1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and  the  default  if  this  mount
29                  option is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid]  directories  but  their  own  (the  /proc/[pid]
33                  directories  themselves  remain  visible).   Sensitive files
34                  such as /proc/[pid]/cmdline and /proc/[pid]/status  are  now
35                  protected  against other users.  This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an  attacker's  task  of  gathering
49                  information   about  running  processes  (e.g.,  discovering
50                  whether some daemon is  running  with  elevated  privileges,
51                  whether  another  user  is  running  some sensitive program,
52                  whether other users are running any program at all,  and  so
53                  on).
54
55       gid=gid (since Linux 3.3)
56              Specifies  the  ID  of  a  group whose members are authorized to
57              learn process information otherwise prohibited by hidepid (i.e.,
58              users  in  this  group  behave  as though /proc was mounted with
59              hidepid=0).  This group should be  used  instead  of  approaches
60              such as putting nonroot users into the sudoers(5) file.
61
62   Overview
63       Underneath  /proc,  there are the following general groups of files and
64       subdirectories:
65
66       /proc/[pid] subdirectories
67              Each one of these subdirectories contains files and  subdirecto‐
68              ries exposing information about the process with the correspond‐
69              ing process ID.
70
71              Underneath each of the /proc/[pid] directories, a task subdirec‐
72              tory  contains subdirectories of the form task/[tid], which con‐
73              tain corresponding information about each of the threads in  the
74              process, where tid is the kernel thread ID of the thread.
75
76              The   /proc/[pid]  subdirectories  are  visible  when  iterating
77              through /proc with getdents(2) (and thus are  visible  when  one
78              uses ls(1) to view the contents of /proc).
79
80       /proc/[tid] subdirectories
81              Each  one of these subdirectories contains files and subdirecto‐
82              ries exposing information about the thread with the  correspond‐
83              ing  thread  ID.  The contents of these directories are the same
84              as the corresponding /proc/[pid]/task/[tid] directories.
85
86              The /proc/[tid] subdirectories are not  visible  when  iterating
87              through  /proc  with  getdents(2) (and thus are not visible when
88              one uses ls(1) to view the contents of /proc).
89
90       /proc/self
91              When a process accesses this magic symbolic link, it resolves to
92              the process's own /proc/[pid] directory.
93
94       /proc/thread-self
95              When  a thread accesses this magic symbolic link, it resolves to
96              the process's own /proc/self/task/[tid] directory.
97
98       /proc/[a-z]*
99              Various other files and subdirectories under /proc  expose  sys‐
100              tem-wide information.
101
102       All of the above are described in more detail below.
103
104   Files and directories
105       The  following  list provides details of many of the files and directo‐
106       ries under the /proc hierarchy.
107
108       /proc/[pid]
109              There is a numerical subdirectory for each running process;  the
110              subdirectory  is named by the process ID.  Each /proc/[pid] sub‐
111              directory contains the pseudo-files  and  directories  described
112              below.
113
114              The  files  inside each /proc/[pid] directory are normally owned
115              by the effective user and effective group  ID  of  the  process.
116              However,  as a security measure, the ownership is made root:root
117              if the process's "dumpable" attribute is set to  a  value  other
118              than 1.
119
120              Before Linux 4.11, root:root meant the "global" root user ID and
121              group ID (i.e., UID 0 and GID 0 in the initial user  namespace).
122              Since  Linux 4.11, if the process is in a noninitial user names‐
123              pace that has a valid mapping for user (group) ID 0  inside  the
124              namespace,  then  the  user (group) ownership of the files under
125              /proc/[pid] is instead made the same as the root user (group) ID
126              of  the  namespace.   This means that inside a container, things
127              work as expected for the container "root" user.
128
129              The process's "dumpable" attribute may change for the  following
130              reasons:
131
132              *  The   attribute   was   explicitly   set   via  the  prctl(2)
133                 PR_SET_DUMPABLE operation.
134
135              *  The  attribute  was  reset  to  the   value   in   the   file
136                 /proc/sys/fs/suid_dumpable (described below), for the reasons
137                 described in prctl(2).
138
139              Resetting the "dumpable" attribute to 1 reverts the ownership of
140              the /proc/[pid]/* files to the process's effective UID and GID.
141
142       /proc/[pid]/attr
143              The files in this directory provide an API for security modules.
144              The contents of this directory are files that can  be  read  and
145              written  in  order  to  set  security-related  attributes.  This
146              directory was added to support SELinux, but  the  intention  was
147              that  the  API  be general enough to support other security mod‐
148              ules.  For the purpose of explanation, examples of  how  SELinux
149              uses these files are provided below.
150
151              This directory is present only if the kernel was configured with
152              CONFIG_SECURITY.
153
154       /proc/[pid]/attr/current (since Linux 2.6.0)
155              The  contents  of  this  file  represent  the  current  security
156              attributes of the process.
157
158              In  SELinux,  this file is used to get the security context of a
159              process.  Prior to Linux 2.6.11, this file could not be used  to
160              set  the  security  context  (a  write was always denied), since
161              SELinux limited process security transitions to  execve(2)  (see
162              the  description  of /proc/[pid]/attr/exec, below).  Since Linux
163              2.6.11, SELinux lifted this  restriction  and  began  supporting
164              "set"  operations  via writes to this node if authorized by pol‐
165              icy, although use of this operation is only suitable for  appli‐
166              cations  that  are  trusted  to  maintain any desired separation
167              between the old and new security contexts.
168
169              Prior to Linux 2.6.28, SELinux did not allow  threads  within  a
170              multi-threaded  process  to  set their security context via this
171              node as it would yield an inconsistency among the security  con‐
172              texts of the threads sharing the same memory space.  Since Linux
173              2.6.28, SELinux lifted this  restriction  and  began  supporting
174              "set"  operations  for threads within a multithreaded process if
175              the new security context is bounded by the old security context,
176              where  the  bounded relation is defined in policy and guarantees
177              that the new security context has a subset of the permissions of
178              the old security context.
179
180              Other  security  modules  may choose to support "set" operations
181              via writes to this node.
182
183       /proc/[pid]/attr/exec (since Linux 2.6.0)
184              This file represents the attributes to  assign  to  the  process
185              upon a subsequent execve(2).
186
187              In  SELinux,  this is needed to support role/domain transitions,
188              and execve(2) is the preferred point to  make  such  transitions
189              because  it offers better control over the initialization of the
190              process in the new security label and the inheritance of  state.
191              In SELinux, this attribute is reset on execve(2) so that the new
192              program reverts to the default behavior for any execve(2)  calls
193              that  it  may  make.  In SELinux, a process can set only its own
194              /proc/[pid]/attr/exec attribute.
195
196       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
197              This file represents the attributes to assign to  files  created
198              by  subsequent  calls  to  open(2),  mkdir(2),  symlink(2),  and
199              mknod(2)
200
201              SELinux employs this file to support creation of a  file  (using
202              the  aforementioned  system  calls)  in  a secure state, so that
203              there is no risk of inappropriate access being obtained  between
204              the  time  of creation and the time that attributes are set.  In
205              SELinux, this attribute is reset on execve(2), so that  the  new
206              program  reverts  to  the default behavior for any file creation
207              calls it may make, but the attribute will persist across  multi‐
208              ple file creation calls within a program unless it is explicitly
209              reset.   In  SELinux,  a  process   can   set   only   its   own
210              /proc/[pid]/attr/fscreate attribute.
211
212       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
213              If  a process writes a security context into this file, all sub‐
214              sequently created keys (add_key(2)) will be  labeled  with  this
215              context.   For  further  information, see the kernel source file
216              Documentation/security/keys/core.rst   (or    file    Documenta‐
217              tion/security/keys.txt  on  Linux between 3.0 and 4.13, or Docu‐
218              mentation/keys.txt before Linux 3.0).
219
220       /proc/[pid]/attr/prev (since Linux 2.6.0)
221              This file contains the security context of  the  process  before
222              the   last   execve(2);   that   is,   the   previous  value  of
223              /proc/[pid]/attr/current.
224
225       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
226              If a process writes a security context into this file, all  sub‐
227              sequently created sockets will be labeled with this context.
228
229       /proc/[pid]/autogroup (since Linux 2.6.38)
230              See sched(7).
231
232       /proc/[pid]/auxv (since 2.6.0)
233              This  contains  the  contents of the ELF interpreter information
234              passed to the process at exec time.  The format is one  unsigned
235              long  ID  plus one unsigned long value for each entry.  The last
236              entry contains two zeros.  See also getauxval(3).
237
238              Permission to access this file is governed by  a  ptrace  access
239              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
240
241       /proc/[pid]/cgroup (since Linux 2.6.24)
242              See cgroups(7).
243
244       /proc/[pid]/clear_refs (since Linux 2.6.22)
245
246              This  is  a  write-only  file,  writable  only  by  owner of the
247              process.
248
249              The following values may be written to the file:
250
251              1 (since Linux 2.6.22)
252                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
253                     the  pages  associated  with the process.  (Before kernel
254                     2.6.32, writing any nonzero value to this file  had  this
255                     effect.)
256
257              2 (since Linux 2.6.32)
258                     Reset  the  PG_Referenced and ACCESSED/YOUNG bits for all
259                     anonymous pages associated with the process.
260
261              3 (since Linux 2.6.32)
262                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
263                     file-mapped pages associated with the process.
264
265              Clearing  the  PG_Referenced  and ACCESSED/YOUNG bits provides a
266              method to measure approximately how much  memory  a  process  is
267              using.  One first inspects the values in the "Referenced" fields
268              for the VMAs shown in /proc/[pid]/smaps to get an  idea  of  the
269              memory  footprint of the process.  One then clears the PG_Refer‐
270              enced and ACCESSED/YOUNG bits  and,  after  some  measured  time
271              interval,  once  again  inspects  the values in the "Referenced"
272              fields to get an idea of the change in memory footprint  of  the
273              process during the measured interval.  If one is interested only
274              in inspecting the selected mapping types, then the value 2 or  3
275              can be used instead of 1.
276
277              Further values can be written to affect different properties:
278
279              4 (since Linux 3.11)
280                     Clear  the  soft-dirty  bit  for all the pages associated
281                     with the process.  This  is  used  (in  conjunction  with
282                     /proc/[pid]/pagemap) by the check-point restore system to
283                     discover which pages of a process have been dirtied since
284                     the file /proc/[pid]/clear_refs was written to.
285
286              5 (since Linux 4.0)
287                     Reset  the  peak resident set size ("high water mark") to
288                     the process's current resident set size value.
289
290              Writing any value to  /proc/[pid]/clear_refs  other  than  those
291              listed above has no effect.
292
293              The  /proc/[pid]/clear_refs  file  is  present  only if the CON‐
294              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
295
296       /proc/[pid]/cmdline
297              This read-only file holds the  complete  command  line  for  the
298              process,  unless  the  process is a zombie.  In the latter case,
299              there is nothing in this file: that is, a read on this file will
300              return  0 characters.  The command-line arguments appear in this
301              file as a set of strings separated by null bytes ('\0'), with  a
302              further null byte after the last string.
303
304       /proc/[pid]/comm (since Linux 2.6.33)
305              This  file exposes the process's comm value—that is, the command
306              name associated with the process.  Different threads in the same
307              process   may   have   different  comm  values,  accessible  via
308              /proc/[pid]/task/[tid]/comm.   A  thread  may  modify  its  comm
309              value,  or  that of any of other thread in the same thread group
310              (see the discussion of CLONE_THREAD in clone(2)), by writing  to
311              the   file   /proc/self/task/[tid]/comm.   Strings  longer  than
312              TASK_COMM_LEN (16) characters are silently truncated.
313
314              This file provides a superset of the  prctl(2)  PR_SET_NAME  and
315              PR_GET_NAME operations, and is employed by pthread_setname_np(3)
316              when used to rename threads other than the caller.
317
318       /proc/[pid]/coredump_filter (since Linux 2.6.23)
319              See core(5).
320
321       /proc/[pid]/cpuset (since Linux 2.6.12)
322              See cpuset(7).
323
324       /proc/[pid]/cwd
325              This is a symbolic link to the current working directory of  the
326              process.   To  find out the current working directory of process
327              20, for instance, you can do this:
328
329                  $ cd /proc/20/cwd; /bin/pwd
330
331              Note that the pwd command is often a shell built-in,  and  might
332              not work properly.  In bash(1), you may use pwd -P.
333
334              In  a  multithreaded process, the contents of this symbolic link
335              are not available if the  main  thread  has  already  terminated
336              (typically by calling pthread_exit(3)).
337
338              Permission  to  dereference  or read (readlink(2)) this symbolic
339              link    is    governed    by    a     ptrace     access     mode
340              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
341
342       /proc/[pid]/environ
343              This file contains the initial environment that was set when the
344              currently executing program  was  started  via  execve(2).   The
345              entries  are  separated by null bytes ('\0'), and there may be a
346              null byte at the end.  Thus, to print  out  the  environment  of
347              process 1, you would do:
348
349                  $ cat /proc/1/environ | tr '\000' '\n'
350
351              If,  after  an  execve(2),  the process modifies its environment
352              (e.g., by calling functions such as putenv(3) or  modifying  the
353              environ(7)  variable directly), this file will not reflect those
354              changes.
355
356              Furthermore, a process may change the memory location that  this
357              file refers via prctl(2) operations such as PR_SET_MM_ENV_START.
358
359              Permission  to  access  this file is governed by a ptrace access
360              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
361
362       /proc/[pid]/exe
363              Under Linux 2.2 and later, this file is a symbolic link contain‐
364              ing  the actual pathname of the executed command.  This symbolic
365              link can be dereferenced normally; attempting to  open  it  will
366              open  the  executable.  You can even type /proc/[pid]/exe to run
367              another copy of the same executable that is being run by process
368              [pid].   If  the  pathname  has been unlinked, the symbolic link
369              will contain the string '(deleted)'  appended  to  the  original
370              pathname.  In a multithreaded process, the contents of this sym‐
371              bolic link are not available if the main thread has already ter‐
372              minated (typically by calling pthread_exit(3)).
373
374              Permission  to  dereference  or read (readlink(2)) this symbolic
375              link    is    governed    by    a     ptrace     access     mode
376              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
377
378              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the
379              binary which was executed, and appears as a  symbolic  link.   A
380              readlink(2)  call  on this file under Linux 2.0 returns a string
381              in the format:
382
383                  [device]:inode
384
385              For example, [0301]:1502 would be inode 1502 on device major  03
386              (IDE,  MFM,  etc. drives) minor 01 (first partition on the first
387              drive).
388
389              find(1) with the -inum option can be used to locate the file.
390
391       /proc/[pid]/fd/
392              This is a subdirectory containing one entry for each file  which
393              the process has open, named by its file descriptor, and which is
394              a symbolic link to the actual file.  Thus, 0 is standard  input,
395              1 standard output, 2 standard error, and so on.
396
397              For  file descriptors for pipes and sockets, the entries will be
398              symbolic links whose content is the file type with the inode.  A
399              readlink(2) call on this file returns a string in the format:
400
401                  type:[inode]
402
403              For  example, socket:[2248868] will be a socket and its inode is
404              2248868.  For sockets, that inode  can  be  used  to  find  more
405              information in one of the files under /proc/net/.
406
407              For  file  descriptors  that  have no corresponding inode (e.g.,
408              file   descriptors   produced   by   bpf(2),    epoll_create(2),
409              eventfd(2),  inotify_init(2),  perf_event_open(2),  signalfd(2),
410              timerfd_create(2), and userfaultfd(2)), the entry will be a sym‐
411              bolic link with contents of the form
412
413                  anon_inode:<file-type>
414
415              In  many  cases  (but  not  all), the file-type is surrounded by
416              square brackets.
417
418              For example, an epoll file descriptor will have a symbolic  link
419              whose content is the string anon_inode:[eventpoll].
420
421              In  a  multithreaded process, the contents of this directory are
422              not available if the main thread has already  terminated  (typi‐
423              cally by calling pthread_exit(3)).
424
425              Programs  that  take  a filename as a command-line argument, but
426              don't take input from standard input if no argument is supplied,
427              and  programs that write to a file named as a command-line argu‐
428              ment, but don't send their output to standard output if no argu‐
429              ment is supplied, can nevertheless be made to use standard input
430              or standard output by using /proc/[pid]/fd files as command-line
431              arguments.   For example, assuming that -i is the flag designat‐
432              ing an input file and -o is the flag designating an output file:
433
434                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
435
436              and you have a working filter.
437
438              /proc/self/fd/N is approximately the same as /dev/fd/N  in  some
439              UNIX and UNIX-like systems.  Most Linux MAKEDEV scripts symboli‐
440              cally link /dev/fd to /proc/self/fd, in fact.
441
442              Most systems provide symbolic links /dev/stdin, /dev/stdout, and
443              /dev/stderr, which respectively link to the files 0, 1, and 2 in
444              /proc/self/fd.  Thus the example command above could be  written
445              as:
446
447                  $ foobar -i /dev/stdin -o /dev/stdout ...
448
449              Permission  to  dereference  or  read (readlink(2)) the symbolic
450              links in this directory is governed  by  a  ptrace  access  mode
451              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
452
453              Note  that  for  file descriptors referring to inodes (pipes and
454              sockets, see above), those inodes still have permission bits and
455              ownership  information distinct from those of the /proc/[pid]/fd
456              entry, and that the owner may differ from the user and group IDs
457              of the process.  An unprivileged process may lack permissions to
458              open them, as in this example:
459
460                  $ echo test | sudo -u nobody cat
461                  test
462                  $ echo test | sudo -u nobody cat /proc/self/fd/0
463                  cat: /proc/self/fd/0: Permission denied
464
465              File descriptor 0 refers to the pipe created by  the  shell  and
466              owned by that shell's user, which is not nobody, so cat does not
467              have permission to create a new file  descriptor  to  read  from
468              that inode, even though it can still read from its existing file
469              descriptor 0.
470
471       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
472              This is a subdirectory containing one entry for each file  which
473              the  process  has open, named by its file descriptor.  The files
474              in this directory are readable only by the owner of the process.
475              The  contents  of  each  file  can be read to obtain information
476              about the corresponding file descriptor.  The content depends on
477              the  type of file referred to by the corresponding file descrip‐
478              tor.
479
480              For regular files and directories, we see something like:
481
482                  $ cat /proc/12015/fdinfo/4
483                  pos:    1000
484                  flags:  01002002
485                  mnt_id: 21
486
487              The fields are as follows:
488
489              pos    This is a decimal number showing the file offset.
490
491              flags  This is an octal number that  displays  the  file  access
492                     mode  and file status flags (see open(2)).  If the close-
493                     on-exec file descriptor flag is set, then flags will also
494                     include the value O_CLOEXEC.
495
496                     Before  Linux  3.1,  this field incorrectly displayed the
497                     setting of O_CLOEXEC at the time  the  file  was  opened,
498                     rather  than  the  current  setting  of the close-on-exec
499                     flag.
500
501              mnt_id This field, present since Linux 3.15, is the  ID  of  the
502                     mount point containing this file.  See the description of
503                     /proc/[pid]/mountinfo.
504
505              For eventfd file descriptors (see  eventfd(2)),  we  see  (since
506              Linux 3.8) the following fields:
507
508                  pos: 0
509                  flags:    02
510                  mnt_id:   10
511                  eventfd-count:               40
512
513              eventfd-count  is  the  current value of the eventfd counter, in
514              hexadecimal.
515
516              For epoll file descriptors (see epoll(7)), we see  (since  Linux
517              3.8) the following fields:
518
519                  pos: 0
520                  flags:    02
521                  mnt_id:   10
522                  tfd:        9 events:       19 data: 74253d2500000009
523                  tfd:        7 events:       19 data: 74253d2500000007
524
525              Each  of  the  lines  beginning  tfd  describes  one of the file
526              descriptors being monitored via the epoll file  descriptor  (see
527              epoll_ctl(2)  for some details).  The tfd field is the number of
528              the file descriptor.  The events field is a hexadecimal mask  of
529              the  events  being monitored for this file descriptor.  The data
530              field is the data value associated with this file descriptor.
531
532              For signalfd file descriptors (see signalfd(2)), we  see  (since
533              Linux 3.8) the following fields:
534
535                  pos: 0
536                  flags:    02
537                  mnt_id:   10
538                  sigmask:  0000000000000006
539
540              sigmask is the hexadecimal mask of signals that are accepted via
541              this signalfd file descriptor.  (In this example, bits 2  and  3
542              are  set,  corresponding  to the signals SIGINT and SIGQUIT; see
543              signal(7).)
544
545              For inotify file descriptors (see  inotify(7)),  we  see  (since
546              Linux 3.8) the following fields:
547
548                  pos: 0
549                  flags:    00
550                  mnt_id:   11
551                  inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
552                  inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73
553
554              Each  of the lines beginning with "inotify" displays information
555              about one file or directory that is being monitored.  The fields
556              in this line are as follows:
557
558              wd     A watch descriptor number (in decimal).
559
560              ino    The inode number of the target file (in hexadecimal).
561
562              sdev   The  ID  of  the device where the target file resides (in
563                     hexadecimal).
564
565              mask   The mask of events being monitored for  the  target  file
566                     (in hexadecimal).
567
568              If  the  kernel was built with exportfs support, the path to the
569              target file is exposed as a file handle, via  three  hexadecimal
570              fields: fhandle-bytes, fhandle-type, and f_handle.
571
572              For  fanotify  file descriptors (see fanotify(7)), we see (since
573              Linux 3.8) the following fields:
574
575                  pos: 0
576                  flags:    02
577                  mnt_id:   11
578                  fanotify flags:0 event-flags:88002
579                  fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73
580
581              The fourth line displays information defined when  the  fanotify
582              group was created via fanotify_init(2):
583
584              flags  The  flags  argument given to fanotify_init(2) (expressed
585                     in hexadecimal).
586
587              event-flags
588                     The  event_f_flags  argument  given  to  fanotify_init(2)
589                     (expressed in hexadecimal).
590
591              Each  additional  line  shown  in  the file contains information
592              about one of the marks in the fanotify  group.   Most  of  these
593              fields are as for inotify, except:
594
595              mflags The flags associated with the mark (expressed in hexadec‐
596                     imal).
597
598              mask   The events mask for this mark (expressed in hexadecimal).
599
600              ignored_mask
601                     The mask  of  events  that  are  ignored  for  this  mark
602                     (expressed in hexadecimal).
603
604              For details on these fields, see fanotify_mark(2).
605
606              For  timerfd  file  descriptors  (see timerfd(2)), we see (since
607              Linux 3.17) the following fields:
608
609                  pos:    0
610                  flags:  02004002
611                  mnt_id: 13
612                  clockid: 0
613                  ticks: 0
614                  settime flags: 03
615                  it_value: (7695568592, 640020877)
616                  it_interval: (0, 0)
617
618              clockid
619                     This is the numeric value of the clock ID  (corresponding
620                     to  one  of  the  CLOCK_* constants defined via <time.h>)
621                     that is used to mark the progress of the timer  (in  this
622                     example, 0 is CLOCK_REALTIME).
