc/vmallocinfo.
2541
2542              VmallocChunk %lu
2543                     Largest  contiguous  block of vmalloc area which is free.
2544                     Since Linux 4.4, this field is no longer  calculated  and
2545                     is hard coded as 0.  See /proc/vmallocinfo.
2546
2547              HardwareCorrupted %lu (since Linux 2.6.32)
2548                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]
2549
2550              LazyFree %lu (since Linux 4.12)
2551                     Shows   the   amount   of  memory  marked  by  madvise(2)
2552                     MADV_FREE.
2553
2554              AnonHugePages %lu (since Linux 2.6.38)
2555                     (CONFIG_TRANSPARENT_HUGEPAGE  is   required.)    Non-file
2556                     backed huge pages mapped into user-space page tables.
2557
2558              ShmemHugePages %lu (since Linux 4.8)
2559                     (CONFIG_TRANSPARENT_HUGEPAGE  is  required.)  Memory used
2560                     by shared memory (shmem) and tmpfs(5) allocated with huge
2561                     pages.
2562
2563              ShmemPmdMapped %lu (since Linux 4.8)
2564                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared memory
2565                     mapped into user space with huge pages.
2566
2567              CmaTotal %lu (since Linux 3.1)
2568                     Total CMA (Contiguous  Memory  Allocator)  pages.   (CON‐
2569                     FIG_CMA is required.)
2570
2571              CmaFree %lu (since Linux 3.1)
2572                     Free  CMA  (Contiguous  Memory  Allocator)  pages.  (CON‐
2573                     FIG_CMA is required.)
2574
2575              HugePages_Total %lu
2576                     (CONFIG_HUGETLB_PAGE is required.)  The size of the  pool
2577                     of huge pages.
2578
2579              HugePages_Free %lu
2580                     (CONFIG_HUGETLB_PAGE  is  required.)   The number of huge
2581                     pages in the pool that are not yet allocated.
2582
2583              HugePages_Rsvd %lu (since Linux 2.6.17)
2584                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2585                     huge  pages  for  which a commitment to allocate from the
2586                     pool has been made, but no allocation has yet been  made.
2587                     These  reserved  huge pages guarantee that an application
2588                     will be able to allocate a huge page  from  the  pool  of
2589                     huge pages at fault time.
2590
2591              HugePages_Surp %lu (since Linux 2.6.24)
2592                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2593                     huge   pages   in   the   pool   above   the   value   in
2594                     /proc/sys/vm/nr_hugepages.  The maximum number of surplus
2595                     huge  pages  is  controlled  by  /proc/sys/vm/nr_overcom‐
2596                     mit_hugepages.
2597
2598              Hugepagesize %lu
2599                     (CONFIG_HUGETLB_PAGE  is  required.)   The  size  of huge
2600                     pages.
2601
2602              DirectMap4k %lu (since Linux 2.6.27)
2603                     Number of bytes of RAM linearly mapped by kernel in 4  kB
2604                     pages.  (x86.)
2605
2606              DirectMap4M %lu (since Linux 2.6.27)
2607                     Number  of bytes of RAM linearly mapped by kernel in 4 MB
2608                     pages.  (x86 with  CONFIG_X86_64  or  CONFIG_X86_PAE  en‐
2609                     abled.)
2610
2611              DirectMap2M %lu (since Linux 2.6.27)
2612                     Number  of bytes of RAM linearly mapped by kernel in 2 MB
2613                     pages.   (x86  with  neither   CONFIG_X86_64   nor   CON‐
2614                     FIG_X86_PAE enabled.)
2615
2616              DirectMap1G %lu (since Linux 2.6.27)
2617                     (x86 with CONFIG_X86_64 and CONFIG_X86_DIRECT_GBPAGES en‐
2618                     abled.)
2619
2620       /proc/modules
2621              A text list of the modules that have been loaded by the  system.
2622              See also lsmod(8).
2623
2624       /proc/mounts
2625              Before  kernel  2.4.19, this file was a list of all the filesys‐
2626              tems currently mounted on the system.  With the introduction  of
2627              per-process  mount  namespaces  in Linux 2.4.19 (see mount_name‐
2628              spaces(7)), this file became a link to /proc/self/mounts,  which
2629              lists the mounts of the process's own mount namespace.  The for‐
2630              mat of this file is documented in fstab(5).
2631
2632       /proc/mtrr
2633              Memory Type Range Registers.  See the Linux kernel  source  file
2634              Documentation/x86/mtrr.txt   (or  Documentation/mtrr.txt  before
2635              Linux 2.6.28) for details.
2636
2637       /proc/net
2638              This directory contains various files  and  subdirectories  con‐
2639              taining  information about the networking layer.  The files con‐
2640              tain ASCII structures and are, therefore, readable with  cat(1).
2641              However, the standard netstat(8) suite provides much cleaner ac‐
2642              cess to these files.
2643
2644              With the advent of network namespaces, various  information  re‐
2645              lating  to  the  network stack is virtualized (see network_name‐
2646              spaces(7)).  Thus, since Linux 2.6.25, /proc/net is  a  symbolic
2647              link  to  the  directory /proc/self/net, which contains the same
2648              files and directories as listed below.  However, these files and
2649              directories  now expose information for the network namespace of
2650              which the process is a member.
2651
2652       /proc/net/arp
2653              This holds an ASCII readable dump of the kernel ARP  table  used
2654              for  address resolutions.  It will show both dynamically learned
2655              and preprogrammed ARP entries.  The format is:
2656
2657                  IP address     HW type   Flags     HW address          Mask   Device
2658                  192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
2659                  192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
2660
2661              Here "IP address" is the IPv4 address of the machine and the "HW
2662              type"  is  the  hardware  type of the address from RFC 826.  The
2663              flags are the internal flags of the ARP structure (as defined in
2664              /usr/include/linux/if_arp.h)  and  the  "HW address" is the data
2665              link layer mapping for that IP address if it is known.
2666
2667       /proc/net/dev
2668              The dev pseudo-file contains network device status  information.
2669              This  gives  the number of received and sent packets, the number
2670              of errors and collisions and other basic statistics.  These  are
2671              used  by  the  ifconfig(8) program to report device status.  The
2672              format is:
2673
2674              Inter-|   Receive                                                |  Transmit
2675               face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
2676                  lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
2677                eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
2678                ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
2679                tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
2680
2681       /proc/net/dev_mcast
2682              Defined in /usr/src/linux/net/core/dev_mcast.c:
2683
2684                  indx interface_name  dmi_u dmi_g dmi_address
2685                  2    eth0            1     0     01005e000001
2686                  3    eth1            1     0     01005e000001
2687                  4    eth2            1     0     01005e000001
2688
2689       /proc/net/igmp
2690              Internet    Group    Management    Protocol.      Defined     in
2691              /usr/src/linux/net/core/igmp.c.
2692
2693       /proc/net/rarp
2694              This  file uses the same format as the arp file and contains the
2695              current reverse mapping database used to provide rarp(8) reverse
2696              address  lookup  services.   If  RARP is not configured into the
2697              kernel, this file will not be present.
2698
2699       /proc/net/raw
2700              Holds a dump of the RAW socket table.  Much of  the  information
2701              is  not of use apart from debugging.  The "sl" value is the ker‐
2702              nel hash slot for the socket, the "local_address" is  the  local
2703              address  and  protocol number pair.  "St" is the internal status
2704              of the socket.  The "tx_queue" and "rx_queue" are  the  outgoing
2705              and  incoming  data  queue in terms of kernel memory usage.  The
2706              "tr", "tm->when", and "rexmits" fields are not used by RAW.  The
2707              "uid"  field  holds  the  effective  UID  of  the creator of the
2708              socket.
2709
2710       /proc/net/snmp
2711              This file holds the ASCII data needed for the IP, ICMP, TCP, and
2712              UDP management information bases for an SNMP agent.
2713
2714       /proc/net/tcp
2715              Holds  a  dump of the TCP socket table.  Much of the information
2716              is not of use apart from debugging.  The "sl" value is the  ker‐
2717              nel  hash  slot for the socket, the "local_address" is the local
2718              address and port number pair.  The "rem_address" is  the  remote
2719              address and port number pair (if connected).  "St" is the inter‐
2720              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2721              outgoing  and  incoming data queue in terms of kernel memory us‐
2722              age.  The "tr", "tm->when", and "rexmits" fields  hold  internal
2723              information  of  the kernel socket state and are useful only for
2724              debugging.  The "uid" field holds the effective UID of the  cre‐
2725              ator of the socket.
2726
2727       /proc/net/udp
2728              Holds  a  dump of the UDP socket table.  Much of the information
2729              is not of use apart from debugging.  The "sl" value is the  ker‐
2730              nel  hash  slot for the socket, the "local_address" is the local
2731              address and port number pair.  The "rem_address" is  the  remote
2732              address and port number pair (if connected).  "St" is the inter‐
2733              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2734              outgoing  and  incoming data queue in terms of kernel memory us‐
2735              age.  The "tr", "tm->when", and "rexmits" fields are not used by
2736              UDP.   The "uid" field holds the effective UID of the creator of
2737              the socket.  The format is:
2738
2739              sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
2740               1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
2741               1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
2742               1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
2743
2744       /proc/net/unix
2745              Lists the UNIX domain sockets  present  within  the  system  and
2746              their status.  The format is:
2747
2748              Num RefCount Protocol Flags    Type St Inode Path
2749               0: 00000002 00000000 00000000 0001 03    42
2750               1: 00000001 00000000 00010000 0001 01  1948 /dev/printer
2751
2752              The fields are as follows:
2753
2754              Num:      the kernel table slot number.
2755
2756              RefCount: the number of users of the socket.
2757
2758              Protocol: currently always 0.
2759
2760              Flags:    the  internal  kernel  flags holding the status of the
2761                        socket.
2762
2763              Type:     the socket type.  For  SOCK_STREAM  sockets,  this  is
2764                        0001;  for  SOCK_DGRAM  sockets,  it  is 0002; and for
2765                        SOCK_SEQPACKET sockets, it is 0005.
2766
2767              St:       the internal state of the socket.
2768
2769              Inode:    the inode number of the socket.
2770
2771              Path:     the bound pathname (if any) of the socket.  Sockets in
2772                        the  abstract  namespace are included in the list, and
2773                        are shown with a Path that commences with the  charac‐
2774                        ter '@'.
2775
2776       /proc/net/netfilter/nfnetlink_queue
2777              This file contains information about netfilter user-space queue‐
2778              ing, if used.  Each line represents a queue.  Queues  that  have
2779              not been subscribed to by user space are not shown.
