2005-04-17 06:20:36 +08:00
|
|
|
------------------------------------------------------------------------------
|
|
|
|
T H E /proc F I L E S Y S T E M
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
/proc/sys Terrehon Bowden <terrehon@pacbell.net> October 7 1999
|
|
|
|
Bodo Bauer <bb@ricochet.net>
|
|
|
|
|
|
|
|
2.4.x update Jorge Nerin <comandante@zaralinux.com> November 14 2000
|
2009-06-18 07:26:01 +08:00
|
|
|
move /proc/sys Shen Feng <shen@cn.fujitsu.com> April 1 2009
|
2005-04-17 06:20:36 +08:00
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Version 1.3 Kernel version 2.2.12
|
|
|
|
Kernel version 2.4.0-test11-pre4
|
|
|
|
------------------------------------------------------------------------------
|
2009-06-18 07:26:01 +08:00
|
|
|
fixes/update part 1.1 Stefani Seibold <stefani@seibold.net> June 9 2009
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
Table of Contents
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
0 Preface
|
|
|
|
0.1 Introduction/Credits
|
|
|
|
0.2 Legal Stuff
|
|
|
|
|
|
|
|
1 Collecting System Information
|
|
|
|
1.1 Process-Specific Subdirectories
|
|
|
|
1.2 Kernel data
|
|
|
|
1.3 IDE devices in /proc/ide
|
|
|
|
1.4 Networking info in /proc/net
|
|
|
|
1.5 SCSI info
|
|
|
|
1.6 Parallel port info in /proc/parport
|
|
|
|
1.7 TTY info in /proc/tty
|
|
|
|
1.8 Miscellaneous kernel statistics in /proc/stat
|
2015-01-24 00:45:05 +08:00
|
|
|
1.9 Ext4 file system parameters
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
2 Modifying System Parameters
|
2009-04-03 07:57:20 +08:00
|
|
|
|
|
|
|
3 Per-Process Parameters
|
2012-11-13 09:53:04 +08:00
|
|
|
3.1 /proc/<pid>/oom_adj & /proc/<pid>/oom_score_adj - Adjust the oom-killer
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
score
|
2009-04-03 07:57:20 +08:00
|
|
|
3.2 /proc/<pid>/oom_score - Display current oom-killer score
|
|
|
|
3.3 /proc/<pid>/io - Display the IO accounting fields
|
|
|
|
3.4 /proc/<pid>/coredump_filter - Core dump filtering settings
|
|
|
|
3.5 /proc/<pid>/mountinfo - Information about mounts
|
2009-12-15 10:00:05 +08:00
|
|
|
3.6 /proc/<pid>/comm & /proc/<pid>/task/<tid>/comm
|
2012-06-01 07:26:43 +08:00
|
|
|
3.7 /proc/<pid>/task/<tid>/children - Information about task children
|
2012-12-18 08:05:14 +08:00
|
|
|
3.8 /proc/<pid>/fdinfo/<fd> - Information about opened file
|
2015-02-12 07:28:31 +08:00
|
|
|
3.9 /proc/<pid>/map_files - Information about memory mapped files
|
2016-03-18 05:20:54 +08:00
|
|
|
3.10 /proc/<pid>/timerslack_ns - Task timerslack value
|
2009-04-03 07:57:20 +08:00
|
|
|
|
procfs: add hidepid= and gid= mount options
Add support for mount options to restrict access to /proc/PID/
directories. The default backward-compatible "relaxed" behaviour is left
untouched.
The first mount option is called "hidepid" and its value defines how much
info about processes we want to be available for non-owners:
hidepid=0 (default) means the old behavior - anybody may read all
world-readable /proc/PID/* files.
hidepid=1 means users may not access any /proc/<pid>/ directories, but
their own. Sensitive files like cmdline, sched*, status are now protected
against other users. As permission checking done in proc_pid_permission()
and files' permissions are left untouched, programs expecting specific
files' modes are not confused.
hidepid=2 means hidepid=1 plus all /proc/PID/ will be invisible to other
users. It doesn't mean that it hides whether a process exists (it can be
learned by other means, e.g. by kill -0 $PID), but it hides process' euid
and egid. It compicates intruder's task of gathering info about running
processes, whether some daemon runs with elevated privileges, whether
another user runs some sensitive program, whether other users run any
program at all, etc.
gid=XXX defines a group that will be able to gather all processes' info
(as in hidepid=0 mode). This group should be used instead of putting
nonroot user in sudoers file or something. However, untrusted users (like
daemons, etc.) which are not supposed to monitor the tasks in the whole
system should not be added to the group.
hidepid=1 or higher is designed to restrict access to procfs files, which
might reveal some sensitive private information like precise keystrokes
timings:
http://www.openwall.com/lists/oss-security/2011/11/05/3
hidepid=1/2 doesn't break monitoring userspace tools. ps, top, pgrep, and
conky gracefully handle EPERM/ENOENT and behave as if the current user is
the only user running processes. pstree shows the process subtree which
contains "pstree" process.
Note: the patch doesn't deal with setuid/setgid issues of keeping
preopened descriptors of procfs files (like
https://lkml.org/lkml/2011/2/7/368). We rely on that the leaked
information like the scheduling counters of setuid apps doesn't threaten
anybody's privacy - only the user started the setuid program may read the
counters.
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Randy Dunlap <rdunlap@xenotime.net>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Greg KH <greg@kroah.com>
Cc: Theodore Tso <tytso@MIT.EDU>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: James Morris <jmorris@namei.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-11 07:11:31 +08:00
|
|
|
4 Configuring procfs
|
|
|
|
4.1 Mount options
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Preface
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
0.1 Introduction/Credits
|
|
|
|
------------------------
|
|
|
|
|
|
|
|
This documentation is part of a soon (or so we hope) to be released book on
|
|
|
|
the SuSE Linux distribution. As there is no complete documentation for the
|
|
|
|
/proc file system and we've used many freely available sources to write these
|
|
|
|
chapters, it seems only fair to give the work back to the Linux community.
|
|
|
|
This work is based on the 2.2.* kernel version and the upcoming 2.4.*. I'm
|
|
|
|
afraid it's still far from complete, but we hope it will be useful. As far as
|
|
|
|
we know, it is the first 'all-in-one' document about the /proc file system. It
|
|
|
|
is focused on the Intel x86 hardware, so if you are looking for PPC, ARM,
|
|
|
|
SPARC, AXP, etc., features, you probably won't find what you are looking for.
|
|
|
|
It also only covers IPv4 networking, not IPv6 nor other protocols - sorry. But
|
|
|
|
additions and patches are welcome and will be added to this document if you
|
|
|
|
mail them to Bodo.
|
|
|
|
|
|
|
|
We'd like to thank Alan Cox, Rik van Riel, and Alexey Kuznetsov and a lot of
|
|
|
|
other people for help compiling this documentation. We'd also like to extend a
|
|
|
|
special thank you to Andi Kleen for documentation, which we relied on heavily
|
|
|
|
to create this document, as well as the additional information he provided.
|
|
|
|
Thanks to everybody else who contributed source or docs to the Linux kernel
|
|
|
|
and helped create a great piece of software... :)
|
|
|
|
|
|
|
|
If you have any comments, corrections or additions, please don't hesitate to
|
|
|
|
contact Bodo Bauer at bb@ricochet.net. We'll be happy to add them to this
|
|
|
|
document.
|
|
|
|
|
|
|
|
The latest version of this document is available online at
|
2010-07-24 11:51:24 +08:00
|
|
|
http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/proc.html
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2010-07-24 11:51:24 +08:00
|
|
|
If the above direction does not works for you, you could try the kernel
|
2005-04-17 06:20:36 +08:00
|
|
|
mailing list at linux-kernel@vger.kernel.org and/or try to reach me at
|
|
|
|
comandante@zaralinux.com.
|
|
|
|
|
|
|
|
0.2 Legal Stuff
|
|
|
|
---------------
|
|
|
|
|
|
|
|
We don't guarantee the correctness of this document, and if you come to us
|
|
|
|
complaining about how you screwed up your system because of incorrect
|
|
|
|
documentation, we won't feel responsible...
|
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
CHAPTER 1: COLLECTING SYSTEM INFORMATION
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
In This Chapter
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
* Investigating the properties of the pseudo file system /proc and its
|
|
|
|
ability to provide information on the running Linux system
|
|
|
|
* Examining /proc's structure
|
|
|
|
* Uncovering various information about the kernel and the processes running
|
|
|
|
on the system
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
The proc file system acts as an interface to internal data structures in the
|
|
|
|
kernel. It can be used to obtain information about the system and to change
|
|
|
|
certain kernel parameters at runtime (sysctl).
|
|
|
|
|
|
|
|
First, we'll take a look at the read-only parts of /proc. In Chapter 2, we
|
|
|
|
show you how you can use /proc/sys to change settings.
|
|
|
|
|
|
|
|
1.1 Process-Specific Subdirectories
|
|
|
|
-----------------------------------
|
|
|
|
|
|
|
|
The directory /proc contains (among other things) one subdirectory for each
|
|
|
|
process running on the system, which is named after the process ID (PID).
|
|
|
|
|
|
|
|
The link self points to the process reading the file system. Each process
|
|
|
|
subdirectory has the entries listed in Table 1-1.
|
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-1: Process specific entries in /proc
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
2007-05-07 05:49:24 +08:00
|
|
|
File Content
|
|
|
|
clear_refs Clears page referenced bits shown in smaps output
|
|
|
|
cmdline Command line arguments
|
|
|
|
cpu Current and last cpu in which it was executed (2.4)(smp)
|
|
|
|
cwd Link to the current working directory
|
|
|
|
environ Values of environment variables
|
|
|
|
exe Link to the executable of this process
|
|
|
|
fd Directory, which contains all file descriptors
|
|
|
|
maps Memory maps to executables and library files (2.4)
|
|
|
|
mem Memory held by this process
|
|
|
|
root Link to the root directory of this process
|
|
|
|
stat Process status
|
|
|
|
statm Process memory status information
|
|
|
|
status Process status in human readable form
|
fs/proc, core/debug: Don't expose absolute kernel addresses via wchan
So the /proc/PID/stat 'wchan' field (the 30th field, which contains
the absolute kernel address of the kernel function a task is blocked in)
leaks absolute kernel addresses to unprivileged user-space:
seq_put_decimal_ull(m, ' ', wchan);
The absolute address might also leak via /proc/PID/wchan as well, if
KALLSYMS is turned off or if the symbol lookup fails for some reason:
static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
struct pid *pid, struct task_struct *task)
{
unsigned long wchan;
char symname[KSYM_NAME_LEN];
wchan = get_wchan(task);
if (lookup_symbol_name(wchan, symname) < 0) {
if (!ptrace_may_access(task, PTRACE_MODE_READ))
return 0;
seq_printf(m, "%lu", wchan);
} else {
seq_printf(m, "%s", symname);
}
return 0;
}
This isn't ideal, because for example it trivially leaks the KASLR offset
to any local attacker:
fomalhaut:~> printf "%016lx\n" $(cat /proc/$$/stat | cut -d' ' -f35)
ffffffff8123b380
Most real-life uses of wchan are symbolic:
ps -eo pid:10,tid:10,wchan:30,comm
and procps uses /proc/PID/wchan, not the absolute address in /proc/PID/stat:
triton:~/tip> strace -f ps -eo pid:10,tid:10,wchan:30,comm 2>&1 | grep wchan | tail -1
open("/proc/30833/wchan", O_RDONLY) = 6
There's one compatibility quirk here: procps relies on whether the
absolute value is non-zero - and we can provide that functionality
by outputing "0" or "1" depending on whether the task is blocked
(whether there's a wchan address).
These days there appears to be very little legitimate reason
user-space would be interested in the absolute address. The
absolute address is mostly historic: from the days when we
didn't have kallsyms and user-space procps had to do the
decoding itself via the System.map.
So this patch sets all numeric output to "0" or "1" and keeps only
symbolic output, in /proc/PID/wchan.
( The absolute sleep address can generally still be profiled via
perf, by tasks with sufficient privileges. )
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <stable@vger.kernel.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: kasan-dev <kasan-dev@googlegroups.com>
Cc: linux-kernel@vger.kernel.org
Link: http://lkml.kernel.org/r/20150930135917.GA3285@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-09-30 21:59:17 +08:00
|
|
|
wchan Present with CONFIG_KALLSYMS=y: it shows the kernel function
|
|
|
|
symbol the task is blocked in - or "0" if not blocked.
|
2010-10-28 06:34:11 +08:00
|
|
|
pagemap Page table
|
2008-11-10 16:26:08 +08:00
|
|
|
stack Report full stack trace, enable via CONFIG_STACKTRACE
|
2016-09-09 06:44:23 +08:00
|
|
|
smaps an extension based on maps, showing the memory consumption of
|
2012-12-18 08:03:13 +08:00
|
|
|
each mapping and flags associated with it
|
2015-02-13 07:01:05 +08:00
|
|
|
numa_maps an extension based on maps, showing the memory locality and
|
|
|
|
binding policy as well as mem usage (in pages) of each mapping.
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
For example, to get the status information of a process, all you have to do is
|
|
|
|
read the file /proc/PID/status:
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
>cat /proc/self/status
|
|
|
|
Name: cat
|
|
|
|
State: R (running)
|
|
|
|
Tgid: 5452
|
|
|
|
Pid: 5452
|
|
|
|
PPid: 743
|
2005-04-17 06:20:36 +08:00
|
|
|
TracerPid: 0 (2.4)
|
2009-06-18 07:26:01 +08:00
|
|
|
Uid: 501 501 501 501
|
|
|
|
Gid: 100 100 100 100
|
|
|
|
FDSize: 256
|
|
|
|
Groups: 100 14 16
|
|
|
|
VmPeak: 5004 kB
|
|
|
|
VmSize: 5004 kB
|
|
|
|
VmLck: 0 kB
|
|
|
|
VmHWM: 476 kB
|
|
|
|
VmRSS: 476 kB
|
mm, procfs: breakdown RSS for anon, shmem and file in /proc/pid/status
There are several shortcomings with the accounting of shared memory
(SysV shm, shared anonymous mapping, mapping of a tmpfs file). The
values in /proc/<pid>/status and <...>/statm don't allow to distinguish
between shmem memory and a shared mapping to a regular file, even though
theirs implication on memory usage are quite different: during reclaim,
file mapping can be dropped or written back on disk, while shmem needs a
place in swap.
Also, to distinguish the memory occupied by anonymous and file mappings,
one has to read the /proc/pid/statm file, which has a field for the file
mappings (again, including shmem) and total memory occupied by these
mappings (i.e. equivalent to VmRSS in the <...>/status file. Getting
the value for anonymous mappings only is thus not exactly user-friendly
(the statm file is intended to be rather efficiently machine-readable).
To address both of these shortcomings, this patch adds a breakdown of
VmRSS in /proc/<pid>/status via new fields RssAnon, RssFile and
RssShmem, making use of the previous preparatory patch. These fields
tell the user the memory occupied by private anonymous pages, mapped
regular files and shmem, respectively. Other existing fields in /status
and /statm files are left without change. The /statm file can be
extended in the future, if there's a need for that.
Example (part of) /proc/pid/status output including the new Rss* fields:
VmPeak: 2001008 kB
VmSize: 2001004 kB
VmLck: 0 kB
VmPin: 0 kB
VmHWM: 5108 kB
VmRSS: 5108 kB
RssAnon: 92 kB
RssFile: 1324 kB
RssShmem: 3692 kB
VmData: 192 kB
VmStk: 136 kB
VmExe: 4 kB
VmLib: 1784 kB
VmPTE: 3928 kB
VmPMD: 20 kB
VmSwap: 0 kB
HugetlbPages: 0 kB
[vbabka@suse.cz: forward-porting, tweak changelog]
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-15 07:19:29 +08:00
|
|
|
RssAnon: 352 kB
|
|
|
|
RssFile: 120 kB
|
|
|
|
RssShmem: 4 kB
|
2009-06-18 07:26:01 +08:00
|
|
|
VmData: 156 kB
|
|
|
|
VmStk: 88 kB
|
|
|
|
VmExe: 68 kB
|
|
|
|
VmLib: 1412 kB
|
|
|
|
VmPTE: 20 kb
|
2010-03-06 05:41:42 +08:00
|
|
|
VmSwap: 0 kB
|
2015-11-06 10:47:14 +08:00
|
|
|
HugetlbPages: 0 kB
|
2009-06-18 07:26:01 +08:00
|
|
|
Threads: 1
|
|
|
|
SigQ: 0/28578
|
|
|
|
SigPnd: 0000000000000000
|
|
|
|
ShdPnd: 0000000000000000
|
|
|
|
SigBlk: 0000000000000000
|
|
|
|
SigIgn: 0000000000000000
|
|
|
|
SigCgt: 0000000000000000
|
|
|
|
CapInh: 00000000fffffeff
|
|
|
|
CapPrm: 0000000000000000
|
|
|
|
CapEff: 0000000000000000
|
|
|
|
CapBnd: ffffffffffffffff
|
2016-12-13 08:45:05 +08:00
|
|
|
NoNewPrivs: 0
|
2012-12-18 08:03:14 +08:00
|
|
|
Seccomp: 0
|
2009-06-18 07:26:01 +08:00
|
|
|
voluntary_ctxt_switches: 0
|
|
|
|
nonvoluntary_ctxt_switches: 1
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
This shows you nearly the same information you would get if you viewed it with
|
|
|
|
the ps command. In fact, ps uses the proc file system to obtain its
|
2009-06-18 07:26:01 +08:00
|
|
|
information. But you get a more detailed view of the process by reading the
|
|
|
|
file /proc/PID/status. It fields are described in table 1-2.
|
|
|
|
|
|
|
|
The statm file contains more detailed information about the process
|
|
|
|
memory usage. Its seven fields are explained in Table 1-3. The stat file
|
|
|
|
contains details information about the process itself. Its fields are
|
|
|
|
explained in Table 1-4.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2010-03-06 05:41:40 +08:00
|
|
|
(for SMP CONFIG users)
|
2015-04-17 03:49:35 +08:00
|
|
|
For making accounting scalable, RSS related information are handled in an
|
|
|
|
asynchronous manner and the value may not be very precise. To see a precise
|
2010-03-06 05:41:40 +08:00
|
|
|
snapshot of a moment, you can see /proc/<pid>/smaps file and scan page table.
|
|
|
|
It's slow but very precise.
|
|
|
|
|
2017-01-25 07:18:13 +08:00
|
|
|
Table 1-2: Contents of the status files (as of 4.8)
|
2009-06-18 07:26:01 +08:00
|
|
|
..............................................................................
|
|
|
|
Field Content
|
|
|
|
Name filename of the executable
|
2017-01-25 07:18:13 +08:00
|
|
|
Umask file mode creation mask
|
2009-06-18 07:26:01 +08:00
|
|
|
State state (R is running, S is sleeping, D is sleeping
|
|
|
|
in an uninterruptible wait, Z is zombie,
|
|
|
|
T is traced or stopped)
|
|
|
|
Tgid thread group ID
|
2015-04-17 03:49:35 +08:00
|
|
|
Ngid NUMA group ID (0 if none)
|
2009-06-18 07:26:01 +08:00
|
|
|
Pid process id
|
|
|
|
PPid process id of the parent process
|
|
|
|
TracerPid PID of process tracing this process (0 if not)
|
|
|
|
Uid Real, effective, saved set, and file system UIDs
|
|
|
|
Gid Real, effective, saved set, and file system GIDs
|
|
|
|
FDSize number of file descriptor slots currently allocated
|
|
|
|
Groups supplementary group list
|
2015-04-17 03:49:35 +08:00
|
|
|
NStgid descendant namespace thread group ID hierarchy
|
|
|
|
NSpid descendant namespace process ID hierarchy
|
|
|
|
NSpgid descendant namespace process group ID hierarchy
|
|
|
|
NSsid descendant namespace session ID hierarchy
|
2009-06-18 07:26:01 +08:00
|
|
|
VmPeak peak virtual memory size
|
|
|
|
VmSize total program size
|
|
|
|
VmLck locked memory size
|
2017-01-25 07:18:13 +08:00
|
|
|
VmPin pinned memory size
|
2009-06-18 07:26:01 +08:00
|
|
|
VmHWM peak resident set size ("high water mark")
|
mm, procfs: breakdown RSS for anon, shmem and file in /proc/pid/status
There are several shortcomings with the accounting of shared memory
(SysV shm, shared anonymous mapping, mapping of a tmpfs file). The
values in /proc/<pid>/status and <...>/statm don't allow to distinguish
between shmem memory and a shared mapping to a regular file, even though
theirs implication on memory usage are quite different: during reclaim,
file mapping can be dropped or written back on disk, while shmem needs a
place in swap.
