<root
PROC(5)                             Linux Programmer's Manual                             PROC(5)

NAME
       proc - process information pseudo-filesystem

DESCRIPTION
       The  proc  filesystem  is  a  pseudo-filesystem which provides an interface to kernel data
       structures.  It is commonly mounted at /proc.  Most of it is  read-only,  but  some  files
       allow kernel variables to be changed.

   Mount options
       The proc filesystem supports the following mount options:

       hidepid=n (since Linux 3.3)
              This  option  controls  who  can access the information in /proc/[pid] directories.
              The argument, n, is one of the following values:

              0   Everybody may access all /proc/[pid]  directories.   This  is  the  traditional
                  behavior, and the default if this mount option is not specified.

              1   Users  may  not access files and subdirectories inside any /proc/[pid] directo‐
                  ries but their own (the /proc/[pid]  directories  themselves  remain  visible).
                  Sensitive files such as /proc/[pid]/cmdline and /proc/[pid]/status are now pro‐
                  tected against other users.  This makes it impossible to learn whether any user
                  is  running a specific program (so long as the program doesn't otherwise reveal
                  itself by its behavior).

              2   As for mode 1, but in addition the /proc/[pid] directories belonging  to  other
                  users  become  invisible.  This means that /proc/[pid] entries can no longer be
                  used to discover the PIDs on the system.  This doesn't hide  the  fact  that  a
                  process with a specific PID value exists (it can be learned by other means, for
                  example, by "kill -0 $PID"), but it hides a process's UID and GID, which  could
                  otherwise  be  learned  by  employing stat(2) on a /proc/[pid] directory.  This
                  greatly complicates an attacker's task of gathering information  about  running
                  processes (e.g., discovering whether some daemon is running with elevated priv‐
                  ileges, whether another user is running some sensitive program,  whether  other
                  users are running any program at all, and so on).

       gid=gid (since Linux 3.3)
              Specifies  the ID of a group whose members are authorized to learn process informa‐
              tion otherwise prohibited by hidepid (ie/e/, users in this group behave  as  though
              /proc  was mounted with hidepid=0.  This group should be used instead of approaches
              such as putting nonroot users into the sudoers(5) file.

   Files and directories
       The following list describes many of the files and directories under the /proc hierarchy.

       /proc/[pid]
              There is a numerical subdirectory for each running  process;  the  subdirectory  is
              named  by  the  process  ID.  Each such subdirectory contains the following pseudo-
              files and directories.

       /proc/[pid]/attr
              The files in this directory provide an API for security modules.  The  contents  of
              this  directory  are  files  that can be read and written in order to set security-
              related attributes.  This directory was added to support SELinux, but the intention
              was that the API be general enough to support other security modules.  For the pur‐
              pose of explanation, examples of how SELinux uses these files are provided below.

              This directory is present only if the kernel was configured with CONFIG_SECURITY.

       /proc/[pid]/attr/current (since Linux 2.6.0)
              The contents of this file represent the current security attributes of the process.

              In SELinux, this file is used to get the security context of a process.   Prior  to
              Linux  2.6.11, this file could not be used to set the security context (a write was
              always denied), since SELinux limited process  security  transitions  to  execve(2)
              (see the description of /proc/[pid]/attr/exec, below).  Since Linux 2.6.11, SELinux
              lifted this restriction and began supporting "set" operations via  writes  to  this
              node  if  authorized by policy, although use of this operation is only suitable for
              applications that are trusted to maintain any desired separation  between  the  old
              and  new  security  contexts.  Prior to Linux 2.6.28, SELinux did not allow threads
              within a multi-threaded process to set their security context via this node  as  it
              would yield an inconsistency among the security contexts of the threads sharing the
              same memory space.  Since Linux 2.6.28, SELinux lifted this restriction  and  began
              supporting  "set"  operations for threads within a multithreaded process if the new
              security context is bounded by the old security context, where the bounded relation
              is  defined  in policy and guarantees that the new security context has a subset of
              the permissions of the old security context.  Other security modules may choose  to
              support "set" operations via writes to this node.

       /proc/[pid]/attr/exec (since Linux 2.6.0)
              This  file  represents  the  attributes  to assign to the process upon a subsequent
              execve(2).

              In SELinux, this is needed to support role/domain transitions, and execve(2) is the
              preferred  point to make such transitions because it offers better control over the
              initialization of the process in the new security  label  and  the  inheritance  of
              state.   In  SELinux,  this attribute is reset on execve(2) so that the new program
              reverts to the default behavior for any execve(2)  calls  that  it  may  make.   In
              SELinux, a process can set only its own /proc/[pid]/attr/exec attribute.

       /proc/[pid]/attr/fscreate (since Linux 2.6.0)
              This  file represents the attributes to assign to files created by subsequent calls
              to open(2), mkdir(2), symlink(2), and mknod(2)

              SELinux employs this file to support creation of a file (using  the  aforementioned
              system  calls)  in a secure state, so that there is no risk of inappropriate access
              being obtained between the time of creation and the time that attributes  are  set.
              In  SELinux,  this attribute is reset on execve(2), so that the new program reverts
              to the default behavior for any file creation calls it may make, but the  attribute
              will  persist  across  multiple  file  creation calls within a program unless it is
              explicitly   reset.    In   SELinux,   a   process   can   set   only    its    own
              /proc/[pid]/attr/fscreate attribute.

       /proc/[pid]/attr/prev (since Linux 2.6.0)
              This  file  contains the security context of the process before the last execve(2);
              that is, the previous value of /proc/[pid]/attr/current.

       /proc/[pid]/attr/keycreate (since Linux 2.6.18)
              If a process writes a security context into this  file,  all  subsequently  created
              keys  (add_key(2)) will be labeled with this context.  For further information, see
              the kernel source file Documentation/keys.txt.

       /proc/[pid]/attr/socketcreate (since Linux 2.6.18)
              If a process writes a security context into this  file,  all  subsequently  created
              sockets will be labeled with this context.

       /proc/[pid]/auxv (since 2.6.0-test7)
              This contains the contents of the ELF interpreter information passed to the process
              at exec time.  The format is one unsigned long ID plus one unsigned long value  for
              each entry.  The last entry contains two zeros.  See also getauxval(3).

       /proc/[pid]/cgroup (since Linux 2.6.24)
              This  file  describes  control  groups to which the process/task belongs.  For each
              cgroup hierarchy there is one entry containing colon-separated fields of the form:

                  5:cpuacct,cpu,cpuset:/daemons

              The colon-separated fields are, from left to right:

                  1. hierarchy ID number

                  2. set of subsystems bound to the hierarchy

                  3. control group in the hierarchy to which the process belongs

              This file is present only if the  CONFIG_CGROUPS  kernel  configuration  option  is
              enabled.

       /proc/[pid]/clear_refs (since Linux 2.6.22)

              This is a write-only file, writable only by owner of the process.

              The following values may be written to the file:

              1 (since Linux 2.6.22)
                     Reset the PG_Referenced and ACCESSED/YOUNG bits for all the pages associated
                     with the process.  (Before kernel 2.6.32, writing any nonzero value to  this
                     file had this effect.)

              2 (since Linux 2.6.32)
                     Reset  the  PG_Referenced  and  ACCESSED/YOUNG  bits for all anonymous pages
                     associated with the process.

              3 (since Linux 2.6.32)
                     Reset the PG_Referenced and ACCESSED/YOUNG bits for  all  file-mapped  pages
                     associated with the process.

              Clearing  the  PG_Referenced  and  ACCESSED/YOUNG bits provides a method to measure
              approximately how much memory a process is using.  One first inspects the values in
              the  "Referenced"  fields for the VMAs shown in /proc/[pid]/smaps to get an idea of
              the memory footprint of  the  process.   One  then  clears  the  PG_Referenced  and
              ACCESSED/YOUNG bits and, after some measured time interval, once again inspects the
              values in the "Referenced" fields to get an idea of the change in memory  footprint
              of the process during the measured interval.  If one is interested only in inspect‐
              ing the selected mapping types, then the value 2 or 3 can be used instead of 1.

              A further value can be written to affect a different bit:

              4 (since Linux 3.11)
                     Clear the soft-dirty bit for all the  pages  associated  with  the  process.
                     This  is  used  (in conjunction with /proc/[pid]/pagemap) by the check-point
                     restore system to discover which pages of a process have been dirtied  since
                     the file /proc/[pid]/clear_refs was written to.

              Writing  any  value  to /proc/[pid]/clear_refs other than those listed above has no
              effect.

              The /proc/[pid]/clear_refs file is present  only  if  the  CONFIG_PROC_PAGE_MONITOR
              kernel configuration option is enabled.

       /proc/[pid]/cmdline
              This  read-only  file  holds  the complete command line for the process, unless the
              process is a zombie.  In the latter case, there is nothing in this file: that is, a
              read  on  this file will return 0 characters.  The command-line arguments appear in
              this file as a set of strings separated by null bytes ('\0'), with a  further  null
              byte after the last string.

       /proc/[pid]/comm (since Linux 2.6.33)
              This  file  exposes  the  process's comm value—that is, the command name associated
              with the process.  Different threads in the same process may  have  different  comm
              values,  accessible  via /proc/[pid]/task/[tid]/comm.  A thread may modify its comm
              value, or that of any of other thread in the same thread group (see the  discussion
              of  CLONE_THREAD  in  clone(2)), by writing to the file /proc/self/task/[tid]/comm.
              Strings longer than TASK_COMM_LEN (16) characters are silently truncated.

              This file provides a superset of the prctl(2) PR_SET_NAME  and  PR_GET_NAME  opera‐
              tions,  and  is employed by pthread_setname_np(3) when used to rename threads other
              than the caller.

       /proc/[pid]/coredump_filter (since Linux 2.6.23)
              See core(5).

       /proc/[pid]/cpuset (since Linux 2.6.12)
              See cpuset(7).

       /proc/[pid]/cwd
              This is a symbolic link to the current working directory of the process.   To  find
              out the current working directory of process 20, for instance, you can do this:

                  $ cd /proc/20/cwd; /bin/pwd

              Note  that  the pwd command is often a shell built-in, and might not work properly.
              In bash(1), you may use pwd -P.

              In a multithreaded process, the contents of this symbolic link are not available if
              the main thread has already terminated (typically by calling pthread_exit(3)).

       /proc/[pid]/environ
              This  file  contains the environment for the process.  The entries are separated by
              null bytes ('\0'), and there may be a null byte at the end.  Thus, to print out the
              environment of process 1, you would do:

                  $ strings /proc/1/environ

       /proc/[pid]/exe
              Under Linux 2.2 and later, this file is a symbolic link containing the actual path‐
              name of the executed command.  This symbolic link  can  be  dereferenced  normally;
              attempting  to open it will open the executable.  You can even type /proc/[pid]/exe
              to run another copy of the same executable that is being run by process [pid].   If
              the  pathname  has  been  unlinked,  the  symbolic  link  will  contain  the string
              '(deleted)' appended to the original pathname.  In  a  multithreaded  process,  the
              contents  of  this  symbolic  link are not available if the main thread has already
              terminated (typically by calling pthread_exit(3)).

              Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the binary  which  was
              executed,  and  appears  as a symbolic link.  A readlink(2) call on this file under
              Linux 2.0 returns a string in the format:

                  [device]:inode

              For example, [0301]:1502 would be inode 1502 on device major  03  (IDE,  MFM,  etc.
              drives) minor 01 (first partition on the first drive).

              find(1) with the -inum option can be used to locate the file.

       /proc/[pid]/fd/
              This  is  a  subdirectory  containing one entry for each file which the process has
              open, named by its file descriptor, and which is a  symbolic  link  to  the  actual
              file.  Thus, 0 is standard input, 1 standard output, 2 standard error, and so on.

              For  file  descriptors  for  pipes  and sockets, the entries will be symbolic links
              whose content is the file type with the inode.  A readlink(2)  call  on  this  file
              returns a string in the format:

                  type:[inode]

              For example, socket:[2248868] will be a socket and its inode is 2248868.  For sock‐
              ets, that inode can be used to find more information in  one  of  the  files  under
              /proc/net/.

              For  file descriptors that have no corresponding inode (e.g., file descriptors pro‐
              duced   by   epoll_create(2),   eventfd(2),   inotify_init(2),   signalfd(2),   and
              timerfd(2)), the entry will be a symbolic link with contents of the form

                  anon_inode:

              In some cases, the file-type is surrounded by square brackets.

              For  example,  an  epoll file descriptor will have a symbolic link whose content is
              the string anon_inode:[eventpoll].

              In a multithreaded process, the contents of this directory are not available if the
              main thread has already terminated (typically by calling pthread_exit(3)).

              Programs  that  will  take a filename as a command-line argument, but will not take
              input from standard input if no argument is supplied, or that write to a file named
              as a command-line argument, but will not send their output to standard output if no
              argument is supplied, can nevertheless be made to use standard  input  or  standard
              out using /proc/[pid]/fd.  For example, assuming that -i is the flag designating an
              input file and -o is the flag designating an output file:

                  $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...

              and you have a working filter.

              /proc/self/fd/N is approximately the same as /dev/fd/N in some UNIX  and  UNIX-like
              systems.  Most Linux MAKEDEV scripts symbolically link /dev/fd to /proc/self/fd, in
              fact.

              Most systems provide symbolic links /dev/stdin, /dev/stdout, and /dev/stderr, which
              respectively link to the files 0, 1, and 2 in /proc/self/fd.  Thus the example com‐
              mand above could be written as:

                  $ foobar -i /dev/stdin -o /dev/stdout ...

       /proc/[pid]/fdinfo/ (since Linux 2.6.22)
              This is a subdirectory containing one entry for each file  which  the  process  has
              open,  named by its file descriptor.  The files in this directory are readable only
              by the owner of the process.  The contents of each  file  can  be  read  to  obtain
              information  about  the  corresponding file descriptor.  The content depends on the
              type of file referred to by the corresponding descriptor.

              For regular files and directories, we see something like:

                  $ cat /proc/12015/fdinfo/4
                  pos:    1000
                  flags:  01002002
                  mnt_id: 21

              The pos field is a decimal number showing the current file offset.  The flags field
              is  an  octal  number that displays the file access mode and file status flags (see
              open(2)).  The mnt_id field, present since Linux 3.15, is the ID of the mount point
              containing this file.  See the description of /proc/[pid]/mountinfo.

              For eventfd file descriptors (see eventfd(2)), we see the following fields:

                  pos: 0
                  flags:    02
                  mnt_id:   10
                  eventfd-count:               40

              eventfd-count is the current value of the eventfd counter, in hexadecimal.

              For epoll file descriptors (see epoll(7)), we see the following fields:

                  pos: 0
                  flags:    02
                  mnt_id:   10
                  tfd:        9 events:       19 data: 74253d2500000009
                  tfd:        7 events:       19 data: 74253d2500000007

              Each  of  the lines beginning tfd describes one of the file descriptors being moni‐
              tored via the epoll file descriptor (see epoll_ctl(2) for some details).   The  tfd
              field is the number of the file descriptor.  The events field is a hexadecimal mask
              of the events being monitored for this file descriptor.  The data field is the data
              value associated with this file descriptor.

              For signalfd file descriptors (see signalfd(2)), we see the following fields:

                  pos: 0
                  flags:    02
                  mnt_id:   10
                  sigmask:  0000000000000006

              sigmask is the hexadecimal mask of signals that are accepted via this signalfd file
              descriptor.  (In this example, bits 2 and 3 are set, corresponding to  the  signals
              SIGINT and SIGQUIT; see signal(7).)

       /proc/[pid]/io (since kernel 2.6.20)
              This file contains I/O statistics for the process, for example:

                  # cat /proc/3828/io
                  rchar: 323934931
                  wchar: 323929600
                  syscr: 632687
                  syscw: 632675
                  read_bytes: 0
                  write_bytes: 323932160
                  cancelled_write_bytes: 0

              The fields are as follows:

              rchar: characters read
                     The  number  of  bytes  which  this task has caused to be read from storage.
                     This is simply the sum of bytes which this process  passed  to  read(2)  and
                     similar  system calls.  It includes things such as terminal I/O and is unaf‐
                     fected by whether or not actual physical disk I/O  was  required  (the  read
                     might have been satisfied from pagecache).

              wchar: characters written
                     The number of bytes which this task has caused, or shall cause to be written
                     to disk.  Similar caveats apply here as with rchar.

              syscr: read syscalls
                     Attempt to count the number of read I/O  operations—that  is,  system  calls
                     such as read(2) and pread(2).

              syscw: write syscalls
                     Attempt  to  count  the number of write I/O operations—that is, system calls
                     such as write(2) and pwrite(2).

              read_bytes: bytes read
                     Attempt to count the number of bytes which this process really did cause  to
                     be  fetched  from  the  storage  layer.   This  is accurate for block-backed
                     filesystems.

              write_bytes: bytes written
                     Attempt to count the number of bytes which this process caused to be sent to
                     the storage layer.

              cancelled_write_bytes:
                     The  big inaccuracy here is truncate.  If a process writes 1MB to a file and
                     then deletes the file, it will in fact perform no  writeout.   But  it  will
                     have  been  accounted  as  having caused 1MB of write.  In other words: this
                     field represents the number of bytes which this process caused to  not  hap‐
                     pen, by truncating pagecache.  A task can cause "negative" I/O too.  If this
                     task truncates some dirty pagecache, some I/O which another  task  has  been
                     accounted for (in its write_bytes) will not be happening.

