Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | Documentation for /proc/sys/kernel/* kernel version 2.2.10 |
| 2 | (c) 1998, 1999, Rik van Riel <riel@nl.linux.org> |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 3 | (c) 2009, Shen Feng<shen@cn.fujitsu.com> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 4 | |
| 5 | For general info and legal blurb, please look in README. |
| 6 | |
| 7 | ============================================================== |
| 8 | |
| 9 | This file contains documentation for the sysctl files in |
| 10 | /proc/sys/kernel/ and is valid for Linux kernel version 2.2. |
| 11 | |
| 12 | The files in this directory can be used to tune and monitor |
| 13 | miscellaneous and general things in the operation of the Linux |
| 14 | kernel. Since some of the files _can_ be used to screw up your |
| 15 | system, it is advisable to read both documentation and source |
| 16 | before actually making adjustments. |
| 17 | |
| 18 | Currently, these files might (depending on your configuration) |
| 19 | show up in /proc/sys/kernel: |
Pavel Machek | c255d84 | 2006-02-20 18:27:58 -0800 | [diff] [blame] | 20 | - acpi_video_flags |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 21 | - acct |
H. Peter Anvin | d75757a | 2009-12-11 14:23:44 -0800 | [diff] [blame] | 22 | - bootloader_type [ X86 only ] |
| 23 | - bootloader_version [ X86 only ] |
Hans-Joachim Picht | c114728 | 2009-09-11 10:28:47 +0200 | [diff] [blame] | 24 | - callhome [ S390 only ] |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 25 | - auto_msgmni |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 26 | - core_pattern |
Neil Horman | a293980 | 2009-09-23 15:56:56 -0700 | [diff] [blame] | 27 | - core_pipe_limit |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 28 | - core_uses_pid |
| 29 | - ctrl-alt-del |
| 30 | - dentry-state |
Dan Rosenberg | eaf06b2 | 2010-11-11 14:05:18 -0800 | [diff] [blame] | 31 | - dmesg_restrict |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 32 | - domainname |
| 33 | - hostname |
| 34 | - hotplug |
| 35 | - java-appletviewer [ binfmt_java, obsolete ] |
| 36 | - java-interpreter [ binfmt_java, obsolete ] |
Dan Rosenberg | 455cd5a | 2011-01-12 16:59:41 -0800 | [diff] [blame] | 37 | - kptr_restrict |
Chuck Ebbert | 0741f4d | 2006-12-07 02:14:11 +0100 | [diff] [blame] | 38 | - kstack_depth_to_print [ X86 only ] |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 39 | - l2cr [ PPC only ] |
Michael Opdenacker | ac76cff | 2008-02-13 15:03:32 -0800 | [diff] [blame] | 40 | - modprobe ==> Documentation/debugging-modules.txt |
Kees Cook | 3d43321 | 2009-04-02 15:49:29 -0700 | [diff] [blame] | 41 | - modules_disabled |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 42 | - msgmax |
| 43 | - msgmnb |
| 44 | - msgmni |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 45 | - nmi_watchdog |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 46 | - osrelease |
| 47 | - ostype |
| 48 | - overflowgid |
| 49 | - overflowuid |
| 50 | - panic |
| 51 | - pid_max |
| 52 | - powersave-nap [ PPC only ] |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 53 | - panic_on_unrecovered_nmi |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 54 | - printk |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 55 | - randomize_va_space |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 56 | - real-root-dev ==> Documentation/initrd.txt |
| 57 | - reboot-cmd [ SPARC only ] |
| 58 | - rtsig-max |
| 59 | - rtsig-nr |
| 60 | - sem |
| 61 | - sg-big-buff [ generic SCSI device (sg) ] |
| 62 | - shmall |
| 63 | - shmmax [ sysv ipc ] |
| 64 | - shmmni |
| 65 | - stop-a [ SPARC only ] |
| 66 | - sysrq ==> Documentation/sysrq.txt |
| 67 | - tainted |
| 68 | - threads-max |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 69 | - unknown_nmi_panic |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 70 | - version |
| 71 | |
| 72 | ============================================================== |
| 73 | |
Pavel Machek | c255d84 | 2006-02-20 18:27:58 -0800 | [diff] [blame] | 74 | acpi_video_flags: |
| 75 | |
| 76 | flags |
| 77 | |
