1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and the default if this mount  op‐
29                  tion is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid] directories but their own (the  /proc/[pid]  di‐
33                  rectories  themselves remain visible).  Sensitive files such
34                  as /proc/[pid]/cmdline and /proc/[pid]/status are  now  pro‐
35                  tected  against  other  users.   This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an attacker's task of gathering in‐
49                  formation about running processes (e.g., discovering whether
50                  some daemon is running with elevated privileges, whether an‐
51                  other  user is running some sensitive program, whether other
52                  users are running any program at all, and so on).
53
54       gid=gid (since Linux 3.3)
55              Specifies the ID of a group  whose  members  are  authorized  to
56              learn process information otherwise prohibited by hidepid (i.e.,
57              users in this group behave as  though  /proc  was  mounted  with
58              hidepid=0).   This  group  should  be used instead of approaches
59              such as putting nonroot users into the sudoers(5) file.
60
61   Overview
62       Underneath /proc, there are the following general groups of  files  and
63       subdirectories:
64
65       /proc/[pid] subdirectories
66              Each  one of these subdirectories contains files and subdirecto‐
67              ries exposing information about the process with the correspond‐
68              ing process ID.
69
70              Underneath each of the /proc/[pid] directories, a task subdirec‐
71              tory contains subdirectories of the form task/[tid], which  con‐
72              tain  corresponding information about each of the threads in the
73              process, where tid is the kernel thread ID of the thread.
74
75              The  /proc/[pid]  subdirectories  are  visible  when   iterating
76              through  /proc  with  getdents(2) (and thus are visible when one
77              uses ls(1) to view the contents of /proc).
78
79       /proc/[tid] subdirectories
80              Each one of these subdirectories contains files and  subdirecto‐
81              ries  exposing information about the thread with the correspond‐
82              ing thread ID.  The contents of these directories are  the  same
83              as the corresponding /proc/[pid]/task/[tid] directories.
84
85              The  /proc/[tid]  subdirectories  are not visible when iterating
86              through /proc with getdents(2) (and thus are  not  visible  when
87              one uses ls(1) to view the contents of /proc).
88
89       /proc/self
90              When a process accesses this magic symbolic link, it resolves to
91              the process's own /proc/[pid] directory.
92
93       /proc/thread-self
94              When a thread accesses this magic symbolic link, it resolves  to
95              the process's own /proc/self/task/[tid] directory.
96
97       /proc/[a-z]*
98              Various  other  files and subdirectories under /proc expose sys‐
99              tem-wide information.
100
101       All of the above are described in more detail below.
102
103   Files and directories
104       The following list provides details of many of the files  and  directo‐
105       ries under the /proc hierarchy.
106
107       /proc/[pid]
108              There  is a numerical subdirectory for each running process; the
109              subdirectory is named by the process ID.  Each /proc/[pid]  sub‐
110              directory  contains  the  pseudo-files and directories described
111              below.
112
113              The files inside each /proc/[pid] directory are  normally  owned
114              by  the  effective  user  and effective group ID of the process.
115              However, as a security measure, the ownership is made  root:root
116              if  the  process's  "dumpable" attribute is set to a value other
117              than 1.
118
119              Before Linux 4.11, root:root meant the "global" root user ID and
120              group  ID (i.e., UID 0 and GID 0 in the initial user namespace).
121              Since Linux 4.11, if the process is in a noninitial  user  name‐
122              space  that has a valid mapping for user (group) ID 0 inside the
123              namespace, then the user (group) ownership of  the  files  under
124              /proc/[pid] is instead made the same as the root user (group) ID
125              of the namespace.  This means that inside  a  container,  things
126              work as expected for the container "root" user.
127
128              The  process's "dumpable" attribute may change for the following
129              reasons:
130
131              *  The  attribute  was   explicitly   set   via   the   prctl(2)
132                 PR_SET_DUMPABLE operation.
133
134              *  The   attribute   was   reset   to  the  value  in  the  file
135                 /proc/sys/fs/suid_dumpable (described below), for the reasons
136                 described in prctl(2).
137
138              Resetting the "dumpable" attribute to 1 reverts the ownership of
139              the /proc/[pid]/* files to the process's effective UID and  GID.
140              Note,  however, that if the effective UID or GID is subsequently
141              modified, then the "dumpable" attribute may  be  reset,  as  de‐
142              scribed  in  prctl(2).   Therefore, it may be desirable to reset
143              the "dumpable" attribute after making any desired changes to the
144              process's effective UID or GID.
145
146       /proc/[pid]/attr
147              The files in this directory provide an API for security modules.
148              The contents of this directory are files that can  be  read  and
149              written  in  order to set security-related attributes.  This di‐
150              rectory was added to support SELinux, but the intention was that
151              the  API  be  general  enough to support other security modules.
152              For the purpose of explanation, examples  of  how  SELinux  uses
153              these files are provided below.
154
155              This directory is present only if the kernel was configured with
156              CONFIG_SECURITY.
157
158       /proc/[pid]/attr/current (since Linux 2.6.0)
159              The contents of this file represent  the  current  security  at‐
160              tributes of the process.
161
162              In  SELinux,  this file is used to get the security context of a
163              process.  Prior to Linux 2.6.11, this file could not be used  to
164              set  the  security  context  (a  write was always denied), since
165              SELinux limited process security transitions to  execve(2)  (see
166              the  description  of /proc/[pid]/attr/exec, below).  Since Linux
167              2.6.11, SELinux lifted this  restriction  and  began  supporting
168              "set"  operations  via writes to this node if authorized by pol‐
169              icy, although use of this operation is only suitable for  appli‐
170              cations  that are trusted to maintain any desired separation be‐
171              tween the old and new security contexts.
172
173              Prior to Linux 2.6.28, SELinux did not allow  threads  within  a
174              multithreaded  process  to  set  their security context via this
175              node as it would yield an inconsistency among the security  con‐
176              texts of the threads sharing the same memory space.  Since Linux
177              2.6.28, SELinux lifted this  restriction  and  began  supporting
178              "set"  operations  for threads within a multithreaded process if
179              the new security context is bounded by the old security context,
180              where  the  bounded relation is defined in policy and guarantees
181              that the new security context has a subset of the permissions of
182              the old security context.
183
184              Other  security  modules  may choose to support "set" operations
185              via writes to this node.
186
187       /proc/[pid]/attr/exec (since Linux 2.6.0)
188              This file represents the attributes to  assign  to  the  process
189              upon a subsequent execve(2).
190
191              In  SELinux,  this is needed to support role/domain transitions,
192              and execve(2) is the preferred point to  make  such  transitions
193              because  it offers better control over the initialization of the
194              process in the new security label and the inheritance of  state.
195              In SELinux, this attribute is reset on execve(2) so that the new
196              program reverts to the default behavior for any execve(2)  calls
197              that  it  may  make.  In SELinux, a process can set only its own
198              /proc/[pid]/attr/exec attribute.
199
200       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
201              This file represents the attributes to assign to  files  created
202              by  subsequent  calls  to  open(2),  mkdir(2),  symlink(2),  and
203              mknod(2)
204
205              SELinux employs this file to support creation of a  file  (using
206              the  aforementioned  system  calls)  in  a secure state, so that
207              there is no risk of inappropriate access being obtained  between
208              the  time  of creation and the time that attributes are set.  In
209              SELinux, this attribute is reset on execve(2), so that  the  new
210              program  reverts  to  the default behavior for any file creation
211              calls it may make, but the attribute will persist across  multi‐
212              ple file creation calls within a program unless it is explicitly
213              reset.   In  SELinux,  a  process   can   set   only   its   own
214              /proc/[pid]/attr/fscreate attribute.
215
216       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
217              If  a process writes a security context into this file, all sub‐
218              sequently created keys (add_key(2)) will be  labeled  with  this
219              context.   For  further  information, see the kernel source file
220              Documentation/security/keys/core.rst (or file  Documentation/se‐
221              curity/keys.txt  on  Linux  between  3.0 and 4.13, or Documenta‐
222              tion/keys.txt before Linux 3.0).
223
224       /proc/[pid]/attr/prev (since Linux 2.6.0)
225              This file contains the security context of  the  process  before
226              the   last   execve(2);   that   is,   the   previous  value  of
227              /proc/[pid]/attr/current.
228
229       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
230              If a process writes a security context into this file, all  sub‐
231              sequently created sockets will be labeled with this context.
232
233       /proc/[pid]/autogroup (since Linux 2.6.38)
234              See sched(7).
235
236       /proc/[pid]/auxv (since 2.6.0)
237              This  contains  the  contents of the ELF interpreter information
238              passed to the process at exec time.  The format is one  unsigned
239              long  ID  plus one unsigned long value for each entry.  The last
240              entry contains two zeros.  See also getauxval(3).
241
242              Permission to access this file is governed by  a  ptrace  access
243              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
244
245       /proc/[pid]/cgroup (since Linux 2.6.24)
246              See cgroups(7).
247
248       /proc/[pid]/clear_refs (since Linux 2.6.22)
249
250              This  is  a  write-only  file,  writable  only  by  owner of the
251              process.
252
253              The following values may be written to the file:
254
255              1 (since Linux 2.6.22)
256                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
257                     the  pages  associated  with the process.  (Before kernel
258                     2.6.32, writing any nonzero value to this file  had  this
259                     effect.)
260
261              2 (since Linux 2.6.32)
262                     Reset  the  PG_Referenced and ACCESSED/YOUNG bits for all
263                     anonymous pages associated with the process.
264
265              3 (since Linux 2.6.32)
266                     Reset the PG_Referenced and ACCESSED/YOUNG bits  for  all
267                     file-mapped pages associated with the process.
268
269              Clearing  the  PG_Referenced  and ACCESSED/YOUNG bits provides a
270              method to measure approximately how much memory a process is us‐
271              ing.   One  first inspects the values in the "Referenced" fields
272              for the VMAs shown in /proc/[pid]/smaps to get an  idea  of  the
273              memory  footprint of the process.  One then clears the PG_Refer‐
274              enced and ACCESSED/YOUNG bits and, after some measured time  in‐
275              terval,  once  again  inspects  the  values  in the "Referenced"
276              fields to get an idea of the change in memory footprint  of  the
277              process during the measured interval.  If one is interested only
278              in inspecting the selected mapping types, then the value 2 or  3
279              can be used instead of 1.
280
281              Further values can be written to affect different properties:
282
283              4 (since Linux 3.11)
284                     Clear  the  soft-dirty  bit  for all the pages associated
285                     with the process.  This  is  used  (in  conjunction  with
286                     /proc/[pid]/pagemap) by the check-point restore system to
287                     discover which pages of a process have been dirtied since
288                     the file /proc/[pid]/clear_refs was written to.
289
290              5 (since Linux 4.0)
291                     Reset  the  peak resident set size ("high water mark") to
292                     the process's current resident set size value.
293
294              Writing any value to  /proc/[pid]/clear_refs  other  than  those
295              listed above has no effect.
296
297              The  /proc/[pid]/clear_refs  file  is  present  only if the CON‐
298              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
299
300       /proc/[pid]/cmdline
301              This read-only file holds the  complete  command  line  for  the
302              process,  unless  the  process is a zombie.  In the latter case,
303              there is nothing in this file: that is, a read on this file will
304              return  0 characters.  The command-line arguments appear in this
305              file as a set of strings separated by null bytes ('\0'), with  a
306              further null byte after the last string.
307
308              If,  after  an execve(2), the process modifies its argv strings,
309              those changes will show up here.  This is not the same thing  as
310              modifying the argv array.
311
312              Furthermore,  a process may change the memory location that this
313              file refers via prctl(2) operations such as PR_SET_MM_ARG_START.
314
315              Think of this file as the command line that  the  process  wants
316              you to see.
317
318       /proc/[pid]/comm (since Linux 2.6.33)
319              This  file exposes the process's comm value—that is, the command
320              name associated with the process.  Different threads in the same
321              process   may   have   different  comm  values,  accessible  via
322              /proc/[pid]/task/[tid]/comm.   A  thread  may  modify  its  comm
323              value,  or  that of any of other thread in the same thread group
324              (see the discussion of CLONE_THREAD in clone(2)), by writing  to
325              the   file   /proc/self/task/[tid]/comm.   Strings  longer  than
326              TASK_COMM_LEN (16) characters (including  the  terminating  null
327              byte) are silently truncated.
328
329              This  file  provides  a superset of the prctl(2) PR_SET_NAME and
330              PR_GET_NAME operations, and is employed by pthread_setname_np(3)
331              when used to rename threads other than the caller.  The value in
332              this file  is  used  for  the  %e  specifier  in  /proc/sys/ker‐
333              nel/core_pattern; see core(5).
334
335       /proc/[pid]/coredump_filter (since Linux 2.6.23)
336              See core(5).
337
338       /proc/[pid]/cpuset (since Linux 2.6.12)
339              See cpuset(7).
340
341       /proc/[pid]/cwd
342              This  is a symbolic link to the current working directory of the
343              process.  To find out the current working directory  of  process
344              20, for instance, you can do this:
345
346                  $ cd /proc/20/cwd; pwd -P
347
348              In  a  multithreaded process, the contents of this symbolic link
349              are not available if the  main  thread  has  already  terminated
350              (typically by calling pthread_exit(3)).
351
352              Permission  to  dereference  or read (readlink(2)) this symbolic
353              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
354              CREDS check; see ptrace(2).
355
356       /proc/[pid]/environ
357              This file contains the initial environment that was set when the
358              currently executing program was started via execve(2).  The  en‐
359              tries  are  separated  by  null bytes ('\0'), and there may be a
360              null byte at the end.  Thus, to print  out  the  environment  of
361              process 1, you would do:
362
363                  $ cat /proc/1/environ | tr '\000' '\n'
364
365              If,  after  an  execve(2),  the process modifies its environment
366              (e.g., by calling functions such as putenv(3) or  modifying  the
367              environ(7)  variable directly), this file will not reflect those
368              changes.
369
370              Furthermore, a process may change the memory location that  this
371              file refers via prctl(2) operations such as PR_SET_MM_ENV_START.
372
373              Permission  to  access  this file is governed by a ptrace access
374              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
375
376       /proc/[pid]/exe
377              Under Linux 2.2 and later, this file is a symbolic link contain‐
378              ing  the actual pathname of the executed command.  This symbolic
379              link can be dereferenced normally; attempting to  open  it  will
380              open  the  executable.  You can even type /proc/[pid]/exe to run
381              another copy of the same executable that is being run by process
382              [pid].   If  the  pathname  has been unlinked, the symbolic link
383              will contain the string '(deleted)'  appended  to  the  original
384              pathname.  In a multithreaded process, the contents of this sym‐
385              bolic link are not available if the main thread has already ter‐
386              minated (typically by calling pthread_exit(3)).
387
388              Permission  to  dereference  or read (readlink(2)) this symbolic
389              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
390              CREDS check; see ptrace(2).
391
392              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the
393              binary which was executed, and appears as a  symbolic  link.   A
394              readlink(2)  call  on this file under Linux 2.0 returns a string
395              in the format:
396
397                  [device]:inode
398
399              For example, [0301]:1502 would be inode 1502 on device major  03
400              (IDE,  MFM,  etc. drives) minor 01 (first partition on the first
401              drive).
402
403              find(1) with the -inum option can be used to locate the file.
404
405       /proc/[pid]/fd/
406              This is a subdirectory containing one entry for each file  which
407              the process has open, named by its file descriptor, and which is
408              a symbolic link to the actual file.  Thus, 0 is standard  input,
409              1 standard output, 2 standard error, and so on.
410
411              For  file descriptors for pipes and sockets, the entries will be
412              symbolic links whose content is the file type with the inode.  A
413              readlink(2) call on this file returns a string in the format:
414
415                  type:[inode]
416
417              For  example, socket:[2248868] will be a socket and its inode is
418              2248868.  For sockets, that inode can be used to find  more  in‐
419              formation in one of the files under /proc/net/.
420
421              For  file  descriptors  that  have no corresponding inode (e.g.,
422              file   descriptors   produced   by   bpf(2),    epoll_create(2),
423              eventfd(2),  inotify_init(2),  perf_event_open(2),  signalfd(2),
424              timerfd_create(2), and userfaultfd(2)), the entry will be a sym‐
425              bolic link with contents of the form
426
427                  anon_inode:<file-type>
428
429              In  many  cases  (but  not  all), the file-type is surrounded by
430              square brackets.
431
432              For example, an epoll file descriptor will have a symbolic  link
433              whose content is the string anon_inode:[eventpoll].
434
435              In  a  multithreaded process, the contents of this directory are
436              not available if the main thread has already  terminated  (typi‐
437              cally by calling pthread_exit(3)).
438
439              Programs  that  take  a filename as a command-line argument, but
440              don't take input from standard input if no argument is supplied,
441              and  programs that write to a file named as a command-line argu‐
442              ment, but don't send their output to standard output if no argu‐
443              ment is supplied, can nevertheless be made to use standard input
444              or standard output by using /proc/[pid]/fd files as command-line
445              arguments.   For example, assuming that -i is the flag designat‐
446              ing an input file and -o is the flag designating an output file:
447
448                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...
449
450              and you have a working filter.
451
452              /proc/self/fd/N is approximately the same as /dev/fd/N  in  some
453              UNIX and UNIX-like systems.  Most Linux MAKEDEV scripts symboli‐
454              cally link /dev/fd to /proc/self/fd, in fact.
455
456              Most systems provide symbolic links /dev/stdin, /dev/stdout, and
457              /dev/stderr, which respectively link to the files 0, 1, and 2 in
458              /proc/self/fd.  Thus the example command above could be  written
459              as:
460
461                  $ foobar -i /dev/stdin -o /dev/stdout ...
462
463              Permission  to  dereference  or  read (readlink(2)) the symbolic
464              links in this directory is governed  by  a  ptrace  access  mode
465              PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
466
467              Note  that  for  file descriptors referring to inodes (pipes and
468              sockets, see above), those inodes still have permission bits and
469              ownership  information distinct from those of the /proc/[pid]/fd
470              entry, and that the owner may differ from the user and group IDs
471              of the process.  An unprivileged process may lack permissions to
472              open them, as in this example:
473
474                  $ echo test | sudo -u nobody cat
475                  test
476                  $ echo test | sudo -u nobody cat /proc/self/fd/0
477                  cat: /proc/self/fd/0: Permission denied
478
479              File descriptor 0 refers to the pipe created by  the  shell  and
480              owned by that shell's user, which is not nobody, so cat does not
481              have permission to create a new file  descriptor  to  read  from
482              that inode, even though it can still read from its existing file
483              descriptor 0.
484
485       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
486              This is a subdirectory containing one entry for each file  which
487              the  process  has open, named by its file descriptor.  The files
488              in this directory are readable only by the owner of the process.
489              The  contents  of  each  file  can be read to obtain information
490              about the corresponding file descriptor.  The content depends on
491              the  type of file referred to by the corresponding file descrip‐
492              tor.
493
494              For regular files and directories, we see something like:
495
496                  $ cat /proc/12015/fdinfo/4
497                  pos:    1000
498                  flags:  01002002
499                  mnt_id: 21
500
501              The fields are as follows:
502
503              pos    This is a decimal number showing the file offset.
504
505              flags  This is an octal number that  displays  the  file  access
506                     mode  and file status flags (see open(2)).  If the close-
507                     on-exec file descriptor flag is set, then flags will also
508                     include the value O_CLOEXEC.
509
510                     Before  Linux  3.1,  this field incorrectly displayed the
511                     setting of O_CLOEXEC at the time  the  file  was  opened,
512                     rather  than  the  current  setting  of the close-on-exec
513                     flag.
514
515              mnt_id This field, present since Linux 3.15, is the  ID  of  the
516                     mount point containing this file.  See the description of
517                     /proc/[pid]/mountinfo.
518
519              For eventfd file descriptors (see  eventfd(2)),  we  see  (since
520              Linux 3.8) the following fields:
521
522                  pos: 0
523                  flags:    02
524                  mnt_id:   10
525                  eventfd-count:               40
526
527              eventfd-count  is  the  current value of the eventfd counter, in
528              hexadecimal.
529
530              For epoll file descriptors (see epoll(7)), we see  (since  Linux
531              3.8) the following fields:
532
533                  pos: 0
534                  flags:    02
535                  mnt_id:   10
536                  tfd:        9 events:       19 data: 74253d2500000009
537                  tfd:        7 events:       19 data: 74253d2500000007
538
539              Each  of  the  lines beginning tfd describes one of the file de‐
540              scriptors being monitored via the  epoll  file  descriptor  (see
541              epoll_ctl(2)  for some details).  The tfd field is the number of
542              the file descriptor.  The events field is a hexadecimal mask  of
543              the  events  being monitored for this file descriptor.  The data
544              field is the data value associated with this file descriptor.
545
546              For signalfd file descriptors (see signalfd(2)), we  see  (since
547              Linux 3.8) the following fields:
548
549                  pos: 0
550                  flags:    02
551                  mnt_id:   10
552                  sigmask:  0000000000000006
553
554              sigmask is the hexadecimal mask of signals that are accepted via
555              this signalfd file descriptor.  (In this example, bits 2  and  3
556              are  set,  corresponding  to the signals SIGINT and SIGQUIT; see
557              signal(7).)
558
559              For inotify file descriptors (see  inotify(7)),  we  see  (since
560              Linux 3.8) the following fields:
561
562                  pos: 0
563                  flags:    00
564                  mnt_id:   11
565                  inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
566                  inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73
567
568              Each  of the lines beginning with "inotify" displays information
569              about one file or directory that is being monitored.  The fields
570              in this line are as follows:
571
572              wd     A watch descriptor number (in decimal).
573
574              ino    The inode number of the target file (in hexadecimal).
575
576              sdev   The  ID  of  the device where the target file resides (in
577                     hexadecimal).
578
579              mask   The mask of events being monitored for  the  target  file
580                     (in hexadecimal).
581
582              If  the  kernel was built with exportfs support, the path to the
583              target file is exposed as a file handle, via  three  hexadecimal
584              fields: fhandle-bytes, fhandle-type, and f_handle.
585
586              For  fanotify  file descriptors (see fanotify(7)), we see (since
587              Linux 3.8) the following fields:
588
589                  pos: 0
590                  flags:    02
591                  mnt_id:   11
592                  fanotify flags:0 event-flags:88002
593                  fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73
594
595              The fourth line displays information defined when  the  fanotify
596              group was created via fanotify_init(2):
597
598              flags  The  flags  argument given to fanotify_init(2) (expressed
599                     in hexadecimal).
600
601              event-flags
602                     The event_f_flags argument given to fanotify_init(2) (ex‐
603                     pressed in hexadecimal).
604
605              Each  additional  line  shown  in  the file contains information
606              about one of the marks in the fanotify  group.   Most  of  these
607              fields are as for inotify, except:
608
609              mflags The flags associated with the mark (expressed in hexadec‐
610                     imal).
611
612              mask   The events mask for this mark (expressed in hexadecimal).
613
614              ignored_mask
615                     The mask of events that are ignored for  this  mark  (ex‐
616                     pressed in hexadecimal).
617
618              For details on these fields, see fanotify_mark(2).
619
620              For  timerfd  file  descriptors  (see timerfd(2)), we see (since
621              Linux 3.17) the following fields:
622
623                  pos:    0
624                  flags:  02004002
625                  mnt_id: 13
626                  clockid: 0
627                  ticks: 0
628                  settime flags: 03
629                  it_value: (7695568592, 640020877)
630                  it_interval: (0, 0)
631
632              clockid
633                     This is the numeric value of the clock ID  (corresponding
634                     to  one  of  the  CLOCK_* constants defined via <time.h>)
635                     that is used to mark the progress of the timer  (in  this
636                     example, 0 is CLOCK_REALTIME).