              Note:  In  the  current implementation, things are a bit racy on 32-bit systems: if
              process A reads process B's /proc/[pid]/io while process B is updating one of these
              64-bit counters, process A could see an intermediate result.

       /proc/[pid]/gid_map (since Linux 3.5)
              See user_namespaces(7).

       /proc/[pid]/limits (since Linux 2.6.24)
              This file displays the soft limit, hard limit, and units of measurement for each of
              the process's resource limits  (see  getrlimit(2)).   Up  to  and  including  Linux
              2.6.35,  this  file  is  protected  to  allow  reading  only by the real UID of the
              process.  Since Linux 2.6.36, this file is readable by all users on the system.

       /proc/[pid]/map_files/ (since kernel 3.3)
              This subdirectory  contains  entries  corresponding  to  memory-mapped  files  (see
              mmap(2)).  Entries are named by memory region start and end address pair (expressed
              as hexadecimal numbers), and are symbolic links to  the  mapped  files  themselves.
              Here  is an example, with the output wrapped and reformatted to fit on an 80-column
              display:

                  # ls -l /proc/self/map_files/
                  lr--------. 1 root root 64 Apr 16 21:31
                              3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
                  ...

              Although these entries are present for memory regions that  were  mapped  with  the
              MAP_FILE flag, the way anonymous shared memory (regions created with the MAP_ANON |
              MAP_SHARED flags) is implemented in Linux means that such regions  also  appear  on
              this  directory.  Here is an example where the target file is the deleted /dev/zero
              one:

                  lrw-------. 1 root root 64 Apr 16 21:33
                              7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)

              This directory appears only if the CONFIG_CHECKPOINT_RESTORE  kernel  configuration
              option  is  enabled.  Privilege (CAP_SYS_ADMIN) is required to view the contents of
              this directory.

       /proc/[pid]/maps
              A file containing the currently mapped memory regions and their access permissions.
              See mmap(2) for some further information about memory mappings.

              The format of the file is:

       address           perms offset  dev   inode       pathname
       00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
       00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
       00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
       00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
       00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
       ...
       35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
       35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
       35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
       35b1a21000-35b1a22000 rw-p 00000000 00:00 0
       35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
       35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
       35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
       35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
       ...
       f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
       ...
       7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
       7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]

              The  address  field  is the address space in the process that the mapping occupies.
              The perms field is a set of permissions:

                   r = read
                   w = write
                   x = execute
                   s = shared
                   p = private (copy on write)

              The offset  field  is  the  offset  into  the  file/whatever;  dev  is  the  device
              (major:minor);  inode  is  the  inode on that device.  0 indicates that no inode is
              associated with the memory region, as would be the  case  with  BSS  (uninitialized
              data).

              The  pathname  field will usually be the file that is backing the mapping.  For ELF
              files, you can easily coordinate with the offset field by  looking  at  the  Offset
              field in the ELF program headers (readelf -l).

              There are additional helpful pseudo-paths:

                   [stack]
                          The initial process's (also known as the main thread's) stack.

                   [stack:] (since Linux 3.4)
                          A  thread's  stack (where the  is a thread ID).  It corresponds to
                          the /proc/[pid]/task/[tid]/ path.

                   [vdso] The virtual dynamically linked shared object.

                   [heap] The process's heap.

              If the pathname field is blank, this is an anonymous mapping as  obtained  via  the
              mmap(2)  function.   There  is  no  easy way to coordinate this back to a process's
              source, short of running it through gdb(1), strace(1), or similar.

              Under Linux 2.0, there is no field giving pathname.

       /proc/[pid]/mem
              This file can be used to access the pages of a process's  memory  through  open(2),
              read(2), and lseek(2).

       /proc/[pid]/mountinfo (since Linux 2.6.26)
              This file contains information about mount points.  It contains lines of the form:

              36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
              (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)

              The numbers in parentheses are labels for the descriptions below:

              (1)  mount ID: unique identifier of the mount (may be reused after umount(2)).

              (2)  parent ID: ID of parent mount (or of self for the top of the mount tree).

              (3)  major:minor: value of st_dev for files on filesystem (see stat(2)).

              (4)  root: root of the mount within the filesystem.

              (5)  mount point: mount point relative to the process's root.

              (6)  mount options: per-mount options.

              (7)  optional fields: zero or more fields of the form "tag[:value]".

              (8)  separator: marks the end of the optional fields.

              (9)  filesystem type: name of filesystem in the form "type[.subtype]".

              (10) mount source: filesystem-specific information or "none".

              (11) super options: per-superblock options.

              Parsers  should  ignore  all  unrecognized optional fields.  Currently the possible
              optional fields are:

                   shared:X          mount is shared in peer group X

                   master:X          mount is slave to peer group X

                   propagate_from:X  mount is slave and receives propagation from  peer  group  X
                                     (*)

                   unbindable        mount is unbindable

              (*)  X  is  the  closest dominant peer group under the process's root.  If X is the
              immediate master of the mount, or if there is no dominant peer group under the same
              root,  then  only  the  "master:X"  field is present and not the "propagate_from:X"
              field.

              For more information on mount propagation see: Documentation/filesystems/sharedsub‐
              tree.txt in the Linux kernel source tree.

       /proc/[pid]/mounts (since Linux 2.4.19)
              This  is  a  list  of  all the filesystems currently mounted in the process's mount
              namespace.  The format of this file is documented in fstab(5).  Since  kernel  ver‐
              sion 2.6.15, this file is pollable: after opening the file for reading, a change in
              this file (i.e., a filesystem mount or unmount) causes select(2) to mark  the  file
              descriptor  as  readable,  and poll(2) and epoll_wait(2) mark the file as having an
              error condition.  See namespaces(7) for more information.

       /proc/[pid]/mountstats (since Linux 2.6.17)
              This file exports information (statistics,  configuration  information)  about  the
              mount points in the process's mount namespace.  Lines in this file have the form:

              device /dev/sda7 mounted on /home with fstype ext3 [statistics]
              (       1      )            ( 2 )             (3 ) (4)

              The fields in each line are:

              (1)  The  name  of  the  mounted device (or "nodevice" if there is no corresponding
                   device).

              (2)  The mount point within the filesystem tree.

              (3)  The filesystem type.

              (4)  Optional statistics and configuration information.   Currently  (as  at  Linux
                   2.6.26), only NFS filesystems export information via this field.

              This file is readable only by the owner of the process.

              See namespaces(7) for more information.

       /proc/[pid]/ns/ (since Linux 3.0)
              This  is a subdirectory containing one entry for each namespace that supports being
              manipulated by setns(2).  For more information, see namespaces(7).

       /proc/[pid]/numa_maps (since Linux 2.6.14)
              See numa(7).

       /proc/[pid]/oom_adj (since Linux 2.6.11)
              This file can be used to adjust the score used to select which  process  should  be
              killed  in an out-of-memory (OOM) situation.  The kernel uses this value for a bit-
              shift operation of the process's oom_score value: valid values are in the range -16
              to  +15, plus the special value -17, which disables OOM-killing altogether for this
              process.  A positive score increases the likelihood of this process being killed by
              the OOM-killer; a negative score decreases the likelihood.

              The  default  value for this file is 0; a new process inherits its parent's oom_adj
              setting.  A process must be privileged (CAP_SYS_RESOURCE) to update this file.

              Since  Linux   2.6.36,   use   of   this   file   is   deprecated   in   favor   of
              /proc/[pid]/oom_score_adj.

       /proc/[pid]/oom_score (since Linux 2.6.11)
              This  file displays the current score that the kernel gives to this process for the
              purpose of selecting a process for the OOM-killer.  A higher score means  that  the
              process  is more likely to be selected by the OOM-killer.  The basis for this score
              is the amount of memory used by the process, with increases (+)  or  decreases  (-)
              for factors including:

              * whether the process creates a lot of children using fork(2) (+);

              * whether  the  process has been running a long time, or has used a lot of CPU time
                (-);

              * whether the process has a low nice value (i.e., > 0) (+);

              * whether the process is privileged (-); and

              * whether the process is making direct hardware access (-).

              The oom_score also reflects  the  adjustment  specified  by  the  oom_score_adj  or
              oom_adj setting for the process.

       /proc/[pid]/oom_score_adj (since Linux 2.6.36)
              This  file can be used to adjust the badness heuristic used to select which process
              gets killed in out-of-memory conditions.

              The badness heuristic assigns a value to each candidate task ranging from 0  (never
              kill)  to 1000 (always kill) to determine which process is targeted.  The units are
              roughly a proportion along that range of allowed memory the  process  may  allocate
              from, based on an estimation of its current memory and swap use.  For example, if a
              task is using all allowed memory, its badness score will be 1000.  If it  is  using
              half of its allowed memory, its score will be 500.

              There  is  an  additional  factor included in the badness score: root processes are
              given 3% extra memory over other tasks.

              The amount of "allowed" memory depends on the context in which the  OOM-killer  was
              called.   If it is due to the memory assigned to the allocating task's cpuset being
              exhausted, the allowed memory represents the set of mems assigned  to  that  cpuset
              (see  cpuset(7)).   If  it  is  due  to  a mempolicy's node(s) being exhausted, the
              allowed memory represents the set of mempolicy nodes.  If it is  due  to  a  memory
              limit  (or  swap limit) being reached, the allowed memory is that configured limit.
              Finally, if it is due to the entire system being out of memory, the allowed  memory
              represents all allocatable resources.

              The  value  of  oom_score_adj  is  added  to the badness score before it is used to
              determine   which   task   to   kill.    Acceptable   values   range   from   -1000
              (OOM_SCORE_ADJ_MIN)  to  +1000 (OOM_SCORE_ADJ_MAX).  This allows user space to con‐
              trol the preference for OOM-killing, ranging from always preferring a certain  task
              or  completely disabling it from OOM killing.  The lowest possible value, -1000, is
              equivalent to disabling OOM-killing entirely for that task, since  it  will  always
              report a badness score of 0.

              Consequently,  it  is  very simple for user space to define the amount of memory to
              consider for each task.  Setting a oom_score_adj value of  +500,  for  example,  is
              roughly  equivalent  to  allowing  the  remainder of tasks sharing the same system,
              cpuset, mempolicy, or memory controller resources to use at least 50% more  memory.
              A  value of -500, on the other hand, would be roughly equivalent to discounting 50%
              of the task's allowed memory from being considered as scoring against the task.

              For backward compatibility with previous kernels, /proc/[pid]/oom_adj can still  be
              used to tune the badness score.  Its value is scaled linearly with oom_score_adj.

              Writing  to  /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will change the other
              with its scaled value.

       /proc/[pid]/pagemap (since Linux 2.6.25)
              This file shows the mapping of each of the process's virtual  pages  into  physical
              page frames or swap area.  It contains one 64-bit value for each virtual page, with
              the bits set as follows:

                   63     If set, the page is present in RAM.

                   62     If set, the page is in swap space

                   61 (since Linux 3.5)
                          The page is a file-mapped page or a shared anonymous page.

                   60-56 (since Linux 3.11)
                          Zero

                   55 (Since Linux 3.11)
                          PTE is soft-dirty (see the kernel  source  file  Documentation/vm/soft-
                          dirty.txt).

                   54-0   If  the  page  is  present in RAM (bit 63), then these bits provide the
                          page frame number, which can be  used  to  index  /proc/kpageflags  and
                          /proc/kpagecount.   If  the page is present in swap (bit 62), then bits
                          4-0 give the swap type, and bits 54-5 encode the swap offset.

              Before Linux 3.11, bits 60-55 were used to encode the base-2 log of the page size.

              To employ /proc/[pid]/pagemap efficiently, use /proc/[pid]/maps to determine  which
              areas of memory are actually mapped and seek to skip over unmapped regions.

              The /proc/[pid]/pagemap file is present only if the CONFIG_PROC_PAGE_MONITOR kernel
              configuration option is enabled.

       /proc/[pid]/personality (since Linux 2.6.28)
              This read-only file exposes the process's execution domain,  as  set  by  personal‐
              ity(2).  The value is displayed in hexadecimal notation.

       /proc/[pid]/root
              UNIX and Linux support the idea of a per-process root of the filesystem, set by the
              chroot(2) system call.  This file is a symbolic link that points to  the  process's
              root directory, and behaves in the same way as exe, and fd/*.

              In a multithreaded process, the contents of this symbolic link are not available if
              the main thread has already terminated (typically by calling pthread_exit(3)).

       /proc/[pid]/seccomp (from Linux 2.6.12 to 2.6.22)
              Read/set the seccomp mode for the process.  If this file contains the  value  zero,
              seccomp  mode  is  not  enabled.   Writing  the value 1 to this file (irreversibly)
              places the process in seccomp mode: the only permitted system  calls  are  read(2),
              write(2), _exit(2), and sigreturn(2).  This file went away in Linux 2.6.23, when it
              was replaced by a prctl(2)-based mechanism.

       /proc/[pid]/setgroups (since Linux 3.19)
              See user_namespaces(7).

       /proc/[pid]/smaps (since Linux 2.6.14)
              This file shows memory consumption  for  each  of  the  process's  mappings.   (The
              pmap(1)  command  displays  similar  information,  in a form that may be easier for
              parsing.)  For each mapping there is a series of lines such as the following:

                  00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
                  Size:                552 kB
                  Rss:                 460 kB
                  Pss:                 100 kB
                  Shared_Clean:        452 kB
                  Shared_Dirty:          0 kB
                  Private_Clean:         8 kB
                  Private_Dirty:         0 kB
                  Referenced:          460 kB
                  Anonymous:             0 kB
                  AnonHugePages:         0 kB
                  Swap:                  0 kB
                  KernelPageSize:        4 kB
                  MMUPageSize:           4 kB
                  Locked:                0 kB

              The first of these lines shows the same information as is displayed for the mapping
              in  /proc/[pid]/maps.  The remaining lines show the size of the mapping, the amount
              of the mapping that is currently resident in RAM ("Rss"), the process' proportional
              share  of  this  mapping ("Pss"), the number of clean and dirty shared pages in the
              mapping, and the number of clean and dirty private pages in the  mapping.   "Refer‐
              enced"  indicates  the amount of memory currently marked as referenced or accessed.
              "Anonymous" shows the amount of memory that does not belong to  any  file.   "Swap"
              shows how much would-be-anonymous memory is also used, but out on swap.

              The "KernelPageSize" entry is the page size used by the kernel to back a VMA.  This
              matches the size used by the MMU in the majority of cases.  However,  one  counter-
              example  occurs on PPC64 kernels whereby a kernel using 64K as a base page size may
              still use 4K pages for the MMU on older processors.   To  distinguish,  this  patch
              reports "MMUPageSize" as the page size used by the MMU.

              The "Locked" indicates whether the mapping is locked in memory or not.

              "VmFlags"  field represents the kernel flags associated with the particular virtual
              memory area in two letter encoded manner.  The codes are the following:

                  rd  - readable
                  wr  - writable
                  ex  - executable
                  sh  - shared
                  mr  - may read
                  mw  - may write
                  me  - may execute
                  ms  - may share
                  gd  - stack segment grows down
                  pf  - pure PFN range
                  dw  - disabled write to the mapped file
                  lo  - pages are locked in memory
                  io  - memory mapped I/O area
                  sr  - sequential read advise provided
                  rr  - random read advise provided
                  dc  - do not copy area on fork
                  de  - do not expand area on remapping
                  ac  - area is accountable
                  nr  - swap space is not reserved for the area
                  ht  - area uses huge tlb pages
                  nl  - non-linear mapping
                  ar  - architecture specific flag
                  dd  - do not include area into core dump
                  sd  - soft-dirty flag
                  mm  - mixed map area
                  hg  - huge page advise flag
                  nh  - no-huge page advise flag
                  mg  - mergeable advise flag

              The /proc/[pid]/smaps file is present only if the  CONFIG_PROC_PAGE_MONITOR  kernel
              configuration option is enabled.