2780
2781                     1   4207     0  2 65535     0     0        0  1
2782                    (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
2783
2784              The fields in each line are:
2785
2786              (1)  The ID of the queue.  This matches what is specified in the
2787                   --queue-num or --queue-balance options to  the  iptables(8)
2788                   NFQUEUE target.  See iptables-extensions(8) for more infor‐
2789                   mation.
2790
2791              (2)  The netlink port ID subscribed to the queue.
2792
2793              (3)  The number of packets currently queued and  waiting  to  be
2794                   processed by the application.
2795
2796              (4)  The copy mode of the queue.  It is either 1 (metadata only)
2797                   or 2 (also copy payload data to user space).
2798
2799              (5)  Copy range; that is,  how  many  bytes  of  packet  payload
2800                   should be copied to user space at most.
2801
2802              (6)  queue dropped.  Number of packets that had to be dropped by
2803                   the kernel because too many packets are already waiting for
2804                   user space to send back the mandatory accept/drop verdicts.
2805
2806              (7)  queue  user  dropped.   Number of packets that were dropped
2807                   within the netlink subsystem.  Such  drops  usually  happen
2808                   when the corresponding socket buffer is full; that is, user
2809                   space is not able to read messages fast enough.
2810
2811              (8)  sequence number.  Every queued packet is associated with  a
2812                   (32-bit)  monotonically  increasing  sequence number.  This
2813                   shows the ID of the most recent packet queued.
2814
2815              The last number exists only for compatibility reasons and is al‐
2816              ways 1.
2817
2818       /proc/partitions
2819              Contains  the  major and minor numbers of each partition as well
2820              as the number of 1024-byte blocks and the partition name.
2821
2822       /proc/pci
2823              This is a listing of all PCI devices found  during  kernel  ini‐
2824              tialization and their configuration.
2825
2826              This  file has been deprecated in favor of a new /proc interface
2827              for PCI  (/proc/bus/pci).   It  became  optional  in  Linux  2.2
2828              (available  with CONFIG_PCI_OLD_PROC set at kernel compilation).
2829              It became once more nonoptionally enabled in Linux  2.4.   Next,
2830              it  was  deprecated  in  Linux  2.6  (still  available with CON‐
2831              FIG_PCI_LEGACY_PROC set), and finally removed  altogether  since
2832              Linux 2.6.17.
2833
2834       /proc/profile (since Linux 2.4)
2835              This file is present only if the kernel was booted with the pro‐
2836              file=1 command-line option.  It exposes kernel profiling  infor‐
2837              mation  in  a  binary format for use by readprofile(1).  Writing
2838              (e.g., an empty string) to this file resets the profiling  coun‐
2839              ters; on some architectures, writing a binary integer "profiling
2840              multiplier" of size sizeof(int)  sets  the  profiling  interrupt
2841              frequency.
2842
2843       /proc/scsi
2844              A directory with the scsi mid-level pseudo-file and various SCSI
2845              low-level driver directories, which contain a file for each SCSI
2846              host  in  this system, all of which give the status of some part
2847              of the SCSI IO subsystem.  These files contain ASCII  structures
2848              and are, therefore, readable with cat(1).
2849
2850              You  can also write to some of the files to reconfigure the sub‐
2851              system or switch certain features on or off.
2852
2853       /proc/scsi/scsi
2854              This is a listing of all SCSI devices known to the kernel.   The
2855              listing  is  similar  to  the one seen during bootup.  scsi cur‐
2856              rently supports only the add-single-device command which  allows
2857              root to add a hotplugged device to the list of known devices.
2858
2859              The command
2860
2861                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
2862
2863              will  cause host scsi1 to scan on SCSI channel 0 for a device on
2864              ID 5 LUN 0.  If there is already a device known on this  address
2865              or the address is invalid, an error will be returned.
2866
2867       /proc/scsi/[drivername]
2868              [drivername]  can  currently  be  NCR53c7xx,  aha152x,  aha1542,
2869              aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000,
2870              pas16,  qlogic,  scsi_debug, seagate, t128, u15-24f, ultrastore,
2871              or wd7000.  These directories show up for all drivers that  reg‐
2872              istered  at  least  one  SCSI HBA.  Every directory contains one
2873              file per registered host.  Every host-file is  named  after  the
2874              number the host was assigned during initialization.
2875
2876              Reading these files will usually show driver and host configura‐
2877              tion, statistics, and so on.
2878
2879              Writing to these files  allows  different  things  on  different
2880              hosts.   For  example,  with the latency and nolatency commands,
2881              root can switch on and off command latency measurement  code  in
2882              the  eata_dma driver.  With the lockup and unlock commands, root
2883              can control bus lockups simulated by the scsi_debug driver.
2884
2885       /proc/self
2886              This  directory  refers  to  the  process  accessing  the  /proc
2887              filesystem, and is identical to the /proc directory named by the
2888              process ID of the same process.
2889
2890       /proc/slabinfo
2891              Information about kernel caches.  See slabinfo(5) for details.
2892
2893       /proc/stat
2894              kernel/system statistics.  Varies with architecture.  Common en‐
2895              tries include:
2896
2897              cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
2898              cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
2899                     The   amount  of  time,  measured  in  units  of  USER_HZ
2900                     (1/100ths  of  a  second  on  most   architectures,   use
2901                     sysconf(_SC_CLK_TCK) to obtain the right value), that the
2902                     system ("cpu" line) or the  specific  CPU  ("cpuN"  line)
2903                     spent in various states:
2904
2905                     user   (1) Time spent in user mode.
2906
2907                     nice   (2)  Time  spent  in  user  mode with low priority
2908                            (nice).
2909
2910                     system (3) Time spent in system mode.
2911
2912                     idle   (4) Time spent  in  the  idle  task.   This  value
2913                            should  be  USER_HZ  times the second entry in the
2914                            /proc/uptime pseudo-file.
2915
2916                     iowait (since Linux 2.5.41)
2917                            (5) Time waiting for I/O to complete.  This  value
2918                            is not reliable, for the following reasons:
2919
2920                            1. The  CPU  will  not  wait  for I/O to complete;
2921                               iowait is the time that a task is  waiting  for
2922                               I/O  to  complete.   When  a CPU goes into idle
2923                               state for outstanding task  I/O,  another  task
2924                               will be scheduled on this CPU.
2925
2926                            2. On  a  multi-core CPU, the task waiting for I/O
2927                               to complete is not running on any CPU,  so  the
2928                               iowait of each CPU is difficult to calculate.
2929
2930                            3. The value in this field may decrease in certain
2931                               conditions.
2932
2933                     irq (since Linux 2.6.0)
2934                            (6) Time servicing interrupts.
2935
2936                     softirq (since Linux 2.6.0)
2937                            (7) Time servicing softirqs.
2938
2939                     steal (since Linux 2.6.11)
2940                            (8) Stolen time, which is the time spent in  other
2941                            operating  systems  when  running in a virtualized
2942                            environment
2943
2944                     guest (since Linux 2.6.24)
2945                            (9) Time spent running a virtual CPU for guest op‐
2946                            erating  systems  under  the  control of the Linux
2947                            kernel.
2948
2949                     guest_nice (since Linux 2.6.33)
2950                            (10) Time spent running a niced guest (virtual CPU
2951                            for  guest  operating systems under the control of
2952                            the Linux kernel).
2953
2954              page 5741 1808
2955                     The number of pages the system paged in  and  the  number
2956                     that were paged out (from disk).
2957
2958              swap 1 0
2959                     The  number  of  swap pages that have been brought in and
2960                     out.
2961
2962              intr 1462898
2963                     This line shows counts of interrupts serviced since  boot
2964                     time,  for  each  of the possible system interrupts.  The
2965                     first column is the total of all interrupts serviced  in‐
2966                     cluding unnumbered architecture specific interrupts; each
2967                     subsequent column is the total for that  particular  num‐
2968                     bered  interrupt.   Unnumbered  interrupts are not shown,
2969                     only summed into the total.
2970
2971              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
2972                     (major,disk_idx):(noinfo,     read_io_ops,     blks_read,
2973                     write_io_ops, blks_written)
2974                     (Linux 2.4 only)
2975
2976              ctxt 115315
2977                     The number of context switches that the system underwent.
2978
2979              btime 769041601
2980                     boot   time,  in  seconds  since  the  Epoch,  1970-01-01
2981                     00:00:00 +0000 (UTC).
2982
2983              processes 86031
2984                     Number of forks since boot.
2985
2986              procs_running 6
2987                     Number of processes in runnable state.  (Linux 2.5.45 on‐
2988                     ward.)
2989
2990              procs_blocked 2
2991                     Number  of processes blocked waiting for I/O to complete.
2992                     (Linux 2.5.45 onward.)
2993
2994              softirq 229245889 94 60001584 13619 5175704 2471304 28  51212741
2995              59130143 0 51240672
2996                     This  line shows the number of softirq for all CPUs.  The
2997                     first column is the total of all softirqs and each subse‐
2998                     quent column is the total for particular softirq.  (Linux
2999                     2.6.31 onward.)
3000
3001       /proc/swaps
3002              Swap areas in use.  See also swapon(8).
3003
3004       /proc/sys
3005              This directory (present since 1.3.57) contains a number of files
3006              and  subdirectories  corresponding  to  kernel variables.  These
3007              variables can be read and in some cases modified using the /proc
3008              filesystem, and the (deprecated) sysctl(2) system call.
3009
3010              String values may be terminated by either '\0' or '\n'.
3011
3012              Integer  and  long values may be written either in decimal or in
3013              hexadecimal notation (e.g., 0x3FFF).  When writing multiple  in‐
3014              teger  or long values, these may be separated by any of the fol‐
3015              lowing whitespace characters: ' ', '\t', or '\n'.   Using  other
3016              separators leads to the error EINVAL.
3017
3018       /proc/sys/abi (since Linux 2.4.10)
3019              This  directory may contain files with application binary infor‐
3020              mation.   See  the   Linux   kernel   source   file   Documenta‐
3021              tion/sysctl/abi.txt for more information.
3022
3023       /proc/sys/debug
3024              This directory may be empty.
3025
3026       /proc/sys/dev
3027              This   directory  contains  device-specific  information  (e.g.,
3028              dev/cdrom/info).  On some systems, it may be empty.
3029
3030       /proc/sys/fs
3031              This directory contains the files and subdirectories for  kernel
3032              variables related to filesystems.