Also, to distinguish the memory occupied by anonymous and file mappings,
one has to read the /proc/pid/statm file, which has a field for the file
mappings (again, including shmem) and total memory occupied by these
mappings (i.e. equivalent to VmRSS in the <...>/status file. Getting
the value for anonymous mappings only is thus not exactly user-friendly
(the statm file is intended to be rather efficiently machine-readable).
To address both of these shortcomings, this patch adds a breakdown of
VmRSS in /proc/<pid>/status via new fields RssAnon, RssFile and
RssShmem, making use of the previous preparatory patch. These fields
tell the user the memory occupied by private anonymous pages, mapped
regular files and shmem, respectively. Other existing fields in /status
and /statm files are left without change. The /statm file can be
extended in the future, if there's a need for that.
Example (part of) /proc/pid/status output including the new Rss* fields:
VmPeak: 2001008 kB
VmSize: 2001004 kB
VmLck: 0 kB
VmPin: 0 kB
VmHWM: 5108 kB
VmRSS: 5108 kB
RssAnon: 92 kB
RssFile: 1324 kB
RssShmem: 3692 kB
VmData: 192 kB
VmStk: 136 kB
VmExe: 4 kB
VmLib: 1784 kB
VmPTE: 3928 kB
VmPMD: 20 kB
VmSwap: 0 kB
HugetlbPages: 0 kB
[vbabka@suse.cz: forward-porting, tweak changelog]
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-15 07:19:29 +08:00
|
|
|
VmRSS size of memory portions. It contains the three
|
|
|
|
following parts (VmRSS = RssAnon + RssFile + RssShmem)
|
|
|
|
RssAnon size of resident anonymous memory
|
|
|
|
RssFile size of resident file mappings
|
|
|
|
RssShmem size of resident shmem memory (includes SysV shm,
|
|
|
|
mapping of tmpfs and shared anonymous mappings)
|
2016-02-03 08:57:46 +08:00
|
|
|
VmData size of private data segments
|
|
|
|
VmStk size of stack segments
|
2009-06-18 07:26:01 +08:00
|
|
|
VmExe size of text segment
|
|
|
|
VmLib size of shared library code
|
|
|
|
VmPTE size of page table entries
|
2015-04-24 15:44:17 +08:00
|
|
|
VmPMD size of second level page tables
|
mm, documentation: clarify /proc/pid/status VmSwap limitations for shmem
This series is based on Jerome Marchand's [1] so let me quote the first
paragraph from there:
There are several shortcomings with the accounting of shared memory
(sysV shm, shared anonymous mapping, mapping to a tmpfs file). The
values in /proc/<pid>/status and statm don't allow to distinguish
between shmem memory and a shared mapping to a regular file, even though
their implications on memory usage are quite different: at reclaim, file
mapping can be dropped or written back on disk while shmem needs a place
in swap. As for shmem pages that are swapped-out or in swap cache, they
aren't accounted at all.
The original motivation for myself is that a customer found (IMHO
rightfully) confusing that e.g. top output for process swap usage is
unreliable with respect to swapped out shmem pages, which are not
accounted for.
The fundamental difference between private anonymous and shmem pages is
that the latter has PTE's converted to pte_none, and not swapents. As
such, they are not accounted to the number of swapents visible e.g. in
/proc/pid/status VmSwap row. It might be theoretically possible to use
swapents when swapping out shmem (without extra cost, as one has to
change all mappers anyway), and on swap in only convert the swapent for
the faulting process, leaving swapents in other processes until they
also fault (so again no extra cost). But I don't know how many
assumptions this would break, and it would be too disruptive change for
a relatively small benefit.
Instead, my approach is to document the limitation of VmSwap, and
provide means to determine the swap usage for shmem areas for those who
are interested and willing to pay the price, using /proc/pid/smaps.
Because outside of ipcs, I don't think it's possible to currently to
determine the usage at all. The previous patchset [1] did introduce new
shmem-specific fields into smaps output, and functions to determine the
values. I take a simpler approach, noting that smaps output already has
a "Swap: X kB" line, where currently X == 0 always for shmem areas. I
think we can just consider this a bug and provide the proper value by
consulting the radix tree, as e.g. mincore_page() does. In the patch
changelog I explain why this is also not perfect (and cannot be without
swapents), but still arguably much better than showing a 0.
The last two patches are adapted from Jerome's patchset and provide a
VmRSS breakdown to RssAnon, RssFile and RssShm in /proc/pid/status.
Hugh noted that this is a welcome addition, and I agree that it might
help e.g. debugging process memory usage at albeit non-zero, but still
rather low cost of extra per-mm counter and some page flag checks.
[1] http://lwn.net/Articles/611966/
This patch (of 6):
The documentation for /proc/pid/status does not mention that the value
of VmSwap counts only swapped out anonymous private pages, and not
swapped out pages of the underlying shmem objects (for shmem mappings).
This is not obvious, so document this limitation.
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Jerome Marchand <jmarchan@redhat.com>
Acked-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-15 07:19:14 +08:00
|
|
|
VmSwap amount of swap used by anonymous private data
|
|
|
|
(shmem swap usage is not included)
|
2015-11-06 10:47:14 +08:00
|
|
|
HugetlbPages size of hugetlb memory portions
|
2009-06-18 07:26:01 +08:00
|
|
|
Threads number of threads
|
|
|
|
SigQ number of signals queued/max. number for queue
|
|
|
|
SigPnd bitmap of pending signals for the thread
|
|
|
|
ShdPnd bitmap of shared pending signals for the process
|
|
|
|
SigBlk bitmap of blocked signals
|
|
|
|
SigIgn bitmap of ignored signals
|
2014-04-05 10:31:00 +08:00
|
|
|
SigCgt bitmap of caught signals
|
2009-06-18 07:26:01 +08:00
|
|
|
CapInh bitmap of inheritable capabilities
|
|
|
|
CapPrm bitmap of permitted capabilities
|
|
|
|
CapEff bitmap of effective capabilities
|
|
|
|
CapBnd bitmap of capabilities bounding set
|
2016-12-13 08:45:05 +08:00
|
|
|
NoNewPrivs no_new_privs, like prctl(PR_GET_NO_NEW_PRIV, ...)
|
2012-12-18 08:03:14 +08:00
|
|
|
Seccomp seccomp mode, like prctl(PR_GET_SECCOMP, ...)
|
2009-06-18 07:26:01 +08:00
|
|
|
Cpus_allowed mask of CPUs on which this process may run
|
|
|
|
Cpus_allowed_list Same as previous, but in "list format"
|
|
|
|
Mems_allowed mask of memory nodes allowed to this process
|
|
|
|
Mems_allowed_list Same as previous, but in "list format"
|
|
|
|
voluntary_ctxt_switches number of voluntary context switches
|
|
|
|
nonvoluntary_ctxt_switches number of non voluntary context switches
|
|
|
|
..............................................................................
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-3: Contents of the statm files (as of 2.6.8-rc3)
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
Field Content
|
|
|
|
size total program size (pages) (same as VmSize in status)
|
|
|
|
resident size of memory portions (pages) (same as VmRSS in status)
|
mm, procfs: breakdown RSS for anon, shmem and file in /proc/pid/status
There are several shortcomings with the accounting of shared memory
(SysV shm, shared anonymous mapping, mapping of a tmpfs file). The
values in /proc/<pid>/status and <...>/statm don't allow to distinguish
between shmem memory and a shared mapping to a regular file, even though
theirs implication on memory usage are quite different: during reclaim,
file mapping can be dropped or written back on disk, while shmem needs a
place in swap.
Also, to distinguish the memory occupied by anonymous and file mappings,
one has to read the /proc/pid/statm file, which has a field for the file
mappings (again, including shmem) and total memory occupied by these
mappings (i.e. equivalent to VmRSS in the <...>/status file. Getting
the value for anonymous mappings only is thus not exactly user-friendly
(the statm file is intended to be rather efficiently machine-readable).
To address both of these shortcomings, this patch adds a breakdown of
VmRSS in /proc/<pid>/status via new fields RssAnon, RssFile and
RssShmem, making use of the previous preparatory patch. These fields
tell the user the memory occupied by private anonymous pages, mapped
regular files and shmem, respectively. Other existing fields in /status
and /statm files are left without change. The /statm file can be
extended in the future, if there's a need for that.
Example (part of) /proc/pid/status output including the new Rss* fields:
VmPeak: 2001008 kB
VmSize: 2001004 kB
VmLck: 0 kB
VmPin: 0 kB
VmHWM: 5108 kB
VmRSS: 5108 kB
RssAnon: 92 kB
RssFile: 1324 kB
RssShmem: 3692 kB
VmData: 192 kB
VmStk: 136 kB
VmExe: 4 kB
VmLib: 1784 kB
VmPTE: 3928 kB
VmPMD: 20 kB
VmSwap: 0 kB
HugetlbPages: 0 kB
[vbabka@suse.cz: forward-porting, tweak changelog]
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-15 07:19:29 +08:00
|
|
|
shared number of pages that are shared (i.e. backed by a file, same
|
|
|
|
as RssFile+RssShmem in status)
|
2005-04-17 06:20:36 +08:00
|
|
|
trs number of pages that are 'code' (not including libs; broken,
|
|
|
|
includes data segment)
|
|
|
|
lrs number of pages of library (always 0 on 2.6)
|
|
|
|
drs number of pages of data/stack (including libs; broken,
|
|
|
|
includes library text)
|
|
|
|
dt number of dirty pages (always 0 on 2.6)
|
|
|
|
..............................................................................
|
|
|
|
|
2007-07-16 14:40:38 +08:00
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-4: Contents of the stat files (as of 2.6.30-rc7)
|
2007-07-16 14:40:38 +08:00
|
|
|
..............................................................................
|
|
|
|
Field Content
|
|
|
|
pid process id
|
|
|
|
tcomm filename of the executable
|
|
|
|
state state (R is running, S is sleeping, D is sleeping in an
|
|
|
|
uninterruptible wait, Z is zombie, T is traced or stopped)
|
|
|
|
ppid process id of the parent process
|
|
|
|
pgrp pgrp of the process
|
|
|
|
sid session id
|
|
|
|
tty_nr tty the process uses
|
|
|
|
tty_pgrp pgrp of the tty
|
|
|
|
flags task flags
|
|
|
|
min_flt number of minor faults
|
|
|
|
cmin_flt number of minor faults with child's
|
|
|
|
maj_flt number of major faults
|
|
|
|
cmaj_flt number of major faults with child's
|
|
|
|
utime user mode jiffies
|
|
|
|
stime kernel mode jiffies
|
|
|
|
cutime user mode jiffies with child's
|
|
|
|
cstime kernel mode jiffies with child's
|
|
|
|
priority priority level
|
|
|
|
nice nice level
|
|
|
|
num_threads number of threads
|
2008-02-03 22:17:16 +08:00
|
|
|
it_real_value (obsolete, always 0)
|
2007-07-16 14:40:38 +08:00
|
|
|
start_time time the process started after system boot
|
|
|
|
vsize virtual memory size
|
|
|
|
rss resident set memory size
|
|
|
|
rsslim current limit in bytes on the rss
|
|
|
|
start_code address above which program text can run
|
|
|
|
end_code address below which program text can run
|
procfs: mark thread stack correctly in proc/<pid>/maps
Stack for a new thread is mapped by userspace code and passed via
sys_clone. This memory is currently seen as anonymous in
/proc/<pid>/maps, which makes it difficult to ascertain which mappings
are being used for thread stacks. This patch uses the individual task
stack pointers to determine which vmas are actually thread stacks.
For a multithreaded program like the following:
#include <pthread.h>
void *thread_main(void *foo)
{
while(1);
}
int main()
{
pthread_t t;
pthread_create(&t, NULL, thread_main, NULL);
pthread_join(t, NULL);
}
proc/PID/maps looks like the following:
00400000-00401000 r-xp 00000000 fd:0a 3671804 /home/siddhesh/a.out
00600000-00601000 rw-p 00000000 fd:0a 3671804 /home/siddhesh/a.out
019ef000-01a10000 rw-p 00000000 00:00 0 [heap]
7f8a44491000-7f8a44492000 ---p 00000000 00:00 0
7f8a44492000-7f8a44c92000 rw-p 00000000 00:00 0
7f8a44c92000-7f8a44e3d000 r-xp 00000000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a44e3d000-7f8a4503d000 ---p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a4503d000-7f8a45041000 r--p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45041000-7f8a45043000 rw-p 001af000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45043000-7f8a45048000 rw-p 00000000 00:00 0
7f8a45048000-7f8a4505f000 r-xp 00000000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4505f000-7f8a4525e000 ---p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525e000-7f8a4525f000 r--p 00016000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525f000-7f8a45260000 rw-p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a45260000-7f8a45264000 rw-p 00000000 00:00 0
7f8a45264000-7f8a45286000 r-xp 00000000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45457000-7f8a4545a000 rw-p 00000000 00:00 0
7f8a45484000-7f8a45485000 rw-p 00000000 00:00 0
7f8a45485000-7f8a45486000 r--p 00021000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45486000-7f8a45487000 rw-p 00022000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45487000-7f8a45488000 rw-p 00000000 00:00 0
7fff6273b000-7fff6275c000 rw-p 00000000 00:00 0 [stack]
7fff627ff000-7fff62800000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Here, one could guess that 7f8a44492000-7f8a44c92000 is a stack since
the earlier vma that has no permissions (7f8a44e3d000-7f8a4503d000) but
that is not always a reliable way to find out which vma is a thread
stack. Also, /proc/PID/maps and /proc/PID/task/TID/maps has the same
content.
With this patch in place, /proc/PID/task/TID/maps are treated as 'maps
as the task would see it' and hence, only the vma that that task uses as
stack is marked as [stack]. All other 'stack' vmas are marked as
anonymous memory. /proc/PID/maps acts as a thread group level view,
where all thread stack vmas are marked as [stack:TID] where TID is the
process ID of the task that uses that vma as stack, while the process
stack is marked as [stack].
So /proc/PID/maps will look like this:
00400000-00401000 r-xp 00000000 fd:0a 3671804 /home/siddhesh/a.out
00600000-00601000 rw-p 00000000 fd:0a 3671804 /home/siddhesh/a.out
019ef000-01a10000 rw-p 00000000 00:00 0 [heap]
7f8a44491000-7f8a44492000 ---p 00000000 00:00 0
7f8a44492000-7f8a44c92000 rw-p 00000000 00:00 0 [stack:1442]
7f8a44c92000-7f8a44e3d000 r-xp 00000000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a44e3d000-7f8a4503d000 ---p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a4503d000-7f8a45041000 r--p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45041000-7f8a45043000 rw-p 001af000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45043000-7f8a45048000 rw-p 00000000 00:00 0
7f8a45048000-7f8a4505f000 r-xp 00000000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4505f000-7f8a4525e000 ---p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525e000-7f8a4525f000 r--p 00016000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525f000-7f8a45260000 rw-p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a45260000-7f8a45264000 rw-p 00000000 00:00 0
7f8a45264000-7f8a45286000 r-xp 00000000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45457000-7f8a4545a000 rw-p 00000000 00:00 0
7f8a45484000-7f8a45485000 rw-p 00000000 00:00 0
7f8a45485000-7f8a45486000 r--p 00021000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45486000-7f8a45487000 rw-p 00022000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45487000-7f8a45488000 rw-p 00000000 00:00 0
7fff6273b000-7fff6275c000 rw-p 00000000 00:00 0 [stack]
7fff627ff000-7fff62800000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Thus marking all vmas that are used as stacks by the threads in the
thread group along with the process stack. The task level maps will
however like this:
00400000-00401000 r-xp 00000000 fd:0a 3671804 /home/siddhesh/a.out
00600000-00601000 rw-p 00000000 fd:0a 3671804 /home/siddhesh/a.out
019ef000-01a10000 rw-p 00000000 00:00 0 [heap]
7f8a44491000-7f8a44492000 ---p 00000000 00:00 0
7f8a44492000-7f8a44c92000 rw-p 00000000 00:00 0 [stack]
7f8a44c92000-7f8a44e3d000 r-xp 00000000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a44e3d000-7f8a4503d000 ---p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a4503d000-7f8a45041000 r--p 001ab000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45041000-7f8a45043000 rw-p 001af000 fd:00 2097482 /lib64/libc-2.14.90.so
7f8a45043000-7f8a45048000 rw-p 00000000 00:00 0
7f8a45048000-7f8a4505f000 r-xp 00000000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4505f000-7f8a4525e000 ---p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525e000-7f8a4525f000 r--p 00016000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a4525f000-7f8a45260000 rw-p 00017000 fd:00 2099938 /lib64/libpthread-2.14.90.so
7f8a45260000-7f8a45264000 rw-p 00000000 00:00 0
7f8a45264000-7f8a45286000 r-xp 00000000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45457000-7f8a4545a000 rw-p 00000000 00:00 0
7f8a45484000-7f8a45485000 rw-p 00000000 00:00 0
7f8a45485000-7f8a45486000 r--p 00021000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45486000-7f8a45487000 rw-p 00022000 fd:00 2097348 /lib64/ld-2.14.90.so
7f8a45487000-7f8a45488000 rw-p 00000000 00:00 0
7fff6273b000-7fff6275c000 rw-p 00000000 00:00 0
7fff627ff000-7fff62800000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
where only the vma that is being used as a stack by *that* task is
marked as [stack].
Analogous changes have been made to /proc/PID/smaps,
/proc/PID/numa_maps, /proc/PID/task/TID/smaps and
/proc/PID/task/TID/numa_maps. Relevant snippets from smaps and
numa_maps:
[siddhesh@localhost ~ ]$ pgrep a.out
1441
[siddhesh@localhost ~ ]$ cat /proc/1441/smaps | grep "\[stack"
7f8a44492000-7f8a44c92000 rw-p 00000000 00:00 0 [stack:1442]
7fff6273b000-7fff6275c000 rw-p 00000000 00:00 0 [stack]
[siddhesh@localhost ~ ]$ cat /proc/1441/task/1442/smaps | grep "\[stack"
7f8a44492000-7f8a44c92000 rw-p 00000000 00:00 0 [stack]
[siddhesh@localhost ~ ]$ cat /proc/1441/task/1441/smaps | grep "\[stack"
7fff6273b000-7fff6275c000 rw-p 00000000 00:00 0 [stack]
[siddhesh@localhost ~ ]$ cat /proc/1441/numa_maps | grep "stack"
7f8a44492000 default stack:1442 anon=2 dirty=2 N0=2
7fff6273a000 default stack anon=3 dirty=3 N0=3
[siddhesh@localhost ~ ]$ cat /proc/1441/task/1442/numa_maps | grep "stack"
7f8a44492000 default stack anon=2 dirty=2 N0=2
[siddhesh@localhost ~ ]$ cat /proc/1441/task/1441/numa_maps | grep "stack"
7fff6273a000 default stack anon=3 dirty=3 N0=3
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix build]
Signed-off-by: Siddhesh Poyarekar <siddhesh.poyarekar@gmail.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Jamie Lokier <jamie@shareable.org>
Cc: Mike Frysinger <vapier@gentoo.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-03-22 07:34:04 +08:00
|
|
|
start_stack address of the start of the main process stack
|
2007-07-16 14:40:38 +08:00
|
|
|
esp current value of ESP
|
|
|
|
eip current value of EIP
|
2009-06-18 07:26:01 +08:00
|
|
|
pending bitmap of pending signals
|
|
|
|
blocked bitmap of blocked signals
|
|
|
|
sigign bitmap of ignored signals
|
2014-04-05 10:31:00 +08:00
|
|
|
sigcatch bitmap of caught signals
|
fs/proc, core/debug: Don't expose absolute kernel addresses via wchan
So the /proc/PID/stat 'wchan' field (the 30th field, which contains
the absolute kernel address of the kernel function a task is blocked in)
leaks absolute kernel addresses to unprivileged user-space:
seq_put_decimal_ull(m, ' ', wchan);
The absolute address might also leak via /proc/PID/wchan as well, if
KALLSYMS is turned off or if the symbol lookup fails for some reason:
static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
struct pid *pid, struct task_struct *task)
{
unsigned long wchan;
char symname[KSYM_NAME_LEN];
wchan = get_wchan(task);
if (lookup_symbol_name(wchan, symname) < 0) {
if (!ptrace_may_access(task, PTRACE_MODE_READ))
return 0;
seq_printf(m, "%lu", wchan);
} else {
seq_printf(m, "%s", symname);
}
return 0;
}
This isn't ideal, because for example it trivially leaks the KASLR offset
to any local attacker:
fomalhaut:~> printf "%016lx\n" $(cat /proc/$$/stat | cut -d' ' -f35)
ffffffff8123b380
Most real-life uses of wchan are symbolic:
ps -eo pid:10,tid:10,wchan:30,comm
and procps uses /proc/PID/wchan, not the absolute address in /proc/PID/stat:
triton:~/tip> strace -f ps -eo pid:10,tid:10,wchan:30,comm 2>&1 | grep wchan | tail -1
open("/proc/30833/wchan", O_RDONLY) = 6
There's one compatibility quirk here: procps relies on whether the
absolute value is non-zero - and we can provide that functionality
by outputing "0" or "1" depending on whether the task is blocked
(whether there's a wchan address).
