PROC(5)                   (2020-12-21)                    PROC(5)

     NAME
          proc - process information pseudo-filesystem

     DESCRIPTION
          The proc filesystem is a pseudo-filesystem which provides an
          interface to kernel data structures.  It is commonly mounted
          at /proc. Typically, it is mounted automatically by the sys-
          tem, but it can also be mounted manually using a command
          such as:

              mount -t proc proc /proc

          Most of the files in the proc filesystem are read-only, but
          some files are writable, allowing kernel variables to be
          changed.

        Mount options
          The proc filesystem supports the following mount options:

          hidepid=n (since Linux 3.3)
               This option controls who can access the information in
               /proc/[pid] directories.  The argument, n, is one of
               the following values:

               0   Everybody may access all /proc/[pid] directories.
                   This is the traditional behavior, and the default
                   if this mount option is not specified.

               1   Users may not access files and subdirectories
                   inside any /proc/[pid] directories but their own
                   (the /proc/[pid] directories themselves remain vis-
                   ible).  Sensitive files such as /proc/[pid]/cmdline
                   and /proc/[pid]/status are now protected against
                   other users.  This makes it impossible to learn
                   whether any user is running a specific program (so
                   long as the program doesn't otherwise reveal itself
                   by its behavior).

               2   As for mode 1, but in addition the /proc/[pid]
                   directories belonging to other users become invisi-
                   ble.  This means that /proc/[pid] entries can no
                   longer be used to discover the PIDs on the system.
                   This doesn't hide the fact that a process with a
                   specific PID value exists (it can be learned by
                   other means, for example, by "kill -0 $PID"), but
                   it hides a process's UID and GID, which could oth-
                   erwise be learned by employing stat(2) on a
                   /proc/[pid] directory.  This greatly complicates an
                   attacker's task of gathering information about run-
                   ning processes (e.g., discovering whether some

     Page 1                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                   daemon is running with elevated privileges, whether
                   another user is running some sensitive program,
                   whether other users are running any program at all,
                   and so on).

          gid=gid (since Linux 3.3)
               Specifies the ID of a group whose members are autho-
               rized to learn process information otherwise prohibited
               by hidepid (i.e., users in this group behave as though
               /proc was mounted with hidepid=0). This group should be
               used instead of approaches such as putting nonroot
               users into the sudoers(5) file.

        Overview
          Underneath /proc, there are the following general groups of
          files and subdirectories:

               Each one of these subdirectories contains files and
               subdirectories exposing information about the process
               with the corresponding process ID.

               Underneath each of the /proc/[pid] directories, a task
               subdirectory contains subdirectories of the form
               task/[tid], which contain corresponding information
               about each of the threads in the process, where tid is
               the kernel thread ID of the thread.

               The /proc/[pid] subdirectories are visible when iterat-
               ing through /proc with getdents(2) (and thus are visi-
               ble when one uses ls(1) to view the contents of /proc).

               Each one of these subdirectories contains files and
               subdirectories exposing information about the thread
               with the corresponding thread ID.  The contents of
               these directories are the same as the corresponding
               /proc/[pid]/task/[tid] directories.

               The /proc/[tid] subdirectories are not visible when
               iterating through /proc with getdents(2) (and thus are
               not visible when one uses ls(1) to view the contents of
               /proc).

          /proc/self
               When a process accesses this magic symbolic link, it
               resolves to the process's own /proc/[pid] directory.

          /proc/thread-self
               When a thread accesses this magic symbolic link, it
               resolves to the process's own /proc/self/task/[tid]
               directory.

     Page 2                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/[a-z]*
               Various other files and subdirectories under /proc
               expose system-wide information.

          All of the above are described in more detail below.

        Files and directories
          The following list provides details of many of the files and
          directories under the /proc hierarchy.

          /proc/[pid]
               There is a numerical subdirectory for each running pro-
               cess; the subdirectory is named by the process ID.
               Each /proc/[pid] subdirectory contains the pseudo-files
               and directories described below.

               The files inside each /proc/[pid] directory are nor-
               mally owned by the effective user and effective group
               ID of the process.  However, as a security measure, the
               ownership is made root:root if the process's "dumpable"
               attribute is set to a value other than 1.

               Before Linux 4.11, root:root meant the "global" root
               user ID and group ID (i.e., UID 0 and GID 0 in the ini-
               tial user namespace).  Since Linux 4.11, if the process
               is in a noninitial user namespace that has a valid map-
               ping for user (group) ID 0 inside the namespace, then
               the user (group) ownership of the files under
               /proc/[pid] is instead made the same as the root user
               (group) ID of the namespace.  This means that inside a
               container, things work as expected for the container
               "root" user.

               The process's "dumpable" attribute may change for the
               following reasons:

               *  The attribute was explicitly set via the prctl(2)
                  PR_SET_DUMPABLE operation.

               *  The attribute was reset to the value in the file
                  /proc/sys/fs/suid_dumpable (described below), for
                  the reasons described in prctl(2).

               Resetting the "dumpable" attribute to 1 reverts the
               ownership of the /proc/[pid]/* files to the process's
               effective UID and GID.  Note, however, that if the
               effective UID or GID is subsequently modified, then the
               "dumpable" attribute may be reset, as described in
               prctl(2).  Therefore, it may be desirable to reset the
               "dumpable" attribute after making any desired changes
               to the process's effective UID or GID.

     Page 3                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/[pid]/attr
               The files in this directory provide an API for security
               modules.  The contents of this directory are files that
               can be read and written in order to set security-
               related attributes.  This directory was added to sup-
               port SELinux, but the intention was that the API be
               general enough to support other security modules.  For
               the purpose of explanation, examples of how SELinux
               uses these files are provided below.

               This directory is present only if the kernel was con-
               figured with CONFIG_SECURITY.

               The contents of this file represent the current secu-
               rity attributes of the process.

               In SELinux, this file is used to get the security con-
               text of a process.  Prior to Linux 2.6.11, this file
               could not be used to set the security context (a write
               was always denied), since SELinux limited process secu-
               rity transitions to execve(2) (see the description of
               /proc/[pid]/attr/exec, below).  Since Linux 2.6.11,
               SELinux lifted this restriction and began supporting
               "set" operations via writes to this node if authorized
               by policy, although use of this operation is only suit-
               able for applications that are trusted to maintain any
               desired separation between the old and new security
               contexts.

               Prior to Linux 2.6.28, SELinux did not allow threads
               within a multithreaded process to set their security
               context via this node as it would yield an inconsis-
               tency among the security contexts of the threads shar-
               ing the same memory space.  Since Linux 2.6.28, SELinux
               lifted this restriction and began supporting "set"
               operations for threads within a multithreaded process
               if the new security context is bounded by the old secu-
               rity context, where the bounded relation is defined in
               policy and guarantees that the new security context has
               a subset of the permissions of the old security con-
               text.

               Other security modules may choose to support "set"
               operations via writes to this node.

               This file represents the attributes to assign to the
               process upon a subsequent execve(2).

               In SELinux, this is needed to support role/domain tran-
               sitions, and execve(2) is the preferred point to make

     Page 4                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               such transitions because it offers better control over
               the initialization of the process in the new security
               label and the inheritance of state.  In SELinux, this
               attribute is reset on execve(2) so that the new program
               reverts to the default behavior for any execve(2) calls
               that it may make.  In SELinux, a process can set only
               its own /proc/[pid]/attr/exec attribute.

               This file represents the attributes to assign to files
               created by subsequent calls to open(2), mkdir(2),
               symlink(2), and mknod(2)

               SELinux employs this file to support creation of a file
               (using the aforementioned system calls) in a secure
               state, so that there is no risk of inappropriate access
               being obtained between the time of creation and the
               time that attributes are set.  In SELinux, this
               attribute is reset on execve(2), so that the new pro-
               gram reverts to the default behavior for any file cre-
               ation calls it may make, but the attribute will persist
               across multiple file creation calls within a program
               unless it is explicitly reset.  In SELinux, a process
               can set only its own /proc/[pid]/attr/fscreate
               attribute.

               If a process writes a security context into this file,
               all subsequently created keys (add_key(2)) will be
               labeled with this context.  For further information,
               see the kernel source file
               Documentation/security/keys/core.rst (or file
               Documentation/security/keys.txt on Linux between 3.0
               and 4.13, or Documentation/keys.txt before Linux 3.0).

               This file contains the security context of the process
               before the last execve(2); that is, the previous value
               of /proc/[pid]/attr/current.

               htmlmanrefend/proc/[pid]/attr/socketcreate(sinceLinux2

          htmlmanrefstart/proc/[pid]/autogroup(sinceLinux2.6.38)

          htmlmanrefstart/proc/[pid]/auxv(since2.6.0)

          htmlmanrefstart/proc/[pid]/cgroup(sinceLinux2.6.24)

          htmlmanrefstart/proc/[pid]/clear_refs(sinceLinux2.6.22)

               htmlmanrefstart/proc/[pid]/smapshtmlmanrefend/proc/[pid]/smaps

                      htmlmanrefstart/proc/[pid]/pagemap)htmlmanrefend/proc/[pid]/pagemap)

                    htmlmanrefstart/proc/[pid]/clear_refshtmlmanrefend/proc/[pid]/clear_refs

                   htmlmanrefstart/proc/[pid]/clear_refshtmlmanrefend/proc/[pid]/clear_refs

                htmlmanrefstart/proc/[pid]/clear_refshtmlmanrefend/proc/[pid]/clear_refs

          htmlmanrefstart/proc/[pid]/comm(sinceLinux2.6.33)

                  htmlmanrefstart/proc/[pid]/task/[tid]/comm.htmlmanrefend/proc/[pid]/task/[tid]/comm.

                htmlmanrefstart/proc/self/task/[tid]/comm.htmlmanrefend/proc/self/task/[tid]/comm.

                    htmlmanrefstart/proc/sys/kernel/core_pattern;htmlmanrefend/proc/sys/kernel/core_pattern;

          htmlmanrefstart/proc/[pid]/coredump_filter(sinceLinux2.6.23)    .}f See core(5).

               See cpuset(7).

          /proc/[pid]/cwd

     Page 7                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               This is a symbolic link to the current working direc-
               tory of the process.  To find out the current working
               directory of process 20, for instance, you can do this:

                   $ cd /proc/20/cwd; pwd -P

               In a multithreaded process, the contents of this sym-
               bolic link are not available if the main thread has
               already terminated (typically by calling
               pthread_exit(3)).

               Permission to dereference or read (readlink(2)) this
               symbolic link is governed by a ptrace access mode
               PTRACE_MODE_READ_FSCREDS check; see ptrace(2).

          /proc/[pid]/environ
               This file contains the initial environment that was set
               when the currently executing program was started via
               execve(2).  The entries are separated by null bytes
               (aq0aq), and there may be a null byte at the end.  Thus,
               to print out the environment of process 1, you would
               do:

                   $ cat /proc/1/environ | tr aq000aq aqnaq

               If, after an execve(2), the process modifies its envi-
               ronment (e.g., by calling functions such as putenv(3)
               or modifying the environ(7) variable directly), this
               file will not reflect those changes.

               Furthermore, a process may change the memory location
               that this file refers via prctl(2) operations such as
               PR_SET_MM_ENV_START.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

          /proc/[pid]/exe
               Under Linux 2.2 and later, this file is a symbolic link
               containing the actual pathname of the executed command.
               This symbolic link can be dereferenced normally;
               attempting to open it will open the executable.  You
               can even type /proc/[pid]/exe to run another copy of
               the same executable that is being run by process [pid].
               If the pathname has been unlinked, the symbolic link
               will contain the string aq(deleted)aq appended to the
               original pathname.  In a multithreaded process, the
               contents of this symbolic link are not available if the
               main thread has already terminated (typically by call-
               ing pthread_exit(3)).

     Page 8                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               Permission to dereference or read (readlink(2)) this
               symbolic link is governed by a ptrace access mode
               PTRACE_MODE_READ_FSCREDS check; see ptrace(2).

               Under Linux 2.0 and earlier, /proc/[pid]/exe is a
               pointer to the binary which was executed, and appears
               as a symbolic link.  A readlink(2) call on this file
               under Linux 2.0 returns a string in the format:

                   [device]:inode

               For example, [0301]:1502 would be inode 1502 on device
               major 03 (IDE, MFM, etc. drives) minor 01 (first parti-
               tion on the first drive).

               find(1) with the -inum option can be used to locate the
               file.

          /proc/[pid]/fd/
               This is a subdirectory containing one entry for each
               file which the process has open, named by its file
               descriptor, and which is a symbolic link to the actual
               file.  Thus, 0 is standard input, 1 standard output, 2
               standard error, and so on.

               For file descriptors for pipes and sockets, the entries
               will be symbolic links whose content is the file type
               with the inode.  A readlink(2) call on this file
               returns a string in the format:

                   type:[inode]

               For example, socket:[2248868] will be a socket and its
               inode is 2248868.  For sockets, that inode can be used
               to find more information in one of the files under
               /proc/net/.

               For file descriptors that have no corresponding inode
               (e.g., file descriptors produced by bpf(2),
               epoll_create(2), eventfd(2), inotify_init(2),
               perf_event_open(2), signalfd(2), timerfd_create(2), and
               userfaultfd(2)), the entry will be a symbolic link with
               contents of the form

                   anon_inode:<file-type>

               In many cases (but not all), the file-type is sur-
               rounded by square brackets.

               For example, an epoll file descriptor will have a sym-
               bolic link whose content is the string
               anon_inode:[eventpoll].

     Page 9                        Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               In a multithreaded process, the contents of this direc-
               tory are not available if the main thread has already
               terminated (typically by calling pthread_exit(3)).

               Programs that take a filename as a command-line argu-
               ment, but don't take input from standard input if no
               argument is supplied, and programs that write to a file
               named as a command-line argument, but don't send their
               output to standard output if no argument is supplied,
               can nevertheless be made to use standard input or stan-
               dard output by using /proc/[pid]/fd files as command-
               line arguments.  For example, assuming that -i is the
               flag designating an input file and -o is the flag des-
               ignating an output file:

                   $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ...

               and you have a working filter.

               /proc/self/fd/N is approximately the same as /dev/fd/N
               in some UNIX and UNIX-like systems.  Most Linux MAKEDEV
               scripts symbolically link /dev/fd to /proc/self/fd, in
               fact.

               Most systems provide symbolic links /dev/stdin,
               /dev/stdout, and /dev/stderr, which respectively link
               to the files 0, 1, and 2 in /proc/self/fd. Thus the
               example command above could be written as:

                   $ foobar -i /dev/stdin -o /dev/stdout ...

               Permission to dereference or read (readlink(2)) the
               symbolic links in this directory is governed by a
               ptrace access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

               Note that for file descriptors referring to inodes
               (pipes and sockets, see above), those inodes still have
               permission bits and ownership information distinct from
               those of the /proc/[pid]/fd entry, and that the owner
               may differ from the user and group IDs of the process.
               An unprivileged process may lack permissions to open
               them, as in this example:

                   $ echo test | sudo -u nobody cat
                   test
                   $ echo test | sudo -u nobody cat /proc/self/fd/0
                   cat: /proc/self/fd/0: Permission denied

               File descriptor 0 refers to the pipe created by the
               shell and owned by that shell's user, which is not
               nobody, so cat does not have permission to create a new

     Page 10                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               file descriptor to read from that inode, even though it
               can still read from its existing file descriptor 0.

               This is a subdirectory containing one entry for each
               file which the process has open, named by its file
               descriptor.  The files in this directory are readable
               only by the owner of the process.  The contents of each
               file can be read to obtain information about the corre-
               sponding file descriptor.  The content depends on the
               type of file referred to by the corresponding file
               descriptor.