3033
3034       /proc/sys/fs/aio-max-nr and /proc/sys/fs/aio-nr (since Linux 2.6.4)
3035              aio-nr is the running total of the number of events specified by
3036              io_setup(2) calls for all currently  active  AIO  contexts.   If
3037              aio-nr  reaches  aio-max-nr, then io_setup(2) will fail with the
3038              error EAGAIN.  Raising aio-max-nr does not result in the  preal‐
3039              location or resizing of any kernel data structures.
3040
3041       /proc/sys/fs/binfmt_misc
3042              Documentation  for  files  in this directory can be found in the
3043              Linux   kernel   source   in    the    file    Documentation/ad‐
3044              min-guide/binfmt-misc.rst  (or  in Documentation/binfmt_misc.txt
3045              on older kernels).
3046
3047       /proc/sys/fs/dentry-state (since Linux 2.2)
3048              This file contains information about the status of the directory
3049              cache  (dcache).   The  file  contains  six  numbers, nr_dentry,
3050              nr_unused, age_limit (age in  seconds),  want_pages  (pages  re‐
3051              quested by system) and two dummy values.
3052
3053              * nr_dentry  is  the  number  of  allocated dentries (dcache en‐
3054                tries).  This field is unused in Linux 2.2.
3055
3056              * nr_unused is the number of unused dentries.
3057
3058              * age_limit is the age in seconds after which dcache entries can
3059                be reclaimed when memory is short.
3060
3061              * want_pages   is   nonzero   when   the   kernel   has   called
3062                shrink_dcache_pages() and the dcache isn't pruned yet.
3063
3064       /proc/sys/fs/dir-notify-enable
3065              This file can be used to disable or enable the dnotify interface
3066              described  in  fcntl(2) on a system-wide basis.  A value of 0 in
3067              this file disables the interface, and a value of 1 enables it.
3068
3069       /proc/sys/fs/dquot-max
3070              This file shows the maximum number of cached disk quota entries.
3071              On some (2.4) systems, it is not present.  If the number of free
3072              cached disk quota entries is very low and you have some  awesome
3073              number of simultaneous system users, you might want to raise the
3074              limit.
3075
3076       /proc/sys/fs/dquot-nr
3077              This file shows the number of allocated disk quota  entries  and
3078              the number of free disk quota entries.
3079
3080       /proc/sys/fs/epoll (since Linux 2.6.28)
3081              This  directory contains the file max_user_watches, which can be
3082              used to limit the amount of kernel memory consumed by the  epoll
3083              interface.  For further details, see epoll(7).
3084
3085       /proc/sys/fs/file-max
3086              This  file  defines  a  system-wide  limit on the number of open
3087              files for all processes.  System calls that fail when encounter‐
3088              ing  this  limit  fail  with  the error ENFILE.  (See also setr‐
3089              limit(2), which can be used by a process to set the  per-process
3090              limit,  RLIMIT_NOFILE,  on the number of files it may open.)  If
3091              you get lots of error messages in the kernel log  about  running
3092              out  of  file  handles  (open file descriptions) (look for "VFS:
3093              file-max limit <number> reached"), try increasing this value:
3094
3095                  echo 100000 > /proc/sys/fs/file-max
3096
3097              Privileged processes (CAP_SYS_ADMIN) can override  the  file-max
3098              limit.
3099
3100       /proc/sys/fs/file-nr
3101              This  (read-only) file contains three numbers: the number of al‐
3102              located file handles (i.e., the number  of  open  file  descrip‐
3103              tions;  see  open(2));  the number of free file handles; and the
3104              maximum  number  of  file  handles  (i.e.,  the  same  value  as
3105              /proc/sys/fs/file-max).  If the number of allocated file handles
3106              is close to the maximum, you should consider increasing the max‐
3107              imum.   Before  Linux 2.6, the kernel allocated file handles dy‐
3108              namically, but it didn't free them again.  Instead the free file
3109              handles  were  kept  in  a list for reallocation; the "free file
3110              handles" value indicates the size of that list.  A large  number
3111              of free file handles indicates that there was a past peak in the
3112              usage of open file handles.  Since Linux 2.6,  the  kernel  does
3113              deallocate freed file handles, and the "free file handles" value
3114              is always zero.
3115
3116       /proc/sys/fs/inode-max (only present until Linux 2.2)
3117              This file contains the maximum number of in-memory inodes.  This
3118              value  should  be  3–4  times larger than the value in file-max,
3119              since stdin, stdout and network sockets also need  an  inode  to
3120              handle  them.  When you regularly run out of inodes, you need to
3121              increase this value.
3122
3123              Starting with Linux 2.4, there is no longer a  static  limit  on
3124              the number of inodes, and this file is removed.
3125
3126       /proc/sys/fs/inode-nr
3127              This file contains the first two values from inode-state.
3128
3129       /proc/sys/fs/inode-state
3130              This  file  contains  seven  numbers: nr_inodes, nr_free_inodes,
3131              preshrink, and four dummy values (always zero).
3132
3133              nr_inodes is the number of  inodes  the  system  has  allocated.
3134              nr_free_inodes represents the number of free inodes.
3135
3136              preshrink is nonzero when the nr_inodes > inode-max and the sys‐
3137              tem needs to prune the inode list instead  of  allocating  more;
3138              since Linux 2.4, this field is a dummy value (always zero).
3139
3140       /proc/sys/fs/inotify (since Linux 2.6.13)
3141              This  directory  contains  files max_queued_events, max_user_in‐
3142              stances, and max_user_watches, that can be  used  to  limit  the
3143              amount  of kernel memory consumed by the inotify interface.  For
3144              further details, see inotify(7).
3145
3146       /proc/sys/fs/lease-break-time
3147              This file specifies the grace period that the kernel grants to a
3148              process holding a file lease (fcntl(2)) after it has sent a sig‐
3149              nal to that process notifying it that another process is waiting
3150              to  open the file.  If the lease holder does not remove or down‐
3151              grade the lease within this grace period,  the  kernel  forcibly
3152              breaks the lease.
3153
3154       /proc/sys/fs/leases-enable
3155              This  file  can  be  used  to enable or disable file leases (fc‐
3156              ntl(2)) on a system-wide basis.  If this file contains the value
3157              0, leases are disabled.  A nonzero value enables leases.
3158
3159       /proc/sys/fs/mount-max (since Linux 4.9)
3160              The  value  in  this file specifies the maximum number of mounts
3161              that may exist in a mount namespace.  The default value in  this
3162              file is 100,000.
3163
3164       /proc/sys/fs/mqueue (since Linux 2.6.6)
3165              This   directory   contains   files  msg_max,  msgsize_max,  and
3166              queues_max, controlling the  resources  used  by  POSIX  message
3167              queues.  See mq_overview(7) for details.
3168
3169       /proc/sys/fs/nr_open (since Linux 2.6.25)
3170              This   file  imposes  a  ceiling  on  the  value  to  which  the
3171              RLIMIT_NOFILE resource limit can be raised  (see  getrlimit(2)).
3172              This  ceiling  is  enforced for both unprivileged and privileged
3173              process.  The default value in this file  is  1048576.   (Before
3174              Linux  2.6.25,  the  ceiling for RLIMIT_NOFILE was hard-coded to
3175              the same value.)
3176
3177       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
3178              These files allow you to change the value of the fixed  UID  and
3179              GID.   The  default  is  65534.   Some  filesystems support only
3180              16-bit UIDs and GIDs, although in Linux UIDs  and  GIDs  are  32
3181              bits.   When one of these filesystems is mounted with writes en‐
3182              abled, any UID or GID that would exceed 65535 is  translated  to
3183              the overflow value before being written to disk.
3184
3185       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
3186              See pipe(7).
3187
3188       /proc/sys/fs/pipe-user-pages-hard (since Linux 4.5)
3189              See pipe(7).
3190
3191       /proc/sys/fs/pipe-user-pages-soft (since Linux 4.5)
3192              See pipe(7).
3193
3194       /proc/sys/fs/protected_fifos (since Linux 4.19)
3195              The value in this file is/can be set to one of the following:
3196
3197              0   Writing to FIFOs is unrestricted.
3198
3199              1   Don't allow O_CREAT open(2) on FIFOs that the caller doesn't
3200                  own in world-writable sticky directories, unless the FIFO is
3201                  owned by the owner of the directory.
3202
3203              2   As  for  the  value  1,  but the restriction also applies to
3204                  group-writable sticky directories.
3205
3206              The intent of the above protections is  to  avoid  unintentional
3207              writes to an attacker-controlled FIFO when a program expected to
3208              create a regular file.
3209
3210       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
3211              When the value in this file is 0, no restrictions are placed  on
3212              the  creation of hard links (i.e., this is the historical behav‐
3213              ior before Linux 3.6).  When the value in this file is 1, a hard
3214              link  can be created to a target file only if one of the follow‐
3215              ing conditions is true:
3216
3217              *  The calling process has the CAP_FOWNER capability in its user
3218                 namespace and the file UID has a mapping in the namespace.
3219
3220              *  The  filesystem  UID of the process creating the link matches
3221                 the owner (UID) of the target file (as described  in  creden‐
3222                 tials(7),  a process's filesystem UID is normally the same as
3223                 its effective UID).
3224
3225              *  All of the following conditions are true:
3226
3227                  •  the target is a regular file;
3228
3229                  •  the target file does not have its  set-user-ID  mode  bit
3230                     enabled;
3231
3232                  •  the  target  file does not have both its set-group-ID and
3233                     group-executable mode bits enabled; and
3234
3235                  •  the caller has permission to read and  write  the  target
3236                     file  (either  via the file's permissions mask or because
3237                     it has suitable capabilities).
3238
3239              The default value in this file is 0.  Setting  the  value  to  1
3240              prevents a longstanding class of security issues caused by hard-
3241              link-based time-of-check, time-of-use races, most commonly  seen
3242              in  world-writable  directories such as /tmp.  The common method
3243              of exploiting this flaw is to cross  privilege  boundaries  when
3244              following a given hard link (i.e., a root process follows a hard
3245              link created by another user).  Additionally, on systems without
3246              separated  partitions,  this stops unauthorized users from "pin‐
3247              ning" vulnerable set-user-ID and set-group-ID files against  be‐
3248              ing upgraded by the administrator, or linking to special files.
3249
3250       /proc/sys/fs/protected_regular (since Linux 4.19)
3251              The value in this file is/can be set to one of the following:
3252
3253              0   Writing to regular files is unrestricted.
3254
3255              1   Don't allow O_CREAT open(2) on regular files that the caller
3256                  doesn't own in world-writable sticky directories, unless the
3257                  regular file is owned by the owner of the directory.