| 78 | See Doc*/kernel/power/video.txt, it allows mode of video boot to be |
| 79 | set during run time. |
| 80 | |
| 81 | ============================================================== |
| 82 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 83 | acct: |
| 84 | |
| 85 | highwater lowwater frequency |
| 86 | |
| 87 | If BSD-style process accounting is enabled these values control |
| 88 | its behaviour. If free space on filesystem where the log lives |
| 89 | goes below <lowwater>% accounting suspends. If free space gets |
| 90 | above <highwater>% accounting resumes. <Frequency> determines |
| 91 | how often do we check the amount of free space (value is in |
| 92 | seconds). Default: |
| 93 | 4 2 30 |
| 94 | That is, suspend accounting if there left <= 2% free; resume it |
| 95 | if we got >=4%; consider information about amount of free space |
| 96 | valid for 30 seconds. |
| 97 | |
| 98 | ============================================================== |
| 99 | |
H. Peter Anvin | d75757a | 2009-12-11 14:23:44 -0800 | [diff] [blame] | 100 | bootloader_type: |
| 101 | |
| 102 | x86 bootloader identification |
| 103 | |
| 104 | This gives the bootloader type number as indicated by the bootloader, |
| 105 | shifted left by 4, and OR'd with the low four bits of the bootloader |
| 106 | version. The reason for this encoding is that this used to match the |
| 107 | type_of_loader field in the kernel header; the encoding is kept for |
| 108 | backwards compatibility. That is, if the full bootloader type number |
| 109 | is 0x15 and the full version number is 0x234, this file will contain |
| 110 | the value 340 = 0x154. |
| 111 | |
| 112 | See the type_of_loader and ext_loader_type fields in |
| 113 | Documentation/x86/boot.txt for additional information. |
| 114 | |
| 115 | ============================================================== |
| 116 | |
| 117 | bootloader_version: |
| 118 | |
| 119 | x86 bootloader version |
| 120 | |
| 121 | The complete bootloader version number. In the example above, this |
| 122 | file will contain the value 564 = 0x234. |
| 123 | |
| 124 | See the type_of_loader and ext_loader_ver fields in |
| 125 | Documentation/x86/boot.txt for additional information. |
| 126 | |
| 127 | ============================================================== |
| 128 | |
Hans-Joachim Picht | c114728 | 2009-09-11 10:28:47 +0200 | [diff] [blame] | 129 | callhome: |
| 130 | |
| 131 | Controls the kernel's callhome behavior in case of a kernel panic. |
| 132 | |
| 133 | The s390 hardware allows an operating system to send a notification |
| 134 | to a service organization (callhome) in case of an operating system panic. |
| 135 | |
| 136 | When the value in this file is 0 (which is the default behavior) |
| 137 | nothing happens in case of a kernel panic. If this value is set to "1" |
| 138 | the complete kernel oops message is send to the IBM customer service |
| 139 | organization in case the mainframe the Linux operating system is running |
| 140 | on has a service contract with IBM. |
| 141 | |
| 142 | ============================================================== |
| 143 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 144 | core_pattern: |
| 145 | |
| 146 | core_pattern is used to specify a core dumpfile pattern name. |
Matthias Urlichs | cd08104 | 2006-10-11 01:21:57 -0700 | [diff] [blame] | 147 | . max length 128 characters; default value is "core" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 148 | . core_pattern is used as a pattern template for the output filename; |
| 149 | certain string patterns (beginning with '%') are substituted with |
| 150 | their actual values. |
| 151 | . backward compatibility with core_uses_pid: |
| 152 | If core_pattern does not include "%p" (default does not) |
| 153 | and core_uses_pid is set, then .PID will be appended to |
| 154 | the filename. |
| 155 | . corename format specifiers: |
| 156 | %<NUL> '%' is dropped |
| 157 | %% output one '%' |
| 158 | %p pid |
| 159 | %u uid |
| 160 | %g gid |
| 161 | %s signal number |
| 162 | %t UNIX time of dump |
| 163 | %h hostname |