637
638              ticks  This  is  the  number  of timer expirations that have oc‐
639                     curred, (i.e., the value that read(2)  on  it  would  re‐
640                     turn).
641
642              settime flags
643                     This  field  lists  the  flags with which the timerfd was
644                     last armed (see timerfd_settime(2)), in  octal  (in  this
645                     example,   both   TFD_TIMER_ABSTIME   and  TFD_TIMER_CAN‐
646                     CEL_ON_SET are set).
647
648              it_value
649                     This field contains the amount of time  until  the  timer
650                     will  next  expire, expressed in seconds and nanoseconds.
651                     This is always expressed as a relative value,  regardless
652                     of  whether the timer was created using the TFD_TIMER_AB‐
653                     STIME flag.
654
655              it_interval
656                     This field contains the interval of the timer, in seconds
657                     and  nanoseconds.   (The  it_value and it_interval fields
658                     contain the values that timerfd_gettime(2) on  this  file
659                     descriptor would return.)
660
661       /proc/[pid]/gid_map (since Linux 3.5)
662              See user_namespaces(7).
663
664       /proc/[pid]/io (since kernel 2.6.20)
665              This file contains I/O statistics for the process, for example:
666
667                  # cat /proc/3828/io
668                  rchar: 323934931
669                  wchar: 323929600
670                  syscr: 632687
671                  syscw: 632675
672                  read_bytes: 0
673                  write_bytes: 323932160
674                  cancelled_write_bytes: 0
675
676              The fields are as follows:
677
678              rchar: characters read
679                     The number of bytes which this task has caused to be read
680                     from storage.  This is simply the sum of bytes which this
681                     process  passed  to read(2) and similar system calls.  It
682                     includes things such as terminal I/O and is unaffected by
683                     whether or not actual physical disk I/O was required (the
684                     read might have been satisfied from pagecache).
685
686              wchar: characters written
687                     The number of bytes which this task has caused, or  shall
688                     cause  to be written to disk.  Similar caveats apply here
689                     as with rchar.
690
691              syscr: read syscalls
692                     Attempt to count the number of read  I/O  operations—that
693                     is, system calls such as read(2) and pread(2).
694
695              syscw: write syscalls
696                     Attempt  to count the number of write I/O operations—that
697                     is, system calls such as write(2) and pwrite(2).
698
699              read_bytes: bytes read
700                     Attempt to count the number of bytes which  this  process
701                     really  did  cause  to be fetched from the storage layer.
702                     This is accurate for block-backed filesystems.
703
704              write_bytes: bytes written
705                     Attempt to count the number of bytes which  this  process
706                     caused to be sent to the storage layer.
707
708              cancelled_write_bytes:
709                     The big inaccuracy here is truncate.  If a process writes
710                     1 MB to a file and then deletes the file, it will in fact
711                     perform  no writeout.  But it will have been accounted as
712                     having caused 1 MB of write.  In other words: this  field
713                     represents  the number of bytes which this process caused
714                     to not happen, by truncating pagecache.  A task can cause
715                     "negative"  I/O  too.   If this task truncates some dirty
716                     pagecache, some I/O which another task has been accounted
717                     for (in its write_bytes) will not be happening.
718
719              Note:  In  the  current implementation, things are a bit racy on
720              32-bit systems: if process A reads  process  B's  /proc/[pid]/io
721              while  process  B  is  updating  one  of  these 64-bit counters,
722              process A could see an intermediate result.
723
724              Permission to access this file is governed by  a  ptrace  access
725              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
726
727       /proc/[pid]/limits (since Linux 2.6.24)
728              This file displays the soft limit, hard limit, and units of mea‐
729              surement for each of the process's resource  limits  (see  getr‐
730              limit(2)).   Up to and including Linux 2.6.35, this file is pro‐
731              tected to allow reading only by the real  UID  of  the  process.
732              Since  Linux  2.6.36,  this file is readable by all users on the
733              system.
734
735       /proc/[pid]/map_files/ (since kernel 3.3)
736              This subdirectory  contains  entries  corresponding  to  memory-
737              mapped  files (see mmap(2)).  Entries are named by memory region
738              start and end address pair (expressed as  hexadecimal  numbers),
739              and  are symbolic links to the mapped files themselves.  Here is
740              an example, with the output wrapped and reformatted to fit on an
741              80-column display:
742
743                  # ls -l /proc/self/map_files/
744                  lr--------. 1 root root 64 Apr 16 21:31
745                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
746                  ...
747
748              Although  these entries are present for memory regions that were
749              mapped with the MAP_FILE flag, the way anonymous  shared  memory
750              (regions created with the MAP_ANON | MAP_SHARED flags) is imple‐
751              mented in Linux means that such regions also appear on this  di‐
752              rectory.   Here  is  an  example  where  the  target file is the
753              deleted /dev/zero one:
754
755                  lrw-------. 1 root root 64 Apr 16 21:33
756                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)
757
758              Permission to access this file is governed by  a  ptrace  access
759              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
760
761              Until  kernel  version  4.3, this directory appeared only if the
762              CONFIG_CHECKPOINT_RESTORE kernel configuration  option  was  en‐
763              abled.
764
765              Capabilities  are  required to read the contents of the symbolic
766              links in this directory: before Linux 5.9, the  reading  process
767              requires  CAP_SYS_ADMIN  in  the  initial  user namespace; since
768              Linux 5.9, the reading process must have either CAP_SYS_ADMIN or
769              CAP_CHECKPOINT_RESTORE in the user namespace where it resides.
770
771       /proc/[pid]/maps
772              A  file containing the currently mapped memory regions and their
773              access permissions.  See mmap(2) for  some  further  information
774              about memory mappings.
775
776              Permission  to  access  this file is governed by a ptrace access
777              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
778
779              The format of the file is:
780
781                  address           perms offset  dev   inode       pathname
782                  00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
783                  00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
784                  00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
785                  00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
786                  00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
787                  ...
788                  35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
789                  35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
790                  35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
791                  35b1a21000-35b1a22000 rw-p 00000000 00:00 0
792                  35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
793                  35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
794                  35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
795                  35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
796                  ...
797                  f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
798                  ...
799                  7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
800                  7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]
801
802              The address field is the address space in the process  that  the
803              mapping occupies.  The perms field is a set of permissions:
804
805                  r = read
806                  w = write
807                  x = execute
808                  s = shared
809                  p = private (copy on write)
810
811              The  offset  field  is the offset into the file/whatever; dev is
812              the device (major:minor); inode is the inode on that device.   0
813              indicates that no inode is associated with the memory region, as
814              would be the case with BSS (uninitialized data).
815
816              The pathname field will usually be the file that is backing  the
817              mapping.  For ELF files, you can easily coordinate with the off‐
818              set field by looking at the Offset  field  in  the  ELF  program
819              headers (readelf -l).
820
821              There are additional helpful pseudo-paths:
822
823              [stack]
824                     The  initial  process's (also known as the main thread's)
825                     stack.
826
827              [stack:<tid>] (from Linux 3.4 to 4.4)
828                     A thread's stack (where the <tid> is a  thread  ID).   It
829                     corresponds  to  the  /proc/[pid]/task/[tid]/ path.  This
830                     field was removed in Linux 4.5, since providing this  in‐
831                     formation  for a process with large numbers of threads is
832                     expensive.
833
834              [vdso] The  virtual  dynamically  linked  shared  object.    See
835                     vdso(7).
836
837              [heap] The process's heap.
838
839              If  the pathname field is blank, this is an anonymous mapping as
840              obtained via mmap(2).  There is no easy way to  coordinate  this
841              back  to a process's source, short of running it through gdb(1),
842              strace(1), or similar.
843
844              pathname is shown unescaped except for newline characters, which
845              are  replaced with an octal escape sequence.  As a result, it is
846              not possible to determine whether  the  original  pathname  con‐
847              tained  a  newline  character  or the literal \012 character se‐
848              quence.
849
850              If the mapping is file-backed and the file has been deleted, the
851              string " (deleted)" is appended to the pathname.  Note that this
852              is ambiguous too.
853
854              Under Linux 2.0, there is no field giving pathname.
855
856       /proc/[pid]/mem
857              This file can be used to access the pages of a process's  memory
858              through open(2), read(2), and lseek(2).
859
860              Permission  to  access  this file is governed by a ptrace access
861              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
862
863       /proc/[pid]/mountinfo (since Linux 2.6.26)
864              This  file  contains  information  about  mount  points  in  the
865              process's  mount  namespace  (see mount_namespaces(7)).  It sup‐
866              plies various information  (e.g.,  propagation  state,  root  of
867              mount for bind mounts, identifier for each mount and its parent)
868              that is missing from the (older)  /proc/[pid]/mounts  file,  and
869              fixes  various  other problems with that file (e.g., nonextensi‐
870              bility, failure to distinguish per-mount  versus  per-superblock
871              options).
872
873              The file contains lines of the form:
874
875              36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
876              (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)
877
878              The  numbers  in parentheses are labels for the descriptions be‐
879              low:
880
881              (1)  mount ID: a unique ID for the mount (may  be  reused  after
882                   umount(2)).
883
884              (2)  parent  ID:  the ID of the parent mount (or of self for the
885                   root of this mount namespace's mount tree).
886
887                   If a new mount is stacked on top  of  a  previous  existing
888                   mount  (so that it hides the existing mount) at pathname P,
889                   then the parent of the new mount is the previous  mount  at
890                   that  location.   Thus,  when  looking  at  all  the mounts
891                   stacked at a particular location, the top-most mount is the
892                   one  that  is not the parent of any other mount at the same
893                   location.  (Note, however, that this top-most mount will be
894                   accessible  only if the longest path subprefix of P that is
895                   a mount point is not itself hidden by a stacked mount.)
896
897                   If the parent mount point lies outside the  process's  root
898                   directory  (see  chroot(2)), the ID shown here won't have a
899                   corresponding record in mountinfo whose mount ID (field  1)
900                   matches this parent mount ID (because mount points that lie
901                   outside the process's  root  directory  are  not  shown  in
902                   mountinfo).  As a special case of this point, the process's
903                   root mount point may have a parent mount (for the initramfs
904                   filesystem) that lies outside the process's root directory,
905                   and an entry for  that  mount  point  will  not  appear  in
906                   mountinfo.
907
908              (3)  major:minor: the value of st_dev for files on this filesys‐
909                   tem (see stat(2)).
910
911              (4)  root: the pathname of the directory in the filesystem which
912                   forms the root of this mount.
913
914              (5)  mount  point:  the  pathname of the mount point relative to
915                   the process's root directory.
916
917              (6)  mount options: per-mount options (see mount(2)).
918
919              (7)  optional  fields:  zero  or  more  fields   of   the   form
920                   "tag[:value]"; see below.
921
922              (8)  separator:  the  end  of the optional fields is marked by a
923                   single hyphen.
924
925              (9)  filesystem  type:  the  filesystem   type   in   the   form
926                   "type[.subtype]".
927
928              (10) mount source: filesystem-specific information or "none".
929
930              (11) super options: per-superblock options (see mount(2)).
931
932              Currently,  the  possible  optional  fields  are shared, master,
933              propagate_from, and unbindable.  See mount_namespaces(7)  for  a
934              description of these fields.  Parsers should ignore all unrecog‐
935              nized optional fields.
936
937              For  more  information  on  mount  propagation  see:  Documenta‐
938              tion/filesystems/sharedsubtree.txt  in  the  Linux kernel source
939              tree.
940
941       /proc/[pid]/mounts (since Linux 2.4.19)
942              This file lists all the filesystems  currently  mounted  in  the
943              process's mount namespace (see mount_namespaces(7)).  The format
944              of this file is documented in fstab(5).
945
946              Since kernel version 2.6.15, this file is pollable: after  open‐
947              ing  the  file  for  reading,  a  change  in  this file (i.e., a
948              filesystem mount or unmount) causes select(2) to mark  the  file
949              descriptor  as  having an exceptional condition, and poll(2) and
950              epoll_wait(2) mark the file as having a  priority  event  (POLL‐
951              PRI).  (Before Linux 2.6.30, a change in this file was indicated
952              by the file descriptor being marked as readable  for  select(2),
953              and  being  marked  as having an error condition for poll(2) and
954              epoll_wait(2).)
955
956       /proc/[pid]/mountstats (since Linux 2.6.17)
957              This file exports information (statistics, configuration  infor‐
958              mation)  about the mount points in the process's mount namespace
959              (see mount_namespaces(7)).  Lines in this file have the form:
960
961                  device /dev/sda7 mounted on /home with fstype ext3 [stats]
962                  (       1      )            ( 2 )             (3 ) (  4  )
963
964              The fields in each line are:
965
966              (1)  The name of the mounted device (or "nodevice" if  there  is
967                   no corresponding device).
968
969              (2)  The mount point within the filesystem tree.
970
971              (3)  The filesystem type.
972
973              (4)  Optional  statistics  and  configuration information.  Cur‐
974                   rently (as at Linux 2.6.26), only  NFS  filesystems  export
975                   information via this field.
976
977              This file is readable only by the owner of the process.
978
979       /proc/[pid]/net (since Linux 2.6.25)
980              See the description of /proc/net.
981
982       /proc/[pid]/ns/ (since Linux 3.0)
983              This  is  a subdirectory containing one entry for each namespace
984              that supports being manipulated by setns(2).  For more  informa‐
985              tion, see namespaces(7).
986
987       /proc/[pid]/numa_maps (since Linux 2.6.14)
988              See numa(7).
989
990       /proc/[pid]/oom_adj (since Linux 2.6.11)
991              This  file  can be used to adjust the score used to select which
992              process should be killed in an  out-of-memory  (OOM)  situation.
993              The  kernel  uses  this  value  for a bit-shift operation of the
994              process's oom_score value: valid values are in the range -16  to
995              +15,  plus the special value -17, which disables OOM-killing al‐
996              together for this process.  A positive score increases the like‐
997              lihood  of  this process being killed by the OOM-killer; a nega‐
998              tive score decreases the likelihood.
999
1000              The default value for this file is 0; a new process inherits its
1001              parent's   oom_adj   setting.   A  process  must  be  privileged
1002              (CAP_SYS_RESOURCE) to update this file.
1003
1004              Since Linux 2.6.36, use of this file is deprecated in  favor  of
1005              /proc/[pid]/oom_score_adj.
1006
1007       /proc/[pid]/oom_score (since Linux 2.6.11)
1008              This  file  displays  the current score that the kernel gives to
1009              this process for the purpose of selecting a process for the OOM-
1010              killer.  A higher score means that the process is more likely to
1011              be selected by the OOM-killer.  The basis for this score is  the
1012              amount  of memory used by the process, with increases (+) or de‐
1013              creases (-) for factors including:
1014
1015              * whether the process is privileged (-).
1016
1017              Before kernel 2.6.36 the following factors were also used in the
1018              calculation of oom_score:
1019
1020              * whether  the  process  creates a lot of children using fork(2)
1021                (+);
1022
1023              * whether the process has been running a long time, or has  used
1024                a lot of CPU time (-);
1025
1026              * whether the process has a low nice value (i.e., > 0) (+); and
1027
1028              * whether the process is making direct hardware access (-).
1029
1030              The  oom_score  also  reflects  the  adjustment specified by the
1031              oom_score_adj or oom_adj setting for the process.
1032
1033       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
1034              This file can be used to adjust the badness  heuristic  used  to
1035              select which process gets killed in out-of-memory conditions.
1036
1037              The  badness  heuristic  assigns  a value to each candidate task
1038              ranging from 0 (never kill) to 1000 (always kill)  to  determine
1039              which  process  is targeted.  The units are roughly a proportion
1040              along that range of allowed  memory  the  process  may  allocate
1041              from, based on an estimation of its current memory and swap use.
1042              For example, if a task is using all allowed memory, its  badness
1043              score  will be 1000.  If it is using half of its allowed memory,
1044              its score will be 500.
1045
1046              There is an additional factor included  in  the  badness  score:
1047              root processes are given 3% extra memory over other tasks.
1048
1049              The  amount  of "allowed" memory depends on the context in which
1050              the OOM-killer was called.  If it is due to the memory  assigned
1051              to  the  allocating  task's  cpuset being exhausted, the allowed
1052              memory represents the set of mems assigned to that  cpuset  (see
1053              cpuset(7)).   If  it  is  due to a mempolicy's node(s) being ex‐
1054              hausted, the allowed memory  represents  the  set  of  mempolicy
1055              nodes.   If  it  is  due to a memory limit (or swap limit) being
1056              reached, the allowed memory is that configured limit.   Finally,
1057              if  it  is due to the entire system being out of memory, the al‐
1058              lowed memory represents all allocatable resources.
1059
1060              The value of oom_score_adj is added to the badness score  before
1061              it  is  used to determine which task to kill.  Acceptable values
1062              range    from     -1000     (OOM_SCORE_ADJ_MIN)     to     +1000
1063              (OOM_SCORE_ADJ_MAX).   This  allows  user  space  to control the
1064              preference for OOM-killing, ranging  from  always  preferring  a
1065              certain  task  or completely disabling it from OOM killing.  The
1066              lowest possible value, -1000, is equivalent  to  disabling  OOM-
1067              killing  entirely  for  that task, since it will always report a
1068              badness score of 0.
1069
1070              Consequently, it is very simple for user  space  to  define  the
1071              amount  of  memory  to  consider  for  each  task.   Setting  an
1072              oom_score_adj value of +500, for example, is roughly  equivalent
1073              to  allowing  the  remainder  of  tasks sharing the same system,
1074              cpuset, mempolicy, or memory  controller  resources  to  use  at
1075              least  50%  more  memory.   A  value of -500, on the other hand,
1076              would be roughly equivalent to discounting 50% of the task's al‐
1077              lowed memory from being considered as scoring against the task.
1078
1079              For    backward    compatibility    with    previous    kernels,
1080              /proc/[pid]/oom_adj can still be used to tune the badness score.
1081              Its value is scaled linearly with oom_score_adj.
1082
1083              Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will
1084              change the other with its scaled value.
1085
1086              The choom(1) program provides a command-line interface  for  ad‐
1087              justing  the oom_score_adj value of a running process or a newly
1088              executed command.
1089
1090       /proc/[pid]/pagemap (since Linux 2.6.25)
1091              This file shows the mapping of each  of  the  process's  virtual
1092              pages  into  physical page frames or swap area.  It contains one
1093              64-bit value for each virtual page, with the bits  set  as  fol‐
1094              lows:
1095
1096              63     If set, the page is present in RAM.
1097
1098              62     If set, the page is in swap space
1099
1100              61 (since Linux 3.5)
1101                     The  page  is  a  file-mapped  page or a shared anonymous
1102                     page.
1103
1104              60–57 (since Linux 3.11)
1105                     Zero
1106
1107              56 (since Linux 4.2)
1108                     The page is exclusively mapped.
1109
1110              55 (since Linux 3.11)
1111                     PTE is soft-dirty (see the kernel source file  Documenta‐
1112                     tion/admin-guide/mm/soft-dirty.rst).
1113
1114              54–0   If  the  page is present in RAM (bit 63), then these bits
1115                     provide the page frame number, which can be used to index
1116                     /proc/kpageflags  and  /proc/kpagecount.   If the page is
1117                     present in swap (bit 62), then bits  4–0  give  the  swap
1118                     type, and bits 54–5 encode the swap offset.
1119
1120              Before Linux 3.11, bits 60–55 were used to encode the base-2 log
1121              of the page size.
1122
1123              To employ /proc/[pid]/pagemap efficiently, use  /proc/[pid]/maps
1124              to  determine which areas of memory are actually mapped and seek
1125              to skip over unmapped regions.
1126
1127              The  /proc/[pid]/pagemap  file  is  present  only  if  the  CON‐
1128              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1129
1130              Permission  to  access  this file is governed by a ptrace access
1131              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1132
1133       /proc/[pid]/personality (since Linux 2.6.28)
1134              This read-only file exposes the process's execution  domain,  as
1135              set  by  personality(2).   The value is displayed in hexadecimal
1136              notation.
1137
1138              Permission to access this file is governed by  a  ptrace  access
1139              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1140
1141       /proc/[pid]/root
1142              UNIX  and  Linux  support  the idea of a per-process root of the
1143              filesystem, set by the chroot(2) system call.  This  file  is  a
1144              symbolic  link  that points to the process's root directory, and
1145              behaves in the same way as exe, and fd/*.
1146
1147              Note however that this file is not merely a symbolic  link.   It
1148              provides  the  same view of the filesystem (including namespaces
1149              and the set of per-process mounts) as the  process  itself.   An
1150              example  illustrates  this  point.   In one terminal, we start a
1151              shell in new user and mount namespaces, and  in  that  shell  we
1152              create some new mount points:
1153
1154                  $ PS1='sh1# ' unshare -Urnm
1155                  sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
1156                  sh1# mount --bind /usr /dev     # Mount /usr at /dev
1157                  sh1# echo $$
1158                  27123
1159
1160              In  a second terminal window, in the initial mount namespace, we
1161              look at the contents of the corresponding mounts in the  initial
1162              and new namespaces:
1163
1164                  $ PS1='sh2# ' sudo sh
1165                  sh2# ls /etc | wc -l                  # In initial NS
1166                  309
1167                  sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
1168                  0                                     # The empty tmpfs dir
1169                  sh2# ls /dev | wc -l                  # In initial NS
1170                  205
1171                  sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
1172                  11                                    # Actually bind
1173                                                        # mounted to /usr
1174                  sh2# ls /usr | wc -l                  # /usr in initial NS
1175                  11
1176
1177              In a multithreaded process, the contents of the /proc/[pid]/root
1178              symbolic link are not available if the main thread  has  already
1179              terminated (typically by calling pthread_exit(3)).
1180
1181              Permission  to  dereference  or read (readlink(2)) this symbolic
1182              link is governed by a ptrace  access  mode  PTRACE_MODE_READ_FS‐
1183              CREDS check; see ptrace(2).
1184
1185       /proc/[pid]/seccomp (Linux 2.6.12 to 2.6.22)
1186              This  file  can  be used to read and change the process's secure
1187              computing (seccomp) mode setting.  It contains the  value  0  if
1188              the  process  is not in seccomp mode, and 1 if the process is in
1189              strict seccomp mode (see seccomp(2)).  Writing 1  to  this  file
1190              places  the  process irreversibly in strict seccomp mode.  (Fur‐
1191              ther attempts to write to the file fail with the EPERM error.)
1192
1193              In Linux 2.6.23, this file went away,  to  be  replaced  by  the
1194              prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP operations (and later
1195              by seccomp(2) and the Seccomp field in /proc/[pid]/status).