623
624              ticks  This  is  the  number  of  timer  expirations  that  have
625                     occurred, (i.e., the  value  that  read(2)  on  it  would
626                     return).
627
628              settime flags
629                     This  field  lists  the  flags with which the timerfd was
630                     last armed (see timerfd_settime(2)), in  octal  (in  this
631                     example,   both   TFD_TIMER_ABSTIME   and  TFD_TIMER_CAN‐
632                     CEL_ON_SET are set).
633
634              it_value
635                     This field contains the amount of time  until  the  timer
636                     will  next  expire, expressed in seconds and nanoseconds.
637                     This is always expressed as a relative value,  regardless
638                     of    whether   the   timer   was   created   using   the
639                     TFD_TIMER_ABSTIME flag.
640
641              it_interval
642                     This field contains the interval of the timer, in seconds
643                     and  nanoseconds.   (The  it_value and it_interval fields
644                     contain the values that timerfd_gettime(2) on  this  file
645                     descriptor would return.)
646
647       /proc/[pid]/gid_map (since Linux 3.5)
648              See user_namespaces(7).
649
650       /proc/[pid]/io (since kernel 2.6.20)
651              This file contains I/O statistics for the process, for example:
652
653                  # cat /proc/3828/io
654                  rchar: 323934931
655                  wchar: 323929600
656                  syscr: 632687
657                  syscw: 632675
658                  read_bytes: 0
659                  write_bytes: 323932160
660                  cancelled_write_bytes: 0
661
662              The fields are as follows:
663
664              rchar: characters read
665                     The number of bytes which this task has caused to be read
666                     from storage.  This is simply the sum of bytes which this
667                     process  passed  to read(2) and similar system calls.  It
668                     includes things such as terminal I/O and is unaffected by
669                     whether or not actual physical disk I/O was required (the
670                     read might have been satisfied from pagecache).
671
672              wchar: characters written
673                     The number of bytes which this task has caused, or  shall
674                     cause  to be written to disk.  Similar caveats apply here
675                     as with rchar.
676
677              syscr: read syscalls
678                     Attempt to count the number of read  I/O  operations—that
679                     is, system calls such as read(2) and pread(2).
680
681              syscw: write syscalls
682                     Attempt  to count the number of write I/O operations—that
683                     is, system calls such as write(2) and pwrite(2).
684
685              read_bytes: bytes read
686                     Attempt to count the number of bytes which  this  process
687                     really  did  cause  to be fetched from the storage layer.
688                     This is accurate for block-backed filesystems.
689
690              write_bytes: bytes written
691                     Attempt to count the number of bytes which  this  process
692                     caused to be sent to the storage layer.
693
694              cancelled_write_bytes:
695                     The big inaccuracy here is truncate.  If a process writes
696                     1MB to a file and then deletes the file, it will in  fact
697                     perform  no writeout.  But it will have been accounted as
698                     having caused 1MB of write.  In other words:  this  field
699                     represents  the number of bytes which this process caused
700                     to not happen, by truncating pagecache.  A task can cause
701                     "negative"  I/O  too.   If this task truncates some dirty
702                     pagecache, some I/O which another task has been accounted
703                     for (in its write_bytes) will not be happening.
704
705              Note:  In  the  current implementation, things are a bit racy on
706              32-bit systems: if process A reads  process  B's  /proc/[pid]/io
707              while  process  B  is  updating  one  of  these 64-bit counters,
708              process A could see an intermediate result.
709
710              Permission to access this file is governed by  a  ptrace  access
711              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
712
713       /proc/[pid]/limits (since Linux 2.6.24)
714              This file displays the soft limit, hard limit, and units of mea‐
715              surement for each of the process's resource  limits  (see  getr‐
716              limit(2)).   Up to and including Linux 2.6.35, this file is pro‐
717              tected to allow reading only by the real  UID  of  the  process.
718              Since  Linux  2.6.36,  this file is readable by all users on the
719              system.
720
721       /proc/[pid]/map_files/ (since kernel 3.3)
722              This subdirectory  contains  entries  corresponding  to  memory-
723              mapped  files (see mmap(2)).  Entries are named by memory region
724              start and end address pair (expressed as  hexadecimal  numbers),
725              and  are symbolic links to the mapped files themselves.  Here is
726              an example, with the output wrapped and reformatted to fit on an
727              80-column display:
728
729                  # ls -l /proc/self/map_files/
730                  lr--------. 1 root root 64 Apr 16 21:31
731                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
732                  ...
733
734              Although  these entries are present for memory regions that were
735              mapped with the MAP_FILE flag, the way anonymous  shared  memory
736              (regions created with the MAP_ANON | MAP_SHARED flags) is imple‐
737              mented in Linux means that such  regions  also  appear  on  this
738              directory.   Here  is  an  example  where the target file is the
739              deleted /dev/zero one:
740
741                  lrw-------. 1 root root 64 Apr 16 21:33
742                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)
743
744              This directory appears  only  if  the  CONFIG_CHECKPOINT_RESTORE
745              kernel    configuration    option    is    enabled.    Privilege
746              (CAP_SYS_ADMIN) is required to view the contents of this  direc‐
747              tory.
748
749       /proc/[pid]/maps
750              A  file containing the currently mapped memory regions and their
751              access permissions.  See mmap(2) for  some  further  information
752              about memory mappings.
753
754              Permission  to  access  this file is governed by a ptrace access
755              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
756
757              The format of the file is:
758
759    address           perms offset  dev   inode       pathname
760    00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
761    00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
762    00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
763    00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
764    00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
765    ...
766    35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
767    35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
768    35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
769    35b1a21000-35b1a22000 rw-p 00000000 00:00 0
770    35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
771    35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
772    35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
773    35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
774    ...
775    f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
776    ...
777    7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
778    7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]
779
780              The address field is the address space in the process  that  the
781              mapping occupies.  The perms field is a set of permissions:
782
783                  r = read
784                  w = write
785                  x = execute
786                  s = shared
787                  p = private (copy on write)
788
789              The  offset  field  is the offset into the file/whatever; dev is
790              the device (major:minor); inode is the inode on that device.   0
791              indicates that no inode is associated with the memory region, as
792              would be the case with BSS (uninitialized data).
793
794              The pathname field will usually be the file that is backing  the
795              mapping.  For ELF files, you can easily coordinate with the off‐
796              set field by looking at the Offset  field  in  the  ELF  program
797              headers (readelf -l).
798
799              There are additional helpful pseudo-paths:
800
801                   [stack]
802                          The  initial  process's  (also  known  as  the  main
803                          thread's) stack.
804
805                   [stack:<tid>] (from Linux 3.4 to 4.4)
806                          A thread's stack (where the <tid> is a  thread  ID).
807                          It  corresponds to the /proc/[pid]/task/[tid]/ path.
808                          This field was removed in Linux 4.5, since providing
809                          this information for a process with large numbers of
810                          threads is expensive.
811
812                   [vdso] The virtual dynamically linked shared  object.   See
813                          vdso(7).
814
815                   [heap] The process's heap.
816
817              If  the pathname field is blank, this is an anonymous mapping as
818              obtained via mmap(2).  There is no easy way to  coordinate  this
819              back  to a process's source, short of running it through gdb(1),
820              strace(1), or similar.
821
822              pathname is shown unescaped except for newline characters, which
823              are  replaced with an octal escape sequence.  As a result, it is
824              not possible to determine whether  the  original  pathname  con‐
825              tained  a  newline  character  or  the  literal  \e012 character
826              sequence.
827
828              If the mapping is file-backed and the file has been deleted, the
829              string " (deleted)" is appended to the pathname.  Note that this
830              is ambiguous too.
831
832              Under Linux 2.0, there is no field giving pathname.
833
834       /proc/[pid]/mem
835              This file can be used to access the pages of a process's  memory
836              through open(2), read(2), and lseek(2).
837
838              Permission  to  access  this file is governed by a ptrace access
839              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
840
841       /proc/[pid]/mountinfo (since Linux 2.6.26)
842              This  file  contains  information  about  mount  points  in  the
843              process's  mount  namespace  (see mount_namespaces(7)).  It sup‐
844              plies various information  (e.g.,  propagation  state,  root  of
845              mount for bind mounts, identifier for each mount and its parent)
846              that is missing from the (older)  /proc/[pid]/mounts  file,  and
847              fixes  various  other problems with that file (e.g., nonextensi‐
848              bility, failure to distinguish per-mount  versus  per-superblock
849              options).
850
851              The file contains lines of the form:
852
85336 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
854(1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
855
856              The  numbers  in  parentheses  are  labels  for the descriptions
857              below:
858
859              (1)  mount ID: a unique ID for the mount (may  be  reused  after
860                   umount(2)).
861
862              (2)  parent  ID:  the ID of the parent mount (or of self for the
863                   root of this mount namespace's mount tree).
864
865                   If a new mount is stacked on top  of  a  previous  existing
866                   mount  (so that it hides the existing mount) at pathname P,
867                   then the parent of the new mount is the previous  mount  at
868                   that  location.   Thus,  when  looking  at  all  the mounts
869                   stacked at a particular location, the top-most mount is the
870                   one  that  is not the parent of any other mount at the same
871                   location.  (Note, however, that this top-most mount will be
872                   accessible  only if the longest path subprefix of P that is
873                   a mount point is not itself hidden by a stacked mount.)
874
875                   If the parent mount point lies outside the  process's  root
876                   directory  (see  chroot(2)), the ID shown here won't have a
877                   corresponding record in mountinfo whose mount ID (field  1)
878                   matches this parent mount ID (because mount points that lie
879                   outside the process's  root  directory  are  not  shown  in
880                   mountinfo).  As a special case of this point, the process's
881                   root mount point may have a parent mount (for the initramfs
882                   filesystem) that lies outside the process's root directory,
883                   and an entry for  that  mount  point  will  not  appear  in
884                   mountinfo.
885
886              (3)  major:minor: the value of st_dev for files on this filesys‐
887                   tem (see stat(2)).
888
889              (4)  root: the pathname of the directory in the filesystem which
890                   forms the root of this mount.
891
892              (5)  mount  point:  the  pathname of the mount point relative to
893                   the process's root directory.
894
895              (6)  mount options: per-mount options (see mount(2)).
896
897              (7)  optional  fields:  zero  or  more  fields   of   the   form
898                   "tag[:value]"; see below.
899
900              (8)  separator:  the  end  of the optional fields is marked by a
901                   single hyphen.
902
903              (9)  filesystem  type:  the  filesystem   type   in   the   form
904                   "type[.subtype]".
905
906              (10) mount source: filesystem-specific information or "none".
907
908              (11) super options: per-superblock options (see mount(2)).
909
910              Currently,  the  possible  optional  fields  are shared, master,
911              propagate_from, and unbindable.  See mount_namespaces(7)  for  a
912              description of these fields.  Parsers should ignore all unrecog‐
913              nized optional fields.
914
915              For  more  information  on  mount  propagation  see:  Documenta‐
916              tion/filesystems/sharedsubtree.txt  in  the  Linux kernel source
917              tree.
918
919       /proc/[pid]/mounts (since Linux 2.4.19)
920              This file lists all the filesystems  currently  mounted  in  the
921              process's mount namespace (see mount_namespaces(7)).  The format
922              of this file is documented in fstab(5).
923
924              Since kernel version 2.6.15, this file is pollable: after  open‐
925              ing  the  file  for  reading,  a  change  in  this file (i.e., a
926              filesystem mount or unmount) causes select(2) to mark  the  file
927              descriptor  as  having an exceptional condition, and poll(2) and
928              epoll_wait(2) mark the file as having a  priority  event  (POLL‐
929              PRI).  (Before Linux 2.6.30, a change in this file was indicated
930              by the file descriptor being marked as readable  for  select(2),
931              and  being  marked  as having an error condition for poll(2) and
932              epoll_wait(2).)
933
934       /proc/[pid]/mountstats (since Linux 2.6.17)
935              This file exports information (statistics, configuration  infor‐
936              mation)  about the mount points in the process's mount namespace
937              (see mount_namespaces(7)).  Lines in this file have the form:
938
939                  device /dev/sda7 mounted on /home with fstype ext3 [statistics]
940                  (       1      )            ( 2 )             (3 ) (4)
941
942              The fields in each line are:
943
944              (1)  The name of the mounted device (or "nodevice" if  there  is
945                   no corresponding device).
946
947              (2)  The mount point within the filesystem tree.
948
949              (3)  The filesystem type.
950
951              (4)  Optional  statistics  and  configuration information.  Cur‐
952                   rently (as at Linux 2.6.26), only  NFS  filesystems  export
953                   information via this field.
954
955              This file is readable only by the owner of the process.
956
957       /proc/[pid]/net (since Linux 2.6.25)
958              See the description of /proc/net.
959
960       /proc/[pid]/ns/ (since Linux 3.0)
961              This  is  a subdirectory containing one entry for each namespace
962              that supports being manipulated by setns(2).  For more  informa‐
963              tion, see namespaces(7).
964
965       /proc/[pid]/numa_maps (since Linux 2.6.14)
966              See numa(7).
967
968       /proc/[pid]/oom_adj (since Linux 2.6.11)
969              This  file  can be used to adjust the score used to select which
970              process should be killed in an  out-of-memory  (OOM)  situation.
971              The  kernel  uses  this  value  for a bit-shift operation of the
972              process's oom_score value: valid values are in the range -16  to
973              +15,  plus  the  special  value  -17, which disables OOM-killing
974              altogether for this process.  A  positive  score  increases  the
975              likelihood  of  this  process  being killed by the OOM-killer; a
976              negative score decreases the likelihood.
977
978              The default value for this file is 0; a new process inherits its
979              parent's   oom_adj   setting.   A  process  must  be  privileged
980              (CAP_SYS_RESOURCE) to update this file.
981
982              Since Linux 2.6.36, use of this file is deprecated in  favor  of
983              /proc/[pid]/oom_score_adj.
984
985       /proc/[pid]/oom_score (since Linux 2.6.11)
986              This  file  displays  the current score that the kernel gives to
987              this process for the purpose of selecting a process for the OOM-
988              killer.  A higher score means that the process is more likely to
989              be selected by the OOM-killer.  The basis for this score is  the
990              amount  of  memory  used  by  the process, with increases (+) or
991              decreases (-) for factors including:
992
993              * whether the process is privileged (-).
994
995              Before kernel 2.6.36 the following factors were also used in the
996              calculation of oom_score:
997
998              * whether  the  process  creates a lot of children using fork(2)
999                (+);
1000
1001              * whether the process has been running a long time, or has  used
1002                a lot of CPU time (-);
1003
1004              * whether the process has a low nice value (i.e., > 0) (+); and
1005
1006              * whether the process is making direct hardware access (-).
1007
1008              The  oom_score  also  reflects  the  adjustment specified by the
1009              oom_score_adj or oom_adj setting for the process.
1010
1011       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
1012              This file can be used to adjust the badness  heuristic  used  to
1013              select which process gets killed in out-of-memory conditions.
1014
1015              The  badness  heuristic  assigns  a value to each candidate task
1016              ranging from 0 (never kill) to 1000 (always kill)  to  determine
1017              which  process  is targeted.  The units are roughly a proportion
1018              along that range of allowed  memory  the  process  may  allocate
1019              from, based on an estimation of its current memory and swap use.
1020              For example, if a task is using all allowed memory, its  badness
1021              score  will be 1000.  If it is using half of its allowed memory,
1022              its score will be 500.
1023
1024              There is an additional factor included  in  the  badness  score:
1025              root processes are given 3% extra memory over other tasks.
1026
1027              The  amount  of "allowed" memory depends on the context in which
1028              the OOM-killer was called.  If it is due to the memory  assigned
1029              to  the  allocating  task's  cpuset being exhausted, the allowed
1030              memory represents the set of mems assigned to that  cpuset  (see
1031              cpuset(7)).   If  it  is  due  to  a  mempolicy's  node(s) being
1032              exhausted, the allowed memory represents the  set  of  mempolicy
1033              nodes.   If  it  is  due to a memory limit (or swap limit) being
1034              reached, the allowed memory is that configured limit.   Finally,
1035              if  it  is  due  to  the  entire system being out of memory, the
1036              allowed memory represents all allocatable resources.
1037
1038              The value of oom_score_adj is added to the badness score  before
1039              it  is  used to determine which task to kill.  Acceptable values
1040              range    from     -1000     (OOM_SCORE_ADJ_MIN)     to     +1000
1041              (OOM_SCORE_ADJ_MAX).   This  allows  user  space  to control the
1042              preference for OOM-killing, ranging  from  always  preferring  a
1043              certain  task  or completely disabling it from OOM killing.  The
1044              lowest possible value, -1000, is equivalent  to  disabling  OOM-
1045              killing  entirely  for  that task, since it will always report a
1046              badness score of 0.
1047
1048              Consequently, it is very simple for user  space  to  define  the
1049              amount  of  memory  to  consider  for  each  task.   Setting  an
1050              oom_score_adj value of +500, for example, is roughly  equivalent
1051              to  allowing  the  remainder  of  tasks sharing the same system,
1052              cpuset, mempolicy, or memory  controller  resources  to  use  at
1053              least  50%  more  memory.   A  value of -500, on the other hand,
1054              would be roughly equivalent to discounting  50%  of  the  task's
1055              allowed  memory  from  being  considered  as scoring against the
1056              task.
1057
1058              For    backward    compatibility    with    previous    kernels,
1059              /proc/[pid]/oom_adj can still be used to tune the badness score.
1060              Its value is scaled linearly with oom_score_adj.
1061
1062              Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will
1063              change the other with its scaled value.
1064
1065              The  choom(1)  program  provides  a  command-line  interface for
1066              adjusting the oom_score_adj value of  a  running  process  or  a
1067              newly executed command.
1068
1069       /proc/[pid]/pagemap (since Linux 2.6.25)
1070              This  file  shows  the  mapping of each of the process's virtual
1071              pages into physical page frames or swap area.  It  contains  one
1072              64-bit  value  for  each virtual page, with the bits set as fol‐
1073              lows:
1074
1075                   63     If set, the page is present in RAM.
1076
1077                   62     If set, the page is in swap space
1078
1079                   61 (since Linux 3.5)
1080                          The page is a file-mapped page or a shared anonymous
1081                          page.
1082
1083                   60–57 (since Linux 3.11)
1084                          Zero
1085
1086                   56 (since Linux 4.2)
1087                          The page is exclusively mapped.
1088
1089                   55 (since Linux 3.11)
1090                          PTE  is soft-dirty (see the kernel source file Docu‐
1091                          mentation/admin-guide/mm/soft-dirty.rst).
1092
1093                   54–0   If the page is present in RAM (bit 63),  then  these
1094                          bits  provide  the  page  frame number, which can be
1095                          used to index /proc/kpageflags and /proc/kpagecount.
1096                          If  the  page is present in swap (bit 62), then bits
1097                          4–0 give the swap type, and  bits  54–5  encode  the
1098                          swap offset.
1099
1100              Before Linux 3.11, bits 60–55 were used to encode the base-2 log
1101              of the page size.
1102
1103              To employ /proc/[pid]/pagemap efficiently, use  /proc/[pid]/maps
1104              to  determine which areas of memory are actually mapped and seek
1105              to skip over unmapped regions.
1106
1107              The  /proc/[pid]/pagemap  file  is  present  only  if  the  CON‐
1108              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1109
1110              Permission  to  access  this file is governed by a ptrace access
1111              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1112
1113       /proc/[pid]/personality (since Linux 2.6.28)
1114              This read-only file exposes the process's execution  domain,  as
1115              set  by  personality(2).   The value is displayed in hexadecimal
1116              notation.
1117
1118              Permission to access this file is governed by  a  ptrace  access
1119              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1120
1121       /proc/[pid]/root
1122              UNIX  and  Linux  support  the idea of a per-process root of the
1123              filesystem, set by the chroot(2) system call.  This  file  is  a
1124              symbolic  link  that points to the process's root directory, and
1125              behaves in the same way as exe, and fd/*.
1126
1127              Note however that this file is not merely a symbolic  link.   It
1128              provides  the  same view of the filesystem (including namespaces
1129              and the set of per-process mounts) as the  process  itself.   An
1130              example  illustrates  this  point.   In one terminal, we start a
1131              shell in new user and mount namespaces, and  in  that  shell  we
1132              create some new mount points:
1133
1134                  $ PS1='sh1# ' unshare -Urnm
1135                  sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
1136                  sh1# mount --bind /usr /dev     # Mount /usr at /dev
1137                  sh1# echo $$
1138                  27123
1139
1140              In  a second terminal window, in the initial mount namespace, we
1141              look at the contents of the corresponding mounts in the  initial
1142              and new namespaces:
1143
1144                  $ PS1='sh2# ' sudo sh
1145                  sh2# ls /etc | wc -l                  # In initial NS
1146                  309
1147                  sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
1148                  0                                     # The empty tmpfs dir
1149                  sh2# ls /dev | wc -l                  # In initial NS
1150                  205
1151                  sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
1152                  11                                    # Actually bind
1153                                                        # mounted to /usr
1154                  sh2# ls /usr | wc -l                  # /usr in initial NS
1155                  11
1156
1157              In a multithreaded process, the contents of the /proc/[pid]/root
1158              symbolic link are not available if the main thread  has  already
1159              terminated (typically by calling pthread_exit(3)).
1160
1161              Permission  to  dereference  or read (readlink(2)) this symbolic
1162              link    is    governed    by    a     ptrace     access     mode
1163              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1164
1165       /proc/[pid]/seccomp (Linux 2.6.12 to 2.6.22)
1166              This  file  can  be used to read and change the process's secure
1167              computing (seccomp) mode setting.  It contains the  value  0  if
1168              the  process  is not in seccomp mode, and 1 if the process is in
1169              strict seccomp mode (see seccomp(2)).  Writing 1  to  this  file
1170              places  the  process irreversibly in strict seccomp mode.  (Fur‐
1171              ther attempts to write to the file fail with the EPERM error.)
1172
1173              In Linux 2.6.23, this file went away,  to  be  replaced  by  the
1174              prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP operations (and later
1175              by seccomp(2) and the Seccomp field in /proc/[pid]/status).