       /proc/[pid]/stack (since Linux 2.6.29)
              This  file provides a symbolic trace of the function calls in this process's kernel
              stack.  This file is provided only if the kernel was built with  the  CONFIG_STACK‐
              TRACE configuration option.

       /proc/[pid]/stat
              Status information about the process.  This is used by ps(1).  It is defined in the
              kernel source file fs/proc/array.c.

              The fields, in order, with their proper scanf(3) format specifiers, are:

              (1) pid  %d
                        The process ID.

              (2) comm  %s
                        The filename of the executable, in parentheses.  This is visible  whether
                        or not the executable is swapped out.

              (3) state  %c
                        One of the following characters, indicating process state:

                        R  Running

                        S  Sleeping in an interruptible wait

                        D  Waiting in uninterruptible disk sleep

                        Z  Zombie

                        T  Stopped (on a signal) or (before Linux 2.6.33) trace stopped

                        t  Tracing stop (Linux 2.6.33 onward)

                        W  Paging (only before Linux 2.6.0)

                        X  Dead (from Linux 2.6.0 onward)

                        x  Dead (Linux 2.6.33 to 3.13 only)

                        K  Wakekill (Linux 2.6.33 to 3.13 only)

                        W  Waking (Linux 2.6.33 to 3.13 only)

                        P  Parked (Linux 3.9 to 3.13 only)

              (4) ppid  %d
                        The PID of the parent of this process.

              (5) pgrp  %d
                        The process group ID of the process.

              (6) session  %d
                        The session ID of the process.

              (7) tty_nr  %d
                        The  controlling  terminal  of  the process.  (The minor device number is
                        contained in the combination of bits 31 to 20  and  7  to  0;  the  major
                        device number is in bits 15 to 8.)

              (8) tpgid  %d
                        The ID of the foreground process group of the controlling terminal of the
                        process.

              (9) flags  %u
                        The kernel flags word of the process.  For bit  meanings,  see  the  PF_*
                        defines  in  the Linux kernel source file include/linux/sched.h.  Details
                        depend on the kernel version.

                        The format for this field was %lu before Linux 2.6.

              (10) minflt  %lu
                        The number of minor faults the process has made which have  not  required
                        loading a memory page from disk.

              (11) cminflt  %lu
                        The  number  of  minor faults that the process's waited-for children have
                        made.

              (12) majflt  %lu
                        The number of major faults the process has made which have required load‐
                        ing a memory page from disk.

              (13) cmajflt  %lu
                        The  number  of  major faults that the process's waited-for children have
                        made.

              (14) utime  %lu
                        Amount of time that this process has been scheduled in  user  mode,  mea‐
                        sured  in  clock  ticks  (divide by sysconf(_SC_CLK_TCK)).  This includes
                        guest time, guest_time (time spent running a virtual CPU, see below),  so
                        that  applications that are not aware of the guest time field do not lose
                        that time from their calculations.

              (15) stime  %lu
                        Amount of time that this process has been scheduled in kernel mode,  mea‐
                        sured in clock ticks (divide by sysconf(_SC_CLK_TCK)).

              (16) cutime  %ld
                        Amount  of  time that this process's waited-for children have been sched‐
                        uled   in   user   mode,   measured   in   clock   ticks    (divide    by
                        sysconf(_SC_CLK_TCK)).   (See  also times(2).)  This includes guest time,
                        cguest_time (time spent running a virtual CPU, see below).

              (17) cstime  %ld
                        Amount of time that this process's waited-for children have  been  sched‐
                        uled   in   kernel   mode,   measured   in   clock   ticks   (divide   by
                        sysconf(_SC_CLK_TCK)).

              (18) priority  %ld
                        (Explanation for Linux 2.6) For processes running a real-time  scheduling
                        policy  (policy  below;  see  sched_setscheduler(2)), this is the negated
                        scheduling priority, minus one; that is, a number  in  the  range  -2  to
                        -100,  corresponding to real-time priorities 1 to 99.  For processes run‐
                        ning under a non-real-time scheduling policy, this is the raw nice  value
                        (setpriority(2))  as  represented  in the kernel.  The kernel stores nice
                        values as numbers in the range 0 (high) to 39 (low), corresponding to the
                        user-visible nice range of -20 to 19.

                        Before  Linux 2.6, this was a scaled value based on the scheduler weight‐
                        ing given to this process.

              (19) nice  %ld
                        The nice value (see setpriority(2)), a value in the range 19 (low  prior‐
                        ity) to -20 (high priority).

              (20) num_threads  %ld
                        Number  of threads in this process (since Linux 2.6).  Before kernel 2.6,
                        this field was hard coded to 0 as a placeholder for  an  earlier  removed
                        field.

              (21) itrealvalue  %ld
                        The time in jiffies before the next SIGALRM is sent to the process due to
                        an interval timer.  Since kernel 2.6.17, this field is  no  longer  main‐
                        tained, and is hard coded as 0.

              (22) starttime  %llu
                        The  time the process started after system boot.  In kernels before Linux
                        2.6, this value was expressed in jiffies.  Since Linux 2.6, the value  is
                        expressed in clock ticks (divide by sysconf(_SC_CLK_TCK)).

                        The format for this field was %lu before Linux 2.6.

              (23) vsize  %lu
                        Virtual memory size in bytes.

              (24) rss  %ld
                        Resident  Set Size: number of pages the process has in real memory.  This
                        is just the pages which count toward text, data, or  stack  space.   This
                        does not include pages which have not been demand-loaded in, or which are
                        swapped out.

              (25) rsslim  %lu
                        Current soft limit in bytes on the rss of the process; see  the  descrip‐
                        tion of RLIMIT_RSS in getrlimit(2).

              (26) startcode  %lu
                        The address above which program text can run.

              (27) endcode  %lu
                        The address below which program text can run.

              (28) startstack  %lu
                        The address of the start (i.e., bottom) of the stack.

              (29) kstkesp  %lu
                        The  current  value  of ESP (stack pointer), as found in the kernel stack
                        page for the process.

              (30) kstkeip  %lu
                        The current EIP (instruction pointer).

              (31) signal  %lu
                        The bitmap of pending signals, displayed as a decimal number.   Obsolete,
                        because  it  does  not  provide  information  on  real-time  signals; use
                        /proc/[pid]/status instead.

              (32) blocked  %lu
                        The bitmap of blocked signals, displayed as a decimal number.   Obsolete,
                        because  it  does  not  provide  information  on  real-time  signals; use
                        /proc/[pid]/status instead.

              (33) sigignore  %lu
                        The bitmap of ignored signals, displayed as a decimal number.   Obsolete,
                        because  it  does  not  provide  information  on  real-time  signals; use
                        /proc/[pid]/status instead.

              (34) sigcatch  %lu
                        The bitmap of caught signals, displayed as a decimal  number.   Obsolete,
                        because  it  does  not  provide  information  on  real-time  signals; use
                        /proc/[pid]/status instead.

              (35) wchan  %lu
                        This is the "channel" in which the process is waiting.  It is the address
                        of  a  location  in the kernel where the process is sleeping.  The corre‐
                        sponding symbolic name can be found in /proc/[pid]/wchan.

              (36) nswap  %lu
                        Number of pages swapped (not maintained).

              (37) cnswap  %lu
                        Cumulative nswap for child processes (not maintained).

              (38) exit_signal  %d  (since Linux 2.1.22)
                        Signal to be sent to parent when we die.

              (39) processor  %d  (since Linux 2.2.8)
                        CPU number last executed on.

              (40) rt_priority  %u  (since Linux 2.5.19)
                        Real-time scheduling priority, a number in the range 1  to  99  for  pro‐
                        cesses  scheduled  under a real-time policy, or 0, for non-real-time pro‐
                        cesses (see sched_setscheduler(2)).

              (41) policy  %u  (since Linux 2.5.19)
                        Scheduling policy (see sched_setscheduler(2)).  Decode using the  SCHED_*
                        constants in linux/sched.h.

                        The format for this field was %lu before Linux 2.6.22.

              (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
                        Aggregated block I/O delays, measured in clock ticks (centiseconds).

              (43) guest_time  %lu  (since Linux 2.6.24)
                        Guest  time  of the process (time spent running a virtual CPU for a guest
                        operating   system),    measured    in    clock    ticks    (divide    by
                        sysconf(_SC_CLK_TCK)).

              (44) cguest_time  %ld  (since Linux 2.6.24)
                        Guest  time of the process's children, measured in clock ticks (divide by
                        sysconf(_SC_CLK_TCK)).

              (45) start_data  %lu  (since Linux 3.3)
                        Address above which program initialized and uninitialized (BSS) data  are
                        placed.

              (46) end_data  %lu  (since Linux 3.3)
                        Address  below which program initialized and uninitialized (BSS) data are
                        placed.

              (47) start_brk  %lu  (since Linux 3.3)
                        Address above which program heap can be expanded with brk(2).

              (48) arg_start  %lu  (since Linux 3.5)
                        Address above which program command-line arguments (argv) are placed.

              (49) arg_end  %lu  (since Linux 3.5)
                        Address below program command-line arguments (argv) are placed.

              (50) env_start  %lu  (since Linux 3.5)
                        Address above which program environment is placed.

              (51) env_end  %lu  (since Linux 3.5)
                        Address below which program environment is placed.

              (52) exit_code  %d  (since Linux 3.5)
                        The thread's exit status in the form reported by waitpid(2).

       /proc/[pid]/statm
              Provides information about memory usage, measured in pages.  The columns are:

                  size       (1) total program size
                             (same as VmSize in /proc/[pid]/status)
                  resident   (2) resident set size
                             (same as VmRSS in /proc/[pid]/status)
                  share      (3) shared pages (i.e., backed by a file)
                  text       (4) text (code)
                  lib        (5) library (unused in Linux 2.6)
                  data       (6) data + stack
                  dt         (7) dirty pages (unused in Linux 2.6)

       /proc/[pid]/status
              Provides much of the information in /proc/[pid]/stat  and  /proc/[pid]/statm  in  a
              format that's easier for humans to parse.  Here's an example:

                  $ cat /proc/$$/status
                  Name:   bash
                  State:  S (sleeping)
                  Tgid:   3515
                  Pid:    3515
                  PPid:   3452
                  TracerPid:      0
                  Uid:    1000    1000    1000    1000
                  Gid:    100     100     100     100
                  FDSize: 256
                  Groups: 16 33 100
                  VmPeak:     9136 kB
                  VmSize:     7896 kB
                  VmLck:         0 kB
                  VmPin:         0 kB
                  VmHWM:      7572 kB
                  VmRSS:      6316 kB
                  VmData:     5224 kB
                  VmStk:        88 kB
                  VmExe:       572 kB
                  VmLib:      1708 kB
                  VmPMD:         4 kB
                  VmPTE:        20 kB
                  VmSwap:        0 kB
                  Threads:        1
                  SigQ:   0/3067
                  SigPnd: 0000000000000000
                  ShdPnd: 0000000000000000
                  SigBlk: 0000000000010000
                  SigIgn: 0000000000384004
                  SigCgt: 000000004b813efb
                  CapInh: 0000000000000000
                  CapPrm: 0000000000000000
                  CapEff: 0000000000000000
                  CapBnd: ffffffffffffffff
                  CapAmb:   0000000000000000
                  Seccomp:        0
                  Cpus_allowed:   00000001
                  Cpus_allowed_list:      0
                  Mems_allowed:   1
                  Mems_allowed_list:      0
                  voluntary_ctxt_switches:        150
                  nonvoluntary_ctxt_switches:     545

              The fields are as follows:

              * Name: Command run by this process.

              * State:  Current  state  of the process.  One of "R (running)", "S (sleeping)", "D
                (disk sleep)", "T (stopped)", "T (tracing stop)", "Z (zombie)", or "X (dead)".

              * Tgid: Thread group ID (i.e., Process ID).

              * Pid: Thread ID (see gettid(2)).

              * PPid: PID of parent process.

              * TracerPid: PID of process tracing this process (0 if not being traced).

              * Uid, Gid: Real, effective, saved set, and filesystem UIDs (GIDs).

              * FDSize: Number of file descriptor slots currently allocated.

              * Groups: Supplementary group list.

              * VmPeak: Peak virtual memory size.

              * VmSize: Virtual memory size.

              * VmLck: Locked memory size (see mlock(3)).

              * VmPin: Pinned memory size (since Linux 3.2).  These are pages that can't be moved
                because something needs to directly access physical memory.

              * VmHWM: Peak resident set size ("high water mark").

              * VmRSS: Resident set size.

              * VmData, VmStk, VmExe: Size of data, stack, and text segments.

              * VmLib: Shared library code size.

              * VmPTE: Page table entries size (since Linux 2.6.10).

              * VmPMD: Size of second-level page tables (since Linux 4.0).

              * VmSwap:  Swapped-out  virtual  memory size by anonymous private pages; shmem swap
                usage is not included (since Linux 2.6.34).

              * Threads: Number of threads in process containing this thread.

              * SigQ: This field contains two slash-separated numbers that relate to queued  sig‐
                nals  for  the real user ID of this process.  The first of these is the number of
                currently queued signals for this real user ID, and the second  is  the  resource
                limit  on  the  number of queued signals for this process (see the description of
                RLIMIT_SIGPENDING in getrlimit(2)).

              * SigPnd, ShdPnd: Number of signals pending for thread and for process as  a  whole
                (see pthreads(7) and signal(7)).

              * SigBlk,  SigIgn,  SigCgt:  Masks  indicating  signals being blocked, ignored, and
                caught (see signal(7)).

              * CapInh, CapPrm, CapEff: Masks of capabilities enabled in inheritable,  permitted,
                and effective sets (see capabilities(7)).

              * CapBnd: Capability Bounding set (since Linux 2.6.26, see capabilities(7)).

              * CapAmb: Ambient capability set (since Linux 4.3, see capabilities(7)).

              * Seccomp:  Seccomp mode of the process (since Linux 3.8, see seccomp(2)).  0 means
                SECCOMP_MODE_DISABLED; 1 means SECCOMP_MODE_STRICT; 2 means  SECCOMP_MODE_FILTER.
                This  field is provided only if the kernel was built with the CONFIG_SECCOMP ker‐
                nel configuration option enabled.

              * Cpus_allowed: Mask of CPUs on which this process may run (since Linux 2.6.24, see
                cpuset(7)).

              * Cpus_allowed_list:  Same  as  previous, but in "list format" (since Linux 2.6.26,
                see cpuset(7)).

              * Mems_allowed: Mask of memory nodes allowed to this process (since  Linux  2.6.24,
                see cpuset(7)).

              * Mems_allowed_list:  Same  as  previous, but in "list format" (since Linux 2.6.26,
                see cpuset(7)).

              * voluntary_ctxt_switches,  nonvoluntary_ctxt_switches:  Number  of  voluntary  and
                involuntary context switches (since Linux 2.6.23).

       /proc/[pid]/syscall (since Linux 2.6.27)
              This file exposes the system call number and argument registers for the system call
              currently being executed by the process,  followed  by  the  values  of  the  stack
              pointer  and  program  counter registers.  The values of all six argument registers
              are exposed, although most system calls use fewer registers.

              If the process is blocked, but not in a system call, then the file displays  -1  in
              place  of  the system call number, followed by just the values of the stack pointer
              and program counter.  If process is not blocked, then the file  contains  just  the
              string "running".

              This file is present only if the kernel was configured with CONFIG_HAVE_ARCH_TRACE‐
              HOOK.

       /proc/[pid]/task (since Linux 2.6.0-test6)
              This is a directory that contains one subdirectory for each thread in the  process.
              The name of each subdirectory is the numerical thread ID ([tid]) of the thread (see
              gettid(2)).  Within each of these subdirectories, there is a set of files with  the
              same  names and contents as under the /proc/[pid] directories.  For attributes that
              are shared by all threads, the contents for each of the files under the  task/[tid]
              subdirectories  will  be  the  same  as  in  the  corresponding  file in the parent
              /proc/[pid] directory (e.g., in a multithreaded process, all of the  task/[tid]/cwd
              files will have the same value as the /proc/[pid]/cwd file in the parent directory,
              since all of the threads in a process share a working directory).   For  attributes
              that  are  distinct  for  each thread, the corresponding files under task/[tid] may
              have different values (e.g., various fields in each of the task/[tid]/status  files
              may be different for each thread).