3258
3259              2   As  for  the  value  1,  but the restriction also applies to
3260                  group-writable sticky directories.
3261
3262              The intent of the above protections is similar to  protected_fi‐
3263              fos,  but  allows an application to avoid writes to an attacker-
3264              controlled regular file, where the application expected to  cre‐
3265              ate one.
3266
3267       /proc/sys/fs/protected_symlinks (since Linux 3.6)
3268              When  the value in this file is 0, no restrictions are placed on
3269              following symbolic links (i.e., this is the historical  behavior
3270              before  Linux  3.6).  When the value in this file is 1, symbolic
3271              links are followed only in the following circumstances:
3272
3273              *  the filesystem UID of the process following the link  matches
3274                 the owner (UID) of the symbolic link (as described in creden‐
3275                 tials(7), a process's filesystem UID is normally the same  as
3276                 its effective UID);
3277
3278              *  the link is not in a sticky world-writable directory; or
3279
3280              *  the  symbolic  link  and  its  parent directory have the same
3281                 owner (UID)
3282
3283              A system call that fails to follow a symbolic  link  because  of
3284              the above restrictions returns the error EACCES in errno.
3285
3286              The  default  value  in  this file is 0.  Setting the value to 1
3287              avoids a longstanding class of security issues based on time-of-
3288              check, time-of-use races when accessing symbolic links.
3289
3290       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
3291              The  value  in  this  file is assigned to a process's "dumpable"
3292              flag in the circumstances described in prctl(2).  In effect, the
3293              value  in  this file determines whether core dump files are pro‐
3294              duced for set-user-ID or otherwise  protected/tainted  binaries.
3295              The  "dumpable" setting also affects the ownership of files in a
3296              process's /proc/[pid] directory, as described above.
3297
3298              Three different integer values can be specified:
3299
3300              0 (default)
3301                     This provides the traditional (pre-Linux  2.6.13)  behav‐
3302                     ior.   A  core  dump  will  not be produced for a process
3303                     which has changed  credentials  (by  calling  seteuid(2),
3304                     setgid(2),  or  similar, or by executing a set-user-ID or
3305                     set-group-ID program) or whose binary does not have  read
3306                     permission enabled.
3307
3308              1 ("debug")
3309                     All  processes  dump  core when possible.  (Reasons why a
3310                     process might nevertheless not dump core are described in
3311                     core(5).)   The core dump is owned by the filesystem user
3312                     ID of the dumping process and  no  security  is  applied.
3313                     This  is  intended  for system debugging situations only:
3314                     this mode is  insecure  because  it  allows  unprivileged
3315                     users  to  examine the memory contents of privileged pro‐
3316                     cesses.
3317
3318              2 ("suidsafe")
3319                     Any binary which normally would not be  dumped  (see  "0"
3320                     above)  is dumped readable by root only.  This allows the
3321                     user to remove the core dump file but  not  to  read  it.
3322                     For  security  reasons  core  dumps in this mode will not
3323                     overwrite one another or other files.  This mode  is  ap‐
3324                     propriate  when  administrators  are  attempting to debug
3325                     problems in a normal environment.
3326
3327                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pat‐
3328                     tern  must  either be an absolute pathname or a pipe com‐
3329                     mand, as detailed in core(5).  Warnings will  be  written
3330                     to  the  kernel log if core_pattern does not follow these
3331                     rules, and no core dump will be produced.
3332
3333              For details of the effect of a process's "dumpable"  setting  on
3334              ptrace access mode checking, see ptrace(2).
3335
3336       /proc/sys/fs/super-max
3337              This  file  controls the maximum number of superblocks, and thus
3338              the maximum number of mounted filesystems the kernel  can  have.
3339              You  need  increase  only  super-max  if  you need to mount more
3340              filesystems than the current value in super-max allows you to.
3341
3342       /proc/sys/fs/super-nr
3343              This file contains the number of filesystems currently mounted.
3344
3345       /proc/sys/kernel
3346              This directory contains files controlling a range of kernel  pa‐
3347              rameters, as described below.
3348
3349       /proc/sys/kernel/acct
3350              This  file contains three numbers: highwater, lowwater, and fre‐
3351              quency.  If BSD-style process accounting is enabled, these  val‐
3352              ues control its behavior.  If free space on filesystem where the
3353              log lives goes below lowwater percent, accounting suspends.   If
3354              free  space  gets  above  highwater percent, accounting resumes.
3355              frequency determines how often the kernel checks the  amount  of
3356              free  space (value is in seconds).  Default values are 4, 2, and
3357              30.  That is, suspend accounting if 2% or less  space  is  free;
3358              resume  it  if  4%  or  more space is free; consider information
3359              about amount of free space valid for 30 seconds.
3360
3361       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
3362              From Linux 2.6.27 to 3.18, this file was used to control  recom‐
3363              puting of the value in /proc/sys/kernel/msgmni upon the addition
3364              or removal of memory or  upon  IPC  namespace  creation/removal.
3365              Echoing  "1" into this file enabled msgmni automatic recomputing
3366              (and triggered a recomputation of msgmni based  on  the  current
3367              amount of available memory and number of IPC namespaces).  Echo‐
3368              ing "0" disabled automatic recomputing.  (Automatic  recomputing
3369              was  also  disabled  if  a  value  was  explicitly  assigned  to
3370              /proc/sys/kernel/msgmni.)  The default value in auto_msgmni  was
3371              1.
3372
3373              Since  Linux  3.19,  the content of this file has no effect (be‐
3374              cause msgmni defaults to near the maximum value  possible),  and
3375              reads from this file always return the value "0".
3376
3377       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
3378              See capabilities(7).
3379
3380       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
3381              This  file holds the value of the kernel capability bounding set
3382              (expressed as a signed  decimal  number).   This  set  is  ANDed
3383              against  the  capabilities  permitted  to  a  process during ex‐
3384              ecve(2).  Starting with Linux 2.6.25, the system-wide capability
3385              bounding  set  disappeared,  and  was  replaced  by a per-thread
3386              bounding set; see capabilities(7).
3387
3388       /proc/sys/kernel/core_pattern
3389              See core(5).
3390
3391       /proc/sys/kernel/core_pipe_limit
3392              See core(5).
3393
3394       /proc/sys/kernel/core_uses_pid
3395              See core(5).
3396
3397       /proc/sys/kernel/ctrl-alt-del
3398              This file controls the handling of Ctrl-Alt-Del  from  the  key‐
3399              board.   When  the  value  in  this  file  is 0, Ctrl-Alt-Del is
3400              trapped and sent to the init(1) program  to  handle  a  graceful
3401              restart.   When the value is greater than zero, Linux's reaction
3402              to a Vulcan Nerve Pinch (tm) will be an immediate reboot,  with‐
3403              out  even syncing its dirty buffers.  Note: when a program (like
3404              dosemu) has the keyboard in "raw" mode, the ctrl-alt-del is  in‐
3405              tercepted  by  the program before it ever reaches the kernel tty
3406              layer, and it's up to the program to decide what to do with it.
3407
3408       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
3409              The value in this file determines who can see kernel syslog con‐
3410              tents.   A  value of 0 in this file imposes no restrictions.  If
3411              the value is 1, only privileged users can read the  kernel  sys‐
3412              log.   (See  syslog(2) for more details.)  Since Linux 3.4, only
3413              users with the CAP_SYS_ADMIN capability may change the value  in
3414              this file.
3415
3416       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
3417              can  be  used  to  set the NIS/YP domainname and the hostname of
3418              your box in exactly the same way as the  commands  domainname(1)
3419              and hostname(1), that is:
3420
3421                  # echo 'darkstar' > /proc/sys/kernel/hostname
3422                  # echo 'mydomain' > /proc/sys/kernel/domainname
3423
3424              has the same effect as
3425
3426                  # hostname 'darkstar'
3427                  # domainname 'mydomain'
3428
3429              Note,  however, that the classic darkstar.frop.org has the host‐
3430              name "darkstar" and DNS (Internet Domain Name Server) domainname
3431              "frop.org", not to be confused with the NIS (Network Information
3432              Service) or YP (Yellow  Pages)  domainname.   These  two  domain
3433              names  are  in general different.  For a detailed discussion see
3434              the hostname(1) man page.
3435
3436       /proc/sys/kernel/hotplug
3437              This file contains the pathname for the  hotplug  policy  agent.
3438              The default value in this file is /sbin/hotplug.
3439
3440       /proc/sys/kernel/htab-reclaim (before Linux 2.4.9.2)
3441              (PowerPC  only) If this file is set to a nonzero value, the Pow‐
3442              erPC htab (see kernel  file  Documentation/powerpc/ppc_htab.txt)
3443              is pruned each time the system hits the idle loop.
3444
3445       /proc/sys/kernel/keys/*
3446              This directory contains various files that define parameters and
3447              limits for the key-management facility.   These  files  are  de‐
3448              scribed in keyrings(7).
3449
3450       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
3451              The  value  in this file determines whether kernel addresses are
3452              exposed via /proc files and other interfaces.  A value of  0  in
3453              this  file  imposes  no restrictions.  If the value is 1, kernel
3454              pointers printed using the %pK format specifier will be replaced
3455              with  zeros  unless  the user has the CAP_SYSLOG capability.  If
3456              the value is 2, kernel pointers printed  using  the  %pK  format
3457              specifier  will  be replaced with zeros regardless of the user's
3458              capabilities.  The initial default value for this  file  was  1,
3459              but  the  default was changed to 0 in Linux 2.6.39.  Since Linux
3460              3.4, only users with the CAP_SYS_ADMIN capability can change the
3461              value in this file.
3462
3463       /proc/sys/kernel/l2cr
3464              (PowerPC  only)  This  file contains a flag that controls the L2
3465              cache of G3 processor boards.  If 0, the cache is disabled.  En‐
3466              abled if nonzero.
3467
3468       /proc/sys/kernel/modprobe
3469              This  file  contains  the pathname for the kernel module loader.
3470              The default value is /sbin/modprobe.  The file is  present  only
3471              if  the  kernel is built with the CONFIG_MODULES (CONFIG_KMOD in
3472              Linux 2.6.26 and earlier) option enabled.  It  is  described  by
3473              the  Linux  kernel  source  file Documentation/kmod.txt (present
3474              only in kernel 2.4 and earlier).
3475
3476       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
3477              A toggle value indicating if modules are allowed to be loaded in
3478              an  otherwise  modular kernel.  This toggle defaults to off (0),
3479              but can be set true (1).  Once  true,  modules  can  be  neither
3480              loaded nor unloaded, and the toggle cannot be set back to false.