These days there appears to be very little legitimate reason
user-space would be interested in the absolute address. The
absolute address is mostly historic: from the days when we
didn't have kallsyms and user-space procps had to do the
decoding itself via the System.map.
So this patch sets all numeric output to "0" or "1" and keeps only
symbolic output, in /proc/PID/wchan.
( The absolute sleep address can generally still be profiled via
perf, by tasks with sufficient privileges. )
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <stable@vger.kernel.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: kasan-dev <kasan-dev@googlegroups.com>
Cc: linux-kernel@vger.kernel.org
Link: http://lkml.kernel.org/r/20150930135917.GA3285@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-09-30 21:59:17 +08:00
|
|
|
0 (place holder, used to be the wchan address, use /proc/PID/wchan instead)
|
2007-07-16 14:40:38 +08:00
|
|
|
0 (place holder)
|
|
|
|
0 (place holder)
|
|
|
|
exit_signal signal to send to parent thread on exit
|
|
|
|
task_cpu which CPU the task is scheduled on
|
|
|
|
rt_priority realtime priority
|
|
|
|
policy scheduling policy (man sched_setscheduler)
|
|
|
|
blkio_ticks time spent waiting for block IO
|
2009-06-18 07:26:01 +08:00
|
|
|
gtime guest time of the task in jiffies
|
|
|
|
cgtime guest time of the task children in jiffies
|
2012-01-13 09:20:53 +08:00
|
|
|
start_data address above which program data+bss is placed
|
|
|
|
end_data address below which program data+bss is placed
|
|
|
|
start_brk address above which program heap can be expanded with brk()
|
2012-06-01 07:26:44 +08:00
|
|
|
arg_start address above which program command line is placed
|
|
|
|
arg_end address below which program command line is placed
|
|
|
|
env_start address above which program environment is placed
|
|
|
|
env_end address below which program environment is placed
|
|
|
|
exit_code the thread's exit_code in the form reported by the waitpid system call
|
2007-07-16 14:40:38 +08:00
|
|
|
..............................................................................
|
|
|
|
|
2010-03-15 22:21:31 +08:00
|
|
|
The /proc/PID/maps file containing the currently mapped memory regions and
|
2009-06-18 07:26:01 +08:00
|
|
|
their access permissions.
|
|
|
|
|
|
|
|
The format is:
|
|
|
|
|
|
|
|
address perms offset dev inode pathname
|
|
|
|
|
|
|
|
08048000-08049000 r-xp 00000000 03:00 8312 /opt/test
|
|
|
|
08049000-0804a000 rw-p 00001000 03:00 8312 /opt/test
|
|
|
|
0804a000-0806b000 rw-p 00000000 00:00 0 [heap]
|
|
|
|
a7cb1000-a7cb2000 ---p 00000000 00:00 0
|
2010-05-12 05:06:46 +08:00
|
|
|
a7cb2000-a7eb2000 rw-p 00000000 00:00 0
|
2009-06-18 07:26:01 +08:00
|
|
|
a7eb2000-a7eb3000 ---p 00000000 00:00 0
|
2016-02-03 08:57:29 +08:00
|
|
|
a7eb3000-a7ed5000 rw-p 00000000 00:00 0
|
2009-06-18 07:26:01 +08:00
|
|
|
a7ed5000-a8008000 r-xp 00000000 03:00 4222 /lib/libc.so.6
|
|
|
|
a8008000-a800a000 r--p 00133000 03:00 4222 /lib/libc.so.6
|
|
|
|
a800a000-a800b000 rw-p 00135000 03:00 4222 /lib/libc.so.6
|
|
|
|
a800b000-a800e000 rw-p 00000000 00:00 0
|
|
|
|
a800e000-a8022000 r-xp 00000000 03:00 14462 /lib/libpthread.so.0
|
|
|
|
a8022000-a8023000 r--p 00013000 03:00 14462 /lib/libpthread.so.0
|
|
|
|
a8023000-a8024000 rw-p 00014000 03:00 14462 /lib/libpthread.so.0
|
|
|
|
a8024000-a8027000 rw-p 00000000 00:00 0
|
|
|
|
a8027000-a8043000 r-xp 00000000 03:00 8317 /lib/ld-linux.so.2
|
|
|
|
a8043000-a8044000 r--p 0001b000 03:00 8317 /lib/ld-linux.so.2
|
|
|
|
a8044000-a8045000 rw-p 0001c000 03:00 8317 /lib/ld-linux.so.2
|
|
|
|
aff35000-aff4a000 rw-p 00000000 00:00 0 [stack]
|
|
|
|
ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
|
|
|
|
|
|
|
|
where "address" is the address space in the process that it occupies, "perms"
|
|
|
|
is a set of permissions:
|
|
|
|
|
|
|
|
r = read
|
|
|
|
w = write
|
|
|
|
x = execute
|
|
|
|
s = shared
|
|
|
|
p = private (copy on write)
|
|
|
|
|
|
|
|
"offset" is the offset into the mapping, "dev" is the device (major:minor), and
|
|
|
|
"inode" is the inode on that device. 0 indicates that no inode is associated
|
|
|
|
with the memory region, as the case would be with BSS (uninitialized data).
|
|
|
|
The "pathname" shows the name associated file for this mapping. If the mapping
|
|
|
|
is not associated with a file:
|
|
|
|
|
|
|
|
[heap] = the heap of the program
|
|
|
|
[stack] = the stack of the main process
|
|
|
|
[vdso] = the "virtual dynamic shared object",
|
|
|
|
the kernel system call handler
|
|
|
|
|
|
|
|
or if empty, the mapping is anonymous.
|
|
|
|
|
|
|
|
The /proc/PID/smaps is an extension based on maps, showing the memory
|
|
|
|
consumption for each of the process's mappings. For each of mappings there
|
|
|
|
is a series of lines such as the following:
|
|
|
|
|
|
|
|
08048000-080bc000 r-xp 00000000 03:02 13130 /bin/bash
|
|
|
|
Size: 1084 kB
|
|
|
|
Rss: 892 kB
|
|
|
|
Pss: 374 kB
|
|
|
|
Shared_Clean: 892 kB
|
|
|
|
Shared_Dirty: 0 kB
|
|
|
|
Private_Clean: 0 kB
|
|
|
|
Private_Dirty: 0 kB
|
|
|
|
Referenced: 892 kB
|
2010-10-28 06:34:10 +08:00
|
|
|
Anonymous: 0 kB
|
2015-11-06 10:47:11 +08:00
|
|
|
AnonHugePages: 0 kB
|
2016-07-27 06:26:40 +08:00
|
|
|
ShmemPmdMapped: 0 kB
|
2015-11-06 10:47:11 +08:00
|
|
|
Shared_Hugetlb: 0 kB
|
|
|
|
Private_Hugetlb: 0 kB
|
2009-06-18 07:26:01 +08:00
|
|
|
Swap: 0 kB
|
2015-09-09 06:00:24 +08:00
|
|
|
SwapPss: 0 kB
|
2009-06-18 07:26:01 +08:00
|
|
|
KernelPageSize: 4 kB
|
|
|
|
MMUPageSize: 4 kB
|
2015-11-06 10:50:37 +08:00
|
|
|
Locked: 0 kB
|
|
|
|
VmFlags: rd ex mr mw me dw
|
2009-06-18 07:26:01 +08:00
|
|
|
|
2012-12-18 08:03:13 +08:00
|
|
|
the first of these lines shows the same information as is displayed for the
|
2010-10-27 05:21:22 +08:00
|
|
|
mapping in /proc/PID/maps. The remaining lines show the size of the mapping
|
|
|
|
(size), the amount of the mapping that is currently resident in RAM (RSS), the
|
|
|
|
process' proportional share of this mapping (PSS), the number of clean and
|
2015-09-09 06:00:24 +08:00
|
|
|
dirty private pages in the mapping.
|
|
|
|
|
|
|
|
The "proportional set size" (PSS) of a process is the count of pages it has
|
|
|
|
in memory, where each page is divided by the number of processes sharing it.
|
|
|
|
So if a process has 1000 pages all to itself, and 1000 shared with one other
|
|
|
|
process, its PSS will be 1500.
|
|
|
|
Note that even a page which is part of a MAP_SHARED mapping, but has only
|
|
|
|
a single pte mapped, i.e. is currently used by only one process, is accounted
|
|
|
|
as private and not as shared.
|
|
|
|
"Referenced" indicates the amount of memory currently marked as referenced or
|
|
|
|
accessed.
|
2010-10-28 06:34:10 +08:00
|
|
|
"Anonymous" shows the amount of memory that does not belong to any file. Even
|
|
|
|
a mapping associated with a file may contain anonymous pages: when MAP_PRIVATE
|
|
|
|
and a page is modified, the file page is replaced by a private anonymous copy.
|
2015-11-06 10:47:11 +08:00
|
|
|
"AnonHugePages" shows the ammount of memory backed by transparent hugepage.
|
2016-07-27 06:26:40 +08:00
|
|
|
"ShmemPmdMapped" shows the ammount of shared (shmem/tmpfs) memory backed by
|
|
|
|
huge pages.
|
2015-11-06 10:47:11 +08:00
|
|
|
"Shared_Hugetlb" and "Private_Hugetlb" show the ammounts of memory backed by
|
|
|
|
hugetlbfs page which is *not* counted in "RSS" or "PSS" field for historical
|
|
|
|
reasons. And these are not included in {Shared,Private}_{Clean,Dirty} field.
|
2015-11-06 10:50:37 +08:00
|
|
|
"Swap" shows how much would-be-anonymous memory is also used, but out on swap.
|
mm, proc: account for shmem swap in /proc/pid/smaps
Currently, /proc/pid/smaps will always show "Swap: 0 kB" for
shmem-backed mappings, even if the mapped portion does contain pages
that were swapped out. This is because unlike private anonymous
mappings, shmem does not change pte to swap entry, but pte_none when
swapping the page out. In the smaps page walk, such page thus looks
like it was never faulted in.
This patch changes smaps_pte_entry() to determine the swap status for
such pte_none entries for shmem mappings, similarly to how
mincore_page() does it. Swapped out shmem pages are thus accounted for.
For private mappings of tmpfs files that COWed some of the pages, swaped
out status of the original shmem pages is naturally ignored. If some of
the private copies was also swapped out, they are accounted via their
page table swap entries, so the resulting reported swap usage is then a
sum of both swapped out private copies, and swapped out shmem pages that
were not COWed. No double accounting can thus happen.
The accounting is arguably still not as precise as for private anonymous
mappings, since now we will count also pages that the process in
question never accessed, but another process populated them and then let
them become swapped out. I believe it is still less confusing and
subtle than not showing any swap usage by shmem mappings at all.
Swapped out counter might of interest of users who would like to prevent
from future swapins during performance critical operation and pre-fault
them at their convenience. Especially for larger swapped out regions
the cost of swapin is much higher than a fresh page allocation. So a
differentiation between pte_none vs. swapped out is important for those
usecases.
One downside of this patch is that it makes /proc/pid/smaps more
expensive for shmem mappings, as we consult the radix tree for each
pte_none entry, so the overal complexity is O(n*log(n)). I have
measured this on a process that creates a 2GB mapping and dirties single
pages with a stride of 2MB, and time how long does it take to cat
/proc/pid/smaps of this process 100 times.
Private anonymous mapping:
real 0m0.949s
user 0m0.116s
sys 0m0.348s
Mapping of a /dev/shm/file:
real 0m3.831s
user 0m0.180s
sys 0m3.212s
The difference is rather substantial, so the next patch will reduce the
cost for shared or read-only mappings.
In a less controlled experiment, I've gathered pids of processes on my
desktop that have either '/dev/shm/*' or 'SYSV*' in smaps. This
included the Chrome browser and some KDE processes. Again, I've run cat
/proc/pid/smaps on each 100 times.
Before this patch:
real 0m9.050s
user 0m0.518s
sys 0m8.066s
After this patch:
real 0m9.221s
user 0m0.541s
sys 0m8.187s
This suggests low impact on average systems.
Note that this patch doesn't attempt to adjust the SwapPss field for
shmem mappings, which would need extra work to determine who else could
have the pages mapped. Thus the value stays zero except for COWed
swapped out pages in a shmem mapping, which are accounted as usual.
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Jerome Marchand <jmarchan@redhat.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-01-15 07:19:17 +08:00
|
|
|
For shmem mappings, "Swap" includes also the size of the mapped (and not
|
|
|
|
replaced by copy-on-write) part of the underlying shmem object out on swap.
|
|
|
|
"SwapPss" shows proportional swap share of this mapping. Unlike "Swap", this
|
|
|
|
does not take into account swapped out page of underlying shmem objects.
|
2015-11-06 10:50:37 +08:00
|
|
|
"Locked" indicates whether the mapping is locked in memory or not.
|
2015-11-06 10:47:11 +08:00
|
|
|
|
2012-12-18 08:03:13 +08:00
|
|
|
"VmFlags" field deserves a separate description. This member represents the kernel
|
|
|
|
flags associated with the particular virtual memory area in two letter encoded
|
|
|
|
manner. The codes are the following:
|
|
|
|
rd - readable
|
|
|
|
wr - writeable
|
|
|
|
ex - executable
|
|
|
|
sh - shared
|
|
|
|
mr - may read
|
|
|
|
mw - may write
|
|
|
|
me - may execute
|
|
|
|
ms - may share
|
|
|
|
gd - stack segment growns down
|
|
|
|
pf - pure PFN range
|
|
|
|
dw - disabled write to the mapped file
|
|
|
|
lo - pages are locked in memory
|
|
|
|
io - memory mapped I/O area
|
|
|
|
sr - sequential read advise provided
|
|
|
|
rr - random read advise provided
|
|
|
|
dc - do not copy area on fork
|
|
|
|
de - do not expand area on remapping
|
|
|
|
ac - area is accountable
|
|
|
|
nr - swap space is not reserved for the area
|
|
|
|
ht - area uses huge tlb pages
|
|
|
|
ar - architecture specific flag
|
|
|
|
dd - do not include area into core dump
|
2013-11-13 07:07:49 +08:00
|
|
|
sd - soft-dirty flag
|
2012-12-18 08:03:13 +08:00
|
|
|
mm - mixed map area
|
|
|
|
hg - huge page advise flag
|
|
|
|
nh - no-huge page advise flag
|
|
|
|
mg - mergable advise flag
|
|
|
|
|
|
|
|
Note that there is no guarantee that every flag and associated mnemonic will
|
|
|
|
be present in all further kernel releases. Things get changed, the flags may
|
|
|
|
be vanished or the reverse -- new added.
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
This file is only present if the CONFIG_MMU kernel configuration option is
|
|
|
|
enabled.
|
2007-07-16 14:40:38 +08:00
|
|
|
|
2016-10-08 08:02:39 +08:00
|
|
|
Note: reading /proc/PID/maps or /proc/PID/smaps is inherently racy (consistent
|
|
|
|
output can be achieved only in the single read call).
|
|
|
|
This typically manifests when doing partial reads of these files while the
|
|
|
|
memory map is being modified. Despite the races, we do provide the following
|
|
|
|
guarantees:
|
|
|
|
|
|
|
|
1) The mapped addresses never go backwards, which implies no two
|
|
|
|
regions will ever overlap.
|
|
|
|
2) If there is something at a given vaddr during the entirety of the
|
|
|
|
life of the smaps/maps walk, there will be some output for it.
|
|
|
|
|
|
|
|
|
2009-09-22 08:02:29 +08:00
|
|
|
The /proc/PID/clear_refs is used to reset the PG_Referenced and ACCESSED/YOUNG
|
mm: soft-dirty bits for user memory changes tracking
The soft-dirty is a bit on a PTE which helps to track which pages a task
writes to. In order to do this tracking one should
1. Clear soft-dirty bits from PTEs ("echo 4 > /proc/PID/clear_refs)
2. Wait some time.
3. Read soft-dirty bits (55'th in /proc/PID/pagemap2 entries)
To do this tracking, the writable bit is cleared from PTEs when the
soft-dirty bit is. Thus, after this, when the task tries to modify a
page at some virtual address the #PF occurs and the kernel sets the
soft-dirty bit on the respective PTE.
Note, that although all the task's address space is marked as r/o after
the soft-dirty bits clear, the #PF-s that occur after that are processed
fast. This is so, since the pages are still mapped to physical memory,
and thus all the kernel does is finds this fact out and puts back
writable, dirty and soft-dirty bits on the PTE.
Another thing to note, is that when mremap moves PTEs they are marked
with soft-dirty as well, since from the user perspective mremap modifies
the virtual memory at mremap's new address.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Cc: Glauber Costa <glommer@parallels.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-07-04 06:01:20 +08:00
|
|
|
bits on both physical and virtual pages associated with a process, and the
|
|
|
|
soft-dirty bit on pte (see Documentation/vm/soft-dirty.txt for details).
|
2009-09-22 08:02:29 +08:00
|
|
|
To clear the bits for all the pages associated with the process
|
|
|
|
> echo 1 > /proc/PID/clear_refs
|
|
|
|
|
|
|
|
To clear the bits for the anonymous pages associated with the process
|
|
|
|
> echo 2 > /proc/PID/clear_refs
|
|
|
|
|
|
|
|
To clear the bits for the file mapped pages associated with the process
|
|
|
|
> echo 3 > /proc/PID/clear_refs
|
mm: soft-dirty bits for user memory changes tracking
The soft-dirty is a bit on a PTE which helps to track which pages a task
writes to. In order to do this tracking one should
1. Clear soft-dirty bits from PTEs ("echo 4 > /proc/PID/clear_refs)
2. Wait some time.
3. Read soft-dirty bits (55'th in /proc/PID/pagemap2 entries)
To do this tracking, the writable bit is cleared from PTEs when the
soft-dirty bit is. Thus, after this, when the task tries to modify a
page at some virtual address the #PF occurs and the kernel sets the
soft-dirty bit on the respective PTE.
Note, that although all the task's address space is marked as r/o after
the soft-dirty bits clear, the #PF-s that occur after that are processed
fast. This is so, since the pages are still mapped to physical memory,
and thus all the kernel does is finds this fact out and puts back
writable, dirty and soft-dirty bits on the PTE.