              In  a multithreaded process, the contents of the /proc/[pid]/task directory are not
              available  if  the  main  thread  has  already  terminated  (typically  by  calling
              pthread_exit(3)).

       /proc/[pid]/timers (since Linux 3.10)
              A list of the POSIX timers for this process.  Each timer is listed with a line that
              starts with the string "ID:".  For example:

                  ID: 1
                  signal: 60/00007fff86e452a8
                  notify: signal/pid.2634
                  ClockID: 0
                  ID: 0
                  signal: 60/00007fff86e452a8
                  notify: signal/pid.2634
                  ClockID: 1

              The lines shown for each timer have the following meanings:

              ID     The ID for this timer.  This is not the same as the  timer  ID  returned  by
                     timer_create(2); rather, it is the same kernel-internal ID that is available
                     via the si_timerid field of the siginfo_t structure (see sigaction(2)).

              signal This is the signal number that this timer uses to deliver notifications fol‐
                     lowed by a slash, and then the sigev_value value supplied to the signal han‐
                     dler.  Valid only for timers that notify via a signal.

              notify The part before the slash specifies the mechanism that this  timer  uses  to
                     deliver notifications, and is one of "thread", "signal", or "none".  Immedi‐
                     ately following the slash  is  either  the  string  "tid"  for  timers  with
                     SIGEV_THREAD_ID notification, or "pid" for timers that notify by other mech‐
                     anisms.  Following the "." is the PID of the process (or the  kernel  thread
                     ID  of  the  thread)   that will be delivered a signal if the timer delivers
                     notifications via a signal.

              ClockID
                     This field identifies the clock that the timer uses for measuring time.  For
                     most  clocks,  this  is  a number that matches one of the user-space CLOCK_*
                     constants exposed via  .   CLOCK_PROCESS_CPUTIME_ID  timers  display
                     with  a  value  of -6 in this field.  CLOCK_THREAD_CPUTIME_ID timers display
                     with a value of -2 in this field.

              This file is available only when  the  kernel  was  configured  with  CONFIG_CHECK‐
              POINT_RESTORE.

       /proc/[pid]/uid_map, /proc/[pid]/gid_map (since Linux 3.5)
              See user_namespaces(7).

       /proc/[pid]/wchan (since Linux 2.6.0)
              The  symbolic name corresponding to the location in the kernel where the process is
              sleeping.

       /proc/apm
              Advanced power management  version  and  battery  information  when  CONFIG_APM  is
              defined at kernel compilation time.

       /proc/buddyinfo
              This  file  contains  information which is used for diagnosing memory fragmentation
              issues.  Each line starts with the identification of the node and the name  of  the
              zone  which together identify a memory region This is then followed by the count of
              available chunks of a certain order in which these zones are split.   The  size  in
              bytes of a certain order is given by the formula:

                  (2^order) * PAGE_SIZE

              The  binary  buddy  allocator algorithm inside the kernel will split one chunk into
              two chunks of a smaller order (thus with half the size) or combine  two  contiguous
              chunks  into one larger chunk of a higher order (thus with double the size) to sat‐
              isfy allocation requests and to counter memory fragmentation.   The  order  matches
              the column number, when starting to count at zero.

              For example on a x86_64 system:

  Node 0, zone     DMA     1    1    1    0    2    1    1    0    1    1    3
  Node 0, zone   DMA32    65   47    4   81   52   28   13   10    5    1  404
  Node 0, zone  Normal   216   55  189  101   84   38   37   27    5    3  587

              In  this example, there is one node containing three zones and there are 11 differ‐
              ent chunk sizes.  If the page size is 4 kilobytes, then the first zone  called  DMA
              (on  x86  the  first  16  megabyte  of memory) has 1 chunk of 4 kilobytes (order 0)
              available and has 3 chunks of 4 megabytes (order 10) available.

              If the memory is heavily fragmented, the counters for higher order chunks  will  be
              zero and allocation of large contiguous areas will fail.

              Further information about the zones can be found in /proc/zoneinfo.

       /proc/bus
              Contains subdirectories for installed busses.

       /proc/bus/pccard
              Subdirectory  for  PCMCIA  devices  when CONFIG_PCMCIA is set at kernel compilation
              time.

       /proc/bus/pccard/drivers

       /proc/bus/pci
              Contains various bus subdirectories and pseudo-files containing  information  about
              PCI  busses,  installed  devices,  and device drivers.  Some of these files are not
              ASCII.

       /proc/bus/pci/devices
              Information about PCI devices.  They may be  accessed  through  lspci(8)  and  set‐
              pci(8).

       /proc/cmdline
              Arguments  passed  to the Linux kernel at boot time.  Often done via a boot manager
              such as lilo(8) or grub(8).

       /proc/config.gz (since Linux 2.6)
              This file exposes the configuration options that were used to build  the  currently
              running  kernel, in the same format as they would be shown in the .config file that
              resulted when configuring the kernel (using make xconfig, make config, or similar).
              The  file  contents are compressed; view or search them using zcat(1) and zgrep(1).
              As long as no changes have been  made  to  the  following  file,  the  contents  of
              /proc/config.gz are the same as those provided by :

                  cat /lib/modules/$(uname -r)/build/.config

              /proc/config.gz  is  provided  only  if the kernel is configured with CONFIG_IKCON‐
              FIG_PROC.

       /proc/crypto
              A list of the ciphers provided by the kernel crypto API.  For details, see the ker‐
              nel  Linux Kernel Crypto API documentation available under the kernel source direc‐
              tory Documentation/DocBook.  (That documentation can be built using a command  such
              as make htmldocs in the root directory of the kernel source tree.)

       /proc/cpuinfo
              This  is a collection of CPU and system architecture dependent items, for each sup‐
              ported architecture a different list.  Two common entries are processor which gives
              CPU  number  and  bogomips; a system constant that is calculated during kernel ini‐
              tialization.  SMP machines have information for each  CPU.   The  lscpu(1)  command
              gathers its information from this file.

       /proc/devices
              Text  listing  of  major  numbers  and  device groups.  This can be used by MAKEDEV
              scripts for consistency with the kernel.

       /proc/diskstats (since Linux 2.5.69)
              This file contains disk I/O statistics for each disk device.  See the Linux  kernel
              source file Documentation/iostats.txt for further information.

       /proc/dma
              This is a list of the registered ISA DMA (direct memory access) channels in use.

       /proc/driver
              Empty subdirectory.

       /proc/execdomains
              List of the execution domains (ABI personalities).

       /proc/fb
              Frame buffer information when CONFIG_FB is defined during kernel compilation.

       /proc/filesystems
              A  text  listing  of  the  filesystems  which  are  supported by the kernel, namely
              filesystems which were compiled into the kernel or whose kernel  modules  are  cur‐
              rently loaded.  (See also filesystems(5).)  If a filesystem is marked with "nodev",
              this means that it does not require a block device to  be  mounted  (e.g.,  virtual
              filesystem, network filesystem).

              Incidentally, this file may be used by mount(8) when no filesystem is specified and
              it didn't manage to determine the filesystem type.  Then filesystems  contained  in
              this file are tried (excepted those that are marked with "nodev").

       /proc/fs
              Contains subdirectories that in turn contain files with information about (certain)
              mounted filesystems.

       /proc/ide
              This directory exists on systems with the IDE bus.  There are directories for  each
              IDE channel and attached device.  Files include:

                  cache              buffer size in KB
                  capacity           number of sectors
                  driver             driver version
                  geometry           physical and logical geometry
                  identify           in hexadecimal
                  media              media type
                  model              manufacturer's model number
                  settings           drive settings
                  smart_thresholds   in hexadecimal
                  smart_values       in hexadecimal

              The hdparm(8) utility provides access to this information in a friendly format.

       /proc/interrupts
              This is used to record the number of interrupts per CPU per IO device.  Since Linux
              2.6.24, for the i386 and x86_64 architectures, at least, this also includes  inter‐
              rupts  internal to the system (that is, not associated with a device as such), such
              as NMI (nonmaskable interrupt), LOC (local timer interrupt), and for  SMP  systems,
              TLB  (TLB flush interrupt), RES (rescheduling interrupt), CAL (remote function call
              interrupt), and possibly others.  Very easy to read formatting, done in ASCII.

       /proc/iomem
              I/O memory map in Linux 2.4.

       /proc/ioports
              This is a list of currently registered Input-Output port regions that are in use.

       /proc/kallsyms (since Linux 2.5.71)
              This holds the kernel exported symbol definitions used by the modules(X)  tools  to
              dynamically link and bind loadable modules.  In Linux 2.5.47 and earlier, a similar
              file with slightly different syntax was named ksyms.

       /proc/kcore
              This file represents the physical memory of the system and is  stored  in  the  ELF
              core   file   format.    With   this   pseudo-file,   and   an   unstripped  kernel
              (/usr/src/linux/vmlinux) binary, GDB can be used to examine the  current  state  of
              any kernel data structures.

              The total length of the file is the size of physical memory (RAM) plus 4KB.

       /proc/kmsg
              This file can be used instead of the syslog(2) system call to read kernel messages.
              A process must have superuser privileges to read this file, and  only  one  process
              should read this file.  This file should not be read if a syslog process is running
              which uses the syslog(2) system call facility to log kernel messages.

              Information in this file is retrieved with the dmesg(1) program.

       /proc/kpagecount (since Linux 2.6.25)
              This file contains a 64-bit count of the number of times each physical  page  frame
              is    mapped,   indexed   by   page   frame   number   (see   the   discussion   of
              /proc/[pid]/pagemap).

              The /proc/kpagecount file is present only if  the  CONFIG_PROC_PAGE_MONITOR  kernel
              configuration option is enabled.

       /proc/kpageflags (since Linux 2.6.25)
              This  file  contains  64-bit masks corresponding to each physical page frame; it is
              indexed by page frame number (see the discussion of /proc/[pid]/pagemap).  The bits
              are as follows:

                   0 - KPF_LOCKED
                   1 - KPF_ERROR
                   2 - KPF_REFERENCED
                   3 - KPF_UPTODATE
                   4 - KPF_DIRTY
                   5 - KPF_LRU
                   6 - KPF_ACTIVE
                   7 - KPF_SLAB
                   8 - KPF_WRITEBACK
                   9 - KPF_RECLAIM
                  10 - KPF_BUDDY
                  11 - KPF_MMAP           (since Linux 2.6.31)
                  12 - KPF_ANON           (since Linux 2.6.31)
                  13 - KPF_SWAPCACHE      (since Linux 2.6.31)
                  14 - KPF_SWAPBACKED     (since Linux 2.6.31)
                  15 - KPF_COMPOUND_HEAD  (since Linux 2.6.31)
                  16 - KPF_COMPOUND_TAIL  (since Linux 2.6.31)
                  16 - KPF_HUGE           (since Linux 2.6.31)
                  18 - KPF_UNEVICTABLE    (since Linux 2.6.31)
                  19 - KPF_HWPOISON       (since Linux 2.6.31)
                  20 - KPF_NOPAGE         (since Linux 2.6.31)
                  21 - KPF_KSM            (since Linux 2.6.32)
                  22 - KPF_THP            (since Linux 3.4)

              For further details on the meanings of these bits, see the kernel source file Docu‐
              mentation/vm/pagemap.txt.   Before  kernel  2.6.29,   KPF_WRITEBACK,   KPF_RECLAIM,
              KPF_BUDDY, and KPF_LOCKED did not report correctly.

              The  /proc/kpageflags  file  is present only if the CONFIG_PROC_PAGE_MONITOR kernel
              configuration option is enabled.

       /proc/ksyms (Linux 1.1.23-2.5.47)
              See /proc/kallsyms.

       /proc/loadavg
              The first three fields in this file are load average figures giving the  number  of
              jobs  in the run queue (state R) or waiting for disk I/O (state D) averaged over 1,
              5, and 15 minutes.  They are  the  same  as  the  load  average  numbers  given  by
              uptime(1)  and  other programs.  The fourth field consists of two numbers separated
              by a slash (/).  The first of these is the  number  of  currently  runnable  kernel
              scheduling  entities (processes, threads).  The value after the slash is the number
              of kernel scheduling entities that currently exist on the system.  The fifth  field
              is the PID of the process that was most recently created on the system.

       /proc/locks
              This file shows current file locks (flock(2) and fcntl(2)) and leases (fcntl(2)).

       /proc/malloc (only up to and including Linux 2.2)
              This file is present only if CONFIG_DEBUG_MALLOC was defined during compilation.

       /proc/meminfo
              This  file  reports  statistics  about  memory  usage on the system.  It is used by
              free(1) to report the amount of free and used memory (both physical  and  swap)  on
              the  system as well as the shared memory and buffers used by the kernel.  Each line
              of the file consists of a parameter name, followed by a colon,  the  value  of  the
              parameter,  and  an  option  unit  of  measurement  (e.g.,  "kB").   The list below
              describes the parameter names and the format specifier required to read  the  field
              value.   Except  as noted below, all of the fields have been present since at least
              Linux 2.6.0.  Some fields are displayed only if the kernel was configured with var‐
              ious options; those dependencies are noted in the list.

              MemTotal %lu
                     Total  usable RAM (i.e., physical RAM minus a few reserved bits and the ker‐
                     nel binary code).

              MemFree %lu
                     The sum of LowFree+HighFree.

              Buffers %lu
                     Relatively temporary storage for raw disk blocks that shouldn't get  tremen‐
                     dously large (20MB or so).

              Cached %lu
                     In-memory  cache  for  files  read  from the disk (the page cache).  Doesn't
                     include SwapCached.

              SwapCached %lu
                     Memory that once was swapped out, is swapped back in but still  also  is  in
                     the  swap  file.   (If memory pressure is high, these pages don't need to be
                     swapped out again because they are already in the  swap  file.   This  saves
                     I/O.)

              Active %lu
                     Memory  that  has  been  used more recently and usually not reclaimed unless
                     absolutely necessary.

              Inactive %lu
                     Memory which has been less  recently  used.   It  is  more  eligible  to  be
                     reclaimed for other purposes.

              Active(anon) %lu (since Linux 2.6.28)
                     [To be documented.]

              Inactive(anon) %lu (since Linux 2.6.28)
                     [To be documented.]

              Active(file) %lu (since Linux 2.6.28)
                     [To be documented.]

              Inactive(file) %lu (since Linux 2.6.28)
                     [To be documented.]

              Unevictable %lu (since Linux 2.6.28)
                     (From  Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was required.)  [To be
                     documented.]

              Mlocked %lu (since Linux 2.6.28)
                     (From Linux 2.6.28 to 2.6.30, CONFIG_UNEVICTABLE_LRU was required.)  [To  be
                     documented.]

              HighTotal %lu
                     (Starting  with  Linux 2.6.19, CONFIG_HIGHMEM is required.)  Total amount of
                     highmem.  Highmem is all memory above ~860MB of  physical  memory.   Highmem
                     areas are for use by user-space programs, or for the page cache.  The kernel
                     must use tricks to access this memory,  making  it  slower  to  access  than
                     lowmem.

              HighFree %lu
                     (Starting  with  Linux  2.6.19, CONFIG_HIGHMEM is required.)  Amount of free
                     highmem.

              LowTotal %lu
                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)  Total  amount  of
                     lowmem.   Lowmem is memory which can be used for everything that highmem can
                     be used for, but it is also available for the kernel's use for its own  data
                     structures.   Among  many  other things, it is where everything from Slab is
                     allocated.  Bad things happen when you're out of lowmem.

              LowFree %lu
                     (Starting with Linux 2.6.19, CONFIG_HIGHMEM is required.)   Amount  of  free
                     lowmem.

              MmapCopy %lu (since Linux 2.6.29)
                     (CONFIG_MMU is required.)  [To be documented.]

              SwapTotal %lu
                     Total amount of swap space available.

              SwapFree %lu
                     Amount of swap space that is currently unused.

              Dirty %lu
                     Memory which is waiting to get written back to the disk.

              Writeback %lu
                     Memory which is actively being written back to the disk.

              AnonPages %lu (since Linux 2.6.18)
                     Non-file backed pages mapped into user-space page tables.

              Mapped %lu
                     Files which have been mapped into memory (with mmap(2)), such as libraries.

              Shmem %lu (since Linux 2.6.32)
                     [To be documented.]

              Slab %lu
                     In-kernel data structures cache.

              SReclaimable %lu (since Linux 2.6.19)
                     Part of Slab, that might be reclaimed, such as caches.

              SUnreclaim %lu (since Linux 2.6.19)
                     Part of Slab, that cannot be reclaimed on memory pressure.

              KernelStack %lu (since Linux 2.6.32)
                     Amount of memory allocated to kernel stacks.