| 164 | %e executable filename |
| 165 | %<OTHER> both are dropped |
Matthias Urlichs | cd08104 | 2006-10-11 01:21:57 -0700 | [diff] [blame] | 166 | . If the first character of the pattern is a '|', the kernel will treat |
| 167 | the rest of the pattern as a command to run. The core dump will be |
| 168 | written to the standard input of that program instead of to a file. |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 169 | |
| 170 | ============================================================== |
| 171 | |
Neil Horman | a293980 | 2009-09-23 15:56:56 -0700 | [diff] [blame] | 172 | core_pipe_limit: |
| 173 | |
| 174 | This sysctl is only applicable when core_pattern is configured to pipe core |
Randy Dunlap | 7beeec8 | 2009-10-04 19:23:13 -0700 | [diff] [blame] | 175 | files to a user space helper (when the first character of core_pattern is a '|', |
Neil Horman | a293980 | 2009-09-23 15:56:56 -0700 | [diff] [blame] | 176 | see above). When collecting cores via a pipe to an application, it is |
Randy Dunlap | 7beeec8 | 2009-10-04 19:23:13 -0700 | [diff] [blame] | 177 | occasionally useful for the collecting application to gather data about the |
Neil Horman | a293980 | 2009-09-23 15:56:56 -0700 | [diff] [blame] | 178 | crashing process from its /proc/pid directory. In order to do this safely, the |
| 179 | kernel must wait for the collecting process to exit, so as not to remove the |
| 180 | crashing processes proc files prematurely. This in turn creates the possibility |
| 181 | that a misbehaving userspace collecting process can block the reaping of a |
| 182 | crashed process simply by never exiting. This sysctl defends against that. It |
| 183 | defines how many concurrent crashing processes may be piped to user space |
| 184 | applications in parallel. If this value is exceeded, then those crashing |
| 185 | processes above that value are noted via the kernel log and their cores are |
| 186 | skipped. 0 is a special value, indicating that unlimited processes may be |
| 187 | captured in parallel, but that no waiting will take place (i.e. the collecting |
Randy Dunlap | 7beeec8 | 2009-10-04 19:23:13 -0700 | [diff] [blame] | 188 | process is not guaranteed access to /proc/<crashing pid>/). This value defaults |
Neil Horman | a293980 | 2009-09-23 15:56:56 -0700 | [diff] [blame] | 189 | to 0. |
| 190 | |
| 191 | ============================================================== |
| 192 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 193 | core_uses_pid: |
| 194 | |
| 195 | The default coredump filename is "core". By setting |
| 196 | core_uses_pid to 1, the coredump filename becomes core.PID. |
| 197 | If core_pattern does not include "%p" (default does not) |
| 198 | and core_uses_pid is set, then .PID will be appended to |
| 199 | the filename. |
| 200 | |
| 201 | ============================================================== |
| 202 | |
| 203 | ctrl-alt-del: |
| 204 | |
| 205 | When the value in this file is 0, ctrl-alt-del is trapped and |
| 206 | sent to the init(1) program to handle a graceful restart. |
| 207 | When, however, the value is > 0, Linux's reaction to a Vulcan |
| 208 | Nerve Pinch (tm) will be an immediate reboot, without even |
| 209 | syncing its dirty buffers. |
| 210 | |
| 211 | Note: when a program (like dosemu) has the keyboard in 'raw' |
| 212 | mode, the ctrl-alt-del is intercepted by the program before it |
| 213 | ever reaches the kernel tty layer, and it's up to the program |
| 214 | to decide what to do with it. |
| 215 | |
| 216 | ============================================================== |
| 217 | |
Dan Rosenberg | eaf06b2 | 2010-11-11 14:05:18 -0800 | [diff] [blame] | 218 | dmesg_restrict: |
| 219 | |
| 220 | This toggle indicates whether unprivileged users are prevented from using |
| 221 | dmesg(8) to view messages from the kernel's log buffer. When |
| 222 | dmesg_restrict is set to (0) there are no restrictions. When |
Serge E. Hallyn | 38ef4c2 | 2010-12-08 15:19:01 +0000 | [diff] [blame] | 223 | dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use |
Dan Rosenberg | eaf06b2 | 2010-11-11 14:05:18 -0800 | [diff] [blame] | 224 | dmesg(8). |