               For regular files and directories, we see something
               like:

                   $ cat /proc/12015/fdinfo/4
                   pos:    1000
                   flags:  01002002
                   mnt_id: 21

               The fields are as follows:

               pos  This is a decimal number showing the file offset.

               flags
                    This is an octal number that displays the file
                    access mode and file status flags (see open(2)).
                    If the close-on-exec file descriptor flag is set,
                    then flags will also include the value O_CLOEXEC.

                    Before Linux 3.1, this field incorrectly displayed
                    the setting of O_CLOEXEC at the time the file was
                    opened, rather than the current setting of the
                    close-on-exec flag.

               mnt_id
                    This field, present since Linux 3.15, is the ID of
                    the mount point containing this file.  See the
                    description of /proc/[pid]/mountinfo.

               For eventfd file descriptors (see eventfd(2)), we see
               (since Linux 3.8) the following fields:

                   pos: 0
                   flags:    02
                   mnt_id:   10
                   eventfd-count:               40

               eventfd-count is the current value of the eventfd
               counter, in hexadecimal.

     Page 11                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               For epoll file descriptors (see epoll(7)), we see
               (since Linux 3.8) the following fields:

                   pos: 0
                   flags:    02
                   mnt_id:   10
                   tfd:        9 events:       19 data: 74253d2500000009
                   tfd:        7 events:       19 data: 74253d2500000007

               Each of the lines beginning tfd describes one of the
               file descriptors being monitored via the epoll file
               descriptor (see epoll_ctl(2) for some details).  The
               tfd field is the number of the file descriptor.  The
               events field is a hexadecimal mask of the events being
               monitored for this file descriptor.  The data field is
               the data value associated with this file descriptor.

               For signalfd file descriptors (see signalfd(2)), we see
               (since Linux 3.8) the following fields:

                   pos: 0
                   flags:    02
                   mnt_id:   10
                   sigmask:  0000000000000006

               sigmask is the hexadecimal mask of signals that are
               accepted via this signalfd file descriptor.  (In this
               example, bits 2 and 3 are set, corresponding to the
               signals SIGINT and SIGQUIT; see signal(7).)

               For inotify file descriptors (see inotify(7)), we see
               (since Linux 3.8) the following fields:

                   pos: 0
                   flags:    00
                   mnt_id:   11
                   inotify wd:2 ino:7ef82a sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:2af87e00220ffd73
                   inotify wd:1 ino:192627 sdev:800001 mask:800afff ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:27261900802dfd73

               Each of the lines beginning with "inotify" displays
               information about one file or directory that is being
               monitored.  The fields in this line are as follows:

               wd   A watch descriptor number (in decimal).

               ino  The inode number of the target file (in hexadeci-
                    mal).

               sdev The ID of the device where the target file resides
                    (in hexadecimal).

               mask The mask of events being monitored for the target

     Page 12                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    file (in hexadecimal).

               If the kernel was built with exportfs support, the path
               to the target file is exposed as a file handle, via
               three hexadecimal fields: fhandle-bytes, fhandle-type,
               and f_handle.

               For fanotify file descriptors (see fanotify(7)), we see
               (since Linux 3.8) the following fields:

                   pos: 0
                   flags:    02
                   mnt_id:   11
                   fanotify flags:0 event-flags:88002
                   fanotify ino:19264f sdev:800001 mflags:0 mask:1 ignored_mask:0 fhandle-bytes:8 fhandle-type:1 f_handle:4f261900a82dfd73

               The fourth line displays information defined when the
               fanotify group was created via fanotify_init(2):

               flags
                    The flags argument given to fanotify_init(2)
                    (expressed in hexadecimal).

               event-flags
                    The event_f_flags argument given to
                    fanotify_init(2) (expressed in hexadecimal).

               Each additional line shown in the file contains infor-
               mation about one of the marks in the fanotify group.
               Most of these fields are as for inotify, except:

               mflags
                    The flags associated with the mark (expressed in
                    hexadecimal).

               mask The events mask for this mark (expressed in hex-
                    adecimal).

               ignored_mask
                    The mask of events that are ignored for this mark
                    (expressed in hexadecimal).

               For details on these fields, see fanotify_mark(2).

               For timerfd file descriptors (see timerfd(2)), we see
               (since Linux 3.17) the following fields:

                   pos:    0
                   flags:  02004002
                   mnt_id: 13
                   clockid: 0
                   ticks: 0

     Page 13                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                   settime flags: 03
                   it_value: (7695568592, 640020877)
                   it_interval: (0, 0)

               clockid
                    This is the numeric value of the clock ID (corre-
                    sponding to one of the CLOCK_* constants defined
                    via <time.h>) that is used to mark the progress of
                    the timer (in this example, 0 is CLOCK_REALTIME).

               ticks
                    This is the number of timer expirations that have
                    occurred, (i.e., the value that read(2) on it
                    would return).

               settime flags
                    This field lists the flags with which the timerfd
                    was last armed (see timerfd_settime(2)), in octal
                    (in this example, both TFD_TIMER_ABSTIME and
                    TFD_TIMER_CANCEL_ON_SET are set).

               it_value
                    This field contains the amount of time until the
                    timer will next expire, expressed in seconds and
                    nanoseconds.  This is always expressed as a rela-
                    tive value, regardless of whether the timer was
                    created using the TFD_TIMER_ABSTIME flag.

               it_interval
                    This field contains the interval of the timer, in
                    seconds and nanoseconds.  (The it_value and
                    it_interval fields contain the values that
                    timerfd_gettime(2) on this file descriptor would
                    return.)

               See user_namespaces(7).

               This file contains I/O statistics for the process, for
               example:

                   # cat /proc/3828/io
                   rchar: 323934931
                   wchar: 323929600
                   syscr: 632687
                   syscw: 632675
                   read_bytes: 0
                   write_bytes: 323932160
                   cancelled_write_bytes: 0

               The fields are as follows:

     Page 14                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    The number of bytes which this task has caused to
                    be read from storage.  This is simply the sum of
                    bytes which this process passed to read(2) and
                    similar system calls.  It includes things such as
                    terminal I/O and is unaffected by whether or not
                    actual physical disk I/O was required (the read
                    might have been satisfied from pagecache).

                    The number of bytes which this task has caused, or
                    shall cause to be written to disk.  Similar
                    caveats apply here as with rchar.

                    Attempt to count the number of read I/O
                    operations-that is, system calls such as read(2)
                    and pread(2).

                    Attempt to count the number of write I/O
                    operations-that is, system calls such as write(2)
                    and pwrite(2).

                    Attempt to count the number of bytes which this
                    process really did cause to be fetched from the
                    storage layer.  This is accurate for block-backed
                    filesystems.

                    Attempt to count the number of bytes which this
                    process caused to be sent to the storage layer.

                    The big inaccuracy here is truncate.  If a process
                    writes 1 MB to a file and then deletes the file,
                    it will in fact perform no writeout.  But it will
                    have been accounted as having caused 1 MB of
                    write.  In other words: this field represents the
                    number of bytes which this process caused to not
                    happen, by truncating pagecache.  A task can cause
                    "negative" I/O too.  If this task truncates some
                    dirty pagecache, some I/O which another task has
                    been accounted for (in its write_bytes) will not
                    be happening.

               Note: In the current implementation, things are a bit
               racy on 32-bit systems: if process A reads process B's
               /proc/[pid]/io while process B is updating one of these
               64-bit counters, process A could see an intermediate
               result.

     Page 15                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

               This file displays the soft limit, hard limit, and
               units of measurement for each of the process's resource
               limits (see getrlimit(2)).  Up to and including Linux
               2.6.35, this file is protected to allow reading only by
               the real UID of the process.  Since Linux 2.6.36, this
               file is readable by all users on the system.

               This subdirectory contains entries corresponding to
               memory-mapped files (see mmap(2)).  Entries are named
               by memory region start and end address pair (expressed
               as hexadecimal numbers), and are symbolic links to the
               mapped files themselves.  Here is an example, with the
               output wrapped and reformatted to fit on an 80-column
               display:

                   # ls -l /proc/self/map_files/
                   lr--------. 1 root root 64 Apr 16 21:31
                               3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so
                   ...

               Although these entries are present for memory regions
               that were mapped with the MAP_FILE flag, the way anony-
               mous shared memory (regions created with the MAP_ANON |
               MAP_SHARED flags) is implemented in Linux means that
               such regions also appear on this directory.  Here is an
               example where the target file is the deleted /dev/zero
               one:

                   lrw-------. 1 root root 64 Apr 16 21:33
                               7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted)

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

               Until kernel version 4.3, this directory appeared only
               if the CONFIG_CHECKPOINT_RESTORE kernel configuration
               option was enabled.

               Capabilities are required to read the contents of the
               symbolic links in this directory: before Linux 5.9, the
               reading process requires CAP_SYS_ADMIN in the initial
               user namespace; since Linux 5.9, the reading process
               must have either CAP_SYS_ADMIN or
               CAP_CHECKPOINT_RESTORE in the user namespace where it
               resides.

     Page 16                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/[pid]/maps
               A file containing the currently mapped memory regions
               and their access permissions.  See mmap(2) for some
               further information about memory mappings.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

               The format of the file is:

                   address           perms offset  dev   inode       pathname
                   00400000-00452000 r-xp 00000000 08:02 173521      /usr/bin/dbus-daemon
                   00651000-00652000 r--p 00051000 08:02 173521      /usr/bin/dbus-daemon
                   00652000-00655000 rw-p 00052000 08:02 173521      /usr/bin/dbus-daemon
                   00e03000-00e24000 rw-p 00000000 00:00 0           [heap]
                   00e24000-011f7000 rw-p 00000000 00:00 0           [heap]
                   ...
                   35b1800000-35b1820000 r-xp 00000000 08:02 135522  /usr/lib64/ld-2.15.so
                   35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522  /usr/lib64/ld-2.15.so
                   35b1a20000-35b1a21000 rw-p 00020000 08:02 135522  /usr/lib64/ld-2.15.so
                   35b1a21000-35b1a22000 rw-p 00000000 00:00 0
                   35b1c00000-35b1dac000 r-xp 00000000 08:02 135870  /usr/lib64/libc-2.15.so
                   35b1dac000-35b1fac000 ---p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
                   35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870  /usr/lib64/libc-2.15.so
                   35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870  /usr/lib64/libc-2.15.so
                   ...
                   f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0    [stack:986]
                   ...
                   7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0   [stack]
                   7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0   [vdso]

               The address field is the address space in the process
               that the mapping occupies.  The perms field is a set of
               permissions:

                   r = read
                   w = write
                   x = execute
                   s = shared
                   p = private (copy on write)

               The offset field is the offset into the file/whatever;
               dev is the device (major:minor); inode is the inode on
               that device.  0 indicates that no inode is associated
               with the memory region, as would be the case with BSS
               (uninitialized data).

               The pathname field will usually be the file that is
               backing the mapping.  For ELF files, you can easily
               coordinate with the offset field by looking at the Off-
               set field in the ELF program headers (readelf -l).

     Page 17                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               There are additional helpful pseudo-paths:

                    The initial process's (also known as the main
                    thread's) stack.

                    A thread's stack (where the <tid> is a thread ID).
                    It corresponds to the /proc/[pid]/task/[tid]/
                    path.  This field was removed in Linux 4.5, since
                    providing this information for a process with
                    large numbers of threads is expensive.

                    The virtual dynamically linked shared object.  See
                    vdso(7).

                    The process's heap.

               If the pathname field is blank, this is an anonymous
               mapping as obtained via mmap(2).  There is no easy way
               to coordinate this back to a process's source, short of
               running it through gdb(1), strace(1), or similar.

               pathname is shown unescaped except for newline charac-
               ters, which are replaced with an octal escape sequence.
               As a result, it is not possible to determine whether
               the original pathname contained a newline character or
               the literal 012 character sequence.

               If the mapping is file-backed and the file has been
               deleted, the string " (deleted)" is appended to the
               pathname.  Note that this is ambiguous too.

               Under Linux 2.0, there is no field giving pathname.

          /proc/[pid]/mem
               This file can be used to access the pages of a
               process's memory through open(2), read(2), and
               lseek(2).

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_ATTACH_FSCREDS check; see
               ptrace(2).

               This file contains information about mount points in
               the process's mount namespace (see
               mount_namespaces(7)).  It supplies various information
               (e.g., propagation state, root of mount for bind
               mounts, identifier for each mount and its parent) that

     Page 18                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               is missing from the (older) /proc/[pid]/mounts file,
               and fixes various other problems with that file (e.g.,
               nonextensibility, failure to distinguish per-mount ver-
               sus per-superblock options).

               The file contains lines of the form:

               36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue
               (1)(2)(3)   (4)   (5)      (6)      (7)   (8) (9)   (10)         (11)

               The numbers in parentheses are labels for the descrip-
               tions below:

                 (1)  mount ID: a unique ID for the mount (may be
                      reused after umount(2)).

                 (2)  parent ID: the ID of the parent mount (or of
                      self for the root of this mount namespace's
                      mount tree).

                      If a new mount is stacked on top of a previous
                      existing mount (so that it hides the existing
                      mount) at pathname P, then the parent of the new
                      mount is the previous mount at that location.
                      Thus, when looking at all the mounts stacked at
                      a particular location, the top-most mount is the
                      one that is not the parent of any other mount at
                      the same location.  (Note, however, that this
                      top-most mount will be accessible only if the
                      longest path subprefix of P that is a mount
                      point is not itself hidden by a stacked mount.)

                      If the parent mount point lies outside the
                      process's root directory (see chroot(2)), the ID
                      shown here won't have a corresponding record in
                      mountinfo whose mount ID (field 1) matches this
                      parent mount ID (because mount points that lie
                      outside the process's root directory are not
                      shown in mountinfo). As a special case of this
                      point, the process's root mount point may have a
                      parent mount (for the initramfs filesystem) that
                      lies outside the process's root directory, and
                      an entry for that mount point will not appear in
                      mountinfo.

                 (3)  major:minor: the value of st_dev for files on
                      this filesystem (see stat(2)).

                 (4)  root: the pathname of the directory in the
                      filesystem which forms the root of this mount.

                 (5)  mount point: the pathname of the mount point

     Page 19                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                      relative to the process's root directory.

                 (6)  mount options: per-mount options (see mount(2)).

                 (7)  optional fields: zero or more fields of the form
                      "tag[:value]"; see below.

                 (8)  separator: the end of the optional fields is
                      marked by a single hyphen.

                 (9)  filesystem type: the filesystem type in the form
                      "type[.subtype]".

                 (10) mount source: filesystem-specific information or
                      "none".

                 (11) super options: per-superblock options (see
                      mount(2)).

               Currently, the possible optional fields are shared,
               master, propagate_from, and unbindable. See
               mount_namespaces(7) for a description of these fields.
               Parsers should ignore all unrecognized optional fields.

               For more information on mount propagation see:
               Documentation/filesystems/sharedsubtree.txt in the
               Linux kernel source tree.

               This file lists all the filesystems currently mounted
               in the process's mount namespace (see
               mount_namespaces(7)).  The format of this file is docu-
               mented in fstab(5).

               Since kernel version 2.6.15, this file is pollable:
               after opening the file for reading, a change in this
               file (i.e., a filesystem mount or unmount) causes
               select(2) to mark the file descriptor as having an
               exceptional condition, and poll(2) and epoll_wait(2)
               mark the file as having a priority event (POLLPRI).
               (Before Linux 2.6.30, a change in this file was indi-
               cated by the file descriptor being marked as readable
               for select(2), and being marked as having an error con-
               dition for poll(2) and epoll_wait(2).)

               This file exports information (statistics, configura-
               tion information) about the mount points in the
               process's mount namespace (see mount_namespaces(7)).
               Lines in this file have the form:

                   device /dev/sda7 mounted on /home with fstype ext3 [stats]

     Page 20                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                   (       1      )            ( 2 )             (3 ) (  4  )

               The fields in each line are:

                 (1)  The name of the mounted device (or "nodevice" if
                      there is no corresponding device).