1176
1177       /proc/[pid]/setgroups (since Linux 3.19)
1178              See user_namespaces(7).
1179
1180       /proc/[pid]/smaps (since Linux 2.6.14)
1181              This file shows memory consumption for  each  of  the  process's
1182              mappings.  (The pmap(1) command displays similar information, in
1183              a form that may be easier for parsing.)  For each mapping  there
1184              is a series of lines such as the following:
1185
1186                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
1187                  Size:                552 kB
1188                  Rss:                 460 kB
1189                  Pss:                 100 kB
1190                  Shared_Clean:        452 kB
1191                  Shared_Dirty:          0 kB
1192                  Private_Clean:         8 kB
1193                  Private_Dirty:         0 kB
1194                  Referenced:          460 kB
1195                  Anonymous:             0 kB
1196                  AnonHugePages:         0 kB
1197                  ShmemHugePages:        0 kB
1198                  ShmemPmdMapped:        0 kB
1199                  Swap:                  0 kB
1200                  KernelPageSize:        4 kB
1201                  MMUPageSize:           4 kB
1202                  KernelPageSize:        4 kB
1203                  MMUPageSize:           4 kB
1204                  Locked:                0 kB
1205                  ProtectionKey:         0
1206                  VmFlags: rd ex mr mw me dw
1207
1208              The  first  of these lines shows the same information as is dis‐
1209              played for the mapping in /proc/[pid]/maps.  The following lines
1210              show  the size of the mapping, the amount of the mapping that is
1211              currently resident in RAM ("Rss"),  the  process's  proportional
1212              share  of  this  mapping  ("Pss"), the number of clean and dirty
1213              shared pages in the mapping, and the number of clean  and  dirty
1214              private pages in the mapping.  "Referenced" indicates the amount
1215              of memory currently marked as referenced or  accessed.   "Anony‐
1216              mous"  shows  the  amount  of memory that does not belong to any
1217              file.  "Swap" shows how much would-be-anonymous memory  is  also
1218              used, but out on swap.
1219
1220              The  "KernelPageSize" line (available since Linux 2.6.29) is the
1221              page size used by the kernel to back the  virtual  memory  area.
1222              This  matches the size used by the MMU in the majority of cases.
1223              However, one counter-example occurs on PPC64 kernels  whereby  a
1224              kernel  using  64kB  as a base page size may still use 4kB pages
1225              for the  MMU  on  older  processors.   To  distinguish  the  two
1226              attributes,  the  "MMUPageSize" line (also available since Linux
1227              2.6.29) reports the page size used by the MMU.
1228
1229              The "Locked" indicates whether the mapping is locked  in  memory
1230              or not.
1231
1232              The  "ProtectionKey"  line  (available  since  Linux 4.9, on x86
1233              only) contains the memory protection key (see pkeys(7))  associ‐
1234              ated  with  the virtual memory area.  This entry is present only
1235              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1236              TION_KEYS configuration option.
1237
1238              The  "VmFlags"  line  (available since Linux 3.8) represents the
1239              kernel flags associated with the virtual  memory  area,  encoded
1240              using the following two-letter codes:
1241
1242                  rd  - readable
1243                  wr  - writable
1244                  ex  - executable
1245                  sh  - shared
1246                  mr  - may read
1247                  mw  - may write
1248                  me  - may execute
1249                  ms  - may share
1250                  gd  - stack segment grows down
1251                  pf  - pure PFN range
1252                  dw  - disabled write to the mapped file
1253                  lo  - pages are locked in memory
1254                  io  - memory mapped I/O area
1255                  sr  - sequential read advise provided
1256                  rr  - random read advise provided
1257                  dc  - do not copy area on fork
1258                  de  - do not expand area on remapping
1259                  ac  - area is accountable
1260                  nr  - swap space is not reserved for the area
1261                  ht  - area uses huge tlb pages
1262                  nl  - non-linear mapping
1263                  ar  - architecture specific flag
1264                  dd  - do not include area into core dump
1265                  sd  - soft-dirty flag
1266                  mm  - mixed map area
1267                  hg  - huge page advise flag
1268                  nh  - no-huge page advise flag
1269                  mg  - mergeable advise flag
1270
1271              "ProtectionKey"  field  contains  the memory protection key (see
1272              pkeys(5)) associated with the virtual memory area.  Present only
1273              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1274              TION_KEYS configuration option. (since Linux 4.6)
1275
1276              The  /proc/[pid]/smaps  file  is  present  only  if   the   CON‐
1277              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1278
1279       /proc/[pid]/stack (since Linux 2.6.29)
1280              This  file  provides  a  symbolic trace of the function calls in
1281              this process's kernel stack.  This file is provided only if  the
1282              kernel   was  built  with  the  CONFIG_STACKTRACE  configuration
1283              option.
1284
1285              Permission to access this file is governed by  a  ptrace  access
1286              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1287
1288       /proc/[pid]/stat
1289              Status  information  about  the process.  This is used by ps(1).
1290              It is defined in the kernel source file fs/proc/array.c.
1291
1292              The fields, in order, with their proper scanf(3)  format  speci‐
1293              fiers, are listed below.  Whether or not certain of these fields
1294              display valid information is governed by a  ptrace  access  mode
1295              PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT  check  (refer to
1296              ptrace(2)).  If the check denies access, then the field value is
1297              displayed  as  0.   The  affected  fields are indicated with the
1298              marking [PT].
1299
1300              (1) pid  %d
1301                        The process ID.
1302
1303              (2) comm  %s
1304                        The filename of the executable, in parentheses.   This
1305                        is  visible  whether  or not the executable is swapped
1306                        out.
1307
1308              (3) state  %c
1309                        One of the following  characters,  indicating  process
1310                        state:
1311
1312                        R  Running
1313
1314                        S  Sleeping in an interruptible wait
1315
1316                        D  Waiting in uninterruptible disk sleep
1317
1318                        Z  Zombie
1319
1320                        T  Stopped  (on  a  signal)  or  (before Linux 2.6.33)
1321                           trace stopped
1322
1323                        t  Tracing stop (Linux 2.6.33 onward)
1324
1325                        W  Paging (only before Linux 2.6.0)
1326
1327                        X  Dead (from Linux 2.6.0 onward)
1328
1329                        x  Dead (Linux 2.6.33 to 3.13 only)
1330
1331                        K  Wakekill (Linux 2.6.33 to 3.13 only)
1332
1333                        W  Waking (Linux 2.6.33 to 3.13 only)
1334
1335                        P  Parked (Linux 3.9 to 3.13 only)
1336
1337              (4) ppid  %d
1338                        The PID of the parent of this process.
1339
1340              (5) pgrp  %d
1341                        The process group ID of the process.
1342
1343              (6) session  %d
1344                        The session ID of the process.
1345
1346              (7) tty_nr  %d
1347                        The controlling terminal of the process.   (The  minor
1348                        device  number is contained in the combination of bits
1349                        31 to 20 and 7 to 0; the major  device  number  is  in
1350                        bits 15 to 8.)
1351
1352              (8) tpgid  %d
1353                        The ID of the foreground process group of the control‐
1354                        ling terminal of the process.
1355
1356              (9) flags  %u
1357                        The kernel flags word of the process.  For  bit  mean‐
1358                        ings,  see the PF_* defines in the Linux kernel source
1359                        file include/linux/sched.h.   Details  depend  on  the
1360                        kernel version.
1361
1362                        The format for this field was %lu before Linux 2.6.
1363
1364              (10) minflt  %lu
1365                        The  number of minor faults the process has made which
1366                        have not required loading a memory page from disk.
1367
1368              (11) cminflt  %lu
1369                        The number of minor faults that the process's  waited-
1370                        for children have made.
1371
1372              (12) majflt  %lu
1373                        The  number of major faults the process has made which
1374                        have required loading a memory page from disk.
1375
1376              (13) cmajflt  %lu
1377                        The number of major faults that the process's  waited-
1378                        for children have made.
1379
1380              (14) utime  %lu
1381                        Amount of time that this process has been scheduled in
1382                        user  mode,  measured  in  clock  ticks   (divide   by
1383                        sysconf(_SC_CLK_TCK)).    This  includes  guest  time,
1384                        guest_time (time spent  running  a  virtual  CPU,  see
1385                        below), so that applications that are not aware of the
1386                        guest time field do not lose that time from their cal‐
1387                        culations.
1388
1389              (15) stime  %lu
1390                        Amount of time that this process has been scheduled in
1391                        kernel  mode,  measured  in  clock  ticks  (divide  by
1392                        sysconf(_SC_CLK_TCK)).
1393
1394              (16) cutime  %ld
1395                        Amount of time that this process's waited-for children
1396                        have been scheduled in user mode,  measured  in  clock
1397                        ticks  (divide  by  sysconf(_SC_CLK_TCK)).   (See also
1398                        times(2).)   This  includes  guest  time,  cguest_time
1399                        (time spent running a virtual CPU, see below).
1400
1401              (17) cstime  %ld
1402                        Amount of time that this process's waited-for children
1403                        have been scheduled in kernel mode, measured in  clock
1404                        ticks (divide by sysconf(_SC_CLK_TCK)).
1405
1406              (18) priority  %ld
1407                        (Explanation  for  Linux  2.6) For processes running a
1408                        real-time  scheduling  policy   (policy   below;   see
1409                        sched_setscheduler(2)), this is the negated scheduling
1410                        priority, minus one; that is, a number in the range -2
1411                        to  -100,  corresponding  to real-time priorities 1 to
1412                        99.   For  processes  running  under  a  non-real-time
1413                        scheduling policy, this is the raw nice value (setpri‐
1414                        ority(2)) as represented in the  kernel.   The  kernel
1415                        stores nice values as numbers in the range 0 (high) to
1416                        39 (low), corresponding to the user-visible nice range
1417                        of -20 to 19.
1418
1419                        Before Linux 2.6, this was a scaled value based on the
1420                        scheduler weighting given to this process.
1421
1422              (19) nice  %ld
1423                        The nice value (see setpriority(2)), a  value  in  the
1424                        range 19 (low priority) to -20 (high priority).
1425
1426              (20) num_threads  %ld
1427                        Number  of  threads in this process (since Linux 2.6).
1428                        Before kernel 2.6, this field was hard coded to 0 as a
1429                        placeholder for an earlier removed field.
1430
1431              (21) itrealvalue  %ld
1432                        The time in jiffies before the next SIGALRM is sent to
1433                        the process due to an interval  timer.   Since  kernel
1434                        2.6.17,  this  field  is  no longer maintained, and is
1435                        hard coded as 0.
1436
1437              (22) starttime  %llu
1438                        The time the process started after  system  boot.   In
1439                        kernels  before Linux 2.6, this value was expressed in
1440                        jiffies.  Since Linux 2.6, the value is  expressed  in
1441                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1442
1443                        The format for this field was %lu before Linux 2.6.
1444
1445              (23) vsize  %lu
1446                        Virtual memory size in bytes.
1447
1448              (24) rss  %ld
1449                        Resident  Set Size: number of pages the process has in
1450                        real memory.  This  is  just  the  pages  which  count
1451                        toward  text,  data,  or  stack  space.  This does not
1452                        include pages which have not been demand-loaded in, or
1453                        which are swapped out.
1454
1455              (25) rsslim  %lu
1456                        Current soft limit in bytes on the rss of the process;
1457                        see the description of RLIMIT_RSS in getrlimit(2).
1458
1459              (26) startcode  %lu  [PT]
1460                        The address above which program text can run.
1461
1462              (27) endcode  %lu  [PT]
1463                        The address below which program text can run.
1464
1465              (28) startstack  %lu  [PT]
1466                        The address of the start (i.e., bottom) of the stack.
1467
1468              (29) kstkesp  %lu  [PT]
1469                        The current value of ESP (stack pointer), as found  in
1470                        the kernel stack page for the process.
1471
1472              (30) kstkeip  %lu  [PT]
1473                        The current EIP (instruction pointer).
1474
1475              (31) signal  %lu
1476                        The  bitmap of pending signals, displayed as a decimal
1477                        number.  Obsolete, because it does not provide  infor‐
1478                        mation  on  real-time  signals; use /proc/[pid]/status
1479                        instead.
1480
1481              (32) blocked  %lu
1482                        The bitmap of blocked signals, displayed as a  decimal
1483                        number.   Obsolete, because it does not provide infor‐
1484                        mation on real-time  signals;  use  /proc/[pid]/status
1485                        instead.
1486
1487              (33) sigignore  %lu
1488                        The  bitmap of ignored signals, displayed as a decimal
1489                        number.  Obsolete, because it does not provide  infor‐
1490                        mation  on  real-time  signals; use /proc/[pid]/status
1491                        instead.
1492
1493              (34) sigcatch  %lu
1494                        The bitmap of caught signals, displayed as  a  decimal
1495                        number.   Obsolete, because it does not provide infor‐
1496                        mation on real-time  signals;  use  /proc/[pid]/status
1497                        instead.
1498
1499              (35) wchan  %lu  [PT]
1500                        This is the "channel" in which the process is waiting.
1501                        It is the address of a location in  the  kernel  where
1502                        the  process  is sleeping.  The corresponding symbolic
1503                        name can be found in /proc/[pid]/wchan.
1504
1505              (36) nswap  %lu
1506                        Number of pages swapped (not maintained).
1507
1508              (37) cnswap  %lu
1509                        Cumulative nswap for child processes (not maintained).
1510
1511              (38) exit_signal  %d  (since Linux 2.1.22)
1512                        Signal to be sent to parent when we die.
1513
1514              (39) processor  %d  (since Linux 2.2.8)
1515                        CPU number last executed on.
1516
1517              (40) rt_priority  %u  (since Linux 2.5.19)
1518                        Real-time scheduling priority, a number in the range 1
1519                        to  99  for processes scheduled under a real-time pol‐
1520                        icy,  or   0,   for   non-real-time   processes   (see
1521                        sched_setscheduler(2)).
1522
1523              (41) policy  %u  (since Linux 2.5.19)
1524                        Scheduling policy (see sched_setscheduler(2)).  Decode
1525                        using the SCHED_* constants in linux/sched.h.
1526
1527                        The format for this field was %lu before Linux 2.6.22.
1528
1529              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
1530                        Aggregated block I/O delays, measured in  clock  ticks
1531                        (centiseconds).
1532
1533              (43) guest_time  %lu  (since Linux 2.6.24)
1534                        Guest  time  of the process (time spent running a vir‐
1535                        tual CPU for a guest operating  system),  measured  in
1536                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1537
1538              (44) cguest_time  %ld  (since Linux 2.6.24)
1539                        Guest  time  of  the  process's  children, measured in
1540                        clock ticks (divide by sysconf(_SC_CLK_TCK)).
1541
1542              (45) start_data  %lu  (since Linux 3.3)  [PT]
1543                        Address above which program initialized and uninitial‐
1544                        ized (BSS) data are placed.
1545
1546              (46) end_data  %lu  (since Linux 3.3)  [PT]
1547                        Address below which program initialized and uninitial‐
1548                        ized (BSS) data are placed.
1549
1550              (47) start_brk  %lu  (since Linux 3.3)  [PT]
1551                        Address above which program heap can be expanded  with
1552                        brk(2).
1553
1554              (48) arg_start  %lu  (since Linux 3.5)  [PT]
1555                        Address  above  which  program  command-line arguments
1556                        (argv) are placed.
1557
1558              (49) arg_end  %lu  (since Linux 3.5)  [PT]
1559                        Address below program  command-line  arguments  (argv)
1560                        are placed.
1561
1562              (50) env_start  %lu  (since Linux 3.5)  [PT]
1563                        Address above which program environment is placed.
1564
1565              (51) env_end  %lu  (since Linux 3.5)  [PT]
1566                        Address below which program environment is placed.
1567
1568              (52) exit_code  %d  (since Linux 3.5)  [PT]
1569                        The thread's exit status in the form reported by wait‐
1570                        pid(2).
1571
1572       /proc/[pid]/statm
1573              Provides information about memory usage, measured in pages.  The
1574              columns are:
1575
1576                  size       (1) total program size
1577                             (same as VmSize in /proc/[pid]/status)
1578                  resident   (2) resident set size
1579                             (same as VmRSS in /proc/[pid]/status)
1580                  shared     (3) number of resident shared pages (i.e., backed by a file)
1581                             (same as RssFile+RssShmem in /proc/[pid]/status)
1582                  text       (4) text (code)
1583                  lib        (5) library (unused since Linux 2.6; always 0)
1584                  data       (6) data + stack
1585                  dt         (7) dirty pages (unused since Linux 2.6; always 0)
1586
1587       /proc/[pid]/status
1588              Provides   much  of  the  information  in  /proc/[pid]/stat  and
1589              /proc/[pid]/statm in a format that's easier for humans to parse.
1590              Here's an example:
1591
1592                  $ cat /proc/$$/status
1593                  Name:   bash
1594                  Umask:  0022
1595                  State:  S (sleeping)
1596                  Tgid:   17248
1597                  Ngid:   0
1598                  Pid:    17248
1599                  PPid:   17200
1600                  TracerPid:      0
1601                  Uid:    1000    1000    1000    1000
1602                  Gid:    100     100     100     100
1603                  FDSize: 256
1604                  Groups: 16 33 100
1605                  NStgid: 17248
1606                  NSpid:  17248
1607                  NSpgid: 17248
1608                  NSsid:  17200
1609                  VmPeak:     131168 kB
1610                  VmSize:     131168 kB
1611                  VmLck:           0 kB
1612                  VmPin:           0 kB
1613                  VmHWM:       13484 kB
1614                  VmRSS:       13484 kB
1615                  RssAnon:     10264 kB
1616                  RssFile:      3220 kB
1617                  RssShmem:        0 kB
1618                  VmData:      10332 kB
1619                  VmStk:         136 kB
1620                  VmExe:         992 kB
1621                  VmLib:        2104 kB
1622                  VmPTE:          76 kB
1623                  VmPMD:          12 kB
1624                  VmSwap:          0 kB
1625                  HugetlbPages:          0 kB        # 4.4
1626                  CoreDumping:   0                       # 4.15
1627                  Threads:        1
1628                  SigQ:   0/3067
1629                  SigPnd: 0000000000000000
1630                  ShdPnd: 0000000000000000
1631                  SigBlk: 0000000000010000
1632                  SigIgn: 0000000000384004
1633                  SigCgt: 000000004b813efb
1634                  CapInh: 0000000000000000
1635                  CapPrm: 0000000000000000
1636                  CapEff: 0000000000000000
1637                  CapBnd: ffffffffffffffff
1638                  CapAmb:   0000000000000000
1639                  NoNewPrivs:     0
1640                  Seccomp:        0
1641                  Speculation_Store_Bypass:       vulnerable
1642                  Cpus_allowed:   00000001
1643                  Cpus_allowed_list:      0
1644                  Mems_allowed:   1
1645                  Mems_allowed_list:      0
1646                  voluntary_ctxt_switches:        150
1647                  nonvoluntary_ctxt_switches:     545
1648
1649              The fields are as follows:
1650
1651              * Name: Command run by this process.
1652
1653              * Umask:  Process umask, expressed in octal with a leading zero;
1654                see umask(2).  (Since Linux 4.7.)
1655
1656              * State: Current state of the process.  One of "R (running)", "S
1657                (sleeping)",  "D  (disk  sleep)",  "T  (stopped)", "T (tracing
1658                stop)", "Z (zombie)", or "X (dead)".
1659
1660              * Tgid: Thread group ID (i.e., Process ID).
1661
1662              * Ngid: NUMA group ID (0 if none; since Linux 3.13).
1663
1664              * Pid: Thread ID (see gettid(2)).
1665
1666              * PPid: PID of parent process.
1667
1668              * TracerPid: PID of process tracing this process (0 if not being
1669                traced).
1670
1671              * Uid,  Gid:  Real,  effective,  saved  set, and filesystem UIDs
1672                (GIDs).
1673
1674              * FDSize: Number of file descriptor slots currently allocated.
1675
1676              * Groups: Supplementary group list.
1677
1678              * NStgid: Thread group ID (i.e., PID) in each of the PID  names‐
1679                paces  of  which  [pid] is a member.  The leftmost entry shows
1680                the value with respect to the PID  namespace  of  the  process
1681                that  mounted this procfs (or the root namespace if mounted by
1682                the kernel), followed by  the  value  in  successively  nested
1683                inner namespaces.  (Since Linux 4.1.)
1684
1685              * NSpid:  Thread ID in each of the PID namespaces of which [pid]
1686                is a member.  The fields are ordered as  for  NStgid.   (Since
1687                Linux 4.1.)
1688
1689              * NSpgid:  Process  group  ID  in  each of the PID namespaces of
1690                which [pid] is a member.  The fields are ordered as  for  NSt‐
1691                gid.  (Since Linux 4.1.)
1692
1693              * NSsid: descendant namespace session ID hierarchy Session ID in
1694                each of the PID namespaces of which [pid] is  a  member.   The
1695                fields are ordered as for NStgid.  (Since Linux 4.1.)
1696
1697              * VmPeak: Peak virtual memory size.
1698
1699              * VmSize: Virtual memory size.
1700
1701              * VmLck: Locked memory size (see mlock(2)).
1702
1703              * VmPin:  Pinned memory size (since Linux 3.2).  These are pages
1704                that can't be moved because something needs to directly access
1705                physical memory.
1706
1707              * VmHWM: Peak resident set size ("high water mark").
1708
1709              * VmRSS: Resident set size.  Note that the value here is the sum
1710                of RssAnon, RssFile, and RssShmem.
1711
1712              * RssAnon: Size of  resident  anonymous  memory.   (since  Linux
1713                4.5).
1714
1715              * RssFile: Size of resident file mappings.  (since Linux 4.5).
1716
1717              * RssShmem:  Size  of  resident shared memory (includes System V
1718                shared memory, mappings from tmpfs(5),  and  shared  anonymous
1719                mappings).  (since Linux 4.5).
1720
1721              * VmData, VmStk, VmExe: Size of data, stack, and text segments.
1722
1723              * VmLib: Shared library code size.
1724
1725              * VmPTE: Page table entries size (since Linux 2.6.10).
1726
1727              * VmPMD:  Size  of second-level page tables (added in Linux 4.0;
1728                removed in Linux 4.15).
1729
1730              * VmSwap: Swapped-out virtual memory size by  anonymous  private
1731                pages; shmem swap usage is not included (since Linux 2.6.34).
1732
1733              * HugetlbPages:  Size  of  hugetlb  memory portions (since Linux
1734                4.4).
1735
1736              * CoreDumping: Contains the value 1 if the process is  currently
1737                dumping  core,  and  0  if it is not (since Linux 4.15).  This
1738                information can be used  by  a  monitoring  process  to  avoid
1739                killing  a process that is currently dumping core, which could
1740                result in a corrupted core dump file.
1741
1742              * Threads: Number of threads in process containing this thread.
1743
1744              * SigQ: This field contains  two  slash-separated  numbers  that
1745                relate to queued signals for the real user ID of this process.
1746                The first of these is the number of currently  queued  signals
1747                for this real user ID, and the second is the resource limit on
1748                the number  of  queued  signals  for  this  process  (see  the
1749                description of RLIMIT_SIGPENDING in getrlimit(2)).