Another thing to note, is that when mremap moves PTEs they are marked
with soft-dirty as well, since from the user perspective mremap modifies
the virtual memory at mremap's new address.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Cc: Glauber Costa <glommer@parallels.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-07-04 06:01:20 +08:00
|
|
|
|
|
|
|
To clear the soft-dirty bit
|
|
|
|
> echo 4 > /proc/PID/clear_refs
|
|
|
|
|
2015-02-13 07:01:00 +08:00
|
|
|
To reset the peak resident set size ("high water mark") to the process's
|
|
|
|
current value:
|
|
|
|
> echo 5 > /proc/PID/clear_refs
|
|
|
|
|
2009-09-22 08:02:29 +08:00
|
|
|
Any other value written to /proc/PID/clear_refs will have no effect.
|
|
|
|
|
2010-10-28 06:34:11 +08:00
|
|
|
The /proc/pid/pagemap gives the PFN, which can be used to find the pageflags
|
|
|
|
using /proc/kpageflags and number of times a page is mapped using
|
|
|
|
/proc/kpagecount. For detailed explanation, see Documentation/vm/pagemap.txt.
|
2009-09-22 08:02:29 +08:00
|
|
|
|
2015-02-13 07:01:05 +08:00
|
|
|
The /proc/pid/numa_maps is an extension based on maps, showing the memory
|
|
|
|
locality and binding policy, as well as the memory usage (in pages) of
|
|
|
|
each mapping. The output follows a general format where mapping details get
|
|
|
|
summarized separated by blank spaces, one mapping per each file line:
|
|
|
|
|
|
|
|
address policy mapping details
|
|
|
|
|
2015-02-13 07:01:08 +08:00
|
|
|
00400000 default file=/usr/local/bin/app mapped=1 active=0 N3=1 kernelpagesize_kB=4
|
|
|
|
00600000 default file=/usr/local/bin/app anon=1 dirty=1 N3=1 kernelpagesize_kB=4
|
|
|
|
3206000000 default file=/lib64/ld-2.12.so mapped=26 mapmax=6 N0=24 N3=2 kernelpagesize_kB=4
|
|
|
|
320621f000 default file=/lib64/ld-2.12.so anon=1 dirty=1 N3=1 kernelpagesize_kB=4
|
|
|
|
3206220000 default file=/lib64/ld-2.12.so anon=1 dirty=1 N3=1 kernelpagesize_kB=4
|
|
|
|
3206221000 default anon=1 dirty=1 N3=1 kernelpagesize_kB=4
|
|
|
|
3206800000 default file=/lib64/libc-2.12.so mapped=59 mapmax=21 active=55 N0=41 N3=18 kernelpagesize_kB=4
|
2015-02-13 07:01:05 +08:00
|
|
|
320698b000 default file=/lib64/libc-2.12.so
|
2015-02-13 07:01:08 +08:00
|
|
|
3206b8a000 default file=/lib64/libc-2.12.so anon=2 dirty=2 N3=2 kernelpagesize_kB=4
|
|
|
|
3206b8e000 default file=/lib64/libc-2.12.so anon=1 dirty=1 N3=1 kernelpagesize_kB=4
|
|
|
|
3206b8f000 default anon=3 dirty=3 active=1 N3=3 kernelpagesize_kB=4
|
|
|
|
7f4dc10a2000 default anon=3 dirty=3 N3=3 kernelpagesize_kB=4
|
|
|
|
7f4dc10b4000 default anon=2 dirty=2 active=1 N3=2 kernelpagesize_kB=4
|
|
|
|
7f4dc1200000 default file=/anon_hugepage\040(deleted) huge anon=1 dirty=1 N3=1 kernelpagesize_kB=2048
|
|
|
|
7fff335f0000 default stack anon=3 dirty=3 N3=3 kernelpagesize_kB=4
|
|
|
|
7fff3369d000 default mapped=1 mapmax=35 active=0 N3=1 kernelpagesize_kB=4
|
2015-02-13 07:01:05 +08:00
|
|
|
|
|
|
|
Where:
|
|
|
|
"address" is the starting address for the mapping;
|
|
|
|
"policy" reports the NUMA memory policy set for the mapping (see vm/numa_memory_policy.txt);
|
|
|
|
"mapping details" summarizes mapping data such as mapping type, page usage counters,
|
|
|
|
node locality page counters (N0 == node0, N1 == node1, ...) and the kernel page
|
|
|
|
size, in KB, that is backing the mapping up.
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
1.2 Kernel data
|
|
|
|
---------------
|
|
|
|
|
|
|
|
Similar to the process entries, the kernel data files give information about
|
|
|
|
the running kernel. The files used to obtain this information are contained in
|
2009-06-18 07:26:01 +08:00
|
|
|
/proc and are listed in Table 1-5. Not all of these will be present in your
|
2005-04-17 06:20:36 +08:00
|
|
|
system. It depends on the kernel configuration and the loaded modules, which
|
|
|
|
files are there, and which are missing.
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-5: Kernel info in /proc
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
apm Advanced power management info
|
|
|
|
buddyinfo Kernel memory allocator information (see text) (2.5)
|
|
|
|
bus Directory containing bus specific information
|
|
|
|
cmdline Kernel command line
|
|
|
|
cpuinfo Info about the CPU
|
|
|
|
devices Available devices (block and character)
|
|
|
|
dma Used DMS channels
|
|
|
|
filesystems Supported filesystems
|
|
|
|
driver Various drivers grouped here, currently rtc (2.4)
|
|
|
|
execdomains Execdomains, related to security (2.4)
|
|
|
|
fb Frame Buffer devices (2.4)
|
|
|
|
fs File system parameters, currently nfs/exports (2.4)
|
|
|
|
ide Directory containing info about the IDE subsystem
|
|
|
|
interrupts Interrupt usage
|
|
|
|
iomem Memory map (2.4)
|
|
|
|
ioports I/O port usage
|
|
|
|
irq Masks for irq to cpu affinity (2.4)(smp?)
|
|
|
|
isapnp ISA PnP (Plug&Play) Info (2.4)
|
|
|
|
kcore Kernel core image (can be ELF or A.OUT(deprecated in 2.4))
|
|
|
|
kmsg Kernel messages
|
|
|
|
ksyms Kernel symbol table
|
|
|
|
loadavg Load average of last 1, 5 & 15 minutes
|
|
|
|
locks Kernel locks
|
|
|
|
meminfo Memory info
|
|
|
|
misc Miscellaneous
|
|
|
|
modules List of loaded modules
|
|
|
|
mounts Mounted filesystems
|
|
|
|
net Networking info (see text)
|
2010-03-06 05:42:15 +08:00
|
|
|
pagetypeinfo Additional page allocator information (see text) (2.5)
|
2005-04-17 06:20:36 +08:00
|
|
|
partitions Table of partitions known to the system
|
2007-05-09 13:19:14 +08:00
|
|
|
pci Deprecated info of PCI bus (new way -> /proc/bus/pci/,
|
2005-04-17 06:20:36 +08:00
|
|
|
decoupled by lspci (2.4)
|
|
|
|
rtc Real time clock
|
|
|
|
scsi SCSI info (see text)
|
|
|
|
slabinfo Slab pool info
|
2009-06-18 07:25:55 +08:00
|
|
|
softirqs softirq usage
|
2005-04-17 06:20:36 +08:00
|
|
|
stat Overall statistics
|
|
|
|
swaps Swap space utilization
|
|
|
|
sys See chapter 2
|
|
|
|
sysvipc Info of SysVIPC Resources (msg, sem, shm) (2.4)
|
|
|
|
tty Info of tty drivers
|
2014-01-01 12:34:04 +08:00
|
|
|
uptime Wall clock since boot, combined idle time of all cpus
|
2005-04-17 06:20:36 +08:00
|
|
|
version Kernel version
|
|
|
|
video bttv info of video resources (2.4)
|
2008-07-24 12:27:38 +08:00
|
|
|
vmallocinfo Show vmalloced areas
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
You can, for example, check which interrupts are currently in use and what
|
|
|
|
they are used for by looking in the file /proc/interrupts:
|
|
|
|
|
|
|
|
> cat /proc/interrupts
|
|
|
|
CPU0
|
|
|
|
0: 8728810 XT-PIC timer
|
|
|
|
1: 895 XT-PIC keyboard
|
|
|
|
2: 0 XT-PIC cascade
|
|
|
|
3: 531695 XT-PIC aha152x
|
|
|
|
4: 2014133 XT-PIC serial
|
|
|
|
5: 44401 XT-PIC pcnet_cs
|
|
|
|
8: 2 XT-PIC rtc
|
|
|
|
11: 8 XT-PIC i82365
|
|
|
|
12: 182918 XT-PIC PS/2 Mouse
|
|
|
|
13: 1 XT-PIC fpu
|
|
|
|
14: 1232265 XT-PIC ide0
|
|
|
|
15: 7 XT-PIC ide1
|
|
|
|
NMI: 0
|
|
|
|
|
|
|
|
In 2.4.* a couple of lines where added to this file LOC & ERR (this time is the
|
|
|
|
output of a SMP machine):
|
|
|
|
|
|
|
|
> cat /proc/interrupts
|
|
|
|
|
|
|
|
CPU0 CPU1
|
|
|
|
0: 1243498 1214548 IO-APIC-edge timer
|
|
|
|
1: 8949 8958 IO-APIC-edge keyboard
|
|
|
|
2: 0 0 XT-PIC cascade
|
|
|
|
5: 11286 10161 IO-APIC-edge soundblaster
|
|
|
|
8: 1 0 IO-APIC-edge rtc
|
|
|
|
9: 27422 27407 IO-APIC-edge 3c503
|
|
|
|
12: 113645 113873 IO-APIC-edge PS/2 Mouse
|
|
|
|
13: 0 0 XT-PIC fpu
|
|
|
|
14: 22491 24012 IO-APIC-edge ide0
|
|
|
|
15: 2183 2415 IO-APIC-edge ide1
|
|
|
|
17: 30564 30414 IO-APIC-level eth0
|
|
|
|
18: 177 164 IO-APIC-level bttv
|
|
|
|
NMI: 2457961 2457959
|
|
|
|
LOC: 2457882 2457881
|
|
|
|
ERR: 2155
|
|
|
|
|
|
|
|
NMI is incremented in this case because every timer interrupt generates a NMI
|
|
|
|
(Non Maskable Interrupt) which is used by the NMI Watchdog to detect lockups.
|
|
|
|
|
|
|
|
LOC is the local interrupt counter of the internal APIC of every CPU.
|
|
|
|
|
|
|
|
ERR is incremented in the case of errors in the IO-APIC bus (the bus that
|
|
|
|
connects the CPUs in a SMP system. This means that an error has been detected,
|
|
|
|
the IO-APIC automatically retry the transmission, so it should not be a big
|
|
|
|
problem, but you should read the SMP-FAQ.
|
|
|
|
|
2007-10-18 00:04:40 +08:00
|
|
|
In 2.6.2* /proc/interrupts was expanded again. This time the goal was for
|
|
|
|
/proc/interrupts to display every IRQ vector in use by the system, not
|
|
|
|
just those considered 'most important'. The new vectors are:
|
|
|
|
|
|
|
|
THR -- interrupt raised when a machine check threshold counter
|
|
|
|
(typically counting ECC corrected errors of memory or cache) exceeds
|
|
|
|
a configurable threshold. Only available on some systems.
|
|
|
|
|
|
|
|
TRM -- a thermal event interrupt occurs when a temperature threshold
|
|
|
|
has been exceeded for the CPU. This interrupt may also be generated
|
|
|
|
when the temperature drops back to normal.
|
|
|
|
|
|
|
|
SPU -- a spurious interrupt is some interrupt that was raised then lowered
|
|
|
|
by some IO device before it could be fully processed by the APIC. Hence
|
|
|
|
the APIC sees the interrupt but does not know what device it came from.
|
|
|
|
For this case the APIC will generate the interrupt with a IRQ vector
|
|
|
|
of 0xff. This might also be generated by chipset bugs.
|
|
|
|
|
|
|
|
RES, CAL, TLB -- rescheduling, call and TLB flush interrupts are
|
|
|
|
sent from one CPU to another per the needs of the OS. Typically,
|
|
|
|
their statistics are used by kernel developers and interested users to
|
2009-04-27 21:06:31 +08:00
|
|
|
determine the occurrence of interrupts of the given type.
|
2007-10-18 00:04:40 +08:00
|
|
|
|
2011-03-31 09:57:33 +08:00
|
|
|
The above IRQ vectors are displayed only when relevant. For example,
|
2007-10-18 00:04:40 +08:00
|
|
|
the threshold vector does not exist on x86_64 platforms. Others are
|
|
|
|
suppressed when the system is a uniprocessor. As of this writing, only
|
|
|
|
i386 and x86_64 platforms support the new IRQ vector displays.
|
|
|
|
|
|
|
|
Of some interest is the introduction of the /proc/irq directory to 2.4.
|
2005-04-17 06:20:36 +08:00
|
|
|
It could be used to set IRQ to CPU affinity, this means that you can "hook" an
|
|
|
|
IRQ to only one CPU, or to exclude a CPU of handling IRQs. The contents of the
|
2008-05-30 02:02:52 +08:00
|
|
|
irq subdir is one subdir for each IRQ, and two files; default_smp_affinity and
|
|
|
|
prof_cpu_mask.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
For example
|
|
|
|
> ls /proc/irq/
|
|
|
|
0 10 12 14 16 18 2 4 6 8 prof_cpu_mask
|
2008-05-30 02:02:52 +08:00
|
|
|
1 11 13 15 17 19 3 5 7 9 default_smp_affinity
|
2005-04-17 06:20:36 +08:00
|
|
|
> ls /proc/irq/0/
|
|
|
|
smp_affinity
|
|
|
|
|
2008-05-30 02:02:52 +08:00
|
|
|
smp_affinity is a bitmask, in which you can specify which CPUs can handle the
|
|
|
|
IRQ, you can set it by doing:
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2008-05-30 02:02:52 +08:00
|
|
|
> echo 1 > /proc/irq/10/smp_affinity
|
|
|
|
|
|
|
|
This means that only the first CPU will handle the IRQ, but you can also echo
|
2016-06-17 21:05:15 +08:00
|
|
|
5 which means that only the first and third CPU can handle the IRQ.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2008-05-30 02:02:52 +08:00
|
|
|
The contents of each smp_affinity file is the same by default:
|
|
|
|
|
|
|
|
> cat /proc/irq/0/smp_affinity
|
|
|
|
ffffffff
|
2005-04-17 06:20:36 +08:00
|
|
|
|
bitmap, irq: add smp_affinity_list interface to /proc/irq
Manually adjusting the smp_affinity for IRQ's becomes unwieldy when the
cpu count is large.
Setting smp affinity to cpus 256 to 263 would be:
echo 000000ff,00000000,00000000,00000000,00000000,00000000,00000000,00000000 > smp_affinity
instead of:
echo 256-263 > smp_affinity_list
Think about what it looks like for cpus around say, 4088 to 4095.
We already have many alternate "list" interfaces:
/sys/devices/system/cpu/cpuX/indexY/shared_cpu_list
/sys/devices/system/cpu/cpuX/topology/thread_siblings_list
/sys/devices/system/cpu/cpuX/topology/core_siblings_list
/sys/devices/system/node/nodeX/cpulist
/sys/devices/pci***/***/local_cpulist
Add a companion interface, smp_affinity_list to use cpu lists instead of
cpu maps. This conforms to other companion interfaces where both a map
and a list interface exists.
This required adding a bitmap_parselist_user() function in a manner
similar to the bitmap_parse_user() function.
[akpm@linux-foundation.org: make __bitmap_parselist() static]
Signed-off-by: Mike Travis <travis@sgi.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jack Steiner <steiner@sgi.com>
Cc: Lee Schermerhorn <lee.schermerhorn@hp.com>
Cc: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-05-25 08:13:12 +08:00
|
|
|
There is an alternate interface, smp_affinity_list which allows specifying
|
|
|
|
a cpu range instead of a bitmask:
|
|
|
|
|
|
|
|
> cat /proc/irq/0/smp_affinity_list
|
|
|
|
1024-1031
|
|
|
|
|
2008-05-30 02:02:52 +08:00
|
|
|
The default_smp_affinity mask applies to all non-active IRQs, which are the
|
|
|
|
IRQs which have not yet been allocated/activated, and hence which lack a
|
|
|
|
/proc/irq/[0-9]* directory.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2010-03-12 06:08:56 +08:00
|
|
|
The node file on an SMP system shows the node to which the device using the IRQ
|
|
|
|
reports itself as being attached. This hardware locality information does not
|
|
|
|
include information about any possible driver locality preference.
|
|
|
|
|
2008-05-30 02:02:52 +08:00
|
|
|
prof_cpu_mask specifies which CPUs are to be profiled by the system wide
|
bitmap, irq: add smp_affinity_list interface to /proc/irq
Manually adjusting the smp_affinity for IRQ's becomes unwieldy when the
cpu count is large.
Setting smp affinity to cpus 256 to 263 would be:
echo 000000ff,00000000,00000000,00000000,00000000,00000000,00000000,00000000 > smp_affinity
instead of:
echo 256-263 > smp_affinity_list
Think about what it looks like for cpus around say, 4088 to 4095.
We already have many alternate "list" interfaces:
/sys/devices/system/cpu/cpuX/indexY/shared_cpu_list
/sys/devices/system/cpu/cpuX/topology/thread_siblings_list
/sys/devices/system/cpu/cpuX/topology/core_siblings_list
/sys/devices/system/node/nodeX/cpulist
/sys/devices/pci***/***/local_cpulist
Add a companion interface, smp_affinity_list to use cpu lists instead of
cpu maps. This conforms to other companion interfaces where both a map
and a list interface exists.
This required adding a bitmap_parselist_user() function in a manner
similar to the bitmap_parse_user() function.
[akpm@linux-foundation.org: make __bitmap_parselist() static]
Signed-off-by: Mike Travis <travis@sgi.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jack Steiner <steiner@sgi.com>
Cc: Lee Schermerhorn <lee.schermerhorn@hp.com>
Cc: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-05-25 08:13:12 +08:00
|
|
|
profiler. Default value is ffffffff (all cpus if there are only 32 of them).
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
The way IRQs are routed is handled by the IO-APIC, and it's Round Robin
|
|
|
|
between all the CPUs which are allowed to handle it. As usual the kernel has
|
|
|
|
more info than you and does a better job than you, so the defaults are the
|
bitmap, irq: add smp_affinity_list interface to /proc/irq
Manually adjusting the smp_affinity for IRQ's becomes unwieldy when the
cpu count is large.
Setting smp affinity to cpus 256 to 263 would be:
echo 000000ff,00000000,00000000,00000000,00000000,00000000,00000000,00000000 > smp_affinity
instead of:
echo 256-263 > smp_affinity_list
Think about what it looks like for cpus around say, 4088 to 4095.
We already have many alternate "list" interfaces:
/sys/devices/system/cpu/cpuX/indexY/shared_cpu_list
/sys/devices/system/cpu/cpuX/topology/thread_siblings_list
/sys/devices/system/cpu/cpuX/topology/core_siblings_list
/sys/devices/system/node/nodeX/cpulist
/sys/devices/pci***/***/local_cpulist
Add a companion interface, smp_affinity_list to use cpu lists instead of
cpu maps. This conforms to other companion interfaces where both a map
and a list interface exists.
This required adding a bitmap_parselist_user() function in a manner
similar to the bitmap_parse_user() function.
[akpm@linux-foundation.org: make __bitmap_parselist() static]
Signed-off-by: Mike Travis <travis@sgi.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Jack Steiner <steiner@sgi.com>
Cc: Lee Schermerhorn <lee.schermerhorn@hp.com>
Cc: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-05-25 08:13:12 +08:00
|
|
|
best choice for almost everyone. [Note this applies only to those IO-APIC's
|
|
|
|
that support "Round Robin" interrupt distribution.]
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
There are three more important subdirectories in /proc: net, scsi, and sys.
|
|
|
|
The general rule is that the contents, or even the existence of these
|
|
|
|
directories, depend on your kernel configuration. If SCSI is not enabled, the
|
|
|
|
directory scsi may not exist. The same is true with the net, which is there
|
|
|
|
only when networking support is present in the running kernel.
|
|
|
|
|
|
|
|
The slabinfo file gives information about memory usage at the slab level.
|
|
|
|
Linux uses slab pools for memory management above page level in version 2.2.
|
|
|
|
Commonly used objects have their own slab pool (such as network buffers,
|
|
|
|
directory cache, and so on).
|
|
|
|
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
> cat /proc/buddyinfo
|
|
|
|
|
|
|
|
Node 0, zone DMA 0 4 5 4 4 3 ...
|
|
|
|
Node 0, zone Normal 1 0 0 1 101 8 ...
|
|
|
|
Node 0, zone HighMem 2 0 0 1 1 0 ...
|
|
|
|
|
2010-03-06 05:42:15 +08:00
|
|
|
External fragmentation is a problem under some workloads, and buddyinfo is a
|
2005-04-17 06:20:36 +08:00
|
|
|
useful tool for helping diagnose these problems. Buddyinfo will give you a
|
|
|
|
clue as to how big an area you can safely allocate, or why a previous
|
|
|
|
allocation failed.
|
|
|
|
|
|
|
|
Each column represents the number of pages of a certain order which are
|
|
|
|
available. In this case, there are 0 chunks of 2^0*PAGE_SIZE available in
|
|
|
|
ZONE_DMA, 4 chunks of 2^1*PAGE_SIZE in ZONE_DMA, 101 chunks of 2^4*PAGE_SIZE
|
|
|
|
available in ZONE_NORMAL, etc...
|
|
|
|
|
2010-03-06 05:42:15 +08:00
|
|
|
More information relevant to external fragmentation can be found in
|
|
|
|
pagetypeinfo.
|
|
|
|
|
|
|
|
> cat /proc/pagetypeinfo
|
|
|
|
Page block order: 9
|
|
|
|
Pages per block: 512
|
|
|
|
|
|
|
|
Free pages count per migrate type at order 0 1 2 3 4 5 6 7 8 9 10
|
|
|
|
Node 0, zone DMA, type Unmovable 0 0 0 1 1 1 1 1 1 1 0
|
|
|
|
Node 0, zone DMA, type Reclaimable 0 0 0 0 0 0 0 0 0 0 0
|
|
|
|
Node 0, zone DMA, type Movable 1 1 2 1 2 1 1 0 1 0 2
|
|
|
|
Node 0, zone DMA, type Reserve 0 0 0 0 0 0 0 0 0 1 0
|
|
|
|
Node 0, zone DMA, type Isolate 0 0 0 0 0 0 0 0 0 0 0
|
|
|
|
Node 0, zone DMA32, type Unmovable 103 54 77 1 1 1 11 8 7 1 9
|
|
|
|
Node 0, zone DMA32, type Reclaimable 0 0 2 1 0 0 0 0 1 0 0
|
|
|
|
Node 0, zone DMA32, type Movable 169 152 113 91 77 54 39 13 6 1 452
|
|
|
|
Node 0, zone DMA32, type Reserve 1 2 2 2 2 0 1 1 1 1 0
|
|
|
|
Node 0, zone DMA32, type Isolate 0 0 0 0 0 0 0 0 0 0 0
|
|
|
|
|
|
|
|
Number of blocks type Unmovable Reclaimable Movable Reserve Isolate
|
|
|
|
Node 0, zone DMA 2 0 5 1 0
|
|
|
|
Node 0, zone DMA32 41 6 967 2 0
|
|
|
|
|
|
|
|
Fragmentation avoidance in the kernel works by grouping pages of different
|
|
|
|
migrate types into the same contiguous regions of memory called page blocks.
|
|
|
|
A page block is typically the size of the default hugepage size e.g. 2MB on
|
|
|
|
X86-64. By keeping pages grouped based on their ability to move, the kernel
|
|
|
|
can reclaim pages within a page block to satisfy a high-order allocation.
|
|
|
|
|
|
|
|
The pagetypinfo begins with information on the size of a page block. It
|
|
|
|
then gives the same type of information as buddyinfo except broken down
|
|
|
|
by migrate-type and finishes with details on how many page blocks of each
|
|
|
|
type exist.
|
|
|
|
|
|
|
|
If min_free_kbytes has been tuned correctly (recommendations made by hugeadm
|
2016-01-13 15:47:56 +08:00
|
|
|
from libhugetlbfs https://github.com/libhugetlbfs/libhugetlbfs/), one can
|
2010-03-06 05:42:15 +08:00
|
|
|
make an estimate of the likely number of huge pages that can be allocated
|
|
|
|
at a given point in time. All the "Movable" blocks should be allocatable
|
|
|
|
unless memory has been mlock()'d. Some of the Reclaimable blocks should
|
|
|
|
also be allocatable although a lot of filesystem metadata may have to be
|
|
|
|
reclaimed to achieve this.