3481              The file is present only if the kernel is built  with  the  CON‐
3482              FIG_MODULES option enabled.
3483
3484       /proc/sys/kernel/msgmax (since Linux 2.2)
3485              This  file  defines  a  system-wide limit specifying the maximum
3486              number of bytes in a single message written on a System  V  mes‐
3487              sage queue.
3488
3489       /proc/sys/kernel/msgmni (since Linux 2.4)
3490              This file defines the system-wide limit on the number of message
3491              queue identifiers.  See also /proc/sys/kernel/auto_msgmni.
3492
3493       /proc/sys/kernel/msgmnb (since Linux 2.2)
3494              This file defines a system-wide parameter used to initialize the
3495              msg_qbytes setting for subsequently created message queues.  The
3496              msg_qbytes setting specifies the maximum number  of  bytes  that
3497              may be written to the message queue.
3498
3499       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
3500              This  is  a  read-only file that displays the upper limit on the
3501              number of a process's group memberships.
3502
3503       /proc/sys/kernel/ns_last_pid (since Linux 3.3)
3504              See pid_namespaces(7).
3505
3506       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
3507              These files give substrings of /proc/version.
3508
3509       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
3510              These files duplicate  the  files  /proc/sys/fs/overflowgid  and
3511              /proc/sys/fs/overflowuid.
3512
3513       /proc/sys/kernel/panic
3514              This  file  gives  read/write  access  to  the  kernel  variable
3515              panic_timeout.  If this is zero,  the  kernel  will  loop  on  a
3516              panic;  if  nonzero, it indicates that the kernel should autore‐
3517              boot after this number of seconds.  When you  use  the  software
3518              watchdog device driver, the recommended setting is 60.
3519
3520       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
3521              This  file controls the kernel's behavior when an oops or BUG is
3522              encountered.  If this file contains 0, then the system tries  to
3523              continue  operation.  If it contains 1, then the system delays a
3524              few seconds (to give klogd time to record the oops  output)  and
3525              then  panics.   If  the /proc/sys/kernel/panic file is also non‐
3526              zero, then the machine will be rebooted.
3527
3528       /proc/sys/kernel/pid_max (since Linux 2.5.34)
3529              This file specifies the value at which PIDs wrap  around  (i.e.,
3530              the  value  in  this  file is one greater than the maximum PID).
3531              PIDs greater than this value are not allocated; thus, the  value
3532              in  this file also acts as a system-wide limit on the total num‐
3533              ber of processes and threads.  The default value for this  file,
3534              32768,  results in the same range of PIDs as on earlier kernels.
3535              On 32-bit platforms, 32768 is the maximum value for pid_max.  On
3536              64-bit  systems,  pid_max  can  be  set  to any value up to 2^22
3537              (PID_MAX_LIMIT, approximately 4 million).
3538
3539       /proc/sys/kernel/powersave-nap (PowerPC only)
3540              This file contains a flag.  If set, Linux-PPC will use the "nap"
3541              mode of powersaving, otherwise the "doze" mode will be used.
3542
3543       /proc/sys/kernel/printk
3544              See syslog(2).
3545
3546       /proc/sys/kernel/pty (since Linux 2.6.4)
3547              This directory contains two files relating to the number of UNIX
3548              98 pseudoterminals (see pts(4)) on the system.
3549
3550       /proc/sys/kernel/pty/max
3551              This file defines the maximum number of pseudoterminals.
3552
3553       /proc/sys/kernel/pty/nr
3554              This read-only file indicates how many pseudoterminals are  cur‐
3555              rently in use.
3556
3557       /proc/sys/kernel/random
3558              This directory contains various parameters controlling the oper‐
3559              ation of the file /dev/random.  See random(4) for further infor‐
3560              mation.
3561
3562       /proc/sys/kernel/random/uuid (since Linux 2.4)
3563              Each  read from this read-only file returns a randomly generated
3564              128-bit UUID, as a string in the standard UUID format.
3565
3566       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
3567              Select the address space layout randomization (ASLR) policy  for
3568              the  system  (on architectures that support ASLR).  Three values
3569              are supported for this file:
3570
3571              0  Turn ASLR off.  This is the default  for  architectures  that
3572                 don't  support  ASLR,  and when the kernel is booted with the
3573                 norandmaps parameter.
3574
3575              1  Make the addresses of mmap(2) allocations, the stack, and the
3576                 VDSO  page  randomized.   Among other things, this means that
3577                 shared libraries will be loaded at randomized addresses.  The
3578                 text  segment of PIE-linked binaries will also be loaded at a
3579                 randomized address.  This value is the default if the  kernel
3580                 was configured with CONFIG_COMPAT_BRK.
3581
3582              2  (Since  Linux  2.6.25) Also support heap randomization.  This
3583                 value is the default if the kernel was  not  configured  with
3584                 CONFIG_COMPAT_BRK.
3585
3586       /proc/sys/kernel/real-root-dev
3587              This file is documented in the Linux kernel source file Documen‐
3588              tation/admin-guide/initrd.rst (or  Documentation/initrd.txt  be‐
3589              fore Linux 4.10).
3590
3591       /proc/sys/kernel/reboot-cmd (Sparc only)
3592              This  file  seems  to  be a way to give an argument to the SPARC
3593              ROM/Flash boot loader.  Maybe to tell it what to  do  after  re‐
3594              booting?
3595
3596       /proc/sys/kernel/rtsig-max
3597              (Only  in  kernels  up to and including 2.6.7; see setrlimit(2))
3598              This file can be used to tune the maximum number of POSIX  real-
3599              time (queued) signals that can be outstanding in the system.
3600
3601       /proc/sys/kernel/rtsig-nr
3602              (Only  in  kernels  up to and including 2.6.7.)  This file shows
3603              the number of POSIX real-time signals currently queued.
3604
3605       /proc/[pid]/sched_autogroup_enabled (since Linux 2.6.38)
3606              See sched(7).
3607
3608       /proc/sys/kernel/sched_child_runs_first (since Linux 2.6.23)
3609              If this file contains the value zero, then, after a fork(2), the
3610              parent  is  first  scheduled on the CPU.  If the file contains a
3611              nonzero value, then the child is scheduled  first  on  the  CPU.
3612              (Of course, on a multiprocessor system, the parent and the child
3613              might both immediately be scheduled on a CPU.)
3614
3615       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
3616              See sched_rr_get_interval(2).
3617
3618       /proc/sys/kernel/sched_rt_period_us (since Linux 2.6.25)
3619              See sched(7).
3620
3621       /proc/sys/kernel/sched_rt_runtime_us (since Linux 2.6.25)
3622              See sched(7).
3623
3624       /proc/sys/kernel/seccomp (since Linux 4.14)
3625              This directory provides additional seccomp information and  con‐
3626              figuration.  See seccomp(2) for further details.
3627
3628       /proc/sys/kernel/sem (since Linux 2.4)
3629              This  file  contains  4 numbers defining limits for System V IPC
3630              semaphores.  These fields are, in order:
3631
3632              SEMMSL  The maximum semaphores per semaphore set.
3633
3634              SEMMNS  A system-wide limit on the number of semaphores  in  all
3635                      semaphore sets.
3636
3637              SEMOPM  The  maximum  number of operations that may be specified
3638                      in a semop(2) call.
3639
3640              SEMMNI  A system-wide limit on the maximum number  of  semaphore
3641                      identifiers.
3642
3643       /proc/sys/kernel/sg-big-buff
3644              This file shows the size of the generic SCSI device (sg) buffer.
3645              You can't tune it just yet, but you could change it  at  compile
3646              time  by  editing  include/scsi/sg.h  and  changing the value of
3647              SG_BIG_BUFF.  However, there shouldn't be any reason  to  change
3648              this value.
3649
3650       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
3651              If  this  file  is set to 1, all System V shared memory segments
3652              will be marked for destruction as soon as the number of attached
3653              processes  falls to zero; in other words, it is no longer possi‐
3654              ble to create shared memory segments that exist independently of
3655              any attached process.
3656
3657              The effect is as though a shmctl(2) IPC_RMID is performed on all
3658              existing segments as well as all segments created in the  future
3659              (until  this  file  is reset to 0).  Note that existing segments
3660              that are attached to no process will  be  immediately  destroyed
3661              when  this  file is set to 1.  Setting this option will also de‐
3662              stroy segments that were created, but never attached, upon  ter‐
3663              mination of the process that created the segment with shmget(2).
3664
3665              Setting  this file to 1 provides a way of ensuring that all Sys‐
3666              tem V shared memory segments are counted  against  the  resource
3667              usage  and  resource limits (see the description of RLIMIT_AS in
3668              getrlimit(2)) of at least one process.
3669
3670              Because setting this file to 1 produces behavior  that  is  non‐
3671              standard and could also break existing applications, the default
3672              value in this file is 0.  Set this file to 1 only if you have  a
3673              good  understanding  of  the semantics of the applications using
3674              System V shared memory on your system.
3675
3676       /proc/sys/kernel/shmall (since Linux 2.2)
3677              This file contains the system-wide limit on the total number  of
3678              pages of System V shared memory.
3679
3680       /proc/sys/kernel/shmmax (since Linux 2.2)
3681              This file can be used to query and set the run-time limit on the
3682              maximum (System V IPC) shared memory segment size  that  can  be
3683              created.  Shared memory segments up to 1 GB are now supported in
3684              the kernel.  This value defaults to SHMMAX.
3685
3686       /proc/sys/kernel/shmmni (since Linux 2.4)
3687              This file specifies the system-wide maximum number of  System  V
3688              shared memory segments that can be created.
3689
3690       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
3691              The  value  in  this file determines how the file offset affects
3692              the behavior of updating entries in files under /proc/sys.   The
3693              file has three possible values:
3694
3695              -1  This  provides  legacy  handling,  with  no printk warnings.
3696                  Each write(2) must fully contain the value  to  be  written,
3697                  and  multiple  writes on the same file descriptor will over‐
3698                  write the entire value, regardless of the file position.
3699
3700              0   (default) This provides the same behavior  as  for  -1,  but
3701                  printk  warnings  are  written  for  processes  that perform
3702                  writes when the file offset is not 0.
3703
3704              1   Respect the file offset when writing strings into  /proc/sys
3705                  files.   Multiple  writes  will  append to the value buffer.
3706                  Anything written beyond the maximum length of the value buf‐
3707                  fer  will  be  ignored.  Writes to numeric /proc/sys entries
3708                  must always be at file offset 0 and the value must be  fully
3709                  contained in the buffer provided to write(2).