                 (2)  The mount point within the filesystem tree.

                 (3)  The filesystem type.

                 (4)  Optional statistics and configuration informa-
                      tion.  Currently (as at Linux 2.6.26), only NFS
                      filesystems export information via this field.

               This file is readable only by the owner of the process.

               See the description of /proc/net.

               This is a subdirectory containing one entry for each
               namespace that supports being manipulated by setns(2).
               For more information, see namespaces(7).

               See numa(7).

               This file can be used to adjust the score used to
               select which process should be killed in an out-of-
               memory (OOM) situation.  The kernel uses this value for
               a bit-shift operation of the process's oom_score value:
               valid values are in the range -16 to +15, plus the spe-
               cial value -17, which disables OOM-killing altogether
               for this process.  A positive score increases the like-
               lihood of this process being killed by the OOM-killer;
               a negative score decreases the likelihood.

               The default value for this file is 0; a new process
               inherits its parent's oom_adj setting.  A process must
               be privileged (CAP_SYS_RESOURCE) to update this file.

               Since Linux 2.6.36, use of this file is deprecated in
               favor of /proc/[pid]/oom_score_adj.

               This file displays the current score that the kernel
               gives to this process for the purpose of selecting a
               process for the OOM-killer.  A higher score means that
               the process is more likely to be selected by the OOM-
               killer.  The basis for this score is the amount of

     Page 21                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               memory used by the process, with increases (+) or
               decreases (-) for factors including:

               * whether the process is privileged (-).

               Before kernel 2.6.36 the following factors were also
               used in the calculation of oom_score:

               * whether the process creates a lot of children using
                 fork(2) (+);

               * whether the process has been running a long time, or
                 has used a lot of CPU time (-);

               * whether the process has a low nice value (i.e., > 0)
                 (+); and

               * whether the process is making direct hardware access
                 (-).

               The oom_score also reflects the adjustment specified by
               the oom_score_adj or oom_adj setting for the process.

               This file can be used to adjust the badness heuristic
               used to select which process gets killed in out-of-
               memory conditions.

               The badness heuristic assigns a value to each candidate
               task ranging from 0 (never kill) to 1000 (always kill)
               to determine which process is targeted.  The units are
               roughly a proportion along that range of allowed memory
               the process may allocate from, based on an estimation
               of its current memory and swap use.  For example, if a
               task is using all allowed memory, its badness score
               will be 1000.  If it is using half of its allowed mem-
               ory, its score will be 500.

               There is an additional factor included in the badness
               score: root processes are given 3% extra memory over
               other tasks.

               The amount of "allowed" memory depends on the context
               in which the OOM-killer was called.  If it is due to
               the memory assigned to the allocating task's cpuset
               being exhausted, the allowed memory represents the set
               of mems assigned to that cpuset (see cpuset(7)).  If it
               is due to a mempolicy's node(s) being exhausted, the
               allowed memory represents the set of mempolicy nodes.
               If it is due to a memory limit (or swap limit) being
               reached, the allowed memory is that configured limit.
               Finally, if it is due to the entire system being out of

     Page 22                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               memory, the allowed memory represents all allocatable
               resources.

               The value of oom_score_adj is added to the badness
               score before it is used to determine which task to
               kill.  Acceptable values range from -1000
               (OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX).  This
               allows user space to control the preference for OOM-
               killing, ranging from always preferring a certain task
               or completely disabling it from OOM killing.  The low-
               est possible value, -1000, is equivalent to disabling
               OOM-killing entirely for that task, since it will
               always report a badness score of 0.

               Consequently, it is very simple for user space to
               define the amount of memory to consider for each task.
               Setting an oom_score_adj value of +500, for example, is
               roughly equivalent to allowing the remainder of tasks
               sharing the same system, cpuset, mempolicy, or memory
               controller resources to use at least 50% more memory.
               A value of -500, on the other hand, would be roughly
               equivalent to discounting 50% of the task's allowed
               memory from being considered as scoring against the
               task.

               For backward compatibility with previous kernels,
               /proc/[pid]/oom_adj can still be used to tune the bad-
               ness score.  Its value is scaled linearly with
               oom_score_adj.

               Writing to /proc/[pid]/oom_score_adj or
               /proc/[pid]/oom_adj will change the other with its
               scaled value.

               The choom(1) program provides a command-line interface
               for adjusting the oom_score_adj value of a running pro-
               cess or a newly executed command.

               This file shows the mapping of each of the process's
               virtual pages into physical page frames or swap area.
               It contains one 64-bit value for each virtual page,
               with the bits set as follows:

               63   If set, the page is present in RAM.

               62   If set, the page is in swap space

               61 (since Linux 3.5)
                    The page is a file-mapped page or a shared anony-
                    mous page.

     Page 23                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               60en57 (since Linux 3.11)
                    Zero

               56 (since Linux 4.2)
                    The page is exclusively mapped.

               55 (since Linux 3.11)
                    PTE is soft-dirty (see the kernel source file
                    Documentation/admin-guide/mm/soft-dirty.rst).

               54en0 If the page is present in RAM (bit 63), then these
                    bits provide the page frame number, which can be
                    used to index /proc/kpageflags and
                    /proc/kpagecount. If the page is present in swap
                    (bit 62), then bits 4en0 give the swap type, and
                    bits 54en5 encode the swap offset.

               Before Linux 3.11, bits 60en55 were used to encode the
               base-2 log of the page size.

               To employ /proc/[pid]/pagemap efficiently, use
               /proc/[pid]/maps to determine which areas of memory are
               actually mapped and seek to skip over unmapped regions.

               The /proc/[pid]/pagemap file is present only if the
               CONFIG_PROC_PAGE_MONITOR kernel configuration option is
               enabled.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_READ_FSCREDS check; see
               ptrace(2).

               This read-only file exposes the process's execution
               domain, as set by personality(2).  The value is dis-
               played in hexadecimal notation.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_ATTACH_FSCREDS check; see
               ptrace(2).

          /proc/[pid]/root
               UNIX and Linux support the idea of a per-process root
               of the filesystem, set by the chroot(2) system call.
               This file is a symbolic link that points to the
               process's root directory, and behaves in the same way
               as exe, and fd/*.

               Note however that this file is not merely a symbolic
               link.  It provides the same view of the filesystem
               (including namespaces and the set of per-process
               mounts) as the process itself.  An example illustrates

     Page 24                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               this point.  In one terminal, we start a shell in new
               user and mount namespaces, and in that shell we create
               some new mount points:

                   $ PS1=aqsh1# aq unshare -Urnm
                   sh1# mount -t tmpfs tmpfs /etc  # Mount empty tmpfs at /etc
                   sh1# mount --bind /usr /dev     # Mount /usr at /dev
                   sh1# echo $$
                   27123

               In a second terminal window, in the initial mount
               namespace, we look at the contents of the corresponding
               mounts in the initial and new namespaces:

                   $ PS1=aqsh2# aq sudo sh
                   sh2# ls /etc | wc -l                  # In initial NS
                   309
                   sh2# ls /proc/27123/root/etc | wc -l  # /etc in other NS
                   0                                     # The empty tmpfs dir
                   sh2# ls /dev | wc -l                  # In initial NS
                   205
                   sh2# ls /proc/27123/root/dev | wc -l  # /dev in other NS
                   11                                    # Actually bind
                                                         # mounted to /usr
                   sh2# ls /usr | wc -l                  # /usr in initial NS
                   11

               In a multithreaded process, the contents of the
               /proc/[pid]/root symbolic link are not available if the
               main thread has already terminated (typically by call-
               ing pthread_exit(3)).

               Permission to dereference or read (readlink(2)) this
               symbolic link is governed by a ptrace access mode
               PTRACE_MODE_READ_FSCREDS check; see ptrace(2).

               This file can be used to read and change the process's
               secure computing (seccomp) mode setting.  It contains
               the value 0 if the process is not in seccomp mode, and
               1 if the process is in strict seccomp mode (see
               seccomp(2)).  Writing 1 to this file places the process
               irreversibly in strict seccomp mode.  (Further attempts
               to write to the file fail with the EPERM error.)

               In Linux 2.6.23, this file went away, to be replaced by
               the prctl(2) PR_GET_SECCOMP and PR_SET_SECCOMP opera-
               tions (and later by seccomp(2) and the Seccomp field in
               /proc/[pid]/status).

               See user_namespaces(7).

     Page 25                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               This file shows memory consumption for each of the
               process's mappings.  (The pmap(1) command displays sim-
               ilar information, in a form that may be easier for
               parsing.)  For each mapping there is a series of lines
               such as the following:

                   00400000-0048a000 r-xp 00000000 fd:03 960637       /bin/bash
                   Size:                552 kB
                   Rss:                 460 kB
                   Pss:                 100 kB
                   Shared_Clean:        452 kB
                   Shared_Dirty:          0 kB
                   Private_Clean:         8 kB
                   Private_Dirty:         0 kB
                   Referenced:          460 kB
                   Anonymous:             0 kB
                   AnonHugePages:         0 kB
                   ShmemHugePages:        0 kB
                   ShmemPmdMapped:        0 kB
                   Swap:                  0 kB
                   KernelPageSize:        4 kB
                   MMUPageSize:           4 kB
                   KernelPageSize:        4 kB
                   MMUPageSize:           4 kB
                   Locked:                0 kB
                   ProtectionKey:         0
                   VmFlags: rd ex mr mw me dw

               The first of these lines shows the same information as
               is displayed for the mapping in /proc/[pid]/maps. The
               following lines show the size of the mapping, the
               amount of the mapping that is currently resident in RAM
               ("Rss"), the process's proportional share of this map-
               ping ("Pss"), the number of clean and dirty shared
               pages in the mapping, and the number of clean and dirty
               private pages in the mapping.  "Referenced" indicates
               the amount of memory currently marked as referenced or
               accessed.  "Anonymous" shows the amount of memory that
               does not belong to any file.  "Swap" shows how much
               would-be-anonymous memory is also used, but out on
               swap.

               The "KernelPageSize" line (available since Linux
               2.6.29) is the page size used by the kernel to back the
               virtual memory area.  This matches the size used by the
               MMU in the majority of cases.  However, one counter-
               example occurs on PPC64 kernels whereby a kernel using
               64 kB as a base page size may still use 4 kB pages for
               the MMU on older processors.  To distinguish the two
               attributes, the "MMUPageSize" line (also available
               since Linux 2.6.29) reports the page size used by the

     Page 26                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               MMU.

               The "Locked" indicates whether the mapping is locked in
               memory or not.

               The "ProtectionKey" line (available since Linux 4.9, on
               x86 only) contains the memory protection key (see
               pkeys(7)) associated with the virtual memory area.
               This entry is present only if the kernel was built with
               the CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS configura-
               tion option (since Linux 4.6).

               The "VmFlags" line (available since Linux 3.8) repre-
               sents the kernel flags associated with the virtual mem-
               ory area, encoded using the following two-letter codes:

                   rd  - readable
                   wr  - writable
                   ex  - executable
                   sh  - shared
                   mr  - may read
                   mw  - may write
                   me  - may execute
                   ms  - may share
                   gd  - stack segment grows down
                   pf  - pure PFN range
                   dw  - disabled write to the mapped file
                   lo  - pages are locked in memory
                   io  - memory mapped I/O area
                   sr  - sequential read advise provided
                   rr  - random read advise provided
                   dc  - do not copy area on fork
                   de  - do not expand area on remapping
                   ac  - area is accountable
                   nr  - swap space is not reserved for the area
                   ht  - area uses huge tlb pages
                   sf  - perform synchronous page faults (since Linux
               4.15)
                   nl  - non-linear mapping (removed in Linux 4.0)
                   ar  - architecture specific flag
                   wf  - wipe on fork (since Linux 4.14)
                   dd  - do not include area into core dump
                   sd  - soft-dirty flag (since Linux 3.13)
                   mm  - mixed map area
                   hg  - huge page advise flag
                   nh  - no-huge page advise flag
                   mg  - mergeable advise flag
                   um  - userfaultfd missing pages tracking (since
               Linux 4.3)
                   uw  - userfaultfd wprotect pages tracking (since
               Linux 4.3)

     Page 27                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               The /proc/[pid]/smaps file is present only if the
               CONFIG_PROC_PAGE_MONITOR kernel configuration option is
               enabled.

               This file provides a symbolic trace of the function
               calls in this process's kernel stack.  This file is
               provided only if the kernel was built with the
               CONFIG_STACKTRACE configuration option.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_ATTACH_FSCREDS check; see
               ptrace(2).

          /proc/[pid]/stat
               Status information about the process.  This is used by
               ps(1).  It is defined in the kernel source file
               fs/proc/array.c.

               The fields, in order, with their proper scanf(3) format
               specifiers, are listed below.  Whether or not certain
               of these fields display valid information is governed
               by a ptrace access mode
               PTRACE_MODE_READ_FSCREDS | PTRACE_MODE_NOAUDIT check
               (refer to ptrace(2)).  If the check denies access, then
               the field value is displayed as 0.  The affected fields
               are indicated with the marking [PT].

               (1) pid  %d
                    The process ID.

               (2) comm  %s
                    The filename of the executable, in parentheses.
                    Strings longer than TASK_COMM_LEN (16) characters
                    (including the terminating null byte) are silently
                    truncated.  This is visible whether or not the
                    executable is swapped out.

               (3) state  %c
                    One of the following characters, indicating pro-
                    cess state:

                    R  Running

                    S  Sleeping in an interruptible wait

                    D  Waiting in uninterruptible disk sleep

                    Z  Zombie

                    T  Stopped (on a signal) or (before Linux 2.6.33)
                       trace stopped

     Page 28                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    t  Tracing stop (Linux 2.6.33 onward)

                    W  Paging (only before Linux 2.6.0)

                    X  Dead (from Linux 2.6.0 onward)

                    x  Dead (Linux 2.6.33 to 3.13 only)

                    K  Wakekill (Linux 2.6.33 to 3.13 only)

                    W  Waking (Linux 2.6.33 to 3.13 only)

                    P  Parked (Linux 3.9 to 3.13 only)

               (4) ppid  %d
                    The PID of the parent of this process.

               (5) pgrp  %d
                    The process group ID of the process.

               (6) session  %d
                    The session ID of the process.

               (7) tty_nr  %d
                    The controlling terminal of the process.  (The
                    minor device number is contained in the combina-
                    tion of bits 31 to 20 and 7 to 0; the major device
                    number is in bits 15 to 8.)

               (8) tpgid  %d
                    The ID of the foreground process group of the con-
                    trolling terminal of the process.

               (9) flags  %u
                    The kernel flags word of the process.  For bit
                    meanings, see the PF_* defines in the Linux kernel
                    source file include/linux/sched.h. Details depend
                    on the kernel version.

                    The format for this field was %lu before Linux
                    2.6.

               (10) minflt  %lu
                    The number of minor faults the process has made
                    which have not required loading a memory page from
                    disk.

               (11) cminflt  %lu
                    The number of minor faults that the process's
                    waited-for children have made.

               (12) majflt  %lu

     Page 29                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    The number of major faults the process has made
                    which have required loading a memory page from
                    disk.

               (13) cmajflt  %lu
                    The number of major faults that the process's
                    waited-for children have made.

               (14) utime  %lu
                    Amount of time that this process has been sched-
                    uled in user mode, measured in clock ticks (divide
                    by sysconf(_SC_CLK_TCK)). This includes guest
                    time, guest_time (time spent running a virtual
                    CPU, see below), so that applications that are not
                    aware of the guest time field do not lose that
                    time from their calculations.

               (15) stime  %lu
                    Amount of time that this process has been sched-
                    uled in kernel mode, measured in clock ticks
                    (divide by sysconf(_SC_CLK_TCK)).