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
meminfo:
|
|
|
|
|
|
|
|
Provides information about distribution and utilization of memory. This
|
|
|
|
varies by architecture and compile options. The following is from a
|
|
|
|
16GB PIII, which has highmem enabled. You may not have all of these fields.
|
|
|
|
|
|
|
|
> cat /proc/meminfo
|
|
|
|
|
|
|
|
MemTotal: 16344972 kB
|
|
|
|
MemFree: 13634064 kB
|
/proc/meminfo: provide estimated available memory
Many load balancing and workload placing programs check /proc/meminfo to
estimate how much free memory is available. They generally do this by
adding up "free" and "cached", which was fine ten years ago, but is
pretty much guaranteed to be wrong today.
It is wrong because Cached includes memory that is not freeable as page
cache, for example shared memory segments, tmpfs, and ramfs, and it does
not include reclaimable slab memory, which can take up a large fraction
of system memory on mostly idle systems with lots of files.
Currently, the amount of memory that is available for a new workload,
without pushing the system into swap, can be estimated from MemFree,
Active(file), Inactive(file), and SReclaimable, as well as the "low"
watermarks from /proc/zoneinfo.
However, this may change in the future, and user space really should not
be expected to know kernel internals to come up with an estimate for the
amount of free memory.
It is more convenient to provide such an estimate in /proc/meminfo. If
things change in the future, we only have to change it in one place.
Signed-off-by: Rik van Riel <riel@redhat.com>
Reported-by: Erik Mouw <erik.mouw_2@nxp.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-01-22 07:49:05 +08:00
|
|
|
MemAvailable: 14836172 kB
|
2005-04-17 06:20:36 +08:00
|
|
|
Buffers: 3656 kB
|
|
|
|
Cached: 1195708 kB
|
|
|
|
SwapCached: 0 kB
|
|
|
|
Active: 891636 kB
|
|
|
|
Inactive: 1077224 kB
|
|
|
|
HighTotal: 15597528 kB
|
|
|
|
HighFree: 13629632 kB
|
|
|
|
LowTotal: 747444 kB
|
|
|
|
LowFree: 4432 kB
|
|
|
|
SwapTotal: 0 kB
|
|
|
|
SwapFree: 0 kB
|
|
|
|
Dirty: 968 kB
|
|
|
|
Writeback: 0 kB
|
2008-04-30 15:54:39 +08:00
|
|
|
AnonPages: 861800 kB
|
2005-04-17 06:20:36 +08:00
|
|
|
Mapped: 280372 kB
|
2016-01-15 07:21:58 +08:00
|
|
|
Shmem: 644 kB
|
2008-04-30 15:54:39 +08:00
|
|
|
Slab: 284364 kB
|
|
|
|
SReclaimable: 159856 kB
|
|
|
|
SUnreclaim: 124508 kB
|
|
|
|
PageTables: 24448 kB
|
|
|
|
NFS_Unstable: 0 kB
|
|
|
|
Bounce: 0 kB
|
|
|
|
WritebackTmp: 0 kB
|
2005-04-17 06:20:36 +08:00
|
|
|
CommitLimit: 7669796 kB
|
|
|
|
Committed_AS: 100056 kB
|
|
|
|
VmallocTotal: 112216 kB
|
|
|
|
VmallocUsed: 428 kB
|
|
|
|
VmallocChunk: 111088 kB
|
2012-05-30 06:06:45 +08:00
|
|
|
AnonHugePages: 49152 kB
|
2016-07-27 06:26:40 +08:00
|
|
|
ShmemHugePages: 0 kB
|
|
|
|
ShmemPmdMapped: 0 kB
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
MemTotal: Total usable ram (i.e. physical ram minus a few reserved
|
|
|
|
bits and the kernel binary code)
|
|
|
|
MemFree: The sum of LowFree+HighFree
|
/proc/meminfo: provide estimated available memory
Many load balancing and workload placing programs check /proc/meminfo to
estimate how much free memory is available. They generally do this by
adding up "free" and "cached", which was fine ten years ago, but is
pretty much guaranteed to be wrong today.
It is wrong because Cached includes memory that is not freeable as page
cache, for example shared memory segments, tmpfs, and ramfs, and it does
not include reclaimable slab memory, which can take up a large fraction
of system memory on mostly idle systems with lots of files.
Currently, the amount of memory that is available for a new workload,
without pushing the system into swap, can be estimated from MemFree,
Active(file), Inactive(file), and SReclaimable, as well as the "low"
watermarks from /proc/zoneinfo.
However, this may change in the future, and user space really should not
be expected to know kernel internals to come up with an estimate for the
amount of free memory.
It is more convenient to provide such an estimate in /proc/meminfo. If
things change in the future, we only have to change it in one place.
Signed-off-by: Rik van Riel <riel@redhat.com>
Reported-by: Erik Mouw <erik.mouw_2@nxp.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-01-22 07:49:05 +08:00
|
|
|
MemAvailable: An estimate of how much memory is available for starting new
|
|
|
|
applications, without swapping. Calculated from MemFree,
|
|
|
|
SReclaimable, the size of the file LRU lists, and the low
|
|
|
|
watermarks in each zone.
|
|
|
|
The estimate takes into account that the system needs some
|
|
|
|
page cache to function well, and that not all reclaimable
|
|
|
|
slab will be reclaimable, due to items being in use. The
|
|
|
|
impact of those factors will vary from system to system.
|
2005-04-17 06:20:36 +08:00
|
|
|
Buffers: Relatively temporary storage for raw disk blocks
|
|
|
|
shouldn't get tremendously large (20MB or so)
|
|
|
|
Cached: in-memory cache for files read from the disk (the
|
|
|
|
pagecache). Doesn't include SwapCached
|
|
|
|
SwapCached: Memory that once was swapped out, is swapped back in but
|
|
|
|
still also is in the swapfile (if memory is needed it
|
|
|
|
doesn't need to be swapped out AGAIN because it is already
|
|
|
|
in the swapfile. This saves I/O)
|
|
|
|
Active: Memory that has been used more recently and usually not
|
|
|
|
reclaimed unless absolutely necessary.
|
|
|
|
Inactive: Memory which has been less recently used. It is more
|
|
|
|
eligible to be reclaimed for other purposes
|
|
|
|
HighTotal:
|
|
|
|
HighFree: Highmem is all memory above ~860MB of physical memory
|
|
|
|
Highmem areas are for use by userspace programs, or
|
|
|
|
for the pagecache. The kernel must use tricks to access
|
|
|
|
this memory, making it slower to access than lowmem.
|
|
|
|
LowTotal:
|
|
|
|
LowFree: Lowmem is memory which can be used for everything that
|
2006-10-04 04:45:33 +08:00
|
|
|
highmem can be used for, but it is also available for the
|
2005-04-17 06:20:36 +08:00
|
|
|
kernel's use for its own data structures. Among many
|
|
|
|
other things, it is where everything from the Slab is
|
|
|
|
allocated. Bad things happen when you're out of lowmem.
|
|
|
|
SwapTotal: total amount of swap space available
|
|
|
|
SwapFree: Memory which has been evicted from RAM, and is temporarily
|
|
|
|
on the disk
|
|
|
|
Dirty: Memory which is waiting to get written back to the disk
|
|
|
|
Writeback: Memory which is actively being written back to the disk
|
2008-04-30 15:54:39 +08:00
|
|
|
AnonPages: Non-file backed pages mapped into userspace page tables
|
2012-05-30 06:06:45 +08:00
|
|
|
AnonHugePages: Non-file backed huge pages mapped into userspace page tables
|
2005-04-17 06:20:36 +08:00
|
|
|
Mapped: files which have been mmaped, such as libraries
|
2016-01-15 07:21:58 +08:00
|
|
|
Shmem: Total memory used by shared memory (shmem) and tmpfs
|
2016-07-27 06:26:40 +08:00
|
|
|
ShmemHugePages: Memory used by shared memory (shmem) and tmpfs allocated
|
|
|
|
with huge pages
|
|
|
|
ShmemPmdMapped: Shared memory mapped into userspace with huge pages
|
2006-01-10 07:20:30 +08:00
|
|
|
Slab: in-kernel data structures cache
|
2008-04-30 15:54:39 +08:00
|
|
|
SReclaimable: Part of Slab, that might be reclaimed, such as caches
|
|
|
|
SUnreclaim: Part of Slab, that cannot be reclaimed on memory pressure
|
|
|
|
PageTables: amount of memory dedicated to the lowest level of page
|
|
|
|
tables.
|
|
|
|
NFS_Unstable: NFS pages sent to the server, but not yet committed to stable
|
|
|
|
storage
|
|
|
|
Bounce: Memory used for block device "bounce buffers"
|
|
|
|
WritebackTmp: Memory used by FUSE for temporary writeback buffers
|
2005-04-17 06:20:36 +08:00
|
|
|
CommitLimit: Based on the overcommit ratio ('vm.overcommit_ratio'),
|
|
|
|
this is the total amount of memory currently available to
|
|
|
|
be allocated on the system. This limit is only adhered to
|
|
|
|
if strict overcommit accounting is enabled (mode 2 in
|
|
|
|
'vm.overcommit_memory').
|
|
|
|
The CommitLimit is calculated with the following formula:
|
2014-05-22 20:04:44 +08:00
|
|
|
CommitLimit = ([total RAM pages] - [total huge TLB pages]) *
|
|
|
|
overcommit_ratio / 100 + [total swap pages]
|
2005-04-17 06:20:36 +08:00
|
|
|
For example, on a system with 1G of physical RAM and 7G
|
|
|
|
of swap with a `vm.overcommit_ratio` of 30 it would
|
|
|
|
yield a CommitLimit of 7.3G.
|
|
|
|
For more details, see the memory overcommit documentation
|
|
|
|
in vm/overcommit-accounting.
|
|
|
|
Committed_AS: The amount of memory presently allocated on the system.
|
|
|
|
The committed memory is a sum of all of the memory which
|
|
|
|
has been allocated by processes, even if it has not been
|
|
|
|
"used" by them as of yet. A process which malloc()'s 1G
|
2013-09-12 05:24:35 +08:00
|
|
|
of memory, but only touches 300M of it will show up as
|
|
|
|
using 1G. This 1G is memory which has been "committed" to
|
|
|
|
by the VM and can be used at any time by the allocating
|
|
|
|
application. With strict overcommit enabled on the system
|
|
|
|
(mode 2 in 'vm.overcommit_memory'),allocations which would
|
|
|
|
exceed the CommitLimit (detailed above) will not be permitted.
|
|
|
|
This is useful if one needs to guarantee that processes will
|
|
|
|
not fail due to lack of memory once that memory has been
|
|
|
|
successfully allocated.
|
2005-04-17 06:20:36 +08:00
|
|
|
VmallocTotal: total size of vmalloc memory area
|
|
|
|
VmallocUsed: amount of vmalloc area which is used
|
2009-04-27 21:06:31 +08:00
|
|
|
VmallocChunk: largest contiguous block of vmalloc area which is free
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2008-07-24 12:27:38 +08:00
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
vmallocinfo:
|
|
|
|
|
|
|
|
Provides information about vmalloced/vmaped areas. One line per area,
|
|
|
|
containing the virtual address range of the area, size in bytes,
|
|
|
|
caller information of the creator, and optional information depending
|
|
|
|
on the kind of area :
|
|
|
|
|
|
|
|
pages=nr number of pages
|
|
|
|
phys=addr if a physical address was specified
|
|
|
|
ioremap I/O mapping (ioremap() and friends)
|
|
|
|
vmalloc vmalloc() area
|
|
|
|
vmap vmap()ed pages
|
|
|
|
user VM_USERMAP area
|
|
|
|
vpages buffer for pages pointers was vmalloced (huge area)
|
|
|
|
N<node>=nr (Only on NUMA kernels)
|
|
|
|
Number of pages allocated on memory node <node>
|
|
|
|
|
|
|
|
> cat /proc/vmallocinfo
|
|
|
|
0xffffc20000000000-0xffffc20000201000 2101248 alloc_large_system_hash+0x204 ...
|
|
|
|
/0x2c0 pages=512 vmalloc N0=128 N1=128 N2=128 N3=128
|
|
|
|
0xffffc20000201000-0xffffc20000302000 1052672 alloc_large_system_hash+0x204 ...
|
|
|
|
/0x2c0 pages=256 vmalloc N0=64 N1=64 N2=64 N3=64
|
|
|
|
0xffffc20000302000-0xffffc20000304000 8192 acpi_tb_verify_table+0x21/0x4f...
|
|
|
|
phys=7fee8000 ioremap
|
|
|
|
0xffffc20000304000-0xffffc20000307000 12288 acpi_tb_verify_table+0x21/0x4f...
|
|
|
|
phys=7fee7000 ioremap
|
|
|
|
0xffffc2000031d000-0xffffc2000031f000 8192 init_vdso_vars+0x112/0x210
|
|
|
|
0xffffc2000031f000-0xffffc2000032b000 49152 cramfs_uncompress_init+0x2e ...
|
|
|
|
/0x80 pages=11 vmalloc N0=3 N1=3 N2=2 N3=3
|
|
|
|
0xffffc2000033a000-0xffffc2000033d000 12288 sys_swapon+0x640/0xac0 ...
|
|
|
|
pages=2 vmalloc N1=2
|
|
|
|
0xffffc20000347000-0xffffc2000034c000 20480 xt_alloc_table_info+0xfe ...
|
|
|
|
/0x130 [x_tables] pages=4 vmalloc N0=4
|
|
|
|
0xffffffffa0000000-0xffffffffa000f000 61440 sys_init_module+0xc27/0x1d00 ...
|
|
|
|
pages=14 vmalloc N2=14
|
|
|
|
0xffffffffa000f000-0xffffffffa0014000 20480 sys_init_module+0xc27/0x1d00 ...
|
|
|
|
pages=4 vmalloc N1=4
|
|
|
|
0xffffffffa0014000-0xffffffffa0017000 12288 sys_init_module+0xc27/0x1d00 ...
|
|
|
|
pages=2 vmalloc N1=2
|
|
|
|
0xffffffffa0017000-0xffffffffa0022000 45056 sys_init_module+0xc27/0x1d00 ...
|
|
|
|
pages=10 vmalloc N0=10
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2009-06-18 07:25:55 +08:00
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
softirqs:
|
|
|
|
|
|
|
|
Provides counts of softirq handlers serviced since boot time, for each cpu.
|
|
|
|
|
|
|
|
> cat /proc/softirqs
|
|
|
|
CPU0 CPU1 CPU2 CPU3
|
|
|
|
HI: 0 0 0 0
|
|
|
|
TIMER: 27166 27120 27097 27034
|
|
|
|
NET_TX: 0 0 0 17
|
|
|
|
NET_RX: 42 0 0 39
|
|
|
|
BLOCK: 0 0 107 1121
|
|
|
|
TASKLET: 0 0 0 290
|
|
|
|
SCHED: 27035 26983 26971 26746
|
|
|
|
HRTIMER: 0 0 0 0
|
rcu: Use softirq to address performance regression
Commit a26ac2455ffcf3(rcu: move TREE_RCU from softirq to kthread)
introduced performance regression. In an AIM7 test, this commit degraded
performance by about 40%.
The commit runs rcu callbacks in a kthread instead of softirq. We observed
high rate of context switch which is caused by this. Out test system has
64 CPUs and HZ is 1000, so we saw more than 64k context switch per second
which is caused by RCU's per-CPU kthread. A trace showed that most of
the time the RCU per-CPU kthread doesn't actually handle any callbacks,
but instead just does a very small amount of work handling grace periods.
This means that RCU's per-CPU kthreads are making the scheduler do quite
a bit of work in order to allow a very small amount of RCU-related
processing to be done.
Alex Shi's analysis determined that this slowdown is due to lock
contention within the scheduler. Unfortunately, as Peter Zijlstra points
out, the scheduler's real-time semantics require global action, which
means that this contention is inherent in real-time scheduling. (Yes,
perhaps someone will come up with a workaround -- otherwise, -rt is not
going to do well on large SMP systems -- but this patch will work around
this issue in the meantime. And "the meantime" might well be forever.)
This patch therefore re-introduces softirq processing to RCU, but only
for core RCU work. RCU callbacks are still executed in kthread context,
so that only a small amount of RCU work runs in softirq context in the
common case. This should minimize ksoftirqd execution, allowing us to
skip boosting of ksoftirqd for CONFIG_RCU_BOOST=y kernels.
Signed-off-by: Shaohua Li <shaohua.li@intel.com>
Tested-by: "Alex,Shi" <alex.shi@intel.com>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
2011-06-14 13:26:25 +08:00
|
|
|
RCU: 1678 1769 2178 2250
|
2009-06-18 07:25:55 +08:00
|
|
|
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
1.3 IDE devices in /proc/ide
|
|
|
|
----------------------------
|
|
|
|
|
|
|
|
The subdirectory /proc/ide contains information about all IDE devices of which
|
|
|
|
the kernel is aware. There is one subdirectory for each IDE controller, the
|
|
|
|
file drivers and a link for each IDE device, pointing to the device directory
|
|
|
|
in the controller specific subtree.
|
|
|
|
|
|
|
|
The file drivers contains general information about the drivers used for the
|
|
|
|
IDE devices:
|
|
|
|
|
|
|
|
> cat /proc/ide/drivers
|
|
|
|
ide-cdrom version 4.53
|
|
|
|
ide-disk version 1.08
|
|
|
|
|
|
|
|
More detailed information can be found in the controller specific
|
|
|
|
subdirectories. These are named ide0, ide1 and so on. Each of these
|
2009-06-18 07:26:01 +08:00
|
|
|
directories contains the files shown in table 1-6.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-6: IDE controller info in /proc/ide/ide?