1750
1751              * SigPnd,  ShdPnd:  Mask  (expressed  in hexadecimal) of signals
1752                pending for thread and for process as a whole (see pthreads(7)
1753                and signal(7)).
1754
1755              * SigBlk, SigIgn, SigCgt: Masks (expressed in hexadecimal) indi‐
1756                cating signals being blocked, ignored, and  caught  (see  sig‐
1757                nal(7)).
1758
1759              * CapInh,  CapPrm,  CapEff:  Masks (expressed in hexadecimal) of
1760                capabilities enabled in inheritable, permitted, and  effective
1761                sets (see capabilities(7)).
1762
1763              * CapBnd:  Capability  bounding  set,  expressed  in hexadecimal
1764                (since Linux 2.6.26, see capabilities(7)).
1765
1766              * CapAmb:  Ambient  capability  set,  expressed  in  hexadecimal
1767                (since Linux 4.3, see capabilities(7)).
1768
1769              * NoNewPrivs:  Value  of the no_new_privs bit (since Linux 4.10,
1770                see prctl(2)).
1771
1772              * Seccomp: Seccomp mode of the process  (since  Linux  3.8,  see
1773                seccomp(2)).   0  means  SECCOMP_MODE_DISABLED;  1  means SEC‐
1774                COMP_MODE_STRICT; 2 means SECCOMP_MODE_FILTER.  This field  is
1775                provided  only if the kernel was built with the CONFIG_SECCOMP
1776                kernel configuration option enabled.
1777
1778              * Speculation_Store_Bypass: Speculation  flaw  mitigation  state
1779                (since Linux 4.17, see prctl(2)).
1780
1781              * Cpus_allowed:  Hexadecimal  mask of CPUs on which this process
1782                may run (since Linux 2.6.24, see cpuset(7)).
1783
1784              * Cpus_allowed_list: Same as  previous,  but  in  "list  format"
1785                (since Linux 2.6.26, see cpuset(7)).
1786
1787              * Mems_allowed:  Mask  of  memory  nodes allowed to this process
1788                (since Linux 2.6.24, see cpuset(7)).
1789
1790              * Mems_allowed_list: Same as  previous,  but  in  "list  format"
1791                (since Linux 2.6.26, see cpuset(7)).
1792
1793              * voluntary_ctxt_switches, nonvoluntary_ctxt_switches: Number of
1794                voluntary  and  involuntary  context  switches  (since   Linux
1795                2.6.23).
1796
1797       /proc/[pid]/syscall (since Linux 2.6.27)
1798              This  file exposes the system call number and argument registers
1799              for the system call currently being  executed  by  the  process,
1800              followed  by the values of the stack pointer and program counter
1801              registers.   The  values  of  all  six  argument  registers  are
1802              exposed, although most system calls use fewer registers.
1803
1804              If  the  process  is blocked, but not in a system call, then the
1805              file displays -1 in place of the system call number, followed by
1806              just  the  values  of the stack pointer and program counter.  If
1807              process is not blocked, then the file contains just  the  string
1808              "running".
1809
1810              This file is present only if the kernel was configured with CON‐
1811              FIG_HAVE_ARCH_TRACEHOOK.
1812
1813              Permission to access this file is governed by  a  ptrace  access
1814              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1815
1816       /proc/[pid]/task (since Linux 2.6.0)
1817              This  is  a  directory  that  contains one subdirectory for each
1818              thread in the process.  The name of  each  subdirectory  is  the
1819              numerical thread ID ([tid]) of the thread (see gettid(2)).
1820
1821              Within  each  of  these  subdirectories, there is a set of files
1822              with the same names and contents as under the /proc/[pid] direc‐
1823              tories.  For attributes that are shared by all threads, the con‐
1824              tents for each of the files under the task/[tid]  subdirectories
1825              will  be  the  same  as  in the corresponding file in the parent
1826              /proc/[pid] directory (e.g., in a multithreaded process, all  of
1827              the  task/[tid]/cwd  files  will  have  the  same  value  as the
1828              /proc/[pid]/cwd file in the parent directory, since all  of  the
1829              threads in a process share a working directory).  For attributes
1830              that are distinct for each thread, the corresponding files under
1831              task/[tid]  may  have  different values (e.g., various fields in
1832              each of the task/[tid]/status files may be  different  for  each
1833              thread), or they might not exist in /proc/[pid] at all.
1834
1835              In a multithreaded process, the contents of the /proc/[pid]/task
1836              directory are not available if the main thread has already  ter‐
1837              minated (typically by calling pthread_exit(3)).
1838
1839       /proc/[pid]/task/[tid]/children (since Linux 3.5)
1840              A  space-separated list of child tasks of this task.  Each child
1841              task is represented by its TID.
1842
1843              This option is intended for use by the checkpoint-restore (CRIU)
1844              system,  and reliably provides a list of children only if all of
1845              the child processes are stopped or frozen.   It  does  not  work
1846              properly  if  children of the target task exit while the file is
1847              being read!  Exiting children may cause non-exiting children  to
1848              be  omitted  from the list.  This makes this interface even more
1849              unreliable than classic PID-based approaches  if  the  inspected
1850              task and its children aren't frozen, and most code should proba‐
1851              bly not use this interface.
1852
1853              Until Linux 4.2, the presence of this file was governed  by  the
1854              CONFIG_CHECKPOINT_RESTORE  kernel  configuration  option.  Since
1855              Linux 4.2, it is governed by the CONFIG_PROC_CHILDREN option.
1856
1857       /proc/[pid]/timers (since Linux 3.10)
1858              A list of the POSIX timers for  this  process.   Each  timer  is
1859              listed with a line that starts with the string "ID:".  For exam‐
1860              ple:
1861
1862                  ID: 1
1863                  signal: 60/00007fff86e452a8
1864                  notify: signal/pid.2634
1865                  ClockID: 0
1866                  ID: 0
1867                  signal: 60/00007fff86e452a8
1868                  notify: signal/pid.2634
1869                  ClockID: 1
1870
1871              The lines shown for each timer have the following meanings:
1872
1873              ID     The ID for this timer.  This is not the same as the timer
1874                     ID  returned  by  timer_create(2); rather, it is the same
1875                     kernel-internal ID that is available via  the  si_timerid
1876                     field of the siginfo_t structure (see sigaction(2)).
1877
1878              signal This is the signal number that this timer uses to deliver
1879                     notifications  followed  by  a  slash,   and   then   the
1880                     sigev_value  value supplied to the signal handler.  Valid
1881                     only for timers that notify via a signal.
1882
1883              notify The part before the slash specifies  the  mechanism  that
1884                     this  timer  uses to deliver notifications, and is one of
1885                     "thread", "signal", or "none".  Immediately following the
1886                     slash   is  either  the  string  "tid"  for  timers  with
1887                     SIGEV_THREAD_ID notification, or "pid"  for  timers  that
1888                     notify by other mechanisms.  Following the "." is the PID
1889                     of the process (or the kernel thread ID  of  the  thread)
1890                     that  will  be  delivered  a signal if the timer delivers
1891                     notifications via a signal.
1892
1893              ClockID
1894                     This field identifies the clock that the timer  uses  for
1895                     measuring  time.   For most clocks, this is a number that
1896                     matches one of the user-space CLOCK_*  constants  exposed
1897                     via  <time.h>.   CLOCK_PROCESS_CPUTIME_ID  timers display
1898                     with    a    value    of    -6     in     this     field.
1899                     CLOCK_THREAD_CPUTIME_ID timers display with a value of -2
1900                     in this field.
1901
1902              This file is available only when the kernel was configured  with
1903              CONFIG_CHECKPOINT_RESTORE.
1904
1905       /proc/[pid]/timerslack_ns (since Linux 4.6)
1906              This  file  exposes  the  process's "current" timer slack value,
1907              expressed in nanoseconds.  The file is  writable,  allowing  the
1908              process's  timer  slack  value to be changed.  Writing 0 to this
1909              file resets the "current" timer slack  to  the  "default"  timer
1910              slack  value.   For  further  details,  see  the  discussion  of
1911              PR_SET_TIMERSLACK in prctl(2).
1912
1913              Initially, permission to access this  file  was  governed  by  a
1914              ptrace   access   mode   PTRACE_MODE_ATTACH_FSCREDS  check  (see
1915              ptrace(2)).  However, this was subsequently deemed too strict  a
1916              requirement (and had the side effect that requiring a process to
1917              have the CAP_SYS_PTRACE capability would also allow it  to  view
1918              and  change  any process's memory).  Therefore, since Linux 4.9,
1919              only the (weaker) CAP_SYS_NICE capability is required to  access
1920              this file.
1921
1922       /proc/[pid]/uid_map, /proc/[pid]/gid_map (since Linux 3.5)
1923              See user_namespaces(7).
1924
1925       /proc/[pid]/wchan (since Linux 2.6.0)
1926              The  symbolic  name  corresponding to the location in the kernel
1927              where the process is sleeping.
1928
1929              Permission to access this file is governed by  a  ptrace  access
1930              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1931
1932       /proc/[tid]
1933              There   is a numerical subdirectory for each running thread that
1934              is not a thread group leader (i.e., a thread whose thread ID  is
1935              not  the  same  as its process ID); the subdirectory is named by
1936              the thread ID.  Each one of these subdirectories contains  files
1937              and  subdirectories  exposing  information about the thread with
1938              the thread ID tid.  The contents of these  directories  are  the
1939              same as the corresponding /proc/[pid]/task/[tid] directories.
1940
1941              The  /proc/[tid]  subdirectories  are not visible when iterating
1942              through /proc with getdents(2) (and thus are  not  visible  when
1943              one  uses  ls(1)  to  view the contents of /proc).  However, the
1944              pathnames of these directories are visible to (i.e.,  usable  as
1945              arguments in) system calls that operate on pathnames.
1946
1947       /proc/apm
1948              Advanced  power  management version and battery information when
1949              CONFIG_APM is defined at kernel compilation time.
1950
1951       /proc/buddyinfo
1952              This file contains information which is used for diagnosing mem‐
1953              ory fragmentation issues.  Each line starts with the identifica‐
1954              tion of the node and the name of the zone which  together  iden‐
1955              tify  a  memory  region  This  is  then followed by the count of
1956              available chunks of a certain order in  which  these  zones  are
1957              split.   The  size  in  bytes of a certain order is given by the
1958              formula:
1959
1960                  (2^order) * PAGE_SIZE
1961
1962              The binary buddy allocator  algorithm  inside  the  kernel  will
1963              split  one  chunk  into two chunks of a smaller order (thus with
1964              half the size) or combine two contiguous chunks into one  larger
1965              chunk  of  a higher order (thus with double the size) to satisfy
1966              allocation requests and to counter  memory  fragmentation.   The
1967              order matches the column number, when starting to count at zero.
1968
1969              For example on an x86-64 system:
1970
1971  Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
1972  Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
1973  Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
1974
1975              In  this  example,  there is one node containing three zones and
1976              there are 11 different chunk sizes.  If the page size is 4 kilo‐
1977              bytes,  then  the  first  zone  called  DMA (on x86 the first 16
1978              megabyte of memory) has 1 chunk of 4 kilobytes (order 0)  avail‐
1979              able and has 3 chunks of 4 megabytes (order 10) available.
1980
1981              If  the  memory  is  heavily fragmented, the counters for higher
1982              order chunks will be zero and  allocation  of  large  contiguous
1983              areas will fail.
1984
1985              Further  information about the zones can be found in /proc/zone‐
1986              info.
1987
1988       /proc/bus
1989              Contains subdirectories for installed busses.
1990
1991       /proc/bus/pccard
1992              Subdirectory for PCMCIA devices when  CONFIG_PCMCIA  is  set  at
1993              kernel compilation time.
1994
1995       /proc/bus/pccard/drivers
1996
1997       /proc/bus/pci
1998              Contains  various bus subdirectories and pseudo-files containing
1999              information about PCI  busses,  installed  devices,  and  device
2000              drivers.  Some of these files are not ASCII.
2001
2002       /proc/bus/pci/devices
2003              Information  about  PCI  devices.   They may be accessed through
2004              lspci(8) and setpci(8).
2005
2006       /proc/cgroups (since Linux 2.6.24)
2007              See cgroups(7).
2008
2009       /proc/cmdline
2010              Arguments passed to the Linux kernel at boot time.   Often  done
2011              via a boot manager such as lilo(8) or grub(8).
2012
2013       /proc/config.gz (since Linux 2.6)
2014              This  file  exposes  the configuration options that were used to
2015              build the currently running kernel, in the same format  as  they
2016              would  be shown in the .config file that resulted when configur‐
2017              ing the kernel (using make xconfig, make  config,  or  similar).
2018              The  file  contents  are  compressed;  view or search them using
2019              zcat(1) and zgrep(1).  As long as no changes have been  made  to
2020              the following file, the contents of /proc/config.gz are the same
2021              as those provided by:
2022
2023                  cat /lib/modules/$(uname -r)/build/.config
2024
2025              /proc/config.gz is provided only if  the  kernel  is  configured
2026              with CONFIG_IKCONFIG_PROC.
2027
2028       /proc/crypto
2029              A  list  of  the ciphers provided by the kernel crypto API.  For
2030              details, see the kernel Linux Kernel  Crypto  API  documentation
2031              available   under   the   kernel   source  directory  Documenta‐
2032              tion/crypto/ (or Documentation/DocBook before 4.10; the documen‐
2033              tation can be built using a command such as make htmldocs in the
2034              root directory of the kernel source tree).
2035
2036       /proc/cpuinfo
2037              This is a collection of CPU and  system  architecture  dependent
2038              items,  for  each  supported architecture a different list.  Two
2039              common  entries  are  processor  which  gives  CPU  number   and
2040              bogomips;  a  system  constant  that is calculated during kernel
2041              initialization.  SMP machines have  information  for  each  CPU.
2042              The lscpu(1) command gathers its information from this file.
2043
2044       /proc/devices
2045              Text  listing  of  major numbers and device groups.  This can be
2046              used by MAKEDEV scripts for consistency with the kernel.
2047
2048       /proc/diskstats (since Linux 2.5.69)
2049              This file contains disk I/O statistics  for  each  disk  device.
2050              See  the  Linux kernel source file Documentation/iostats.txt for
2051              further information.
2052
2053       /proc/dma
2054              This is a list of the registered ISA DMA (direct memory  access)
2055              channels in use.
2056
2057       /proc/driver
2058              Empty subdirectory.
2059
2060       /proc/execdomains
2061              List of the execution domains (ABI personalities).
2062
2063       /proc/fb
2064              Frame buffer information when CONFIG_FB is defined during kernel
2065              compilation.
2066
2067       /proc/filesystems
2068              A text listing of the filesystems which  are  supported  by  the
2069              kernel,  namely  filesystems which were compiled into the kernel
2070              or  whose  kernel  modules  are  currently  loaded.   (See  also
2071              filesystems(5).)   If  a filesystem is marked with "nodev", this
2072              means that it does not require a  block  device  to  be  mounted
2073              (e.g., virtual filesystem, network filesystem).
2074
2075              Incidentally, this file may be used by mount(8) when no filesys‐
2076              tem is specified and it didn't manage to determine the  filesys‐
2077              tem  type.   Then  filesystems  contained in this file are tried
2078              (excepted those that are marked with "nodev").
2079
2080       /proc/fs
2081              Contains subdirectories that in turn contain files with informa‐
2082              tion about (certain) mounted filesystems.
2083
2084       /proc/ide
2085              This  directory  exists  on systems with the IDE bus.  There are
2086              directories for each IDE channel  and  attached  device.   Files
2087              include:
2088
2089                  cache              buffer size in KB
2090                  capacity           number of sectors
2091                  driver             driver version
2092                  geometry           physical and logical geometry
2093                  identify           in hexadecimal
2094                  media              media type
2095                  model              manufacturer's model number
2096                  settings           drive settings
2097                  smart_thresholds   in hexadecimal
2098                  smart_values       in hexadecimal
2099
2100              The  hdparm(8)  utility provides access to this information in a
2101              friendly format.
2102
2103       /proc/interrupts
2104              This is used to record the number of interrupts per CPU  per  IO
2105              device.   Since  Linux 2.6.24, for the i386 and x86-64 architec‐
2106              tures, at least, this also includes interrupts internal  to  the
2107              system  (that is, not associated with a device as such), such as
2108              NMI (nonmaskable interrupt), LOC (local  timer  interrupt),  and
2109              for  SMP  systems,  TLB (TLB flush interrupt), RES (rescheduling
2110              interrupt), CAL (remote function call interrupt),  and  possibly
2111              others.  Very easy to read formatting, done in ASCII.
2112
2113       /proc/iomem
2114              I/O memory map in Linux 2.4.
2115
2116       /proc/ioports
2117              This is a list of currently registered Input-Output port regions
2118              that are in use.
2119
2120       /proc/kallsyms (since Linux 2.5.71)
2121              This holds the kernel exported symbol definitions  used  by  the
2122              modules(X)  tools to dynamically link and bind loadable modules.
2123              In Linux 2.5.47 and earlier, a similar file with  slightly  dif‐
2124              ferent syntax was named ksyms.
2125
2126       /proc/kcore
2127              This  file  represents  the physical memory of the system and is
2128              stored in the ELF core file format.  With this pseudo-file,  and
2129              an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be
2130              used to examine the current state of any kernel data structures.
2131
2132              The total length of the file is  the  size  of  physical  memory
2133              (RAM) plus 4 KiB.
2134
2135       /proc/keys (since Linux 2.6.10)
2136              See keyrings(7).
2137
2138       /proc/key-users (since Linux 2.6.10)
2139              See keyrings(7).
2140
2141       /proc/kmsg
2142              This  file  can  be used instead of the syslog(2) system call to
2143              read kernel messages.  A process must have superuser  privileges
2144              to  read  this file, and only one process should read this file.
2145              This file should not be read if  a  syslog  process  is  running
2146              which uses the syslog(2) system call facility to log kernel mes‐
2147              sages.
2148
2149              Information in this file is retrieved with the dmesg(1) program.
2150
2151       /proc/kpagecgroup (since Linux 4.3)
2152              This file contains a 64-bit inode number of  the  memory  cgroup
2153              each  page  is charged to, indexed by page frame number (see the
2154              discussion of /proc/[pid]/pagemap).
2155
2156              The /proc/kpagecgroup file is present only if  the  CONFIG_MEMCG
2157              kernel configuration option is enabled.
2158
2159       /proc/kpagecount (since Linux 2.6.25)
2160              This  file  contains  a 64-bit count of the number of times each
2161              physical page frame is mapped, indexed by page frame number (see
2162              the discussion of /proc/[pid]/pagemap).
2163
2164              The   /proc/kpagecount   file   is  present  only  if  the  CON‐
2165              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2166
2167       /proc/kpageflags (since Linux 2.6.25)
2168              This file contains 64-bit masks corresponding to  each  physical
2169              page  frame; it is indexed by page frame number (see the discus‐
2170              sion of /proc/[pid]/pagemap).  The bits are as follows:
2171
2172                   0 - KPF_LOCKED
2173                   1 - KPF_ERROR
2174                   2 - KPF_REFERENCED
2175                   3 - KPF_UPTODATE
2176                   4 - KPF_DIRTY
2177                   5 - KPF_LRU
2178                   6 - KPF_ACTIVE
2179                   7 - KPF_SLAB
2180                   8 - KPF_WRITEBACK
2181                   9 - KPF_RECLAIM
2182                  10 - KPF_BUDDY
2183                  11 - KPF_MMAP           (since Linux 2.6.31)
2184                  12 - KPF_ANON           (since Linux 2.6.31)
2185                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
2186                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
2187                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
2188                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
2189                  17 - KPF_HUGE           (since Linux 2.6.31)
2190                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
2191                  19 - KPF_HWPOISON       (since Linux 2.6.31)
2192                  20 - KPF_NOPAGE         (since Linux 2.6.31)
2193                  21 - KPF_KSM            (since Linux 2.6.32)
2194                  22 - KPF_THP            (since Linux 3.4)
2195                  23 - KPF_BALLOON        (since Linux 3.18)
2196                  24 - KPF_ZERO_PAGE      (since Linux 4.0)
2197                  25 - KPF_IDLE           (since Linux 4.3)
2198
2199              For further details on the meanings of these bits, see the  ker‐
2200              nel    source   file   Documentation/admin-guide/mm/pagemap.rst.
2201              Before kernel 2.6.29, KPF_WRITEBACK, KPF_RECLAIM, KPF_BUDDY, and
2202              KPF_LOCKED did not report correctly.
2203
2204              The   /proc/kpageflags   file   is  present  only  if  the  CON‐
2205              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2206
2207       /proc/ksyms (Linux 1.1.23–2.5.47)
2208              See /proc/kallsyms.
2209
2210       /proc/loadavg
2211              The first three fields in this file  are  load  average  figures
2212              giving  the number of jobs in the run queue (state R) or waiting
2213              for disk I/O (state D) averaged over 1, 5, and 15 minutes.  They
2214              are  the same as the load average numbers given by uptime(1) and
2215              other programs.  The fourth field consists of two numbers  sepa‐
2216              rated  by a slash (/).  The first of these is the number of cur‐
2217              rently runnable kernel scheduling entities (processes, threads).
2218              The  value  after  the  slash is the number of kernel scheduling
2219              entities that currently exist on the system.  The fifth field is
2220              the  PID  of  the  process that was most recently created on the
2221              system.
2222
2223       /proc/locks
2224              This file shows current file locks (flock(2) and  fcntl(2))  and
2225              leases (fcntl(2)).
2226
2227              An example of the content shown in this file is the following:
2228
2229                  1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2230                  2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
2231                  3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
2232                  4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
2233                  5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
2234                  6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
2235                  7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
2236                  8: OFDLCK ADVISORY  WRITE -1 08:01:8713209 128 191
2237
2238              The fields shown in each line are as follows:
2239
2240              (1) The ordinal position of the lock in the list.
2241
2242              (2) The lock type.  Values that may appear here include:
2243
2244                  FLOCK  This is a BSD file lock created using flock(2).
2245
2246                  OFDLCK This  is  an open file description (OFD) lock created
2247                         using fcntl(2).
2248
2249                  POSIX  This  is  a  POSIX  byte-range  lock  created   using
2250                         fcntl(2).
2251
2252              (3) Among the strings that can appear here are the following:
2253
2254                  ADVISORY
2255                         This is an advisory lock.
2256
2257                  MANDATORY
2258                         This is a mandatory lock.
2259
2260              (4) The type of lock.  Values that can appear here are:
2261
2262                  READ   This  is  a  POSIX  or OFD read lock, or a BSD shared
2263                         lock.
2264
2265                  WRITE  This is a POSIX or OFD write lock, or a BSD exclusive
2266                         lock.