               (16) cutime  %ld
                    Amount of time that this process's waited-for
                    children have been scheduled in user mode, mea-
                    sured in clock ticks (divide by
                    sysconf(_SC_CLK_TCK)). (See also times(2).)  This
                    includes guest time, cguest_time (time spent run-
                    ning a virtual CPU, see below).

               (17) cstime  %ld
                    Amount of time that this process's waited-for
                    children have been scheduled in kernel mode, mea-
                    sured in clock ticks (divide by
                    sysconf(_SC_CLK_TCK)).

               (18) priority  %ld
                    (Explanation for Linux 2.6) For processes running
                    a real-time scheduling policy (policy below; see
                    sched_setscheduler(2)), this is the negated
                    scheduling priority, minus one; that is, a number
                    in the range -2 to -100, corresponding to real-
                    time priorities 1 to 99.  For processes running
                    under a non-real-time scheduling policy, this is
                    the raw nice value (setpriority(2)) as represented
                    in the kernel.  The kernel stores nice values as
                    numbers in the range 0 (high) to 39 (low), corre-
                    sponding to the user-visible nice range of -20 to
                    19.

                    Before Linux 2.6, this was a scaled value based on
                    the scheduler weighting given to this process.

     Page 30                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               (19) nice  %ld
                    The nice value (see setpriority(2)), a value in
                    the range 19 (low priority) to -20 (high prior-
                    ity).

               (20) num_threads  %ld
                    Number of threads in this process (since Linux
                    2.6).  Before kernel 2.6, this field was hard
                    coded to 0 as a placeholder for an earlier removed
                    field.

               (21) itrealvalue  %ld
                    The time in jiffies before the next SIGALRM is
                    sent to the process due to an interval timer.
                    Since kernel 2.6.17, this field is no longer main-
                    tained, and is hard coded as 0.

               (22) starttime  %llu
                    The time the process started after system boot.
                    In kernels before Linux 2.6, this value was
                    expressed in jiffies.  Since Linux 2.6, the value
                    is expressed in clock ticks (divide by
                    sysconf(_SC_CLK_TCK)).

                    The format for this field was %lu before Linux
                    2.6.

               (23) vsize  %lu
                    Virtual memory size in bytes.

               (24) rss  %ld
                    Resident Set Size: number of pages the process has
                    in real memory.  This is just the pages which
                    count toward text, data, or stack space.  This
                    does not include pages which have not been
                    demand-loaded in, or which are swapped out.  This
                    value is inaccurate; see /proc/[pid]/statm below.

               (25) rsslim  %lu
                    Current soft limit in bytes on the rss of the pro-
                    cess; see the description of RLIMIT_RSS in
                    getrlimit(2).

               (26) startcode  %lu  [PT]
                    The address above which program text can run.

               (27) endcode  %lu  [PT]
                    The address below which program text can run.

               (28) startstack  %lu  [PT]
                    The address of the start (i.e., bottom) of the
                    stack.

     Page 31                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               (29) kstkesp  %lu  [PT]
                    The current value of ESP (stack pointer), as found
                    in the kernel stack page for the process.

               (30) kstkeip  %lu  [PT]
                    The current EIP (instruction pointer).

               (31) signal  %lu
                    The bitmap of pending signals, displayed as a dec-
                    imal number.  Obsolete, because it does not pro-
                    vide information on real-time signals; use
                    /proc/[pid]/status instead.

               (32) blocked  %lu
                    The bitmap of blocked signals, displayed as a dec-
                    imal number.  Obsolete, because it does not pro-
                    vide information on real-time signals; use
                    /proc/[pid]/status instead.

               (33) sigignore  %lu
                    The bitmap of ignored signals, displayed as a dec-
                    imal number.  Obsolete, because it does not pro-
                    vide information on real-time signals; use
                    /proc/[pid]/status instead.

               (34) sigcatch  %lu
                    The bitmap of caught signals, displayed as a deci-
                    mal number.  Obsolete, because it does not provide
                    information on real-time signals; use
                    /proc/[pid]/status instead.

               (35) wchan  %lu  [PT]
                    This is the "channel" in which the process is
                    waiting.  It is the address of a location in the
                    kernel where the process is sleeping.  The corre-
                    sponding symbolic name can be found in
                    /proc/[pid]/wchan.

               (36) nswap  %lu
                    Number of pages swapped (not maintained).

               (37) cnswap  %lu
                    Cumulative nswap for child processes (not main-
                    tained).

               (38) exit_signal  %d  (since Linux 2.1.22)
                    Signal to be sent to parent when we die.

               (39) processor  %d  (since Linux 2.2.8)
                    CPU number last executed on.

               (40) rt_priority  %u  (since Linux 2.5.19)

     Page 32                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    Real-time scheduling priority, a number in the
                    range 1 to 99 for processes scheduled under a
                    real-time policy, or 0, for non-real-time pro-
                    cesses (see sched_setscheduler(2)).

               (41) policy  %u  (since Linux 2.5.19)
                    Scheduling policy (see sched_setscheduler(2)).
                    Decode using the SCHED_* constants in
                    linux/sched.h.

                    The format for this field was %lu before Linux
                    2.6.22.

               (42) delayacct_blkio_ticks  %llu  (since Linux 2.6.18)
                    Aggregated block I/O delays, measured in clock
                    ticks (centiseconds).

               (43) guest_time  %lu  (since Linux 2.6.24)
                    Guest time of the process (time spent running a
                    virtual CPU for a guest operating system), mea-
                    sured in clock ticks (divide by
                    sysconf(_SC_CLK_TCK)).

               (44) cguest_time  %ld  (since Linux 2.6.24)
                    Guest time of the process's children, measured in
                    clock ticks (divide by sysconf(_SC_CLK_TCK)).

               (45) start_data  %lu  (since Linux 3.3)  [PT]
                    Address above which program initialized and unini-
                    tialized (BSS) data are placed.

               (46) end_data  %lu  (since Linux 3.3)  [PT]
                    Address below which program initialized and unini-
                    tialized (BSS) data are placed.

               (47) start_brk  %lu  (since Linux 3.3)  [PT]
                    Address above which program heap can be expanded
                    with brk(2).

               (48) arg_start  %lu  (since Linux 3.5)  [PT]
                    Address above which program command-line arguments
                    (argv) are placed.

               (49) arg_end  %lu  (since Linux 3.5)  [PT]
                    Address below program command-line arguments
                    (argv) are placed.

               (50) env_start  %lu  (since Linux 3.5)  [PT]
                    Address above which program environment is placed.

               (51) env_end  %lu  (since Linux 3.5)  [PT]
                    Address below which program environment is placed.

     Page 33                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               (52) exit_code  %d  (since Linux 3.5)  [PT]
                    The thread's exit status in the form reported by
                    waitpid(2).

          /proc/[pid]/statm
               Provides information about memory usage, measured in
               pages.  The columns are:

                   size       (1) total program size
                              (same as VmSize in /proc/[pid]/status)
                   resident   (2) resident set size
                              (inaccurate; same as VmRSS in /proc/[pid]/status)
                   shared     (3) number of resident shared pages
                              (i.e., backed by a file)
                              (inaccurate; same as RssFile+RssShmem in
                              /proc/[pid]/status)
                   text       (4) text (code)
                   lib        (5) library (unused since Linux 2.6; always 0)
                   data       (6) data + stack
                   dt         (7) dirty pages (unused since Linux 2.6; always 0)

               Some of these values are inaccurate because of a
               kernel-internal scalability optimization.  If accurate
               values are required, use /proc/[pid]/smaps or
               /proc/[pid]/smaps_rollup instead, which are much slower
               but provide accurate, detailed information.

          /proc/[pid]/status
               Provides much of the information in /proc/[pid]/stat
               and /proc/[pid]/statm in a format that's easier for
               humans to parse.  Here's an example:

                   $ cat /proc/$$/status
                   Name:   bash
                   Umask:  0022
                   State:  S (sleeping)
                   Tgid:   17248
                   Ngid:   0
                   Pid:    17248
                   PPid:   17200
                   TracerPid:      0
                   Uid:    1000    1000    1000    1000
                   Gid:    100     100     100     100
                   FDSize: 256
                   Groups: 16 33 100
                   NStgid: 17248
                   NSpid:  17248
                   NSpgid: 17248
                   NSsid:  17200
                   VmPeak:     131168 kB
                   VmSize:     131168 kB
                   VmLck:           0 kB

     Page 34                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                   VmPin:           0 kB
                   VmHWM:       13484 kB
                   VmRSS:       13484 kB
                   RssAnon:     10264 kB
                   RssFile:      3220 kB
                   RssShmem:        0 kB
                   VmData:      10332 kB
                   VmStk:         136 kB
                   VmExe:         992 kB
                   VmLib:        2104 kB
                   VmPTE:          76 kB
                   VmPMD:          12 kB
                   VmSwap:          0 kB
                   HugetlbPages:          0 kB        # 4.4
                   CoreDumping:   0                       # 4.15
                   Threads:        1
                   SigQ:   0/3067
                   SigPnd: 0000000000000000
                   ShdPnd: 0000000000000000
                   SigBlk: 0000000000010000
                   SigIgn: 0000000000384004
                   SigCgt: 000000004b813efb
                   CapInh: 0000000000000000
                   CapPrm: 0000000000000000
                   CapEff: 0000000000000000
                   CapBnd: ffffffffffffffff
                   CapAmb:   0000000000000000
                   NoNewPrivs:     0
                   Seccomp:        0
                   Speculation_Store_Bypass:       vulnerable
                   Cpus_allowed:   00000001
                   Cpus_allowed_list:      0
                   Mems_allowed:   1
                   Mems_allowed_list:      0
                   voluntary_ctxt_switches:        150
                   nonvoluntary_ctxt_switches:     545

               The fields are as follows:

                Command run by this process.  Strings longer than
                    TASK_COMM_LEN (16) characters (including the ter-
                    minating null byte) are silently truncated.

                    Process umask, expressed in octal with a leading
                    zero; see umask(2).  (Since Linux 4.7.)

                    Current state of the process.  One of "R (run-
                    ning)", "S (sleeping)", "D (disk sleep)", "T
                    (stopped)", "t (tracing stop)", "Z (zombie)", or
                    "X (dead)".

     Page 35                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                Thread group ID (i.e., Process ID).

                NUMA group ID (0 if none; since Linux 3.13).

                 Thread ID (see gettid(2)).

                PID of parent process.

                    PID of process tracing this process (0 if not
                    being traced).

                Gid
                    Real, effective, saved set, and filesystem UIDs
                    (GIDs).

                    Number of file descriptor slots currently allo-
                    cated.

                    Supplementary group list.

                    Thread group ID (i.e., PID) in each of the PID
                    namespaces of which [pid] is a member.  The left-
                    most entry shows the value with respect to the PID
                    namespace of the process that mounted this procfs
                    (or the root namespace if mounted by the kernel),
                    followed by the value in successively nested inner
                    namespaces.  (Since Linux 4.1.)

                    Thread ID in each of the PID namespaces of which
                    [pid] is a member.  The fields are ordered as for
                    NStgid. (Since Linux 4.1.)

                    Process group ID in each of the PID namespaces of
                    which [pid] is a member.  The fields are ordered
                    as for NStgid. (Since Linux 4.1.)

                    descendant namespace session ID hierarchy Session
                    ID in each of the PID namespaces of which [pid] is
                    a member.  The fields are ordered as for NStgid.
                    (Since Linux 4.1.)

                    Peak virtual memory size.

     Page 36                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    Virtual memory size.

                    Locked memory size (see mlock(2)).

                    Pinned memory size (since Linux 3.2).  These are
                    pages that can't be moved because something needs
                    to directly access physical memory.

                    Peak resident set size ("high water mark").  This
                    value is inaccurate; see /proc/[pid]/statm above.

                    Resident set size.  Note that the value here is
                    the sum of RssAnon, RssFile, and RssShmem. This
                    value is inaccurate; see /proc/[pid]/statm above.

                    Size of resident anonymous memory.  (since Linux
                    4.5).  This value is inaccurate; see
                    /proc/[pid]/statm above.

                    Size of resident file mappings.  (since Linux
                    4.5).  This value is inaccurate; see
                    /proc/[pid]/statm above.

                    Size of resident shared memory (includes System V
                    shared memory, mappings from tmpfs(5), and shared
                    anonymous mappings).  (since Linux 4.5).

                VmStk, VmExe
                    Size of data, stack, and text segments.  This
                    value is inaccurate; see /proc/[pid]/statm above.

                    Shared library code size.

                    Page table entries size (since Linux 2.6.10).

                    Size of second-level page tables (added in Linux
                    4.0; removed in Linux 4.15).

                    Swapped-out virtual memory size by anonymous pri-
                    vate pages; shmem swap usage is not included
                    (since Linux 2.6.34).  This value is inaccurate;

     Page 37                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    see /proc/[pid]/statm above.

                    Size of hugetlb memory portions (since Linux 4.4).

                    Contains the value 1 if the process is currently
                    dumping core, and 0 if it is not (since Linux
                    4.15).  This information can be used by a monitor-
                    ing process to avoid killing a process that is
                    currently dumping core, which could result in a
                    corrupted core dump file.

                    Number of threads in process containing this
                    thread.

                This field contains two slash-separated numbers
                    that relate to queued signals for the real user ID
                    of this process.  The first of these is the number
                    of currently queued signals for this real user ID,
                    and the second is the resource limit on the number
                    of queued signals for this process (see the
                    description of RLIMIT_SIGPENDING in getrlimit(2)).

                ShdPnd
                    Mask (expressed in hexadecimal) of signals pending
                    for thread and for process as a whole (see
                    pthreads(7) and signal(7)).

                SigIgn, SigCgt
                    Masks (expressed in hexadecimal) indicating sig-
                    nals being blocked, ignored, and caught (see
                    signal(7)).

                CapPrm, CapEff
                    Masks (expressed in hexadecimal) of capabilities
                    enabled in inheritable, permitted, and effective
                    sets (see capabilities(7)).

                    Capability bounding set, expressed in hexadecimal
                    (since Linux 2.6.26, see capabilities(7)).

                    Ambient capability set, expressed in hexadecimal
                    (since Linux 4.3, see capabilities(7)).

                    Value of the no_new_privs bit (since Linux 4.10,
                    see prctl(2)).

     Page 38                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    Seccomp mode of the process (since Linux 3.8, see
                    seccomp(2)).  0 means SECCOMP_MODE_DISABLED; 1
                    means SECCOMP_MODE_STRICT; 2 means
                    SECCOMP_MODE_FILTER.  This field is provided only
                    if the kernel was built with the CONFIG_SECCOMP
                    kernel configuration option enabled.

                    Speculation flaw mitigation state (since Linux
                    4.17, see prctl(2)).

                    Hexadecimal mask of CPUs on which this process may
                    run (since Linux 2.6.24, see cpuset(7)).

                    Same as previous, but in "list format" (since
                    Linux 2.6.26, see cpuset(7)).

                    Mask of memory nodes allowed to this process
                    (since Linux 2.6.24, see cpuset(7)).

                    Same as previous, but in "list format" (since
                    Linux 2.6.26, see cpuset(7)).

                nonvoluntary_ctxt_switches
                    Number of voluntary and involuntary context
                    switches (since Linux 2.6.23).

               This file exposes the system call number and argument
               registers for the system call currently being executed
               by the process, followed by the values of the stack
               pointer and program counter registers.  The values of
               all six argument registers are exposed, although most
               system calls use fewer registers.

               If the process is blocked, but not in a system call,
               then the file displays -1 in place of the system call
               number, followed by just the values of the stack
               pointer and program counter.  If process is not
               blocked, then the file contains just the string "run-
               ning".