| 225 | |
| 226 | The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the default |
| 227 | value of dmesg_restrict. |
| 228 | |
| 229 | ============================================================== |
| 230 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 231 | domainname & hostname: |
| 232 | |
| 233 | These files can be used to set the NIS/YP domainname and the |
| 234 | hostname of your box in exactly the same way as the commands |
| 235 | domainname and hostname, i.e.: |
| 236 | # echo "darkstar" > /proc/sys/kernel/hostname |
| 237 | # echo "mydomain" > /proc/sys/kernel/domainname |
| 238 | has the same effect as |
| 239 | # hostname "darkstar" |
| 240 | # domainname "mydomain" |
| 241 | |
| 242 | Note, however, that the classic darkstar.frop.org has the |
| 243 | hostname "darkstar" and DNS (Internet Domain Name Server) |
| 244 | domainname "frop.org", not to be confused with the NIS (Network |
| 245 | Information Service) or YP (Yellow Pages) domainname. These two |
| 246 | domain names are in general different. For a detailed discussion |
| 247 | see the hostname(1) man page. |
| 248 | |
| 249 | ============================================================== |
| 250 | |
| 251 | hotplug: |
| 252 | |
| 253 | Path for the hotplug policy agent. |
| 254 | Default value is "/sbin/hotplug". |
| 255 | |
| 256 | ============================================================== |
| 257 | |
| 258 | l2cr: (PPC only) |
| 259 | |
| 260 | This flag controls the L2 cache of G3 processor boards. If |
| 261 | 0, the cache is disabled. Enabled if nonzero. |
| 262 | |
| 263 | ============================================================== |
| 264 | |
Dan Rosenberg | 455cd5a | 2011-01-12 16:59:41 -0800 | [diff] [blame] | 265 | kptr_restrict: |
| 266 | |
| 267 | This toggle indicates whether restrictions are placed on |
| 268 | exposing kernel addresses via /proc and other interfaces. When |
| 269 | kptr_restrict is set to (0), there are no restrictions. When |
| 270 | kptr_restrict is set to (1), the default, kernel pointers |
| 271 | printed using the %pK format specifier will be replaced with 0's |
| 272 | unless the user has CAP_SYSLOG. When kptr_restrict is set to |
| 273 | (2), kernel pointers printed using %pK will be replaced with 0's |
| 274 | regardless of privileges. |
| 275 | |
| 276 | ============================================================== |
| 277 | |
Chuck Ebbert | 0741f4d | 2006-12-07 02:14:11 +0100 | [diff] [blame] | 278 | kstack_depth_to_print: (X86 only) |
| 279 | |
| 280 | Controls the number of words to print when dumping the raw |
| 281 | kernel stack. |
| 282 | |
| 283 | ============================================================== |
| 284 | |
Kees Cook | 3d43321 | 2009-04-02 15:49:29 -0700 | [diff] [blame] | 285 | modules_disabled: |
| 286 | |
| 287 | A toggle value indicating if modules are allowed to be loaded |
| 288 | in an otherwise modular kernel. This toggle defaults to off |
| 289 | (0), but can be set true (1). Once true, modules can be |
| 290 | neither loaded nor unloaded, and the toggle cannot be set back |
| 291 | to false. |
| 292 | |
| 293 | ============================================================== |
| 294 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 295 | osrelease, ostype & version: |
| 296 | |
| 297 | # cat osrelease |
| 298 | 2.1.88 |
| 299 | # cat ostype |
| 300 | Linux |
| 301 | # cat version |
| 302 | #5 Wed Feb 25 21:49:24 MET 1998 |
| 303 | |
| 304 | The files osrelease and ostype should be clear enough. Version |
| 305 | needs a little more clarification however. The '#5' means that |
| 306 | this is the fifth kernel built from this source base and the |
| 307 | date behind it indicates the time the kernel was built. |
| 308 | The only way to tune these values is to rebuild the kernel :-) |
| 309 | |
| 310 | ============================================================== |
| 311 | |
| 312 | overflowgid & overflowuid: |
| 313 | |
| 314 | if your architecture did not always support 32-bit UIDs (i.e. arm, i386, |
| 315 | m68k, sh, and sparc32), a fixed UID and GID will be returned to |