2267
2268              (5) The PID of the process that owns the lock.
2269
2270                  Because  OFD  locks are not owned by a single process (since
2271                  multiple processes may have file descriptors that  refer  to
2272                  the  same  open file description), the value -1 is displayed
2273                  in this field for OFD locks.  (Before  kernel  4.14,  a  bug
2274                  meant  that  the  PID of the process that initially acquired
2275                  the lock was displayed instead of the value -1.)
2276
2277              (6) Three colon-separated subfields that identify the major  and
2278                  minor  device  ID  of  the  device containing the filesystem
2279                  where the locked file resides, followed by the inode  number
2280                  of the locked file.
2281
2282              (7) The  byte  offset  of  the  first byte of the lock.  For BSD
2283                  locks, this value is always 0.
2284
2285              (8) The byte offset of the last byte of the lock.  EOF  in  this
2286                  field  means  that  the lock extends to the end of the file.
2287                  For BSD locks, the value shown is always EOF.
2288
2289              Since Linux 4.9, the list of locks shown in /proc/locks is  fil‐
2290              tered to show just the locks for the processes in the PID names‐
2291              pace (see pid_namespaces(7)) for which the /proc filesystem  was
2292              mounted.   (In  the initial PID namespace, there is no filtering
2293              of the records shown in this file.)
2294
2295              The lslocks(8) command provides a  bit  more  information  about
2296              each lock.
2297
2298       /proc/malloc (only up to and including Linux 2.2)
2299              This  file  is  present  only if CONFIG_DEBUG_MALLOC was defined
2300              during compilation.
2301
2302       /proc/meminfo
2303              This file reports statistics about memory usage on  the  system.
2304              It is used by free(1) to report the amount of free and used mem‐
2305              ory (both physical and swap) on the system as well as the shared
2306              memory  and  buffers  used by the kernel.  Each line of the file
2307              consists of a parameter name, followed by a colon, the value  of
2308              the  parameter,  and an option unit of measurement (e.g., "kB").
2309              The list below describes the  parameter  names  and  the  format
2310              specifier  required  to  read  the field value.  Except as noted
2311              below, all of the fields have been present since at least  Linux
2312              2.6.0.  Some fields are displayed only if the kernel was config‐
2313              ured with various options; those dependencies are noted  in  the
2314              list.
2315
2316              MemTotal %lu
2317                     Total usable RAM (i.e., physical RAM minus a few reserved
2318                     bits and the kernel binary code).
2319
2320              MemFree %lu
2321                     The sum of LowFree+HighFree.
2322
2323              MemAvailable %lu (since Linux 3.14)
2324                     An estimate of how much memory is available for  starting
2325                     new applications, without swapping.
2326
2327              Buffers %lu
2328                     Relatively  temporary  storage  for  raw disk blocks that
2329                     shouldn't get tremendously large (20MB or so).
2330
2331              Cached %lu
2332                     In-memory cache for files read from the  disk  (the  page
2333                     cache).  Doesn't include SwapCached.
2334
2335              SwapCached %lu
2336                     Memory  that once was swapped out, is swapped back in but
2337                     still also is in the swap file.  (If memory  pressure  is
2338                     high,  these  pages  don't  need  to be swapped out again
2339                     because they are already in the swap  file.   This  saves
2340                     I/O.)
2341
2342              Active %lu
2343                     Memory  that  has been used more recently and usually not
2344                     reclaimed unless absolutely necessary.
2345
2346              Inactive %lu
2347                     Memory which has been less recently  used.   It  is  more
2348                     eligible to be reclaimed for other purposes.
2349
2350              Active(anon) %lu (since Linux 2.6.28)
2351                     [To be documented.]
2352
2353              Inactive(anon) %lu (since Linux 2.6.28)
2354                     [To be documented.]
2355
2356              Active(file) %lu (since Linux 2.6.28)
2357                     [To be documented.]
2358
2359              Inactive(file) %lu (since Linux 2.6.28)
2360                     [To be documented.]
2361
2362              Unevictable %lu (since Linux 2.6.28)
2363                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was
2364                     required.)  [To be documented.]
2365
2366              Mlocked %lu (since Linux 2.6.28)
2367                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU  was
2368                     required.)  [To be documented.]
2369
2370              HighTotal %lu
2371                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2372                     Total amount of highmem.  Highmem  is  all  memory  above
2373                     ~860MB  of physical memory.  Highmem areas are for use by
2374                     user-space programs, or for the page cache.   The  kernel
2375                     must  use  tricks to access this memory, making it slower
2376                     to access than lowmem.
2377
2378              HighFree %lu
2379                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2380                     Amount of free highmem.
2381
2382              LowTotal %lu
2383                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2384                     Total amount of lowmem.  Lowmem is memory  which  can  be
2385                     used  for everything that highmem can be used for, but it
2386                     is also available for the kernel's use for its  own  data
2387                     structures.   Among many other things, it is where every‐
2388                     thing from Slab is allocated.   Bad  things  happen  when
2389                     you're out of lowmem.
2390
2391              LowFree %lu
2392                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2393                     Amount of free lowmem.
2394
2395              MmapCopy %lu (since Linux 2.6.29)
2396                     (CONFIG_MMU is required.)  [To be documented.]
2397
2398              SwapTotal %lu
2399                     Total amount of swap space available.
2400
2401              SwapFree %lu
2402                     Amount of swap space that is currently unused.
2403
2404              Dirty %lu
2405                     Memory which is waiting to get written back to the disk.
2406
2407              Writeback %lu
2408                     Memory which is actively being written back to the disk.
2409
2410              AnonPages %lu (since Linux 2.6.18)
2411                     Non-file backed pages mapped into user-space page tables.
2412
2413              Mapped %lu
2414                     Files which have been mapped into memory (with  mmap(2)),
2415                     such as libraries.
2416
2417              Shmem %lu (since Linux 2.6.32)
2418                     Amount of memory consumed in tmpfs(5) filesystems.
2419
2420              KReclaimable %lu (since Linux 4.20)
2421                     Kernel  allocations  that  the  kernel  will  attempt  to
2422                     reclaim under  memory  pressure.   Includes  SReclaimable
2423                     (below), and other direct allocations with a shrinker.
2424
2425              Slab %lu
2426                     In-kernel data structures cache.  (See slabinfo(5).)
2427
2428              SReclaimable %lu (since Linux 2.6.19)
2429                     Part of Slab, that might be reclaimed, such as caches.
2430
2431              SUnreclaim %lu (since Linux 2.6.19)
2432                     Part  of  Slab,  that cannot be reclaimed on memory pres‐
2433                     sure.
2434
2435              KernelStack %lu (since Linux 2.6.32)
2436                     Amount of memory allocated to kernel stacks.
2437
2438              PageTables %lu (since Linux 2.6.18)
2439                     Amount of memory dedicated to the lowest  level  of  page
2440                     tables.
2441
2442              Quicklists %lu (since Linux 2.6.27)
2443                     (CONFIG_QUICKLIST is required.)  [To be documented.]
2444
2445              NFS_Unstable %lu (since Linux 2.6.18)
2446                     NFS  pages  sent  to the server, but not yet committed to
2447                     stable storage.
2448
2449              Bounce %lu (since Linux 2.6.18)
2450                     Memory used for block device "bounce buffers".
2451
2452              WritebackTmp %lu (since Linux 2.6.26)
2453                     Memory used by FUSE for temporary writeback buffers.
2454
2455              CommitLimit %lu (since Linux 2.6.10)
2456                     This is the total amount of memory currently available to
2457                     be allocated on the system, expressed in kilobytes.  This
2458                     limit is adhered to only if strict overcommit  accounting
2459                     is  enabled  (mode  2 in /proc/sys/vm/overcommit_memory).
2460                     The  limit  is  calculated  according  to   the   formula
2461                     described under /proc/sys/vm/overcommit_memory.  For fur‐
2462                     ther details,  see  the  kernel  source  file  Documenta‐
2463                     tion/vm/overcommit-accounting.rst.
2464
2465              Committed_AS %lu
2466                     The  amount  of memory presently allocated on the system.
2467                     The committed memory is a sum of all of the memory  which
2468                     has  been allocated by processes, even if it has not been
2469                     "used" by them as of yet.  A process which allocates  1GB
2470                     of  memory (using malloc(3) or similar), but touches only
2471                     300MB of that memory will show up as using only 300MB  of
2472                     memory even if it has the address space allocated for the
2473                     entire 1GB.
2474
2475                     This 1GB is memory which has been "committed" to  by  the
2476                     VM and can be used at any time by the allocating applica‐
2477                     tion.  With strict overcommit enabled on the system (mode
2478                     2  in  /proc/sys/vm/overcommit_memory), allocations which
2479                     would exceed the CommitLimit will not be permitted.  This
2480                     is  useful  if one needs to guarantee that processes will
2481                     not fail due to lack of memory once that memory has  been
2482                     successfully allocated.
2483
2484              VmallocTotal %lu
2485                     Total size of vmalloc memory area.
2486
2487              VmallocUsed %lu
2488                     Amount  of  vmalloc area which is used.  Since Linux 4.4,
2489                     this field is no longer calculated, and is hard coded  as
2490                     0.  See /proc/vmallocinfo.
2491
2492              VmallocChunk %lu
2493                     Largest  contiguous  block of vmalloc area which is free.
2494                     Since Linux 4.4, this field is no longer  calculated  and
2495                     is hard coded as 0.  See /proc/vmallocinfo.
2496
2497              HardwareCorrupted %lu (since Linux 2.6.32)
2498                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]
2499
2500              LazyFree %lu (since Linux 4.12)
2501                     Shows   the   amount   of  memory  marked  by  madvise(2)
2502                     MADV_FREE.
2503
2504              AnonHugePages %lu (since Linux 2.6.38)
2505                     (CONFIG_TRANSPARENT_HUGEPAGE  is   required.)    Non-file
2506                     backed huge pages mapped into user-space page tables.
2507
2508              ShmemHugePages %lu (since Linux 4.8)
2509                     (CONFIG_TRANSPARENT_HUGEPAGE  is  required.)  Memory used
2510                     by shared memory (shmem) and tmpfs(5) allocated with huge
2511                     pages
2512
2513              ShmemPmdMapped %lu (since Linux 4.8)
2514                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared memory
2515                     mapped into user space with huge pages.
2516
2517              CmaTotal %lu (since Linux 3.1)
2518                     Total CMA (Contiguous  Memory  Allocator)  pages.   (CON‐
2519                     FIG_CMA is required.)
2520
2521              CmaFree %lu (since Linux 3.1)
2522                     Free  CMA  (Contiguous  Memory  Allocator)  pages.  (CON‐
2523                     FIG_CMA is required.)
2524
2525              HugePages_Total %lu
2526                     (CONFIG_HUGETLB_PAGE is required.)  The size of the  pool
2527                     of huge pages.
2528
2529              HugePages_Free %lu
2530                     (CONFIG_HUGETLB_PAGE  is  required.)   The number of huge
2531                     pages in the pool that are not yet allocated.
2532
2533              HugePages_Rsvd %lu (since Linux 2.6.17)
2534                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2535                     huge  pages  for  which a commitment to allocate from the
2536                     pool has been made, but no allocation has yet been  made.
2537                     These  reserved  huge pages guarantee that an application
2538                     will be able to allocate a huge page  from  the  pool  of
2539                     huge pages at fault time.
2540
2541              HugePages_Surp %lu (since Linux 2.6.24)
2542                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2543                     huge   pages   in   the   pool   above   the   value   in
2544                     /proc/sys/vm/nr_hugepages.  The maximum number of surplus
2545                     huge  pages  is  controlled  by  /proc/sys/vm/nr_overcom‐
2546                     mit_hugepages.
2547
2548              Hugepagesize %lu
2549                     (CONFIG_HUGETLB_PAGE  is  required.)   The  size  of huge
2550                     pages.
2551
2552              DirectMap4k %lu (since Linux 2.6.27)
2553                     Number of bytes of RAM linearly mapped by kernel  in  4kB
2554                     pages.  (x86.)
2555
2556              DirectMap4M %lu (since Linux 2.6.27)
2557                     Number  of  bytes of RAM linearly mapped by kernel in 4MB
2558                     pages.   (x86  with   CONFIG_X86_64   or   CONFIG_X86_PAE
2559                     enabled.)
2560
2561              DirectMap2M %lu (since Linux 2.6.27)
2562                     Number  of  bytes of RAM linearly mapped by kernel in 2MB
2563                     pages.   (x86  with  neither   CONFIG_X86_64   nor   CON‐
2564                     FIG_X86_PAE enabled.)
2565
2566              DirectMap1G %lu (since Linux 2.6.27)
2567                     (x86  with  CONFIG_X86_64  and  CONFIG_X86_DIRECT_GBPAGES
2568                     enabled.)
2569
2570       /proc/modules
2571              A text list of the modules that have been loaded by the  system.
2572              See also lsmod(8).
2573
2574       /proc/mounts
2575              Before  kernel  2.4.19, this file was a list of all the filesys‐
2576              tems currently mounted on the system.  With the introduction  of
2577              per-process  mount  namespaces in Linux 2.4.19 (see mount_names‐
2578              paces(7)), this file became a link to  /proc/self/mounts,  which
2579              lists  the  mount  points  of the process's own mount namespace.
2580              The format of this file is documented in fstab(5).
2581
2582       /proc/mtrr
2583              Memory Type Range Registers.  See the Linux kernel  source  file
2584              Documentation/x86/mtrr.txt   (or  Documentation/mtrr.txt  before
2585              Linux 2.6.28) for details.
2586
2587       /proc/net
2588              This directory contains various files  and  subdirectories  con‐
2589              taining  information about the networking layer.  The files con‐
2590              tain ASCII structures and are, therefore, readable with  cat(1).
2591              However,  the  standard  netstat(8)  suite provides much cleaner
2592              access to these files.
2593
2594              With the  advent  of  network  namespaces,  various  information
2595              relating to the network stack is virtualized (see network_names‐
2596              paces(7)).  Thus, since Linux 2.6.25, /proc/net  is  a  symbolic
2597              link  to  the  directory /proc/self/net, which contains the same
2598              files and directories as listed below.  However, these files and
2599              directories  now expose information for the network namespace of
2600              which the process is a member.
2601
2602       /proc/net/arp
2603              This holds an ASCII readable dump of the kernel ARP  table  used
2604              for  address resolutions.  It will show both dynamically learned
2605              and preprogrammed ARP entries.  The format is:
2606
2607       IP address     HW type   Flags     HW address          Mask   Device
2608       192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
2609       192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
2610
2611              Here "IP address" is the IPv4 address of the machine and the "HW
2612              type"  is  the  hardware  type of the address from RFC 826.  The
2613              flags are the internal flags of the ARP structure (as defined in
2614              /usr/include/linux/if_arp.h)  and  the  "HW address" is the data
2615              link layer mapping for that IP address if it is known.
2616
2617       /proc/net/dev
2618              The dev pseudo-file contains network device status  information.
2619              This  gives  the number of received and sent packets, the number
2620              of errors and collisions and other basic statistics.  These  are
2621              used  by  the  ifconfig(8) program to report device status.  The
2622              format is:
2623
2624 Inter-|   Receive                                                |  Transmit
2625  face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
2626     lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
2627   eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
2628   ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
2629   tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
2630
2631       /proc/net/dev_mcast
2632              Defined in /usr/src/linux/net/core/dev_mcast.c:
2633
2634                  indx interface_name  dmi_u dmi_g dmi_address
2635                  2    eth0            1     0     01005e000001
2636                  3    eth1            1     0     01005e000001
2637                  4    eth2            1     0     01005e000001
2638
2639       /proc/net/igmp
2640              Internet    Group    Management    Protocol.      Defined     in
2641              /usr/src/linux/net/core/igmp.c.
2642
2643       /proc/net/rarp
2644              This  file uses the same format as the arp file and contains the
2645              current reverse mapping database used to provide rarp(8) reverse
2646              address  lookup  services.   If  RARP is not configured into the
2647              kernel, this file will not be present.
2648
2649       /proc/net/raw
2650              Holds a dump of the RAW socket table.  Much of  the  information
2651              is  not of use apart from debugging.  The "sl" value is the ker‐
2652              nel hash slot for the socket, the "local_address" is  the  local
2653              address  and  protocol number pair.  "St" is the internal status
2654              of the socket.  The "tx_queue" and "rx_queue" are  the  outgoing
2655              and  incoming  data  queue in terms of kernel memory usage.  The
2656              "tr", "tm->when", and "rexmits" fields are not used by RAW.  The
2657              "uid"  field  holds  the  effective  UID  of  the creator of the
2658              socket.
2659
2660       /proc/net/snmp
2661              This file holds the ASCII data needed for the IP, ICMP, TCP, and
2662              UDP management information bases for an SNMP agent.
2663
2664       /proc/net/tcp
2665              Holds  a  dump of the TCP socket table.  Much of the information
2666              is not of use apart from debugging.  The "sl" value is the  ker‐
2667              nel  hash  slot for the socket, the "local_address" is the local
2668              address and port number pair.  The "rem_address" is  the  remote
2669              address and port number pair (if connected).  "St" is the inter‐
2670              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2671              outgoing  and  incoming  data  queue  in  terms of kernel memory
2672              usage.  The "tr", "tm->when", and "rexmits" fields hold internal
2673              information  of  the kernel socket state and are useful only for
2674              debugging.  The "uid" field holds the effective UID of the  cre‐
2675              ator of the socket.
2676
2677       /proc/net/udp
2678              Holds  a  dump of the UDP socket table.  Much of the information
2679              is not of use apart from debugging.  The "sl" value is the  ker‐
2680              nel  hash  slot for the socket, the "local_address" is the local
2681              address and port number pair.  The "rem_address" is  the  remote
2682              address and port number pair (if connected).  "St" is the inter‐
2683              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2684              outgoing  and  incoming  data  queue  in  terms of kernel memory
2685              usage.  The "tr", "tm->when", and "rexmits" fields are not  used
2686              by  UDP.  The "uid" field holds the effective UID of the creator
2687              of the socket.  The format is:
2688
2689 sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
2690  1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
2691  1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
2692  1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
2693
2694       /proc/net/unix
2695              Lists the UNIX domain sockets  present  within  the  system  and
2696              their status.  The format is:
2697
2698 Num RefCount Protocol Flags    Type St Inode Path
2699  0: 00000002 00000000 00000000 0001 03    42
2700  1: 00000001 00000000 00010000 0001 01  1948 /dev/printer
2701
2702              The fields are as follows:
2703
2704              Num:      the kernel table slot number.
2705
2706              RefCount: the number of users of the socket.
2707
2708              Protocol: currently always 0.
2709
2710              Flags:    the  internal  kernel  flags holding the status of the
2711                        socket.
2712
2713              Type:     the socket type.  For  SOCK_STREAM  sockets,  this  is
2714                        0001;  for  SOCK_DGRAM  sockets,  it  is 0002; and for
2715                        SOCK_SEQPACKET sockets, it is 0005.
2716
2717              St:       the internal state of the socket.
2718
2719              Inode:    the inode number of the socket.
2720
2721              Path:     the bound pathname (if any) of the socket.  Sockets in
2722                        the  abstract  namespace are included in the list, and
2723                        are shown with a Path that commences with the  charac‐
2724                        ter '@'.
2725
2726       /proc/net/netfilter/nfnetlink_queue
2727              This file contains information about netfilter user-space queue‐
2728              ing, if used.  Each line represents a queue.  Queues  that  have
2729              not been subscribed to by user space are not shown.
2730
2731                     1   4207     0  2 65535     0     0        0  1
2732                    (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
2733
2734              The fields in each line are:
2735
2736              (1)  The ID of the queue.  This matches what is specified in the
2737                   --queue-num or --queue-balance options to  the  iptables(8)
2738                   NFQUEUE target.  See iptables-extensions(8) for more infor‐
2739                   mation.
2740
2741              (2)  The netlink port ID subscribed to the queue.
2742
2743              (3)  The number of packets currently queued and  waiting  to  be
2744                   processed by the application.
2745
2746              (4)  The copy mode of the queue.  It is either 1 (metadata only)
2747                   or 2 (also copy payload data to user space).
2748
2749              (5)  Copy range; that is,  how  many  bytes  of  packet  payload
2750                   should be copied to user space at most.
2751
2752              (6)  queue dropped.  Number of packets that had to be dropped by
2753                   the kernel because too many packets are already waiting for
2754                   user space to send back the mandatory accept/drop verdicts.
2755
2756              (7)  queue  user  dropped.   Number of packets that were dropped
2757                   within the netlink subsystem.  Such  drops  usually  happen
2758                   when the corresponding socket buffer is full; that is, user
2759                   space is not able to read messages fast enough.
2760
2761              (8)  sequence number.  Every queued packet is associated with  a
2762                   (32-bit)  monotonically-increasing  sequence  number.  This
2763                   shows the ID of the most recent packet queued.
2764
2765              The last number exists only for  compatibility  reasons  and  is
2766              always 1.
2767
2768       /proc/partitions
2769              Contains  the  major and minor numbers of each partition as well
2770              as the number of 1024-byte blocks and the partition name.
2771
2772       /proc/pci
2773              This is a listing of all PCI devices found  during  kernel  ini‐
2774              tialization and their configuration.
2775
2776              This  file has been deprecated in favor of a new /proc interface
2777              for PCI  (/proc/bus/pci).   It  became  optional  in  Linux  2.2
2778              (available  with CONFIG_PCI_OLD_PROC set at kernel compilation).
2779              It became once more nonoptionally enabled in Linux  2.4.   Next,
2780              it  was  deprecated  in  Linux  2.6  (still  available with CON‐
2781              FIG_PCI_LEGACY_PROC set), and finally removed  altogether  since
2782              Linux 2.6.17.
2783
2784       /proc/profile (since Linux 2.4)
2785              This file is present only if the kernel was booted with the pro‐
2786              file=1 command-line option.  It exposes kernel profiling  infor‐
2787              mation  in  a  binary format for use by readprofile(1).  Writing
2788              (e.g., an empty string) to this file resets the profiling  coun‐
2789              ters; on some architectures, writing a binary integer "profiling
2790              multiplier" of size sizeof(int)  sets  the  profiling  interrupt
2791              frequency.
2792
2793       /proc/scsi
2794              A directory with the scsi mid-level pseudo-file and various SCSI
2795              low-level driver directories, which contain a file for each SCSI
2796              host  in  this system, all of which give the status of some part
2797              of the SCSI IO subsystem.  These files contain ASCII  structures
2798              and are, therefore, readable with cat(1).
2799
2800              You  can also write to some of the files to reconfigure the sub‐
2801              system or switch certain features on or off.