               This file is present only if the kernel was configured
               with CONFIG_HAVE_ARCH_TRACEHOOK.

               Permission to access this file is governed by a ptrace
               access mode PTRACE_MODE_ATTACH_FSCREDS check; see

     Page 39                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               ptrace(2).

               This is a directory that contains one subdirectory for
               each thread in the process.  The name of each subdirec-
               tory is the numerical thread ID ([tid]) of the thread
               (see gettid(2)).

               Within each of these subdirectories, there is a set of
               files with the same names and contents as under the
               /proc/[pid] directories.  For attributes that are
               shared by all threads, the contents for each of the
               files under the task/[tid] subdirectories will be the
               same as in the corresponding file in the parent
               /proc/[pid] directory (e.g., in a multithreaded pro-
               cess, all of the task/[tid]/cwd files will have the
               same value as the /proc/[pid]/cwd file in the parent
               directory, since all of the threads in a process share
               a working directory).  For attributes that are distinct
               for each thread, the corresponding files under
               task/[tid] may have different values (e.g., various
               fields in each of the task/[tid]/status files may be
               different for each thread), or they might not exist in
               /proc/[pid] at all.

               In a multithreaded process, the contents of the
               /proc/[pid]/task directory are not available if the
               main thread has already terminated (typically by call-
               ing pthread_exit(3)).

               htmlmanrefend/proc/[pid]/task/[tid]/children(sinceLinux3

          htmlmanrefstart/proc/[pid]/timers(sinceLinux3.10)

                           htmlmanrefstartsiginfo_thtmlmanrefendsiginfo_t

                        htmlmanrefstart<time.h>.htmlmanrefend<time.h>.

          htmlmanrefstart/proc/[pid]/timerslack_ns(sinceLinux4.6)

          htmlmanrefstart/proc/[pid]/uid_map,

          htmlmanrefstart/proc/[pid]/wchan(sinceLinux2.6.0)

          htmlmanrefstart/proc/[tid]

                  htmlmanrefstarttid.htmlmanrefendtid.

               htmlmanrefstart/proc/[pid]/task/[tid]htmlmanrefend/proc/[pid]/task/[tid]

               htmlmanrefstart/proc).htmlmanrefend/proc).

               htmlmanrefstart/proc/zoneinfo.htmlmanrefend/proc/zoneinfo.

          htmlmanrefstart/proc/cgroups(sinceLinux2.6.24)

          htmlmanrefstart/proc/config.gz(sinceLinux2.6)

                     htmlmanrefstartmakexconfig,
               htmlmanrefendmakexconfig,htmlmanrefstartmakeconfig,htmlmanrefendmakeconfig,

                       htmlmanrefstartmakehtmldocshtmlmanrefendmakehtmldocs

          htmlmanrefstart/proc/diskstats(sinceLinux2.5.69)

          htmlmanrefstart/proc/kallsyms(sinceLinux2.5.71)

               htmlmanrefstartksyms.htmlmanrefendksyms.

          htmlmanrefstart/proc/keys(sinceLinux2.6.10)

          htmlmanrefstart/proc/key-users(sinceLinux2.6.10)

          htmlmanrefstart/proc/kpagecgroup(sinceLinux4.3)

                    htmlmanrefstart/proc/[pid]/pagemap).htmlmanrefend/proc/[pid]/pagemap).

                htmlmanrefstart/proc/kpagecgrouphtmlmanrefend/proc/kpagecgroup

          htmlmanrefstart/proc/kpagecount(sinceLinux2.6.25)

               htmlmanrefstart/proc/[pid]/pagemap).htmlmanrefend/proc/[pid]/pagemap).

                htmlmanrefstart/proc/kpagecounthtmlmanrefend/proc/kpagecount

          htmlmanrefstart/proc/kpageflags(sinceLinux2.6.25)

                   htmlmanrefstart/proc/[pid]/pagemap).htmlmanrefend/proc/[pid]/pagemap).

               htmlmanrefstartDocumentation/admin-guide/mm/pagemap.rst.htmlmanrefendDocumentation/admin-guide/mm/pagemap.rst.

                htmlmanrefstart/proc/kpageflagshtmlmanrefend/proc/kpageflags

          htmlmanrefstart/proc/ksyms(Linux1.1.23en2.5.47)     htmlmanrefstart/proc/kallsyms.htmlmanrefend/proc/kallsyms.

                    htmlmanrefstartEOF.htmlmanrefendEOF.

          htmlmanrefstart/proc/malloc(onlyuptoandincludingLinux2.2)
               .}f This file is present only if CONFIG_DEBUG_MALLOC
               was defined during compilation.

          /proc/meminfo
               This file reports statistics about memory usage on the
               system.  It is used by free(1) to report the amount of
               free and used memory (both physical and swap) on the
               system as well as the shared memory and buffers used by
               the kernel.  Each line of the file consists of a param-
               eter name, followed by a colon, the value of the param-
               eter, and an option unit of measurement (e.g., "kB").
               The list below describes the parameter names and the
               format specifier required to read the field value.
               Except as noted below, all of the fields have been pre-
               sent since at least Linux 2.6.0.  Some fields are dis-
               played only if the kernel was configured with various
               options; those dependencies are noted in the list.

                    Total usable RAM (i.e., physical RAM minus a few
                    reserved bits and the kernel binary code).

                    The sum of LowFree+HighFree.

                    An estimate of how much memory is available for
                    starting new applications, without swapping.

                    Relatively temporary storage for raw disk blocks

     Page 49                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    that shouldn't get tremendously large (20 MB or
                    so).

                    In-memory cache for files read from the disk (the
                    page cache).  Doesn't include SwapCached.

                    Memory that once was swapped out, is swapped back
                    in but still also is in the swap file.  (If memory
                    pressure is high, these pages don't need to be
                    swapped out again because they are already in the
                    swap file.  This saves I/O.)

                    Memory that has been used more recently and usu-
                    ally not reclaimed unless absolutely necessary.

                    Memory which has been less recently used.  It is
                    more eligible to be reclaimed for other purposes.

                    [To be documented.]

                    [To be documented.]

                    [To be documented.]

                    [To be documented.]

                    (From Linux 2.6.28 to 2.6.30,
                    CONFIG_UNEVICTABLE_LRU was required.)  [To be doc-
                    umented.]

                    (From Linux 2.6.28 to 2.6.30,
                    CONFIG_UNEVICTABLE_LRU was required.)  [To be doc-
                    umented.]

                    (Starting with Linux 2.6.19, CONFIG_HIGHMEM is
                    required.)  Total amount of highmem.  Highmem is
                    all memory above ti860 MB of physical memory.
                    Highmem areas are for use by user-space programs,
                    or for the page cache.  The kernel must use tricks
                    to access this memory, making it slower to access
                    than lowmem.

     Page 50                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    (Starting with Linux 2.6.19, CONFIG_HIGHMEM is
                    required.)  Amount of free highmem.

                    (Starting with Linux 2.6.19, CONFIG_HIGHMEM is
                    required.)  Total amount of lowmem.  Lowmem is
                    memory which can be used for everything that high-
                    mem can be used for, but it is also available for
                    the kernel's use for its own data structures.
                    Among many other things, it is where everything
                    from Slab is allocated.  Bad things happen when
                    you're out of lowmem.

                    (Starting with Linux 2.6.19, CONFIG_HIGHMEM is
                    required.)  Amount of free lowmem.

                    (CONFIG_MMU is required.)  [To be documented.]

                    Total amount of swap space available.

                    Amount of swap space that is currently unused.

                    Memory which is waiting to get written back to the
                    disk.

                    Memory which is actively being written back to the
                    disk.

                    Non-file backed pages mapped into user-space page
                    tables.

                    Files which have been mapped into memory (with
                    mmap(2)), such as libraries.

                    Amount of memory consumed in tmpfs(5) filesystems.

                    Kernel allocations that the kernel will attempt to
                    reclaim under memory pressure.  Includes
                    SReclaimable (below), and other direct allocations
                    with a shrinker.

     Page 51                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    In-kernel data structures cache.  (See
                    slabinfo(5).)

                    Part of Slab, that might be reclaimed, such as
                    caches.

                    Part of Slab, that cannot be reclaimed on memory
                    pressure.

                    Amount of memory allocated to kernel stacks.

                    Amount of memory dedicated to the lowest level of
                    page tables.

                    (CONFIG_QUICKLIST is required.)  [To be docu-
                    mented.]

                    NFS pages sent to the server, but not yet commit-
                    ted to stable storage.

                    Memory used for block device "bounce buffers".

                    Memory used by FUSE for temporary writeback
                    buffers.

                    This is the total amount of memory currently
                    available to be allocated on the system, expressed
                    in kilobytes.  This limit is adhered to only if
                    strict overcommit accounting is enabled (mode 2 in
                    /proc/sys/vm/overcommit_memory). The limit is cal-
                    culated according to the formula described under
                    /proc/sys/vm/overcommit_memory. For further
                    details, see the kernel source file
                    Documentation/vm/overcommit-accounting.rst.

                    The amount of memory presently allocated on the
                    system.  The committed memory is a sum of all of
                    the memory which has been allocated by processes,
                    even if it has not been "used" by them as of yet.
                    A process which allocates 1 GB of memory (using
                    malloc(3) or similar), but touches only 300 MB of

     Page 52                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    that memory will show up as using only 300 MB of
                    memory even if it has the address space allocated
                    for the entire 1 GB.

                    This 1 GB is memory which has been "committed" to
                    by the VM and can be used at any time by the allo-
                    cating application.  With strict overcommit
                    enabled on the system (mode 2 in
                    /proc/sys/vm/overcommit_memory), allocations which
                    would exceed the CommitLimit will not be permit-
                    ted.  This is useful if one needs to guarantee
                    that processes will not fail due to lack of memory
                    once that memory has been successfully allocated.

                    Total size of vmalloc memory area.

                    Amount of vmalloc area which is used.  Since Linux
                    4.4, this field is no longer calculated, and is
                    hard coded as 0.  See /proc/vmallocinfo.

                    Largest contiguous block of vmalloc area which is
                    free.  Since Linux 4.4, this field is no longer
                    calculated and is hard coded as 0.  See
                    /proc/vmallocinfo.

                    (CONFIG_MEMORY_FAILURE is required.)  [To be docu-
                    mented.]

                    Shows the amount of memory marked by madvise(2)
                    MADV_FREE.

                    (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Non-
                    file backed huge pages mapped into user-space page
                    tables.

                    (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Memory
                    used by shared memory (shmem) and tmpfs(5) allo-
                    cated with huge pages.

                    (CONFIG_TRANSPARENT_HUGEPAGE is required.)  Shared
                    memory mapped into user space with huge pages.

                    Total CMA (Contiguous Memory Allocator) pages.

     Page 53                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    (CONFIG_CMA is required.)

                    Free CMA (Contiguous Memory Allocator) pages.
                    (CONFIG_CMA is required.)

                    (CONFIG_HUGETLB_PAGE is required.)  The size of
                    the pool of huge pages.

                    (CONFIG_HUGETLB_PAGE is required.)  The number of
                    huge pages in the pool that are not yet allocated.

                    (CONFIG_HUGETLB_PAGE is required.)  This is the
                    number of huge pages for which a commitment to
                    allocate from the pool has been made, but no allo-
                    cation has yet been made.  These reserved huge
                    pages guarantee that an application will be able
                    to allocate a huge page from the pool of huge
                    pages at fault time.

                    (CONFIG_HUGETLB_PAGE is required.)  This is the
                    number of huge pages in the pool above the value
                    in /proc/sys/vm/nr_hugepages. The maximum number
                    of surplus huge pages is controlled by
                    /proc/sys/vm/nr_overcommit_hugepages.

                    (CONFIG_HUGETLB_PAGE is required.)  The size of
                    huge pages.

                    Number of bytes of RAM linearly mapped by kernel
                    in 4 kB pages.  (x86.)

                    Number of bytes of RAM linearly mapped by kernel
                    in 4 MB pages.  (x86 with CONFIG_X86_64 or
                    CONFIG_X86_PAE enabled.)

                    Number of bytes of RAM linearly mapped by kernel
                    in 2 MB pages.  (x86 with neither CONFIG_X86_64
                    nor CONFIG_X86_PAE enabled.)

                    (x86 with CONFIG_X86_64 and
                    CONFIG_X86_DIRECT_GBPAGES enabled.)

     Page 54                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/modules
               A text list of the modules that have been loaded by the
               system.  See also lsmod(8).

          /proc/mounts
               Before kernel 2.4.19, this file was a list of all the
               filesystems currently mounted on the system.  With the
               introduction of per-process mount namespaces in Linux
               2.4.19 (see mount_namespaces(7)), this file became a
               link to /proc/self/mounts, which lists the mount points
               of the process's own mount namespace.  The format of
               this file is documented in fstab(5).

          /proc/mtrr
               Memory Type Range Registers.  See the Linux kernel
               source file Documentation/x86/mtrr.txt (or
               Documentation/mtrr.txt before Linux 2.6.28) for
               details.

          /proc/net
               This directory contains various files and subdirecto-
               ries containing information about the networking layer.
               The files contain ASCII structures and are, therefore,
               readable with cat(1).  However, the standard netstat(8)
               suite provides much cleaner access to these files.

               With the advent of network namespaces, various informa-
               tion relating to the network stack is virtualized (see
               network_namespaces(7)).  Thus, since Linux 2.6.25,
               /proc/net is a symbolic link to the directory
               /proc/self/net, which contains the same files and
               directories as listed below.  However, these files and
               directories now expose information for the network
               namespace of which the process is a member.

          /proc/net/arp
               This holds an ASCII readable dump of the kernel ARP
               table used for address resolutions.  It will show both
               dynamically learned and preprogrammed ARP entries.  The
               format is:

                   IP address     HW type   Flags     HW address          Mask   Device
                   192.168.0.50   0x1       0x2       00:50:BF:25:68:F3   *      eth0
                   192.168.0.250  0x1       0xc       00:00:00:00:00:00   *      eth0

               Here "IP address" is the IPv4 address of the machine
               and the "HW type" is the hardware type of the address
               from RFC 826.  The flags are the internal flags of the
               ARP structure (as defined in
               /usr/include/linux/if_arp.h) and the "HW address" is
               the data link layer mapping for that IP address if it
               is known.

     Page 55                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/net/dev
               The dev pseudo-file contains network device status
               information.  This gives the number of received and
               sent packets, the number of errors and collisions and
               other basic statistics.  These are used by the
               ifconfig(8) program to report device status.  The for-
               mat is:

               Inter-|   Receive                                                |  Transmit
                face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
                   lo: 2776770   11307    0    0    0     0          0         0  2776770   11307    0    0    0     0       0          0
                 eth0: 1215645    2751    0    0    0     0          0         0  1782404    4324    0    0    0   427       0          0
                 ppp0: 1622270    5552    1    0    0     0          0         0   354130    5669    0    0    0     0       0          0
                 tap0:    7714      81    0    0    0     0          0         0     7714      81    0    0    0     0       0          0

          /proc/net/dev_mcast
               Defined in /usr/src/linux/net/core/dev_mcast.c:

                   indx interface_name  dmi_u dmi_g dmi_address
                   2    eth0            1     0     01005e000001
                   3    eth1            1     0     01005e000001
                   4    eth2            1     0     01005e000001

          /proc/net/igmp
               Internet Group Management Protocol.  Defined in
               /usr/src/linux/net/core/igmp.c.

          /proc/net/rarp
               This file uses the same format as the arp file and con-
               tains the current reverse mapping database used to pro-
               vide rarp(8) reverse address lookup services.  If RARP
               is not configured into the kernel, this file will not
               be present.