3710
3711       /proc/sys/kernel/sysrq
3712              This  file  controls  the functions allowed to be invoked by the
3713              SysRq key.  By default, the file contains 1 meaning  that  every
3714              possible  SysRq  request  is  allowed (in older kernel versions,
3715              SysRq was disabled by default, and you were required to specifi‐
3716              cally enable it at run-time, but this is not the case any more).
3717              Possible values in this file are:
3718
3719              0    Disable sysrq completely
3720
3721              1    Enable all functions of sysrq
3722
3723              > 1  Bit mask of allowed sysrq functions, as follows:
3724                     2  Enable control of console logging level
3725                     4  Enable control of keyboard (SAK, unraw)
3726                     8  Enable debugging dumps of processes etc.
3727                    16  Enable sync command
3728                    32  Enable remount read-only
3729                    64  Enable signaling of processes (term, kill, oom-kill)
3730                   128  Allow reboot/poweroff
3731                   256  Allow nicing of all real-time tasks
3732
3733              This file is present only if the CONFIG_MAGIC_SYSRQ kernel  con‐
3734              figuration option is enabled.  For further details see the Linux
3735              kernel source file Documentation/admin-guide/sysrq.rst (or Docu‐
3736              mentation/sysrq.txt before Linux 4.10).
3737
3738       /proc/sys/kernel/version
3739              This file contains a string such as:
3740
3741                  #5 Wed Feb 25 21:49:24 MET 1998
3742
3743              The  "#5"  means  that  this is the fifth kernel built from this
3744              source base and the date following it  indicates  the  time  the
3745              kernel was built.
3746
3747       /proc/sys/kernel/threads-max (since Linux 2.3.11)
3748              This  file  specifies  the  system-wide  limit  on the number of
3749              threads (tasks) that can be created on the system.
3750
3751              Since Linux 4.1, the value that can be written to threads-max is
3752              bounded.  The minimum value that can be written is 20.  The max‐
3753              imum value that can be written is  given  by  the  constant  FU‐
3754              TEX_TID_MASK  (0x3fffffff).  If a value outside of this range is
3755              written to threads-max, the error EINVAL occurs.
3756
3757              The value written is checked against the  available  RAM  pages.
3758              If the thread structures would occupy too much (more than 1/8th)
3759              of the available RAM pages, threads-max is reduced accordingly.
3760
3761       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
3762              See ptrace(2).
3763
3764       /proc/sys/kernel/zero-paged (PowerPC only)
3765              This file contains a flag.  When  enabled  (nonzero),  Linux-PPC
3766              will  pre-zero  pages  in  the  idle  loop, possibly speeding up
3767              get_free_pages.
3768
3769       /proc/sys/net
3770              This directory contains networking stuff.  Explanations for some
3771              of  the  files  under  this directory can be found in tcp(7) and
3772              ip(7).
3773
3774       /proc/sys/net/core/bpf_jit_enable
3775              See bpf(2).
3776
3777       /proc/sys/net/core/somaxconn
3778              This file defines a ceiling value for the  backlog  argument  of
3779              listen(2); see the listen(2) manual page for details.
3780
3781       /proc/sys/proc
3782              This directory may be empty.
3783
3784       /proc/sys/sunrpc
3785              This  directory  supports  Sun remote procedure call for network
3786              filesystem (NFS).  On some systems, it is not present.
3787
3788       /proc/sys/user (since Linux 4.9)
3789              See namespaces(7).
3790
3791       /proc/sys/vm
3792              This directory contains files for memory management tuning, buf‐
3793              fer, and cache management.
3794
3795       /proc/sys/vm/admin_reserve_kbytes (since Linux 3.10)
3796              This file defines the amount of free memory (in KiB) on the sys‐
3797              tem that should  be  reserved  for  users  with  the  capability
3798              CAP_SYS_ADMIN.
3799
3800              The  default  value  in  this file is the minimum of [3% of free
3801              pages, 8MiB] expressed as KiB.  The default is intended to  pro‐
3802              vide  enough  for the superuser to log in and kill a process, if
3803              necessary, under the default overcommit 'guess' mode (i.e., 0 in
3804              /proc/sys/vm/overcommit_memory).
3805
3806              Systems   running   in  "overcommit  never"  mode  (i.e.,  2  in
3807              /proc/sys/vm/overcommit_memory) should  increase  the  value  in
3808              this  file  to  account  for the full virtual memory size of the
3809              programs used to recover (e.g.,  login(1)  ssh(1),  and  top(1))
3810              Otherwise,  the  superuser  may not be able to log in to recover
3811              the system.  For example, on x86-64 a suitable value  is  131072
3812              (128MiB reserved).
3813
3814              Changing  the value in this file takes effect whenever an appli‐
3815              cation requests memory.
3816
3817       /proc/sys/vm/compact_memory (since Linux 2.6.35)
3818              When 1 is written to this file, all  zones  are  compacted  such
3819              that  free memory is available in contiguous blocks where possi‐
3820              ble.  The effect  of  this  action  can  be  seen  by  examining
3821              /proc/buddyinfo.
3822
3823              Present  only  if  the  kernel  was  configured with CONFIG_COM‐
3824              PACTION.
3825
3826       /proc/sys/vm/drop_caches (since Linux 2.6.16)
3827              Writing to this file causes the kernel  to  drop  clean  caches,
3828              dentries,  and inodes from memory, causing that memory to become
3829              free.  This can be useful for memory management testing and per‐
3830              forming  reproducible filesystem benchmarks.  Because writing to
3831              this file causes the benefits of caching to be lost, it can  de‐
3832              grade overall system performance.
3833
3834              To free pagecache, use:
3835
3836                  echo 1 > /proc/sys/vm/drop_caches
3837
3838              To free dentries and inodes, use:
3839
3840                  echo 2 > /proc/sys/vm/drop_caches
3841
3842              To free pagecache, dentries, and inodes, use:
3843
3844                  echo 3 > /proc/sys/vm/drop_caches
3845
3846              Because  writing  to this file is a nondestructive operation and
3847              dirty objects are not freeable,  the  user  should  run  sync(1)
3848              first.
3849
3850       /proc/sys/vm/sysctl_hugetlb_shm_group (since Linux 2.6.7)
3851              This  writable file contains a group ID that is allowed to allo‐
3852              cate memory using huge pages.  If a  process  has  a  filesystem
3853              group  ID  or any supplementary group ID that matches this group
3854              ID, then it can make huge-page allocations without  holding  the
3855              CAP_IPC_LOCK   capability;  see  memfd_create(2),  mmap(2),  and
3856              shmget(2).
3857
3858       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
3859              If nonzero, this disables the new 32-bit memory-mapping  layout;
3860              the kernel will use the legacy (2.4) layout for all processes.
3861
3862       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
3863              Control  how  to kill processes when an uncorrected memory error
3864              (typically a 2-bit error in a memory module) that cannot be han‐
3865              dled  by  the  kernel is detected in the background by hardware.
3866              In some cases (like the page still having a valid copy on disk),
3867              the kernel will handle the failure transparently without affect‐
3868              ing any applications.  But if there is no other up-to-date  copy
3869              of  the data, it will kill processes to prevent any data corrup‐
3870              tions from propagating.
3871
3872              The file has one of the following values:
3873
3874              1:  Kill all processes that have  the  corrupted-and-not-reload‐
3875                  able  page  mapped  as  soon  as the corruption is detected.
3876                  Note that this is not supported for a few  types  of  pages,
3877                  such  as kernel internally allocated data or the swap cache,
3878                  but works for the majority of user pages.
3879
3880              0:  Unmap the corrupted page  from  all  processes  and  kill  a
3881                  process only if it tries to access the page.
3882
3883              The  kill is performed using a SIGBUS signal with si_code set to
3884              BUS_MCEERR_AO.  Processes can handle this if they want  to;  see
3885              sigaction(2) for more details.
3886
3887              This  feature is active only on architectures/platforms with ad‐
3888              vanced machine check handling and depends on the hardware  capa‐
3889              bilities.
3890
3891              Applications  can override the memory_failure_early_kill setting
3892              individually with the prctl(2) PR_MCE_KILL operation.
3893
3894              Present only if  the  kernel  was  configured  with  CONFIG_MEM‐
3895              ORY_FAILURE.
3896
3897       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
3898              Enable memory failure recovery (when supported by the platform).
3899
3900              1:  Attempt recovery.
3901
3902              0:  Always panic on a memory failure.
3903
3904              Present  only  if  the  kernel  was  configured with CONFIG_MEM‐
3905              ORY_FAILURE.
3906
3907       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
3908              Enables a system-wide task dump (excluding kernel threads) to be
3909              produced  when the kernel performs an OOM-killing.  The dump in‐
3910              cludes  the  following  information  for  each   task   (thread,
3911              process): thread ID, real user ID, thread group ID (process ID),
3912              virtual memory size, resident set size, the CPU that the task is
3913              scheduled   on,   oom_adj   score   (see   the   description  of
3914              /proc/[pid]/oom_adj), and command name.  This is helpful to  de‐
3915              termine why the OOM-killer was invoked and to identify the rogue
3916              task that caused it.
3917
3918              If this contains the value zero, this information is suppressed.
3919              On  very  large  systems  with thousands of tasks, it may not be
3920              feasible to dump the memory  state  information  for  each  one.
3921              Such systems should not be forced to incur a performance penalty
3922              in OOM situations when the information may not be desired.
3923
3924              If this is set to nonzero, this information  is  shown  whenever
3925              the OOM-killer actually kills a memory-hogging task.
3926
3927              The default value is 0.
3928
3929       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
3930              This enables or disables killing the OOM-triggering task in out-
3931              of-memory situations.
3932
3933              If this is set to zero, the OOM-killer will scan through the en‐
3934              tire  tasklist  and  select  a task based on heuristics to kill.
3935              This normally selects a rogue memory-hogging task that frees  up
3936              a large amount of memory when killed.
3937
3938              If  this is set to nonzero, the OOM-killer simply kills the task
3939              that triggered the out-of-memory condition.  This avoids a  pos‐
3940              sibly expensive tasklist scan.
3941
3942              If  /proc/sys/vm/panic_on_oom  is  nonzero,  it takes precedence
3943              over whatever value is  used  in  /proc/sys/vm/oom_kill_allocat‐
3944              ing_task.