2802
2803       /proc/scsi/scsi
2804              This is a listing of all SCSI devices known to the kernel.   The
2805              listing  is  similar  to  the one seen during bootup.  scsi cur‐
2806              rently supports only the add-single-device command which  allows
2807              root to add a hotplugged device to the list of known devices.
2808
2809              The command
2810
2811                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
2812
2813              will  cause host scsi1 to scan on SCSI channel 0 for a device on
2814              ID 5 LUN 0.  If there is already a device known on this  address
2815              or the address is invalid, an error will be returned.
2816
2817       /proc/scsi/[drivername]
2818              [drivername]  can  currently  be  NCR53c7xx,  aha152x,  aha1542,
2819              aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000,
2820              pas16,  qlogic,  scsi_debug, seagate, t128, u15-24f, ultrastore,
2821              or wd7000.  These directories show up for all drivers that  reg‐
2822              istered  at  least  one  SCSI HBA.  Every directory contains one
2823              file per registered host.  Every host-file is  named  after  the
2824              number the host was assigned during initialization.
2825
2826              Reading these files will usually show driver and host configura‐
2827              tion, statistics, and so on.
2828
2829              Writing to these files  allows  different  things  on  different
2830              hosts.   For  example,  with the latency and nolatency commands,
2831              root can switch on and off command latency measurement  code  in
2832              the  eata_dma driver.  With the lockup and unlock commands, root
2833              can control bus lockups simulated by the scsi_debug driver.
2834
2835       /proc/self
2836              This  directory  refers  to  the  process  accessing  the  /proc
2837              filesystem, and is identical to the /proc directory named by the
2838              process ID of the same process.
2839
2840       /proc/slabinfo
2841              Information about kernel caches.  See slabinfo(5) for details.
2842
2843       /proc/stat
2844              kernel/system statistics.   Varies  with  architecture.   Common
2845              entries include:
2846
2847              cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
2848              cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
2849                     The   amount  of  time,  measured  in  units  of  USER_HZ
2850                     (1/100ths  of  a  second  on  most   architectures,   use
2851                     sysconf(_SC_CLK_TCK) to obtain the right value), that the
2852                     system ("cpu" line) or the  specific  CPU  ("cpuN"  line)
2853                     spent in various states:
2854
2855                     user   (1) Time spent in user mode.
2856
2857                     nice   (2)  Time  spent  in  user  mode with low priority
2858                            (nice).
2859
2860                     system (3) Time spent in system mode.
2861
2862                     idle   (4) Time spent  in  the  idle  task.   This  value
2863                            should  be  USER_HZ  times the second entry in the
2864                            /proc/uptime pseudo-file.
2865
2866                     iowait (since Linux 2.5.41)
2867                            (5) Time waiting for I/O to complete.  This  value
2868                            is not reliable, for the following reasons:
2869
2870                            1. The  CPU  will  not  wait  for I/O to complete;
2871                               iowait is the time that a task is  waiting  for
2872                               I/O  to  complete.   When  a CPU goes into idle
2873                               state for outstanding task  I/O,  another  task
2874                               will be scheduled on this CPU.
2875
2876                            2. On  a  multi-core CPU, the task waiting for I/O
2877                               to complete is not running on any CPU,  so  the
2878                               iowait of each CPU is difficult to calculate.
2879
2880                            3. The value in this field may decrease in certain
2881                               conditions.
2882
2883                     irq (since Linux 2.6.0)
2884                            (6) Time servicing interrupts.
2885
2886                     softirq (since Linux 2.6.0
2887                            (7) Time servicing softirqs.
2888
2889                     steal (since Linux 2.6.11)
2890                            (8) Stolen time, which is the time spent in  other
2891                            operating  systems  when  running in a virtualized
2892                            environment
2893
2894                     guest (since Linux 2.6.24)
2895                            (9) Time spent running a  virtual  CPU  for  guest
2896                            operating  systems  under the control of the Linux
2897                            kernel.
2898
2899                     guest_nice (since Linux 2.6.33)
2900                            (10) Time spent running a niced guest (virtual CPU
2901                            for  guest  operating systems under the control of
2902                            the Linux kernel).
2903
2904              page 5741 1808
2905                     The number of pages the system paged in  and  the  number
2906                     that were paged out (from disk).
2907
2908              swap 1 0
2909                     The  number  of  swap pages that have been brought in and
2910                     out.
2911
2912              intr 1462898
2913                     This line shows counts of interrupts serviced since  boot
2914                     time,  for  each  of the possible system interrupts.  The
2915                     first column is the  total  of  all  interrupts  serviced
2916                     including  unnumbered  architecture  specific interrupts;
2917                     each subsequent column is the total for  that  particular
2918                     numbered interrupt.  Unnumbered interrupts are not shown,
2919                     only summed into the total.
2920
2921              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
2922                     (major,disk_idx):(noinfo,     read_io_ops,     blks_read,
2923                     write_io_ops, blks_written)
2924                     (Linux 2.4 only)
2925
2926              ctxt 115315
2927                     The number of context switches that the system underwent.
2928
2929              btime 769041601
2930                     boot   time,  in  seconds  since  the  Epoch,  1970-01-01
2931                     00:00:00 +0000 (UTC).
2932
2933              processes 86031
2934                     Number of forks since boot.
2935
2936              procs_running 6
2937                     Number of processes in  runnable  state.   (Linux  2.5.45
2938                     onward.)
2939
2940              procs_blocked 2
2941                     Number  of processes blocked waiting for I/O to complete.
2942                     (Linux 2.5.45 onward.)
2943
2944              softirq 229245889 94 60001584 13619 5175704 2471304 28  51212741
2945              59130143 0 51240672
2946                     This  line shows the number of softirq for all CPUs.  The
2947                     first column is the total of all softirqs and each subse‐
2948                     quent column is the total for particular softirq.  (Linux
2949                     2.6.31 onward.)
2950
2951       /proc/swaps
2952              Swap areas in use.  See also swapon(8).
2953
2954       /proc/sys
2955              This directory (present since 1.3.57) contains a number of files
2956              and  subdirectories  corresponding  to  kernel variables.  These
2957              variables can be read and sometimes  modified  using  the  /proc
2958              filesystem, and the (deprecated) sysctl(2) system call.
2959
2960              String values may be terminated by either '\0' or '\n'.
2961
2962              Integer  and  long values may be written either in decimal or in
2963              hexadecimal notation (e.g. 0x3FFF).  When writing multiple inte‐
2964              ger or long values, these may be separated by any of the follow‐
2965              ing whitespace characters: ' ', '\t', or '\n'.  Using other sep‐
2966              arators leads to the error EINVAL.
2967
2968       /proc/sys/abi (since Linux 2.4.10)
2969              This  directory may contain files with application binary infor‐
2970              mation.   See  the   Linux   kernel   source   file   Documenta‐
2971              tion/sysctl/abi.txt for more information.
2972
2973       /proc/sys/debug
2974              This directory may be empty.
2975
2976       /proc/sys/dev
2977              This   directory  contains  device-specific  information  (e.g.,
2978              dev/cdrom/info).  On some systems, it may be empty.
2979
2980       /proc/sys/fs
2981              This directory contains the files and subdirectories for  kernel
2982              variables related to filesystems.
2983
2984       /proc/sys/fs/binfmt_misc
2985              Documentation  for  files  in this directory can be found in the
2986              Linux   kernel   source   in   the   file   Documentation/admin-
2987              guide/binfmt-misc.rst  (or  in  Documentation/binfmt_misc.txt on
2988              older kernels).
2989
2990       /proc/sys/fs/dentry-state (since Linux 2.2)
2991              This file contains information about the status of the directory
2992              cache  (dcache).   The  file  contains  six  numbers, nr_dentry,
2993              nr_unused,  age_limit  (age  in  seconds),   want_pages   (pages
2994              requested by system) and two dummy values.
2995
2996              * nr_dentry   is   the  number  of  allocated  dentries  (dcache
2997                entries).  This field is unused in Linux 2.2.
2998
2999              * nr_unused is the number of unused dentries.
3000
3001              * age_limit is the age in seconds after which dcache entries can
3002                be reclaimed when memory is short.
3003
3004              * want_pages   is   nonzero   when   the   kernel   has   called
3005                shrink_dcache_pages() and the dcache isn't pruned yet.
3006
3007       /proc/sys/fs/dir-notify-enable
3008              This file can be used to disable or enable the dnotify interface
3009              described  in  fcntl(2) on a system-wide basis.  A value of 0 in
3010              this file disables the interface, and a value of 1 enables it.
3011
3012       /proc/sys/fs/dquot-max
3013              This file shows the maximum number of cached disk quota entries.
3014              On some (2.4) systems, it is not present.  If the number of free
3015              cached disk quota entries is very low and you have some  awesome
3016              number of simultaneous system users, you might want to raise the
3017              limit.
3018
3019       /proc/sys/fs/dquot-nr
3020              This file shows the number of allocated disk quota  entries  and
3021              the number of free disk quota entries.
3022
3023       /proc/sys/fs/epoll (since Linux 2.6.28)
3024              This  directory contains the file max_user_watches, which can be
3025              used to limit the amount of kernel memory consumed by the  epoll
3026              interface.  For further details, see epoll(7).
3027
3028       /proc/sys/fs/file-max
3029              This  file  defines  a  system-wide  limit on the number of open
3030              files for all processes.  System calls that fail when encounter‐
3031              ing  this  limit  fail  with  the error ENFILE.  (See also setr‐
3032              limit(2), which can be used by a process to set the  per-process
3033              limit,  RLIMIT_NOFILE,  on the number of files it may open.)  If
3034              you get lots of error messages in the kernel log  about  running
3035              out  of  file  handles  (look  for "VFS: file-max limit <number>
3036              reached"), try increasing this value:
3037
3038                  echo 100000 > /proc/sys/fs/file-max
3039
3040              Privileged processes (CAP_SYS_ADMIN) can override  the  file-max
3041              limit.
3042
3043       /proc/sys/fs/file-nr
3044              This  (read-only)  file  contains  three  numbers: the number of
3045              allocated file handles (i.e.,  the  number  of  files  presently
3046              opened); the number of free file handles; and the maximum number
3047              of file handles (i.e., the same value as /proc/sys/fs/file-max).
3048              If the number of allocated file handles is close to the maximum,
3049              you should consider increasing the maximum.  Before  Linux  2.6,
3050              the  kernel  allocated  file  handles dynamically, but it didn't
3051              free them again.  Instead the free file handles were kept  in  a
3052              list  for  reallocation; the "free file handles" value indicates
3053              the size of that list.  A large  number  of  free  file  handles
3054              indicates  that  there was a past peak in the usage of open file
3055              handles.  Since Linux 2.6, the kernel does deallocate freed file
3056              handles, and the "free file handles" value is always zero.
3057
3058       /proc/sys/fs/inode-max (only present until Linux 2.2)
3059              This file contains the maximum number of in-memory inodes.  This
3060              value should be 3–4 times larger than  the  value  in  file-max,
3061              since  stdin,  stdout  and network sockets also need an inode to
3062              handle them.  When you regularly run out of inodes, you need  to
3063              increase this value.
3064
3065              Starting  with  Linux  2.4, there is no longer a static limit on
3066              the number of inodes, and this file is removed.
3067
3068       /proc/sys/fs/inode-nr
3069              This file contains the first two values from inode-state.
3070
3071       /proc/sys/fs/inode-state
3072              This file contains  seven  numbers:  nr_inodes,  nr_free_inodes,
3073              preshrink, and four dummy values (always zero).
3074
3075              nr_inodes  is  the  number  of  inodes the system has allocated.
3076              nr_free_inodes represents the number of free inodes.
3077
3078              preshrink is nonzero when the nr_inodes > inode-max and the sys‐
3079              tem  needs  to  prune the inode list instead of allocating more;
3080              since Linux 2.4, this field is a dummy value (always zero).
3081
3082       /proc/sys/fs/inotify (since Linux 2.6.13)
3083              This     directory     contains     files     max_queued_events,
3084              max_user_instances,  and  max_user_watches,  that can be used to
3085              limit the amount of kernel memory consumed by the inotify inter‐
3086              face.  For further details, see inotify(7).
3087
3088       /proc/sys/fs/lease-break-time
3089              This file specifies the grace period that the kernel grants to a
3090              process holding a file lease (fcntl(2)) after it has sent a sig‐
3091              nal to that process notifying it that another process is waiting
3092              to open the file.  If the lease holder does not remove or  down‐
3093              grade  the  lease  within this grace period, the kernel forcibly
3094              breaks the lease.
3095
3096       /proc/sys/fs/leases-enable
3097              This  file  can  be  used  to  enable  or  disable  file  leases
3098              (fcntl(2))  on  a  system-wide basis.  If this file contains the
3099              value 0, leases are disabled.  A nonzero value enables leases.
3100
3101       /proc/sys/fs/mount-max (since Linux 4.9)
3102              The value in this file specifies the maximum  number  of  mounts
3103              that  may exist in a mount namespace.  The default value in this
3104              file is 100,000.
3105
3106       /proc/sys/fs/mqueue (since Linux 2.6.6)
3107              This  directory  contains  files   msg_max,   msgsize_max,   and
3108              queues_max,  controlling  the  resources  used  by POSIX message
3109              queues.  See mq_overview(7) for details.
3110
3111       /proc/sys/fs/nr_open (since Linux 2.6.25)
3112              This  file  imposes  ceiling  on  the   value   to   which   the
3113              RLIMIT_NOFILE  resource  limit can be raised (see getrlimit(2)).
3114              This ceiling is enforced for both  unprivileged  and  privileged
3115              process.   The  default  value in this file is 1048576.  (Before
3116              Linux 2.6.25, the ceiling for RLIMIT_NOFILE  was  hard-coded  to
3117              the same value.)
3118
3119       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
3120              These  files  allow you to change the value of the fixed UID and
3121              GID.  The default  is  65534.   Some  filesystems  support  only
3122              16-bit  UIDs  and  GIDs,  although in Linux UIDs and GIDs are 32
3123              bits.  When one of these  filesystems  is  mounted  with  writes
3124              enabled, any UID or GID that would exceed 65535 is translated to
3125              the overflow value before being written to disk.
3126
3127       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
3128              See pipe(7).
3129
3130       /proc/sys/fs/pipe-user-pages-hard (since Linux 4.5)
3131              See pipe(7).
3132
3133       /proc/sys/fs/pipe-user-pages-soft (since Linux 4.5)
3134              See pipe(7).
3135
3136       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
3137              When the value in this file is 0, no restrictions are placed  on
3138              the  creation of hard links (i.e., this is the historical behav‐
3139              ior before Linux 3.6).  When the value in this file is 1, a hard
3140              link  can be created to a target file only if one of the follow‐
3141              ing conditions is true:
3142
3143              *  The calling process has the CAP_FOWNER capability in its user
3144                 namespace and the file UID has a mapping in the namespace.
3145
3146              *  The  filesystem  UID of the process creating the link matches
3147                 the owner (UID) of the target file (as described  in  creden‐
3148                 tials(7),  a process's filesystem UID is normally the same as
3149                 its effective UID).
3150
3151              *  All of the following conditions are true:
3152
3153                  ·  the target is a regular file;
3154
3155                  ·  the target file does not have its  set-user-ID  mode  bit
3156                     enabled;
3157
3158                  ·  the  target  file does not have both its set-group-ID and
3159                     group-executable mode bits enabled; and
3160
3161                  ·  the caller has permission to read and  write  the  target
3162                     file  (either  via the file's permissions mask or because
3163                     it has suitable capabilities).
3164
3165              The default value in this file is 0.  Setting  the  value  to  1
3166              prevents a longstanding class of security issues caused by hard-
3167              link-based time-of-check, time-of-use races, most commonly  seen
3168              in  world-writable  directories such as /tmp.  The common method
3169              of exploiting this flaw is to cross  privilege  boundaries  when
3170              following a given hard link (i.e., a root process follows a hard
3171              link created by another user).  Additionally, on systems without
3172              separated  partitions,  this stops unauthorized users from "pin‐
3173              ning" vulnerable  set-user-ID  and  set-group-ID  files  against
3174              being  upgraded  by  the  administrator,  or  linking to special
3175              files.
3176
3177       /proc/sys/fs/protected_symlinks (since Linux 3.6)
3178              When the value in this file is 0, no restrictions are placed  on
3179              following  symbolic links (i.e., this is the historical behavior
3180              before Linux 3.6).  When the value in this file is  1,  symbolic
3181              links are followed only in the following circumstances:
3182
3183              *  the  filesystem UID of the process following the link matches
3184                 the owner (UID) of the symbolic link (as described in creden‐
3185                 tials(7),  a process's filesystem UID is normally the same as
3186                 its effective UID);
3187
3188              *  the link is not in a sticky world-writable directory; or
3189
3190              *  the symbolic link and its  parent  directory  have  the  same
3191                 owner (UID)
3192
3193              A  system  call  that fails to follow a symbolic link because of
3194              the above restrictions returns the error EACCES in errno.
3195
3196              The default value in this file is 0.  Setting  the  value  to  1
3197              avoids a longstanding class of security issues based on time-of-
3198              check, time-of-use races when accessing symbolic links.
3199
3200       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
3201              The value in this file is assigned  to  a  process's  "dumpable"
3202              flag in the circumstances described in prctl(2).  In effect, the
3203              value in this file determines whether core dump files  are  pro‐
3204              duced  for  set-user-ID or otherwise protected/tainted binaries.
3205              The "dumpable" setting also affects the ownership of files in  a
3206              process's /proc/[pid] directory, as described above.
3207
3208              Three different integer values can be specified:
3209
3210              0 (default)
3211                     This  provides  the traditional (pre-Linux 2.6.13) behav‐
3212                     ior.  A core dump will not  be  produced  for  a  process
3213                     which  has  changed  credentials  (by calling seteuid(2),
3214                     setgid(2), or similar, or by executing a  set-user-ID  or
3215                     set-group-ID  program) or whose binary does not have read
3216                     permission enabled.
3217
3218              1 ("debug")
3219                     All processes dump core when possible.   (Reasons  why  a
3220                     process might nevertheless not dump core are described in
3221                     core(5).)  The core dump is owned by the filesystem  user
3222                     ID  of  the  dumping  process and no security is applied.
3223                     This is intended for system  debugging  situations  only:
3224                     this  mode  is  insecure  because  it allows unprivileged
3225                     users to examine the memory contents of  privileged  pro‐
3226                     cesses.
3227
3228              2 ("suidsafe")
3229                     Any  binary  which  normally would not be dumped (see "0"
3230                     above) is dumped readable by root only.  This allows  the
3231                     user  to  remove  the  core dump file but not to read it.
3232                     For security reasons core dumps in  this  mode  will  not
3233                     overwrite  one  another  or  other  files.   This mode is
3234                     appropriate when administrators are attempting  to  debug
3235                     problems in a normal environment.
3236
3237                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pat‐
3238                     tern must either be an absolute pathname or a  pipe  com‐
3239                     mand,  as  detailed in core(5).  Warnings will be written
3240                     to the kernel log if core_pattern does not  follow  these
3241                     rules, and no core dump will be produced.
3242
3243              For  details  of the effect of a process's "dumpable" setting on
3244              ptrace access mode checking, see ptrace(2).
3245
3246       /proc/sys/fs/super-max
3247              This file controls the maximum number of superblocks,  and  thus
3248              the  maximum  number of mounted filesystems the kernel can have.
3249              You need increase only super-max  if  you  need  to  mount  more
3250              filesystems than the current value in super-max allows you to.
3251
3252       /proc/sys/fs/super-nr
3253              This file contains the number of filesystems currently mounted.
3254
3255       /proc/sys/kernel
3256              This  directory  contains  files  controlling  a range of kernel
3257              parameters, as described below.
3258
3259       /proc/sys/kernel/acct
3260              This file contains three numbers: highwater, lowwater, and  fre‐
3261              quency.   If BSD-style process accounting is enabled, these val‐
3262              ues control its behavior.  If free space on filesystem where the
3263              log  lives goes below lowwater percent, accounting suspends.  If
3264              free space gets above  highwater  percent,  accounting  resumes.
3265              frequency  determines  how often the kernel checks the amount of
3266              free space (value is in seconds).  Default values are 4,  2  and
3267              30.   That  is,  suspend accounting if 2% or less space is free;
3268              resume it if 4% or more  space  is  free;  consider  information
3269              about amount of free space valid for 30 seconds.
3270
3271       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
3272              From  Linux 2.6.27 to 3.18, this file was used to control recom‐
3273              puting of the value in /proc/sys/kernel/msgmni upon the addition
3274              or  removal  of  memory  or upon IPC namespace creation/removal.
3275              Echoing "1" into this file enabled msgmni automatic  recomputing
3276              (and  triggered  a  recomputation of msgmni based on the current
3277              amount of available memory and number of IPC namespaces).  Echo‐
3278              ing  "0" disabled automatic recomputing.  (Automatic recomputing
3279              was  also  disabled  if  a  value  was  explicitly  assigned  to
3280              /proc/sys/kernel/msgmni.)   The default value in auto_msgmni was
3281              1.
3282
3283              Since Linux 3.19,  the  content  of  this  file  has  no  effect
3284              (because  msgmni  defaults  to near the maximum value possible),
3285              and reads from this file always return the value "0".
3286
3287       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
3288              See capabilities(7).
3289
3290       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
3291              This file holds the value of the kernel capability bounding  set
3292              (expressed  as  a  signed  decimal  number).   This set is ANDed
3293              against  the  capabilities  permitted  to   a   process   during
3294              execve(2).  Starting with Linux 2.6.25, the system-wide capabil‐
3295              ity bounding set disappeared, and was replaced by  a  per-thread
3296              bounding set; see capabilities(7).
3297
3298       /proc/sys/kernel/core_pattern
3299              See core(5).
3300
3301       /proc/sys/kernel/core_pipe_limit
3302              See core(5).
3303
3304       /proc/sys/kernel/core_uses_pid
3305              See core(5).
3306
3307       /proc/sys/kernel/ctrl-alt-del
3308              This  file  controls  the handling of Ctrl-Alt-Del from the key‐
3309              board.  When the value  in  this  file  is  0,  Ctrl-Alt-Del  is
3310              trapped  and  sent  to  the init(1) program to handle a graceful
3311              restart.  When the value is greater than zero, Linux's  reaction
3312              to  a Vulcan Nerve Pinch (tm) will be an immediate reboot, with‐
3313              out even syncing its dirty buffers.  Note: when a program  (like
3314              dosemu)  has  the  keyboard  in  "raw" mode, the ctrl-alt-del is
3315              intercepted by the program before it ever reaches the kernel tty
3316              layer, and it's up to the program to decide what to do with it.