1196
1197       /proc/[pid]/setgroups (since Linux 3.19)
1198              See user_namespaces(7).
1199
1200       /proc/[pid]/smaps (since Linux 2.6.14)
1201              This file shows memory consumption for  each  of  the  process's
1202              mappings.  (The pmap(1) command displays similar information, in
1203              a form that may be easier for parsing.)  For each mapping  there
1204              is a series of lines such as the following:
1205
1206                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
1207                  Size:                552 kB
1208                  Rss:                 460 kB
1209                  Pss:                 100 kB
1210                  Shared_Clean:        452 kB
1211                  Shared_Dirty:          0 kB
1212                  Private_Clean:         8 kB
1213                  Private_Dirty:         0 kB
1214                  Referenced:          460 kB
1215                  Anonymous:             0 kB
1216                  AnonHugePages:         0 kB
1217                  ShmemHugePages:        0 kB
1218                  ShmemPmdMapped:        0 kB
1219                  Swap:                  0 kB
1220                  KernelPageSize:        4 kB
1221                  MMUPageSize:           4 kB
1222                  KernelPageSize:        4 kB
1223                  MMUPageSize:           4 kB
1224                  Locked:                0 kB
1225                  ProtectionKey:         0
1226                  VmFlags: rd ex mr mw me dw
1227
1228              The  first  of these lines shows the same information as is dis‐
1229              played for the mapping in /proc/[pid]/maps.  The following lines
1230              show  the size of the mapping, the amount of the mapping that is
1231              currently resident in RAM ("Rss"),  the  process's  proportional
1232              share  of  this  mapping  ("Pss"), the number of clean and dirty
1233              shared pages in the mapping, and the number of clean  and  dirty
1234              private pages in the mapping.  "Referenced" indicates the amount
1235              of memory currently marked as referenced or  accessed.   "Anony‐
1236              mous"  shows  the  amount  of memory that does not belong to any
1237              file.  "Swap" shows how much would-be-anonymous memory  is  also
1238              used, but out on swap.
1239
1240              The  "KernelPageSize" line (available since Linux 2.6.29) is the
1241              page size used by the kernel to back the  virtual  memory  area.
1242              This  matches the size used by the MMU in the majority of cases.
1243              However, one counter-example occurs on PPC64 kernels  whereby  a
1244              kernel  using 64 kB as a base page size may still use 4 kB pages
1245              for the MMU on older processors.  To  distinguish  the  two  at‐
1246              tributes,  the  "MMUPageSize"  line  (also available since Linux
1247              2.6.29) reports the page size used by the MMU.
1248
1249              The "Locked" indicates whether the mapping is locked  in  memory
1250              or not.
1251
1252              The  "ProtectionKey"  line  (available  since  Linux 4.9, on x86
1253              only) contains the memory protection key (see pkeys(7))  associ‐
1254              ated  with  the virtual memory area.  This entry is present only
1255              if the kernel was built with the CONFIG_X86_INTEL_MEMORY_PROTEC‐
1256              TION_KEYS configuration option (since Linux 4.6).
1257
1258              The  "VmFlags"  line  (available since Linux 3.8) represents the
1259              kernel flags associated with the virtual  memory  area,  encoded
1260              using the following two-letter codes:
1261
1262                  rd  - readable
1263                  wr  - writable
1264                  ex  - executable
1265                  sh  - shared
1266                  mr  - may read
1267                  mw  - may write
1268                  me  - may execute
1269                  ms  - may share
1270                  gd  - stack segment grows down
1271                  pf  - pure PFN range
1272                  dw  - disabled write to the mapped file
1273                  lo  - pages are locked in memory
1274                  io  - memory mapped I/O area
1275                  sr  - sequential read advise provided
1276                  rr  - random read advise provided
1277                  dc  - do not copy area on fork
1278                  de  - do not expand area on remapping
1279                  ac  - area is accountable
1280                  nr  - swap space is not reserved for the area
1281                  ht  - area uses huge tlb pages
1282                  sf  - perform synchronous page faults (since Linux 4.15)
1283                  nl  - non-linear mapping (removed in Linux 4.0)
1284                  ar  - architecture specific flag
1285                  wf  - wipe on fork (since Linux 4.14)
1286                  dd  - do not include area into core dump
1287                  sd  - soft-dirty flag (since Linux 3.13)
1288                  mm  - mixed map area
1289                  hg  - huge page advise flag
1290                  nh  - no-huge page advise flag
1291                  mg  - mergeable advise flag
1292                  um  - userfaultfd missing pages tracking (since Linux 4.3)
1293                  uw  - userfaultfd wprotect pages tracking (since Linux 4.3)
1294
1295              The   /proc/[pid]/smaps   file  is  present  only  if  the  CON‐
1296              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
1297
1298       /proc/[pid]/stack (since Linux 2.6.29)
1299              This file provides a symbolic trace of  the  function  calls  in
1300              this  process's kernel stack.  This file is provided only if the
1301              kernel was built with the  CONFIG_STACKTRACE  configuration  op‐
1302              tion.
1303
1304              Permission  to  access  this file is governed by a ptrace access
1305              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1306
1307       /proc/[pid]/stat
1308              Status information about the process.  This is  used  by  ps(1).
1309              It is defined in the kernel source file fs/proc/array.c.
1310
1311              The  fields,  in order, with their proper scanf(3) format speci‐
1312              fiers, are listed below.  Whether or not certain of these fields
1313              display  valid  information  is governed by a ptrace access mode
1314              PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT check  (refer  to
1315              ptrace(2)).  If the check denies access, then the field value is
1316              displayed as 0.  The affected  fields  are  indicated  with  the
1317              marking [PT].
1318
1319              (1) pid  %d
1320                     The process ID.
1321
1322              (2) comm  %s
1323                     The  filename of the executable, in parentheses.  Strings
1324                     longer than TASK_COMM_LEN (16) characters (including  the
1325                     terminating  null  byte) are silently truncated.  This is
1326                     visible whether or not the executable is swapped out.
1327
1328              (3) state  %c
1329                     One  of  the  following  characters,  indicating  process
1330                     state:
1331
1332                     R  Running
1333
1334                     S  Sleeping in an interruptible wait
1335
1336                     D  Waiting in uninterruptible disk sleep
1337
1338                     Z  Zombie
1339
1340                     T  Stopped  (on  a signal) or (before Linux 2.6.33) trace
1341                        stopped
1342
1343                     t  Tracing stop (Linux 2.6.33 onward)
1344
1345                     W  Paging (only before Linux 2.6.0)
1346
1347                     X  Dead (from Linux 2.6.0 onward)
1348
1349                     x  Dead (Linux 2.6.33 to 3.13 only)
1350
1351                     K  Wakekill (Linux 2.6.33 to 3.13 only)
1352
1353                     W  Waking (Linux 2.6.33 to 3.13 only)
1354
1355                     P  Parked (Linux 3.9 to 3.13 only)
1356
1357              (4) ppid  %d
1358                     The PID of the parent of this process.
1359
1360              (5) pgrp  %d
1361                     The process group ID of the process.
1362
1363              (6) session  %d
1364                     The session ID of the process.
1365
1366              (7) tty_nr  %d
1367                     The controlling terminal of the process.  (The minor  de‐
1368                     vice number is contained in the combination of bits 31 to
1369                     20 and 7 to 0; the major device number is in bits  15  to
1370                     8.)
1371
1372              (8) tpgid  %d
1373                     The ID of the foreground process group of the controlling
1374                     terminal of the process.
1375
1376              (9) flags  %u
1377                     The kernel flags word of the process.  For bit  meanings,
1378                     see  the PF_* defines in the Linux kernel source file in‐
1379                     clude/linux/sched.h.  Details depend on the  kernel  ver‐
1380                     sion.
1381
1382                     The format for this field was %lu before Linux 2.6.
1383
1384              (10) minflt  %lu
1385                     The  number  of  minor  faults the process has made which
1386                     have not required loading a memory page from disk.
1387
1388              (11) cminflt  %lu
1389                     The number of minor faults that the process's  waited-for
1390                     children have made.
1391
1392              (12) majflt  %lu
1393                     The  number  of  major  faults the process has made which
1394                     have required loading a memory page from disk.
1395
1396              (13) cmajflt  %lu
1397                     The number of major faults that the process's  waited-for
1398                     children have made.
1399
1400              (14) utime  %lu
1401                     Amount  of  time  that this process has been scheduled in
1402                     user  mode,  measured   in   clock   ticks   (divide   by
1403                     sysconf(_SC_CLK_TCK)).    This   includes   guest   time,
1404                     guest_time (time spent running a virtual CPU, see below),
1405                     so that applications that are not aware of the guest time
1406                     field do not lose that time from their calculations.
1407
1408              (15) stime  %lu
1409                     Amount of time that this process has  been  scheduled  in
1410                     kernel   mode,   measured   in  clock  ticks  (divide  by
1411                     sysconf(_SC_CLK_TCK)).
1412
1413              (16) cutime  %ld
1414                     Amount of time that this  process's  waited-for  children
1415                     have been scheduled in user mode, measured in clock ticks
1416                     (divide by sysconf(_SC_CLK_TCK)).  (See  also  times(2).)
1417                     This includes guest time, cguest_time (time spent running
1418                     a virtual CPU, see below).
1419
1420              (17) cstime  %ld
1421                     Amount of time that this  process's  waited-for  children
1422                     have  been  scheduled  in  kernel mode, measured in clock
1423                     ticks (divide by sysconf(_SC_CLK_TCK)).
1424
1425              (18) priority  %ld
1426                     (Explanation for Linux 2.6) For processes running a real-
1427                     time scheduling policy (policy below; see sched_setsched‐
1428                     uler(2)), this is the negated scheduling priority,  minus
1429                     one;  that  is,  a number in the range -2 to -100, corre‐
1430                     sponding to real-time priorities 1 to 99.  For  processes
1431                     running  under a non-real-time scheduling policy, this is
1432                     the raw nice value (setpriority(2)) as represented in the
1433                     kernel.   The kernel stores nice values as numbers in the
1434                     range 0 (high) to 39 (low), corresponding  to  the  user-
1435                     visible nice range of -20 to 19.
1436
1437                     Before  Linux  2.6,  this was a scaled value based on the
1438                     scheduler weighting given to this process.
1439
1440              (19) nice  %ld
1441                     The nice value (see setpriority(2)), a value in the range
1442                     19 (low priority) to -20 (high priority).
1443
1444              (20) num_threads  %ld
1445                     Number of threads in this process (since Linux 2.6).  Be‐
1446                     fore kernel 2.6, this field was hard  coded  to  0  as  a
1447                     placeholder for an earlier removed field.
1448
1449              (21) itrealvalue  %ld
1450                     The  time  in  jiffies before the next SIGALRM is sent to
1451                     the process due  to  an  interval  timer.   Since  kernel
1452                     2.6.17,  this  field is no longer maintained, and is hard
1453                     coded as 0.
1454
1455              (22) starttime  %llu
1456                     The time the process started after system boot.  In  ker‐
1457                     nels  before  Linux  2.6,  this  value  was  expressed in
1458                     jiffies.  Since Linux 2.6,  the  value  is  expressed  in
1459                     clock ticks (divide by sysconf(_SC_CLK_TCK)).
1460
1461                     The format for this field was %lu before Linux 2.6.
1462
1463              (23) vsize  %lu
1464                     Virtual memory size in bytes.
1465
1466              (24) rss  %ld
1467                     Resident  Set  Size:  number  of pages the process has in
1468                     real memory.  This is just the pages which  count  toward
1469                     text,  data, or stack space.  This does not include pages
1470                     which have  not  been  demand-loaded  in,  or  which  are
1471                     swapped    out.     This   value   is   inaccurate;   see
1472                     /proc/[pid]/statm below.
1473
1474              (25) rsslim  %lu
1475                     Current soft limit in bytes on the rss  of  the  process;
1476                     see the description of RLIMIT_RSS in getrlimit(2).
1477
1478              (26) startcode  %lu  [PT]
1479                     The address above which program text can run.
1480
1481              (27) endcode  %lu  [PT]
1482                     The address below which program text can run.
1483
1484              (28) startstack  %lu  [PT]
1485                     The address of the start (i.e., bottom) of the stack.
1486
1487              (29) kstkesp  %lu  [PT]
1488                     The current value of ESP (stack pointer), as found in the
1489                     kernel stack page for the process.
1490
1491              (30) kstkeip  %lu  [PT]
1492                     The current EIP (instruction pointer).
1493
1494              (31) signal  %lu
1495                     The bitmap of pending signals,  displayed  as  a  decimal
1496                     number.   Obsolete,  because it does not provide informa‐
1497                     tion on real-time  signals;  use  /proc/[pid]/status  in‐
1498                     stead.
1499
1500              (32) blocked  %lu
1501                     The  bitmap  of  blocked  signals, displayed as a decimal
1502                     number.  Obsolete, because it does not  provide  informa‐
1503                     tion  on  real-time  signals;  use /proc/[pid]/status in‐
1504                     stead.
1505
1506              (33) sigignore  %lu
1507                     The bitmap of ignored signals,  displayed  as  a  decimal
1508                     number.   Obsolete,  because it does not provide informa‐
1509                     tion on real-time  signals;  use  /proc/[pid]/status  in‐
1510                     stead.
1511
1512              (34) sigcatch  %lu
1513                     The bitmap of caught signals, displayed as a decimal num‐
1514                     ber.  Obsolete, because it does not  provide  information
1515                     on real-time signals; use /proc/[pid]/status instead.
1516
1517              (35) wchan  %lu  [PT]
1518                     This  is  the  "channel" in which the process is waiting.
1519                     It is the address of a location in the kernel  where  the
1520                     process is sleeping.  The corresponding symbolic name can
1521                     be found in /proc/[pid]/wchan.
1522
1523              (36) nswap  %lu
1524                     Number of pages swapped (not maintained).
1525
1526              (37) cnswap  %lu
1527                     Cumulative nswap for child processes (not maintained).
1528
1529              (38) exit_signal  %d  (since Linux 2.1.22)
1530                     Signal to be sent to parent when we die.
1531
1532              (39) processor  %d  (since Linux 2.2.8)
1533                     CPU number last executed on.
1534
1535              (40) rt_priority  %u  (since Linux 2.5.19)
1536                     Real-time scheduling priority, a number in the range 1 to
1537                     99  for  processes scheduled under a real-time policy, or
1538                     0,  for  non-real-time  processes  (see   sched_setsched‐
1539                     uler(2)).
1540
1541              (41) policy  %u  (since Linux 2.5.19)
1542                     Scheduling  policy  (see  sched_setscheduler(2)).  Decode
1543                     using the SCHED_* constants in linux/sched.h.
1544
1545                     The format for this field was %lu before Linux 2.6.22.
1546
1547              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
1548                     Aggregated block I/O  delays,  measured  in  clock  ticks
1549                     (centiseconds).
1550
1551              (43) guest_time  %lu  (since Linux 2.6.24)
1552                     Guest  time  of the process (time spent running a virtual
1553                     CPU for a guest  operating  system),  measured  in  clock
1554                     ticks (divide by sysconf(_SC_CLK_TCK)).
1555
1556              (44) cguest_time  %ld  (since Linux 2.6.24)
1557                     Guest  time  of the process's children, measured in clock
1558                     ticks (divide by sysconf(_SC_CLK_TCK)).
1559
1560              (45) start_data  %lu  (since Linux 3.3)  [PT]
1561                     Address above which program initialized and uninitialized
1562                     (BSS) data are placed.
1563
1564              (46) end_data  %lu  (since Linux 3.3)  [PT]
1565                     Address below which program initialized and uninitialized
1566                     (BSS) data are placed.
1567
1568              (47) start_brk  %lu  (since Linux 3.3)  [PT]
1569                     Address above which program heap  can  be  expanded  with
1570                     brk(2).
1571
1572              (48) arg_start  %lu  (since Linux 3.5)  [PT]
1573                     Address above which program command-line arguments (argv)
1574                     are placed.
1575
1576              (49) arg_end  %lu  (since Linux 3.5)  [PT]
1577                     Address below program command-line arguments  (argv)  are
1578                     placed.
1579
1580              (50) env_start  %lu  (since Linux 3.5)  [PT]
1581                     Address above which program environment is placed.
1582
1583              (51) env_end  %lu  (since Linux 3.5)  [PT]
1584                     Address below which program environment is placed.
1585
1586              (52) exit_code  %d  (since Linux 3.5)  [PT]
1587                     The  thread's  exit  status in the form reported by wait‐
1588                     pid(2).
1589
1590       /proc/[pid]/statm
1591              Provides information about memory usage, measured in pages.  The
1592              columns are:
1593
1594                  size       (1) total program size
1595                             (same as VmSize in /proc/[pid]/status)
1596                  resident   (2) resident set size
1597                             (inaccurate; same as VmRSS in /proc/[pid]/status)
1598                  shared     (3) number of resident shared pages
1599                             (i.e., backed by a file)
1600                             (inaccurate; same as RssFile+RssShmem in
1601                             /proc/[pid]/status)
1602                  text       (4) text (code)
1603                  lib        (5) library (unused since Linux 2.6; always 0)
1604                  data       (6) data + stack
1605                  dt         (7) dirty pages (unused since Linux 2.6; always 0)
1606
1607              Some of these values are inaccurate because of a kernel-internal
1608              scalability optimization.  If accurate values are required,  use
1609              /proc/[pid]/smaps or /proc/[pid]/smaps_rollup instead, which are
1610              much slower but provide accurate, detailed information.
1611
1612       /proc/[pid]/status
1613              Provides  much  of  the  information  in  /proc/[pid]/stat   and
1614              /proc/[pid]/statm in a format that's easier for humans to parse.
1615              Here's an example:
1616
1617                  $ cat /proc/$$/status
1618                  Name:   bash
1619                  Umask:  0022
1620                  State:  S (sleeping)
1621                  Tgid:   17248
1622                  Ngid:   0
1623                  Pid:    17248
1624                  PPid:   17200
1625                  TracerPid:      0
1626                  Uid:    1000    1000    1000    1000
1627                  Gid:    100     100     100     100
1628                  FDSize: 256
1629                  Groups: 16 33 100
1630                  NStgid: 17248
1631                  NSpid:  17248
1632                  NSpgid: 17248
1633                  NSsid:  17200
1634                  VmPeak:     131168 kB
1635                  VmSize:     131168 kB
1636                  VmLck:           0 kB
1637                  VmPin:           0 kB
1638                  VmHWM:       13484 kB
1639                  VmRSS:       13484 kB
1640                  RssAnon:     10264 kB
1641                  RssFile:      3220 kB
1642                  RssShmem:        0 kB
1643                  VmData:      10332 kB
1644                  VmStk:         136 kB
1645                  VmExe:         992 kB
1646                  VmLib:        2104 kB
1647                  VmPTE:          76 kB
1648                  VmPMD:          12 kB
1649                  VmSwap:          0 kB
1650                  HugetlbPages:          0 kB        # 4.4
1651                  CoreDumping:   0                       # 4.15
1652                  Threads:        1
1653                  SigQ:   0/3067
1654                  SigPnd: 0000000000000000
1655                  ShdPnd: 0000000000000000
1656                  SigBlk: 0000000000010000
1657                  SigIgn: 0000000000384004
1658                  SigCgt: 000000004b813efb
1659                  CapInh: 0000000000000000
1660                  CapPrm: 0000000000000000
1661                  CapEff: 0000000000000000
1662                  CapBnd: ffffffffffffffff
1663                  CapAmb:   0000000000000000
1664                  NoNewPrivs:     0
1665                  Seccomp:        0
1666                  Speculation_Store_Bypass:       vulnerable
1667                  Cpus_allowed:   00000001
1668                  Cpus_allowed_list:      0
1669                  Mems_allowed:   1
1670                  Mems_allowed_list:      0
1671                  voluntary_ctxt_switches:        150
1672                  nonvoluntary_ctxt_switches:     545
1673
1674              The fields are as follows:
1675
1676              Name   Command  run  by  this  process.   Strings  longer   than
1677                     TASK_COMM_LEN  (16) characters (including the terminating
1678                     null byte) are silently truncated.
1679
1680              Umask  Process umask, expressed in octal with  a  leading  zero;
1681                     see umask(2).  (Since Linux 4.7.)
1682
1683              State  Current  state  of the process.  One of "R (running)", "S
1684                     (sleeping)", "D (disk sleep)", "T (stopped)", "t (tracing
1685                     stop)", "Z (zombie)", or "X (dead)".
1686
1687              Tgid   Thread group ID (i.e., Process ID).
1688
1689              Ngid   NUMA group ID (0 if none; since Linux 3.13).
1690
1691              Pid    Thread ID (see gettid(2)).
1692
1693              PPid   PID of parent process.
1694
1695              TracerPid
1696                     PID  of  process  tracing  this  process  (0 if not being
1697                     traced).
1698
1699              Uid, Gid
1700                     Real, effective, saved set, and filesystem UIDs (GIDs).
1701
1702              FDSize Number of file descriptor slots currently allocated.
1703
1704              Groups Supplementary group list.
1705
1706              NStgid Thread group ID (i.e., PID) in each of the PID namespaces
1707                     of which [pid] is a member.  The leftmost entry shows the
1708                     value with respect to the PID namespace  of  the  process
1709                     that  mounted  this  procfs  (or  the  root  namespace if
1710                     mounted by the kernel), followed by the value in  succes‐
1711                     sively nested inner namespaces.  (Since Linux 4.1.)
1712
1713              NSpid  Thread ID in each of the PID namespaces of which [pid] is
1714                     a member.  The fields are ordered as for NStgid.   (Since
1715                     Linux 4.1.)
1716
1717              NSpgid Process  group  ID in each of the PID namespaces of which
1718                     [pid] is a member.  The fields are ordered as for NStgid.
1719                     (Since Linux 4.1.)
1720
1721              NSsid  descendant  namespace  session ID hierarchy Session ID in
1722                     each of the PID namespaces of which [pid]  is  a  member.
1723                     The fields are ordered as for NStgid.  (Since Linux 4.1.)
1724
1725              VmPeak Peak virtual memory size.
1726
1727              VmSize Virtual memory size.
1728
1729              VmLck  Locked memory size (see mlock(2)).
1730
1731              VmPin  Pinned  memory  size  (since Linux 3.2).  These are pages
1732                     that can't be moved because something needs  to  directly
1733                     access physical memory.
1734
1735              VmHWM  Peak  resident  set size ("high water mark").  This value
1736                     is inaccurate; see /proc/[pid]/statm above.
1737
1738              VmRSS  Resident set size.  Note that the value here is  the  sum
1739                     of RssAnon, RssFile, and RssShmem.  This value is inaccu‐
1740                     rate; see /proc/[pid]/statm above.
1741
1742              RssAnon
1743                     Size of resident anonymous memory.   (since  Linux  4.5).
1744                     This value is inaccurate; see /proc/[pid]/statm above.
1745
1746              RssFile
1747                     Size of resident file mappings.  (since Linux 4.5).  This
1748                     value is inaccurate; see /proc/[pid]/statm above.
1749
1750              RssShmem
1751                     Size of resident shared memory (includes System V  shared
1752                     memory, mappings from tmpfs(5), and shared anonymous map‐
1753                     pings).  (since Linux 4.5).
1754
1755              VmData, VmStk, VmExe
1756                     Size of data, stack, and text segments.   This  value  is
1757                     inaccurate; see /proc/[pid]/statm above.
1758
1759              VmLib  Shared library code size.
1760
1761              VmPTE  Page table entries size (since Linux 2.6.10).
1762
1763              VmPMD  Size of second-level page tables (added in Linux 4.0; re‐
1764                     moved in Linux 4.15).
1765
1766              VmSwap Swapped-out virtual  memory  size  by  anonymous  private
1767                     pages;  shmem  swap  usage  is  not included (since Linux
1768                     2.6.34).  This value is inaccurate; see /proc/[pid]/statm
1769                     above.