              PageTables %lu (since Linux 2.6.18)
                     Amount of memory dedicated to the lowest level of page tables.

              Quicklists %lu (since Linux 2.6.27)
                     (CONFIG_QUICKLIST is required.)  [To be documented.]

              NFS_Unstable %lu (since Linux 2.6.18)
                     NFS pages sent to the server, but not yet committed to stable storage.

              Bounce %lu (since Linux 2.6.18)
                     Memory used for block device "bounce buffers".

              WritebackTmp %lu (since Linux 2.6.26)
                     Memory used by FUSE for temporary writeback buffers.

              CommitLimit %lu (since Linux 2.6.10)
                     This  is  the  total amount of memory currently available to be allocated on
                     the system, expressed in kilobytes.  This limit is adhered to only if strict
                     overcommit accounting is enabled (mode 2 in /proc/sys/vm/overcommit_memory).
                     The  limit  is  calculated  according  to  the   formula   described   under
                     /proc/sys/vm/overcommit_memory.   For further details, see the kernel source
                     file Documentation/vm/overcommit-accounting.

              Committed_AS %lu
                     The amount of memory presently allocated on the system.  The committed  mem‐
                     ory  is  a  sum  of all of the memory which has been allocated by processes,
                     even if it has not been "used" by them as of yet.  A process which allocates
                     1GB  of  memory (using malloc(3) or similar), but touches only 300MB of that
                     memory will show up as using only 300MB of memory even if it has the address
                     space allocated for the entire 1GB.

                     This  1GB  is memory which has been "committed" to by the VM and can be used
                     at any time by the allocating application.  With strict  overcommit  enabled
                     on  the  system  (mode 2 in IR /proc/sys/vm/overcommit_memory ), allocations
                     which would exceed the CommitLimit will not be permitted.  This is useful if
                     one  needs  to  guarantee that processes will not fail due to lack of memory
                     once that memory has been successfully allocated.

              VmallocTotal %lu
                     Total size of vmalloc memory area.

              VmallocUsed %lu
                     Amount of vmalloc area which is used.

              VmallocChunk %lu
                     Largest contiguous block of vmalloc area which is free.

              HardwareCorrupted %lu (since Linux 2.6.32)
                     (CONFIG_MEMORY_FAILURE is required.)  [To be documented.]

              AnonHugePages %lu (since Linux 2.6.38)
                     (CONFIG_TRANSPARENT_HUGEPAGE  is  required.)   Non-file  backed  huge  pages
                     mapped into user-space page tables.

              HugePages_Total %lu
                     (CONFIG_HUGETLB_PAGE is required.)  The size of the pool of huge pages.

              HugePages_Free %lu
                     (CONFIG_HUGETLB_PAGE  is  required.)   The  number of huge pages in the pool
                     that are not yet allocated.

              HugePages_Rsvd %lu (since Linux 2.6.17)
                     (CONFIG_HUGETLB_PAGE is required.)  This is the number  of  huge  pages  for
                     which  a  commitment to allocate from the pool has been made, but no alloca‐
                     tion has yet been made.  These reserved huge pages guarantee that an  appli‐
                     cation  will  be able to allocate a huge page from the pool of huge pages at
                     fault time.

              HugePages_Surp %lu (since Linux 2.6.24)
                     (CONFIG_HUGETLB_PAGE is required.)  This is the number of huge pages in  the
                     pool  above  the  value in /proc/sys/vm/nr_hugepages.  The maximum number of
                     surplus huge pages is controlled by /proc/sys/vm/nr_overcommit_hugepages.

              Hugepagesize %lu
                     (CONFIG_HUGETLB_PAGE is required.)  The size of huge pages.

       /proc/modules
              A text list of the modules that have been loaded by the system.  See also lsmod(8).

       /proc/mounts
              Before kernel 2.4.19, this file was a list of all the filesystems currently mounted
              on  the  system.   With  the  introduction of per-process mount namespaces in Linux
              2.4.19, this file became a link to /proc/self/mounts, which lists the mount  points
              of  the  process's  own  mount namespace.  The format of this file is documented in
              fstab(5).

       /proc/mtrr
              Memory  Type  Range  Registers.   See  the  Linux  kernel  source  file  Documenta‐
              tion/mtrr.txt for details.

       /proc/net
              various net pseudo-files, all of which give the status of some part of the network‐
              ing layer.  These files contain ASCII structures and are, therefore, readable  with
              cat(1).   However,  the  standard  netstat(8) suite provides much cleaner access to
              these files.

       /proc/net/arp
              This holds an ASCII readable dump of the kernel ARP table used for address  resolu‐
              tions.   It  will show both dynamically learned and preprogrammed ARP entries.  The
              format is:

        IP address     HW type   Flags     HW address          Mask   Device
        192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
        192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0

              Here "IP address" is the IPv4 address of the machine and the "HW type" is the hard‐
              ware type of the address from RFC 826.  The flags are the internal flags of the ARP
              structure (as defined in /usr/include/linux/if_arp.h) and the "HW address"  is  the
              data link layer mapping for that IP address if it is known.

       /proc/net/dev
              The  dev  pseudo-file  contains  network device status information.  This gives the
              number of received and sent packets, the number of errors and collisions and  other
              basic  statistics.  These are used by the ifconfig(8) program to report device sta‐
              tus.  The format is:

 Inter-|   Receive                                                |  Transmit
  face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
     lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
   eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
   ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
   tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0

       /proc/net/dev_mcast
              Defined in /usr/src/linux/net/core/dev_mcast.c:
                   indx interface_name  dmi_u dmi_g dmi_address
                   2    eth0            1     0     01005e000001
                   3    eth1            1     0     01005e000001
                   4    eth2            1     0     01005e000001

       /proc/net/igmp
              Internet Group Management Protocol.  Defined in /usr/src/linux/net/core/igmp.c.

       /proc/net/rarp
              This file uses the same format as the arp file and  contains  the  current  reverse
              mapping  database used to provide rarp(8) reverse address lookup services.  If RARP
              is not configured into the kernel, this file will not be present.

       /proc/net/raw
              Holds a dump of the RAW socket table.  Much of the information is not of use  apart
              from  debugging.   The  "sl"  value  is  the  kernel  hash slot for the socket, the
              "local_address" is the local address and protocol number pair.  "St" is the  inter‐
              nal  status  of  the  socket.   The  "tx_queue" and "rx_queue" are the outgoing and
              incoming data queue in terms of kernel memory usage.   The  "tr",  "tm->when",  and
              "rexmits"  fields  are not used by RAW.  The "uid" field holds the effective UID of
              the creator of the socket.

       /proc/net/snmp
              This file holds the ASCII data needed for the IP, ICMP,  TCP,  and  UDP  management
              information bases for an SNMP agent.

       /proc/net/tcp
              Holds  a dump of the TCP socket table.  Much of the information is not of use apart
              from debugging.  The "sl" value is  the  kernel  hash  slot  for  the  socket,  the
              "local_address"  is  the  local address and port number pair.  The "rem_address" is
              the remote address and port number pair (if connected).  "St" is the internal  sta‐
              tus  of  the  socket.   The "tx_queue" and "rx_queue" are the outgoing and incoming
              data queue in terms of kernel memory usage.  The "tr",  "tm->when",  and  "rexmits"
              fields hold internal information of the kernel socket state and are useful only for
              debugging.  The "uid" field holds the effective UID of the creator of the socket.

       /proc/net/udp
              Holds a dump of the UDP socket table.  Much of the information is not of use  apart
              from  debugging.   The  "sl"  value  is  the  kernel  hash slot for the socket, the
              "local_address" is the local address and port number pair.   The  "rem_address"  is
              the  remote address and port number pair (if connected).  "St" is the internal sta‐
              tus of the socket.  The "tx_queue" and "rx_queue" are  the  outgoing  and  incoming
              data  queue  in  terms of kernel memory usage.  The "tr", "tm->when", and "rexmits"
              fields are not used by UDP.  The "uid" field holds the effective UID of the creator
              of the socket.  The format is:

 sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
  1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
  1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
  1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0

       /proc/net/unix
              Lists the UNIX domain sockets present within the system and their status.  The for‐
              mat is:
              Num RefCount Protocol Flags    Type St Path
               0: 00000002 00000000 00000000 0001 03
               1: 00000001 00000000 00010000 0001 01 /dev/printer

              The fields are as follows:

              Num:      the kernel table slot number.

              RefCount: the number of users of the socket.

              Protocol: currently always 0.

              Flags:    the internal kernel flags holding the status of the socket.

              Type:     the socket type.  For SOCK_STREAM sockets, this is 0001;  for  SOCK_DGRAM
                        sockets, it is 0002; and for SOCK_SEQPACKET sockets, it is 0005.

              St:       the internal state of the socket.

              Path:     the bound path (if any) of the socket.  Sockets in the abstract namespace
                        are included in the list, and are shown with a Path that  commences  with
                        the character '@'.

       /proc/net/netfilter/nfnetlink_queue
              This  file  contains information about netfilter userspace queueing, if used.  Each
              line represents a queue.  Queues that have not been subscribed to by userspace  are
              not shown.

                 1   4207     0  2 65535     0     0        0  1
                (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)

              The fields in each line are:

              (1)  The  ID  of  the  queue.  This matches what is specified in the --queue-num or
                   --queue-balance options to the  iptables(8)  NFQUEUE  target.   See  iptables-
                   extensions(8) for more information.

              (2)  The netlink port ID subscribed to the queue.

              (3)  The  number  of  packets  currently  queued and waiting to be processed by the
                   application.

              (4)  The copy mode of the queue.  It is either 1 (metadata only) or  2  (also  copy
                   payload data to userspace).

              (5)  Copy  range;  that  is,  how  many bytes of packet payload should be copied to
                   userspace at most.

              (6)  queue dropped.  Number of packets that had to be dropped by the kernel because
                   too  many packets are already waiting for userspace to send back the mandatory
                   accept/drop verdicts.

              (7)  queue user dropped.  Number of packets that were dropped  within  the  netlink
                   subsystem.   Such drops usually happen when the corresponding socket buffer is
                   full; that is, userspace is not able to read messages fast enough.

              (8)  sequence number.  Every queued packet is associated with a (32-bit)  monotoni‐
                   cally-increasing sequence number.  This shows the ID of the most recent packet
                   queued.

              The last number exists only for compatibility reasons and is always 1.

       /proc/partitions
              Contains the major and minor numbers of each partition as well  as  the  number  of
              1024-byte blocks and the partition name.

       /proc/pci
              This  is  a listing of all PCI devices found during kernel initialization and their
              configuration.

              This file  has  been  deprecated  in  favor  of  a  new  /proc  interface  for  PCI
              (/proc/bus/pci).    It   became   optional   in  Linux  2.2  (available  with  CON‐
              FIG_PCI_OLD_PROC set at kernel compilation).  It  became  once  more  nonoptionally
              enabled  in  Linux 2.4.  Next, it was deprecated in Linux 2.6 (still available with
              CONFIG_PCI_LEGACY_PROC set), and finally removed altogether since Linux 2.6.17.

       /proc/profile (since Linux 2.4)
              This file is present only if the kernel was booted with the profile=1  command-line
              option.   It  exposes  kernel  profiling  information in a binary format for use by
              readprofile(1).  Writing (e.g., an empty string) to this file resets the  profiling
              counters; on some architectures, writing a binary integer "profiling multiplier" of
              size sizeof(int) sets the profiling interrupt frequency.

       /proc/scsi
              A directory with the scsi mid-level pseudo-file and various SCSI  low-level  driver
              directories,  which  contain a file for each SCSI host in this system, all of which
              give the status of some part of the SCSI IO subsystem.  These files  contain  ASCII
              structures and are, therefore, readable with cat(1).

              You can also write to some of the files to reconfigure the subsystem or switch cer‐
              tain features on or off.

       /proc/scsi/scsi
              This is a listing of all SCSI devices known to the kernel.  The listing is  similar
              to  the one seen during bootup.  scsi currently supports only the add-single-device
              command which allows root to add a hotplugged device to the list of known devices.

              The command

                  echo 'scsi add-single-device 1 0 5 0' > /proc/scsi/scsi

              will cause host scsi1 to scan on SCSI channel 0 for a device on ID  5  LUN  0.   If
              there is already a device known on this address or the address is invalid, an error
              will be returned.

       /proc/scsi/[drivername]
              [drivername] can currently be NCR53c7xx, aha152x, aha1542, aha1740,  aic7xxx,  bus‐
              logic,  eata_dma,  eata_pio,  fdomain,  in2000, pas16, qlogic, scsi_debug, seagate,
              t128, u15-24f, ultrastore, or wd7000.  These directories show up  for  all  drivers
              that  registered at least one SCSI HBA.  Every directory contains one file per reg‐
              istered host.  Every host-file is named after the number the host was assigned dur‐
              ing initialization.

              Reading  these  files  will usually show driver and host configuration, statistics,
              and so on.

              Writing to these files allows different things on different  hosts.   For  example,
              with the latency and nolatency commands, root can switch on and off command latency
              measurement code in the eata_dma driver.  With the lockup and unlock commands, root
              can control bus lockups simulated by the scsi_debug driver.

       /proc/self
              This directory refers to the process accessing the /proc filesystem, and is identi‐
              cal to the /proc directory named by the process ID of the same process.

       /proc/slabinfo
              Information about kernel caches.  Since Linux 2.6.16 this file is present  only  if
              the   CONFIG_SLAB   kernel   configuration  option  is  enabled.   The  columns  in
              /proc/slabinfo are:

                  cache-name
                  num-active-objs
                  total-objs
                  object-size
                  num-active-slabs
                  total-slabs
                  num-pages-per-slab

              See slabinfo(5) for details.

       /proc/stat
              kernel/system statistics.  Varies with architecture.  Common entries include:

              cpu  3357 0 4313 1362393
                     The amount of time, measured in units of USER_HZ (1/100ths of  a  second  on
                     most  architectures,  use  sysconf(_SC_CLK_TCK)  to obtain the right value),
                     that the system spent in various states:

                     user   (1) Time spent in user mode.

                     nice   (2) Time spent in user mode with low priority (nice).

                     system (3) Time spent in system mode.

                     idle   (4) Time spent in the idle task.  This value should be USER_HZ  times
                            the second entry in the /proc/uptime pseudo-file.

                     iowait (since Linux 2.5.41)
                            (5) Time waiting for I/O to complete.

                     irq (since Linux 2.6.0-test4)
                            (6) Time servicing interrupts.

                     softirq (since Linux 2.6.0-test4)
                            (7) Time servicing softirqs.

                     steal (since Linux 2.6.11)
                            (8)  Stolen  time, which is the time spent in other operating systems
                            when running in a virtualized environment

                     guest (since Linux 2.6.24)
                            (9) Time spent running a virtual  CPU  for  guest  operating  systems
                            under the control of the Linux kernel.

                     guest_nice (since Linux 2.6.33)
                            (10)  Time spent running a niced guest (virtual CPU for guest operat‐
                            ing systems under the control of the Linux kernel).

              page 5741 1808
                     The number of pages the system paged in and the number that were  paged  out
                     (from disk).

              swap 1 0
                     The number of swap pages that have been brought in and out.

              intr 1462898
                     This  line  shows counts of interrupts serviced since boot time, for each of
                     the possible system interrupts.  The first column is the total of all inter‐
                     rupts  serviced  including unnumbered architecture specific interrupts; each
                     subsequent column is the  total  for  that  particular  numbered  interrupt.
                     Unnumbered interrupts are not shown, only summed into the total.

              disk_io: (2,0):(31,30,5764,1,2) (3,0):...
                     (major,disk_idx):(noinfo,  read_io_ops,  blks_read, write_io_ops, blks_writ‐
                     ten)
                     (Linux 2.4 only)

              ctxt 115315
                     The number of context switches that the system underwent.

              btime 769041601
                     boot time, in seconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).

              processes 86031
                     Number of forks since boot.

              procs_running 6
                     Number of processes in runnable state.  (Linux 2.5.45 onward.)

              procs_blocked 2
                     Number of processes blocked waiting for  I/O  to  complete.   (Linux  2.5.45
                     onward.)

       /proc/swaps
              Swap areas in use.  See also swapon(8).

       /proc/sys
              This directory (present since 1.3.57) contains a number of files and subdirectories
              corresponding to kernel variables.  These variables can be read and sometimes modi‐
              fied using the /proc filesystem, and the (deprecated) sysctl(2) system call.

              String values may be terminated by either '\0' or '\n'.