3317
3318       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
3319              The value in this file determines who can see kernel syslog con‐
3320              tents.  A value of 0 in this file imposes no  restrictions.   If
3321              the  value  is 1, only privileged users can read the kernel sys‐
3322              log.  (See syslog(2) for more details.)  Since Linux  3.4,  only
3323              users  with the CAP_SYS_ADMIN capability may change the value in
3324              this file.
3325
3326       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
3327              can be used to set the NIS/YP domainname  and  the  hostname  of
3328              your  box  in exactly the same way as the commands domainname(1)
3329              and hostname(1), that is:
3330
3331                  # echo 'darkstar' > /proc/sys/kernel/hostname
3332                  # echo 'mydomain' > /proc/sys/kernel/domainname
3333
3334              has the same effect as
3335
3336                  # hostname 'darkstar'
3337                  # domainname 'mydomain'
3338
3339              Note, however, that the classic darkstar.frop.org has the  host‐
3340              name "darkstar" and DNS (Internet Domain Name Server) domainname
3341              "frop.org", not to be confused with the NIS (Network Information
3342              Service)  or  YP  (Yellow  Pages)  domainname.  These two domain
3343              names are in general different.  For a detailed  discussion  see
3344              the hostname(1) man page.
3345
3346       /proc/sys/kernel/hotplug
3347              This  file  contains  the pathname for the hotplug policy agent.
3348              The default value in this file is /sbin/hotplug.
3349
3350       /proc/sys/kernel/htab-reclaim (before Linux 2.4.9.2)
3351              (PowerPC only) If this file is set to a nonzero value, the  Pow‐
3352              erPC  htab  (see kernel file Documentation/powerpc/ppc_htab.txt)
3353              is pruned each time the system hits the idle loop.
3354
3355       /proc/sys/kernel/keys/*
3356              This directory contains various files that define parameters and
3357              limits   for  the  key-management  facility.   These  files  are
3358              described in keyrings(7).
3359
3360       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
3361              The value in this file determines whether kernel  addresses  are
3362              exposed  via  /proc files and other interfaces.  A value of 0 in
3363              this file imposes no restrictions.  If the value  is  1,  kernel
3364              pointers printed using the %pK format specifier will be replaced
3365              with zeros unless the user has the  CAP_SYSLOG  capability.   If
3366              the  value  is  2,  kernel pointers printed using the %pK format
3367              specifier will be replaced with zeros regardless of  the  user's
3368              capabilities.   The  initial  default value for this file was 1,
3369              but the default was changed to 0 in Linux 2.6.39.   Since  Linux
3370              3.4, only users with the CAP_SYS_ADMIN capability can change the
3371              value in this file.
3372
3373       /proc/sys/kernel/l2cr
3374              (PowerPC only) This file contains a flag that  controls  the  L2
3375              cache  of  G3  processor  boards.   If 0, the cache is disabled.
3376              Enabled if nonzero.
3377
3378       /proc/sys/kernel/modprobe
3379              This file contains the pathname for the  kernel  module  loader.
3380              The  default  value is /sbin/modprobe.  The file is present only
3381              if the kernel is built with the CONFIG_MODULES  (CONFIG_KMOD  in
3382              Linux  2.6.26  and  earlier) option enabled.  It is described by
3383              the Linux kernel  source  file  Documentation/kmod.txt  (present
3384              only in kernel 2.4 and earlier).
3385
3386       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
3387              A toggle value indicating if modules are allowed to be loaded in
3388              an otherwise modular kernel.  This toggle defaults to  off  (0),
3389              but  can  be  set  true  (1).  Once true, modules can be neither
3390              loaded nor unloaded, and the toggle cannot be set back to false.
3391              The  file  is  present only if the kernel is built with the CON‐
3392              FIG_MODULES option enabled.
3393
3394       /proc/sys/kernel/msgmax (since Linux 2.2)
3395              This file defines a system-wide  limit  specifying  the  maximum
3396              number  of  bytes in a single message written on a System V mes‐
3397              sage queue.
3398
3399       /proc/sys/kernel/msgmni (since Linux 2.4)
3400              This file defines the system-wide limit on the number of message
3401              queue identifiers.  See also /proc/sys/kernel/auto_msgmni.
3402
3403       /proc/sys/kernel/msgmnb (since Linux 2.2)
3404              This file defines a system-wide parameter used to initialize the
3405              msg_qbytes setting for subsequently created message queues.  The
3406              msg_qbytes  setting  specifies  the maximum number of bytes that
3407              may be written to the message queue.
3408
3409       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
3410              This is a read-only file that displays the upper  limit  on  the
3411              number of a process's group memberships.
3412
3413       /proc/sys/kernel/ns_last_pid (since Linux 3.3)
3414              See pid_namespaces(7).
3415
3416       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
3417              These files give substrings of /proc/version.
3418
3419       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
3420              These  files  duplicate  the  files /proc/sys/fs/overflowgid and
3421              /proc/sys/fs/overflowuid.
3422
3423       /proc/sys/kernel/panic
3424              This  file  gives  read/write  access  to  the  kernel  variable
3425              panic_timeout.   If  this  is  zero,  the  kernel will loop on a
3426              panic; if nonzero, it indicates that the kernel  should  autore‐
3427              boot  after  this  number of seconds.  When you use the software
3428              watchdog device driver, the recommended setting is 60.
3429
3430       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
3431              This file controls the kernel's behavior when an oops or BUG  is
3432              encountered.   If this file contains 0, then the system tries to
3433              continue operation.  If it contains 1, then the system delays  a
3434              few  seconds  (to give klogd time to record the oops output) and
3435              then  panics.   If  the  /proc/sys/kernel/panic  file  is   also
3436              nonzero, then the machine will be rebooted.
3437
3438       /proc/sys/kernel/pid_max (since Linux 2.5.34)
3439              This  file  specifies the value at which PIDs wrap around (i.e.,
3440              the value in this file is one greater  than  the  maximum  PID).
3441              PIDs  greater than this value are not allocated; thus, the value
3442              in this file also acts as a system-wide limit on the total  num‐
3443              ber  of processes and threads.  The default value for this file,
3444              32768, results in the same range of PIDs as on earlier  kernels.
3445              On 32-bit platforms, 32768 is the maximum value for pid_max.  On
3446              64-bit systems, pid_max can be set  to  any  value  up  to  2^22
3447              (PID_MAX_LIMIT, approximately 4 million).
3448
3449       /proc/sys/kernel/powersave-nap (PowerPC only)
3450              This file contains a flag.  If set, Linux-PPC will use the "nap"
3451              mode of powersaving, otherwise the "doze" mode will be used.
3452
3453       /proc/sys/kernel/printk
3454              See syslog(2).
3455
3456       /proc/sys/kernel/pty (since Linux 2.6.4)
3457              This directory contains two files relating to the number of UNIX
3458              98 pseudoterminals (see pts(4)) on the system.
3459
3460       /proc/sys/kernel/pty/max
3461              This file defines the maximum number of pseudoterminals.
3462
3463       /proc/sys/kernel/pty/nr
3464              This  read-only file indicates how many pseudoterminals are cur‐
3465              rently in use.
3466
3467       /proc/sys/kernel/random
3468              This directory contains various parameters controlling the oper‐
3469              ation of the file /dev/random.  See random(4) for further infor‐
3470              mation.
3471
3472       /proc/sys/kernel/random/uuid (since Linux 2.4)
3473              Each read from this read-only file returns a randomly  generated
3474              128-bit UUID, as a string in the standard UUID format.
3475
3476       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
3477              Select  the address space layout randomization (ASLR) policy for
3478              the system (on architectures that support ASLR).   Three  values
3479              are supported for this file:
3480
3481              0  Turn  ASLR  off.   This is the default for architectures that
3482                 don't support ASLR, and when the kernel is  booted  with  the
3483                 norandmaps parameter.
3484
3485              1  Make the addresses of mmap(2) allocations, the stack, and the
3486                 VDSO page randomized.  Among other things,  this  means  that
3487                 shared libraries will be loaded at randomized addresses.  The
3488                 text segment of PIE-linked binaries will also be loaded at  a
3489                 randomized  address.  This value is the default if the kernel
3490                 was configured with CONFIG_COMPAT_BRK.
3491
3492              2  (Since Linux 2.6.25) Also support heap  randomization.   This
3493                 value  is  the  default if the kernel was not configured with
3494                 CONFIG_COMPAT_BRK.
3495
3496       /proc/sys/kernel/real-root-dev
3497              This file is documented in the Linux kernel source file Documen‐
3498              tation/admin-guide/initrd.rst    (or    Documentation/initrd.txt
3499              before Linux 4.10).
3500
3501       /proc/sys/kernel/reboot-cmd (Sparc only)
3502              This file seems to be a way to give an  argument  to  the  SPARC
3503              ROM/Flash  boot  loader.   Maybe  to  tell  it  what to do after
3504              rebooting?
3505
3506       /proc/sys/kernel/rtsig-max
3507              (Only in kernels up to and including  2.6.7;  see  setrlimit(2))
3508              This  file can be used to tune the maximum number of POSIX real-
3509              time (queued) signals that can be outstanding in the system.
3510
3511       /proc/sys/kernel/rtsig-nr
3512              (Only in kernels up to and including 2.6.7.)   This  file  shows
3513              the number of POSIX real-time signals currently queued.
3514
3515       /proc/[pid]/sched_autogroup_enabled (since Linux 2.6.38)
3516              See sched(7).
3517
3518       /proc/sys/kernel/sched_child_runs_first (since Linux 2.6.23)
3519              If this file contains the value zero, then, after a fork(2), the
3520              parent is first scheduled on the CPU.  If the  file  contains  a
3521              nonzero  value,  then  the  child is scheduled first on the CPU.
3522              (Of course, on a multiprocessor system, the parent and the child
3523              might both immediately be scheduled on a CPU.)
3524
3525       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
3526              See sched_rr_get_interval(2).
3527
3528       /proc/sys/kernel/sched_rt_period_us (since Linux 2.6.25)
3529              See sched(7).
3530
3531       /proc/sys/kernel/sched_rt_runtime_us (since Linux 2.6.25)
3532              See sched(7).
3533
3534       /proc/sys/kernel/seccomp (since Linux 4.14)
3535              This  directory provides additional seccomp information and con‐
3536              figuration.  See seccomp(2) for further details.
3537
3538       /proc/sys/kernel/sem (since Linux 2.4)
3539              This file contains 4 numbers defining limits for  System  V  IPC
3540              semaphores.  These fields are, in order:
3541
3542              SEMMSL  The maximum semaphores per semaphore set.
3543
3544              SEMMNS  A  system-wide  limit on the number of semaphores in all
3545                      semaphore sets.
3546
3547              SEMOPM  The maximum number of operations that may  be  specified
3548                      in a semop(2) call.
3549
3550              SEMMNI  A  system-wide  limit on the maximum number of semaphore
3551                      identifiers.
3552
3553       /proc/sys/kernel/sg-big-buff
3554              This file shows the size of the generic SCSI device (sg) buffer.
3555              You  can't  tune it just yet, but you could change it at compile
3556              time by editing include/scsi/sg.h  and  changing  the  value  of
3557              SG_BIG_BUFF.   However,  there shouldn't be any reason to change
3558              this value.
3559
3560       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
3561              If this file is set to 1, all System V  shared  memory  segments
3562              will be marked for destruction as soon as the number of attached
3563              processes falls to zero; in other words, it is no longer  possi‐
3564              ble to create shared memory segments that exist independently of
3565              any attached process.
3566
3567              The effect is as though a shmctl(2) IPC_RMID is performed on all
3568              existing  segments as well as all segments created in the future
3569              (until this file is reset to 0).  Note  that  existing  segments
3570              that  are  attached  to no process will be immediately destroyed
3571              when this file is set to  1.   Setting  this  option  will  also
3572              destroy  segments  that  were  created, but never attached, upon
3573              termination  of  the  process  that  created  the  segment  with
3574              shmget(2).
3575
3576              Setting  this file to 1 provides a way of ensuring that all Sys‐
3577              tem V shared memory segments are counted  against  the  resource
3578              usage  and  resource limits (see the description of RLIMIT_AS in
3579              getrlimit(2)) of at least one process.
3580
3581              Because setting this file to 1 produces behavior  that  is  non‐
3582              standard and could also break existing applications, the default
3583              value in this file is 0.  Set this file to 1 only if you have  a
3584              good  understanding  of  the semantics of the applications using
3585              System V shared memory on your system.
3586
3587       /proc/sys/kernel/shmall (since Linux 2.2)
3588              This file contains the system-wide limit on the total number  of
3589              pages of System V shared memory.
3590
3591       /proc/sys/kernel/shmmax (since Linux 2.2)
3592              This file can be used to query and set the run-time limit on the
3593              maximum (System V IPC) shared memory segment size  that  can  be
3594              created.   Shared memory segments up to 1GB are now supported in
3595              the kernel.  This value defaults to SHMMAX.
3596
3597       /proc/sys/kernel/shmmni (since Linux 2.4)
3598              This file specifies the system-wide maximum number of  System  V
3599              shared memory segments that can be created.
3600
3601       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
3602              The  value  in  this file determines how the file offset affects
3603              the behavior of updating entries in files under /proc/sys.   The
3604              file has three possible values:
3605
3606              -1  This  provides  legacy  handling,  with  no printk warnings.
3607                  Each write(2) must fully contain the value  to  be  written,
3608                  and  multiple  writes on the same file descriptor will over‐
3609                  write the entire value, regardless of the file position.
3610
3611              0   (default) This provides the same behavior  as  for  -1,  but
3612                  printk  warnings  are  written  for  processes  that perform
3613                  writes when the file offset is not 0.
3614
3615              1   Respect the file offset when writing strings into  /proc/sys
3616                  files.   Multiple  writes  will  append to the value buffer.
3617                  Anything written beyond the maximum length of the value buf‐
3618                  fer  will  be  ignored.  Writes to numeric /proc/sys entries
3619                  must always be at file offset 0 and the value must be  fully
3620                  contained in the buffer provided to write(2).
3621
3622       /proc/sys/kernel/sysrq
3623              This  file  controls  the functions allowed to be invoked by the
3624              SysRq key.  By default, the file contains 1 meaning  that  every
3625              possible  SysRq  request  is  allowed (in older kernel versions,
3626              SysRq was disabled by default, and you were required to specifi‐
3627              cally enable it at run-time, but this is not the case any more).
3628              Possible values in this file are:
3629
3630              0    Disable sysrq completely
3631
3632              1    Enable all functions of sysrq
3633
3634              > 1  Bit mask of allowed sysrq functions, as follows:
3635                     2  Enable control of console logging level
3636                     4  Enable control of keyboard (SAK, unraw)
3637                     8  Enable debugging dumps of processes etc.
3638                    16  Enable sync command
3639                    32  Enable remount read-only
3640                    64  Enable signaling of processes (term, kill, oom-kill)
3641                   128  Allow reboot/poweroff
3642                   256  Allow nicing of all real-time tasks
3643
3644              This file is present only if the CONFIG_MAGIC_SYSRQ kernel  con‐
3645              figuration option is enabled.  For further details see the Linux
3646              kernel source file Documentation/admin-guide/sysrq.rst (or Docu‐
3647              mentation/sysrq.txt before Linux 4.10).
3648
3649       /proc/sys/kernel/version
3650              This file contains a string such as:
3651
3652                  #5 Wed Feb 25 21:49:24 MET 1998
3653
3654              The  "#5"  means  that  this is the fifth kernel built from this
3655              source base and the date following it  indicates  the  time  the
3656              kernel was built.
3657
3658       /proc/sys/kernel/threads-max (since Linux 2.3.11)
3659              This  file  specifies  the  system-wide  limit  on the number of
3660              threads (tasks) that can be created on the system.
3661
3662              Since Linux 4.1, the value that can be written to threads-max is
3663              bounded.  The minimum value that can be written is 20.  The max‐
3664              imum value  that  can  be  written  is  given  by  the  constant
3665              FUTEX_TID_MASK  (0x3fffffff).   If a value outside of this range
3666              is written to threads-max, the error EINVAL occurs.
3667
3668              The value written is checked against the  available  RAM  pages.
3669              If the thread structures would occupy too much (more than 1/8th)
3670              of the available RAM pages, threads-max is reduced accordingly.
3671
3672       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
3673              See ptrace(2).
3674
3675       /proc/sys/kernel/zero-paged (PowerPC only)
3676              This file contains a flag.  When  enabled  (nonzero),  Linux-PPC
3677              will  pre-zero  pages  in  the  idle  loop, possibly speeding up
3678              get_free_pages.
3679
3680       /proc/sys/net
3681              This directory contains networking stuff.  Explanations for some
3682              of  the  files  under  this directory can be found in tcp(7) and
3683              ip(7).
3684
3685       /proc/sys/net/core/bpf_jit_enable
3686              See bpf(2).
3687
3688       /proc/sys/net/core/somaxconn
3689              This file defines a ceiling value for the  backlog  argument  of
3690              listen(2); see the listen(2) manual page for details.
3691
3692       /proc/sys/proc
3693              This directory may be empty.
3694
3695       /proc/sys/sunrpc
3696              This  directory  supports  Sun remote procedure call for network
3697              filesystem (NFS).  On some systems, it is not present.
3698
3699       /proc/sys/user (since Linux 4.9)
3700              See namespaces(7).
3701
3702       /proc/sys/vm
3703              This directory contains files for memory management tuning, buf‐
3704              fer and cache management.
3705
3706       /proc/sys/vm/admin_reserve_kbytes (since Linux 3.10)
3707              This file defines the amount of free memory (in KiB) on the sys‐
3708              tem that should  be  reserved  for  users  with  the  capability
3709              CAP_SYS_ADMIN.
3710
3711              The  default  value  in  this file is the minimum of [3% of free
3712              pages, 8MiB] expressed as KiB.  The default is intended to  pro‐
3713              vide  enough  for the superuser to log in and kill a process, if
3714              necessary, under the default overcommit 'guess' mode (i.e., 0 in
3715              /proc/sys/vm/overcommit_memory).
3716
3717              Systems   running   in  "overcommit  never"  mode  (i.e.,  2  in
3718              /proc/sys/vm/overcommit_memory) should  increase  the  value  in
3719              this  file  to  account  for the full virtual memory size of the
3720              programs used to recover (e.g.,  login(1)  ssh(1),  and  top(1))
3721              Otherwise,  the  superuser  may not be able to log in to recover
3722              the system.  For example, on x86-64 a suitable value  is  131072
3723              (128MiB reserved).
3724
3725              Changing  the value in this file takes effect whenever an appli‐
3726              cation requests memory.
3727
3728       /proc/sys/vm/compact_memory (since Linux 2.6.35)
3729              When 1 is written to this file, all  zones  are  compacted  such
3730              that  free memory is available in contiguous blocks where possi‐
3731              ble.  The effect  of  this  action  can  be  seen  by  examining
3732              /proc/buddyinfo.
3733
3734              Present  only  if  the  kernel  was  configured with CONFIG_COM‐
3735              PACTION.
3736
3737       /proc/sys/vm/drop_caches (since Linux 2.6.16)
3738              Writing to this file causes the kernel  to  drop  clean  caches,
3739              dentries,  and inodes from memory, causing that memory to become
3740              free.  This can be useful for memory management testing and per‐
3741              forming  reproducible filesystem benchmarks.  Because writing to
3742              this file causes the benefits of caching  to  be  lost,  it  can
3743              degrade overall system performance.
3744
3745              To free pagecache, use:
3746
3747                  echo 1 > /proc/sys/vm/drop_caches
3748
3749              To free dentries and inodes, use:
3750
3751                  echo 2 > /proc/sys/vm/drop_caches
3752
3753              To free pagecache, dentries and inodes, use:
3754
3755                  echo 3 > /proc/sys/vm/drop_caches
3756
3757              Because  writing  to this file is a nondestructive operation and
3758              dirty objects are not freeable,  the  user  should  run  sync(1)
3759              first.
3760
3761       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
3762              If  nonzero, this disables the new 32-bit memory-mapping layout;
3763              the kernel will use the legacy (2.4) layout for all processes.
3764
3765       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
3766              Control how to kill processes when an uncorrected  memory  error
3767              (typically a 2-bit error in a memory module) that cannot be han‐
3768              dled by the kernel is detected in the  background  by  hardware.
3769              In some cases (like the page still having a valid copy on disk),
3770              the kernel will handle the failure transparently without affect‐
3771              ing  any applications.  But if there is no other up-to-date copy
3772              of the data, it will kill processes to prevent any data  corrup‐
3773              tions from propagating.
3774
3775              The file has one of the following values:
3776
3777              1:  Kill  all  processes that have the corrupted-and-not-reload‐
3778                  able page mapped as soon  as  the  corruption  is  detected.
3779                  Note  that  this  is not supported for a few types of pages,
3780                  such as kernel internally allocated data or the swap  cache,
3781                  but works for the majority of user pages.
3782
3783              0:  Unmap  the  corrupted  page  from  all  processes and kill a
3784                  process only if it tries to access the page.
3785
3786              The kill is performed using a SIGBUS signal with si_code set  to
3787              BUS_MCEERR_AO.   Processes  can handle this if they want to; see
3788              sigaction(2) for more details.
3789
3790              This feature is  active  only  on  architectures/platforms  with
3791              advanced  machine  check  handling  and  depends on the hardware
3792              capabilities.
3793
3794              Applications can override the memory_failure_early_kill  setting
3795              individually with the prctl(2) PR_MCE_KILL operation.
3796
3797              Present  only  if  the  kernel  was  configured with CONFIG_MEM‐
3798              ORY_FAILURE.
3799
3800       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
3801              Enable memory failure recovery (when supported by the platform)
3802
3803              1:  Attempt recovery.
3804
3805              0:  Always panic on a memory failure.
3806
3807              Present only if  the  kernel  was  configured  with  CONFIG_MEM‐
3808              ORY_FAILURE.
3809
3810       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
3811              Enables a system-wide task dump (excluding kernel threads) to be
3812              produced when the kernel  performs  an  OOM-killing.   The  dump
3813              includes  the  following  information  for  each  task  (thread,
3814              process): thread ID, real user ID, thread group ID (process ID),
3815              virtual memory size, resident set size, the CPU that the task is
3816              scheduled  on,   oom_adj   score   (see   the   description   of
3817              /proc/[pid]/oom_adj),  and  command  name.   This  is helpful to
3818              determine why the OOM-killer was invoked  and  to  identify  the
3819              rogue task that caused it.
3820
3821              If this contains the value zero, this information is suppressed.
3822              On very large systems with thousands of tasks,  it  may  not  be
3823              feasible  to  dump  the  memory  state information for each one.
3824              Such systems should not be forced to incur a performance penalty
3825              in OOM situations when the information may not be desired.
3826
3827              If  this  is  set to nonzero, this information is shown whenever
3828              the OOM-killer actually kills a memory-hogging task.