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
channel IDE channel (0 or 1)
|
|
|
|
config Configuration (only for PCI/IDE bridge)
|
|
|
|
mate Mate name
|
|
|
|
model Type/Chipset of IDE controller
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
Each device connected to a controller has a separate subdirectory in the
|
2009-06-18 07:26:01 +08:00
|
|
|
controllers directory. The files listed in table 1-7 are contained in these
|
2005-04-17 06:20:36 +08:00
|
|
|
directories.
|
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-7: IDE device information
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
cache The cache
|
|
|
|
capacity Capacity of the medium (in 512Byte blocks)
|
|
|
|
driver driver and version
|
|
|
|
geometry physical and logical geometry
|
|
|
|
identify device identify block
|
|
|
|
media media type
|
|
|
|
model device identifier
|
|
|
|
settings device setup
|
|
|
|
smart_thresholds IDE disk management thresholds
|
|
|
|
smart_values IDE disk management values
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
The most interesting file is settings. This file contains a nice overview of
|
|
|
|
the drive parameters:
|
|
|
|
|
|
|
|
# cat /proc/ide/ide0/hda/settings
|
|
|
|
name value min max mode
|
|
|
|
---- ----- --- --- ----
|
|
|
|
bios_cyl 526 0 65535 rw
|
|
|
|
bios_head 255 0 255 rw
|
|
|
|
bios_sect 63 0 63 rw
|
|
|
|
breada_readahead 4 0 127 rw
|
|
|
|
bswap 0 0 1 r
|
|
|
|
file_readahead 72 0 2097151 rw
|
|
|
|
io_32bit 0 0 3 rw
|
|
|
|
keepsettings 0 0 1 rw
|
|
|
|
max_kb_per_request 122 1 127 rw
|
|
|
|
multcount 0 0 8 rw
|
|
|
|
nice1 1 0 1 rw
|
|
|
|
nowerr 0 0 1 rw
|
|
|
|
pio_mode write-only 0 255 w
|
|
|
|
slow 0 0 1 rw
|
|
|
|
unmaskirq 0 0 1 rw
|
|
|
|
using_dma 0 0 1 rw
|
|
|
|
|
|
|
|
|
|
|
|
1.4 Networking info in /proc/net
|
|
|
|
--------------------------------
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
The subdirectory /proc/net follows the usual pattern. Table 1-8 shows the
|
2005-04-17 06:20:36 +08:00
|
|
|
additional values you get for IP version 6 if you configure the kernel to
|
2009-06-18 07:26:01 +08:00
|
|
|
support this. Table 1-9 lists the files and their meaning.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-8: IPv6 info in /proc/net
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
udp6 UDP sockets (IPv6)
|
|
|
|
tcp6 TCP sockets (IPv6)
|
|
|
|
raw6 Raw device statistics (IPv6)
|
|
|
|
igmp6 IP multicast addresses, which this host joined (IPv6)
|
|
|
|
if_inet6 List of IPv6 interface addresses
|
|
|
|
ipv6_route Kernel routing table for IPv6
|
|
|
|
rt6_stats Global IPv6 routing tables statistics
|
|
|
|
sockstat6 Socket statistics (IPv6)
|
|
|
|
snmp6 Snmp data (IPv6)
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-9: Network info in /proc/net
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
arp Kernel ARP table
|
|
|
|
dev network devices with statistics
|
|
|
|
dev_mcast the Layer2 multicast groups a device is listening too
|
|
|
|
(interface index, label, number of references, number of bound
|
|
|
|
addresses).
|
|
|
|
dev_stat network device status
|
|
|
|
ip_fwchains Firewall chain linkage
|
|
|
|
ip_fwnames Firewall chain names
|
|
|
|
ip_masq Directory containing the masquerading tables
|
|
|
|
ip_masquerade Major masquerading table
|
|
|
|
netstat Network statistics
|
|
|
|
raw raw device statistics
|
|
|
|
route Kernel routing table
|
|
|
|
rpc Directory containing rpc info
|
|
|
|
rt_cache Routing cache
|
|
|
|
snmp SNMP data
|
|
|
|
sockstat Socket statistics
|
|
|
|
tcp TCP sockets
|
|
|
|
udp UDP sockets
|
|
|
|
unix UNIX domain sockets
|
|
|
|
wireless Wireless interface data (Wavelan etc)
|
|
|
|
igmp IP multicast addresses, which this host joined
|
|
|
|
psched Global packet scheduler parameters.
|
|
|
|
netlink List of PF_NETLINK sockets
|
|
|
|
ip_mr_vifs List of multicast virtual interfaces
|
|
|
|
ip_mr_cache List of multicast routing cache
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
You can use this information to see which network devices are available in
|
|
|
|
your system and how much traffic was routed over those devices:
|
|
|
|
|
|
|
|
> cat /proc/net/dev
|
|
|
|
Inter-|Receive |[...
|
|
|
|
face |bytes packets errs drop fifo frame compressed multicast|[...
|
|
|
|
lo: 908188 5596 0 0 0 0 0 0 [...
|
|
|
|
ppp0:15475140 20721 410 0 0 410 0 0 [...
|
|
|
|
eth0: 614530 7085 0 0 0 0 0 1 [...
|
|
|
|
|
|
|
|
...] Transmit
|
|
|
|
...] bytes packets errs drop fifo colls carrier compressed
|
|
|
|
...] 908188 5596 0 0 0 0 0 0
|
|
|
|
...] 1375103 17405 0 0 0 0 0 0
|
|
|
|
...] 1703981 5535 0 0 0 3 0 0
|
|
|
|
|
2010-04-23 06:08:02 +08:00
|
|
|
In addition, each Channel Bond interface has its own directory. For
|
2005-04-17 06:20:36 +08:00
|
|
|
example, the bond0 device will have a directory called /proc/net/bond0/.
|
|
|
|
It will contain information that is specific to that bond, such as the
|
|
|
|
current slaves of the bond, the link status of the slaves, and how
|
|
|
|
many times the slaves link has failed.
|
|
|
|
|
|
|
|
1.5 SCSI info
|
|
|
|
-------------
|
|
|
|
|
|
|
|
If you have a SCSI host adapter in your system, you'll find a subdirectory
|
|
|
|
named after the driver for this adapter in /proc/scsi. You'll also see a list
|
|
|
|
of all recognized SCSI devices in /proc/scsi:
|
|
|
|
|
|
|
|
>cat /proc/scsi/scsi
|
|
|
|
Attached devices:
|
|
|
|
Host: scsi0 Channel: 00 Id: 00 Lun: 00
|
|
|
|
Vendor: IBM Model: DGHS09U Rev: 03E0
|
|
|
|
Type: Direct-Access ANSI SCSI revision: 03
|
|
|
|
Host: scsi0 Channel: 00 Id: 06 Lun: 00
|
|
|
|
Vendor: PIONEER Model: CD-ROM DR-U06S Rev: 1.04
|
|
|
|
Type: CD-ROM ANSI SCSI revision: 02
|
|
|
|
|
|
|
|
|
|
|
|
The directory named after the driver has one file for each adapter found in
|
|
|
|
the system. These files contain information about the controller, including
|
|
|
|
the used IRQ and the IO address range. The amount of information shown is
|
|
|
|
dependent on the adapter you use. The example shows the output for an Adaptec
|
|
|
|
AHA-2940 SCSI adapter:
|
|
|
|
|
|
|
|
> cat /proc/scsi/aic7xxx/0
|
|
|
|
|
|
|
|
Adaptec AIC7xxx driver version: 5.1.19/3.2.4
|
|
|
|
Compile Options:
|
|
|
|
TCQ Enabled By Default : Disabled
|
|
|
|
AIC7XXX_PROC_STATS : Disabled
|
|
|
|
AIC7XXX_RESET_DELAY : 5
|
|
|
|
Adapter Configuration:
|
|
|
|
SCSI Adapter: Adaptec AHA-294X Ultra SCSI host adapter
|
|
|
|
Ultra Wide Controller
|
|
|
|
PCI MMAPed I/O Base: 0xeb001000
|
|
|
|
Adapter SEEPROM Config: SEEPROM found and used.
|
|
|
|
Adaptec SCSI BIOS: Enabled
|
|
|
|
IRQ: 10
|
|
|
|
SCBs: Active 0, Max Active 2,
|
|
|
|
Allocated 15, HW 16, Page 255
|
|
|
|
Interrupts: 160328
|
|
|
|
BIOS Control Word: 0x18b6
|
|
|
|
Adapter Control Word: 0x005b
|
|
|
|
Extended Translation: Enabled
|
|
|
|
Disconnect Enable Flags: 0xffff
|
|
|
|
Ultra Enable Flags: 0x0001
|
|
|
|
Tag Queue Enable Flags: 0x0000
|
|
|
|
Ordered Queue Tag Flags: 0x0000
|
|
|
|
Default Tag Queue Depth: 8
|
|
|
|
Tagged Queue By Device array for aic7xxx host instance 0:
|
|
|
|
{255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255}
|
|
|
|
Actual queue depth per device for aic7xxx host instance 0:
|
|
|
|
{1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1}
|
|
|
|
Statistics:
|
|
|
|
(scsi0:0:0:0)
|
|
|
|
Device using Wide/Sync transfers at 40.0 MByte/sec, offset 8
|
|
|
|
Transinfo settings: current(12/8/1/0), goal(12/8/1/0), user(12/15/1/0)
|
|
|
|
Total transfers 160151 (74577 reads and 85574 writes)
|
|
|
|
(scsi0:0:6:0)
|
|
|
|
Device using Narrow/Sync transfers at 5.0 MByte/sec, offset 15
|
|
|
|
Transinfo settings: current(50/15/0/0), goal(50/15/0/0), user(50/15/0/0)
|
|
|
|
Total transfers 0 (0 reads and 0 writes)
|
|
|
|
|
|
|
|
|
|
|
|
1.6 Parallel port info in /proc/parport
|
|
|
|
---------------------------------------
|
|
|
|
|
|
|
|
The directory /proc/parport contains information about the parallel ports of
|
|
|
|
your system. It has one subdirectory for each port, named after the port
|
|
|
|
number (0,1,2,...).
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
These directories contain the four files shown in Table 1-10.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-10: Files in /proc/parport
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
autoprobe Any IEEE-1284 device ID information that has been acquired.
|
|
|
|
devices list of the device drivers using that port. A + will appear by the
|
|
|
|
name of the device currently using the port (it might not appear
|
|
|
|
against any).
|
|
|
|
hardware Parallel port's base address, IRQ line and DMA channel.
|
|
|
|
irq IRQ that parport is using for that port. This is in a separate
|
|
|
|
file to allow you to alter it by writing a new value in (IRQ
|
|
|
|
number or none).
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
1.7 TTY info in /proc/tty
|
|
|
|
-------------------------
|
|
|
|
|
|
|
|
Information about the available and actually used tty's can be found in the
|
|
|
|
directory /proc/tty.You'll find entries for drivers and line disciplines in
|
2009-06-18 07:26:01 +08:00
|
|
|
this directory, as shown in Table 1-11.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-11: Files in /proc/tty
|
2005-04-17 06:20:36 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
drivers list of drivers and their usage
|
|
|
|
ldiscs registered line disciplines
|
|
|
|
driver/serial usage statistic and status of single tty lines
|
|
|
|
..............................................................................
|
|
|
|
|
|
|
|
To see which tty's are currently in use, you can simply look into the file
|
|
|
|
/proc/tty/drivers:
|
|
|
|
|
|
|
|
> cat /proc/tty/drivers
|
|
|
|
pty_slave /dev/pts 136 0-255 pty:slave
|
|
|
|
pty_master /dev/ptm 128 0-255 pty:master
|
|
|
|
pty_slave /dev/ttyp 3 0-255 pty:slave
|
|
|
|
pty_master /dev/pty 2 0-255 pty:master
|
|
|
|
serial /dev/cua 5 64-67 serial:callout
|
|
|
|
serial /dev/ttyS 4 64-67 serial
|
|
|
|
/dev/tty0 /dev/tty0 4 0 system:vtmaster
|
|
|
|
/dev/ptmx /dev/ptmx 5 2 system
|
|
|
|
/dev/console /dev/console 5 1 system:console
|
|
|
|
/dev/tty /dev/tty 5 0 system:/dev/tty
|
|
|
|
unknown /dev/tty 4 1-63 console
|
|
|
|
|
|
|
|
|
|
|
|
1.8 Miscellaneous kernel statistics in /proc/stat
|
|
|
|
-------------------------------------------------
|
|
|
|
|
|
|
|
Various pieces of information about kernel activity are available in the
|
|
|
|
/proc/stat file. All of the numbers reported in this file are aggregates
|
|
|
|
since the system first booted. For a quick look, simply cat the file:
|
|
|
|
|
|
|
|
> cat /proc/stat
|
2015-03-30 21:49:26 +08:00
|
|
|
cpu 2255 34 2290 22625563 6290 127 456 0 0 0
|
|
|
|
cpu0 1132 34 1441 11311718 3675 127 438 0 0 0
|
|
|
|
cpu1 1123 0 849 11313845 2614 0 18 0 0 0
|
2005-04-17 06:20:36 +08:00
|
|
|
intr 114930548 113199788 3 0 5 263 0 4 [... lots more numbers ...]
|
|
|
|
ctxt 1990473
|
|
|
|
btime 1062191376
|
|
|
|
processes 2915
|
|
|
|
procs_running 1
|
|
|
|
procs_blocked 0
|
2009-06-18 07:25:55 +08:00
|
|
|
softirq 183433 0 21755 12 39 1137 231 21459 2263
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
The very first "cpu" line aggregates the numbers in all of the other "cpuN"
|
|
|
|
lines. These numbers identify the amount of time the CPU has spent performing
|
|
|
|
different kinds of work. Time units are in USER_HZ (typically hundredths of a
|
|
|
|
second). The meanings of the columns are as follows, from left to right:
|
|
|
|
|
|
|
|
- user: normal processes executing in user mode
|
|
|
|
- nice: niced processes executing in user mode
|
|
|
|
- system: processes executing in kernel mode
|
|
|
|
- idle: twiddling thumbs
|
2016-10-26 10:41:28 +08:00
|
|
|
- iowait: In a word, iowait stands for waiting for I/O to complete. But there
|
|
|
|
are several problems:
|
|
|
|
1. Cpu will not wait for I/O to complete, iowait is the time that a task is
|
|
|
|
waiting for I/O to complete. When cpu goes into idle state for
|
|
|
|
outstanding task io, another task will be scheduled on this CPU.
|
|
|
|
2. In a multi-core CPU, the task waiting for I/O to complete is not running
|
|
|
|
on any CPU, so the iowait of each CPU is difficult to calculate.
|
|
|
|
3. The value of iowait field in /proc/stat will decrease in certain
|
|
|
|
conditions.
|
|
|
|
So, the iowait is not reliable by reading from /proc/stat.
|
2005-04-17 06:20:36 +08:00
|
|
|
- irq: servicing interrupts
|
|
|
|
- softirq: servicing softirqs
|
2007-10-20 09:03:38 +08:00
|
|
|
- steal: involuntary wait
|
2009-10-24 00:20:10 +08:00
|
|
|
- guest: running a normal guest
|
|
|
|
- guest_nice: running a niced guest
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
The "intr" line gives counts of interrupts serviced since boot time, for each
|
|
|
|
of the possible system interrupts. The first column is the total of all
|
2014-05-16 04:55:34 +08:00
|
|
|
interrupts serviced including unnumbered architecture specific interrupts;
|
|
|
|
each subsequent column is the total for that particular numbered interrupt.
|
|
|
|
Unnumbered interrupts are not shown, only summed into the total.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
The "ctxt" line gives the total number of context switches across all CPUs.
|
|
|
|
|
|
|
|
The "btime" line gives the time at which the system booted, in seconds since
|
|
|
|
the Unix epoch.
|
|
|
|
|
|
|
|
The "processes" line gives the number of processes and threads created, which
|
|
|
|
includes (but is not limited to) those created by calls to the fork() and
|
|
|
|
clone() system calls.
|
|
|
|
|
2009-12-07 10:30:44 +08:00
|
|
|
The "procs_running" line gives the total number of threads that are
|
|
|
|
running or ready to run (i.e., the total number of runnable threads).
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
The "procs_blocked" line gives the number of processes currently blocked,
|
|
|
|
waiting for I/O to complete.
|
|
|
|
|
2009-06-18 07:25:55 +08:00
|
|
|
The "softirq" line gives counts of softirqs serviced since boot time, for each
|
|
|
|
of the possible system softirqs. The first column is the total of all
|
|
|
|
softirqs serviced; each subsequent column is the total for that particular
|
|
|
|
softirq.
|
|
|
|
|
2008-10-10 11:21:54 +08:00
|
|
|
|
2008-01-29 13:19:52 +08:00
|
|
|
1.9 Ext4 file system parameters
|
2014-11-24 15:54:17 +08:00
|
|
|
-------------------------------
|
2008-10-10 11:21:54 +08:00
|
|
|
|
|
|
|
Information about mounted ext4 file systems can be found in
|
|
|
|
/proc/fs/ext4. Each mounted filesystem will have a directory in
|
|
|
|
/proc/fs/ext4 based on its device name (i.e., /proc/fs/ext4/hdc or
|
|
|
|
/proc/fs/ext4/dm-0). The files in each per-device directory are shown
|
2009-06-18 07:26:01 +08:00
|
|
|
in Table 1-12, below.
|
2008-10-10 11:21:54 +08:00
|
|
|
|
2009-06-18 07:26:01 +08:00
|
|
|
Table 1-12: Files in /proc/fs/ext4/<devname>
|
2008-10-10 11:21:54 +08:00
|
|
|
..............................................................................
|
|
|
|
File Content
|
|
|
|
mb_groups details of multiblock allocator buddy cache of free blocks
|
|
|
|
..............................................................................
|
|
|
|
|
2010-11-04 23:20:24 +08:00
|
|
|
2.0 /proc/consoles
|
|
|
|
------------------
|
|
|
|
Shows registered system console lines.
|
|
|
|
|
|
|
|
To see which character device lines are currently used for the system console
|
|
|
|
/dev/console, you may simply look into the file /proc/consoles:
|
|
|
|
|
|
|
|
> cat /proc/consoles
|
|
|
|
tty0 -WU (ECp) 4:7
|
|
|
|
ttyS0 -W- (Ep) 4:64
|
|
|
|
|
|
|
|
The columns are:
|
|
|
|
|
|
|
|
device name of the device
|
|
|
|
operations R = can do read operations
|
|
|
|
W = can do write operations
|
|
|
|
U = can do unblank
|
|
|
|
flags E = it is enabled
|
2011-03-31 09:57:33 +08:00
|
|
|
C = it is preferred console
|
2010-11-04 23:20:24 +08:00
|
|
|
B = it is primary boot console
|
|
|
|
p = it is used for printk buffer
|
|
|
|
b = it is not a TTY but a Braille device
|
|
|
|
a = it is safe to use when cpu is offline
|
|
|
|
major:minor major and minor number of the device separated by a colon
|
2005-04-17 06:20:36 +08:00
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Summary
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
The /proc file system serves information about the running system. It not only
|
|
|
|
allows access to process data but also allows you to request the kernel status
|
|
|
|
by reading files in the hierarchy.
|
|
|
|
|
|
|
|
The directory structure of /proc reflects the types of information and makes
|
|
|
|
it easy, if not obvious, where to look for specific data.
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
CHAPTER 2: MODIFYING SYSTEM PARAMETERS
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
In This Chapter
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
* Modifying kernel parameters by writing into files found in /proc/sys
|
|
|
|
* Exploring the files which modify certain parameters
|
|
|
|
* Review of the /proc/sys file tree
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
A very interesting part of /proc is the directory /proc/sys. This is not only
|
|
|
|
a source of information, it also allows you to change parameters within the
|
|
|
|
kernel. Be very careful when attempting this. You can optimize your system,
|
|
|
|
but you can also cause it to crash. Never alter kernel parameters on a
|
|
|
|
production system. Set up a development machine and test to make sure that
|
|
|
|
everything works the way you want it to. You may have no alternative but to
|
|
|
|
reboot the machine once an error has been made.
|
|
|
|
|
|
|
|
To change a value, simply echo the new value into the file. An example is
|
|
|
|
given below in the section on the file system data. You need to be root to do
|
|
|
|
this. You can create your own boot script to perform this every time your
|
|
|
|
system boots.
|
|
|
|
|
|
|
|
The files in /proc/sys can be used to fine tune and monitor miscellaneous and
|
|
|
|
general things in the operation of the Linux kernel. Since some of the files
|
|
|
|
can inadvertently disrupt your system, it is advisable to read both
|
|
|
|
documentation and source before actually making adjustments. In any case, be
|
|
|
|
very careful when writing to any of these files. The entries in /proc may
|
|
|
|
change slightly between the 2.1.* and the 2.2 kernel, so if there is any doubt
|
|
|
|
review the kernel documentation in the directory /usr/src/linux/Documentation.
|
|
|
|
This chapter is heavily based on the documentation included in the pre 2.2
|
|
|
|
kernels, and became part of it in version 2.2.1 of the Linux kernel.
|
|
|
|
|
2011-08-15 08:02:26 +08:00
|
|
|
Please see: Documentation/sysctl/ directory for descriptions of these
|
2009-01-16 05:50:42 +08:00
|
|
|
entries.
|
2006-01-08 17:00:39 +08:00
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Summary
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Certain aspects of kernel behavior can be modified at runtime, without the
|
|
|
|
need to recompile the kernel, or even to reboot the system. The files in the
|
|
|
|
/proc/sys tree can not only be read, but also modified. You can use the echo
|
|
|
|
command to write value into these files, thereby changing the default settings
|
|
|
|
of the kernel.
|
|
|
|
------------------------------------------------------------------------------
|
2006-01-08 17:00:39 +08:00
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
------------------------------------------------------------------------------
|
|
|
|
CHAPTER 3: PER-PROCESS PARAMETERS
|
|
|
|
------------------------------------------------------------------------------
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2012-11-13 09:53:04 +08:00
|
|
|
3.1 /proc/<pid>/oom_adj & /proc/<pid>/oom_score_adj- Adjust the oom-killer score
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
--------------------------------------------------------------------------------
|
|
|
|
|
2012-11-13 09:53:04 +08:00
|
|
|
These file can be used to adjust the badness heuristic used to select which
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
process gets killed in out of memory conditions.
|
|
|
|
|
|
|
|
The badness heuristic assigns a value to each candidate task ranging from 0
|
|
|
|
(never kill) to 1000 (always kill) to determine which process is targeted. The
|
|
|
|
units are roughly a proportion along that range of allowed memory the process
|
|
|
|
may allocate from based on an estimation of its current memory and swap use.
|
|
|
|
For example, if a task is using all allowed memory, its badness score will be
|
|
|
|
1000. If it is using half of its allowed memory, its score will be 500.
|
|
|
|
|
mm, oom: base root bonus on current usage
A 3% of system memory bonus is sometimes too excessive in comparison to
other processes.