          /proc/net/raw
               Holds a dump of the RAW socket table.  Much of the
               information is not of use apart from debugging.  The
               "sl" value is the kernel hash slot for the socket, the
               "local_address" is the local address and protocol num-
               ber pair.  "St" is the internal status of the socket.
               The "tx_queue" and "rx_queue" are the outgoing and
               incoming data queue in terms of kernel memory usage.
               The "tr", "tm->when", and "rexmits" fields are not used
               by RAW.  The "uid" field holds the effective UID of the
               creator of the socket.

          /proc/net/snmp
               This file holds the ASCII data needed for the IP, ICMP,
               TCP, and UDP management information bases for an SNMP
               agent.

          /proc/net/tcp

     Page 56                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               Holds a dump of the TCP socket table.  Much of the
               information is not of use apart from debugging.  The
               "sl" value is the kernel hash slot for the socket, the
               "local_address" is the local address and port number
               pair.  The "rem_address" is the remote address and port
               number pair (if connected).  "St" is the internal sta-
               tus of the socket.  The "tx_queue" and "rx_queue" are
               the outgoing and incoming data queue in terms of kernel
               memory usage.  The "tr", "tm->when", and "rexmits"
               fields hold internal information of the kernel socket
               state and are useful only for debugging.  The "uid"
               field holds the effective UID of the creator of the
               socket.

          /proc/net/udp
               Holds a dump of the UDP socket table.  Much of the
               information is not of use apart from debugging.  The
               "sl" value is the kernel hash slot for the socket, the
               "local_address" is the local address and port number
               pair.  The "rem_address" is the remote address and port
               number pair (if connected).  "St" is the internal sta-
               tus of the socket.  The "tx_queue" and "rx_queue" are
               the outgoing and incoming data queue in terms of kernel
               memory usage.  The "tr", "tm->when", and "rexmits"
               fields are not used by UDP.  The "uid" field holds the
               effective UID of the creator of the socket.  The format
               is:

               sl  local_address rem_address   st tx_queue rx_queue tr rexmits  tm->when uid
                1: 01642C89:0201 0C642C89:03FF 01 00000000:00000001 01:000071BA 00000000 0
                1: 00000000:0801 00000000:0000 0A 00000000:00000000 00:00000000 6F000100 0
                1: 00000000:0201 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0

          /proc/net/unix
               Lists the UNIX domain sockets present within the system
               and their status.  The format is:

               Num RefCount Protocol Flags    Type St Inode Path
                0: 00000002 00000000 00000000 0001 03    42
                1: 00000001 00000000 00010000 0001 01  1948 /dev/printer

               The fields are as follows:

                     the kernel table slot number.

                the number of users of the socket.

                currently always 0.

                   the internal kernel flags holding the status
                         of the socket.

     Page 57                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    the socket type.  For SOCK_STREAM sockets,
                         this is 0001; for SOCK_DGRAM sockets, it is
                         0002; and for SOCK_SEQPACKET sockets, it is
                         0005.

                      the internal state of the socket.

                   the inode number of the socket.

                    the bound pathname (if any) of the socket.
                         Sockets in the abstract namespace are
                         included in the list, and are shown with a
                         Path that commences with the character '@'.

          /proc/net/netfilter/nfnetlink_queue
               This file contains information about netfilter user-
               space queueing, if used.  Each line represents a queue.
               Queues that have not been subscribed to by user space
               are not shown.

                      1   4207     0  2 65535     0     0        0  1
                     (1)   (2)    (3)(4)  (5)    (6)   (7)      (8)

               The fields in each line are:

                 (1)  The ID of the queue.  This matches what is spec-
                      ified in the --queue-num or --queue-balance
                      options to the iptables(8) NFQUEUE target.  See
                      iptables-extensions(8) for more information.

                 (2)  The netlink port ID subscribed to the queue.

                 (3)  The number of packets currently queued and wait-
                      ing to be processed by the application.

                 (4)  The copy mode of the queue.  It is either 1
                      (metadata only) or 2 (also copy payload data to
                      user space).

                 (5)  Copy range; that is, how many bytes of packet
                      payload should be copied to user space at most.

                 (6)  queue dropped.  Number of packets that had to be
                      dropped by the kernel because too many packets
                      are already waiting for user space to send back
                      the mandatory accept/drop verdicts.

                 (7)  queue user dropped.  Number of packets that were
                      dropped within the netlink subsystem.  Such
                      drops usually happen when the corresponding
                      socket buffer is full; that is, user space is
                      not able to read messages fast enough.

     Page 58                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                 (8)  sequence number.  Every queued packet is associ-
                      ated with a (32-bit) monotonically increasing
                      sequence number.  This shows the ID of the most
                      recent packet queued.

               The last number exists only for compatibility reasons
               and is always 1.

          /proc/partitions
               Contains the major and minor numbers of each partition
               as well as the number of 1024-byte blocks and the par-
               tition name.

          /proc/pci
               This is a listing of all PCI devices found during ker-
               nel initialization and their configuration.

               This file has been deprecated in favor of a new /proc
               interface for PCI (/proc/bus/pci).  It became optional
               in Linux 2.2 (available with CONFIG_PCI_OLD_PROC set at
               kernel compilation).  It became once more nonoptionally
               enabled in Linux 2.4.  Next, it was deprecated in Linux
               2.6 (still available with CONFIG_PCI_LEGACY_PROC set),
               and finally removed altogether since Linux 2.6.17.

               This file is present only if the kernel was booted with
               the profile=1 command-line option.  It exposes kernel
               profiling information in a binary format for use by
               readprofile(1).  Writing (e.g., an empty string) to
               this file resets the profiling counters; on some archi-
               tectures, writing a binary integer "profiling multi-
               plier" of size sizeof(int) sets the profiling interrupt
               frequency.

          /proc/scsi
               A directory with the scsi mid-level pseudo-file and
               various SCSI low-level driver directories, which con-
               tain a file for each SCSI host in this system, all of
               which give the status of some part of the SCSI IO sub-
               system.  These files contain ASCII structures and are,
               therefore, readable with cat(1).

               You can also write to some of the files to reconfigure
               the subsystem or switch certain features on or off.

          /proc/scsi/scsi
               This is a listing of all SCSI devices known to the ker-
               nel.  The listing is similar to the one seen during
               bootup.  scsi currently supports only the
               add-single-device command which allows root to add a
               hotplugged device to the list of known devices.

     Page 59                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               The command

                   echo aqscsi add-single-device 1 0 5 0aq > /proc/scsi/scsi

               will cause host scsi1 to scan on SCSI channel 0 for a
               device on ID 5 LUN 0.  If there is already a device
               known on this address or the address is invalid, an
               error will be returned.

          /proc/scsi/[drivername]
               [drivername] can currently be NCR53c7xx, aha152x,
               aha1542, aha1740, aic7xxx, buslogic, eata_dma,
               eata_pio, fdomain, in2000, pas16, qlogic, scsi_debug,
               seagate, t128, u15-24f, ultrastore, or wd7000.  These
               directories show up for all drivers that registered at
               least one SCSI HBA.  Every directory contains one file
               per registered host.  Every host-file is named after
               the number the host was assigned during initialization.

               Reading these files will usually show driver and host
               configuration, statistics, and so on.

               Writing to these files allows different things on dif-
               ferent hosts.  For example, with the latency and nola-
               tency commands, root can switch on and off command
               latency measurement code in the eata_dma driver.  With
               the lockup and unlock commands, root can control bus
               lockups simulated by the scsi_debug driver.

          /proc/self
               This directory refers to the process accessing the
               /proc filesystem, and is identical to the /proc direc-
               tory named by the process ID of the same process.

          /proc/slabinfo
               Information about kernel caches.  See slabinfo(5) for
               details.

          /proc/stat
               kernel/system statistics.  Varies with architecture.
               Common entries include:

               cpu 10132153 290696 3084719 46828483 16683
                    cpu0 1393280 32966 572056 13343292 6130 The amount
                    of time, measured in units of USER_HZ (1/100ths of
                    a second on most architectures, use
                    sysconf(_SC_CLK_TCK) to obtain the right value),
                    that the system ("cpu" line) or the specific CPU
                    ("cpuN" line) spent in various states:

                    user (1) Time spent in user mode.

     Page 60                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    nice (2) Time spent in user mode with low priority
                         (nice).

                    system
                         (3) Time spent in system mode.

                    idle (4) Time spent in the idle task.  This value
                         should be USER_HZ times the second entry in
                         the /proc/uptime pseudo-file.

                         (5) Time waiting for I/O to complete.  This
                         value is not reliable, for the following rea-
                         sons:

                         1. The CPU will not wait for I/O to complete;
                            iowait is the time that a task is waiting
                            for I/O to complete.  When a CPU goes into
                            idle state for outstanding task I/O,
                            another task will be scheduled on this
                            CPU.

                         2. On a multi-core CPU, the task waiting for
                            I/O to complete is not running on any CPU,
                            so the iowait of each CPU is difficult to
                            calculate.

                         3. The value in this field may decrease in
                            certain conditions.

                         (6) Time servicing interrupts.

                         (7) Time servicing softirqs.

                         (8) Stolen time, which is the time spent in
                         other operating systems when running in a
                         virtualized environment

                         (9) Time spent running a virtual CPU for
                         guest operating systems under the control of
                         the Linux kernel.

                         (10) Time spent running a niced guest (vir-
                         tual CPU for guest operating systems under
                         the control of the Linux kernel).

               page 5741 1808

     Page 61                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    The number of pages the system paged in and the
                    number that were paged out (from disk).

               swap 1 0
                    The number of swap pages that have been brought in
                    and out.

               intr 1462898
                    This line shows counts of interrupts serviced
                    since boot time, for each of the possible system
                    interrupts.  The first column is the total of all
                    interrupts serviced including unnumbered architec-
                    ture specific interrupts; each subsequent column
                    is the total for that particular numbered inter-
                    rupt.  Unnumbered interrupts are not shown, only
                    summed into the total.

               disk_io: (2,0):(31,30,5764,1,2) (3,0):...
                    (major,disk_idx):(noinfo, read_io_ops, blks_read,
                    write_io_ops, blks_written)
                    (Linux 2.4 only)

               ctxt 115315
                    The number of context switches that the system
                    underwent.

               btime 769041601
                    boot time, in seconds since the Epoch, 1970-01-01
                    00:00:00 +0000 (UTC).

               processes 86031
                    Number of forks since boot.

               procs_running 6
                    Number of processes in runnable state.  (Linux
                    2.5.45 onward.)

               procs_blocked 2
                    Number of processes blocked waiting for I/O to
                    complete.  (Linux 2.5.45 onward.)

               softirq 229245889 94 60001584 13619 5175704
                    This line shows the number of softirq for all
                    CPUs.  The first column is the total of all sof-
                    tirqs and each subsequent column is the total for
                    particular softirq.  (Linux 2.6.31 onward.)

          /proc/swaps
               Swap areas in use.  See also swapon(8).

          /proc/sys
               This directory (present since 1.3.57) contains a number

     Page 62                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               of files and subdirectories corresponding to kernel
               variables.  These variables can be read and in some
               cases modified using the /proc filesystem, and the
               (deprecated) sysctl(2) system call.

               String values may be terminated by either aq0aq or aqnaq.

               Integer and long values may be written either in deci-
               mal or in hexadecimal notation (e.g., 0x3FFF).  When
               writing multiple integer or long values, these may be
               separated by any of the following whitespace charac-
               ters: aq aq, aqtaq, or aqnaq.  Using other separators leads
               to the error EINVAL.

               This directory may contain files with application
               binary information.  See the Linux kernel source file
               Documentation/sysctl/abi.txt for more information.

          /proc/sys/debug
               This directory may be empty.

          /proc/sys/dev
               This directory contains device-specific information
               (e.g., dev/cdrom/info). On some systems, it may be
               empty.

          /proc/sys/fs
               This directory contains the files and subdirectories
               for kernel variables related to filesystems.

     2.6.4)
            /proc/sys/fs/aio-nr (since Linux
               aio-nr is the running total of the number of events
               specified by io_setup(2) calls for all currently active
               AIO contexts.  If aio-nr reaches aio-max-nr, then
               io_setup(2) will fail with the error EAGAIN.  Raising
               aio-max-nr does not result in the preallocation or
               resizing of any kernel data structures.

          /proc/sys/fs/binfmt_misc
               Documentation for files in this directory can be found
               in the Linux kernel source in the file
               Documentation/admin-guide/binfmt-misc.rst (or in
               Documentation/binfmt_misc.txt on older kernels).

               This file contains information about the status of the
               directory cache (dcache).  The file contains six num-
               bers, nr_dentry, nr_unused, age_limit (age in seconds),
               want_pages (pages requested by system) and two dummy
               values.

     Page 63                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               * nr_dentry is the number of allocated dentries (dcache
                 entries).  This field is unused in Linux 2.2.

               * nr_unused is the number of unused dentries.

               * age_limit is the age in seconds after which dcache
                 entries can be reclaimed when memory is short.

               * want_pages is nonzero when the kernel has called
                 shrink_dcache_pages() and the dcache isn't pruned
                 yet.

          /proc/sys/fs/dir-notify-enable
               This file can be used to disable or enable the dnotify
               interface described in fcntl(2) on a system-wide basis.
               A value of 0 in this file disables the interface, and a
               value of 1 enables it.

          /proc/sys/fs/dquot-max
               This file shows the maximum number of cached disk quota
               entries.  On some (2.4) systems, it is not present.  If
               the number of free cached disk quota entries is very
               low and you have some awesome number of simultaneous
               system users, you might want to raise the limit.

          /proc/sys/fs/dquot-nr
               This file shows the number of allocated disk quota
               entries and the number of free disk quota entries.

               This directory contains the file max_user_watches,
               which can be used to limit the amount of kernel memory
               consumed by the epoll interface.  For further details,
               see epoll(7).

          /proc/sys/fs/file-max
               This file defines a system-wide limit on the number of
               open files for all processes.  System calls that fail
               when encountering this limit fail with the error
               ENFILE.  (See also setrlimit(2), which can be used by a
               process to set the per-process limit, RLIMIT_NOFILE, on
               the number of files it may open.)  If you get lots of
               error messages in the kernel log about running out of
               file handles (open file descriptions) (look for "VFS:
               file-max limit <number> reached"), try increasing this
               value:

                   echo 100000 > /proc/sys/fs/file-max

               Privileged processes (CAP_SYS_ADMIN) can override the
               file-max limit.

     Page 64                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/sys/fs/file-nr
               This (read-only) file contains three numbers: the num-
               ber of allocated file handles (i.e., the number of open
               file descriptions; see open(2)); the number of free
               file handles; and the maximum number of file handles
               (i.e., the same value as /proc/sys/fs/file-max). If the
               number of allocated file handles is close to the maxi-
               mum, you should consider increasing the maximum.
               Before Linux 2.6, the kernel allocated file handles
               dynamically, but it didn't free them again.  Instead
               the free file handles were kept in a list for realloca-
               tion; the "free file handles" value indicates the size
               of that list.  A large number of free file handles
               indicates that there was a past peak in the usage of
               open file handles.  Since Linux 2.6, the kernel does
               deallocate freed file handles, and the "free file han-
               dles" value is always zero.

               htmlmanrefend/proc/sys/fs/inode-max(onlypresentu

                 htmlmanrefstartfile-max,htmlmanrefendfile-max,

               htmlmanrefstartinode-state.htmlmanrefendinode-state.

                    htmlmanrefstartnr_inodes,htmlmanrefendnr_inodes,
               htmlmanrefstartnr_free_inodes,htmlmanrefendnr_free_inodes,htmlmanrefstartpreshrink,htmlmanrefendpreshrink,

          htmlmanrefstart/proc/sys/fs/inotify(sinceLinux2.6.13)        htmlmanrefstartmax_queued_events,
               htmlmanrefendmax_queued_events,

          htmlmanrefstart/proc/sys/fs/mount-max(sinceLinux4.9)

          htmlmanrefstart/proc/sys/fs/mqueue(sinceLinux2.6.6)        htmlmanrefstartmsg_max,htmlmanrefendmsg_max,

          htmlmanrefstart/proc/sys/fs/nr_open(sinceLinux2.6.25)

          htmlmanrefstart/proc/sys/fs/overflowgidand

          htmlmanrefstart/proc/sys/fs/pipe-max-size(sinceLinux2.6.35)

          htmlmanrefstart/proc/sys/fs/pipe-user-pages-hard(sinceLinux4.5)    .}f See pipe(7).

               htmlmanrefend/proc/sys/fs/pipe-user-pages-soft(sinceL

          htmlmanrefstart/proc/sys/fs/protected_fifos(sinceLinux4.19)

          htmlmanrefstart/proc/sys/fs/protected_hardlinks(sinceLinux3.6)    .}f When the value in this file is 0, no restrictions
               are placed on the creation of hard links (i.e., this is
               the historical behavior before Linux 3.6).  When the
               value in this file is 1, a hard link can be created to
               a target file only if one of the following conditions
               is true:

               *  The calling process has the CAP_FOWNER capability in
                  its user namespace and the file UID has a mapping in
                  the namespace.