1770
1771              HugetlbPages
1772                     Size of hugetlb memory portions (since Linux 4.4).
1773
1774              CoreDumping
1775                     Contains  the value 1 if the process is currently dumping
1776                     core, and 0 if it is not (since Linux 4.15).  This infor‐
1777                     mation  can  be  used  by  a  monitoring process to avoid
1778                     killing a process that is currently dumping  core,  which
1779                     could result in a corrupted core dump file.
1780
1781              Threads
1782                     Number of threads in process containing this thread.
1783
1784              SigQ   This  field contains two slash-separated numbers that re‐
1785                     late to queued signals for  the  real  user  ID  of  this
1786                     process.   The  first of these is the number of currently
1787                     queued signals for this real user ID, and the  second  is
1788                     the  resource  limit  on the number of queued signals for
1789                     this process (see the description of RLIMIT_SIGPENDING in
1790                     getrlimit(2)).
1791
1792              SigPnd, ShdPnd
1793                     Mask  (expressed  in  hexadecimal) of signals pending for
1794                     thread and for process as a whole  (see  pthreads(7)  and
1795                     signal(7)).
1796
1797              SigBlk, SigIgn, SigCgt
1798                     Masks (expressed in hexadecimal) indicating signals being
1799                     blocked, ignored, and caught (see signal(7)).
1800
1801              CapInh, CapPrm, CapEff
1802                     Masks (expressed in hexadecimal) of capabilities  enabled
1803                     in  inheritable, permitted, and effective sets (see capa‐
1804                     bilities(7)).
1805
1806              CapBnd Capability bounding set, expressed in hexadecimal  (since
1807                     Linux 2.6.26, see capabilities(7)).
1808
1809              CapAmb Ambient  capability  set, expressed in hexadecimal (since
1810                     Linux 4.3, see capabilities(7)).
1811
1812              NoNewPrivs
1813                     Value of the no_new_privs  bit  (since  Linux  4.10,  see
1814                     prctl(2)).
1815
1816              Seccomp
1817                     Seccomp  mode  of  the process (since Linux 3.8, see sec‐
1818                     comp(2)).  0 means SECCOMP_MODE_DISABLED;  1  means  SEC‐
1819                     COMP_MODE_STRICT;   2  means  SECCOMP_MODE_FILTER.   This
1820                     field is provided only if the kernel was built  with  the
1821                     CONFIG_SECCOMP kernel configuration option enabled.
1822
1823              Speculation_Store_Bypass
1824                     Speculation  flaw mitigation state (since Linux 4.17, see
1825                     prctl(2)).
1826
1827              Cpus_allowed
1828                     Hexadecimal mask of CPUs on which this  process  may  run
1829                     (since Linux 2.6.24, see cpuset(7)).
1830
1831              Cpus_allowed_list
1832                     Same  as  previous,  but  in  "list  format" (since Linux
1833                     2.6.26, see cpuset(7)).
1834
1835              Mems_allowed
1836                     Mask of memory nodes allowed to this process (since Linux
1837                     2.6.24, see cpuset(7)).
1838
1839              Mems_allowed_list
1840                     Same  as  previous,  but  in  "list  format" (since Linux
1841                     2.6.26, see cpuset(7)).
1842
1843              voluntary_ctxt_switches, nonvoluntary_ctxt_switches
1844                     Number of  voluntary  and  involuntary  context  switches
1845                     (since Linux 2.6.23).
1846
1847       /proc/[pid]/syscall (since Linux 2.6.27)
1848              This  file exposes the system call number and argument registers
1849              for the system call currently being  executed  by  the  process,
1850              followed  by the values of the stack pointer and program counter
1851              registers.  The values of all six  argument  registers  are  ex‐
1852              posed, although most system calls use fewer registers.
1853
1854              If  the  process  is blocked, but not in a system call, then the
1855              file displays -1 in place of the system call number, followed by
1856              just  the  values  of the stack pointer and program counter.  If
1857              process is not blocked, then the file contains just  the  string
1858              "running".
1859
1860              This file is present only if the kernel was configured with CON‐
1861              FIG_HAVE_ARCH_TRACEHOOK.
1862
1863              Permission to access this file is governed by  a  ptrace  access
1864              mode PTRACE_MODE_ATTACH_FSCREDS check; see ptrace(2).
1865
1866       /proc/[pid]/task (since Linux 2.6.0)
1867              This  is  a  directory  that  contains one subdirectory for each
1868              thread in the process.  The name of each subdirectory is the nu‐
1869              merical thread ID ([tid]) of the thread (see gettid(2)).
1870
1871              Within  each  of  these  subdirectories, there is a set of files
1872              with the same names and contents as under the /proc/[pid] direc‐
1873              tories.  For attributes that are shared by all threads, the con‐
1874              tents for each of the files under the task/[tid]  subdirectories
1875              will  be  the  same  as  in the corresponding file in the parent
1876              /proc/[pid] directory (e.g., in a multithreaded process, all  of
1877              the  task/[tid]/cwd  files  will  have  the  same  value  as the
1878              /proc/[pid]/cwd file in the parent directory, since all  of  the
1879              threads in a process share a working directory).  For attributes
1880              that are distinct for each thread, the corresponding files under
1881              task/[tid]  may  have  different values (e.g., various fields in
1882              each of the task/[tid]/status files may be  different  for  each
1883              thread), or they might not exist in /proc/[pid] at all.
1884
1885              In a multithreaded process, the contents of the /proc/[pid]/task
1886              directory are not available if the main thread has already  ter‐
1887              minated (typically by calling pthread_exit(3)).
1888
1889       /proc/[pid]/task/[tid]/children (since Linux 3.5)
1890              A  space-separated list of child tasks of this task.  Each child
1891              task is represented by its TID.
1892
1893              This option is intended for use by the checkpoint-restore (CRIU)
1894              system,  and reliably provides a list of children only if all of
1895              the child processes are stopped or frozen.   It  does  not  work
1896              properly  if  children of the target task exit while the file is
1897              being read!  Exiting children may cause non-exiting children  to
1898              be  omitted  from the list.  This makes this interface even more
1899              unreliable than classic PID-based approaches  if  the  inspected
1900              task and its children aren't frozen, and most code should proba‐
1901              bly not use this interface.
1902
1903              Until Linux 4.2, the presence of this file was governed  by  the
1904              CONFIG_CHECKPOINT_RESTORE  kernel  configuration  option.  Since
1905              Linux 4.2, it is governed by the CONFIG_PROC_CHILDREN option.
1906
1907       /proc/[pid]/timers (since Linux 3.10)
1908              A list of the POSIX timers for  this  process.   Each  timer  is
1909              listed with a line that starts with the string "ID:".  For exam‐
1910              ple:
1911
1912                  ID: 1
1913                  signal: 60/00007fff86e452a8
1914                  notify: signal/pid.2634
1915                  ClockID: 0
1916                  ID: 0
1917                  signal: 60/00007fff86e452a8
1918                  notify: signal/pid.2634
1919                  ClockID: 1
1920
1921              The lines shown for each timer have the following meanings:
1922
1923              ID     The ID for this timer.  This is not the same as the timer
1924                     ID  returned  by  timer_create(2); rather, it is the same
1925                     kernel-internal ID that is available via  the  si_timerid
1926                     field of the siginfo_t structure (see sigaction(2)).
1927
1928              signal This is the signal number that this timer uses to deliver
1929                     notifications  followed  by  a  slash,   and   then   the
1930                     sigev_value  value supplied to the signal handler.  Valid
1931                     only for timers that notify via a signal.
1932
1933              notify The part before the slash specifies  the  mechanism  that
1934                     this  timer  uses to deliver notifications, and is one of
1935                     "thread", "signal", or "none".  Immediately following the
1936                     slash   is  either  the  string  "tid"  for  timers  with
1937                     SIGEV_THREAD_ID notification, or "pid"  for  timers  that
1938                     notify by other mechanisms.  Following the "." is the PID
1939                     of the process (or the kernel thread ID  of  the  thread)
1940                     that will be delivered a signal if the timer delivers no‐
1941                     tifications via a signal.
1942
1943              ClockID
1944                     This field identifies the clock that the timer  uses  for
1945                     measuring  time.   For most clocks, this is a number that
1946                     matches one of the user-space CLOCK_*  constants  exposed
1947                     via  <time.h>.   CLOCK_PROCESS_CPUTIME_ID  timers display
1948                     with    a    value    of    -6     in     this     field.
1949                     CLOCK_THREAD_CPUTIME_ID timers display with a value of -2
1950                     in this field.
1951
1952              This file is available only when the kernel was configured  with
1953              CONFIG_CHECKPOINT_RESTORE.
1954
1955       /proc/[pid]/timerslack_ns (since Linux 4.6)
1956              This file exposes the process's "current" timer slack value, ex‐
1957              pressed in nanoseconds.  The  file  is  writable,  allowing  the
1958              process's  timer  slack  value to be changed.  Writing 0 to this
1959              file resets the "current" timer slack  to  the  "default"  timer
1960              slack  value.   For  further  details,  see  the  discussion  of
1961              PR_SET_TIMERSLACK in prctl(2).
1962
1963              Initially, permission to access this  file  was  governed  by  a
1964              ptrace   access   mode   PTRACE_MODE_ATTACH_FSCREDS  check  (see
1965              ptrace(2)).  However, this was subsequently deemed too strict  a
1966              requirement (and had the side effect that requiring a process to
1967              have the CAP_SYS_PTRACE capability would also allow it  to  view
1968              and  change  any process's memory).  Therefore, since Linux 4.9,
1969              only the (weaker) CAP_SYS_NICE capability is required to  access
1970              this file.
1971
1972       /proc/[pid]/uid_map, /proc/[pid]/gid_map (since Linux 3.5)
1973              See user_namespaces(7).
1974
1975       /proc/[pid]/wchan (since Linux 2.6.0)
1976              The  symbolic  name  corresponding to the location in the kernel
1977              where the process is sleeping.
1978
1979              Permission to access this file is governed by  a  ptrace  access
1980              mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
1981
1982       /proc/[tid]
1983              There   is a numerical subdirectory for each running thread that
1984              is not a thread group leader (i.e., a thread whose thread ID  is
1985              not  the  same  as its process ID); the subdirectory is named by
1986              the thread ID.  Each one of these subdirectories contains  files
1987              and  subdirectories  exposing  information about the thread with
1988              the thread ID tid.  The contents of these  directories  are  the
1989              same as the corresponding /proc/[pid]/task/[tid] directories.
1990
1991              The  /proc/[tid]  subdirectories  are not visible when iterating
1992              through /proc with getdents(2) (and thus are  not  visible  when
1993              one  uses  ls(1)  to  view the contents of /proc).  However, the
1994              pathnames of these directories are visible to (i.e.,  usable  as
1995              arguments in) system calls that operate on pathnames.
1996
1997       /proc/apm
1998              Advanced  power  management version and battery information when
1999              CONFIG_APM is defined at kernel compilation time.
2000
2001       /proc/buddyinfo
2002              This file contains information which is used for diagnosing mem‐
2003              ory fragmentation issues.  Each line starts with the identifica‐
2004              tion of the node and the name of the zone which  together  iden‐
2005              tify  a  memory  region.   This is then followed by the count of
2006              available chunks of a certain order in  which  these  zones  are
2007              split.   The  size  in  bytes of a certain order is given by the
2008              formula:
2009
2010                  (2^order) * PAGE_SIZE
2011
2012              The binary buddy allocator  algorithm  inside  the  kernel  will
2013              split  one  chunk  into two chunks of a smaller order (thus with
2014              half the size) or combine two contiguous chunks into one  larger
2015              chunk  of  a higher order (thus with double the size) to satisfy
2016              allocation requests and to counter  memory  fragmentation.   The
2017              order matches the column number, when starting to count at zero.
2018
2019              For example on an x86-64 system:
2020         Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
2021         Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
2022         Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587
2023
2024              In  this  example,  there is one node containing three zones and
2025              there are 11 different chunk sizes.  If the page size is 4 kilo‐
2026              bytes,  then  the  first  zone  called  DMA (on x86 the first 16
2027              megabyte of memory) has 1 chunk of 4 kilobytes (order 0)  avail‐
2028              able and has 3 chunks of 4 megabytes (order 10) available.
2029
2030              If the memory is heavily fragmented, the counters for higher or‐
2031              der chunks will be zero and allocation of large contiguous areas
2032              will fail.
2033
2034              Further  information about the zones can be found in /proc/zone‐
2035              info.
2036
2037       /proc/bus
2038              Contains subdirectories for installed busses.
2039
2040       /proc/bus/pccard
2041              Subdirectory for PCMCIA devices when  CONFIG_PCMCIA  is  set  at
2042              kernel compilation time.
2043
2044       /proc/bus/pccard/drivers
2045
2046       /proc/bus/pci
2047              Contains  various bus subdirectories and pseudo-files containing
2048              information about PCI  busses,  installed  devices,  and  device
2049              drivers.  Some of these files are not ASCII.
2050
2051       /proc/bus/pci/devices
2052              Information  about  PCI  devices.   They may be accessed through
2053              lspci(8) and setpci(8).
2054
2055       /proc/cgroups (since Linux 2.6.24)
2056              See cgroups(7).
2057
2058       /proc/cmdline
2059              Arguments passed to the Linux kernel at boot time.   Often  done
2060              via a boot manager such as lilo(8) or grub(8).
2061
2062       /proc/config.gz (since Linux 2.6)
2063              This  file  exposes  the configuration options that were used to
2064              build the currently running kernel, in the same format  as  they
2065              would  be shown in the .config file that resulted when configur‐
2066              ing the kernel (using make xconfig, make  config,  or  similar).
2067              The  file  contents  are  compressed;  view or search them using
2068              zcat(1) and zgrep(1).  As long as no changes have been  made  to
2069              the following file, the contents of /proc/config.gz are the same
2070              as those provided by:
2071
2072                  cat /lib/modules/$(uname -r)/build/.config
2073
2074              /proc/config.gz is provided only if  the  kernel  is  configured
2075              with CONFIG_IKCONFIG_PROC.
2076
2077       /proc/crypto
2078              A  list  of  the ciphers provided by the kernel crypto API.  For
2079              details, see the kernel Linux Kernel  Crypto  API  documentation
2080              available   under   the   kernel   source  directory  Documenta‐
2081              tion/crypto/ (or Documentation/DocBook before 4.10; the documen‐
2082              tation can be built using a command such as make htmldocs in the
2083              root directory of the kernel source tree).
2084
2085       /proc/cpuinfo
2086              This is a collection of CPU and  system  architecture  dependent
2087              items,  for  each  supported architecture a different list.  Two
2088              common entries are processor which  gives  CPU  number  and  bo‐
2089              gomips;  a system constant that is calculated during kernel ini‐
2090              tialization.  SMP machines have information for each  CPU.   The
2091              lscpu(1) command gathers its information from this file.
2092
2093       /proc/devices
2094              Text  listing  of  major numbers and device groups.  This can be
2095              used by MAKEDEV scripts for consistency with the kernel.
2096
2097       /proc/diskstats (since Linux 2.5.69)
2098              This file contains disk I/O statistics  for  each  disk  device.
2099              See  the  Linux kernel source file Documentation/iostats.txt for
2100              further information.
2101
2102       /proc/dma
2103              This is a list of the registered ISA DMA (direct memory  access)
2104              channels in use.
2105
2106       /proc/driver
2107              Empty subdirectory.
2108
2109       /proc/execdomains
2110              List of the execution domains (ABI personalities).
2111
2112       /proc/fb
2113              Frame buffer information when CONFIG_FB is defined during kernel
2114              compilation.
2115
2116       /proc/filesystems
2117              A text listing of the filesystems which  are  supported  by  the
2118              kernel,  namely  filesystems which were compiled into the kernel
2119              or  whose  kernel  modules  are  currently  loaded.   (See  also
2120              filesystems(5).)   If  a filesystem is marked with "nodev", this
2121              means that it does not require a  block  device  to  be  mounted
2122              (e.g., virtual filesystem, network filesystem).
2123
2124              Incidentally, this file may be used by mount(8) when no filesys‐
2125              tem is specified and it didn't manage to determine the  filesys‐
2126              tem  type.   Then  filesystems  contained in this file are tried
2127              (excepted those that are marked with "nodev").
2128
2129       /proc/fs
2130              Contains subdirectories that in turn contain files with informa‐
2131              tion about (certain) mounted filesystems.
2132
2133       /proc/ide
2134              This  directory  exists  on systems with the IDE bus.  There are
2135              directories for each IDE channel and attached device.  Files in‐
2136              clude:
2137
2138                  cache              buffer size in KB
2139                  capacity           number of sectors
2140                  driver             driver version
2141                  geometry           physical and logical geometry
2142                  identify           in hexadecimal
2143                  media              media type
2144                  model              manufacturer's model number
2145                  settings           drive settings
2146                  smart_thresholds   IDE disk management thresholds (in hex)
2147                  smart_values       IDE disk management values (in hex)
2148
2149              The  hdparm(8)  utility provides access to this information in a
2150              friendly format.
2151
2152       /proc/interrupts
2153              This is used to record the number of interrupts per CPU  per  IO
2154              device.   Since  Linux 2.6.24, for the i386 and x86-64 architec‐
2155              tures, at least, this also includes interrupts internal  to  the
2156              system  (that is, not associated with a device as such), such as
2157              NMI (nonmaskable interrupt), LOC (local  timer  interrupt),  and
2158              for  SMP  systems,  TLB (TLB flush interrupt), RES (rescheduling
2159              interrupt), CAL (remote function call interrupt),  and  possibly
2160              others.  Very easy to read formatting, done in ASCII.
2161
2162       /proc/iomem
2163              I/O memory map in Linux 2.4.
2164
2165       /proc/ioports
2166              This is a list of currently registered Input-Output port regions
2167              that are in use.
2168
2169       /proc/kallsyms (since Linux 2.5.71)
2170              This holds the kernel exported symbol definitions  used  by  the
2171              modules(X)  tools to dynamically link and bind loadable modules.
2172              In Linux 2.5.47 and earlier, a similar file with  slightly  dif‐
2173              ferent syntax was named ksyms.
2174
2175       /proc/kcore
2176              This  file  represents  the physical memory of the system and is
2177              stored in the ELF core file format.  With this pseudo-file,  and
2178              an unstripped kernel (/usr/src/linux/vmlinux) binary, GDB can be
2179              used to examine the current state of any kernel data structures.
2180
2181              The total length of the file is  the  size  of  physical  memory
2182              (RAM) plus 4 KiB.
2183
2184       /proc/keys (since Linux 2.6.10)
2185              See keyrings(7).
2186
2187       /proc/key-users (since Linux 2.6.10)
2188              See keyrings(7).
2189
2190       /proc/kmsg
2191              This  file  can  be used instead of the syslog(2) system call to
2192              read kernel messages.  A process must have superuser  privileges
2193              to  read  this file, and only one process should read this file.
2194              This file should not be read if  a  syslog  process  is  running
2195              which uses the syslog(2) system call facility to log kernel mes‐
2196              sages.
2197
2198              Information in this file is retrieved with the dmesg(1) program.
2199
2200       /proc/kpagecgroup (since Linux 4.3)
2201              This file contains a 64-bit inode number of  the  memory  cgroup
2202              each  page  is charged to, indexed by page frame number (see the
2203              discussion of /proc/[pid]/pagemap).
2204
2205              The /proc/kpagecgroup file is present only if  the  CONFIG_MEMCG
2206              kernel configuration option is enabled.
2207
2208       /proc/kpagecount (since Linux 2.6.25)
2209              This  file  contains  a 64-bit count of the number of times each
2210              physical page frame is mapped, indexed by page frame number (see
2211              the discussion of /proc/[pid]/pagemap).
2212
2213              The   /proc/kpagecount   file   is  present  only  if  the  CON‐
2214              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2215
2216       /proc/kpageflags (since Linux 2.6.25)
2217              This file contains 64-bit masks corresponding to  each  physical
2218              page  frame; it is indexed by page frame number (see the discus‐
2219              sion of /proc/[pid]/pagemap).  The bits are as follows:
2220
2221                   0 - KPF_LOCKED
2222                   1 - KPF_ERROR
2223                   2 - KPF_REFERENCED
2224                   3 - KPF_UPTODATE
2225                   4 - KPF_DIRTY
2226                   5 - KPF_LRU
2227                   6 - KPF_ACTIVE
2228                   7 - KPF_SLAB
2229                   8 - KPF_WRITEBACK
2230                   9 - KPF_RECLAIM
2231                  10 - KPF_BUDDY
2232                  11 - KPF_MMAP           (since Linux 2.6.31)
2233                  12 - KPF_ANON           (since Linux 2.6.31)
2234                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
2235                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
2236                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
2237                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
2238                  17 - KPF_HUGE           (since Linux 2.6.31)
2239                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
2240                  19 - KPF_HWPOISON       (since Linux 2.6.31)
2241                  20 - KPF_NOPAGE         (since Linux 2.6.31)
2242                  21 - KPF_KSM            (since Linux 2.6.32)
2243                  22 - KPF_THP            (since Linux 3.4)
2244                  23 - KPF_BALLOON        (since Linux 3.18)
2245                  24 - KPF_ZERO_PAGE      (since Linux 4.0)
2246                  25 - KPF_IDLE           (since Linux 4.3)
2247
2248              For further details on the meanings of these bits, see the  ker‐
2249              nel  source  file Documentation/admin-guide/mm/pagemap.rst.  Be‐
2250              fore kernel 2.6.29, KPF_WRITEBACK, KPF_RECLAIM,  KPF_BUDDY,  and
2251              KPF_LOCKED did not report correctly.
2252
2253              The   /proc/kpageflags   file   is  present  only  if  the  CON‐
2254              FIG_PROC_PAGE_MONITOR kernel configuration option is enabled.
2255
2256       /proc/ksyms (Linux 1.1.23–2.5.47)
2257              See /proc/kallsyms.
2258
2259       /proc/loadavg
2260              The first three fields in this file  are  load  average  figures
2261              giving  the number of jobs in the run queue (state R) or waiting
2262              for disk I/O (state D) averaged over 1, 5, and 15 minutes.  They
2263              are  the same as the load average numbers given by uptime(1) and
2264              other programs.  The fourth field consists of two numbers  sepa‐
2265              rated  by a slash (/).  The first of these is the number of cur‐
2266              rently runnable kernel scheduling entities (processes, threads).
2267              The value after the slash is the number of kernel scheduling en‐
2268              tities that currently exist on the system.  The fifth  field  is
2269              the  PID  of  the  process that was most recently created on the
2270              system.
2271
2272       /proc/locks
2273              This file shows current file locks (flock(2) and  fcntl(2))  and
2274              leases (fcntl(2)).
2275
2276              An example of the content shown in this file is the following:
2277
2278                  1: POSIX  ADVISORY  READ  5433 08:01:7864448 128 128
2279                  2: FLOCK  ADVISORY  WRITE 2001 08:01:7864554 0 EOF
2280                  3: FLOCK  ADVISORY  WRITE 1568 00:2f:32388 0 EOF
2281                  4: POSIX  ADVISORY  WRITE 699 00:16:28457 0 EOF
2282                  5: POSIX  ADVISORY  WRITE 764 00:16:21448 0 0
2283                  6: POSIX  ADVISORY  READ  3548 08:01:7867240 1 1
2284                  7: POSIX  ADVISORY  READ  3548 08:01:7865567 1826 2335
2285                  8: OFDLCK ADVISORY  WRITE -1 08:01:8713209 128 191
2286
2287              The fields shown in each line are as follows:
2288
2289              (1) The ordinal position of the lock in the list.