With commit a63d83f427fb ("oom: badness heuristic rewrite"), the OOM
killer tries to avoid killing privileged tasks by subtracting 3% of
overall memory (system or cgroup) from their per-task consumption. But
as a result, all root tasks that consume less than 3% of overall memory
are considered equal, and so it only takes 33+ privileged tasks pushing
the system out of memory for the OOM killer to do something stupid and
kill dhclient or other root-owned processes. For example, on a 32G
machine it can't tell the difference between the 1M agetty and the 10G
fork bomb member.
The changelog describes this 3% boost as the equivalent to the global
overcommit limit being 3% higher for privileged tasks, but this is not
the same as discounting 3% of overall memory from _every privileged task
individually_ during OOM selection.
Replace the 3% of system memory bonus with a 3% of current memory usage
bonus.
By giving root tasks a bonus that is proportional to their actual size,
they remain comparable even when relatively small. In the example
above, the OOM killer will discount the 1M agetty's 256 badness points
down to 179, and the 10G fork bomb's 262144 points down to 183500 points
and make the right choice, instead of discounting both to 0 and killing
agetty because it's first in the task list.
Signed-off-by: David Rientjes <rientjes@google.com>
Reported-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-01-31 07:46:11 +08:00
|
|
|
There is an additional factor included in the badness score: the current memory
|
|
|
|
and swap usage is discounted by 3% for root processes.
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
|
|
|
|
The amount of "allowed" memory depends on the context in which the oom killer
|
|
|
|
was called. If it is due to the memory assigned to the allocating task's cpuset
|
|
|
|
being exhausted, the allowed memory represents the set of mems assigned to that
|
|
|
|
cpuset. If it is due to a mempolicy's node(s) being exhausted, the allowed
|
|
|
|
memory represents the set of mempolicy nodes. If it is due to a memory
|
|
|
|
limit (or swap limit) being reached, the allowed memory is that configured
|
|
|
|
limit. Finally, if it is due to the entire system being out of memory, the
|
|
|
|
allowed memory represents all allocatable resources.
|
|
|
|
|
|
|
|
The value of /proc/<pid>/oom_score_adj is added to the badness score before it
|
|
|
|
is used to determine which task to kill. Acceptable values range from -1000
|
|
|
|
(OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX). This allows userspace to
|
|
|
|
polarize the preference for oom killing either by always preferring a certain
|
|
|
|
task or completely disabling it. The lowest possible value, -1000, is
|
|
|
|
equivalent to disabling oom killing entirely for that task since it will always
|
|
|
|
report a badness score of 0.
|
|
|
|
|
|
|
|
Consequently, it is very simple for userspace to define the amount of memory to
|
|
|
|
consider for each task. Setting a /proc/<pid>/oom_score_adj value of +500, for
|
|
|
|
example, is roughly equivalent to allowing the remainder of tasks sharing the
|
|
|
|
same system, cpuset, mempolicy, or memory controller resources to use at least
|
|
|
|
50% more memory. A value of -500, on the other hand, would be roughly
|
|
|
|
equivalent to discounting 50% of the task's allowed memory from being considered
|
|
|
|
as scoring against the task.
|
|
|
|
|
2012-11-13 09:53:04 +08:00
|
|
|
For backwards compatibility with previous kernels, /proc/<pid>/oom_adj may also
|
|
|
|
be used to tune the badness score. Its acceptable values range from -16
|
|
|
|
(OOM_ADJUST_MIN) to +15 (OOM_ADJUST_MAX) and a special value of -17
|
|
|
|
(OOM_DISABLE) to disable oom killing entirely for that task. Its value is
|
|
|
|
scaled linearly with /proc/<pid>/oom_score_adj.
|
|
|
|
|
2011-01-14 07:46:05 +08:00
|
|
|
The value of /proc/<pid>/oom_score_adj may be reduced no lower than the last
|
|
|
|
value set by a CAP_SYS_RESOURCE process. To reduce the value any lower
|
|
|
|
requires CAP_SYS_RESOURCE.
|
|
|
|
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
Caveat: when a parent task is selected, the oom killer will sacrifice any first
|
2011-03-31 09:57:33 +08:00
|
|
|
generation children with separate address spaces instead, if possible. This
|
oom: badness heuristic rewrite
This a complete rewrite of the oom killer's badness() heuristic which is
used to determine which task to kill in oom conditions. The goal is to
make it as simple and predictable as possible so the results are better
understood and we end up killing the task which will lead to the most
memory freeing while still respecting the fine-tuning from userspace.
Instead of basing the heuristic on mm->total_vm for each task, the task's
rss and swap space is used instead. This is a better indication of the
amount of memory that will be freeable if the oom killed task is chosen
and subsequently exits. This helps specifically in cases where KDE or
GNOME is chosen for oom kill on desktop systems instead of a memory
hogging task.
The baseline for the heuristic is a proportion of memory that each task is
currently using in memory plus swap compared to the amount of "allowable"
memory. "Allowable," in this sense, means the system-wide resources for
unconstrained oom conditions, the set of mempolicy nodes, the mems
attached to current's cpuset, or a memory controller's limit. The
proportion is given on a scale of 0 (never kill) to 1000 (always kill),
roughly meaning that if a task has a badness() score of 500 that the task
consumes approximately 50% of allowable memory resident in RAM or in swap
space.
The proportion is always relative to the amount of "allowable" memory and
not the total amount of RAM systemwide so that mempolicies and cpusets may
operate in isolation; they shall not need to know the true size of the
machine on which they are running if they are bound to a specific set of
nodes or mems, respectively.
Root tasks are given 3% extra memory just like __vm_enough_memory()
provides in LSMs. In the event of two tasks consuming similar amounts of
memory, it is generally better to save root's task.
Because of the change in the badness() heuristic's baseline, it is also
necessary to introduce a new user interface to tune it. It's not possible
to redefine the meaning of /proc/pid/oom_adj with a new scale since the
ABI cannot be changed for backward compatability. Instead, a new tunable,
/proc/pid/oom_score_adj, is added that ranges from -1000 to +1000. It may
be used to polarize the heuristic such that certain tasks are never
considered for oom kill while others may always be considered. The value
is added directly into the badness() score so a value of -500, for
example, means to discount 50% of its memory consumption in comparison to
other tasks either on the system, bound to the mempolicy, in the cpuset,
or sharing the same memory controller.
/proc/pid/oom_adj is changed so that its meaning is rescaled into the
units used by /proc/pid/oom_score_adj, and vice versa. Changing one of
these per-task tunables will rescale the value of the other to an
equivalent meaning. Although /proc/pid/oom_adj was originally defined as
a bitshift on the badness score, it now shares the same linear growth as
/proc/pid/oom_score_adj but with different granularity. This is required
so the ABI is not broken with userspace applications and allows oom_adj to
be deprecated for future removal.
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-08-10 08:19:46 +08:00
|
|
|
avoids servers and important system daemons from being killed and loses the
|
|
|
|
minimal amount of work.
|
|
|
|
|
2009-01-30 06:25:09 +08:00
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
3.2 /proc/<pid>/oom_score - Display current oom-killer score
|
2006-09-29 16:59:45 +08:00
|
|
|
-------------------------------------------------------------
|
|
|
|
|
|
|
|
This file can be used to check the current score used by the oom-killer is for
|
2012-11-13 09:53:04 +08:00
|
|
|
any given <pid>. Use it together with /proc/<pid>/oom_score_adj to tune which
|
|
|
|
process should be killed in an out-of-memory situation.
|
|
|
|
|
2007-03-05 16:30:54 +08:00
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
3.3 /proc/<pid>/io - Display the IO accounting fields
|
2007-03-05 16:30:54 +08:00
|
|
|
-------------------------------------------------------
|
|
|
|
|
|
|
|
This file contains IO statistics for each running process
|
|
|
|
|
|
|
|
Example
|
|
|
|
-------
|
|
|
|
|
|
|
|
test:/tmp # dd if=/dev/zero of=/tmp/test.dat &
|
|
|
|
[1] 3828
|
|
|
|
|
|
|
|
test:/tmp # cat /proc/3828/io
|
|
|
|
rchar: 323934931
|
|
|
|
wchar: 323929600
|
|
|
|
syscr: 632687
|
|
|
|
syscw: 632675
|
|
|
|
read_bytes: 0
|
|
|
|
write_bytes: 323932160
|
|
|
|
cancelled_write_bytes: 0
|
|
|
|
|
|
|
|
|
|
|
|
Description
|
|
|
|
-----------
|
|
|
|
|
|
|
|
rchar
|
|
|
|
-----
|
|
|
|
|
|
|
|
I/O counter: chars read
|
|
|
|
The number of bytes which this task has caused to be read from storage. This
|
|
|
|
is simply the sum of bytes which this process passed to read() and pread().
|
|
|
|
It includes things like tty IO and it is unaffected by whether or not actual
|
|
|
|
physical disk IO was required (the read might have been satisfied from
|
|
|
|
pagecache)
|
|
|
|
|
|
|
|
|
|
|
|
wchar
|
|
|
|
-----
|
|
|
|
|
|
|
|
I/O counter: chars written
|
|
|
|
The number of bytes which this task has caused, or shall cause to be written
|
|
|
|
to disk. Similar caveats apply here as with rchar.
|
|
|
|
|
|
|
|
|
|
|
|
syscr
|
|
|
|
-----
|
|
|
|
|
|
|
|
I/O counter: read syscalls
|
|
|
|
Attempt to count the number of read I/O operations, i.e. syscalls like read()
|
|
|
|
and pread().
|
|
|
|
|
|
|
|
|
|
|
|
syscw
|
|
|
|
-----
|
|
|
|
|
|
|
|
I/O counter: write syscalls
|
|
|
|
Attempt to count the number of write I/O operations, i.e. syscalls like
|
|
|
|
write() and pwrite().
|
|
|
|
|
|
|
|
|
|
|
|
read_bytes
|
|
|
|
----------
|
|
|
|
|
|
|
|
I/O counter: bytes read
|
|
|
|
Attempt to count the number of bytes which this process really did cause to
|
|
|
|
be fetched from the storage layer. Done at the submit_bio() level, so it is
|
|
|
|
accurate for block-backed filesystems. <please add status regarding NFS and
|
|
|
|
CIFS at a later time>
|
|
|
|
|
|
|
|
|
|
|
|
write_bytes
|
|
|
|
-----------
|
|
|
|
|
|
|
|
I/O counter: bytes written
|
|
|
|
Attempt to count the number of bytes which this process caused to be sent to
|
|
|
|
the storage layer. This is done at page-dirtying time.
|
|
|
|
|
|
|
|
|
|
|
|
cancelled_write_bytes
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
The big inaccuracy here is truncate. If a process writes 1MB to a file and
|
|
|
|
then deletes the file, it will in fact perform no writeout. But it will have
|
|
|
|
been accounted as having caused 1MB of write.
|
|
|
|
In other words: The number of bytes which this process caused to not happen,
|
|
|
|
by truncating pagecache. A task can cause "negative" IO too. If this task
|
|
|
|
truncates some dirty pagecache, some IO which another task has been accounted
|
2010-04-23 06:08:02 +08:00
|
|
|
for (in its write_bytes) will not be happening. We _could_ just subtract that
|
2007-03-05 16:30:54 +08:00
|
|
|
from the truncating task's write_bytes, but there is information loss in doing
|
|
|
|
that.
|
|
|
|
|
|
|
|
|
|
|
|
Note
|
|
|
|
----
|
|
|
|
|
|
|
|
At its current implementation state, this is a bit racy on 32-bit machines: if
|
|
|
|
process A reads process B's /proc/pid/io while process B is updating one of
|
|
|
|
those 64-bit counters, process A could see an intermediate result.
|
|
|
|
|
|
|
|
|
|
|
|
More information about this can be found within the taskstats documentation in
|
|
|
|
Documentation/accounting.
|
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
3.4 /proc/<pid>/coredump_filter - Core dump filtering settings
|
2007-07-19 16:48:31 +08:00
|
|
|
---------------------------------------------------------------
|
|
|
|
When a process is dumped, all anonymous memory is written to a core file as
|
|
|
|
long as the size of the core file isn't limited. But sometimes we don't want
|
2015-10-06 06:33:36 +08:00
|
|
|
to dump some memory segments, for example, huge shared memory or DAX.
|
|
|
|
Conversely, sometimes we want to save file-backed memory segments into a core
|
|
|
|
file, not only the individual files.
|
2007-07-19 16:48:31 +08:00
|
|
|
|
|
|
|
/proc/<pid>/coredump_filter allows you to customize which memory segments
|
|
|
|
will be dumped when the <pid> process is dumped. coredump_filter is a bitmask
|
|
|
|
of memory types. If a bit of the bitmask is set, memory segments of the
|
|
|
|
corresponding memory type are dumped, otherwise they are not dumped.
|
|
|
|
|
2015-10-06 06:33:36 +08:00
|
|
|
The following 9 memory types are supported:
|
2007-07-19 16:48:31 +08:00
|
|
|
- (bit 0) anonymous private memory
|
|
|
|
- (bit 1) anonymous shared memory
|
|
|
|
- (bit 2) file-backed private memory
|
|
|
|
- (bit 3) file-backed shared memory
|
2008-09-13 17:33:10 +08:00
|
|
|
- (bit 4) ELF header pages in file-backed private memory areas (it is
|
|
|
|
effective only if the bit 2 is cleared)
|
coredump_filter: add hugepage dumping
Presently hugepage's vma has a VM_RESERVED flag in order not to be
swapped. But a VM_RESERVED vma isn't core dumped because this flag is
often used for some kernel vmas (e.g. vmalloc, sound related).
Thus hugepages are never dumped and it can't be debugged easily. Many
developers want hugepages to be included into core-dump.
However, We can't read generic VM_RESERVED area because this area is often
IO mapping area. then these area reading may change device state. it is
definitly undesiable side-effect.
So adding a hugepage specific bit to the coredump filter is better. It
will be able to hugepage core dumping and doesn't cause any side-effect to
any i/o devices.
In additional, libhugetlb use hugetlb private mapping pages as anonymous
page. Then, hugepage private mapping pages should be core dumped by
default.
Then, /proc/[pid]/core_dump_filter has two new bits.
- bit 5 mean hugetlb private mapping pages are dumped or not. (default: yes)
- bit 6 mean hugetlb shared mapping pages are dumped or not. (default: no)
I tested by following method.
% ulimit -c unlimited
% ./crash_hugepage 50
% ./crash_hugepage 50 -p
% ls -lh
% gdb ./crash_hugepage core
%
% echo 0x43 > /proc/self/coredump_filter
% ./crash_hugepage 50
% ./crash_hugepage 50 -p
% ls -lh
% gdb ./crash_hugepage core
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/mman.h>
#include <string.h>
#include "hugetlbfs.h"
int main(int argc, char** argv){
char* p;
int ch;
int mmap_flags = MAP_SHARED;
int fd;
int nr_pages;
while((ch = getopt(argc, argv, "p")) != -1) {
switch (ch) {
case 'p':
mmap_flags &= ~MAP_SHARED;
mmap_flags |= MAP_PRIVATE;
break;
default:
/* nothing*/
break;
}
}
argc -= optind;
argv += optind;
if (argc == 0){
printf("need # of pages\n");
exit(1);
}
nr_pages = atoi(argv[0]);
if (nr_pages < 2) {
printf("nr_pages must >2\n");
exit(1);
}
fd = hugetlbfs_unlinked_fd();
p = mmap(NULL, nr_pages * gethugepagesize(),
PROT_READ|PROT_WRITE, mmap_flags, fd, 0);
sleep(2);
*(p + gethugepagesize()) = 1; /* COW */
sleep(2);
/* crash! */
*(int*)0 = 1;
return 0;
}
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Reviewed-by: Kawai Hidehiro <hidehiro.kawai.ez@hitachi.com>
Cc: Hugh Dickins <hugh@veritas.com>
Cc: William Irwin <wli@holomorphy.com>
Cc: Adam Litke <agl@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-19 11:27:08 +08:00
|
|
|
- (bit 5) hugetlb private memory
|
|
|
|
- (bit 6) hugetlb shared memory
|
2015-10-06 06:33:36 +08:00
|
|
|
- (bit 7) DAX private memory
|
|
|
|
- (bit 8) DAX shared memory
|
2007-07-19 16:48:31 +08:00
|
|
|
|
|
|
|
Note that MMIO pages such as frame buffer are never dumped and vDSO pages
|
|
|
|
are always dumped regardless of the bitmask status.
|
|
|
|
|
2015-10-06 06:33:36 +08:00
|
|
|
Note that bits 0-4 don't affect hugetlb or DAX memory. hugetlb memory is
|
|
|
|
only affected by bit 5-6, and DAX is only affected by bits 7-8.
|
coredump_filter: add hugepage dumping
Presently hugepage's vma has a VM_RESERVED flag in order not to be
swapped. But a VM_RESERVED vma isn't core dumped because this flag is
often used for some kernel vmas (e.g. vmalloc, sound related).
Thus hugepages are never dumped and it can't be debugged easily. Many
developers want hugepages to be included into core-dump.
However, We can't read generic VM_RESERVED area because this area is often
IO mapping area. then these area reading may change device state. it is
definitly undesiable side-effect.
So adding a hugepage specific bit to the coredump filter is better. It
will be able to hugepage core dumping and doesn't cause any side-effect to
any i/o devices.
In additional, libhugetlb use hugetlb private mapping pages as anonymous
page. Then, hugepage private mapping pages should be core dumped by
default.
Then, /proc/[pid]/core_dump_filter has two new bits.
- bit 5 mean hugetlb private mapping pages are dumped or not. (default: yes)
- bit 6 mean hugetlb shared mapping pages are dumped or not. (default: no)
I tested by following method.