| 316 | applications that use the old 16-bit UID/GID system calls, if the actual |
| 317 | UID or GID would exceed 65535. |
| 318 | |
| 319 | These sysctls allow you to change the value of the fixed UID and GID. |
| 320 | The default is 65534. |
| 321 | |
| 322 | ============================================================== |
| 323 | |
| 324 | panic: |
| 325 | |
| 326 | The value in this file represents the number of seconds the |
| 327 | kernel waits before rebooting on a panic. When you use the |
| 328 | software watchdog, the recommended setting is 60. |
| 329 | |
| 330 | ============================================================== |
| 331 | |
| 332 | panic_on_oops: |
| 333 | |
| 334 | Controls the kernel's behaviour when an oops or BUG is encountered. |
| 335 | |
| 336 | 0: try to continue operation |
| 337 | |
Matt LaPlante | a982ac0 | 2007-05-09 07:35:06 +0200 | [diff] [blame] | 338 | 1: panic immediately. If the `panic' sysctl is also non-zero then the |
Maxime Bizon | 8b23d04 | 2006-08-05 12:14:32 -0700 | [diff] [blame] | 339 | machine will be rebooted. |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 340 | |
| 341 | ============================================================== |
| 342 | |
| 343 | pid_max: |
| 344 | |
Robert P. J. Day | beb7dd8 | 2007-05-09 07:14:03 +0200 | [diff] [blame] | 345 | PID allocation wrap value. When the kernel's next PID value |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 346 | reaches this value, it wraps back to a minimum PID value. |
| 347 | PIDs of value pid_max or larger are not allocated. |
| 348 | |
| 349 | ============================================================== |
| 350 | |
| 351 | powersave-nap: (PPC only) |
| 352 | |
| 353 | If set, Linux-PPC will use the 'nap' mode of powersaving, |
| 354 | otherwise the 'doze' mode will be used. |
| 355 | |
| 356 | ============================================================== |
| 357 | |
| 358 | printk: |
| 359 | |
| 360 | The four values in printk denote: console_loglevel, |
| 361 | default_message_loglevel, minimum_console_loglevel and |
| 362 | default_console_loglevel respectively. |
| 363 | |
| 364 | These values influence printk() behavior when printing or |
| 365 | logging error messages. See 'man 2 syslog' for more info on |
| 366 | the different loglevels. |
| 367 | |
| 368 | - console_loglevel: messages with a higher priority than |
| 369 | this will be printed to the console |
| 370 | - default_message_level: messages without an explicit priority |
| 371 | will be printed with this priority |
| 372 | - minimum_console_loglevel: minimum (highest) value to which |
| 373 | console_loglevel can be set |
| 374 | - default_console_loglevel: default value for console_loglevel |
| 375 | |
| 376 | ============================================================== |
| 377 | |
| 378 | printk_ratelimit: |
| 379 | |
| 380 | Some warning messages are rate limited. printk_ratelimit specifies |
| 381 | the minimum length of time between these messages (in jiffies), by |
| 382 | default we allow one every 5 seconds. |
| 383 | |
| 384 | A value of 0 will disable rate limiting. |
| 385 | |
| 386 | ============================================================== |
| 387 | |
| 388 | printk_ratelimit_burst: |
| 389 | |
| 390 | While long term we enforce one message per printk_ratelimit |
| 391 | seconds, we do allow a burst of messages to pass through. |
| 392 | printk_ratelimit_burst specifies the number of messages we can |
| 393 | send before ratelimiting kicks in. |
| 394 | |
| 395 | ============================================================== |
| 396 | |
Dave Young | af91322 | 2009-09-22 16:43:33 -0700 | [diff] [blame] | 397 | printk_delay: |
| 398 | |
| 399 | Delay each printk message in printk_delay milliseconds |
| 400 | |
| 401 | Value from 0 - 10000 is allowed. |
| 402 | |
| 403 | ============================================================== |
| 404 | |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 405 | randomize-va-space: |
| 406 | |
| 407 | This option can be used to select the type of process address |