2290
2291              (2) The lock type.  Values that may appear here include:
2292
2293                  FLOCK  This is a BSD file lock created using flock(2).
2294
2295                  OFDLCK This  is  an open file description (OFD) lock created
2296                         using fcntl(2).
2297
2298                  POSIX  This is a POSIX byte-range  lock  created  using  fc‐
2299                         ntl(2).
2300
2301              (3) Among the strings that can appear here are the following:
2302
2303                  ADVISORY
2304                         This is an advisory lock.
2305
2306                  MANDATORY
2307                         This is a mandatory lock.
2308
2309              (4) The type of lock.  Values that can appear here are:
2310
2311                  READ   This  is  a  POSIX  or OFD read lock, or a BSD shared
2312                         lock.
2313
2314                  WRITE  This is a POSIX or OFD write lock, or a BSD exclusive
2315                         lock.
2316
2317              (5) The PID of the process that owns the lock.
2318
2319                  Because  OFD  locks are not owned by a single process (since
2320                  multiple processes may have file descriptors that  refer  to
2321                  the  same  open file description), the value -1 is displayed
2322                  in this field for OFD locks.  (Before  kernel  4.14,  a  bug
2323                  meant  that  the  PID of the process that initially acquired
2324                  the lock was displayed instead of the value -1.)
2325
2326              (6) Three colon-separated subfields that identify the major  and
2327                  minor  device  ID  of  the  device containing the filesystem
2328                  where the locked file resides, followed by the inode  number
2329                  of the locked file.
2330
2331              (7) The  byte  offset  of  the  first byte of the lock.  For BSD
2332                  locks, this value is always 0.
2333
2334              (8) The byte offset of the last byte of the lock.  EOF  in  this
2335                  field  means  that  the lock extends to the end of the file.
2336                  For BSD locks, the value shown is always EOF.
2337
2338              Since Linux 4.9, the list of locks shown in /proc/locks is  fil‐
2339              tered  to show just the locks for the processes in the PID name‐
2340              space (see pid_namespaces(7)) for which the /proc filesystem was
2341              mounted.   (In  the initial PID namespace, there is no filtering
2342              of the records shown in this file.)
2343
2344              The lslocks(8) command provides a  bit  more  information  about
2345              each lock.
2346
2347       /proc/malloc (only up to and including Linux 2.2)
2348              This  file  is  present  only if CONFIG_DEBUG_MALLOC was defined
2349              during compilation.
2350
2351       /proc/meminfo
2352              This file reports statistics about memory usage on  the  system.
2353              It is used by free(1) to report the amount of free and used mem‐
2354              ory (both physical and swap) on the system as well as the shared
2355              memory  and  buffers  used by the kernel.  Each line of the file
2356              consists of a parameter name, followed by a colon, the value  of
2357              the  parameter,  and an option unit of measurement (e.g., "kB").
2358              The list below describes the  parameter  names  and  the  format
2359              specifier required to read the field value.  Except as noted be‐
2360              low, all of the fields have been present since  at  least  Linux
2361              2.6.0.  Some fields are displayed only if the kernel was config‐
2362              ured with various options; those dependencies are noted  in  the
2363              list.
2364
2365              MemTotal %lu
2366                     Total usable RAM (i.e., physical RAM minus a few reserved
2367                     bits and the kernel binary code).
2368
2369              MemFree %lu
2370                     The sum of LowFree+HighFree.
2371
2372              MemAvailable %lu (since Linux 3.14)
2373                     An estimate of how much memory is available for  starting
2374                     new applications, without swapping.
2375
2376              Buffers %lu
2377                     Relatively  temporary  storage  for  raw disk blocks that
2378                     shouldn't get tremendously large (20 MB or so).
2379
2380              Cached %lu
2381                     In-memory cache for files read from the  disk  (the  page
2382                     cache).  Doesn't include SwapCached.
2383
2384              SwapCached %lu
2385                     Memory  that once was swapped out, is swapped back in but
2386                     still also is in the swap file.  (If memory  pressure  is
2387                     high,  these pages don't need to be swapped out again be‐
2388                     cause they are already in  the  swap  file.   This  saves
2389                     I/O.)
2390
2391              Active %lu
2392                     Memory  that  has been used more recently and usually not
2393                     reclaimed unless absolutely necessary.
2394
2395              Inactive %lu
2396                     Memory which has been less recently used.  It is more el‐
2397                     igible to be reclaimed for other purposes.
2398
2399              Active(anon) %lu (since Linux 2.6.28)
2400                     [To be documented.]
2401
2402              Inactive(anon) %lu (since Linux 2.6.28)
2403                     [To be documented.]
2404
2405              Active(file) %lu (since Linux 2.6.28)
2406                     [To be documented.]
2407
2408              Inactive(file) %lu (since Linux 2.6.28)
2409                     [To be documented.]
2410
2411              Unevictable %lu (since Linux 2.6.28)
2412                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was
2413                     required.)  [To be documented.]
2414
2415              Mlocked %lu (since Linux 2.6.28)
2416                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU  was
2417                     required.)  [To be documented.]
2418
2419              HighTotal %lu
2420                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2421                     Total amount of highmem.  Highmem  is  all  memory  above
2422                     ~860 MB of physical memory.  Highmem areas are for use by
2423                     user-space programs, or for the page cache.   The  kernel
2424                     must  use  tricks to access this memory, making it slower
2425                     to access than lowmem.
2426
2427              HighFree %lu
2428                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2429                     Amount of free highmem.
2430
2431              LowTotal %lu
2432                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2433                     Total amount of lowmem.  Lowmem is memory  which  can  be
2434                     used  for everything that highmem can be used for, but it
2435                     is also available for the kernel's use for its  own  data
2436                     structures.   Among many other things, it is where every‐
2437                     thing from Slab is allocated.   Bad  things  happen  when
2438                     you're out of lowmem.
2439
2440              LowFree %lu
2441                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)
2442                     Amount of free lowmem.
2443
2444              MmapCopy %lu (since Linux 2.6.29)
2445                     (CONFIG_MMU is required.)  [To be documented.]
2446
2447              SwapTotal %lu
2448                     Total amount of swap space available.
2449
2450              SwapFree %lu
2451                     Amount of swap space that is currently unused.
2452
2453              Dirty %lu
2454                     Memory which is waiting to get written back to the disk.
2455
2456              Writeback %lu
2457                     Memory which is actively being written back to the disk.
2458
2459              AnonPages %lu (since Linux 2.6.18)
2460                     Non-file backed pages mapped into user-space page tables.
2461
2462              Mapped %lu
2463                     Files which have been mapped into memory (with  mmap(2)),
2464                     such as libraries.
2465
2466              Shmem %lu (since Linux 2.6.32)
2467                     Amount of memory consumed in tmpfs(5) filesystems.
2468
2469              KReclaimable %lu (since Linux 4.20)
2470                     Kernel  allocations  that  the kernel will attempt to re‐
2471                     claim under memory pressure.  Includes SReclaimable  (be‐
2472                     low), and other direct allocations with a shrinker.
2473
2474              Slab %lu
2475                     In-kernel data structures cache.  (See slabinfo(5).)
2476
2477              SReclaimable %lu (since Linux 2.6.19)
2478                     Part of Slab, that might be reclaimed, such as caches.
2479
2480              SUnreclaim %lu (since Linux 2.6.19)
2481                     Part  of  Slab,  that cannot be reclaimed on memory pres‐
2482                     sure.
2483
2484              KernelStack %lu (since Linux 2.6.32)
2485                     Amount of memory allocated to kernel stacks.
2486
2487              PageTables %lu (since Linux 2.6.18)
2488                     Amount of memory dedicated to the lowest  level  of  page
2489                     tables.
2490
2491              Quicklists %lu (since Linux 2.6.27)
2492                     (CONFIG_QUICKLIST is required.)  [To be documented.]
2493
2494              NFS_Unstable %lu (since Linux 2.6.18)
2495                     NFS  pages  sent  to the server, but not yet committed to
2496                     stable storage.
2497
2498              Bounce %lu (since Linux 2.6.18)
2499                     Memory used for block device "bounce buffers".
2500
2501              WritebackTmp %lu (since Linux 2.6.26)
2502                     Memory used by FUSE for temporary writeback buffers.
2503
2504              CommitLimit %lu (since Linux 2.6.10)
2505                     This is the total amount of memory currently available to
2506                     be allocated on the system, expressed in kilobytes.  This
2507                     limit is adhered to only if strict overcommit  accounting
2508                     is  enabled  (mode  2 in /proc/sys/vm/overcommit_memory).
2509                     The limit is calculated  according  to  the  formula  de‐
2510                     scribed  under  /proc/sys/vm/overcommit_memory.  For fur‐
2511                     ther details,  see  the  kernel  source  file  Documenta‐
2512                     tion/vm/overcommit-accounting.rst.
2513
2514              Committed_AS %lu
2515                     The  amount  of memory presently allocated on the system.
2516                     The committed memory is a sum of all of the memory  which
2517                     has  been allocated by processes, even if it has not been
2518                     "used" by them as of yet.  A process which allocates 1 GB
2519                     of  memory (using malloc(3) or similar), but touches only
2520                     300 MB of that memory will show up as using only  300  MB
2521                     of  memory even if it has the address space allocated for
2522                     the entire 1 GB.
2523
2524                     This 1 GB is memory which has been "committed" to by  the
2525                     VM and can be used at any time by the allocating applica‐
2526                     tion.  With strict overcommit enabled on the system (mode
2527                     2  in  /proc/sys/vm/overcommit_memory), allocations which
2528                     would exceed the CommitLimit will not be permitted.  This
2529                     is  useful  if one needs to guarantee that processes will
2530                     not fail due to lack of memory once that memory has  been
2531                     successfully allocated.
2532
2533              VmallocTotal %lu
2534                     Total size of vmalloc memory area.
2535
2536              VmallocUsed %lu
2537                     Amount  of  vmalloc area which is used.  Since Linux 4.4,
2538                     this field is no longer calculated, and is hard coded  as
2539                     0.  See /proc/vmallocinfo.
2540
2541              VmallocChunk %lu
2542                     Largest  contiguous  block of vmalloc area which is free.
2543                     Since Linux 4.4, this field is no longer  calculated  and
2544                     is hard coded as 0.  See /proc/vmallocinfo.
2545
2546              HardwareCorrupted %lu (since Linux 2.6.32)
2547                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]
2548
2549              LazyFree %lu (since Linux 4.12)
2550                     Shows   the   amount   of  memory  marked  by  madvise(2)
2551                     MADV_FREE.
2552
2553              AnonHugePages %lu (since Linux 2.6.38)
2554                     (CONFIG_TRANSPARENT_HUGEPAGE  is   required.)    Non-file
2555                     backed huge pages mapped into user-space page tables.
2556
2557              ShmemHugePages %lu (since Linux 4.8)
2558                     (CONFIG_TRANSPARENT_HUGEPAGE  is  required.)  Memory used
2559                     by shared memory (shmem) and tmpfs(5) allocated with huge
2560                     pages.
2561
2562              ShmemPmdMapped %lu (since Linux 4.8)
2563                     (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared memory
2564                     mapped into user space with huge pages.
2565
2566              CmaTotal %lu (since Linux 3.1)
2567                     Total CMA (Contiguous  Memory  Allocator)  pages.   (CON‐
2568                     FIG_CMA is required.)
2569
2570              CmaFree %lu (since Linux 3.1)
2571                     Free  CMA  (Contiguous  Memory  Allocator)  pages.  (CON‐
2572                     FIG_CMA is required.)
2573
2574              HugePages_Total %lu
2575                     (CONFIG_HUGETLB_PAGE is required.)  The size of the  pool
2576                     of huge pages.
2577
2578              HugePages_Free %lu
2579                     (CONFIG_HUGETLB_PAGE  is  required.)   The number of huge
2580                     pages in the pool that are not yet allocated.
2581
2582              HugePages_Rsvd %lu (since Linux 2.6.17)
2583                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2584                     huge  pages  for  which a commitment to allocate from the
2585                     pool has been made, but no allocation has yet been  made.
2586                     These  reserved  huge pages guarantee that an application
2587                     will be able to allocate a huge page  from  the  pool  of
2588                     huge pages at fault time.
2589
2590              HugePages_Surp %lu (since Linux 2.6.24)
2591                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of
2592                     huge   pages   in   the   pool   above   the   value   in
2593                     /proc/sys/vm/nr_hugepages.  The maximum number of surplus
2594                     huge  pages  is  controlled  by  /proc/sys/vm/nr_overcom‐
2595                     mit_hugepages.
2596
2597              Hugepagesize %lu
2598                     (CONFIG_HUGETLB_PAGE  is  required.)   The  size  of huge
2599                     pages.
2600
2601              DirectMap4k %lu (since Linux 2.6.27)
2602                     Number of bytes of RAM linearly mapped by kernel in 4  kB
2603                     pages.  (x86.)
2604
2605              DirectMap4M %lu (since Linux 2.6.27)
2606                     Number  of bytes of RAM linearly mapped by kernel in 4 MB
2607                     pages.  (x86 with  CONFIG_X86_64  or  CONFIG_X86_PAE  en‐
2608                     abled.)
2609
2610              DirectMap2M %lu (since Linux 2.6.27)
2611                     Number  of bytes of RAM linearly mapped by kernel in 2 MB
2612                     pages.   (x86  with  neither   CONFIG_X86_64   nor   CON‐
2613                     FIG_X86_PAE enabled.)
2614
2615              DirectMap1G %lu (since Linux 2.6.27)
2616                     (x86 with CONFIG_X86_64 and CONFIG_X86_DIRECT_GBPAGES en‐
2617                     abled.)
2618
2619       /proc/modules
2620              A text list of the modules that have been loaded by the  system.
2621              See also lsmod(8).
2622
2623       /proc/mounts
2624              Before  kernel  2.4.19, this file was a list of all the filesys‐
2625              tems currently mounted on the system.  With the introduction  of
2626              per-process  mount  namespaces  in Linux 2.4.19 (see mount_name‐
2627              spaces(7)), this file became a link to /proc/self/mounts,  which
2628              lists  the  mount  points  of the process's own mount namespace.
2629              The format of this file is documented in fstab(5).
2630
2631       /proc/mtrr
2632              Memory Type Range Registers.  See the Linux kernel  source  file
2633              Documentation/x86/mtrr.txt   (or  Documentation/mtrr.txt  before
2634              Linux 2.6.28) for details.
2635
2636       /proc/net
2637              This directory contains various files  and  subdirectories  con‐
2638              taining  information about the networking layer.  The files con‐
2639              tain ASCII structures and are, therefore, readable with  cat(1).
2640              However, the standard netstat(8) suite provides much cleaner ac‐
2641              cess to these files.
2642
2643              With the advent of network namespaces, various  information  re‐
2644              lating  to  the  network stack is virtualized (see network_name‐
2645              spaces(7)).  Thus, since Linux 2.6.25, /proc/net is  a  symbolic
2646              link  to  the  directory /proc/self/net, which contains the same
2647              files and directories as listed below.  However, these files and
2648              directories  now expose information for the network namespace of
2649              which the process is a member.
2650
2651       /proc/net/arp
2652              This holds an ASCII readable dump of the kernel ARP  table  used
2653              for  address resolutions.  It will show both dynamically learned
2654              and preprogrammed ARP entries.  The format is:
2655
2656                  IP address     HW type   Flags     HW address          Mask   Device
2657                  192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
2658                  192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0
2659
2660              Here "IP address" is the IPv4 address of the machine and the "HW
2661              type"  is  the  hardware  type of the address from RFC 826.  The
2662              flags are the internal flags of the ARP structure (as defined in
2663              /usr/include/linux/if_arp.h)  and  the  "HW address" is the data
2664              link layer mapping for that IP address if it is known.
2665
2666       /proc/net/dev
2667              The dev pseudo-file contains network device status  information.
2668              This  gives  the number of received and sent packets, the number
2669              of errors and collisions and other basic statistics.  These  are
2670              used  by  the  ifconfig(8) program to report device status.  The
2671              format is:
2672
2673              Inter-|   Receive                                                |  Transmit
2674               face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
2675                  lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
2676                eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
2677                ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
2678                tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0
2679
2680       /proc/net/dev_mcast
2681              Defined in /usr/src/linux/net/core/dev_mcast.c:
2682
2683                  indx interface_name  dmi_u dmi_g dmi_address
2684                  2    eth0            1     0     01005e000001
2685                  3    eth1            1     0     01005e000001
2686                  4    eth2            1     0     01005e000001
2687
2688       /proc/net/igmp
2689              Internet    Group    Management    Protocol.      Defined     in
2690              /usr/src/linux/net/core/igmp.c.
2691
2692       /proc/net/rarp
2693              This  file uses the same format as the arp file and contains the
2694              current reverse mapping database used to provide rarp(8) reverse
2695              address  lookup  services.   If  RARP is not configured into the
2696              kernel, this file will not be present.
2697
2698       /proc/net/raw
2699              Holds a dump of the RAW socket table.  Much of  the  information
2700              is  not of use apart from debugging.  The "sl" value is the ker‐
2701              nel hash slot for the socket, the "local_address" is  the  local
2702              address  and  protocol number pair.  "St" is the internal status
2703              of the socket.  The "tx_queue" and "rx_queue" are  the  outgoing
2704              and  incoming  data  queue in terms of kernel memory usage.  The
2705              "tr", "tm->when", and "rexmits" fields are not used by RAW.  The
2706              "uid"  field  holds  the  effective  UID  of  the creator of the
2707              socket.
2708
2709       /proc/net/snmp
2710              This file holds the ASCII data needed for the IP, ICMP, TCP, and
2711              UDP management information bases for an SNMP agent.
2712
2713       /proc/net/tcp
2714              Holds  a  dump of the TCP socket table.  Much of the information
2715              is not of use apart from debugging.  The "sl" value is the  ker‐
2716              nel  hash  slot for the socket, the "local_address" is the local
2717              address and port number pair.  The "rem_address" is  the  remote
2718              address and port number pair (if connected).  "St" is the inter‐
2719              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2720              outgoing  and  incoming data queue in terms of kernel memory us‐
2721              age.  The "tr", "tm->when", and "rexmits" fields  hold  internal
2722              information  of  the kernel socket state and are useful only for
2723              debugging.  The "uid" field holds the effective UID of the  cre‐
2724              ator of the socket.
2725
2726       /proc/net/udp
2727              Holds  a  dump of the UDP socket table.  Much of the information
2728              is not of use apart from debugging.  The "sl" value is the  ker‐
2729              nel  hash  slot for the socket, the "local_address" is the local
2730              address and port number pair.  The "rem_address" is  the  remote
2731              address and port number pair (if connected).  "St" is the inter‐
2732              nal status of the socket.  The "tx_queue" and "rx_queue" are the
2733              outgoing  and  incoming data queue in terms of kernel memory us‐
2734              age.  The "tr", "tm->when", and "rexmits" fields are not used by
2735              UDP.   The "uid" field holds the effective UID of the creator of
2736              the socket.  The format is:
2737
2738              sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
2739               1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
2740               1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
2741               1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0
2742
2743       /proc/net/unix
2744              Lists the UNIX domain sockets  present  within  the  system  and
2745              their status.  The format is:
2746
2747              Num RefCount Protocol Flags    Type St Inode Path
2748               0: 00000002 00000000 00000000 0001 03    42
2749               1: 00000001 00000000 00010000 0001 01  1948 /dev/printer
2750
2751              The fields are as follows:
2752
2753              Num:      the kernel table slot number.
2754
2755              RefCount: the number of users of the socket.
2756
2757              Protocol: currently always 0.
2758
2759              Flags:    the  internal  kernel  flags holding the status of the
2760                        socket.
2761
2762              Type:     the socket type.  For  SOCK_STREAM  sockets,  this  is
2763                        0001;  for  SOCK_DGRAM  sockets,  it  is 0002; and for
2764                        SOCK_SEQPACKET sockets, it is 0005.
2765
2766              St:       the internal state of the socket.
2767
2768              Inode:    the inode number of the socket.
2769
2770              Path:     the bound pathname (if any) of the socket.  Sockets in
2771                        the  abstract  namespace are included in the list, and
2772                        are shown with a Path that commences with the  charac‐
2773                        ter '@'.
2774
2775       /proc/net/netfilter/nfnetlink_queue
2776              This file contains information about netfilter user-space queue‐
2777              ing, if used.  Each line represents a queue.  Queues  that  have
2778              not been subscribed to by user space are not shown.
2779
2780                     1   4207     0  2 65535     0     0        0  1
2781                    (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)
2782
2783              The fields in each line are:
2784
2785              (1)  The ID of the queue.  This matches what is specified in the
2786                   --queue-num or --queue-balance options to  the  iptables(8)
2787                   NFQUEUE target.  See iptables-extensions(8) for more infor‐
2788                   mation.
2789
2790              (2)  The netlink port ID subscribed to the queue.
2791
2792              (3)  The number of packets currently queued and  waiting  to  be
2793                   processed by the application.
2794
2795              (4)  The copy mode of the queue.  It is either 1 (metadata only)
2796                   or 2 (also copy payload data to user space).
2797
2798              (5)  Copy range; that is,  how  many  bytes  of  packet  payload
2799                   should be copied to user space at most.
2800
2801              (6)  queue dropped.  Number of packets that had to be dropped by
2802                   the kernel because too many packets are already waiting for
2803                   user space to send back the mandatory accept/drop verdicts.
2804
2805              (7)  queue  user  dropped.   Number of packets that were dropped
2806                   within the netlink subsystem.  Such  drops  usually  happen
2807                   when the corresponding socket buffer is full; that is, user
2808                   space is not able to read messages fast enough.
2809
2810              (8)  sequence number.  Every queued packet is associated with  a
2811                   (32-bit)  monotonically  increasing  sequence number.  This
2812                   shows the ID of the most recent packet queued.
2813
2814              The last number exists only for compatibility reasons and is al‐
2815              ways 1.
2816
2817       /proc/partitions
2818              Contains  the  major and minor numbers of each partition as well
2819              as the number of 1024-byte blocks and the partition name.
2820
2821       /proc/pci
2822              This is a listing of all PCI devices found  during  kernel  ini‐
2823              tialization and their configuration.
2824
2825              This  file has been deprecated in favor of a new /proc interface
2826              for PCI  (/proc/bus/pci).   It  became  optional  in  Linux  2.2
2827              (available  with CONFIG_PCI_OLD_PROC set at kernel compilation).
2828              It became once more nonoptionally enabled in Linux  2.4.   Next,
2829              it  was  deprecated  in  Linux  2.6  (still  available with CON‐
2830              FIG_PCI_LEGACY_PROC set), and finally removed  altogether  since
2831              Linux 2.6.17.
2832
2833       /proc/profile (since Linux 2.4)
2834              This file is present only if the kernel was booted with the pro‐
2835              file=1 command-line option.  It exposes kernel profiling  infor‐
2836              mation  in  a  binary format for use by readprofile(1).  Writing
2837              (e.g., an empty string) to this file resets the profiling  coun‐
2838              ters; on some architectures, writing a binary integer "profiling
2839              multiplier" of size sizeof(int)  sets  the  profiling  interrupt
2840              frequency.