               *  The filesystem UID of the process creating the link
                  matches the owner (UID) of the target file (as
                  described in credentials(7), a process's filesystem
                  UID is normally the same as its effective UID).

               *  All of the following conditions are true:

                   +o  the target is a regular file;

                   +o  the target file does not have its set-user-ID
                      mode bit enabled;

                   +o  the target file does not have both its set-
                      group-ID and group-executable mode bits enabled;
                      and

                   +o  the caller has permission to read and write the
                      target file (either via the file's permissions
                      mask or because it has suitable capabilities).

               The default value in this file is 0.  Setting the value
               to 1 prevents a longstanding class of security issues
               caused by hard-link-based time-of-check, time-of-use
               races, most commonly seen in world-writable directories
               such as /tmp. The common method of exploiting this flaw
               is to cross privilege boundaries when following a given
               hard link (i.e., a root process follows a hard link
               created by another user).  Additionally, on systems
               without separated partitions, this stops unauthorized
               users from "pinning" vulnerable set-user-ID and set-
               group-ID files against being upgraded by the adminis-
               trator, or linking to special files.

     Page 67                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               htmlmanrefend/proc/sys/fs/protected_regular(sinceLinux4.

               htmlmanrefstartprotected_fifos,htmlmanrefendprotected_fifos,

          htmlmanrefstart/proc/sys/fs/protected_symlinks(sinceLinux3.6)    .}f When the value in this file is 0, no restrictions
               are placed on following symbolic links (i.e., this is
               the historical behavior before Linux 3.6).  When the
               value in this file is 1, symbolic links are followed
               only in the following circumstances:

               *  the filesystem UID of the process following the link
                  matches the owner (UID) of the symbolic link (as
                  described in credentials(7), a process's filesystem
                  UID is normally the same as its effective UID);

               *  the link is not in a sticky world-writable direc-
                  tory; or

               *  the symbolic link and its parent directory have the
                  same owner (UID)

               A system call that fails to follow a symbolic link
               because of the above restrictions returns the error
               EACCES in errno.

               The default value in this file is 0.  Setting the value
               to 1 avoids a longstanding class of security issues
               based on time-of-check, time-of-use races when access-
               ing symbolic links.

               The value in this file is assigned to a process's "dum-
               pable" flag in the circumstances described in prctl(2).
               In effect, the value in this file determines whether
               core dump files are produced for set-user-ID or other-
               wise protected/tainted binaries.  The "dumpable" set-
               ting also affects the ownership of files in a process's

     Page 68                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               /proc/[pid] directory, as described above.

               Three different integer values can be specified:

               0 (default)
                    This provides the traditional (pre-Linux 2.6.13)
                    behavior.  A core dump will not be produced for a
                    process which has changed credentials (by calling
                    seteuid(2), setgid(2), or similar, or by executing
                    a set-user-ID or set-group-ID program) or whose
                    binary does not have read permission enabled.

               1 ("debug")
                    All processes dump core when possible.  (Reasons
                    why a process might nevertheless not dump core are
                    described in core(5).)  The core dump is owned by
                    the filesystem user ID of the dumping process and
                    no security is applied.  This is intended for sys-
                    tem debugging situations only: this mode is inse-
                    cure because it allows unprivileged users to exam-
                    ine the memory contents of privileged processes.

               2 ("suidsafe")
                    Any binary which normally would not be dumped (see
                    "0" above) is dumped readable by root only.  This
                    allows the user to remove the core dump file but
                    not to read it.  For security reasons core dumps
                    in this mode will not overwrite one another or
                    other files.  This mode is appropriate when admin-
                    istrators are attempting to debug problems in a
                    normal environment.

                    Additionally, since Linux 3.6,
                    /proc/sys/kernel/core_pattern must either be an
                    absolute pathname or a pipe command, as detailed
                    in core(5).  Warnings will be written to the ker-
                    nel log if core_pattern does not follow these
                    rules, and no core dump will be produced.

               For details of the effect of a process's "dumpable"
               setting on ptrace access mode checking, see ptrace(2).

          /proc/sys/fs/super-max
               This file controls the maximum number of superblocks,
               and thus the maximum number of mounted filesystems the
               kernel can have.  You need increase only super-max if
               you need to mount more filesystems than the current
               value in super-max allows you to.

          /proc/sys/fs/super-nr
               This file contains the number of filesystems currently
               mounted.

     Page 69                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/sys/kernel
               This directory contains files controlling a range of
               kernel parameters, as described below.

          /proc/sys/kernel/acct
               This file contains three numbers: highwater, lowwater,
               and frequency. If BSD-style process accounting is
               enabled, these values control its behavior.  If free
               space on filesystem where the log lives goes below
               lowwater percent, accounting suspends.  If free space
               gets above highwater percent, accounting resumes.
               frequency determines how often the kernel checks the
               amount of free space (value is in seconds).  Default
               values are 4, 2 and 30.  That is, suspend accounting if
               2% or less space is free; resume it if 4% or more space
               is free; consider information about amount of free
               space valid for 30 seconds.

               htmlmanrefend/proc/sys/kernel/auto_msgmni(Linux2.6.27

               htmlmanrefstart/proc/sys/kernel/msgmnihtmlmanrefend/proc/sys/kernel/msgmni

               htmlmanrefstart/proc/sys/kernel/msgmni.)htmlmanrefend/proc/sys/kernel/msgmni.)

                 htmlmanrefstartmsgmnihtmlmanrefendmsgmni

          htmlmanrefstart/proc/sys/kernel/cap_last_cap(sinceLinux3.2)

          htmlmanrefstart/proc/sys/kernel/cap-bound(fromLinux2.2to2.6.24)
               .}f This file holds the value of the kernel capability
               bounding set (expressed as a signed decimal number).
               This set is ANDed against the capabilities permitted to
               a process during execve(2).  Starting with Linux
               2.6.25, the system-wide capability bounding set disap-
               peared, and was replaced by a per-thread bounding set;
               see capabilities(7).

          /proc/sys/kernel/core_pattern
               See core(5).

          /proc/sys/kernel/core_pipe_limit

     Page 70                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               See core(5).

          /proc/sys/kernel/core_uses_pid
               See core(5).

          /proc/sys/kernel/ctrl-alt-del
               This file controls the handling of Ctrl-Alt-Del from
               the keyboard.  When the value in this file is 0, Ctrl-
               Alt-Del is trapped and sent to the init(1) program to
               handle a graceful restart.  When the value is greater
               than zero, Linux's reaction to a Vulcan Nerve Pinch
               (tm) will be an immediate reboot, without even syncing
               its dirty buffers.  Note: when a program (like dosemu)
               has the keyboard in "raw" mode, the ctrl-alt-del is
               intercepted by the program before it ever reaches the
               kernel tty layer, and it's up to the program to decide
               what to do with it.

               htmlmanrefend/proc/sys/kernel/dmesg_restrict(sinceL

          htmlmanrefstart/proc/sys/kernel/domainnameand

               htmlmanrefstart/sbin/hotplug.htmlmanrefend/sbin/hotplug.

          htmlmanrefstart/proc/sys/kernel/htab-reclaim(beforeLinux2.4.9.2)    .}f (PowerPC only) If this file is set to a nonzero

     Page 71                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               value, the PowerPC htab (see kernel file
               Documentation/powerpc/ppc_htab.txt) is pruned each time
               the system hits the idle loop.

               This directory contains various files that define
               parameters and limits for the key-management facility.
               These files are described in keyrings(7).

               htmlmanrefend/proc/sys/kernel/kptr_restrict(sinceLinu

                     htmlmanrefstart/sbin/modprobe.htmlmanrefend/sbin/modprobe.

          htmlmanrefstart/proc/sys/kernel/modules_disabled(sinceLinux2.6.31)    .}f A toggle value indicating if modules are allowed to
               be loaded in an otherwise modular kernel.  This toggle
               defaults to off (0), but can be set true (1).  Once
               true, modules can be neither loaded nor unloaded, and
               the toggle cannot be set back to false.  The file is
               present only if the kernel is built with the
               CONFIG_MODULES option enabled.

               This file defines a system-wide limit specifying the
               maximum number of bytes in a single message written on
               a System V message queue.

               This file defines the system-wide limit on the number
               of message queue identifiers.  See also

     Page 72                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               /proc/sys/kernel/auto_msgmni.

               This file defines a system-wide parameter used to ini-
               tialize the msg_qbytes setting for subsequently created
               message queues.  The msg_qbytes setting specifies the
               maximum number of bytes that may be written to the mes-
               sage queue.

               htmlmanrefend/proc/sys/kernel/ngroups_max(sinceLinux2.6.4)

          htmlmanrefstart/proc/sys/kernel/ns_last_pid(sinceLinux3.3)

          htmlmanrefstart/proc/sys/kernel/ostypeand         htmlmanrefstart/proc/version.htmlmanrefend/proc/version.

          htmlmanrefstart/proc/sys/kernel/overflowgidand
                 htmlmanrefstart/proc/sys/fs/overflowuid.htmlmanrefend/proc/sys/fs/overflowuid.

                htmlmanrefstartpanic_timeout.htmlmanrefendpanic_timeout.

          htmlmanrefstart/proc/sys/kernel/panic_on_oops(sinceLinux2.5.68)    .}f This file controls the kernel's behavior when an
               oops or BUG is encountered.  If this file contains 0,
               then the system tries to continue operation.  If it
               contains 1, then the system delays a few seconds (to
               give klogd time to record the oops output) and then
               panics.  If the /proc/sys/kernel/panic file is also
               nonzero, then the machine will be rebooted.

               This file specifies the value at which PIDs wrap around
               (i.e., the value in this file is one greater than the
               maximum PID).  PIDs greater than this value are not
               allocated; thus, the value in this file also acts as a
               system-wide limit on the total number of processes and
               threads.  The default value for this file, 32768,
               results in the same range of PIDs as on earlier ker-
               nels.  On 32-bit platforms, 32768 is the maximum value
               for pid_max. On 64-bit systems, pid_max can be set to
               any value up to 2^22 (PID_MAX_LIMIT, approximately 4
               million).

               This file contains a flag.  If set, Linux-PPC will use
               the "nap" mode of powersaving, otherwise the "doze"
               mode will be used.

     Page 73                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/sys/kernel/printk
               See syslog(2).

               This directory contains two files relating to the num-
               ber of UNIX 98 pseudoterminals (see pts(4)) on the sys-
               tem.

          /proc/sys/kernel/pty/max
               This file defines the maximum number of pseudotermi-
               nals.

          /proc/sys/kernel/pty/nr
               This read-only file indicates how many pseudoterminals
               are currently in use.

          /proc/sys/kernel/random
               This directory contains various parameters controlling
               the operation of the file /dev/random. See random(4)
               for further information.

               Each read from this read-only file returns a randomly
               generated 128-bit UUID, as a string in the standard
               UUID format.

               htmlmanrefend/proc/sys/kernel/randomize_va_spa

          htmlmanrefstart/proc/sys/kernel/reboot-cmd(Sparconly)

          htmlmanrefstart/proc/[pid]/sched_autogroup_enabled(sinceLinux2.6.38)    .}f See sched(7).

               htmlmanrefend/proc/sys/kernel/sched_ch

          htmlmanrefstart/proc/sys/kernel/sched_rr_timeslice_ms(sinceLinux3.9)    .}f See sched_rr_get_interval(2).

               htmlmanrefend/proc/sys/kernel/sched_rt_period_

          htmlmanrefstart/proc/sys/kernel/sched_rt_runtime_us(sinceLinux2.6.25)    .}f See sched(7).

               This directory provides additional seccomp information
               and configuration.  See seccomp(2) for further details.

               This file contains 4 numbers defining limits for System
               V IPC semaphores.  These fields are, in order:

               SEMMSL  The maximum semaphores per semaphore set.

               SEMMNS  A system-wide limit on the number of semaphores
                       in all semaphore sets.

               SEMOPM  The maximum number of operations that may be
                       specified in a semop(2) call.

               SEMMNI  A system-wide limit on the maximum number of
                       semaphore identifiers.

          /proc/sys/kernel/sg-big-buff
               This file shows the size of the generic SCSI device
               (sg) buffer.  You can't tune it just yet, but you could

     Page 75                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               change it at compile time by editing include/scsi/sg.h
               and changing the value of SG_BIG_BUFF.  However, there
               shouldn't be any reason to change this value.

               htmlmanrefend/proc/sys/kernel/shm_rmid_forced(sinceLinu

          htmlmanrefstart/proc/sys/kernel/shmall(sinceLinux2.2)

          htmlmanrefstart/proc/sys/kernel/shmmax(sinceLinux2.2)

          htmlmanrefstart/proc/sys/kernel/shmmni(sinceLinux2.4)

          htmlmanrefstart/proc/sys/kernel/sysctl_writes_strict(sinceLinux3.16)    .}f The value in this file determines how the file off-
               set affects the behavior of updating entries in files
               under /proc/sys. The file has three possible values:

               -1  This provides legacy handling, with no printk

     Page 76                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                   warnings.  Each write(2) must fully contain the
                   value to be written, and multiple writes on the
                   same file descriptor will overwrite the entire
                   value, regardless of the file position.

               0   (default) This provides the same behavior as for
                   -1, but printk warnings are written for processes
                   that perform writes when the file offset is not 0.

               1   Respect the file offset when writing strings into
                   /proc/sys files.  Multiple writes will append to
                   the value buffer.  Anything written beyond the max-
                   imum length of the value buffer will be ignored.
                   Writes to numeric /proc/sys entries must always be
                   at file offset 0 and the value must be fully con-
                   tained in the buffer provided to write(2).

          /proc/sys/kernel/sysrq
               This file controls the functions allowed to be invoked
               by the SysRq key.  By default, the file contains 1
               meaning that every possible SysRq request is allowed
               (in older kernel versions, SysRq was disabled by
               default, and you were required to specifically enable
               it at run-time, but this is not the case any more).
               Possible values in this file are:

               0    Disable sysrq completely

               1    Enable all functions of sysrq

               > 1  Bit mask of allowed sysrq functions, as follows:
                      2  Enable control of console logging level
                      4  Enable control of keyboard (SAK, unraw)
                      8  Enable debugging dumps of processes etc.
                     16  Enable sync command
                     32  Enable remount read-only
                     64  Enable signaling of processes (term, kill,
                         oom-kill)
                    128  Allow reboot/poweroff
                    256  Allow nicing of all real-time tasks

               This file is present only if the CONFIG_MAGIC_SYSRQ
               kernel configuration option is enabled.  For further
               details see the Linux kernel source file
               Documentation/admin-guide/sysrq.rst (or
               Documentation/sysrq.txt before Linux 4.10).