| 408 | space randomization that is used in the system, for architectures |
| 409 | that support this feature. |
| 410 | |
Horst Schirmeier | b7f5ab6 | 2009-07-03 14:20:17 +0200 | [diff] [blame] | 411 | 0 - Turn the process address space randomization off. This is the |
| 412 | default for architectures that do not support this feature anyways, |
| 413 | and kernels that are booted with the "norandmaps" parameter. |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 414 | |
| 415 | 1 - Make the addresses of mmap base, stack and VDSO page randomized. |
| 416 | This, among other things, implies that shared libraries will be |
Horst Schirmeier | b7f5ab6 | 2009-07-03 14:20:17 +0200 | [diff] [blame] | 417 | loaded to random addresses. Also for PIE-linked binaries, the |
| 418 | location of code start is randomized. This is the default if the |
| 419 | CONFIG_COMPAT_BRK option is enabled. |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 420 | |
Horst Schirmeier | b7f5ab6 | 2009-07-03 14:20:17 +0200 | [diff] [blame] | 421 | 2 - Additionally enable heap randomization. This is the default if |
| 422 | CONFIG_COMPAT_BRK is disabled. |
| 423 | |
| 424 | There are a few legacy applications out there (such as some ancient |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 425 | versions of libc.so.5 from 1996) that assume that brk area starts |
Horst Schirmeier | b7f5ab6 | 2009-07-03 14:20:17 +0200 | [diff] [blame] | 426 | just after the end of the code+bss. These applications break when |
| 427 | start of the brk area is randomized. There are however no known |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 428 | non-legacy applications that would be broken this way, so for most |
Horst Schirmeier | b7f5ab6 | 2009-07-03 14:20:17 +0200 | [diff] [blame] | 429 | systems it is safe to choose full randomization. |
| 430 | |
| 431 | Systems with ancient and/or broken binaries should be configured |
| 432 | with CONFIG_COMPAT_BRK enabled, which excludes the heap from process |
| 433 | address space randomization. |
Jiri Kosina | 1ec7fd5 | 2008-02-09 23:24:08 +0100 | [diff] [blame] | 434 | |
| 435 | ============================================================== |
| 436 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 437 | reboot-cmd: (Sparc only) |
| 438 | |
| 439 | ??? This seems to be a way to give an argument to the Sparc |
| 440 | ROM/Flash boot loader. Maybe to tell it what to do after |
| 441 | rebooting. ??? |
| 442 | |
| 443 | ============================================================== |
| 444 | |
| 445 | rtsig-max & rtsig-nr: |
| 446 | |
| 447 | The file rtsig-max can be used to tune the maximum number |
| 448 | of POSIX realtime (queued) signals that can be outstanding |
| 449 | in the system. |
| 450 | |
| 451 | rtsig-nr shows the number of RT signals currently queued. |
| 452 | |
| 453 | ============================================================== |
| 454 | |
| 455 | sg-big-buff: |
| 456 | |
| 457 | This file shows the size of the generic SCSI (sg) buffer. |
| 458 | You can't tune it just yet, but you could change it on |
| 459 | compile time by editing include/scsi/sg.h and changing |
| 460 | the value of SG_BIG_BUFF. |
| 461 | |
| 462 | There shouldn't be any reason to change this value. If |
| 463 | you can come up with one, you probably know what you |
| 464 | are doing anyway :) |
| 465 | |
| 466 | ============================================================== |
| 467 | |
| 468 | shmmax: |
| 469 | |
| 470 | This value can be used to query and set the run time limit |
| 471 | on the maximum shared memory segment size that can be created. |
| 472 | Shared memory segments up to 1Gb are now supported in the |
| 473 | kernel. This value defaults to SHMMAX. |
| 474 | |
| 475 | ============================================================== |
| 476 | |
Ravikiran G Thirumalai | c4f3b63 | 2007-10-16 23:26:09 -0700 | [diff] [blame] | 477 | softlockup_thresh: |
| 478 | |
Andrew Morton | b4d19cc | 2008-09-22 13:57:51 -0700 | [diff] [blame] | 479 | This value can be used to lower the softlockup tolerance threshold. The |