2841
2842       /proc/scsi
2843              A directory with the scsi mid-level pseudo-file and various SCSI
2844              low-level driver directories, which contain a file for each SCSI
2845              host  in  this system, all of which give the status of some part
2846              of the SCSI IO subsystem.  These files contain ASCII  structures
2847              and are, therefore, readable with cat(1).
2848
2849              You  can also write to some of the files to reconfigure the sub‐
2850              system or switch certain features on or off.
2851
2852       /proc/scsi/scsi
2853              This is a listing of all SCSI devices known to the kernel.   The
2854              listing  is  similar  to  the one seen during bootup.  scsi cur‐
2855              rently supports only the add-single-device command which  allows
2856              root to add a hotplugged device to the list of known devices.
2857
2858              The command
2859
2860                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi
2861
2862              will  cause host scsi1 to scan on SCSI channel 0 for a device on
2863              ID 5 LUN 0.  If there is already a device known on this  address
2864              or the address is invalid, an error will be returned.
2865
2866       /proc/scsi/[drivername]
2867              [drivername]  can  currently  be  NCR53c7xx,  aha152x,  aha1542,
2868              aha1740, aic7xxx, buslogic, eata_dma, eata_pio, fdomain, in2000,
2869              pas16,  qlogic,  scsi_debug, seagate, t128, u15-24f, ultrastore,
2870              or wd7000.  These directories show up for all drivers that  reg‐
2871              istered  at  least  one  SCSI HBA.  Every directory contains one
2872              file per registered host.  Every host-file is  named  after  the
2873              number the host was assigned during initialization.
2874
2875              Reading these files will usually show driver and host configura‐
2876              tion, statistics, and so on.
2877
2878              Writing to these files  allows  different  things  on  different
2879              hosts.   For  example,  with the latency and nolatency commands,
2880              root can switch on and off command latency measurement  code  in
2881              the  eata_dma driver.  With the lockup and unlock commands, root
2882              can control bus lockups simulated by the scsi_debug driver.
2883
2884       /proc/self
2885              This  directory  refers  to  the  process  accessing  the  /proc
2886              filesystem, and is identical to the /proc directory named by the
2887              process ID of the same process.
2888
2889       /proc/slabinfo
2890              Information about kernel caches.  See slabinfo(5) for details.
2891
2892       /proc/stat
2893              kernel/system statistics.  Varies with architecture.  Common en‐
2894              tries include:
2895
2896              cpu 10132153 290696 3084719 46828483 16683 0 25195 0 175628 0
2897              cpu0 1393280 32966 572056 13343292 6130 0 17875 0 23933 0
2898                     The   amount  of  time,  measured  in  units  of  USER_HZ
2899                     (1/100ths  of  a  second  on  most   architectures,   use
2900                     sysconf(_SC_CLK_TCK) to obtain the right value), that the
2901                     system ("cpu" line) or the  specific  CPU  ("cpuN"  line)
2902                     spent in various states:
2903
2904                     user   (1) Time spent in user mode.
2905
2906                     nice   (2)  Time  spent  in  user  mode with low priority
2907                            (nice).
2908
2909                     system (3) Time spent in system mode.
2910
2911                     idle   (4) Time spent  in  the  idle  task.   This  value
2912                            should  be  USER_HZ  times the second entry in the
2913                            /proc/uptime pseudo-file.
2914
2915                     iowait (since Linux 2.5.41)
2916                            (5) Time waiting for I/O to complete.  This  value
2917                            is not reliable, for the following reasons:
2918
2919                            1. The  CPU  will  not  wait  for I/O to complete;
2920                               iowait is the time that a task is  waiting  for
2921                               I/O  to  complete.   When  a CPU goes into idle
2922                               state for outstanding task  I/O,  another  task
2923                               will be scheduled on this CPU.
2924
2925                            2. On  a  multi-core CPU, the task waiting for I/O
2926                               to complete is not running on any CPU,  so  the
2927                               iowait of each CPU is difficult to calculate.
2928
2929                            3. The value in this field may decrease in certain
2930                               conditions.
2931
2932                     irq (since Linux 2.6.0)
2933                            (6) Time servicing interrupts.
2934
2935                     softirq (since Linux 2.6.0)
2936                            (7) Time servicing softirqs.
2937
2938                     steal (since Linux 2.6.11)
2939                            (8) Stolen time, which is the time spent in  other
2940                            operating  systems  when  running in a virtualized
2941                            environment
2942
2943                     guest (since Linux 2.6.24)
2944                            (9) Time spent running a virtual CPU for guest op‐
2945                            erating  systems  under  the  control of the Linux
2946                            kernel.
2947
2948                     guest_nice (since Linux 2.6.33)
2949                            (10) Time spent running a niced guest (virtual CPU
2950                            for  guest  operating systems under the control of
2951                            the Linux kernel).
2952
2953              page 5741 1808
2954                     The number of pages the system paged in  and  the  number
2955                     that were paged out (from disk).
2956
2957              swap 1 0
2958                     The  number  of  swap pages that have been brought in and
2959                     out.
2960
2961              intr 1462898
2962                     This line shows counts of interrupts serviced since  boot
2963                     time,  for  each  of the possible system interrupts.  The
2964                     first column is the total of all interrupts serviced  in‐
2965                     cluding unnumbered architecture specific interrupts; each
2966                     subsequent column is the total for that  particular  num‐
2967                     bered  interrupt.   Unnumbered  interrupts are not shown,
2968                     only summed into the total.
2969
2970              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
2971                     (major,disk_idx):(noinfo,     read_io_ops,     blks_read,
2972                     write_io_ops, blks_written)
2973                     (Linux 2.4 only)
2974
2975              ctxt 115315
2976                     The number of context switches that the system underwent.
2977
2978              btime 769041601
2979                     boot   time,  in  seconds  since  the  Epoch,  1970-01-01
2980                     00:00:00 +0000 (UTC).
2981
2982              processes 86031
2983                     Number of forks since boot.
2984
2985              procs_running 6
2986                     Number of processes in runnable state.  (Linux 2.5.45 on‐
2987                     ward.)
2988
2989              procs_blocked 2
2990                     Number  of processes blocked waiting for I/O to complete.
2991                     (Linux 2.5.45 onward.)
2992
2993              softirq 229245889 94 60001584 13619 5175704 2471304 28  51212741
2994              59130143 0 51240672
2995                     This  line shows the number of softirq for all CPUs.  The
2996                     first column is the total of all softirqs and each subse‐
2997                     quent column is the total for particular softirq.  (Linux
2998                     2.6.31 onward.)
2999
3000       /proc/swaps
3001              Swap areas in use.  See also swapon(8).
3002
3003       /proc/sys
3004              This directory (present since 1.3.57) contains a number of files
3005              and  subdirectories  corresponding  to  kernel variables.  These
3006              variables can be read and in some cases modified using the /proc
3007              filesystem, and the (deprecated) sysctl(2) system call.
3008
3009              String values may be terminated by either '\0' or '\n'.
3010
3011              Integer  and  long values may be written either in decimal or in
3012              hexadecimal notation (e.g., 0x3FFF).  When writing multiple  in‐
3013              teger  or long values, these may be separated by any of the fol‐
3014              lowing whitespace characters: ' ', '\t', or '\n'.   Using  other
3015              separators leads to the error EINVAL.
3016
3017       /proc/sys/abi (since Linux 2.4.10)
3018              This  directory may contain files with application binary infor‐
3019              mation.   See  the   Linux   kernel   source   file   Documenta‐
3020              tion/sysctl/abi.txt for more information.
3021
3022       /proc/sys/debug
3023              This directory may be empty.
3024
3025       /proc/sys/dev
3026              This   directory  contains  device-specific  information  (e.g.,
3027              dev/cdrom/info).  On some systems, it may be empty.
3028
3029       /proc/sys/fs
3030              This directory contains the files and subdirectories for  kernel
3031              variables related to filesystems.
3032
3033       /proc/sys/fs/aio-max-nr and /proc/sys/fs/aio-nr (since Linux 2.6.4)
3034              aio-nr is the running total of the number of events specified by
3035              io_setup(2) calls for all currently  active  AIO  contexts.   If
3036              aio-nr  reaches  aio-max-nr, then io_setup(2) will fail with the
3037              error EAGAIN.  Raising aio-max-nr does not result in the  preal‐
3038              location or resizing of any kernel data structures.
3039
3040       /proc/sys/fs/binfmt_misc
3041              Documentation  for  files  in this directory can be found in the
3042              Linux   kernel   source   in    the    file    Documentation/ad‐
3043              min-guide/binfmt-misc.rst  (or  in Documentation/binfmt_misc.txt
3044              on older kernels).
3045
3046       /proc/sys/fs/dentry-state (since Linux 2.2)
3047              This file contains information about the status of the directory
3048              cache  (dcache).   The  file  contains  six  numbers, nr_dentry,
3049              nr_unused, age_limit (age in  seconds),  want_pages  (pages  re‐
3050              quested by system) and two dummy values.
3051
3052              * nr_dentry  is  the  number  of  allocated dentries (dcache en‐
3053                tries).  This field is unused in Linux 2.2.
3054
3055              * nr_unused is the number of unused dentries.
3056
3057              * age_limit is the age in seconds after which dcache entries can
3058                be reclaimed when memory is short.
3059
3060              * want_pages   is   nonzero   when   the   kernel   has   called
3061                shrink_dcache_pages() and the dcache isn't pruned yet.
3062
3063       /proc/sys/fs/dir-notify-enable
3064              This file can be used to disable or enable the dnotify interface
3065              described  in  fcntl(2) on a system-wide basis.  A value of 0 in
3066              this file disables the interface, and a value of 1 enables it.
3067
3068       /proc/sys/fs/dquot-max
3069              This file shows the maximum number of cached disk quota entries.
3070              On some (2.4) systems, it is not present.  If the number of free
3071              cached disk quota entries is very low and you have some  awesome
3072              number of simultaneous system users, you might want to raise the
3073              limit.
3074
3075       /proc/sys/fs/dquot-nr
3076              This file shows the number of allocated disk quota  entries  and
3077              the number of free disk quota entries.
3078
3079       /proc/sys/fs/epoll (since Linux 2.6.28)
3080              This  directory contains the file max_user_watches, which can be
3081              used to limit the amount of kernel memory consumed by the  epoll
3082              interface.  For further details, see epoll(7).
3083
3084       /proc/sys/fs/file-max
3085              This  file  defines  a  system-wide  limit on the number of open
3086              files for all processes.  System calls that fail when encounter‐
3087              ing  this  limit  fail  with  the error ENFILE.  (See also setr‐
3088              limit(2), which can be used by a process to set the  per-process
3089              limit,  RLIMIT_NOFILE,  on the number of files it may open.)  If
3090              you get lots of error messages in the kernel log  about  running
3091              out  of  file  handles  (open file descriptions) (look for "VFS:
3092              file-max limit <number> reached"), try increasing this value:
3093
3094                  echo 100000 > /proc/sys/fs/file-max
3095
3096              Privileged processes (CAP_SYS_ADMIN) can override  the  file-max
3097              limit.
3098
3099       /proc/sys/fs/file-nr
3100              This  (read-only) file contains three numbers: the number of al‐
3101              located file handles (i.e., the number  of  open  file  descrip‐
3102              tions;  see  open(2));  the number of free file handles; and the
3103              maximum  number  of  file  handles  (i.e.,  the  same  value  as
3104              /proc/sys/fs/file-max).  If the number of allocated file handles
3105              is close to the maximum, you should consider increasing the max‐
3106              imum.   Before  Linux 2.6, the kernel allocated file handles dy‐
3107              namically, but it didn't free them again.  Instead the free file
3108              handles  were  kept  in  a list for reallocation; the "free file
3109              handles" value indicates the size of that list.  A large  number
3110              of free file handles indicates that there was a past peak in the
3111              usage of open file handles.  Since Linux 2.6,  the  kernel  does
3112              deallocate freed file handles, and the "free file handles" value
3113              is always zero.
3114
3115       /proc/sys/fs/inode-max (only present until Linux 2.2)
3116              This file contains the maximum number of in-memory inodes.  This
3117              value  should  be  3–4  times larger than the value in file-max,
3118              since stdin, stdout and network sockets also need  an  inode  to
3119              handle  them.  When you regularly run out of inodes, you need to
3120              increase this value.
3121
3122              Starting with Linux 2.4, there is no longer a  static  limit  on
3123              the number of inodes, and this file is removed.
3124
3125       /proc/sys/fs/inode-nr
3126              This file contains the first two values from inode-state.
3127
3128       /proc/sys/fs/inode-state
3129              This  file  contains  seven  numbers: nr_inodes, nr_free_inodes,
3130              preshrink, and four dummy values (always zero).
3131
3132              nr_inodes is the number of  inodes  the  system  has  allocated.
3133              nr_free_inodes represents the number of free inodes.
3134
3135              preshrink is nonzero when the nr_inodes > inode-max and the sys‐
3136              tem needs to prune the inode list instead  of  allocating  more;
3137              since Linux 2.4, this field is a dummy value (always zero).
3138
3139       /proc/sys/fs/inotify (since Linux 2.6.13)
3140              This  directory  contains  files max_queued_events, max_user_in‐
3141              stances, and max_user_watches, that can be  used  to  limit  the
3142              amount  of kernel memory consumed by the inotify interface.  For
3143              further details, see inotify(7).
3144
3145       /proc/sys/fs/lease-break-time
3146              This file specifies the grace period that the kernel grants to a
3147              process holding a file lease (fcntl(2)) after it has sent a sig‐
3148              nal to that process notifying it that another process is waiting
3149              to  open the file.  If the lease holder does not remove or down‐
3150              grade the lease within this grace period,  the  kernel  forcibly
3151              breaks the lease.
3152
3153       /proc/sys/fs/leases-enable
3154              This  file  can  be  used  to enable or disable file leases (fc‐
3155              ntl(2)) on a system-wide basis.  If this file contains the value
3156              0, leases are disabled.  A nonzero value enables leases.
3157
3158       /proc/sys/fs/mount-max (since Linux 4.9)
3159              The  value  in  this file specifies the maximum number of mounts
3160              that may exist in a mount namespace.  The default value in  this
3161              file is 100,000.
3162
3163       /proc/sys/fs/mqueue (since Linux 2.6.6)
3164              This   directory   contains   files  msg_max,  msgsize_max,  and
3165              queues_max, controlling the  resources  used  by  POSIX  message
3166              queues.  See mq_overview(7) for details.
3167
3168       /proc/sys/fs/nr_open (since Linux 2.6.25)
3169              This   file  imposes  a  ceiling  on  the  value  to  which  the
3170              RLIMIT_NOFILE resource limit can be raised  (see  getrlimit(2)).
3171              This  ceiling  is  enforced for both unprivileged and privileged
3172              process.  The default value in this file  is  1048576.   (Before
3173              Linux  2.6.25,  the  ceiling for RLIMIT_NOFILE was hard-coded to
3174              the same value.)
3175
3176       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
3177              These files allow you to change the value of the fixed  UID  and
3178              GID.   The  default  is  65534.   Some  filesystems support only
3179              16-bit UIDs and GIDs, although in Linux UIDs  and  GIDs  are  32
3180              bits.   When one of these filesystems is mounted with writes en‐
3181              abled, any UID or GID that would exceed 65535 is  translated  to
3182              the overflow value before being written to disk.
3183
3184       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
3185              See pipe(7).
3186
3187       /proc/sys/fs/pipe-user-pages-hard (since Linux 4.5)
3188              See pipe(7).
3189
3190       /proc/sys/fs/pipe-user-pages-soft (since Linux 4.5)
3191              See pipe(7).
3192
3193       /proc/sys/fs/protected_fifos (since Linux 4.19)
3194              The value in this file is/can be set to one of the following:
3195
3196              0   Writing to FIFOs is unrestricted.
3197
3198              1   Don't allow O_CREAT open(2) on FIFOs that the caller doesn't
3199                  own in world-writable sticky directories, unless the FIFO is
3200                  owned by the owner of the directory.
3201
3202              2   As  for  the  value  1,  but the restriction also applies to
3203                  group-writable sticky directories.
3204
3205              The intent of the above protections is  to  avoid  unintentional
3206              writes to an attacker-controlled FIFO when a program expected to
3207              create a regular file.
3208
3209       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
3210              When the value in this file is 0, no restrictions are placed  on
3211              the  creation of hard links (i.e., this is the historical behav‐
3212              ior before Linux 3.6).  When the value in this file is 1, a hard
3213              link  can be created to a target file only if one of the follow‐
3214              ing conditions is true:
3215
3216              *  The calling process has the CAP_FOWNER capability in its user
3217                 namespace and the file UID has a mapping in the namespace.
3218
3219              *  The  filesystem  UID of the process creating the link matches
3220                 the owner (UID) of the target file (as described  in  creden‐
3221                 tials(7),  a process's filesystem UID is normally the same as
3222                 its effective UID).
3223
3224              *  All of the following conditions are true:
3225
3226                  •  the target is a regular file;
3227
3228                  •  the target file does not have its  set-user-ID  mode  bit
3229                     enabled;
3230
3231                  •  the  target  file does not have both its set-group-ID and
3232                     group-executable mode bits enabled; and
3233
3234                  •  the caller has permission to read and  write  the  target
3235                     file  (either  via the file's permissions mask or because
3236                     it has suitable capabilities).
3237
3238              The default value in this file is 0.  Setting  the  value  to  1
3239              prevents a longstanding class of security issues caused by hard-
3240              link-based time-of-check, time-of-use races, most commonly  seen
3241              in  world-writable  directories such as /tmp.  The common method
3242              of exploiting this flaw is to cross  privilege  boundaries  when
3243              following a given hard link (i.e., a root process follows a hard
3244              link created by another user).  Additionally, on systems without
3245              separated  partitions,  this stops unauthorized users from "pin‐
3246              ning" vulnerable set-user-ID and set-group-ID files against  be‐
3247              ing upgraded by the administrator, or linking to special files.
3248
3249       /proc/sys/fs/protected_regular (since Linux 4.19)
3250              The value in this file is/can be set to one of the following:
3251
3252              0   Writing to regular files is unrestricted.
3253
3254              1   Don't allow O_CREAT open(2) on regular files that the caller
3255                  doesn't own in world-writable sticky directories, unless the
3256                  regular file is owned by the owner of the directory.
3257
3258              2   As  for  the  value  1,  but the restriction also applies to
3259                  group-writable sticky directories.
3260
3261              The intent of the above protections is similar to  protected_fi‐
3262              fos,  but  allows an application to avoid writes to an attacker-
3263              controlled regular file, where the application expected to  cre‐
3264              ate one.
3265
3266       /proc/sys/fs/protected_symlinks (since Linux 3.6)
3267              When  the value in this file is 0, no restrictions are placed on
3268              following symbolic links (i.e., this is the historical  behavior
3269              before  Linux  3.6).  When the value in this file is 1, symbolic
3270              links are followed only in the following circumstances:
3271
3272              *  the filesystem UID of the process following the link  matches
3273                 the owner (UID) of the symbolic link (as described in creden‐
3274                 tials(7), a process's filesystem UID is normally the same  as
3275                 its effective UID);
3276
3277              *  the link is not in a sticky world-writable directory; or
3278
3279              *  the  symbolic  link  and  its  parent directory have the same
3280                 owner (UID)
3281
3282              A system call that fails to follow a symbolic  link  because  of
3283              the above restrictions returns the error EACCES in errno.
3284
3285              The  default  value  in  this file is 0.  Setting the value to 1
3286              avoids a longstanding class of security issues based on time-of-
3287              check, time-of-use races when accessing symbolic links.
3288
3289       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
3290              The  value  in  this  file is assigned to a process's "dumpable"
3291              flag in the circumstances described in prctl(2).  In effect, the
3292              value  in  this file determines whether core dump files are pro‐
3293              duced for set-user-ID or otherwise  protected/tainted  binaries.
3294              The  "dumpable" setting also affects the ownership of files in a
3295              process's /proc/[pid] directory, as described above.
3296
3297              Three different integer values can be specified:
3298
3299              0 (default)
3300                     This provides the traditional (pre-Linux  2.6.13)  behav‐
3301                     ior.   A  core  dump  will  not be produced for a process
3302                     which has changed  credentials  (by  calling  seteuid(2),
3303                     setgid(2),  or  similar, or by executing a set-user-ID or
3304                     set-group-ID program) or whose binary does not have  read
3305                     permission enabled.
3306
3307              1 ("debug")
3308                     All  processes  dump  core when possible.  (Reasons why a
3309                     process might nevertheless not dump core are described in
3310                     core(5).)   The core dump is owned by the filesystem user
3311                     ID of the dumping process and  no  security  is  applied.
3312                     This  is  intended  for system debugging situations only:
3313                     this mode is  insecure  because  it  allows  unprivileged
3314                     users  to  examine the memory contents of privileged pro‐
3315                     cesses.
3316
3317              2 ("suidsafe")
3318                     Any binary which normally would not be  dumped  (see  "0"
3319                     above)  is dumped readable by root only.  This allows the
3320                     user to remove the core dump file but  not  to  read  it.
3321                     For  security  reasons  core  dumps in this mode will not
3322                     overwrite one another or other files.  This mode  is  ap‐
3323                     propriate  when  administrators  are  attempting to debug
3324                     problems in a normal environment.
3325
3326                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pat‐
3327                     tern  must  either be an absolute pathname or a pipe com‐
3328                     mand, as detailed in core(5).  Warnings will  be  written
3329                     to  the  kernel log if core_pattern does not follow these
3330                     rules, and no core dump will be produced.
3331
3332              For details of the effect of a process's "dumpable"  setting  on
3333              ptrace access mode checking, see ptrace(2).
3334
3335       /proc/sys/fs/super-max
3336              This  file  controls the maximum number of superblocks, and thus
3337              the maximum number of mounted filesystems the kernel  can  have.
3338              You  need  increase  only  super-max  if  you need to mount more
3339              filesystems than the current value in super-max allows you to.
3340
3341       /proc/sys/fs/super-nr
3342              This file contains the number of filesystems currently mounted.
3343
3344       /proc/sys/kernel
3345              This directory contains files controlling a range of kernel  pa‐
3346              rameters, as described below.
3347
3348       /proc/sys/kernel/acct
3349              This  file contains three numbers: highwater, lowwater, and fre‐
3350              quency.  If BSD-style process accounting is enabled, these  val‐
3351              ues control its behavior.  If free space on filesystem where the
3352              log lives goes below lowwater percent, accounting suspends.   If
3353              free  space  gets  above  highwater percent, accounting resumes.
3354              frequency determines how often the kernel checks the  amount  of
3355              free  space (value is in seconds).  Default values are 4, 2, and
3356              30.  That is, suspend accounting if 2% or less  space  is  free;
3357              resume  it  if  4%  or  more space is free; consider information
3358              about amount of free space valid for 30 seconds.
3359
3360       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
3361              From Linux 2.6.27 to 3.18, this file was used to control  recom‐
3362              puting of the value in /proc/sys/kernel/msgmni upon the addition
3363              or removal of memory or  upon  IPC  namespace  creation/removal.
3364              Echoing  "1" into this file enabled msgmni automatic recomputing
3365              (and triggered a recomputation of msgmni based  on  the  current
3366              amount of available memory and number of IPC namespaces).  Echo‐
3367              ing "0" disabled automatic recomputing.  (Automatic  recomputing
3368              was  also  disabled  if  a  value  was  explicitly  assigned  to
3369              /proc/sys/kernel/msgmni.)  The default value in auto_msgmni  was
3370              1.