3829
3830              The default value is 0.
3831
3832       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
3833              This enables or disables killing the OOM-triggering task in out-
3834              of-memory situations.
3835
3836              If  this  is  set  to zero, the OOM-killer will scan through the
3837              entire tasklist and select a task based on heuristics  to  kill.
3838              This  normally selects a rogue memory-hogging task that frees up
3839              a large amount of memory when killed.
3840
3841              If this is set to nonzero, the OOM-killer simply kills the  task
3842              that  triggered the out-of-memory condition.  This avoids a pos‐
3843              sibly expensive tasklist scan.
3844
3845              If /proc/sys/vm/panic_on_oom is  nonzero,  it  takes  precedence
3846              over  whatever  value  is used in /proc/sys/vm/oom_kill_allocat‐
3847              ing_task.
3848
3849              The default value is 0.
3850
3851       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
3852              This writable file provides an alternative to /proc/sys/vm/over‐
3853              commit_ratio    for    controlling    the    CommitLimit    when
3854              /proc/sys/vm/overcommit_memory has the value 2.  It  allows  the
3855              amount  of  memory overcommitting to be specified as an absolute
3856              value (in kB), rather than as a  percentage,  as  is  done  with
3857              overcommit_ratio.  This allows for finer-grained control of Com‐
3858              mitLimit on systems with extremely large memory sizes.
3859
3860              Only one of overcommit_kbytes or overcommit_ratio  can  have  an
3861              effect:  if  overcommit_kbytes  has  a nonzero value, then it is
3862              used to calculate  CommitLimit,  otherwise  overcommit_ratio  is
3863              used.  Writing a value to either of these files causes the value
3864              in the other file to be set to zero.
3865
3866       /proc/sys/vm/overcommit_memory
3867              This file contains the kernel virtual  memory  accounting  mode.
3868              Values are:
3869
3870                     0: heuristic overcommit (this is the default)
3871                     1: always overcommit, never check
3872                     2: always check, never overcommit
3873
3874              In  mode 0, calls of mmap(2) with MAP_NORESERVE are not checked,
3875              and the default check is very weak, leading to the risk of  get‐
3876              ting a process "OOM-killed".
3877
3878              In  mode  1,  the kernel pretends there is always enough memory,
3879              until memory actually runs out.  One use case for this  mode  is
3880              scientific  computing  applications  that  employ  large  sparse
3881              arrays.  In Linux kernel  versions  before  2.6.0,  any  nonzero
3882              value implies mode 1.
3883
3884              In mode 2 (available since Linux 2.6), the total virtual address
3885              space that can be allocated (CommitLimit  in  /proc/meminfo)  is
3886              calculated as
3887
3888                  CommitLimit = (total_RAM - total_huge_TLB) *
3889                                overcommit_ratio / 100 + total_swap
3890
3891              where:
3892
3893                   *  total_RAM is the total amount of RAM on the system;
3894
3895                   *  total_huge_TLB  is  the  amount  of memory set aside for
3896                      huge pages;
3897
3898                   *  overcommit_ratio is the value  in  /proc/sys/vm/overcom‐
3899                      mit_ratio; and
3900
3901                   *  total_swap is the amount of swap space.
3902
3903              For  example,  on  a  system  with 16GB of physical RAM, 16GB of
3904              swap, no space dedicated to huge pages, and an  overcommit_ratio
3905              of 50, this formula yields a CommitLimit of 24GB.
3906
3907              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes
3908              is nonzero, then CommitLimit is instead calculated as:
3909
3910                  CommitLimit = overcommit_kbytes + total_swap
3911
3912              See also the  description  of  /proc/sys/vm/admin_reserve_kbytes
3913              and /proc/sys/vm/user_reserve_kbytes.
3914
3915       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
3916              This  writable  file defines a percentage by which memory can be
3917              overcommitted.  The default value in the file is  50.   See  the
3918              description of /proc/sys/vm/overcommit_memory.
3919
3920       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
3921              This enables or disables a kernel panic in an out-of-memory sit‐
3922              uation.
3923
3924              If this file is set to the value 0, the kernel's OOM-killer will
3925              kill  some  rogue  process.   Usually, the OOM-killer is able to
3926              kill a rogue process and the system will survive.
3927
3928              If this file is set to the value 1,  then  the  kernel  normally
3929              panics when out-of-memory happens.  However, if a process limits
3930              allocations to certain nodes  using  memory  policies  (mbind(2)
3931              MPOL_BIND)  or  cpusets (cpuset(7)) and those nodes reach memory
3932              exhaustion status, one process may be killed by the  OOM-killer.
3933              No panic occurs in this case: because other nodes' memory may be
3934              free, this means the system as a whole may not have  reached  an
3935              out-of-memory situation yet.
3936
3937              If  this  file  is  set to the value 2, the kernel always panics
3938              when an out-of-memory condition occurs.
3939
3940              The default value is 0.  1 and 2 are for failover of clustering.
3941              Select either according to your policy of failover.
3942
3943       /proc/sys/vm/swappiness
3944              The value in this file controls how aggressively the kernel will
3945              swap memory pages.  Higher values increase aggressiveness, lower
3946              values decrease aggressiveness.  The default value is 60.
3947
3948       /proc/sys/vm/user_reserve_kbytes (since Linux 3.10)
3949              Specifies  an amount of memory (in KiB) to reserve for user pro‐
3950              cesses, This is intended to prevent a user from starting a  sin‐
3951              gle  memory hogging process, such that they cannot recover (kill
3952              the hog).  The value in  this  file  has  an  effect  only  when
3953              /proc/sys/vm/overcommit_memory  is  set to 2 ("overcommit never"
3954              mode).  In this case, the system reserves an  amount  of  memory
3955              that   is   the   minimum   of  [3%  of  current  process  size,
3956              user_reserve_kbytes].
3957
3958              The default value in this file is the minimum  of  [3%  of  free
3959              pages, 128MiB] expressed as KiB.
3960
3961              If  the  value  in this file is set to zero, then a user will be
3962              allowed to allocate all free memory with a single process (minus
3963              the  amount reserved by /proc/sys/vm/admin_reserve_kbytes).  Any
3964              subsequent attempts to execute a command will result  in  "fork:
3965              Cannot allocate memory".
3966
3967              Changing  the value in this file takes effect whenever an appli‐
3968              cation requests memory.
3969
3970       /proc/sysrq-trigger (since Linux 2.4.21)
3971              Writing a character to this file triggers the same  SysRq  func‐
3972              tion  as  typing  ALT-SysRq-<character>  (see the description of
3973              /proc/sys/kernel/sysrq).  This file is normally writable only by
3974              root.  For further details see the Linux kernel source file Doc‐
3975              umentation/admin-guide/sysrq.rst   (or   Documentation/sysrq.txt
3976              before Linux 4.10).
3977
3978       /proc/sysvipc
3979              Subdirectory  containing  the  pseudo-files  msg,  sem  and shm.
3980              These files list the System V Interprocess  Communication  (IPC)
3981              objects  (respectively:  message  queues, semaphores, and shared
3982              memory) that currently exist on the  system,  providing  similar
3983              information  to  that  available  via ipcs(1).  These files have
3984              headers and are formatted (one IPC object  per  line)  for  easy
3985              understanding.   sysvipc(7)  provides  further background on the
3986              information shown by these files.
3987
3988       /proc/thread-self (since Linux 3.17)
3989              This directory refers to the thread accessing the /proc filesys‐
3990              tem,  and  is  identical  to the /proc/self/task/[tid] directory
3991              named by the process thread ID ([tid]) of the same thread.
3992
3993       /proc/timer_list (since Linux 2.6.21)
3994              This read-only file exposes a  list  of  all  currently  pending
3995              (high-resolution)  timers,  all  clock-event  sources, and their
3996              parameters in a human-readable form.
3997
3998       /proc/timer_stats (from  Linux 2.6.21 until Linux 4.10)
3999              This is a debugging facility to make timer (ab)use  in  a  Linux
4000              system  visible  to kernel and user-space developers.  It can be
4001              used by kernel and user-space developers to  verify  that  their
4002              code  does  not  make undue use of timers.  The goal is to avoid
4003              unnecessary wakeups, thereby optimizing power consumption.
4004
4005              If enabled in the kernel (CONFIG_TIMER_STATS), but not used,  it
4006              has  almost  zero run-time overhead and a relatively small data-
4007              structure overhead.  Even if collection is enabled at run  time,
4008              overhead  is  low:  all  the  locking  is  per-CPU and lookup is
4009              hashed.
4010
4011              The /proc/timer_stats file is  used  both  to  control  sampling
4012              facility and to read out the sampled information.
4013
4014              The timer_stats functionality is inactive on bootup.  A sampling
4015              period can be started using the following command:
4016
4017                  # echo 1 > /proc/timer_stats
4018
4019              The following command stops a sampling period:
4020
4021                  # echo 0 > /proc/timer_stats
4022
4023              The statistics can be retrieved by:
4024
4025                  $ cat /proc/timer_stats
4026
4027              While sampling is enabled, each readout  from  /proc/timer_stats
4028              will  see  newly updated statistics.  Once sampling is disabled,
4029              the sampled information is kept until a  new  sample  period  is
4030              started.  This allows multiple readouts.
4031
4032              Sample output from /proc/timer_stats:
4033
4034    $ cat /proc/timer_stats
4035    Timer Stats Version: v0.3
4036    Sample period: 1.764 s
4037    Collection: active
4038      255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
4039       71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
4040       58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
4041        4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
4042       17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
4043    ...
4044        1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
4045       1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
4046    1029 total events, 583.333 events/sec
4047
4048              The output columns are:
4049
4050              *  a  count  of  the  number  of events, optionally (since Linux
4051                 2.6.23) followed by the letter 'D' if this  is  a  deferrable
4052                 timer;
4053
4054              *  the PID of the process that initialized the timer;
4055
4056              *  the name of the process that initialized the timer;
4057
4058              *  the function where the timer was initialized; and
4059
4060              *  (in  parentheses)  the  callback  function that is associated
4061                 with the timer.
4062
4063              During the Linux 4.11 development cycle, this file  was  removed
4064              because  of  security concerns, as it exposes information across
4065              namespaces.  Furthermore, it is  possible  to  obtain  the  same
4066              information via in-kernel tracing facilities such as ftrace.
4067
4068       /proc/tty
4069              Subdirectory  containing the pseudo-files and subdirectories for
4070              tty drivers and line disciplines.
4071
4072       /proc/uptime
4073              This file contains two numbers (values in seconds):  the  uptime
4074              of  the  system (including time spent in suspend) and the amount
4075              of time spent in the idle process.
4076
4077       /proc/version
4078              This string identifies the kernel version that is currently run‐
4079              ning.   It  includes  the  contents  of /proc/sys/kernel/ostype,
4080              /proc/sys/kernel/osrelease  and  /proc/sys/kernel/version.   For
4081              example:
4082
4083        Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
4084
4085       /proc/vmstat (since Linux 2.6.0)
4086              This file displays various virtual memory statistics.  Each line
4087              of this file contains a single  name-value  pair,  delimited  by
4088              white space.  Some lines are present only if the kernel was con‐
4089              figured with suitable options.   (In  some  cases,  the  options
4090              required  for  particular  files have changed across kernel ver‐
4091              sions, so they are not listed here.  Details  can  be  found  by
4092              consulting the kernel source code.)  The following fields may be
4093              present:
4094
4095              nr_free_pages (since Linux 2.6.31)
4096
4097              nr_alloc_batch (since Linux 3.12)
4098
4099              nr_inactive_anon (since Linux 2.6.28)
4100
4101              nr_active_anon (since Linux 2.6.28)
4102
4103              nr_inactive_file (since Linux 2.6.28)
4104
4105              nr_active_file (since Linux 2.6.28)
4106
4107              nr_unevictable (since Linux 2.6.28)
4108
4109              nr_mlock (since Linux 2.6.28)
4110
4111              nr_anon_pages (since Linux 2.6.18)
4112
4113              nr_mapped (since Linux 2.6.0)
4114
4115              nr_file_pages (since Linux 2.6.18)
4116
4117              nr_dirty (since Linux 2.6.0)
4118
4119              nr_writeback (since Linux 2.6.0)
4120
4121              nr_slab_reclaimable (since Linux 2.6.19)
4122
4123              nr_slab_unreclaimable (since Linux 2.6.19)
4124
4125              nr_page_table_pages (since Linux 2.6.0)
4126
4127              nr_kernel_stack (since Linux 2.6.32)
4128                     Amount of memory allocated to kernel stacks.
4129
4130              nr_unstable (since Linux 2.6.0)
4131
4132              nr_bounce (since Linux 2.6.12)
4133
4134              nr_vmscan_write (since Linux 2.6.19)
4135
4136              nr_vmscan_immediate_reclaim (since Linux 3.2)
4137
4138              nr_writeback_temp (since Linux 2.6.26)
4139
4140              nr_isolated_anon (since Linux 2.6.32)
4141
4142              nr_isolated_file (since Linux 2.6.32)
4143
4144              nr_shmem (since Linux 2.6.32)
4145                     Pages used by shmem and tmpfs(5).
4146
4147              nr_dirtied (since Linux 2.6.37)
4148
4149              nr_written (since Linux 2.6.37)
4150
4151              nr_pages_scanned (since Linux 3.17)
4152
4153              numa_hit (since Linux 2.6.18)
4154
4155              numa_miss (since Linux 2.6.18)
4156
4157              numa_foreign (since Linux 2.6.18)
4158
4159              numa_interleave (since Linux 2.6.18)
4160
4161              numa_local (since Linux 2.6.18)
4162
4163              numa_other (since Linux 2.6.18)
4164
4165              workingset_refault (since Linux 3.15)
4166
4167              workingset_activate (since Linux 3.15)
4168
4169              workingset_nodereclaim (since Linux 3.15)
4170
4171              nr_anon_transparent_hugepages (since Linux 2.6.38)
4172
4173              nr_free_cma (since Linux 3.7)
4174                     Number of free CMA (Contiguous Memory Allocator) pages.
4175
4176              nr_dirty_threshold (since Linux 2.6.37)
4177
4178              nr_dirty_background_threshold (since Linux 2.6.37)
4179
4180              pgpgin (since Linux 2.6.0)
4181
4182              pgpgout (since Linux 2.6.0)
4183
4184              pswpin (since Linux 2.6.0)
4185
4186              pswpout (since Linux 2.6.0)
4187
4188              pgalloc_dma (since Linux 2.6.5)
4189
4190              pgalloc_dma32 (since Linux 2.6.16)
4191
4192              pgalloc_normal (since Linux 2.6.5)
4193
4194              pgalloc_high (since Linux 2.6.5)
4195
4196              pgalloc_movable (since Linux 2.6.23)
4197
4198              pgfree (since Linux 2.6.0)
4199
4200              pgactivate (since Linux 2.6.0)
4201
4202              pgdeactivate (since Linux 2.6.0)
4203
4204              pgfault (since Linux 2.6.0)
4205
4206              pgmajfault (since Linux 2.6.0)
4207
4208              pgrefill_dma (since Linux 2.6.5)
4209
4210              pgrefill_dma32 (since Linux 2.6.16)
4211
4212              pgrefill_normal (since Linux 2.6.5)
4213
4214              pgrefill_high (since Linux 2.6.5)
4215
4216              pgrefill_movable (since Linux 2.6.23)
4217
4218              pgsteal_kswapd_dma (since Linux 3.4)
4219
4220              pgsteal_kswapd_dma32 (since Linux 3.4)
4221
4222              pgsteal_kswapd_normal (since Linux 3.4)
4223
4224              pgsteal_kswapd_high (since Linux 3.4)
4225
4226              pgsteal_kswapd_movable (since Linux 3.4)
4227
4228              pgsteal_direct_dma
4229
4230              pgsteal_direct_dma32 (since Linux 3.4)
4231
4232              pgsteal_direct_normal (since Linux 3.4)
4233
4234              pgsteal_direct_high (since Linux 3.4)
4235
4236              pgsteal_direct_movable (since Linux 2.6.23)
4237
4238              pgscan_kswapd_dma
4239
4240              pgscan_kswapd_dma32 (since Linux 2.6.16)
4241
4242              pgscan_kswapd_normal (since Linux 2.6.5)
4243
4244              pgscan_kswapd_high
4245
4246              pgscan_kswapd_movable (since Linux 2.6.23)
4247
4248              pgscan_direct_dma
4249
4250              pgscan_direct_dma32 (since Linux 2.6.16)
4251
4252              pgscan_direct_normal
4253
4254              pgscan_direct_high
4255
4256              pgscan_direct_movable (since Linux 2.6.23)
4257
4258              pgscan_direct_throttle (since Linux 3.6)
4259
4260              zone_reclaim_failed (since linux 2.6.31)
4261
4262              pginodesteal (since linux 2.6.0)
4263
4264              slabs_scanned (since linux 2.6.5)
4265
4266              kswapd_inodesteal (since linux 2.6.0)
4267
4268              kswapd_low_wmark_hit_quickly (since 2.6.33)
4269
4270              kswapd_high_wmark_hit_quickly (since 2.6.33)
4271
4272              pageoutrun (since Linux 2.6.0)
4273
4274              allocstall (since Linux 2.6.0)
4275
4276              pgrotated (since Linux 2.6.0)
4277
4278              drop_pagecache (since Linux 3.15)
4279
4280              drop_slab (since Linux 3.15)
4281
4282              numa_pte_updates (since Linux 3.8)
4283
4284              numa_huge_pte_updates (since Linux 3.13)
4285
4286              numa_hint_faults (since Linux 3.8)
4287
4288              numa_hint_faults_local (since Linux 3.8)
4289
4290              numa_pages_migrated (since Linux 3.8)
4291
4292              pgmigrate_success (since Linux 3.8)
4293
4294              pgmigrate_fail (since Linux 3.8)
4295
4296              compact_migrate_scanned (since Linux 3.8)
4297
4298              compact_free_scanned (since Linux 3.8)
4299
4300              compact_isolated (since Linux 3.8)
4301
4302              compact_stall (since Linux 2.6.35)
4303                     See   the   kernel   source   file   Documentation/admin-
4304                     guide/mm/transhuge.rst.
4305
4306              compact_fail (since Linux 2.6.35)
4307                     See   the   kernel   source   file   Documentation/admin-
4308                     guide/mm/transhuge.rst.
4309
4310              compact_success (since Linux 2.6.35)
4311                     See   the   kernel   source   file   Documentation/admin-
4312                     guide/mm/transhuge.rst.
4313
4314              htlb_buddy_alloc_success (since Linux 2.6.26)
4315
4316              htlb_buddy_alloc_fail (since Linux 2.6.26)
4317
4318              unevictable_pgs_culled (since Linux 2.6.28)
4319
4320              unevictable_pgs_scanned (since Linux 2.6.28)
4321
4322              unevictable_pgs_rescued (since Linux 2.6.28)
4323
4324              unevictable_pgs_mlocked (since Linux 2.6.28)
4325
4326              unevictable_pgs_munlocked (since Linux 2.6.28)
4327
4328              unevictable_pgs_cleared (since Linux 2.6.28)
4329
4330              unevictable_pgs_stranded (since Linux 2.6.28)
4331
4332              thp_fault_alloc (since Linux 2.6.39)
4333                     See   the   kernel   source   file   Documentation/admin-
4334                     guide/mm/transhuge.rst.
4335
4336              thp_fault_fallback (since Linux 2.6.39)
4337                     See   the   kernel   source   file   Documentation/admin-
4338                     guide/mm/transhuge.rst.
4339
4340              thp_collapse_alloc (since Linux 2.6.39)
4341                     See   the   kernel   source   file   Documentation/admin-
4342                     guide/mm/transhuge.rst.
4343
4344              thp_collapse_alloc_failed (since Linux 2.6.39)
4345                     See   the   kernel   source   file   Documentation/admin-
4346                     guide/mm/transhuge.rst.
4347
4348              thp_split (since Linux 2.6.39)
4349                     See   the   kernel   source   file   Documentation/admin-
4350                     guide/mm/transhuge.rst.
4351
4352              thp_zero_page_alloc (since Linux 3.8)
4353                     See   the   kernel   source   file   Documentation/admin-
4354                     guide/mm/transhuge.rst.
4355
4356              thp_zero_page_alloc_failed (since Linux 3.8)
4357                     See   the   kernel   source   file   Documentation/admin-
4358                     guide/mm/transhuge.rst.
4359
4360              balloon_inflate (since Linux 3.18)
4361
4362              balloon_deflate (since Linux 3.18)
4363
4364              balloon_migrate (since Linux 3.18)
4365
4366              nr_tlb_remote_flush (since Linux 3.12)
4367
4368              nr_tlb_remote_flush_received (since Linux 3.12)
4369
4370              nr_tlb_local_flush_all (since Linux 3.12)
4371
4372              nr_tlb_local_flush_one (since Linux 3.12)
4373
4374              vmacache_find_calls (since Linux 3.16)
4375
4376              vmacache_find_hits (since Linux 3.16)
4377
4378              vmacache_full_flushes (since Linux 3.19)
4379
4380       /proc/zoneinfo (since Linux 2.6.13)
4381              This file display information about memory zones.  This is  use‐
4382              ful for analyzing virtual memory behavior.
4383

NOTES

4385       Many  files  contain  strings  (e.g., the environment and command line)
4386       that are in the internal format,  with  subfields  terminated  by  null
4387       bytes  ('\0').   When  inspecting  such  files,  you  may find that the
4388       results are more readable if you use a command of the following form to
4389       display them:
4390
4391           $ cat file | tr '\000' '\n'
4392
4393       This manual page is incomplete, possibly inaccurate, and is the kind of
4394       thing that needs to be updated very often.
4395

SEE ALSO

4397       cat(1), dmesg(1), find(1), free(1), htop(1), init(1), ps(1), pstree(1),
4398       tr(1),   uptime(1),   chroot(2),   mmap(2),   readlink(2),   syslog(2),
4399       slabinfo(5),  sysfs(5),  hier(7),   namespaces(7),   time(7),   arp(8),
4400       hdparm(8),   ifconfig(8),  lsmod(8),  lspci(8),  mount(8),  netstat(8),
4401       procinfo(8), route(8), sysctl(8)
4402
4403       The Linux kernel source files: Documentation/filesystems/proc.txt, Doc‐
4404       umentation/sysctl/fs.txt,  Documentation/sysctl/kernel.txt,  Documenta‐
4405       tion/sysctl/net.txt, and Documentation/sysctl/vm.txt.
4406

COLOPHON

4408       This page is part of release 5.04 of the Linux  man-pages  project.   A
4409       description  of  the project, information about reporting bugs, and the
4410       latest    version    of    this    page,    can     be     found     at
4411       https://www.kernel.org/doc/man-pages/.
4412
4413
4414
4415Linux                             2019-11-19                           PROC(5)
Impressum