| 480 | default threshold is 60 seconds. If a cpu is locked up for 60 seconds, |
| 481 | the kernel complains. Valid values are 1-60 seconds. Setting this |
| 482 | tunable to zero will disable the softlockup detection altogether. |
Ravikiran G Thirumalai | c4f3b63 | 2007-10-16 23:26:09 -0700 | [diff] [blame] | 483 | |
| 484 | ============================================================== |
| 485 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 486 | tainted: |
| 487 | |
| 488 | Non-zero if the kernel has been tainted. Numeric values, which |
| 489 | can be ORed together: |
| 490 | |
Greg Kroah-Hartman | bb20698 | 2008-10-17 15:01:07 -0700 | [diff] [blame] | 491 | 1 - A module with a non-GPL license has been loaded, this |
| 492 | includes modules with no license. |
| 493 | Set by modutils >= 2.4.9 and module-init-tools. |
| 494 | 2 - A module was force loaded by insmod -f. |
| 495 | Set by modutils >= 2.4.9 and module-init-tools. |
| 496 | 4 - Unsafe SMP processors: SMP with CPUs not designed for SMP. |
| 497 | 8 - A module was forcibly unloaded from the system by rmmod -f. |
| 498 | 16 - A hardware machine check error occurred on the system. |
| 499 | 32 - A bad page was discovered on the system. |
| 500 | 64 - The user has asked that the system be marked "tainted". This |
| 501 | could be because they are running software that directly modifies |
| 502 | the hardware, or for other reasons. |
| 503 | 128 - The system has died. |
| 504 | 256 - The ACPI DSDT has been overridden with one supplied by the user |
| 505 | instead of using the one provided by the hardware. |
| 506 | 512 - A kernel warning has occurred. |
| 507 | 1024 - A module from drivers/staging was loaded. |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 508 | |
Shen Feng | 760df93 | 2009-04-02 16:57:20 -0700 | [diff] [blame] | 509 | ============================================================== |
| 510 | |
| 511 | auto_msgmni: |
| 512 | |
| 513 | Enables/Disables automatic recomputing of msgmni upon memory add/remove or |
| 514 | upon ipc namespace creation/removal (see the msgmni description above). |
| 515 | Echoing "1" into this file enables msgmni automatic recomputing. |
| 516 | Echoing "0" turns it off. |
| 517 | auto_msgmni default value is 1. |
| 518 | |
| 519 | ============================================================== |
| 520 | |
| 521 | nmi_watchdog: |
| 522 | |
| 523 | Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero |
| 524 | the NMI watchdog is enabled and will continuously test all online cpus to |
| 525 | determine whether or not they are still functioning properly. Currently, |
| 526 | passing "nmi_watchdog=" parameter at boot time is required for this function |
| 527 | to work. |
| 528 | |
| 529 | If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel parameter), the |
| 530 | NMI watchdog shares registers with oprofile. By disabling the NMI watchdog, |
| 531 | oprofile may have more registers to utilize. |
| 532 | |
| 533 | ============================================================== |
| 534 | |
| 535 | unknown_nmi_panic: |
| 536 | |
| 537 | The value in this file affects behavior of handling NMI. When the value is |
| 538 | non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel |
| 539 | debugging information is displayed on console. |
| 540 | |
| 541 | NMI switch that most IA32 servers have fires unknown NMI up, for example. |
| 542 | If a system hangs up, try pressing the NMI switch. |
| 543 | |
| 544 | ============================================================== |
| 545 | |
| 546 | panic_on_unrecovered_nmi: |
| 547 | |
| 548 | The default Linux behaviour on an NMI of either memory or unknown is to continue |
| 549 | operation. For many environments such as scientific computing it is preferable |
| 550 | that the box is taken out and the error dealt with than an uncorrected |
| 551 | parity/ECC error get propogated. |
| 552 | |
| 553 | A small number of systems do generate NMI's for bizarre random reasons such as |
| 554 | power management so the default is off. That sysctl works like the existing |
| 555 | panic controls already in that directory. |
| 556 | |