              Integer and long values may be written either in decimal or in hexadecimal notation
              (e.g. 0x3FFF).  When writing multiple integer or long values, these  may  be  sepa‐
              rated  by  any  of  the following whitespace characters: ' ', '\t', or '\n'.  Using
              other separators leads to the error EINVAL.

       /proc/sys/abi (since Linux 2.4.10)
              This directory may contain files with  application  binary  information.   See  the
              Linux kernel source file Documentation/sysctl/abi.txt for more information.

       /proc/sys/debug
              This directory may be empty.

       /proc/sys/dev
              This  directory  contains  device-specific  information (e.g., dev/cdrom/info).  On
              some systems, it may be empty.

       /proc/sys/fs
              This directory contains the files and subdirectories for kernel  variables  related
              to filesystems.

       /proc/sys/fs/binfmt_misc
              Documentation  for files in this directory can be found in the Linux kernel sources
              in Documentation/binfmt_misc.txt.

       /proc/sys/fs/dentry-state (since Linux 2.2)
              This file contains information about the status of the  directory  cache  (dcache).
              The  file  contains  six numbers, nr_dentry, nr_unused, age_limit (age in seconds),
              want_pages (pages requested by system) and two dummy values.

              * nr_dentry is the number of allocated dentries (dcache entries).   This  field  is
                unused in Linux 2.2.

              * nr_unused is the number of unused dentries.

              * age_limit  is the age in seconds after which dcache entries can be reclaimed when
                memory is short.

              * want_pages is nonzero when the kernel has called  shrink_dcache_pages()  and  the
                dcache isn't pruned yet.

       /proc/sys/fs/dir-notify-enable
              This  file  can  be  used  to  disable or enable the dnotify interface described in
              fcntl(2) on a system-wide basis.  A value of 0 in this file disables the interface,
              and a value of 1 enables it.

       /proc/sys/fs/dquot-max
              This  file  shows  the  maximum number of cached disk quota entries.  On some (2.4)
              systems, it is not present.  If the number of free cached  disk  quota  entries  is
              very  low  and you have some awesome number of simultaneous system users, you might
              want to raise the limit.

       /proc/sys/fs/dquot-nr
              This file shows the number of allocated disk quota entries and the number  of  free
              disk quota entries.

       /proc/sys/fs/epoll (since Linux 2.6.28)
              This  directory  contains the file max_user_watches, which can be used to limit the
              amount of kernel memory consumed by the epoll interface.  For further details,  see
              epoll(7).

       /proc/sys/fs/file-max
              This  file  defines  a  system-wide  limit on the number of open files for all pro‐
              cesses.  System calls that fail when encountering this limit fail  with  the  error
              ENFILE.   (See  also  setrlimit(2),  which can be used by a process to set the per-
              process limit, RLIMIT_NOFILE, on the number of files it may open.)  If you get lots
              of  error  messages  in  the kernel log about running out of file handles (look for
              "VFS: file-max limit  reached"), try increasing this value:

                  echo 100000 > /proc/sys/fs/file-max

              Privileged processes (CAP_SYS_ADMIN) can override the file-max limit.

       /proc/sys/fs/file-nr
              This (read-only) file contains three numbers: the number of allocated file  handles
              (i.e.,  the number of files presently opened); the number of free file handles; and
              the maximum number of file handles (i.e., the same value as /proc/sys/fs/file-max).
              If  the  number  of allocated file handles is close to the maximum, you should con‐
              sider increasing the maximum.  Before Linux 2.6, the kernel allocated file  handles
              dynamically,  but  it  didn't  free them again.  Instead the free file handles were
              kept in a list for reallocation; the "free file handles" value indicates  the  size
              of  that list.  A large number of free file handles indicates that there was a past
              peak in the usage of open file handles.  Since Linux 2.6, the kernel  does  deallo‐
              cate freed file handles, and the "free file handles" value is always zero.

       /proc/sys/fs/inode-max (only present until Linux 2.2)
              This  file  contains  the maximum number of in-memory inodes.  This value should be
              3-4 times larger than the value in file-max, since stdin, stdout and network  sock‐
              ets  also  need an inode to handle them.  When you regularly run out of inodes, you
              need to increase this value.

              Starting with Linux 2.4, there is no longer a static limit on the number of inodes,
              and this file is removed.

       /proc/sys/fs/inode-nr
              This file contains the first two values from inode-state.

       /proc/sys/fs/inode-state
              This  file  contains  seven numbers: nr_inodes, nr_free_inodes, preshrink, and four
              dummy values (always zero).

              nr_inodes is the number of inodes the system has allocated.  nr_free_inodes  repre‐
              sents the number of free inodes.

              preshrink  is  nonzero when the nr_inodes > inode-max and the system needs to prune
              the inode list instead of allocating more; since Linux 2.4, this field is  a  dummy
              value (always zero).

       /proc/sys/fs/inotify (since Linux 2.6.13)
              This   directory   contains   files   max_queued_events,   max_user_instances,  and
              max_user_watches, that can be used to limit the amount of kernel memory consumed by
              the inotify interface.  For further details, see inotify(7).

       /proc/sys/fs/lease-break-time
              This  file specifies the grace period that the kernel grants to a process holding a
              file lease (fcntl(2)) after it has sent a signal to that process notifying it  that
              another  process  is waiting to open the file.  If the lease holder does not remove
              or downgrade the lease within this grace period, the  kernel  forcibly  breaks  the
              lease.

       /proc/sys/fs/leases-enable
              This  file can be used to enable or disable file leases (fcntl(2)) on a system-wide
              basis.  If this file contains the value 0, leases are disabled.   A  nonzero  value
              enables leases.

       /proc/sys/fs/mqueue (since Linux 2.6.6)
              This directory contains files msg_max, msgsize_max, and queues_max, controlling the
              resources used by POSIX message queues.  See mq_overview(7) for details.

       /proc/sys/fs/nr_open (since Linux 2.6.25)
              This file imposes ceiling on the value to which the  RLIMIT_NOFILE  resource  limit
              can  be  raised (see getrlimit(2)).  This ceiling is enforced for both unprivileged
              and privileged process.  The default value in this file is 1048576.  (Before  Linux
              2.6.25, the ceiling for RLIMIT_NOFILE was hard-coded to the same value.)

       /proc/sys/fs/overflowgid and /proc/sys/fs/overflowuid
              These files allow you to change the value of the fixed UID and GID.  The default is
              65534.  Some filesystems support only 16-bit UIDs and GIDs, although in Linux  UIDs
              and  GIDs  are  32  bits.   When  one  of  these filesystems is mounted with writes
              enabled, any UID or GID that would exceed 65535 is translated to the overflow value
              before being written to disk.

       /proc/sys/fs/pipe-max-size (since Linux 2.6.35)
              The  value  in  this file defines an upper limit for raising the capacity of a pipe
              using the fcntl(2) F_SETPIPE_SZ operation.  This limit applies only to unprivileged
              processes.   The  default  value for this file is 1,048,576.  The value assigned to
              this file may be rounded upward, to reflect the value actually employed for a  con‐
              venient implementation.  To determine the rounded-up value, display the contents of
              this file after assigning a value to it.  The minimum value that can be assigned to
              this file is the system page size.

       /proc/sys/fs/protected_hardlinks (since Linux 3.6)
              When  the  value  in  this file is 0, no restrictions are placed on the creation of
              hard links (i.e., this is the historical behavior  before  Linux  3.6).   When  the
              value in this file is 1, a hard link can be created to a target file only if one of
              the following conditions is true:

              *  The caller has the CAP_FOWNER capability.

              *  The filesystem UID of the process creating the link matches the owner  (UID)  of
                 the  target  file (as described in credentials(7), a process's filesystem UID is
                 normally the same as its effective UID).

              *  All of the following conditions are true:

                  ·  the target is a regular file;

                  ·  the target file does not have its set-user-ID mode bit enabled;

                  ·  the target file does not have both  its  set-group-ID  and  group-executable
                     mode bits enabled; and

                  ·  the  caller has permission to read and write the target file (either via the
                     file's permissions mask or because it has suitable capabilities).

              The default value in this file is 0.  Setting the value to 1 prevents a  longstand‐
              ing  class  of security issues caused by hard-link-based time-of-check, time-of-use
              races, most commonly seen in world-writable directories such as /tmp.   The  common
              method  of  exploiting  this flaw is to cross privilege boundaries when following a
              given hard link (i.e., a root process follows a hard link created by another user).
              Additionally,  on  systems  without  separated  partitions, this stops unauthorized
              users from "pinning" vulnerable set-user-ID and set-group-ID  files  against  being
              upgraded by the administrator, or linking to special files.

       /proc/sys/fs/protected_symlinks (since Linux 3.6)
              When  the value in this file is 0, no restrictions are placed on following symbolic
              links (i.e., this is the historical behavior before Linux 3.6).  When the value  in
              this file is 1, symbolic links are followed only in the following circumstances:

              *  the  filesystem UID of the process following the link matches the owner (UID) of
                 the symbolic link (as described in credentials(7), a process's filesystem UID is
                 normally the same as its effective UID);

              *  the link is not in a sticky world-writable directory; or

              *  the symbolic link and its parent directory have the same owner (UID)

              A  system  call  that fails to follow a symbolic link because of the above restric‐
              tions returns the error EACCES in errno.

              The default value in this file is 0.  Setting the value to 1 avoids a  longstanding
              class  of  security issues based on time-of-check, time-of-use races when accessing
              symbolic links.

       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
              The value in this file is assigned to a process's "dumpable" flag  in  the  circum‐
              stances  described  in  prctl(2).   In  effect,  the  value in this file determines
              whether core dump files are produced for set-user-ID or otherwise protected/tainted
              binaries.  Three different integer values can be specified:

              0 (default)
                     This provides the traditional (pre-Linux 2.6.13) behavior.  A core dump will
                     not be produced for a process which  has  changed  credentials  (by  calling
                     seteuid(2),  setgid(2),  or  similar,  or by executing a set-user-ID or set-
                     group-ID program) or whose binary does not have read permission enabled.

              1 ("debug")
                     All processes dump core when possible.   The  core  dump  is  owned  by  the
                     filesystem  user ID of the dumping process and no security is applied.  This
                     is intended for system debugging situations only.  Ptrace is unchecked.

              2 ("suidsafe")
                     Any binary which normally would not be dumped  (see  "0"  above)  is  dumped
                     readable  by  root  only.  This allows the user to remove the core dump file
                     but not to read it.  For security reasons core dumps in this mode  will  not
                     overwrite  one another or other files.  This mode is appropriate when admin‐
                     istrators are attempting to debug problems in a normal environment.

                     Additionally, since Linux 3.6, /proc/sys/kernel/core_pattern must either  be
                     an  absolute  pathname  or a pipe command, as detailed in core(5).  Warnings
                     will be written to the kernel log if  core_pattern  does  not  follow  these
                     rules, and no core dump will be produced.

       /proc/sys/fs/super-max
              This  file  controls the maximum number of superblocks, and thus the maximum number
              of mounted filesystems the kernel can have.  You need increase  only  super-max  if
              you  need  to mount more filesystems than the current value in super-max allows you
              to.

       /proc/sys/fs/super-nr
              This file contains the number of filesystems currently mounted.

       /proc/sys/kernel
              This directory  contains  files  controlling  a  range  of  kernel  parameters,  as
              described below.

       /proc/sys/kernel/acct
              This file contains three numbers: highwater, lowwater, and frequency.  If BSD-style
              process accounting is enabled, these values control its behavior.  If free space on
              filesystem  where  the  log lives goes below lowwater percent, accounting suspends.
              If free space gets above highwater percent, accounting resumes.   frequency  deter‐
              mines  how  often the kernel checks the amount of free space (value is in seconds).
              Default values are 4, 2 and 30.  That is, suspend accounting if 2% or less space is
              free;  resume  it if 4% or more space is free; consider information about amount of
              free space valid for 30 seconds.

       /proc/sys/kernel/auto_msgmni (Linux 2.6.27 to 3.18)
              From Linux 2.6.27 to 3.18, this file was used to control recomputing of  the  value
              in  /proc/sys/kernel/msgmni  upon  the  addition  or  removal of memory or upon IPC
              namespace creation/removal.  Echoing "1" into this file  enabled  msgmni  automatic
              recomputing (and triggered a recomputation of msgmni based on the current amount of
              available memory and number of IPC namespaces).   Echoing  "0"  disabled  automatic
              recomputing.   (Automatic  recomputing  was also disabled if a value was explicitly
              assigned to /proc/sys/kernel/msgmni.)  The default value in auto_msgmni was 1.

              Since Linux 3.19, the content of this file has no effect (because  msgmni  defaults
              to  near  the  maximum  value possible), and reads from this file always return the
              value "0".

       /proc/sys/kernel/cap_last_cap (since Linux 3.2)
              See capabilities(7).

       /proc/sys/kernel/cap-bound (from Linux 2.2 to 2.6.24)
              This file holds the value of the kernel capability bounding  set  (expressed  as  a
              signed  decimal number).  This set is ANDed against the capabilities permitted to a
              process during execve(2).  Starting with Linux 2.6.25, the  system-wide  capability
              bounding  set disappeared, and was replaced by a per-thread bounding set; see capa‐
              bilities(7).

       /proc/sys/kernel/core_pattern
              See core(5).

       /proc/sys/kernel/core_uses_pid
              See core(5).

       /proc/sys/kernel/ctrl-alt-del
              This file controls the handling of Ctrl-Alt-Del from the keyboard.  When the  value
              in  this file is 0, Ctrl-Alt-Del is trapped and sent to the init(1) program to han‐
              dle a graceful restart.  When the value is greater than zero, Linux's reaction to a
              Vulcan Nerve Pinch (tm) will be an immediate reboot, without even syncing its dirty
              buffers.  Note: when a program (like dosemu) has the keyboard in  "raw"  mode,  the
              ctrl-alt-del  is  intercepted  by the program before it ever reaches the kernel tty
              layer, and it's up to the program to decide what to do with it.

       /proc/sys/kernel/dmesg_restrict (since Linux 2.6.37)
              The value in this file determines who can see kernel syslog contents.  A value of 0
              in this file imposes no restrictions.  If the value is 1, only privileged users can
              read the kernel syslog.  (See syslog(2) for more details.)  Since Linux  3.4,  only
              users with the CAP_SYS_ADMIN capability may change the value in this file.

       /proc/sys/kernel/domainname and /proc/sys/kernel/hostname
              can  be  used  to set the NIS/YP domainname and the hostname of your box in exactly
              the same way as the commands domainname(1) and hostname(1), that is:

                  # echo 'darkstar' > /proc/sys/kernel/hostname
                  # echo 'mydomain' > /proc/sys/kernel/domainname

              has the same effect as

                  # hostname 'darkstar'
                  # domainname 'mydomain'

              Note, however, that the classic darkstar.frop.org has the hostname  "darkstar"  and
              DNS  (Internet  Domain  Name Server) domainname "frop.org", not to be confused with
              the NIS (Network Information Service) or YP (Yellow Pages) domainname.   These  two
              domain  names  are  in  general different.  For a detailed discussion see the host‐
              name(1) man page.

       /proc/sys/kernel/hotplug
              This file contains the path for the hotplug policy agent.   The  default  value  in
              this file is /sbin/hotplug.

       /proc/sys/kernel/htab-reclaim
              (PowerPC only) If this file is set to a nonzero value, the PowerPC htab (see kernel
              file Documentation/powerpc/ppc_htab.txt) is pruned each time the  system  hits  the
              idle loop.

       /proc/sys/kernel/kptr_restrict (since Linux 2.6.38)
              The  value  in  this file determines whether kernel addresses are exposed via /proc
              files and other interfaces.  A value of 0 in this file imposes no restrictions.  If
              the  value  is  1,  kernel  pointers printed using the %pK format specifier will be
              replaced with zeros unless the user has the CAP_SYSLOG capability.  If the value is
              2,  kernel  pointers  printed  using the %pK format specifier will be replaced with
              zeros regardless of the user's capabilities.  The initial default  value  for  this
              file  was  1,  but  the default was changed to 0 in Linux 2.6.39.  Since Linux 3.4,
              only users with the CAP_SYS_ADMIN capability can change the value in this file.

       /proc/sys/kernel/l2cr
              (PowerPC only) This file contains a flag that controls the L2 cache of G3 processor
              boards.  If 0, the cache is disabled.  Enabled if nonzero.