          /proc/sys/kernel/version
               This file contains a string such as:

                   #5 Wed Feb 25 21:49:24 MET 1998

     Page 77                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               The "#5" means that this is the fifth kernel built from
               this source base and the date following it indicates
               the time the kernel was built.

               htmlmanrefend/proc/sys/kernel/threads-max(sinceLinux2.3.

               htmlmanrefstartthreads-max,htmlmanrefendthreads-max,

          htmlmanrefstart/proc/sys/kernel/yama/ptrace_scope(sinceLinux3.5)    .}f See ptrace(2).

               This file contains a flag.  When enabled (nonzero),
               Linux-PPC will pre-zero pages in the idle loop, possi-
               bly speeding up get_free_pages.

          /proc/sys/net
               This directory contains networking stuff.  Explanations
               for some of the files under this directory can be found
               in tcp(7) and ip(7).

          /proc/sys/net/core/bpf_jit_enable
               See bpf(2).

          /proc/sys/net/core/somaxconn
               This file defines a ceiling value for the backlog argu-
               ment of listen(2); see the listen(2) manual page for
               details.

          /proc/sys/proc
               This directory may be empty.

          /proc/sys/sunrpc
               This directory supports Sun remote procedure call for
               network filesystem (NFS).  On some systems, it is not
               present.

               See namespaces(7).

     Page 78                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          /proc/sys/vm
               This directory contains files for memory management
               tuning, buffer and cache management.

               htmlmanrefend/proc/sys/vm/admin_reserve_kbytes(since

               htmlmanrefstart/proc/sys/vm/overcommit_memory).htmlmanrefend/proc/sys/vm/overcommit_memory).

               htmlmanrefstart/proc/sys/vm/overcommit_memory)htmlmanrefend/proc/sys/vm/overcommit_memory)

          htmlmanrefstart/proc/sys/vm/compact_memory(sinceLinux2.6.35)    .}f When 1 is written to this file, all zones are com-
               pacted such that free memory is available in contiguous
               blocks where possible.  The effect of this action can
               be seen by examining /proc/buddyinfo.

               Present only if the kernel was configured with
               CONFIG_COMPACTION.

               Writing to this file causes the kernel to drop clean
               caches, dentries, and inodes from memory, causing that
               memory to become free.  This can be useful for memory
               management testing and performing reproducible filesys-
               tem benchmarks.  Because writing to this file causes
               the benefits of caching to be lost, it can degrade
               overall system performance.

               To free pagecache, use:

                   echo 1 > /proc/sys/vm/drop_caches

               To free dentries and inodes, use:

                   echo 2 > /proc/sys/vm/drop_caches

     Page 79                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               To free pagecache, dentries and inodes, use:

                   echo 3 > /proc/sys/vm/drop_caches

               Because writing to this file is a nondestructive opera-
               tion and dirty objects are not freeable, the user
               should run sync(1) first.

               htmlmanrefend/proc/sys/vm/legacy_va_layout(sinceLinux2.6

          htmlmanrefstart/proc/sys/vm/memory_failure_early_kill(sinceLinux2.6.32)    .}f Control how to kill processes when an uncorrected
               memory error (typically a 2-bit error in a memory mod-
               ule) that cannot be handled by the kernel is detected
               in the background by hardware.  In some cases (like the
               page still having a valid copy on disk), the kernel
               will handle the failure transparently without affecting
               any applications.  But if there is no other up-to-date
               copy of the data, it will kill processes to prevent any
               data corruptions from propagating.

               The file has one of the following values:

               1:  Kill all processes that have the corrupted-and-
                   not-reloadable page mapped as soon as the corrup-
                   tion is detected.  Note that this is not supported
                   for a few types of pages, such as kernel internally
                   allocated data or the swap cache, but works for the
                   majority of user pages.

               0:  Unmap the corrupted page from all processes and
                   kill a process only if it tries to access the page.

               The kill is performed using a SIGBUS signal with
               si_code set to BUS_MCEERR_AO.  Processes can handle
               this if they want to; see sigaction(2) for more
               details.

               This feature is active only on architectures/platforms
               with advanced machine check handling and depends on the
               hardware capabilities.

               Applications can override the memory_failure_early_kill
               setting individually with the prctl(2) PR_MCE_KILL
               operation.

               Present only if the kernel was configured with
               CONFIG_MEMORY_FAILURE.

               htmlmanrefend/proc/sys/vm/memory_failure_rec

          htmlmanrefstart/proc/sys/vm/oom_dump_tasks(sinceLinux2.6.25)    .}f Enables a system-wide task dump (excluding kernel
               threads) to be produced when the kernel performs an
               OOM-killing.  The dump includes the following informa-
               tion for each task (thread, process): thread ID, real
               user ID, thread group ID (process ID), virtual memory
               size, resident set size, the CPU that the task is
               scheduled on, oom_adj score (see the description of
               /proc/[pid]/oom_adj), and command name.  This is help-
               ful to determine why the OOM-killer was invoked and to
               identify the rogue task that caused it.

               If this contains the value zero, this information is
               suppressed.  On very large systems with thousands of
               tasks, it may not be feasible to dump the memory state
               information for each one.  Such systems should not be
               forced to incur a performance penalty in OOM situations
               when the information may not be desired.

               If this is set to nonzero, this information is shown
               whenever the OOM-killer actually kills a memory-hogging
               task.

               The default value is 0.

               htmlmanrefend/proc/sys/vm/oom_kill_allocat

               htmlmanrefstart/proc/sys/vm/oom_kill_allocating_task.htmlmanrefend/proc/sys/vm/oom_kill_allocating_task.

          htmlmanrefstart/proc/sys/vm/overcommit_kbytes(sinceLinux3.14)    .}f This writable file provides an alternative to
               /proc/sys/vm/overcommit_ratio for controlling the
               CommitLimit when /proc/sys/vm/overcommit_memory has the
               value 2.  It allows the amount of memory overcommitting
               to be specified as an absolute value (in kB), rather
               than as a percentage, as is done with overcommit_ratio.
               This allows for finer-grained control of CommitLimit on
               systems with extremely large memory sizes.

               Only one of overcommit_kbytes or overcommit_ratio can
               have an effect: if overcommit_kbytes has a nonzero
               value, then it is used to calculate CommitLimit, other-
               wise overcommit_ratio is used.  Writing a value to
               either of these files causes the value in the other
               file to be set to zero.

          /proc/sys/vm/overcommit_memory
               This file contains the kernel virtual memory accounting
               mode.  Values are:

                    0: heuristic overcommit (this is the default)
                    1: always overcommit, never check
                    2: always check, never overcommit

               In mode 0, calls of mmap(2) with MAP_NORESERVE are not
               checked, and the default check is very weak, leading to
               the risk of getting a process "OOM-killed".

               In mode 1, the kernel pretends there is always enough
               memory, until memory actually runs out.  One use case
               for this mode is scientific computing applications that
               employ large sparse arrays.  In Linux kernel versions
               before 2.6.0, any nonzero value implies mode 1.

               In mode 2 (available since Linux 2.6), the total vir-
               tual address space that can be allocated (CommitLimit
               in /proc/meminfo) is calculated as

                   CommitLimit = (total_RAM - total_huge_TLB) *
                                 overcommit_ratio / 100 + total_swap

               where:

                      *  total_RAM is the total amount of RAM on the
                         system;

                      *  total_huge_TLB is the amount of memory set
                         aside for huge pages;

                      *  overcommit_ratio is the value in

     Page 82                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                         /proc/sys/vm/overcommit_ratio; and

                      *  total_swap is the amount of swap space.

               For example, on a system with 16 GB of physical RAM, 16
               GB of swap, no space dedicated to huge pages, and an
               overcommit_ratio of 50, this formula yields a
               CommitLimit of 24 GB.

               Since Linux 3.14, if the value in
               /proc/sys/vm/overcommit_kbytes is nonzero, then
               CommitLimit is instead calculated as:

                   CommitLimit = overcommit_kbytes + total_swap

               See also the description of
               /proc/sys/vm/admin_reserve_kbytes and
               /proc/sys/vm/user_reserve_kbytes.

               htmlmanrefend/proc/sys/vm/overcommit_ratio(sinceLinux2.6

               htmlmanrefstart/proc/sys/vm/overcommit_memory.htmlmanrefend/proc/sys/vm/overcommit_memory.

          htmlmanrefstart/proc/sys/vm/panic_on_oom(sinceLinux2.6.18)

          htmlmanrefstart/proc/sys/vm/swappiness

          htmlmanrefstart/proc/sys/vm/user_reserve_kbytes(sinceLinux3.10)    .}f Specifies an amount of memory (in KiB) to reserve
               for user processes.  This is intended to prevent a user
               from starting a single memory hogging process, such
               that they cannot recover (kill the hog).  The value in
               this file has an effect only when
               /proc/sys/vm/overcommit_memory is set to 2 ("overcommit
               never" mode).  In this case, the system reserves an
               amount of memory that is the minimum of [3% of current
               process size, user_reserve_kbytes].

               The default value in this file is the minimum of [3% of
               free pages, 128MiB] expressed as KiB.

               If the value in this file is set to zero, then a user
               will be allowed to allocate all free memory with a sin-
               gle process (minus the amount reserved by
               /proc/sys/vm/admin_reserve_kbytes). Any subsequent
               attempts to execute a command will result in "fork:
               Cannot allocate memory".

               Changing the value in this file takes effect whenever
               an application requests memory.

               htmlmanrefend/proc/sys/vm/unprivileged_userfault

          htmlmanrefstart/proc/sysrq-trigger(sinceLinux2.4.21)

                 htmlmanrefstart/proc/sys/kernel/sysrq).htmlmanrefend/proc/sys/kernel/sysrq).
                   htmlmanrefstartroot.htmlmanrefendroot.

                   htmlmanrefstartmsg,htmlmanrefendmsg,

          htmlmanrefstart/proc/thread-self(sinceLinux3.17)

          htmlmanrefstart/proc/timer_list(sinceLinux2.6.21)

          htmlmanrefstart/proc/timer_stats(fromLinux2.6.21untilLinux4.10)
               .}f This is a debugging facility to make timer (ab)use
               in a Linux system visible to kernel and user-space
               developers.  It can be used by kernel and user-space
               developers to verify that their code does not make
               undue use of timers.  The goal is to avoid unnecessary
               wakeups, thereby optimizing power consumption.

               If enabled in the kernel (CONFIG_TIMER_STATS), but not
               used, it has almost zero run-time overhead and a rela-
               tively small data-structure overhead.  Even if collec-
               tion is enabled at run time, overhead is low: all the
               locking is per-CPU and lookup is hashed.

               The /proc/timer_stats file is used both to control sam-
               pling facility and to read out the sampled information.

               The timer_stats functionality is inactive on bootup.  A
               sampling period can be started using the following com-
               mand:

                   # echo 1 > /proc/timer_stats

               The following command stops a sampling period:

                   # echo 0 > /proc/timer_stats

               The statistics can be retrieved by:

                   $ cat /proc/timer_stats

               While sampling is enabled, each readout from
               /proc/timer_stats will see newly updated statistics.
               Once sampling is disabled, the sampled information is
               kept until a new sample period is started.  This allows
               multiple readouts.

               Sample output from /proc/timer_stats:

                   $ cat /proc/timer_stats
                   Timer Stats Version: v0.3
                   Sample period: 1.764 s
                   Collection: active

     Page 85                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                     255,     0 swapper/3        hrtimer_start_range_ns (tick_sched_timer)
                      71,     0 swapper/1        hrtimer_start_range_ns (tick_sched_timer)
                      58,     0 swapper/0        hrtimer_start_range_ns (tick_sched_timer)
                       4,  1694 gnome-shell      mod_delayed_work_on (delayed_work_timer_fn)
                      17,     7 rcu_sched        rcu_gp_kthread (process_timeout)
                   ...
                       1,  4911 kworker/u16:0    mod_delayed_work_on (delayed_work_timer_fn)
                      1D,  2522 kworker/0:0      queue_delayed_work_on (delayed_work_timer_fn)
                   1029 total events, 583.333 events/sec

               The output columns are:

               *  a count of the number of events, optionally (since
                  Linux 2.6.23) followed by the letter aqDaq if this is
                  a deferrable timer;

               *  the PID of the process that initialized the timer;

               *  the name of the process that initialized the timer;

               *  the function where the timer was initialized; and

               *  (in parentheses) the callback function that is asso-
                  ciated with the timer.

               During the Linux 4.11 development cycle, this file  was
               removed because of security concerns, as it exposes
               information across namespaces.  Furthermore, it is pos-
               sible to obtain the same information via in-kernel
               tracing facilities such as ftrace.

          /proc/tty
               Subdirectory containing the pseudo-files and subdirec-
               tories for tty drivers and line disciplines.

          /proc/uptime
               This file contains two numbers (values in seconds): the
               uptime of the system (including time spent in suspend)
               and the amount of time spent in the idle process.

          /proc/version
               This string identifies the kernel version that is cur-
               rently running.  It includes the contents of
               /proc/sys/kernel/ostype, /proc/sys/kernel/osrelease,
               and /proc/sys/kernel/version. For example:

                   Linux version 1.0.9 (quinlan@phaze) #1 Sat May 14 01:51:54 EDT 1994

               This file displays various virtual memory statistics.
               Each line of this file contains a single name-value
               pair, delimited by white space.  Some lines are present

     Page 86                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

               only if the kernel was configured with suitable
               options.  (In some cases, the options required for par-
               ticular files have changed across kernel versions, so
               they are not listed here.  Details can be found by con-
               sulting the kernel source code.)  The following fields
               may be present:

                    Amount of memory allocated to kernel stacks.

     Page 87                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    Pages used by shmem and tmpfs(5).

                    htmlmanrefendnr_anon_transparent_hugepages(sinceLinux2

               htmlmanrefstartnr_free_cma(sinceLinux3.7)

               htmlmanrefstartnr_dirty_threshold(sinceLinux2.6.37)

               htmlmanrefstartnr_dirty_background_threshold(sinceLinux2.6.37)    .}f

     Page 88                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

     Page 89                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

     Page 90                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

     Page 91                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

                    See the kernel source file
                    Documentation/admin-guide/mm/transhuge.rst.

               This file displays information about memory zones.
               This is useful for analyzing virtual memory behavior.

     NOTES
          Many files contain strings (e.g., the environment and com-
          mand line) that are in the internal format, with subfields
          terminated by null bytes (aq0aq).  When inspecting such
          files, you may find that the results are more readable if
          you use a command of the following form to display them:

              $ cat file | tr aq000aq aqnaq

          This manual page is incomplete, possibly inaccurate, and is
          the kind of thing that needs to be updated very often.

     SEE ALSO
          cat(1), dmesg(1), find(1), free(1), htop(1), init(1), ps(1),
          pstree(1), tr(1), uptime(1), chroot(2), mmap(2),
          readlink(2), syslog(2), slabinfo(5), sysfs(5), hier(7),

     Page 92                       Linux             (printed 5/24/22)

     PROC(5)                   (2020-12-21)                    PROC(5)

          namespaces(7), time(7), arp(8), hdparm(8), ifconfig(8),
          lsmod(8), lspci(8), mount(8), netstat(8), procinfo(8),
          route(8), sysctl(8)

          The Linux kernel source files:
          Documentation/filesystems/proc.txt,
          Documentation/sysctl/fs.txt,
          Documentation/sysctl/kernel.txt,
          Documentation/sysctl/net.txt, and
          Documentation/sysctl/vm.txt.

     COLOPHON
          This page is part of release 5.10 of the Linux man-pages
          project.  A description of the project, information about
          reporting bugs, and the latest version of this page, can be
          found at https://www.kernel.org/doc/man-pages/.

     Page 93                       Linux             (printed 5/24/22)