% ulimit -c unlimited
% ./crash_hugepage 50
% ./crash_hugepage 50 -p
% ls -lh
% gdb ./crash_hugepage core
%
% echo 0x43 > /proc/self/coredump_filter
% ./crash_hugepage 50
% ./crash_hugepage 50 -p
% ls -lh
% gdb ./crash_hugepage core
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/mman.h>
#include <string.h>
#include "hugetlbfs.h"
int main(int argc, char** argv){
char* p;
int ch;
int mmap_flags = MAP_SHARED;
int fd;
int nr_pages;
while((ch = getopt(argc, argv, "p")) != -1) {
switch (ch) {
case 'p':
mmap_flags &= ~MAP_SHARED;
mmap_flags |= MAP_PRIVATE;
break;
default:
/* nothing*/
break;
}
}
argc -= optind;
argv += optind;
if (argc == 0){
printf("need # of pages\n");
exit(1);
}
nr_pages = atoi(argv[0]);
if (nr_pages < 2) {
printf("nr_pages must >2\n");
exit(1);
}
fd = hugetlbfs_unlinked_fd();
p = mmap(NULL, nr_pages * gethugepagesize(),
PROT_READ|PROT_WRITE, mmap_flags, fd, 0);
sleep(2);
*(p + gethugepagesize()) = 1; /* COW */
sleep(2);
/* crash! */
*(int*)0 = 1;
return 0;
}
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Reviewed-by: Kawai Hidehiro <hidehiro.kawai.ez@hitachi.com>
Cc: Hugh Dickins <hugh@veritas.com>
Cc: William Irwin <wli@holomorphy.com>
Cc: Adam Litke <agl@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-10-19 11:27:08 +08:00
|
|
|
|
2015-10-06 06:33:36 +08:00
|
|
|
The default value of coredump_filter is 0x33; this means all anonymous memory
|
|
|
|
segments, ELF header pages and hugetlb private memory are dumped.
|
2007-07-19 16:48:31 +08:00
|
|
|
|
|
|
|
If you don't want to dump all shared memory segments attached to pid 1234,
|
2015-10-06 06:33:36 +08:00
|
|
|
write 0x31 to the process's proc file.
|
2007-07-19 16:48:31 +08:00
|
|
|
|
2015-10-06 06:33:36 +08:00
|
|
|
$ echo 0x31 > /proc/1234/coredump_filter
|
2007-07-19 16:48:31 +08:00
|
|
|
|
|
|
|
When a new process is created, the process inherits the bitmask status from its
|
|
|
|
parent. It is useful to set up coredump_filter before the program runs.
|
|
|
|
For example:
|
|
|
|
|
|
|
|
$ echo 0x7 > /proc/self/coredump_filter
|
|
|
|
$ ./some_program
|
|
|
|
|
2009-04-03 07:57:20 +08:00
|
|
|
3.5 /proc/<pid>/mountinfo - Information about mounts
|
2008-03-27 20:06:25 +08:00
|
|
|
--------------------------------------------------------
|
|
|
|
|
|
|
|
This file contains lines of the form:
|
|
|
|
|
|
|
|
36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
|
|
|
|
(1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11)
|
|
|
|
|
|
|
|
(1) mount ID: unique identifier of the mount (may be reused after umount)
|
|
|
|
(2) parent ID: ID of parent (or of self for the top of the mount tree)
|
|
|
|
(3) major:minor: value of st_dev for files on filesystem
|
|
|
|
(4) root: root of the mount within the filesystem
|
|
|
|
(5) mount point: mount point relative to the process's root
|
|
|
|
(6) mount options: per mount options
|
|
|
|
(7) optional fields: zero or more fields of the form "tag[:value]"
|
|
|
|
(8) separator: marks the end of the optional fields
|
|
|
|
(9) filesystem type: name of filesystem of the form "type[.subtype]"
|
|
|
|
(10) mount source: filesystem specific information or "none"
|
|
|
|
(11) super options: per super block options
|
|
|
|
|
|
|
|
Parsers should ignore all unrecognised optional fields. Currently the
|
|
|
|
possible optional fields are:
|
|
|
|
|
|
|
|
shared:X mount is shared in peer group X
|
|
|
|
master:X mount is slave to peer group X
|
2008-03-27 20:06:26 +08:00
|
|
|
propagate_from:X mount is slave and receives propagation from peer group X (*)
|
2008-03-27 20:06:25 +08:00
|
|
|
unbindable mount is unbindable
|
|
|
|
|
2008-03-27 20:06:26 +08:00
|
|
|
(*) X is the closest dominant peer group under the process's root. If
|
|
|
|
X is the immediate master of the mount, or if there's no dominant peer
|
|
|
|
group under the same root, then only the "master:X" field is present
|
|
|
|
and not the "propagate_from:X" field.
|
|
|
|
|
2008-03-27 20:06:25 +08:00
|
|
|
For more information on mount propagation see:
|
|
|
|
|
|
|
|
Documentation/filesystems/sharedsubtree.txt
|
|
|
|
|
2009-12-15 10:00:05 +08:00
|
|
|
|
|
|
|
3.6 /proc/<pid>/comm & /proc/<pid>/task/<tid>/comm
|
|
|
|
--------------------------------------------------------
|
|
|
|
These files provide a method to access a tasks comm value. It also allows for
|
|
|
|
a task to set its own or one of its thread siblings comm value. The comm value
|
|
|
|
is limited in size compared to the cmdline value, so writing anything longer
|
|
|
|
then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated
|
|
|
|
comm value.
|
procfs: add hidepid= and gid= mount options
Add support for mount options to restrict access to /proc/PID/
directories. The default backward-compatible "relaxed" behaviour is left
untouched.
The first mount option is called "hidepid" and its value defines how much
info about processes we want to be available for non-owners:
hidepid=0 (default) means the old behavior - anybody may read all
world-readable /proc/PID/* files.
hidepid=1 means users may not access any /proc/<pid>/ directories, but
their own. Sensitive files like cmdline, sched*, status are now protected
against other users. As permission checking done in proc_pid_permission()
and files' permissions are left untouched, programs expecting specific
files' modes are not confused.
hidepid=2 means hidepid=1 plus all /proc/PID/ will be invisible to other
users. It doesn't mean that it hides whether a process exists (it can be
learned by other means, e.g. by kill -0 $PID), but it hides process' euid
and egid. It compicates intruder's task of gathering info about running
processes, whether some daemon runs with elevated privileges, whether
another user runs some sensitive program, whether other users run any
program at all, etc.
gid=XXX defines a group that will be able to gather all processes' info
(as in hidepid=0 mode). This group should be used instead of putting
nonroot user in sudoers file or something. However, untrusted users (like
daemons, etc.) which are not supposed to monitor the tasks in the whole
system should not be added to the group.
hidepid=1 or higher is designed to restrict access to procfs files, which
might reveal some sensitive private information like precise keystrokes
timings:
http://www.openwall.com/lists/oss-security/2011/11/05/3
hidepid=1/2 doesn't break monitoring userspace tools. ps, top, pgrep, and
conky gracefully handle EPERM/ENOENT and behave as if the current user is
the only user running processes. pstree shows the process subtree which
contains "pstree" process.
Note: the patch doesn't deal with setuid/setgid issues of keeping
preopened descriptors of procfs files (like
https://lkml.org/lkml/2011/2/7/368). We rely on that the leaked
information like the scheduling counters of setuid apps doesn't threaten
anybody's privacy - only the user started the setuid program may read the
counters.
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Randy Dunlap <rdunlap@xenotime.net>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Greg KH <greg@kroah.com>
Cc: Theodore Tso <tytso@MIT.EDU>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: James Morris <jmorris@namei.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-11 07:11:31 +08:00
|
|
|
|
|
|
|
|
2012-06-01 07:26:43 +08:00
|
|
|
3.7 /proc/<pid>/task/<tid>/children - Information about task children
|
|
|
|
-------------------------------------------------------------------------
|
|
|
|
This file provides a fast way to retrieve first level children pids
|
|
|
|
of a task pointed by <pid>/<tid> pair. The format is a space separated
|
|
|
|
stream of pids.
|
|
|
|
|
|
|
|
Note the "first level" here -- if a child has own children they will
|
|
|
|
not be listed here, one needs to read /proc/<children-pid>/task/<tid>/children
|
|
|
|
to obtain the descendants.
|
|
|
|
|
|
|
|
Since this interface is intended to be fast and cheap it doesn't
|
|
|
|
guarantee to provide precise results and some children might be
|
|
|
|
skipped, especially if they've exited right after we printed their
|
|
|
|
pids, so one need to either stop or freeze processes being inspected
|
|
|
|
if precise results are needed.
|
|
|
|
|
|
|
|
|
2014-04-08 06:38:34 +08:00
|
|
|
3.8 /proc/<pid>/fdinfo/<fd> - Information about opened file
|
2012-12-18 08:05:14 +08:00
|
|
|
---------------------------------------------------------------
|
|
|
|
This file provides information associated with an opened file. The regular
|
2014-04-08 06:38:34 +08:00
|
|
|
files have at least three fields -- 'pos', 'flags' and mnt_id. The 'pos'
|
|
|
|
represents the current offset of the opened file in decimal form [see lseek(2)
|
|
|
|
for details], 'flags' denotes the octal O_xxx mask the file has been
|
|
|
|
created with [see open(2) for details] and 'mnt_id' represents mount ID of
|
|
|
|
the file system containing the opened file [see 3.5 /proc/<pid>/mountinfo
|
|
|
|
for details].
|
2012-12-18 08:05:14 +08:00
|
|
|
|
|
|
|
A typical output is
|
|
|
|
|
|
|
|
pos: 0
|
|
|
|
flags: 0100002
|
2014-04-08 06:38:34 +08:00
|
|
|
mnt_id: 19
|
2012-12-18 08:05:14 +08:00
|
|
|
|
2015-04-17 03:49:38 +08:00
|
|
|
All locks associated with a file descriptor are shown in its fdinfo too.
|
|
|
|
|
|
|
|
lock: 1: FLOCK ADVISORY WRITE 359 00:13:11691 0 EOF
|
|
|
|
|
2012-12-18 08:05:14 +08:00
|
|
|
The files such as eventfd, fsnotify, signalfd, epoll among the regular pos/flags
|
|
|
|
pair provide additional information particular to the objects they represent.
|
|
|
|
|
|
|
|
Eventfd files
|
|
|
|
~~~~~~~~~~~~~
|
|
|
|
pos: 0
|
|
|
|
flags: 04002
|
2014-04-08 06:38:34 +08:00
|
|
|
mnt_id: 9
|
2012-12-18 08:05:14 +08:00
|
|
|
eventfd-count: 5a
|
|
|
|
|
|
|
|
where 'eventfd-count' is hex value of a counter.
|
|
|
|
|
|
|
|
Signalfd files
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
pos: 0
|
|
|
|
flags: 04002
|
2014-04-08 06:38:34 +08:00
|
|
|
mnt_id: 9
|
2012-12-18 08:05:14 +08:00
|
|
|
sigmask: 0000000000000200
|
|
|
|
|
|
|
|
where 'sigmask' is hex value of the signal mask associated
|
|
|
|
with a file.
|
|
|
|
|
|
|
|
Epoll files
|
|
|
|
~~~~~~~~~~~
|
|
|
|
pos: 0
|
|
|
|
flags: 02
|
2014-04-08 06:38:34 +08:00
|
|
|
mnt_id: 9
|
2012-12-18 08:05:14 +08:00
|
|
|
tfd: 5 events: 1d data: ffffffffffffffff
|
|
|
|
|
|
|
|
where 'tfd' is a target file descriptor number in decimal form,
|
|
|
|
'events' is events mask being watched and the 'data' is data
|
|
|
|
associated with a target [see epoll(7) for more details].
|
|
|
|
|
|
|
|
Fsnotify files
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
For inotify files the format is the following
|
|
|
|
|
|
|
|
pos: 0
|
|
|
|
flags: 02000000
|
|
|
|
inotify wd:3 ino:9e7e sdev:800013 mask:800afce ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:7e9e0000640d1b6d
|
|
|
|
|
|
|
|
where 'wd' is a watch descriptor in decimal form, ie a target file
|
|
|
|
descriptor number, 'ino' and 'sdev' are inode and device where the
|
|
|
|
target file resides and the 'mask' is the mask of events, all in hex
|
|
|
|
form [see inotify(7) for more details].
|
|
|
|
|
|
|
|
If the kernel was built with exportfs support, the path to the target
|
|
|
|
file is encoded as a file handle. The file handle is provided by three
|
|
|
|
fields 'fhandle-bytes', 'fhandle-type' and 'f_handle', all in hex
|
|
|
|
format.
|
|
|
|
|
|
|
|
If the kernel is built without exportfs support the file handle won't be
|
|
|
|
printed out.
|
|
|
|
|
2012-12-18 08:05:18 +08:00
|
|
|
If there is no inotify mark attached yet the 'inotify' line will be omitted.
|
2012-12-18 08:05:14 +08:00
|
|
|
|
2012-12-18 08:05:18 +08:00
|
|
|
For fanotify files the format is
|
2012-12-18 08:05:14 +08:00
|
|
|
|
|
|
|
pos: 0
|
|
|
|
flags: 02
|
2014-04-08 06:38:34 +08:00
|
|
|
mnt_id: 9
|
2012-12-18 08:05:18 +08:00
|
|
|
fanotify flags:10 event-flags:0
|
|
|
|
fanotify mnt_id:12 mflags:40 mask:38 ignored_mask:40000003
|
|
|
|
fanotify ino:4f969 sdev:800013 mflags:0 mask:3b ignored_mask:40000000 fhandle-bytes:8 fhandle-type:1 f_handle:69f90400c275b5b4
|
|
|
|
|
|
|
|
where fanotify 'flags' and 'event-flags' are values used in fanotify_init
|
|
|
|
call, 'mnt_id' is the mount point identifier, 'mflags' is the value of
|
|
|
|
flags associated with mark which are tracked separately from events
|
|
|
|
mask. 'ino', 'sdev' are target inode and device, 'mask' is the events
|
|
|
|
mask and 'ignored_mask' is the mask of events which are to be ignored.
|
|
|
|
All in hex format. Incorporation of 'mflags', 'mask' and 'ignored_mask'
|
|
|
|
does provide information about flags and mask used in fanotify_mark
|
|
|
|
call [see fsnotify manpage for details].
|
|
|
|
|
|
|
|
While the first three lines are mandatory and always printed, the rest is
|
|
|
|
optional and may be omitted if no marks created yet.
|
2012-12-18 08:05:14 +08:00
|
|
|
|
2014-07-16 05:54:53 +08:00
|
|
|
Timerfd files
|
|
|
|
~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
pos: 0
|
|
|
|
flags: 02
|
|
|
|
mnt_id: 9
|
|
|
|
clockid: 0
|
|
|
|
ticks: 0
|
|
|
|
settime flags: 01
|
|
|
|
it_value: (0, 49406829)
|
|
|
|
it_interval: (1, 0)
|
|
|
|
|
|
|
|
where 'clockid' is the clock type and 'ticks' is the number of the timer expirations
|
|
|
|
that have occurred [see timerfd_create(2) for details]. 'settime flags' are
|
|
|
|
flags in octal form been used to setup the timer [see timerfd_settime(2) for
|
|
|
|
details]. 'it_value' is remaining time until the timer exiration.
|
|
|
|
'it_interval' is the interval for the timer. Note the timer might be set up
|
|
|
|
with TIMER_ABSTIME option which will be shown in 'settime flags', but 'it_value'
|
|
|
|
still exhibits timer's remaining time.
|
2012-12-18 08:05:14 +08:00
|
|
|
|
2015-02-12 07:28:31 +08:00
|
|
|
3.9 /proc/<pid>/map_files - Information about memory mapped files
|
|
|
|
---------------------------------------------------------------------
|
|
|
|
This directory contains symbolic links which represent memory mapped files
|
|
|
|
the process is maintaining. Example output:
|
|
|
|
|
|
|
|
| lr-------- 1 root root 64 Jan 27 11:24 333c600000-333c620000 -> /usr/lib64/ld-2.18.so
|
|
|
|
| lr-------- 1 root root 64 Jan 27 11:24 333c81f000-333c820000 -> /usr/lib64/ld-2.18.so
|
|
|
|
| lr-------- 1 root root 64 Jan 27 11:24 333c820000-333c821000 -> /usr/lib64/ld-2.18.so
|
|
|
|
| ...
|
|
|
|
| lr-------- 1 root root 64 Jan 27 11:24 35d0421000-35d0422000 -> /usr/lib64/libselinux.so.1
|
|
|
|
| lr-------- 1 root root 64 Jan 27 11:24 400000-41a000 -> /usr/bin/ls
|
|
|
|
|
|
|
|
The name of a link represents the virtual memory bounds of a mapping, i.e.
|
|
|
|
vm_area_struct::vm_start-vm_area_struct::vm_end.
|
|
|
|
|
|
|
|
The main purpose of the map_files is to retrieve a set of memory mapped
|
|
|
|
files in a fast way instead of parsing /proc/<pid>/maps or
|
|
|
|
/proc/<pid>/smaps, both of which contain many more records. At the same
|
|
|
|
time one can open(2) mappings from the listings of two processes and
|
|
|
|
comparing their inode numbers to figure out which anonymous memory areas
|
|
|
|
are actually shared.
|
|
|
|
|
2016-03-18 05:20:54 +08:00
|
|
|
3.10 /proc/<pid>/timerslack_ns - Task timerslack value
|
|
|
|
---------------------------------------------------------
|
|
|
|
This file provides the value of the task's timerslack value in nanoseconds.
|
|
|
|
This value specifies a amount of time that normal timers may be deferred
|
|
|
|
in order to coalesce timers and avoid unnecessary wakeups.
|
|
|
|
|
|
|
|
This allows a task's interactivity vs power consumption trade off to be
|
|
|
|
adjusted.
|
|
|
|
|
|
|
|
Writing 0 to the file will set the tasks timerslack to the default value.
|
|
|
|
|
|
|
|
Valid values are from 0 - ULLONG_MAX
|
|
|
|
|
|
|
|
An application setting the value must have PTRACE_MODE_ATTACH_FSCREDS level
|
|
|
|
permissions on the task specified to change its timerslack_ns value.
|
|
|
|
|
|
|
|
|
procfs: add hidepid= and gid= mount options
Add support for mount options to restrict access to /proc/PID/
directories. The default backward-compatible "relaxed" behaviour is left
untouched.
The first mount option is called "hidepid" and its value defines how much
info about processes we want to be available for non-owners:
hidepid=0 (default) means the old behavior - anybody may read all
world-readable /proc/PID/* files.
hidepid=1 means users may not access any /proc/<pid>/ directories, but
their own. Sensitive files like cmdline, sched*, status are now protected
against other users. As permission checking done in proc_pid_permission()
and files' permissions are left untouched, programs expecting specific
files' modes are not confused.
hidepid=2 means hidepid=1 plus all /proc/PID/ will be invisible to other
users. It doesn't mean that it hides whether a process exists (it can be
learned by other means, e.g. by kill -0 $PID), but it hides process' euid
and egid. It compicates intruder's task of gathering info about running
processes, whether some daemon runs with elevated privileges, whether
another user runs some sensitive program, whether other users run any
program at all, etc.
gid=XXX defines a group that will be able to gather all processes' info
(as in hidepid=0 mode). This group should be used instead of putting
nonroot user in sudoers file or something. However, untrusted users (like
daemons, etc.) which are not supposed to monitor the tasks in the whole
system should not be added to the group.
hidepid=1 or higher is designed to restrict access to procfs files, which
might reveal some sensitive private information like precise keystrokes
timings:
http://www.openwall.com/lists/oss-security/2011/11/05/3
hidepid=1/2 doesn't break monitoring userspace tools. ps, top, pgrep, and
conky gracefully handle EPERM/ENOENT and behave as if the current user is
the only user running processes. pstree shows the process subtree which
contains "pstree" process.
Note: the patch doesn't deal with setuid/setgid issues of keeping
preopened descriptors of procfs files (like
https://lkml.org/lkml/2011/2/7/368). We rely on that the leaked
information like the scheduling counters of setuid apps doesn't threaten
anybody's privacy - only the user started the setuid program may read the
counters.
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Randy Dunlap <rdunlap@xenotime.net>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Greg KH <greg@kroah.com>
Cc: Theodore Tso <tytso@MIT.EDU>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: James Morris <jmorris@namei.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-11 07:11:31 +08:00
|
|
|
------------------------------------------------------------------------------
|
|
|
|
Configuring procfs
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
4.1 Mount options
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
The following mount options are supported:
|
|
|
|
|
|
|
|
hidepid= Set /proc/<pid>/ access mode.
|
|
|
|
gid= Set the group authorized to learn processes information.
|
|
|
|
|
|
|
|
hidepid=0 means classic mode - everybody may access all /proc/<pid>/ directories
|
|
|
|
(default).
|
|
|
|
|
|
|
|
hidepid=1 means users may not access any /proc/<pid>/ directories but their
|
|
|
|
own. Sensitive files like cmdline, sched*, status are now protected against
|
|
|
|
other users. This makes it impossible to learn whether any user runs
|
|
|
|
specific program (given the program doesn't reveal itself by its behaviour).
|
|
|
|
As an additional bonus, as /proc/<pid>/cmdline is unaccessible for other users,
|
|
|
|
poorly written programs passing sensitive information via program arguments are
|
|
|
|
now protected against local eavesdroppers.
|
|
|
|
|
|
|
|
hidepid=2 means hidepid=1 plus all /proc/<pid>/ will be fully invisible to other
|
|
|
|
users. It doesn't mean that it hides a fact whether a process with a specific
|
|
|
|
pid value exists (it can be learned by other means, e.g. by "kill -0 $PID"),
|
|
|
|
but it hides process' uid and gid, which may be learned by stat()'ing
|
|
|
|
/proc/<pid>/ otherwise. It greatly complicates an intruder's task of gathering
|
|
|
|
information about running processes, whether some daemon runs with elevated
|
|
|
|
privileges, whether other user runs some sensitive program, whether other users
|
|
|
|
run any program at all, etc.
|
|
|
|
|
|
|
|
gid= defines a group authorized to learn processes information otherwise
|
|
|
|
prohibited by hidepid=. If you use some daemon like identd which needs to learn
|
|
|
|
information about processes information, just add identd to this group.
|