3371
3372              Since  Linux  3.19,  the content of this file has no effect (be‐
3373              cause msgmni defaults to near the maximum value  possible),  and
3374              reads from this file always return the value "0".
3375
3376       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
3377              See capabilities(7).
3378
3379       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
3380              This  file holds the value of the kernel capability bounding set
3381              (expressed as a signed  decimal  number).   This  set  is  ANDed
3382              against  the  capabilities  permitted  to  a  process during ex‐
3383              ecve(2).  Starting with Linux 2.6.25, the system-wide capability
3384              bounding  set  disappeared,  and  was  replaced  by a per-thread
3385              bounding set; see capabilities(7).
3386
3387       /proc/sys/kernel/core_pattern
3388              See core(5).
3389
3390       /proc/sys/kernel/core_pipe_limit
3391              See core(5).
3392
3393       /proc/sys/kernel/core_uses_pid
3394              See core(5).
3395
3396       /proc/sys/kernel/ctrl-alt-del
3397              This file controls the handling of Ctrl-Alt-Del  from  the  key‐
3398              board.   When  the  value  in  this  file  is 0, Ctrl-Alt-Del is
3399              trapped and sent to the init(1) program  to  handle  a  graceful
3400              restart.   When the value is greater than zero, Linux's reaction
3401              to a Vulcan Nerve Pinch (tm) will be an immediate reboot,  with‐
3402              out  even syncing its dirty buffers.  Note: when a program (like
3403              dosemu) has the keyboard in "raw" mode, the ctrl-alt-del is  in‐
3404              tercepted  by  the program before it ever reaches the kernel tty
3405              layer, and it's up to the program to decide what to do with it.
3406
3407       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
3408              The value in this file determines who can see kernel syslog con‐
3409              tents.   A  value of 0 in this file imposes no restrictions.  If
3410              the value is 1, only privileged users can read the  kernel  sys‐
3411              log.   (See  syslog(2) for more details.)  Since Linux 3.4, only
3412              users with the CAP_SYS_ADMIN capability may change the value  in
3413              this file.
3414
3415       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
3416              can  be  used  to  set the NIS/YP domainname and the hostname of
3417              your box in exactly the same way as the  commands  domainname(1)
3418              and hostname(1), that is:
3419
3420                  # echo 'darkstar' > /proc/sys/kernel/hostname
3421                  # echo 'mydomain' > /proc/sys/kernel/domainname
3422
3423              has the same effect as
3424
3425                  # hostname 'darkstar'
3426                  # domainname 'mydomain'
3427
3428              Note,  however, that the classic darkstar.frop.org has the host‐
3429              name "darkstar" and DNS (Internet Domain Name Server) domainname
3430              "frop.org", not to be confused with the NIS (Network Information
3431              Service) or YP (Yellow  Pages)  domainname.   These  two  domain
3432              names  are  in general different.  For a detailed discussion see
3433              the hostname(1) man page.
3434
3435       /proc/sys/kernel/hotplug
3436              This file contains the pathname for the  hotplug  policy  agent.
3437              The default value in this file is /sbin/hotplug.
3438
3439       /proc/sys/kernel/htab-reclaim (before Linux 2.4.9.2)
3440              (PowerPC  only) If this file is set to a nonzero value, the Pow‐
3441              erPC htab (see kernel  file  Documentation/powerpc/ppc_htab.txt)
3442              is pruned each time the system hits the idle loop.
3443
3444       /proc/sys/kernel/keys/*
3445              This directory contains various files that define parameters and
3446              limits for the key-management facility.   These  files  are  de‐
3447              scribed in keyrings(7).
3448
3449       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
3450              The  value  in this file determines whether kernel addresses are
3451              exposed via /proc files and other interfaces.  A value of  0  in
3452              this  file  imposes  no restrictions.  If the value is 1, kernel
3453              pointers printed using the %pK format specifier will be replaced
3454              with  zeros  unless  the user has the CAP_SYSLOG capability.  If
3455              the value is 2, kernel pointers printed  using  the  %pK  format
3456              specifier  will  be replaced with zeros regardless of the user's
3457              capabilities.  The initial default value for this  file  was  1,
3458              but  the  default was changed to 0 in Linux 2.6.39.  Since Linux
3459              3.4, only users with the CAP_SYS_ADMIN capability can change the
3460              value in this file.
3461
3462       /proc/sys/kernel/l2cr
3463              (PowerPC  only)  This  file contains a flag that controls the L2
3464              cache of G3 processor boards.  If 0, the cache is disabled.  En‐
3465              abled if nonzero.
3466
3467       /proc/sys/kernel/modprobe
3468              This  file  contains  the pathname for the kernel module loader.
3469              The default value is /sbin/modprobe.  The file is  present  only
3470              if  the  kernel is built with the CONFIG_MODULES (CONFIG_KMOD in
3471              Linux 2.6.26 and earlier) option enabled.  It  is  described  by
3472              the  Linux  kernel  source  file Documentation/kmod.txt (present
3473              only in kernel 2.4 and earlier).
3474
3475       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
3476              A toggle value indicating if modules are allowed to be loaded in
3477              an  otherwise  modular kernel.  This toggle defaults to off (0),
3478              but can be set true (1).  Once  true,  modules  can  be  neither
3479              loaded nor unloaded, and the toggle cannot be set back to false.
3480              The file is present only if the kernel is built  with  the  CON‐
3481              FIG_MODULES option enabled.
3482
3483       /proc/sys/kernel/msgmax (since Linux 2.2)
3484              This  file  defines  a  system-wide limit specifying the maximum
3485              number of bytes in a single message written on a System  V  mes‐
3486              sage queue.
3487
3488       /proc/sys/kernel/msgmni (since Linux 2.4)
3489              This file defines the system-wide limit on the number of message
3490              queue identifiers.  See also /proc/sys/kernel/auto_msgmni.
3491
3492       /proc/sys/kernel/msgmnb (since Linux 2.2)
3493              This file defines a system-wide parameter used to initialize the
3494              msg_qbytes setting for subsequently created message queues.  The
3495              msg_qbytes setting specifies the maximum number  of  bytes  that
3496              may be written to the message queue.
3497
3498       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
3499              This  is  a  read-only file that displays the upper limit on the
3500              number of a process's group memberships.
3501
3502       /proc/sys/kernel/ns_last_pid (since Linux 3.3)
3503              See pid_namespaces(7).
3504
3505       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
3506              These files give substrings of /proc/version.
3507
3508       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
3509              These files duplicate  the  files  /proc/sys/fs/overflowgid  and
3510              /proc/sys/fs/overflowuid.
3511
3512       /proc/sys/kernel/panic
3513              This  file  gives  read/write  access  to  the  kernel  variable
3514              panic_timeout.  If this is zero,  the  kernel  will  loop  on  a
3515              panic;  if  nonzero, it indicates that the kernel should autore‐
3516              boot after this number of seconds.  When you  use  the  software
3517              watchdog device driver, the recommended setting is 60.
3518
3519       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
3520              This  file controls the kernel's behavior when an oops or BUG is
3521              encountered.  If this file contains 0, then the system tries  to
3522              continue  operation.  If it contains 1, then the system delays a
3523              few seconds (to give klogd time to record the oops  output)  and
3524              then  panics.   If  the /proc/sys/kernel/panic file is also non‐
3525              zero, then the machine will be rebooted.
3526
3527       /proc/sys/kernel/pid_max (since Linux 2.5.34)
3528              This file specifies the value at which PIDs wrap  around  (i.e.,
3529              the  value  in  this  file is one greater than the maximum PID).
3530              PIDs greater than this value are not allocated; thus, the  value
3531              in  this file also acts as a system-wide limit on the total num‐
3532              ber of processes and threads.  The default value for this  file,
3533              32768,  results in the same range of PIDs as on earlier kernels.
3534              On 32-bit platforms, 32768 is the maximum value for pid_max.  On
3535              64-bit  systems,  pid_max  can  be  set  to any value up to 2^22
3536              (PID_MAX_LIMIT, approximately 4 million).
3537
3538       /proc/sys/kernel/powersave-nap (PowerPC only)
3539              This file contains a flag.  If set, Linux-PPC will use the "nap"
3540              mode of powersaving, otherwise the "doze" mode will be used.
3541
3542       /proc/sys/kernel/printk
3543              See syslog(2).
3544
3545       /proc/sys/kernel/pty (since Linux 2.6.4)
3546              This directory contains two files relating to the number of UNIX
3547              98 pseudoterminals (see pts(4)) on the system.
3548
3549       /proc/sys/kernel/pty/max
3550              This file defines the maximum number of pseudoterminals.
3551
3552       /proc/sys/kernel/pty/nr
3553              This read-only file indicates how many pseudoterminals are  cur‐
3554              rently in use.
3555
3556       /proc/sys/kernel/random
3557              This directory contains various parameters controlling the oper‐
3558              ation of the file /dev/random.  See random(4) for further infor‐
3559              mation.
3560
3561       /proc/sys/kernel/random/uuid (since Linux 2.4)
3562              Each  read from this read-only file returns a randomly generated
3563              128-bit UUID, as a string in the standard UUID format.
3564
3565       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
3566              Select the address space layout randomization (ASLR) policy  for
3567              the  system  (on architectures that support ASLR).  Three values
3568              are supported for this file:
3569
3570              0  Turn ASLR off.  This is the default  for  architectures  that
3571                 don't  support  ASLR,  and when the kernel is booted with the
3572                 norandmaps parameter.
3573
3574              1  Make the addresses of mmap(2) allocations, the stack, and the
3575                 VDSO  page  randomized.   Among other things, this means that
3576                 shared libraries will be loaded at randomized addresses.  The
3577                 text  segment of PIE-linked binaries will also be loaded at a
3578                 randomized address.  This value is the default if the  kernel
3579                 was configured with CONFIG_COMPAT_BRK.
3580
3581              2  (Since  Linux  2.6.25) Also support heap randomization.  This
3582                 value is the default if the kernel was  not  configured  with
3583                 CONFIG_COMPAT_BRK.
3584
3585       /proc/sys/kernel/real-root-dev
3586              This file is documented in the Linux kernel source file Documen‐
3587              tation/admin-guide/initrd.rst (or  Documentation/initrd.txt  be‐
3588              fore Linux 4.10).
3589
3590       /proc/sys/kernel/reboot-cmd (Sparc only)
3591              This  file  seems  to  be a way to give an argument to the SPARC
3592              ROM/Flash boot loader.  Maybe to tell it what to  do  after  re‐
3593              booting?
3594
3595       /proc/sys/kernel/rtsig-max
3596              (Only  in  kernels  up to and including 2.6.7; see setrlimit(2))
3597              This file can be used to tune the maximum number of POSIX  real-
3598              time (queued) signals that can be outstanding in the system.
3599
3600       /proc/sys/kernel/rtsig-nr
3601              (Only  in  kernels  up to and including 2.6.7.)  This file shows
3602              the number of POSIX real-time signals currently queued.
3603
3604       /proc/[pid]/sched_autogroup_enabled (since Linux 2.6.38)
3605              See sched(7).
3606
3607       /proc/sys/kernel/sched_child_runs_first (since Linux 2.6.23)
3608              If this file contains the value zero, then, after a fork(2), the
3609              parent  is  first  scheduled on the CPU.  If the file contains a
3610              nonzero value, then the child is scheduled  first  on  the  CPU.
3611              (Of course, on a multiprocessor system, the parent and the child
3612              might both immediately be scheduled on a CPU.)
3613
3614       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
3615              See sched_rr_get_interval(2).
3616
3617       /proc/sys/kernel/sched_rt_period_us (since Linux 2.6.25)
3618              See sched(7).
3619
3620       /proc/sys/kernel/sched_rt_runtime_us (since Linux 2.6.25)
3621              See sched(7).
3622
3623       /proc/sys/kernel/seccomp (since Linux 4.14)
3624              This directory provides additional seccomp information and  con‐
3625              figuration.  See seccomp(2) for further details.
3626
3627       /proc/sys/kernel/sem (since Linux 2.4)
3628              This  file  contains  4 numbers defining limits for System V IPC
3629              semaphores.  These fields are, in order:
3630
3631              SEMMSL  The maximum semaphores per semaphore set.
3632
3633              SEMMNS  A system-wide limit on the number of semaphores  in  all
3634                      semaphore sets.
3635
3636              SEMOPM  The  maximum  number of operations that may be specified
3637                      in a semop(2) call.
3638
3639              SEMMNI  A system-wide limit on the maximum number  of  semaphore
3640                      identifiers.
3641
3642       /proc/sys/kernel/sg-big-buff
3643              This file shows the size of the generic SCSI device (sg) buffer.
3644              You can't tune it just yet, but you could change it  at  compile
3645              time  by  editing  include/scsi/sg.h  and  changing the value of
3646              SG_BIG_BUFF.  However, there shouldn't be any reason  to  change
3647              this value.
3648
3649       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
3650              If  this  file  is set to 1, all System V shared memory segments
3651              will be marked for destruction as soon as the number of attached
3652              processes  falls to zero; in other words, it is no longer possi‐
3653              ble to create shared memory segments that exist independently of
3654              any attached process.
3655
3656              The effect is as though a shmctl(2) IPC_RMID is performed on all
3657              existing segments as well as all segments created in the  future
3658              (until  this  file  is reset to 0).  Note that existing segments
3659              that are attached to no process will  be  immediately  destroyed
3660              when  this  file is set to 1.  Setting this option will also de‐
3661              stroy segments that were created, but never attached, upon  ter‐
3662              mination of the process that created the segment with shmget(2).
3663
3664              Setting  this file to 1 provides a way of ensuring that all Sys‐
3665              tem V shared memory segments are counted  against  the  resource
3666              usage  and  resource limits (see the description of RLIMIT_AS in
3667              getrlimit(2)) of at least one process.
3668
3669              Because setting this file to 1 produces behavior  that  is  non‐
3670              standard and could also break existing applications, the default
3671              value in this file is 0.  Set this file to 1 only if you have  a
3672              good  understanding  of  the semantics of the applications using
3673              System V shared memory on your system.
3674
3675       /proc/sys/kernel/shmall (since Linux 2.2)
3676              This file contains the system-wide limit on the total number  of
3677              pages of System V shared memory.
3678
3679       /proc/sys/kernel/shmmax (since Linux 2.2)
3680              This file can be used to query and set the run-time limit on the
3681              maximum (System V IPC) shared memory segment size  that  can  be
3682              created.  Shared memory segments up to 1 GB are now supported in
3683              the kernel.  This value defaults to SHMMAX.
3684
3685       /proc/sys/kernel/shmmni (since Linux 2.4)
3686              This file specifies the system-wide maximum number of  System  V
3687              shared memory segments that can be created.
3688
3689       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
3690              The  value  in  this file determines how the file offset affects
3691              the behavior of updating entries in files under /proc/sys.   The
3692              file has three possible values:
3693
3694              -1  This  provides  legacy  handling,  with  no printk warnings.
3695                  Each write(2) must fully contain the value  to  be  written,
3696                  and  multiple  writes on the same file descriptor will over‐
3697                  write the entire value, regardless of the file position.
3698
3699              0   (default) This provides the same behavior  as  for  -1,  but
3700                  printk  warnings  are  written  for  processes  that perform
3701                  writes when the file offset is not 0.
3702
3703              1   Respect the file offset when writing strings into  /proc/sys
3704                  files.   Multiple  writes  will  append to the value buffer.
3705                  Anything written beyond the maximum length of the value buf‐
3706                  fer  will  be  ignored.  Writes to numeric /proc/sys entries
3707                  must always be at file offset 0 and the value must be  fully
3708                  contained in the buffer provided to write(2).
3709
3710       /proc/sys/kernel/sysrq
3711              This  file  controls  the functions allowed to be invoked by the
3712              SysRq key.  By default, the file contains 1 meaning  that  every
3713              possible  SysRq  request  is  allowed (in older kernel versions,
3714              SysRq was disabled by default, and you were required to specifi‐
3715              cally enable it at run-time, but this is not the case any more).
3716              Possible values in this file are:
3717
3718              0    Disable sysrq completely
3719
3720              1    Enable all functions of sysrq
3721
3722              > 1  Bit mask of allowed sysrq functions, as follows:
3723                     2  Enable control of console logging level
3724                     4  Enable control of keyboard (SAK, unraw)
3725                     8  Enable debugging dumps of processes etc.
3726                    16  Enable sync command
3727                    32  Enable remount read-only
3728                    64  Enable signaling of processes (term, kill, oom-kill)
3729                   128  Allow reboot/poweroff
3730                   256  Allow nicing of all real-time tasks
3731
3732              This file is present only if the CONFIG_MAGIC_SYSRQ kernel  con‐
3733              figuration option is enabled.  For further details see the Linux
3734              kernel source file Documentation/admin-guide/sysrq.rst (or Docu‐
3735              mentation/sysrq.txt before Linux 4.10).
3736
3737       /proc/sys/kernel/version
3738              This file contains a string such as:
3739
3740                  #5 Wed Feb 25 21:49:24 MET 1998
3741
3742              The  "#5"  means  that  this is the fifth kernel built from this
3743              source base and the date following it  indicates  the  time  the
3744              kernel was built.
3745
3746       /proc/sys/kernel/threads-max (since Linux 2.3.11)
3747              This  file  specifies  the  system-wide  limit  on the number of
3748              threads (tasks) that can be created on the system.
3749
3750              Since Linux 4.1, the value that can be written to threads-max is
3751              bounded.  The minimum value that can be written is 20.  The max‐
3752              imum value that can be written is  given  by  the  constant  FU‐
3753              TEX_TID_MASK  (0x3fffffff).  If a value outside of this range is
3754              written to threads-max, the error EINVAL occurs.
3755
3756              The value written is checked against the  available  RAM  pages.
3757              If the thread structures would occupy too much (more than 1/8th)
3758              of the available RAM pages, threads-max is reduced accordingly.
3759
3760       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
3761              See ptrace(2).
3762
3763       /proc/sys/kernel/zero-paged (PowerPC only)
3764              This file contains a flag.  When  enabled  (nonzero),  Linux-PPC
3765              will  pre-zero  pages  in  the  idle  loop, possibly speeding up
3766              get_free_pages.
3767
3768       /proc/sys/net
3769              This directory contains networking stuff.  Explanations for some
3770              of  the  files  under  this directory can be found in tcp(7) and
3771              ip(7).
3772
3773       /proc/sys/net/core/bpf_jit_enable
3774              See bpf(2).
3775
3776       /proc/sys/net/core/somaxconn
3777              This file defines a ceiling value for the  backlog  argument  of
3778              listen(2); see the listen(2) manual page for details.
3779
3780       /proc/sys/proc
3781              This directory may be empty.
3782
3783       /proc/sys/sunrpc
3784              This  directory  supports  Sun remote procedure call for network
3785              filesystem (NFS).  On some systems, it is not present.
3786
3787       /proc/sys/user (since Linux 4.9)
3788              See namespaces(7).
3789
3790       /proc/sys/vm
3791              This directory contains files for memory management tuning, buf‐
3792              fer, and cache management.
3793
3794       /proc/sys/vm/admin_reserve_kbytes (since Linux 3.10)
3795              This file defines the amount of free memory (in KiB) on the sys‐
3796              tem that should  be  reserved  for  users  with  the  capability
3797              CAP_SYS_ADMIN.
3798
3799              The  default  value  in  this file is the minimum of [3% of free
3800              pages, 8MiB] expressed as KiB.  The default is intended to  pro‐
3801              vide  enough  for the superuser to log in and kill a process, if
3802              necessary, under the default overcommit 'guess' mode (i.e., 0 in
3803              /proc/sys/vm/overcommit_memory).
3804
3805              Systems   running   in  "overcommit  never"  mode  (i.e.,  2  in
3806              /proc/sys/vm/overcommit_memory) should  increase  the  value  in
3807              this  file  to  account  for the full virtual memory size of the
3808              programs used to recover (e.g.,  login(1)  ssh(1),  and  top(1))
3809              Otherwise,  the  superuser  may not be able to log in to recover
3810              the system.  For example, on x86-64 a suitable value  is  131072
3811              (128MiB reserved).
3812
3813              Changing  the value in this file takes effect whenever an appli‐
3814              cation requests memory.
3815
3816       /proc/sys/vm/compact_memory (since Linux 2.6.35)
3817              When 1 is written to this file, all  zones  are  compacted  such
3818              that  free memory is available in contiguous blocks where possi‐
3819              ble.  The effect  of  this  action  can  be  seen  by  examining
3820              /proc/buddyinfo.
3821
3822              Present  only  if  the  kernel  was  configured with CONFIG_COM‐
3823              PACTION.
3824
3825       /proc/sys/vm/drop_caches (since Linux 2.6.16)
3826              Writing to this file causes the kernel  to  drop  clean  caches,
3827              dentries,  and inodes from memory, causing that memory to become
3828              free.  This can be useful for memory management testing and per‐
3829              forming  reproducible filesystem benchmarks.  Because writing to
3830              this file causes the benefits of caching to be lost, it can  de‐
3831              grade overall system performance.
3832
3833              To free pagecache, use:
3834
3835                  echo 1 > /proc/sys/vm/drop_caches
3836
3837              To free dentries and inodes, use:
3838
3839                  echo 2 > /proc/sys/vm/drop_caches
3840
3841              To free pagecache, dentries, and inodes, use:
3842
3843                  echo 3 > /proc/sys/vm/drop_caches
3844
3845              Because  writing  to this file is a nondestructive operation and
3846              dirty objects are not freeable,  the  user  should  run  sync(1)
3847              first.
3848
3849       /proc/sys/vm/sysctl_hugetlb_shm_group (since Linux 2.6.7)
3850              This  writable file contains a group ID that is allowed to allo‐
3851              cate memory using huge pages.  If a  process  has  a  filesystem
3852              group  ID  or any supplememtary group ID that matches this group
3853              ID, then it can make huge-page allocations without  holding  the
3854              CAP_IPC_LOCK   capability;  see  memfd_create(2),  mmap(2),  and
3855              shmget(2).
3856
3857       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
3858              If nonzero, this disables the new 32-bit memory-mapping  layout;
3859              the kernel will use the legacy (2.4) layout for all processes.
3860
3861       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
3862              Control  how  to kill processes when an uncorrected memory error
3863              (typically a 2-bit error in a memory module) that cannot be han‐
3864              dled  by  the  kernel is detected in the background by hardware.
3865              In some cases (like the page still having a valid copy on disk),
3866              the kernel will handle the failure transparently without affect‐
3867              ing any applications.  But if there is no other up-to-date  copy
3868              of  the data, it will kill processes to prevent any data corrup‐
3869              tions from propagating.
3870
3871              The file has one of the following values:
3872
3873              1:  Kill all processes that have  the  corrupted-and-not-reload‐
3874                  able  page  mapped  as  soon  as the corruption is detected.
3875                  Note that this is not supported for a few  types  of  pages,
3876                  such  as kernel internally allocated data or the swap cache,
3877                  but works for the majority of user pages.
3878
3879              0:  Unmap the corrupted page  from  all  processes  and  kill  a
3880                  process only if it tries to access the page.
3881
3882              The  kill is performed using a SIGBUS signal with si_code set to
3883              BUS_MCEERR_AO.  Processes can handle this if they want  to;  see
3884              sigaction(2) for more details.
