path: root/Documentation/admin-guide/sysctl/kernel.rst

===================================
Documentation for /proc/sys/kernel/
===================================

.. See scripts/check-sysctl-docs to keep this up to date


Copyright (c) 1998, 1999,  Rik van Riel <riel@nl.linux.org>

Copyright (c) 2009,        Shen Feng<shen@cn.fujitsu.com>

For general info and legal blurb, please look in
Documentation/admin-guide/sysctl/index.rst.

------------------------------------------------------------------------------

This file contains documentation for the sysctl files in
``/proc/sys/kernel/``.

The files in this directory can be used to tune and monitor
miscellaneous and general things in the operation of the Linux
kernel. Since some of the files *can* be used to screw up your
system, it is advisable to read both documentation and source
before actually making adjustments.

Currently, these files might (depending on your configuration)
show up in ``/proc/sys/kernel``:

.. contents:: :local:


acct
====

::

    highwater lowwater frequency

If BSD-style process accounting is enabled these values control
its behaviour. If free space on filesystem where the log lives
goes below ``lowwater``\ % accounting suspends. If free space gets
above ``highwater``\ % accounting resumes. ``frequency`` determines
how often do we check the amount of free space (value is in
seconds). Default:

::

    4 2 30

That is, suspend accounting if free space drops below 2%; resume it
if it increases to at least 4%; consider information about amount of
free space valid for 30 seconds.


acpi_video_flags
================

See Documentation/power/video.rst. This allows the video resume mode to be set,
in a similar fashion to the ``acpi_sleep`` kernel parameter, by
combining the following values:

= =======
1 s3_bios
2 s3_mode
4 s3_beep
= =======


auto_msgmni
===========

This variable has no effect and may be removed in future kernel
releases. Reading it always returns 0.
Up to Linux 3.17, it enabled/disabled automatic recomputing of
`msgmni`_
upon memory add/remove or upon IPC namespace creation/removal.
Echoing "1" into this file enabled msgmni automatic recomputing.
Echoing "0" turned it off. The default value was 1.


bootloader_type (x86 only)
==========================

This gives the bootloader type number as indicated by the bootloader,
shifted left by 4, and OR'd with the low four bits of the bootloader
version.  The reason for this encoding is that this used to match the
``type_of_loader`` field in the kernel header; the encoding is kept for
backwards compatibility.  That is, if the full bootloader type number
is 0x15 and the full version number is 0x234, this file will contain
the value 340 = 0x154.

See the ``type_of_loader`` and ``ext_loader_type`` fields in
Documentation/x86/boot.rst for additional information.


bootloader_version (x86 only)
=============================

The complete bootloader version number.  In the example above, this
file will contain the value 564 = 0x234.

See the ``type_of_loader`` and ``ext_loader_ver`` fields in
Documentation/x86/boot.rst for additional information.


bpf_stats_enabled
=================

Controls whether the kernel should collect statistics on BPF programs
(total time spent running, number of times run...). Enabling
statistics causes a slight reduction in performance on each program
run. The statistics can be seen using ``bpftool``.

= ===================================
0 Don't collect statistics (default).
1 Collect statistics.
= ===================================


cad_pid
=======

This is the pid which will be signalled on reboot (notably, by
Ctrl-Alt-Delete). Writing a value to this file which doesn't
correspond to a running process will result in ``-ESRCH``.

See also `ctrl-alt-del`_.


cap_last_cap
============

Highest valid capability of the running kernel.  Exports
``CAP_LAST_CAP`` from the kernel.


core_pattern
============

``core_pattern`` is used to specify a core dumpfile pattern name.

* max length 127 characters; default value is "core"
* ``core_pattern`` is used as a pattern template for the output
  filename; certain string patterns (beginning with '%') are
  substituted with their actual values.
* backward compatibility with ``core_uses_pid``:

	If ``core_pattern`` does not include "%p" (default does not)
	and ``core_uses_pid`` is set, then .PID will be appended to
	the filename.

* corename format specifiers

	========	==========================================
	%<NUL>		'%' is dropped
	%%		output one '%'
	%p		pid
	%P		global pid (init PID namespace)
	%i		tid
	%I		global tid (init PID namespace)
	%u		uid (in initial user namespace)
	%g		gid (in initial user namespace)
	%d		dump mode, matches ``PR_SET_DUMPABLE`` and
			``/proc/sys/fs/suid_dumpable``
	%s		signal number
	%t		UNIX time of dump
	%h		hostname
	%e		executable filename (may be shortened, could be changed by prctl etc)
	%f      	executable filename
	%E		executable path
	%c		maximum size of core file by resource limit RLIMIT_CORE
	%<OTHER>	both are dropped
	========	==========================================

* If the first character of the pattern is a '|', the kernel will treat
  the rest of the pattern as a command to run.  The core dump will be
  written to the standard input of that program instead of to a file.


core_pipe_limit
===============

This sysctl is only applicable when `core_pattern`_ is configured to
pipe core files to a user space helper (when the first character of
``core_pattern`` is a '|', see above).
When collecting cores via a pipe to an application, it is occasionally
useful for the collecting application to gather data about the
crashing process from its ``/proc/pid`` directory.
In order to do this safely, the kernel must wait for the collecting
process to exit, so as not to remove the crashing processes proc files
prematurely.
This in turn creates the possibility that a misbehaving userspace
collecting process can block the reaping of a crashed process simply
by never exiting.
This sysctl defends against that.
It defines how many concurrent crashing processes may be piped to user
space applications in parallel.
If this value is exceeded, then those crashing processes above that
value are noted via the kernel log and their cores are skipped.
0 is a special value, indicating that unlimited processes may be
captured in parallel, but that no waiting will take place (i.e. the
collecting process is not guaranteed access to ``/proc/<crashing
pid>/``).
This value defaults to 0.


core_uses_pid
=============

The default coredump filename is "core".  By setting
``core_uses_pid`` to 1, the coredump filename becomes core.PID.
If `core_pattern`_ does not include "%p" (default does not)
and ``core_uses_pid`` is set, then .PID will be appended to
the filename.


ctrl-alt-del
============

When the value in this file is 0, ctrl-alt-del is trapped and
sent to the ``init(1)`` program to handle a graceful restart.
When, however, the value is > 0, Linux's reaction to a Vulcan
Nerve Pinch (tm) will be an immediate reboot, without even
syncing its dirty buffers.

Note:
  when a program (like dosemu) has the keyboard in 'raw'
  mode, the ctrl-alt-del is intercepted by the program before it
  ever reaches the kernel tty layer, and it's up to the program
  to decide what to do with it.


dmesg_restrict
==============

This toggle indicates whether unprivileged users are prevented
from using ``dmesg(8)`` to view messages from the kernel's log
buffer.
When `