       /proc/sys/kernel/modprobe
              This  file  contains  the  path for the kernel module loader.  The default value is
              /sbin/modprobe.  The file is present only if the kernel  is  built  with  the  CON‐
              FIG_MODULES  (CONFIG_KMOD  in  Linux  2.6.26  and  earlier)  option enabled.  It is
              described by the Linux kernel source file Documentation/kmod.txt (present  only  in
              kernel 2.4 and earlier).

       /proc/sys/kernel/modules_disabled (since Linux 2.6.31)
              A toggle value indicating if modules are allowed to be loaded in an otherwise modu‐
              lar kernel.  This toggle defaults to off (0), but can be set true (1).  Once  true,
              modules  can  be  neither loaded nor unloaded, and the toggle cannot be set back to
              false.  The file is present only if the kernel is  built  with  the  CONFIG_MODULES
              option enabled.

       /proc/sys/kernel/msgmax (since Linux 2.2)
              This  file  defines a system-wide limit specifying the maximum number of bytes in a
              single message written on a System V message queue.

       /proc/sys/kernel/msgmni (since Linux 2.4)
              This file defines the system-wide limit on the number of message queue identifiers.
              See also /proc/sys/kernel/auto_msgmni.

       /proc/sys/kernel/msgmnb (since Linux 2.2)
              This file defines a system-wide parameter used to initialize the msg_qbytes setting
              for subsequently created message queues.  The msg_qbytes setting specifies the max‐
              imum number of bytes that may be written to the message queue.

       /proc/sys/kernel/ngroups_max (since Linux 2.6.4)
              This is a read-only file that displays the upper limit on the number of a process's
              group memberships.

       /proc/sys/kernel/ostype and /proc/sys/kernel/osrelease
              These files give substrings of /proc/version.

       /proc/sys/kernel/overflowgid and /proc/sys/kernel/overflowuid
              These files duplicate the  files  /proc/sys/fs/overflowgid  and  /proc/sys/fs/over‐
              flowuid.

       /proc/sys/kernel/panic
              This file gives read/write access to the kernel variable panic_timeout.  If this is
              zero, the kernel will loop on a panic; if nonzero, it  indicates  that  the  kernel
              should autoreboot after this number of seconds.  When you use the software watchdog
              device driver, the recommended setting is 60.

       /proc/sys/kernel/panic_on_oops (since Linux 2.5.68)
              This file controls the kernel's behavior when an oops or BUG  is  encountered.   If
              this  file contains 0, then the system tries to continue operation.  If it contains
              1, then the system delays a few seconds (to give klogd time to record the oops out‐
              put) and then panics.  If the /proc/sys/kernel/panic file is also nonzero, then the
              machine will be rebooted.

       /proc/sys/kernel/pid_max (since Linux 2.5.34)
              This file specifies the value at which PIDs wrap around (i.e., the  value  in  this
              file  is  one  greater than the maximum PID).  PIDs greater than this value are not
              allocated; thus, the value in this file also acts as a  system-wide  limit  on  the
              total  number  of  processes  and threads.  The default value for this file, 32768,
              results in the same range of PIDs as on  earlier  kernels.   On  32-bit  platforms,
              32768  is  the maximum value for pid_max.  On 64-bit systems, pid_max can be set to
              any value up to 2^22 (PID_MAX_LIMIT, approximately 4 million).

       /proc/sys/kernel/powersave-nap (PowerPC only)
              This file contains a flag.  If set, Linux-PPC will use the "nap" mode of  powersav‐
              ing, otherwise the "doze" mode will be used.

       /proc/sys/kernel/printk
              See syslog(2).

       /proc/sys/kernel/pty (since Linux 2.6.4)
              This directory contains two files relating to the number of UNIX 98 pseudoterminals
              (see pts(4)) on the system.

       /proc/sys/kernel/pty/max
              This file defines the maximum number of pseudoterminals.

       /proc/sys/kernel/pty/nr
              This read-only file indicates how many pseudoterminals are currently in use.

       /proc/sys/kernel/random
              This directory contains various parameters controlling the operation  of  the  file
              /dev/random.  See random(4) for further information.

       /proc/sys/kernel/random/uuid (since Linux 2.4)
              Each  read from this read-only file returns a randomly generated 128-bit UUID, as a
              string in the standard UUID format.

       /proc/sys/kernel/randomize_va_space (since Linux 2.6.12)
              Select the address space layout randomization (ASLR)  policy  for  the  system  (on
              architectures that support ASLR).  Three values are supported for this file:

              0  Turn  ASLR  off.  This is the default for architectures that don't support ASLR,
                 and when the kernel is booted with the norandmaps parameter.

              1  Make the addresses of mmap(2) allocations, the stack, and the VDSO page  random‐
                 ized.   Among  other  things, this means that shared libraries will be loaded at
                 randomized addresses.  The text segment of  PIE-linked  binaries  will  also  be
                 loaded  at  a  randomized  address.  This value is the default if the kernel was
                 configured with CONFIG_COMPAT_BRK.

              2  (Since Linux 2.6.25) Also support heap randomization.  This value is the default
                 if the kernel was not configured with CONFIG_COMPAT_BRK.

       /proc/sys/kernel/real-root-dev
              This file is documented in the Linux kernel source file Documentation/initrd.txt.

       /proc/sys/kernel/reboot-cmd (Sparc only)
              This file seems to be a way to give an argument to the SPARC ROM/Flash boot loader.
              Maybe to tell it what to do after rebooting?

       /proc/sys/kernel/rtsig-max
              (Only in kernels up to and including 2.6.7; see setrlimit(2)) This file can be used
              to  tune  the  maximum  number of POSIX real-time (queued) signals that can be out‐
              standing in the system.

       /proc/sys/kernel/rtsig-nr
              (Only in kernels up to and including 2.6.7.)  This  file  shows  the  number  POSIX
              real-time signals currently queued.

       /proc/sys/kernel/sched_rr_timeslice_ms (since Linux 3.9)
              See sched_rr_get_interval(2).

       /proc/sys/kernel/sched_rt_period_us (Since Linux 2.6.25)
              See sched(7).

       /proc/sys/kernel/sched_rt_runtime_us (Since Linux 2.6.25)
              See sched(7).

       /proc/sys/kernel/sem (since Linux 2.4)
              This  file  contains  4 numbers defining limits for System V IPC semaphores.  These
              fields are, in order:

              SEMMSL  The maximum semaphores per semaphore set.

              SEMMNS  A system-wide limit on the number of semaphores in all semaphore sets.

              SEMOPM  The maximum number of operations that may be specified in a semop(2) call.

              SEMMNI  A system-wide limit on the maximum number of semaphore identifiers.

       /proc/sys/kernel/sg-big-buff
              This file shows the size of the generic SCSI device (sg) buffer.  You can't tune it
              just  yet, but you could change it at compile time by editing include/scsi/sg.h and
              changing the value of SG_BIG_BUFF.  However,  there  shouldn't  be  any  reason  to
              change this value.

       /proc/sys/kernel/shm_rmid_forced (since Linux 3.1)
              If  this  file  is set to 1, all System V shared memory segments will be marked for
              destruction as soon as the number of attached processes falls  to  zero;  in  other
              words,  it  is no longer possible to create shared memory segments that exist inde‐
              pendently of any attached process.

              The effect is as though a shmctl(2) IPC_RMID is performed on all existing  segments
              as  well  as  all  segments  created in the future (until this file is reset to 0).
              Note that existing segments that are attached to no  process  will  be  immediately
              destroyed  when  this file is set to 1.  Setting this option will also destroy seg‐
              ments that were created, but never attached, upon termination of the  process  that
              created the segment with shmget(2).

              Setting  this  file to 1 provides a way of ensuring that all System V shared memory
              segments are counted against the  resource  usage  and  resource  limits  (see  the
              description of RLIMIT_AS in getrlimit(2)) of at least one process.

              Because setting this file to 1 produces behavior that is nonstandard and could also
              break existing applications, the default value in this file is 0.   Only  set  this
              file  to  1  if  you have a good understanding of the semantics of the applications
              using System V shared memory on your system.

       /proc/sys/kernel/shmall (since Linux 2.2)
              This file contains the system-wide limit on the total number of pages of  System  V
              shared memory.

       /proc/sys/kernel/shmmax (since Linux 2.2)
              This  file can be used to query and set the run-time limit on the maximum (System V
              IPC) shared memory segment size that can be created.  Shared memory segments up  to
              1GB are now supported in the kernel.  This value defaults to SHMMAX.

       /proc/sys/kernel/shmmni (since Linux 2.4)
              This  file  specifies the system-wide maximum number of System V shared memory seg‐
              ments that can be created.

       /proc/sys/kernel/sysctl_writes_strict (since Linux 3.16)
              The value in this file determines how the  file  offset  affects  the  behavior  of
              updating entries in files under /proc/sys.  The file has three possible values:

              -1  This  provides  legacy  handling,  with no printk warnings.  Each write(2) must
                  fully contain the value to be written, and multiple writes  on  the  same  file
                  descriptor will overwrite the entire value, regardless of the file position.

              0   (default)  This  provides  the same behavior as for -1, but printk warnings are
                  written for processes that perform writes when the file offset is not 0.

              1   Respect the file offset when writing strings into  /proc/sys  files.   Multiple
                  writes  will  append  to the value buffer.  Anything written beyond the maximum
                  length of the value buffer  will  be  ignored.   Writes  to  numeric  /proc/sys
                  entries  must  always be at file offset 0 and the value must be fully contained
                  in the buffer provided to write(2).

       /proc/sys/kernel/sysrq
              This file controls the functions allowed to  be  invoked  by  the  SysRq  key.   By
              default,  the  file contains 1 meaning that every possible SysRq request is allowed
              (in older kernel versions, SysRq was disabled by default, and you were required  to
              specifically  enable  it at run-time, but this is not the case any more).  Possible
              values in this file are:

              0    Disable sysrq completely

              1    Enable all functions of sysrq

              > 1  Bit mask of allowed sysrq functions, as follows:
                     2  Enable control of console logging level
                     4  Enable control of keyboard (SAK, unraw)
                     8  Enable debugging dumps of processes etc.
                    16  Enable sync command
                    32  Enable remount read-only
                    64  Enable signaling of processes (term, kill, oom-kill)
                   128  Allow reboot/poweroff
                   256  Allow nicing of all real-time tasks

              This file is present only if the CONFIG_MAGIC_SYSRQ kernel configuration option  is
              enabled.   For  further  details  see  the  Linux  kernel  source  file  Documenta‐
              tion/sysrq.txt.

       /proc/sys/kernel/version
              This file contains a string such as:

                  #5 Wed Feb 25 21:49:24 MET 1998

              The "#5" means that this is the fifth kernel built from this source  base  and  the
              date following it indicates the time the kernel was built.

       /proc/sys/kernel/threads-max (since Linux 2.3.11)
              This file specifies the system-wide limit on the number of threads (tasks) that can
              be created on the system.

              Since Linux 4.1, the value that can be written to threads-max is bounded.  The min‐
              imum  value  that  can  be written is 20.  The maximum value that can be written is
              given by the constant FUTEX_TID_MASK (0x3fffffff).  If  a  value  outside  of  this
              range is written to threads-max, the error EINVAL occurs.

              The value written is checked against the available RAM pages.  If the thread struc‐
              tures would occupy too much (more than 1/8th) of the available RAM pages,  threads-
              max is reduced accordingly.

       /proc/sys/kernel/yama/ptrace_scope (since Linux 3.5)
              See ptrace(2).

       /proc/sys/kernel/zero-paged (PowerPC only)
              This  file  contains a flag.  When enabled (nonzero), Linux-PPC will pre-zero pages
              in the idle loop, possibly speeding up get_free_pages.

       /proc/sys/net
              This directory contains networking stuff.  Explanations for some of the files under
              this directory can be found in tcp(7) and ip(7).

       /proc/sys/net/core/bpf_jit_enable
              See bpf(2).

       /proc/sys/net/core/somaxconn
              This  file  defines  a ceiling value for the backlog argument of listen(2); see the
              listen(2) manual page for details.

       /proc/sys/proc
              This directory may be empty.

       /proc/sys/sunrpc
              This directory supports Sun remote procedure call for network filesystem (NFS).  On
              some systems, it is not present.

       /proc/sys/vm
              This  directory  contains files for memory management tuning, buffer and cache man‐
              agement.

       /proc/sys/vm/compact_memory (since Linux 2.6.35)
              When 1 is written to this file, all zones are compacted such that  free  memory  is
              available  in  contiguous  blocks where possible.  The effect of this action can be
              seen by examining /proc/buddyinfo.

              Only present if the kernel was configured with CONFIG_COMPACTION.

       /proc/sys/vm/drop_caches (since Linux 2.6.16)
              Writing to this file causes the kernel to drop clean caches, dentries,  and  inodes
              from  memory,  causing  that  memory to become free.  This can be useful for memory
              management testing and  performing  reproducible  filesystem  benchmarks.   Because
              writing  to  this  file  causes  the benefits of caching to be lost, it can degrade
              overall system performance.

              To free pagecache, use:

                  echo 1 > /proc/sys/vm/drop_caches

              To free dentries and inodes, use:

                  echo 2 > /proc/sys/vm/drop_caches

              To free pagecache, dentries and inodes, use:

                  echo 3 > /proc/sys/vm/drop_caches

              Because writing to this file is a nondestructive operation and  dirty  objects  are
              not freeable, the user should run sync(1) first.

       /proc/sys/vm/legacy_va_layout (since Linux 2.6.9)
              If nonzero, this disables the new 32-bit memory-mapping layout; the kernel will use
              the legacy (2.4) layout for all processes.

       /proc/sys/vm/memory_failure_early_kill (since Linux 2.6.32)
              Control how to kill processes when an uncorrected memory error (typically  a  2-bit
              error  in  a memory module) that cannot be handled by the kernel is detected in the
              background by hardware.  In some cases (like the page still having a valid copy  on
              disk),  the  kernel  will  handle  the  failure transparently without affecting any
              applications.  But if there is no other up-to-date copy of the data, it  will  kill
              processes to prevent any data corruptions from propagating.

              The file has one of the following values:

              1:  Kill  all  processes  that have the corrupted-and-not-reloadable page mapped as
                  soon as the corruption is detected.  Note this is not supported for a few types
                  of  pages,  like  kernel internally allocated data or the swap cache, but works
                  for the majority of user pages.

              0:  Only unmap the corrupted page from all processes and kill only a  process  that
                  tries to access it.

              The  kill  is  performed  using  a SIGBUS signal with si_code set to BUS_MCEERR_AO.
              Processes can handle this if they want to; see sigaction(2) for more details.

              This feature is active only on architectures/platforms with advanced machine  check
              handling and depends on the hardware capabilities.

              Applications  can  override the memory_failure_early_kill setting individually with
              the prctl(2) PR_MCE_KILL operation.

              Only present if the kernel was configured with CONFIG_MEMORY_FAILURE.

       /proc/sys/vm/memory_failure_recovery (since Linux 2.6.32)
              Enable memory failure recovery (when supported by the platform)

              1:  Attempt recovery.

              0:  Always panic on a memory failure.

              Only present if the kernel was configured with CONFIG_MEMORY_FAILURE.

       /proc/sys/vm/oom_dump_tasks (since Linux 2.6.25)
              Enables a system-wide task dump (excluding kernel threads) to be produced when  the
              kernel  performs  an  OOM-killing.  The dump includes the following information for
              each task (thread, process): thread ID, real user ID, thread group ID (process ID),
              virtual  memory  size,  resident  set  size, the CPU that the task is scheduled on,
              oom_adj score (see the description of /proc/[pid]/oom_adj), and command name.  This
              is  helpful  to  determine why the OOM-killer was invoked and to identify the rogue
              task that caused it.

              If this contains the value zero, this information is  suppressed.   On  very  large
              systems  with  thousands  of tasks, it may not be feasible to dump the memory state
              information for each one.  Such systems should not be forced to incur a performance
              penalty in OOM situations when the information may not be desired.

              If  this is set to nonzero, this information is shown whenever the OOM-killer actu‐
              ally kills a memory-hogging task.

              The default value is 0.

       /proc/sys/vm/oom_kill_allocating_task (since Linux 2.6.24)
              This enables or disables killing the OOM-triggering task  in  out-of-memory  situa‐
              tions.

              If  this  is  set to zero, the OOM-killer will scan through the entire tasklist and
              select a task based on heuristics to kill.  This normally selects a  rogue  memory-
              hogging task that frees up a large amount of memory when killed.

              If  this is set to nonzero, the OOM-killer simply kills the task that triggered the
              out-of-memory condition.  This avoids a possibly expensive tasklist scan.

              If /proc/sys/vm/panic_on_oom is nonzero, it takes precedence over whatever value is
              used in /proc/sys/vm/oom_kill_allocating_task.