3885
3886              This  feature is active only on architectures/platforms with ad‐
3887              vanced machine check handling and depends on the hardware  capa‐
3888              bilities.
3889
3890              Applications  can override the memory_failure_early_kill setting
3891              individually with the prctl(2) PR_MCE_KILL operation.
3892
3893              Present only if  the  kernel  was  configured  with  CONFIG_MEM‐
3894              ORY_FAILURE.
3895
3896       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
3897              Enable memory failure recovery (when supported by the platform).
3898
3899              1:  Attempt recovery.
3900
3901              0:  Always panic on a memory failure.
3902
3903              Present  only  if  the  kernel  was  configured with CONFIG_MEM‐
3904              ORY_FAILURE.
3905
3906       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
3907              Enables a system-wide task dump (excluding kernel threads) to be
3908              produced  when the kernel performs an OOM-killing.  The dump in‐
3909              cludes  the  following  information  for  each   task   (thread,
3910              process): thread ID, real user ID, thread group ID (process ID),
3911              virtual memory size, resident set size, the CPU that the task is
3912              scheduled   on,   oom_adj   score   (see   the   description  of
3913              /proc/[pid]/oom_adj), and command name.  This is helpful to  de‐
3914              termine why the OOM-killer was invoked and to identify the rogue
3915              task that caused it.
3916
3917              If this contains the value zero, this information is suppressed.
3918              On  very  large  systems  with thousands of tasks, it may not be
3919              feasible to dump the memory  state  information  for  each  one.
3920              Such systems should not be forced to incur a performance penalty
3921              in OOM situations when the information may not be desired.
3922
3923              If this is set to nonzero, this information  is  shown  whenever
3924              the OOM-killer actually kills a memory-hogging task.
3925
3926              The default value is 0.
3927
3928       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
3929              This enables or disables killing the OOM-triggering task in out-
3930              of-memory situations.
3931
3932              If this is set to zero, the OOM-killer will scan through the en‐
3933              tire  tasklist  and  select  a task based on heuristics to kill.
3934              This normally selects a rogue memory-hogging task that frees  up
3935              a large amount of memory when killed.
3936
3937              If  this is set to nonzero, the OOM-killer simply kills the task
3938              that triggered the out-of-memory condition.  This avoids a  pos‐
3939              sibly expensive tasklist scan.
3940
3941              If  /proc/sys/vm/panic_on_oom  is  nonzero,  it takes precedence
3942              over whatever value is  used  in  /proc/sys/vm/oom_kill_allocat‐
3943              ing_task.
3944
3945              The default value is 0.
3946
3947       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
3948              This writable file provides an alternative to /proc/sys/vm/over‐
3949              commit_ratio    for    controlling    the    CommitLimit    when
3950              /proc/sys/vm/overcommit_memory  has  the value 2.  It allows the
3951              amount of memory overcommitting to be specified as  an  absolute
3952              value  (in  kB),  rather  than  as a percentage, as is done with
3953              overcommit_ratio.  This allows for finer-grained control of Com‐
3954              mitLimit on systems with extremely large memory sizes.
3955
3956              Only  one  of  overcommit_kbytes or overcommit_ratio can have an
3957              effect: if overcommit_kbytes has a nonzero  value,  then  it  is
3958              used  to  calculate  CommitLimit,  otherwise overcommit_ratio is
3959              used.  Writing a value to either of these files causes the value
3960              in the other file to be set to zero.
3961
3962       /proc/sys/vm/overcommit_memory
3963              This  file  contains  the kernel virtual memory accounting mode.
3964              Values are:
3965
3966                     0: heuristic overcommit (this is the default)
3967                     1: always overcommit, never check
3968                     2: always check, never overcommit
3969
3970              In mode 0, calls of mmap(2) with MAP_NORESERVE are not  checked,
3971              and  the default check is very weak, leading to the risk of get‐
3972              ting a process "OOM-killed".
3973
3974              In mode 1, the kernel pretends there is  always  enough  memory,
3975              until  memory  actually runs out.  One use case for this mode is
3976              scientific computing applications that employ large  sparse  ar‐
3977              rays.   In Linux kernel versions before 2.6.0, any nonzero value
3978              implies mode 1.
3979
3980              In mode 2 (available since Linux 2.6), the total virtual address
3981              space  that  can  be allocated (CommitLimit in /proc/meminfo) is
3982              calculated as
3983
3984                  CommitLimit = (total_RAM - total_huge_TLB) *
3985                                overcommit_ratio / 100 + total_swap
3986
3987              where:
3988
3989                   *  total_RAM is the total amount of RAM on the system;
3990
3991                   *  total_huge_TLB is the amount of  memory  set  aside  for
3992                      huge pages;
3993
3994                   *  overcommit_ratio  is  the value in /proc/sys/vm/overcom‐
3995                      mit_ratio; and
3996
3997                   *  total_swap is the amount of swap space.
3998
3999              For example, on a system with 16 GB of physical RAM,  16  GB  of
4000              swap,  no space dedicated to huge pages, and an overcommit_ratio
4001              of 50, this formula yields a CommitLimit of 24 GB.
4002
4003              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes
4004              is nonzero, then CommitLimit is instead calculated as:
4005
4006                  CommitLimit = overcommit_kbytes + total_swap
4007
4008              See  also  the  description of /proc/sys/vm/admin_reserve_kbytes
4009              and /proc/sys/vm/user_reserve_kbytes.
4010
4011       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
4012              This writable file defines a percentage by which memory  can  be
4013              overcommitted.   The  default  value in the file is 50.  See the
4014              description of /proc/sys/vm/overcommit_memory.
4015
4016       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
4017              This enables or disables a kernel panic in an out-of-memory sit‐
4018              uation.
4019
4020              If this file is set to the value 0, the kernel's OOM-killer will
4021              kill some rogue process.  Usually, the  OOM-killer  is  able  to
4022              kill a rogue process and the system will survive.
4023
4024              If  this  file  is  set to the value 1, then the kernel normally
4025              panics when out-of-memory happens.  However, if a process limits
4026              allocations  to  certain  nodes  using memory policies (mbind(2)
4027              MPOL_BIND) or cpusets (cpuset(7)) and those nodes  reach  memory
4028              exhaustion  status, one process may be killed by the OOM-killer.
4029              No panic occurs in this case: because other nodes' memory may be
4030              free,  this  means the system as a whole may not have reached an
4031              out-of-memory situation yet.
4032
4033              If this file is set to the value 2,  the  kernel  always  panics
4034              when an out-of-memory condition occurs.
4035
4036              The default value is 0.  1 and 2 are for failover of clustering.
4037              Select either according to your policy of failover.
4038
4039       /proc/sys/vm/swappiness
4040              The value in this file controls how aggressively the kernel will
4041              swap memory pages.  Higher values increase aggressiveness, lower
4042              values decrease aggressiveness.  The default value is 60.
4043
4044       /proc/sys/vm/user_reserve_kbytes (since Linux 3.10)
4045              Specifies an amount of memory (in KiB) to reserve for user  pro‐
4046              cesses.  This is intended to prevent a user from starting a sin‐
4047              gle memory hogging process, such that they cannot recover  (kill
4048              the  hog).   The  value  in  this  file  has an effect only when
4049              /proc/sys/vm/overcommit_memory is set to 2  ("overcommit  never"
4050              mode).   In  this  case, the system reserves an amount of memory
4051              that is the minimum of [3% of  current  process  size,  user_re‐
4052              serve_kbytes].
4053
4054              The  default  value  in  this file is the minimum of [3% of free
4055              pages, 128MiB] expressed as KiB.
4056
4057              If the value in this file is set to zero, then a  user  will  be
4058              allowed to allocate all free memory with a single process (minus
4059              the amount reserved by /proc/sys/vm/admin_reserve_kbytes).   Any
4060              subsequent  attempts  to execute a command will result in "fork:
4061              Cannot allocate memory".
4062
4063              Changing the value in this file takes effect whenever an  appli‐
4064              cation requests memory.
4065
4066       /proc/sys/vm/unprivileged_userfaultfd (since Linux 5.2)
4067              This  (writable)  file  exposes a flag that controls whether un‐
4068              privileged processes are allowed to employ  userfaultfd(2).   If
4069              this  file  has the value 1, then unprivileged processes may use
4070              userfaultfd(2).  If this file has the value 0,  then  only  pro‐
4071              cesses  that have the CAP_SYS_PTRACE capability may employ user‐
4072              faultfd(2).  The default value in this file is 1.
4073
4074       /proc/sysrq-trigger (since Linux 2.4.21)
4075              Writing a character to this file triggers the same  SysRq  func‐
4076              tion  as  typing  ALT-SysRq-<character>  (see the description of
4077              /proc/sys/kernel/sysrq).  This file is normally writable only by
4078              root.  For further details see the Linux kernel source file Doc‐
4079              umentation/admin-guide/sysrq.rst (or Documentation/sysrq.txt be‐
4080              fore Linux 4.10).
4081
4082       /proc/sysvipc
4083              Subdirectory  containing  the  pseudo-files  msg,  sem  and shm.
4084              These files list the System V Interprocess  Communication  (IPC)
4085              objects  (respectively:  message  queues, semaphores, and shared
4086              memory) that currently exist on the  system,  providing  similar
4087              information  to  that  available  via ipcs(1).  These files have
4088              headers and are formatted (one IPC object per line) for easy un‐
4089              derstanding.   sysvipc(7) provides further background on the in‐
4090              formation shown by these files.
4091
4092       /proc/thread-self (since Linux 3.17)
4093              This directory refers to the thread accessing the /proc filesys‐
4094              tem,  and  is  identical  to the /proc/self/task/[tid] directory
4095              named by the process thread ID ([tid]) of the same thread.
4096
4097       /proc/timer_list (since Linux 2.6.21)
4098              This read-only file exposes a  list  of  all  currently  pending
4099              (high-resolution) timers, all clock-event sources, and their pa‐
4100              rameters in a human-readable form.
4101
4102       /proc/timer_stats (from  Linux 2.6.21 until Linux 4.10)
4103              This is a debugging facility to make timer (ab)use  in  a  Linux
4104              system  visible  to kernel and user-space developers.  It can be
4105              used by kernel and user-space developers to  verify  that  their
4106              code  does  not  make undue use of timers.  The goal is to avoid
4107              unnecessary wakeups, thereby optimizing power consumption.
4108
4109              If enabled in the kernel (CONFIG_TIMER_STATS), but not used,  it
4110              has  almost  zero run-time overhead and a relatively small data-
4111              structure overhead.  Even if collection is enabled at run  time,
4112              overhead  is  low:  all  the  locking  is  per-CPU and lookup is
4113              hashed.
4114
4115              The /proc/timer_stats file is used both to control sampling  fa‐
4116              cility and to read out the sampled information.
4117
4118              The timer_stats functionality is inactive on bootup.  A sampling
4119              period can be started using the following command:
4120
4121                  # echo 1 > /proc/timer_stats
4122
4123              The following command stops a sampling period:
4124
4125                  # echo 0 > /proc/timer_stats
4126
4127              The statistics can be retrieved by:
4128
4129                  $ cat /proc/timer_stats
4130
4131              While sampling is enabled, each readout  from  /proc/timer_stats
4132              will  see  newly updated statistics.  Once sampling is disabled,
4133              the sampled information is kept until a  new  sample  period  is
4134              started.  This allows multiple readouts.
4135
4136              Sample output from /proc/timer_stats:
4137
4138                  $ cat /proc/timer_stats
4139                  Timer Stats Version: v0.3
4140                  Sample period: 1.764 s
4141                  Collection: active
4142                    255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
4143                     71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
4144                     58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
4145                      4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
4146                     17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
4147                  ...
4148                      1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
4149                     1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
4150                  1029 total events, 583.333 events/sec
4151
4152              The output columns are:
4153
4154              *  a  count  of  the  number  of events, optionally (since Linux
4155                 2.6.23) followed by the letter 'D' if this  is  a  deferrable
4156                 timer;
4157
4158              *  the PID of the process that initialized the timer;
4159
4160              *  the name of the process that initialized the timer;
4161
4162              *  the function where the timer was initialized; and
4163
4164              *  (in  parentheses)  the  callback  function that is associated
4165                 with the timer.
4166
4167              During the Linux 4.11 development cycle, this file  was  removed
4168              because  of  security concerns, as it exposes information across
4169              namespaces.  Furthermore, it is possible to obtain the same  in‐
4170              formation via in-kernel tracing facilities such as ftrace.
4171
4172       /proc/tty
4173              Subdirectory  containing the pseudo-files and subdirectories for
4174              tty drivers and line disciplines.
4175
4176       /proc/uptime
4177              This file contains two numbers (values in seconds):  the  uptime
4178              of  the  system (including time spent in suspend) and the amount
4179              of time spent in the idle process.
4180
4181       /proc/version
4182              This string identifies the kernel version that is currently run‐
4183              ning.   It  includes  the  contents  of /proc/sys/kernel/ostype,
4184              /proc/sys/kernel/osrelease, and  /proc/sys/kernel/version.   For
4185              example:
4186
4187                  Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994
4188
4189       /proc/vmstat (since Linux 2.6.0)
4190              This file displays various virtual memory statistics.  Each line
4191              of this file contains a single  name-value  pair,  delimited  by
4192              white space.  Some lines are present only if the kernel was con‐
4193              figured with suitable options.  (In some cases, the options  re‐
4194              quired for particular files have changed across kernel versions,
4195              so they are not listed here.  Details can be found by consulting
4196              the kernel source code.)  The following fields may be present:
4197
4198              nr_free_pages (since Linux 2.6.31)
4199
4200              nr_alloc_batch (since Linux 3.12)
4201
4202              nr_inactive_anon (since Linux 2.6.28)
4203
4204              nr_active_anon (since Linux 2.6.28)
4205
4206              nr_inactive_file (since Linux 2.6.28)
4207
4208              nr_active_file (since Linux 2.6.28)
4209
4210              nr_unevictable (since Linux 2.6.28)
4211
4212              nr_mlock (since Linux 2.6.28)
4213
4214              nr_anon_pages (since Linux 2.6.18)
4215
4216              nr_mapped (since Linux 2.6.0)
4217
4218              nr_file_pages (since Linux 2.6.18)
4219
4220              nr_dirty (since Linux 2.6.0)
4221
4222              nr_writeback (since Linux 2.6.0)
4223
4224              nr_slab_reclaimable (since Linux 2.6.19)
4225
4226              nr_slab_unreclaimable (since Linux 2.6.19)
4227
4228              nr_page_table_pages (since Linux 2.6.0)
4229
4230              nr_kernel_stack (since Linux 2.6.32)
4231                     Amount of memory allocated to kernel stacks.
4232
4233              nr_unstable (since Linux 2.6.0)
4234
4235              nr_bounce (since Linux 2.6.12)
4236
4237              nr_vmscan_write (since Linux 2.6.19)
4238
4239              nr_vmscan_immediate_reclaim (since Linux 3.2)
4240
4241              nr_writeback_temp (since Linux 2.6.26)
4242
4243              nr_isolated_anon (since Linux 2.6.32)
4244
4245              nr_isolated_file (since Linux 2.6.32)
4246
4247              nr_shmem (since Linux 2.6.32)
4248                     Pages used by shmem and tmpfs(5).
4249
4250              nr_dirtied (since Linux 2.6.37)
4251
4252              nr_written (since Linux 2.6.37)
4253
4254              nr_pages_scanned (since Linux 3.17)
4255
4256              numa_hit (since Linux 2.6.18)
4257
4258              numa_miss (since Linux 2.6.18)
4259
4260              numa_foreign (since Linux 2.6.18)
4261
4262              numa_interleave (since Linux 2.6.18)
4263
4264              numa_local (since Linux 2.6.18)
4265
4266              numa_other (since Linux 2.6.18)
4267
4268              workingset_refault (since Linux 3.15)
4269
4270              workingset_activate (since Linux 3.15)
4271
4272              workingset_nodereclaim (since Linux 3.15)
4273
4274              nr_anon_transparent_hugepages (since Linux 2.6.38)
4275
4276              nr_free_cma (since Linux 3.7)
4277                     Number of free CMA (Contiguous Memory Allocator) pages.
4278
4279              nr_dirty_threshold (since Linux 2.6.37)
4280
4281              nr_dirty_background_threshold (since Linux 2.6.37)
4282
4283              pgpgin (since Linux 2.6.0)
4284
4285              pgpgout (since Linux 2.6.0)
4286
4287              pswpin (since Linux 2.6.0)
4288
4289              pswpout (since Linux 2.6.0)
4290
4291              pgalloc_dma (since Linux 2.6.5)
4292
4293              pgalloc_dma32 (since Linux 2.6.16)
4294
4295              pgalloc_normal (since Linux 2.6.5)
4296
4297              pgalloc_high (since Linux 2.6.5)
4298
4299              pgalloc_movable (since Linux 2.6.23)
4300
4301              pgfree (since Linux 2.6.0)
4302
4303              pgactivate (since Linux 2.6.0)
4304
4305              pgdeactivate (since Linux 2.6.0)
4306
4307              pgfault (since Linux 2.6.0)
4308
4309              pgmajfault (since Linux 2.6.0)
4310
4311              pgrefill_dma (since Linux 2.6.5)
4312
4313              pgrefill_dma32 (since Linux 2.6.16)
4314
4315              pgrefill_normal (since Linux 2.6.5)
4316
4317              pgrefill_high (since Linux 2.6.5)
4318
4319              pgrefill_movable (since Linux 2.6.23)
4320
4321              pgsteal_kswapd_dma (since Linux 3.4)
4322
4323              pgsteal_kswapd_dma32 (since Linux 3.4)
4324
4325              pgsteal_kswapd_normal (since Linux 3.4)
4326
4327              pgsteal_kswapd_high (since Linux 3.4)
4328
4329              pgsteal_kswapd_movable (since Linux 3.4)
4330
4331              pgsteal_direct_dma
4332
4333              pgsteal_direct_dma32 (since Linux 3.4)
4334
4335              pgsteal_direct_normal (since Linux 3.4)
4336
4337              pgsteal_direct_high (since Linux 3.4)
4338
4339              pgsteal_direct_movable (since Linux 2.6.23)
4340
4341              pgscan_kswapd_dma
4342
4343              pgscan_kswapd_dma32 (since Linux 2.6.16)
4344
4345              pgscan_kswapd_normal (since Linux 2.6.5)
4346
4347              pgscan_kswapd_high
4348
4349              pgscan_kswapd_movable (since Linux 2.6.23)
4350
4351              pgscan_direct_dma
4352
4353              pgscan_direct_dma32 (since Linux 2.6.16)
4354
4355              pgscan_direct_normal
4356
4357              pgscan_direct_high
4358
4359              pgscan_direct_movable (since Linux 2.6.23)
4360
4361              pgscan_direct_throttle (since Linux 3.6)
4362
4363              zone_reclaim_failed (since linux 2.6.31)
4364
4365              pginodesteal (since linux 2.6.0)
4366
4367              slabs_scanned (since linux 2.6.5)
4368
4369              kswapd_inodesteal (since linux 2.6.0)
4370
4371              kswapd_low_wmark_hit_quickly (since 2.6.33)
4372
4373              kswapd_high_wmark_hit_quickly (since 2.6.33)
4374
4375              pageoutrun (since Linux 2.6.0)
4376
4377              allocstall (since Linux 2.6.0)
4378
4379              pgrotated (since Linux 2.6.0)
4380
4381              drop_pagecache (since Linux 3.15)
4382
4383              drop_slab (since Linux 3.15)
4384
4385              numa_pte_updates (since Linux 3.8)
4386
4387              numa_huge_pte_updates (since Linux 3.13)
4388
4389              numa_hint_faults (since Linux 3.8)
4390
4391              numa_hint_faults_local (since Linux 3.8)
4392
4393              numa_pages_migrated (since Linux 3.8)
4394
4395              pgmigrate_success (since Linux 3.8)
4396
4397              pgmigrate_fail (since Linux 3.8)
4398
4399              compact_migrate_scanned (since Linux 3.8)
4400
4401              compact_free_scanned (since Linux 3.8)
4402
4403              compact_isolated (since Linux 3.8)
4404
4405              compact_stall (since Linux 2.6.35)
4406                     See    the    kernel    source   file   Documentation/ad‐
4407                     min-guide/mm/transhuge.rst.
4408
4409              compact_fail (since Linux 2.6.35)
4410                     See   the   kernel    source    file    Documentation/ad‐
4411                     min-guide/mm/transhuge.rst.
4412
4413              compact_success (since Linux 2.6.35)
4414                     See    the    kernel    source   file   Documentation/ad‐
4415                     min-guide/mm/transhuge.rst.
4416
4417              htlb_buddy_alloc_success (since Linux 2.6.26)
4418
4419              htlb_buddy_alloc_fail (since Linux 2.6.26)
4420
4421              unevictable_pgs_culled (since Linux 2.6.28)
4422
4423              unevictable_pgs_scanned (since Linux 2.6.28)
4424
4425              unevictable_pgs_rescued (since Linux 2.6.28)
4426
4427              unevictable_pgs_mlocked (since Linux 2.6.28)
4428
4429              unevictable_pgs_munlocked (since Linux 2.6.28)
4430
4431              unevictable_pgs_cleared (since Linux 2.6.28)
4432
4433              unevictable_pgs_stranded (since Linux 2.6.28)
4434
4435              thp_fault_alloc (since Linux 2.6.39)
4436                     See   the   kernel    source    file    Documentation/ad‐
4437                     min-guide/mm/transhuge.rst.
4438
4439              thp_fault_fallback (since Linux 2.6.39)
4440                     See    the    kernel    source   file   Documentation/ad‐
4441                     min-guide/mm/transhuge.rst.
4442
4443              thp_collapse_alloc (since Linux 2.6.39)
4444                     See   the   kernel    source    file    Documentation/ad‐
4445                     min-guide/mm/transhuge.rst.
4446
4447              thp_collapse_alloc_failed (since Linux 2.6.39)
4448                     See    the    kernel    source   file   Documentation/ad‐
4449                     min-guide/mm/transhuge.rst.
4450
4451              thp_split (since Linux 2.6.39)
4452                     See   the   kernel    source    file    Documentation/ad‐
4453                     min-guide/mm/transhuge.rst.
4454
4455              thp_zero_page_alloc (since Linux 3.8)
4456                     See    the    kernel    source   file   Documentation/ad‐
4457                     min-guide/mm/transhuge.rst.
4458
4459              thp_zero_page_alloc_failed (since Linux 3.8)
4460                     See   the   kernel    source    file    Documentation/ad‐
4461                     min-guide/mm/transhuge.rst.
4462
4463              balloon_inflate (since Linux 3.18)
4464
4465              balloon_deflate (since Linux 3.18)
4466
4467              balloon_migrate (since Linux 3.18)
4468
4469              nr_tlb_remote_flush (since Linux 3.12)
4470
4471              nr_tlb_remote_flush_received (since Linux 3.12)
4472
4473              nr_tlb_local_flush_all (since Linux 3.12)
4474
4475              nr_tlb_local_flush_one (since Linux 3.12)
4476
4477              vmacache_find_calls (since Linux 3.16)
4478
4479              vmacache_find_hits (since Linux 3.16)
4480
4481              vmacache_full_flushes (since Linux 3.19)
4482
4483       /proc/zoneinfo (since Linux 2.6.13)
4484              This file displays information about memory zones.  This is use‐
4485              ful for analyzing virtual memory behavior.
4486