3945
3946              The default value is 0.
3947
3948       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
3949              This writable file provides an alternative to /proc/sys/vm/over‐
3950              commit_ratio    for    controlling    the    CommitLimit    when
3951              /proc/sys/vm/overcommit_memory  has  the value 2.  It allows the
3952              amount of memory overcommitting to be specified as  an  absolute
3953              value  (in  kB),  rather  than  as a percentage, as is done with
3954              overcommit_ratio.  This allows for finer-grained control of Com‐
3955              mitLimit on systems with extremely large memory sizes.
3956
3957              Only  one  of  overcommit_kbytes or overcommit_ratio can have an
3958              effect: if overcommit_kbytes has a nonzero  value,  then  it  is
3959              used  to  calculate  CommitLimit,  otherwise overcommit_ratio is
3960              used.  Writing a value to either of these files causes the value
3961              in the other file to be set to zero.
3962
3963       /proc/sys/vm/overcommit_memory
3964              This  file  contains  the kernel virtual memory accounting mode.
3965              Values are:
3966
3967                     0: heuristic overcommit (this is the default)
3968                     1: always overcommit, never check
3969                     2: always check, never overcommit
3970
3971              In mode 0, calls of mmap(2) with MAP_NORESERVE are not  checked,
3972              and  the default check is very weak, leading to the risk of get‐
3973              ting a process "OOM-killed".
3974
3975              In mode 1, the kernel pretends there is  always  enough  memory,
3976              until  memory  actually runs out.  One use case for this mode is
3977              scientific computing applications that employ large  sparse  ar‐
3978              rays.   In Linux kernel versions before 2.6.0, any nonzero value
3979              implies mode 1.
3980
3981              In mode 2 (available since Linux 2.6), the total virtual address
3982              space  that  can  be allocated (CommitLimit in /proc/meminfo) is
3983              calculated as
3984
3985                  CommitLimit = (total_RAM - total_huge_TLB) *
3986                                overcommit_ratio / 100 + total_swap
3987
3988              where:
3989
3990                   *  total_RAM is the total amount of RAM on the system;
3991
3992                   *  total_huge_TLB is the amount of  memory  set  aside  for
3993                      huge pages;
3994
3995                   *  overcommit_ratio  is  the value in /proc/sys/vm/overcom‐
3996                      mit_ratio; and
3997
3998                   *  total_swap is the amount of swap space.
3999
4000              For example, on a system with 16 GB of physical RAM,  16  GB  of
4001              swap,  no space dedicated to huge pages, and an overcommit_ratio
4002              of 50, this formula yields a CommitLimit of 24 GB.
4003
4004              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes
4005              is nonzero, then CommitLimit is instead calculated as:
4006
4007                  CommitLimit = overcommit_kbytes + total_swap
4008
4009              See  also  the  description of /proc/sys/vm/admin_reserve_kbytes
4010              and /proc/sys/vm/user_reserve_kbytes.
4011
4012       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
4013              This writable file defines a percentage by which memory  can  be
4014              overcommitted.   The  default  value in the file is 50.  See the
4015              description of /proc/sys/vm/overcommit_memory.
4016
4017       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
4018              This enables or disables a kernel panic in an out-of-memory sit‐
4019              uation.
4020
4021              If this file is set to the value 0, the kernel's OOM-killer will
4022              kill some rogue process.  Usually, the  OOM-killer  is  able  to
4023              kill a rogue process and the system will survive.
4024
4025              If  this  file  is  set to the value 1, then the kernel normally
4026              panics when out-of-memory happens.  However, if a process limits
4027              allocations  to  certain  nodes  using memory policies (mbind(2)
4028              MPOL_BIND) or cpusets (cpuset(7)) and those nodes  reach  memory
4029              exhaustion  status, one process may be killed by the OOM-killer.
4030              No panic occurs in this case: because other nodes' memory may be
4031              free,  this  means the system as a whole may not have reached an
4032              out-of-memory situation yet.
4033
4034              If this file is set to the value 2,  the  kernel  always  panics
4035              when an out-of-memory condition occurs.
4036
4037              The default value is 0.  1 and 2 are for failover of clustering.
4038              Select either according to your policy of failover.
4039
4040       /proc/sys/vm/swappiness
4041              The value in this file controls how aggressively the kernel will
4042              swap memory pages.  Higher values increase aggressiveness, lower
4043              values decrease aggressiveness.  The default value is 60.
4044
4045       /proc/sys/vm/user_reserve_kbytes (since Linux 3.10)
4046              Specifies an amount of memory (in KiB) to reserve for user  pro‐
4047              cesses.  This is intended to prevent a user from starting a sin‐
4048              gle memory hogging process, such that they cannot recover  (kill
4049              the  hog).   The  value  in  this  file  has an effect only when
4050              /proc/sys/vm/overcommit_memory is set to 2  ("overcommit  never"
4051              mode).   In  this  case, the system reserves an amount of memory
4052              that is the minimum of [3% of  current  process  size,  user_re‐
4053              serve_kbytes].
4054
4055              The  default  value  in  this file is the minimum of [3% of free
4056              pages, 128MiB] expressed as KiB.
4057
4058              If the value in this file is set to zero, then a  user  will  be
4059              allowed to allocate all free memory with a single process (minus
4060              the amount reserved by /proc/sys/vm/admin_reserve_kbytes).   Any
4061              subsequent  attempts  to execute a command will result in "fork:
4062              Cannot allocate memory".
4063
4064              Changing the value in this file takes effect whenever an  appli‐
4065              cation requests memory.
4066
4067       /proc/sys/vm/unprivileged_userfaultfd (since Linux 5.2)
4068              This  (writable)  file  exposes a flag that controls whether un‐
4069              privileged processes are allowed to employ  userfaultfd(2).   If
4070              this  file  has the value 1, then unprivileged processes may use
4071              userfaultfd(2).  If this file has the value 0,  then  only  pro‐
4072              cesses  that have the CAP_SYS_PTRACE capability may employ user‐
4073              faultfd(2).  The default value in this file is 1.
4074
4075       /proc/sysrq-trigger (since Linux 2.4.21)
4076              Writing a character to this file triggers the same  SysRq  func‐
4077              tion  as  typing  ALT-SysRq-<character>  (see the description of
4078              /proc/sys/kernel/sysrq).  This file is normally writable only by
4079              root.  For further details see the Linux kernel source file Doc‐
4080              umentation/admin-guide/sysrq.rst (or Documentation/sysrq.txt be‐
4081              fore Linux 4.10).
4082
4083       /proc/sysvipc
4084              Subdirectory  containing  the  pseudo-files  msg,  sem  and shm.
4085              These files list the System V Interprocess  Communication  (IPC)
4086              objects  (respectively:  message  queues, semaphores, and shared
4087              memory) that currently exist on the  system,  providing  similar
4088              information  to  that  available  via ipcs(1).  These files have
4089              headers and are formatted (one IPC object per line) for easy un‐
4090              derstanding.   sysvipc(7) provides further background on the in‐
4091              formation shown by these files.
4092
4093       /proc/thread-self (since Linux 3.17)
4094              This directory refers to the thread accessing the /proc filesys‐
4095              tem,  and  is  identical  to the /proc/self/task/[tid] directory
4096              named by the process thread ID ([tid]) of the same thread.
4097
4098       /proc/timer_list (since Linux 2.6.21)
4099              This read-only file exposes a  list  of  all  currently  pending
4100              (high-resolution) timers, all clock-event sources, and their pa‐
4101              rameters in a human-readable form.
4102
4103       /proc/timer_stats (from  Linux 2.6.21 until Linux 4.10)
4104              This is a debugging facility to make timer (ab)use  in  a  Linux
4105              system  visible  to kernel and user-space developers.  It can be
4106              used by kernel and user-space developers to  verify  that  their
4107              code  does  not  make undue use of timers.  The goal is to avoid
4108              unnecessary wakeups, thereby optimizing power consumption.
4109
4110              If enabled in the kernel (CONFIG_TIMER_STATS), but not used,  it
4111              has  almost  zero run-time overhead and a relatively small data-
4112              structure overhead.  Even if collection is enabled at run  time,
4113              overhead  is  low:  all  the  locking  is  per-CPU and lookup is
4114              hashed.
4115
4116              The /proc/timer_stats file is used both to control sampling  fa‐
4117              cility and to read out the sampled information.
4118
4119              The timer_stats functionality is inactive on bootup.  A sampling
4120              period can be started using the following command:
4121
4122                  # echo 1 > /proc/timer_stats
4123
4124              The following command stops a sampling period:
4125
4126                  # echo 0 > /proc/timer_stats
4127
4128              The statistics can be retrieved by:
4129
4130                  $ cat /proc/timer_stats
4131
4132              While sampling is enabled, each readout  from  /proc/timer_stats
4133              will  see  newly updated statistics.  Once sampling is disabled,
4134              the sampled information is kept until a  new  sample  period  is
4135              started.  This allows multiple readouts.
4136
4137              Sample output from /proc/timer_stats:
4138
4139                  $ cat /proc/timer_stats
4140                  Timer Stats Version: v0.3
4141                  Sample period: 1.764 s
4142                  Collection: active
4143                    255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
4144                     71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
4145                     58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
4146                      4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
4147                     17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
4148                  ...
4149                      1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
4150                     1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
4151                  1029 total events, 583.333 events/sec
4152
4153              The output columns are:
4154
4155              *  a  count  of  the  number  of events, optionally (since Linux
4156                 2.6.23) followed by the letter 'D' if this  is  a  deferrable
4157                 timer;
4158
4159              *  the PID of the process that initialized the timer;
4160
4161              *  the name of the process that initialized the timer;
4162
4163              *  the function where the timer was initialized; and
4164
4165              *  (in  parentheses)  the  callback  function that is associated
4166                 with the timer.
4167
4168              During the Linux 4.11 development cycle, this file  was  removed
4169              because  of  security concerns, as it exposes information across
4170              namespaces.  Furthermore, it is possible to obtain the same  in‐
4171              formation via in-kernel tracing facilities such as ftrace.
4172
4173       /proc/tty
4174              Subdirectory  containing the pseudo-files and subdirectories for
4175              tty drivers and line disciplines.
4176
4177       /proc/uptime
4178              This file contains two numbers (values in seconds):  the  uptime
4179              of  the  system (including time spent in suspend) and the amount
4180              of time spent in the idle process.