              The default value is 0.

       /proc/sys/vm/overcommit_kbytes (since Linux 3.14)
              This  writable  file  provides  an alternative to /proc/sys/vm/overcommit_ratio for
              controlling the CommitLimit when /proc/sys/vm/overcommit_memory has  the  value  2.
              It  allows the amount of memory overcommitting to be specified as an absolute value
              (in kB), rather than as a percentage,  as  is  done  with  overcommit_ratio.   This
              allows  for  finer-grained  control  of CommitLimit on systems with extremely large
              memory sizes.

              Only one of overcommit_kbytes or overcommit_ratio can have an effect:  if  overcom‐
              mit_kbytes has a nonzero value, then it is used to calculate CommitLimit, otherwise
              overcommit_ratio is used.  Writing a value to either  of  these  files  causes  the
              value in the other file to be set to zero.

       /proc/sys/vm/overcommit_memory
              This file contains the kernel virtual memory accounting mode.  Values are:

                     0: heuristic overcommit (this is the default)
                     1: always overcommit, never check
                     2: always check, never overcommit

              In  mode  0,  calls  of mmap(2) with MAP_NORESERVE are not checked, and the default
              check is very weak, leading to the risk of getting a process  "OOM-killed".   Under
              Linux 2.4, any nonzero value implies mode 1.

              In  mode 2 (available since Linux 2.6), the total virtual address space that can be
              allocated (CommitLimit in /proc/meminfo) is calculated as

                  CommitLimit = (total_RAM - total_huge_TLB) *
                                overcommit_ratio / 100 + total_swap

              where:

                   *  total_RAM is the total amount of RAM on the system;

                   *  total_huge_TLB is the amount of memory set aside for huge pages;

                   *  overcommit_ratio is the value in /proc/sys/vm/overcommit_ratio; and

                   *  total_swap is the amount of swap space.

              For example, on a system with 16GB of physical RAM, 16GB of swap,  no  space  dedi‐
              cated  to  huge  pages,  and  an overcommit_ratio of 50, this formula yields a Com‐
              mitLimit of 24GB.

              Since Linux 3.14, if the value in /proc/sys/vm/overcommit_kbytes is  nonzero,  then
              CommitLimit is instead calculated as:

                  CommitLimit = overcommit_kbytes + total_swap

       /proc/sys/vm/overcommit_ratio (since Linux 2.6.0)
              This  writable file defines a percentage by which memory can be overcommitted.  The
              default value in the file is 50.   See  the  description  of  /proc/sys/vm/overcom‐
              mit_memory.

       /proc/sys/vm/panic_on_oom (since Linux 2.6.18)
              This enables or disables a kernel panic in an out-of-memory situation.

              If  this  file  is set to the value 0, the kernel's OOM-killer will kill some rogue
              process.  Usually, the OOM-killer is able to kill a rogue process  and  the  system
              will survive.

              If  this  file  is set to the value 1, then the kernel normally panics when out-of-
              memory happens.  However, if a process limits allocations to  certain  nodes  using
              memory  policies  (mbind(2) MPOL_BIND) or cpusets (cpuset(7)) and those nodes reach
              memory exhaustion status, one process may be killed by the  OOM-killer.   No  panic
              occurs in this case: because other nodes' memory may be free, this means the system
              as a whole may not have reached an out-of-memory situation yet.

              If this file is set to the value 2, the kernel always panics when an  out-of-memory
              condition occurs.

              The  default  value  is  0.  1 and 2 are for failover of clustering.  Select either
              according to your policy of failover.

       /proc/sys/vm/swappiness
              The value in this file controls how aggressively the kernel will swap memory pages.
              Higher  values  increase aggressiveness, lower values decrease aggressiveness.  The
              default value is 60.

       /proc/sysrq-trigger (since Linux 2.4.21)
              Writing a character to this file triggers the same SysRq function  as  typing  ALT-
              SysRq-  (see  the  description of /proc/sys/kernel/sysrq).  This file is
              normally writable only by root.  For further details see the  Linux  kernel  source
              file Documentation/sysrq.txt.

       /proc/sysvipc
              Subdirectory  containing  the  pseudo-files msg, sem and shm.  These files list the
              System V Interprocess Communication (IPC) objects  (respectively:  message  queues,
              semaphores,  and shared memory) that currently exist on the system, providing simi‐
              lar information to that available via ipcs(1).  These files have  headers  and  are
              formatted (one IPC object per line) for easy understanding.  svipc(7) provides fur‐
              ther background on the information shown by these files.

       /proc/thread-self (since Linux 3.17)
              This directory refers to the thread accessing the /proc filesystem, and is  identi‐
              cal  to  the /proc/self/task/[tid] directory named by the process thread ID ([tid])
              of the same thread.

       /proc/timer_list (since Linux 2.6.21)
              This read-only file exposes a  list  of  all  currently  pending  (high-resolution)
              timers, all clock-event sources, and their parameters in a human-readable form.

       /proc/timer_stats (since Linux 2.6.21)
              This  is  a  debugging  facility to make timer (ab)use in a Linux system visible to
              kernel and user-space developers.  It can be used by kernel and user-space develop‐
              ers  to  verify  that their code does not make undue use of timers.  The goal is to
              avoid unnecessary wakeups, thereby optimizing power consumption.

              If enabled in the kernel (CONFIG_TIMER_STATS), but not used,  it  has  almost  zero
              runtime  overhead  and a relatively small data-structure overhead.  Even if collec‐
              tion is enabled at runtime, overhead is low: all the locking is per-CPU and  lookup
              is hashed.

              The  /proc/timer_stats  file  is used both to control sampling facility and to read
              out the sampled information.

              The timer_stats functionality is inactive on bootup.   A  sampling  period  can  be
              started using the following command:

                  # echo 1 > /proc/timer_stats

              The following command stops a sampling period:

                  # echo 0 > /proc/timer_stats

              The statistics can be retrieved by:

                  $ cat /proc/timer_stats

              While  sampling  is  enabled,  each  readout  from /proc/timer_stats will see newly
              updated statistics.  Once sampling is disabled, the  sampled  information  is  kept
              until a new sample period is started.  This allows multiple readouts.

              Sample output from /proc/timer_stats:

   $ cat /proc/timer_stats
   Timer Stats Version: v0.3
   Sample period: 1.764 s
   Collection: active
     255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
      71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
      58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
       4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
      17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
   ...
       1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
      1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
   1029 total events, 583.333 events/sec

              The output columns are:

              *  a count of the number of events, optionally (since Linux 2.6.23) followed by the
                 letter 'D' if this is a deferrable timer;

              *  the PID of the process that initialized the timer;

              *  the name of the process that initialized the timer;

              *  the function where the timer was initialized; and

              *  (in parentheses) the callback function that is associated with the timer.

       /proc/tty
              Subdirectory containing the pseudo-files and subdirectories  for  tty  drivers  and
              line disciplines.

       /proc/uptime
              This  file contains two numbers: the uptime of the system (seconds), and the amount
              of time spent in idle process (seconds).

       /proc/version
              This string identifies the kernel version that is currently running.   It  includes
              the    contents    of   /proc/sys/kernel/ostype,   /proc/sys/kernel/osrelease   and
              /proc/sys/kernel/version.  For example:
            Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994

       /proc/vmstat (since Linux 2.6.0)
              This file displays various virtual memory statistics.  Each line of this file  con‐
              tains  a  single name-value pair, delimited by white space.  Some files are present
              only if the kernel was configured with  suitable  options.   (In  some  cases,  the
              options  required for particular files have changed across kernel versions, so they
              are not listed here.  Details can be found by consulting the kernel  source  code.)
              The following fields may be present:

              nr_free_pages (since Linux 2.6.31)

              nr_alloc_batch (since Linux 3.12)

              nr_inactive_anon (since Linux 2.6.28)

              nr_active_anon (since Linux 2.6.28)

              nr_inactive_file (since Linux 2.6.28)

              nr_active_file (since Linux 2.6.28)

              nr_unevictable (since Linux 2.6.28)

              nr_mlock (since Linux 2.6.28)

              nr_anon_pages (since Linux 2.6.18)

              nr_mapped (since Linux 2.6.0)

              nr_file_pages (since Linux 2.6.18)

              nr_dirty (since Linux 2.6.0)

              nr_writeback (since Linux 2.6.0)

              nr_slab_reclaimable (since Linux 2.6.19)

              nr_slab_unreclaimable (since Linux 2.6.19)

              nr_page_table_pages (since Linux 2.6.0)

              nr_kernel_stack (since Linux 2.6.32)
                     Amount of memory allocated to kernel stacks.

              nr_unstable (since Linux 2.6.0)

              nr_bounce (since Linux 2.6.12)

              nr_vmscan_write (since Linux 2.6.19)

              nr_vmscan_immediate_reclaim (since Linux 3.2)

              nr_writeback_temp (since Linux 2.6.26)

              nr_isolated_anon (since Linux 2.6.32)

              nr_isolated_file (since Linux 2.6.32)

              nr_shmem (since Linux 2.6.32)
                     Pages used by shmem and tmpfs.

              nr_dirtied (since Linux 2.6.37)

              nr_written (since Linux 2.6.37)

              nr_pages_scanned (since Linux 3.17)

              numa_hit (since Linux 2.6.18)

              numa_miss (since Linux 2.6.18)

              numa_foreign (since Linux 2.6.18)

              numa_interleave (since Linux 2.6.18)

              numa_local (since Linux 2.6.18)

              numa_other (since Linux 2.6.18)

              workingset_refault (since Linux 3.15)

              workingset_activate (since Linux 3.15)

              workingset_nodereclaim (since Linux 3.15)

              nr_anon_transparent_hugepages (since Linux 2.6.38)

              nr_free_cma (since Linux 3.7)
                     Number of free CMA (Contiguous Memory Allocator) pages.

              nr_dirty_threshold (since Linux 2.6.37)

              nr_dirty_background_threshold (since Linux 2.6.37)

              pgpgin (since Linux 2.6.0)

              pgpgout (since Linux 2.6.0)

              pswpin (since Linux 2.6.0)

              pswpout (since Linux 2.6.0)

              pgalloc_dma (since Linux 2.6.5)

              pgalloc_dma32 (since Linux 2.6.16)

              pgalloc_normal (since Linux 2.6.5)

              pgalloc_high (since Linux 2.6.5)

              pgalloc_movable (since Linux 2.6.23)

              pgfree (since Linux 2.6.0)

              pgactivate (since Linux 2.6.0)

              pgdeactivate (since Linux 2.6.0)

              pgfault (since Linux 2.6.0)

              pgmajfault (since Linux 2.6.0)

              pgrefill_dma (since Linux 2.6.5)

              pgrefill_dma32 (since Linux 2.6.16)

              pgrefill_normal (since Linux 2.6.5)

              pgrefill_high (since Linux 2.6.5)

              pgrefill_movable (since Linux 2.6.23)

              pgsteal_kswapd_dma (since Linux 3.4)

              pgsteal_kswapd_dma32 (since Linux 3.4)

              pgsteal_kswapd_normal (since Linux 3.4)

              pgsteal_kswapd_high (since Linux 3.4)

              pgsteal_kswapd_movable (since Linux 3.4)

              pgsteal_direct_dma

              pgsteal_direct_dma32 (since Linux 3.4)

              pgsteal_direct_normal (since Linux 3.4)

              pgsteal_direct_high (since Linux 3.4)

              pgsteal_direct_movable (since Linux 2.6.23)

              pgscan_kswapd_dma

              pgscan_kswapd_dma32 (since Linux 2.6.16)

              pgscan_kswapd_normal (since Linux 2.6.5)

              pgscan_kswapd_high

              pgscan_kswapd_movable (since Linux 2.6.23)

              pgscan_direct_dma

              pgscan_direct_dma32 (since Linux 2.6.16)

              pgscan_direct_normal

              pgscan_direct_high

              pgscan_direct_movable (since Linux 2.6.23)

              pgscan_direct_throttle (since Linux 3.6)

              zone_reclaim_failed (since linux 2.6.31)

              pginodesteal (since linux 2.6.0)

              slabs_scanned (since linux 2.6.5)

              kswapd_inodesteal (since linux 2.6.0)

              kswapd_low_wmark_hit_quickly (since 2.6.33)

              kswapd_high_wmark_hit_quickly (since 2.6.33)

              pageoutrun (since Linux 2.6.0)

              allocstall (since Linux 2.6.0)

              pgrotated (since Linux 2.6.0)

              drop_pagecache (since Linux 3.15)

              drop_slab (since Linux 3.15)

              numa_pte_updates (since Linux 3.8)

              numa_huge_pte_updates (since Linux 3.13)

              numa_hint_faults (since Linux 3.8)

              numa_hint_faults_local (since Linux 3.8)

              numa_pages_migrated (since Linux 3.8)

              pgmigrate_success (since Linux 3.8)

              pgmigrate_fail (since Linux 3.8)

              compact_migrate_scanned (since Linux 3.8)

              compact_free_scanned (since Linux 3.8)

              compact_isolated (since Linux 3.8)

              compact_stall (since Linux 2.6.35)
                     See the kernel source file Documentation/vm/transhuge.txt.

              compact_fail (since Linux 2.6.35)
                     See the kernel source file Documentation/vm/transhuge.txt.

              compact_success (since Linux 2.6.35)
                     See the kernel source file Documentation/vm/transhuge.txt.

              htlb_buddy_alloc_success (since Linux 2.6.26)

              htlb_buddy_alloc_fail (since Linux 2.6.26)

              unevictable_pgs_culled (since Linux 2.6.28)

              unevictable_pgs_scanned (since Linux 2.6.28)

              unevictable_pgs_rescued (since Linux 2.6.28)

              unevictable_pgs_mlocked (since Linux 2.6.28)

              unevictable_pgs_munlocked (since Linux 2.6.28)

              unevictable_pgs_cleared (since Linux 2.6.28)

              unevictable_pgs_stranded (since Linux 2.6.28)

              thp_fault_alloc (since Linux 2.6.39)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_fault_fallback (since Linux 2.6.39)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_collapse_alloc (since Linux 2.6.39)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_collapse_alloc_failed (since Linux 2.6.39)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_split (since Linux 2.6.39)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_zero_page_alloc (since Linux 3.8)
                     See the kernel source file Documentation/vm/transhuge.txt.

              thp_zero_page_alloc_failed (since Linux 3.8)
                     See the kernel source file Documentation/vm/transhuge.txt.

              balloon_inflate (since Linux 3.18)

              balloon_deflate (since Linux 3.18)

              balloon_migrate (since Linux 3.18)

              nr_tlb_remote_flush (since Linux 3.12)

              nr_tlb_remote_flush_received (since Linux 3.12)

              nr_tlb_local_flush_all (since Linux 3.12)

              nr_tlb_local_flush_one (since Linux 3.12)

              vmacache_find_calls (since Linux 3.16)

              vmacache_find_hits (since Linux 3.16)

              vmacache_full_flushes (since Linux 3.19)

       /proc/zoneinfo (since Linux 2.6.13)
              This  file  display  information  about memory zones.  This is useful for analyzing
              virtual memory behavior.

NOTES
       Many strings (i.e., the environment and command line) are in  the  internal  format,  with
       subfields  terminated  by null bytes ('\0'), so you may find that things are more readable
       if you use od -c or tr "\000" "\n" to read them.  Alternatively, echo `cat  `  works
       well.

       This  manual  page is incomplete, possibly inaccurate, and is the kind of thing that needs
       to be updated very often.

SEE ALSO
       cat(1), dmesg(1), find(1), free(1), ps(1), tr(1),  uptime(1),  chroot(2),  mmap(2),  read‐
       link(2),  syslog(2),  slabinfo(5),  hier(7),  namespaces(7),  time(7),  arp(8), hdparm(8),
       ifconfig(8), init(1), lsmod(8), lspci(8),  mount(8),  netstat(8),  procinfo(8),  route(8),
       sysctl(8)

       The    Linux    kernel   source   files:   Documentation/filesystems/proc.txt   Documenta‐
       tion/sysctl/fs.txt,  Documentation/sysctl/kernel.txt,  Documentation/sysctl/net.txt,   and
       Documentation/sysctl/vm.txt.

COLOPHON
       This  page  is  part of release 4.04 of the Linux man-pages project.  A description of the
       project, information about reporting bugs, and the latest version of  this  page,  can  be
       found at http://www.kernel.org/doc/man-pages/.

Linux                                       2015-12-05                                    PROC(5)

Go-to-top  




Designed by SanjuD(@ngineerbabu)