4181
4182       /proc/version
4183              This string identifies the kernel version that is currently run‐
4184              ning.   It  includes  the  contents  of /proc/sys/kernel/ostype,
4185              /proc/sys/kernel/osrelease, and  /proc/sys/kernel/version.   For
4186              example:
4187
4188                  Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
4189
4190       /proc/vmstat (since Linux 2.6.0)
4191              This file displays various virtual memory statistics.  Each line
4192              of this file contains a single  name-value  pair,  delimited  by
4193              white space.  Some lines are present only if the kernel was con‐
4194              figured with suitable options.  (In some cases, the options  re‐
4195              quired for particular files have changed across kernel versions,
4196              so they are not listed here.  Details can be found by consulting
4197              the kernel source code.)  The following fields may be present:
4198
4199              nr_free_pages (since Linux 2.6.31)
4200
4201              nr_alloc_batch (since Linux 3.12)
4202
4203              nr_inactive_anon (since Linux 2.6.28)
4204
4205              nr_active_anon (since Linux 2.6.28)
4206
4207              nr_inactive_file (since Linux 2.6.28)
4208
4209              nr_active_file (since Linux 2.6.28)
4210
4211              nr_unevictable (since Linux 2.6.28)
4212
4213              nr_mlock (since Linux 2.6.28)
4214
4215              nr_anon_pages (since Linux 2.6.18)
4216
4217              nr_mapped (since Linux 2.6.0)
4218
4219              nr_file_pages (since Linux 2.6.18)
4220
4221              nr_dirty (since Linux 2.6.0)
4222
4223              nr_writeback (since Linux 2.6.0)
4224
4225              nr_slab_reclaimable (since Linux 2.6.19)
4226
4227              nr_slab_unreclaimable (since Linux 2.6.19)
4228
4229              nr_page_table_pages (since Linux 2.6.0)
4230
4231              nr_kernel_stack (since Linux 2.6.32)
4232                     Amount of memory allocated to kernel stacks.
4233
4234              nr_unstable (since Linux 2.6.0)
4235
4236              nr_bounce (since Linux 2.6.12)
4237
4238              nr_vmscan_write (since Linux 2.6.19)
4239
4240              nr_vmscan_immediate_reclaim (since Linux 3.2)
4241
4242              nr_writeback_temp (since Linux 2.6.26)
4243
4244              nr_isolated_anon (since Linux 2.6.32)
4245
4246              nr_isolated_file (since Linux 2.6.32)
4247
4248              nr_shmem (since Linux 2.6.32)
4249                     Pages used by shmem and tmpfs(5).
4250
4251              nr_dirtied (since Linux 2.6.37)
4252
4253              nr_written (since Linux 2.6.37)
4254
4255              nr_pages_scanned (since Linux 3.17)
4256
4257              numa_hit (since Linux 2.6.18)
4258
4259              numa_miss (since Linux 2.6.18)
4260
4261              numa_foreign (since Linux 2.6.18)
4262
4263              numa_interleave (since Linux 2.6.18)
4264
4265              numa_local (since Linux 2.6.18)
4266
4267              numa_other (since Linux 2.6.18)
4268
4269              workingset_refault (since Linux 3.15)
4270
4271              workingset_activate (since Linux 3.15)
4272
4273              workingset_nodereclaim (since Linux 3.15)
4274
4275              nr_anon_transparent_hugepages (since Linux 2.6.38)
4276
4277              nr_free_cma (since Linux 3.7)
4278                     Number of free CMA (Contiguous Memory Allocator) pages.
4279
4280              nr_dirty_threshold (since Linux 2.6.37)
4281
4282              nr_dirty_background_threshold (since Linux 2.6.37)
4283
4284              pgpgin (since Linux 2.6.0)
4285
4286              pgpgout (since Linux 2.6.0)
4287
4288              pswpin (since Linux 2.6.0)
4289
4290              pswpout (since Linux 2.6.0)
4291
4292              pgalloc_dma (since Linux 2.6.5)
4293
4294              pgalloc_dma32 (since Linux 2.6.16)
4295
4296              pgalloc_normal (since Linux 2.6.5)
4297
4298              pgalloc_high (since Linux 2.6.5)
4299
4300              pgalloc_movable (since Linux 2.6.23)
4301
4302              pgfree (since Linux 2.6.0)
4303
4304              pgactivate (since Linux 2.6.0)
4305
4306              pgdeactivate (since Linux 2.6.0)
4307
4308              pgfault (since Linux 2.6.0)
4309
4310              pgmajfault (since Linux 2.6.0)
4311
4312              pgrefill_dma (since Linux 2.6.5)
4313
4314              pgrefill_dma32 (since Linux 2.6.16)
4315
4316              pgrefill_normal (since Linux 2.6.5)
4317
4318              pgrefill_high (since Linux 2.6.5)
4319
4320              pgrefill_movable (since Linux 2.6.23)
4321
4322              pgsteal_kswapd_dma (since Linux 3.4)
4323
4324              pgsteal_kswapd_dma32 (since Linux 3.4)
4325
4326              pgsteal_kswapd_normal (since Linux 3.4)
4327
4328              pgsteal_kswapd_high (since Linux 3.4)
4329
4330              pgsteal_kswapd_movable (since Linux 3.4)
4331
4332              pgsteal_direct_dma
4333
4334              pgsteal_direct_dma32 (since Linux 3.4)
4335
4336              pgsteal_direct_normal (since Linux 3.4)
4337
4338              pgsteal_direct_high (since Linux 3.4)
4339
4340              pgsteal_direct_movable (since Linux 2.6.23)
4341
4342              pgscan_kswapd_dma
4343
4344              pgscan_kswapd_dma32 (since Linux 2.6.16)
4345
4346              pgscan_kswapd_normal (since Linux 2.6.5)
4347
4348              pgscan_kswapd_high
4349
4350              pgscan_kswapd_movable (since Linux 2.6.23)
4351
4352              pgscan_direct_dma
4353
4354              pgscan_direct_dma32 (since Linux 2.6.16)
4355
4356              pgscan_direct_normal
4357
4358              pgscan_direct_high
4359
4360              pgscan_direct_movable (since Linux 2.6.23)
4361
4362              pgscan_direct_throttle (since Linux 3.6)
4363
4364              zone_reclaim_failed (since linux 2.6.31)
4365
4366              pginodesteal (since linux 2.6.0)
4367
4368              slabs_scanned (since linux 2.6.5)
4369
4370              kswapd_inodesteal (since linux 2.6.0)
4371
4372              kswapd_low_wmark_hit_quickly (since 2.6.33)
4373
4374              kswapd_high_wmark_hit_quickly (since 2.6.33)
4375
4376              pageoutrun (since Linux 2.6.0)
4377
4378              allocstall (since Linux 2.6.0)
4379
4380              pgrotated (since Linux 2.6.0)
4381
4382              drop_pagecache (since Linux 3.15)
4383
4384              drop_slab (since Linux 3.15)
4385
4386              numa_pte_updates (since Linux 3.8)
4387
4388              numa_huge_pte_updates (since Linux 3.13)
4389
4390              numa_hint_faults (since Linux 3.8)
4391
4392              numa_hint_faults_local (since Linux 3.8)
4393
4394              numa_pages_migrated (since Linux 3.8)
4395
4396              pgmigrate_success (since Linux 3.8)
4397
4398              pgmigrate_fail (since Linux 3.8)
4399
4400              compact_migrate_scanned (since Linux 3.8)
4401
4402              compact_free_scanned (since Linux 3.8)
4403
4404              compact_isolated (since Linux 3.8)
4405
4406              compact_stall (since Linux 2.6.35)
4407                     See    the    kernel    source   file   Documentation/ad‐
4408                     min-guide/mm/transhuge.rst.
4409
4410              compact_fail (since Linux 2.6.35)
4411                     See   the   kernel    source    file    Documentation/ad‐
4412                     min-guide/mm/transhuge.rst.
4413
4414              compact_success (since Linux 2.6.35)
4415                     See    the    kernel    source   file   Documentation/ad‐
4416                     min-guide/mm/transhuge.rst.
4417
4418              htlb_buddy_alloc_success (since Linux 2.6.26)
4419
4420              htlb_buddy_alloc_fail (since Linux 2.6.26)
4421
4422              unevictable_pgs_culled (since Linux 2.6.28)
4423
4424              unevictable_pgs_scanned (since Linux 2.6.28)
4425
4426              unevictable_pgs_rescued (since Linux 2.6.28)
4427
4428              unevictable_pgs_mlocked (since Linux 2.6.28)
4429
4430              unevictable_pgs_munlocked (since Linux 2.6.28)
4431
4432              unevictable_pgs_cleared (since Linux 2.6.28)
4433
4434              unevictable_pgs_stranded (since Linux 2.6.28)
4435
4436              thp_fault_alloc (since Linux 2.6.39)
4437                     See   the   kernel    source    file    Documentation/ad‐
4438                     min-guide/mm/transhuge.rst.
4439
4440              thp_fault_fallback (since Linux 2.6.39)
4441                     See    the    kernel    source   file   Documentation/ad‐
4442                     min-guide/mm/transhuge.rst.
4443
4444              thp_collapse_alloc (since Linux 2.6.39)
4445                     See   the   kernel    source    file    Documentation/ad‐
4446                     min-guide/mm/transhuge.rst.
4447
4448              thp_collapse_alloc_failed (since Linux 2.6.39)
4449                     See    the    kernel    source   file   Documentation/ad‐
4450                     min-guide/mm/transhuge.rst.
4451
4452              thp_split (since Linux 2.6.39)
4453                     See   the   kernel    source    file    Documentation/ad‐
4454                     min-guide/mm/transhuge.rst.
4455
4456              thp_zero_page_alloc (since Linux 3.8)
4457                     See    the    kernel    source   file   Documentation/ad‐
4458                     min-guide/mm/transhuge.rst.
4459
4460              thp_zero_page_alloc_failed (since Linux 3.8)
4461                     See   the   kernel    source    file    Documentation/ad‐
4462                     min-guide/mm/transhuge.rst.
4463
4464              balloon_inflate (since Linux 3.18)
4465
4466              balloon_deflate (since Linux 3.18)
4467
4468              balloon_migrate (since Linux 3.18)
4469
4470              nr_tlb_remote_flush (since Linux 3.12)
4471
4472              nr_tlb_remote_flush_received (since Linux 3.12)
4473
4474              nr_tlb_local_flush_all (since Linux 3.12)
4475
4476              nr_tlb_local_flush_one (since Linux 3.12)
4477
4478              vmacache_find_calls (since Linux 3.16)
4479
4480              vmacache_find_hits (since Linux 3.16)
4481
4482              vmacache_full_flushes (since Linux 3.19)
4483
4484       /proc/zoneinfo (since Linux 2.6.13)
4485              This file displays information about memory zones.  This is use‐
4486              ful for analyzing virtual memory behavior.
4487