Commit 807094c0 authored by Borislav Petkov's avatar Borislav Petkov Committed by Linus Torvalds

Documentation: refresh sysctl/kernel.txt

Refresh sysctl/kernel.txt.  More specifically,

 - drop stale index entries
 - sync and sort index and entries
 - reflow sticking out paragraphs to colwidth 72
 - correct typos
 - cleanup whitespace
Signed-off-by: default avatarBorislav Petkov <bp@alien8.de>
Signed-off-by: default avatarRandy Dunlap <rdunlap@xenotime.net>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 9fd615f4
...@@ -17,23 +17,21 @@ before actually making adjustments. ...@@ -17,23 +17,21 @@ before actually making adjustments.
Currently, these files might (depending on your configuration) Currently, these files might (depending on your configuration)
show up in /proc/sys/kernel: show up in /proc/sys/kernel:
- acpi_video_flags
- acct - acct
- acpi_video_flags
- auto_msgmni
- bootloader_type [ X86 only ] - bootloader_type [ X86 only ]
- bootloader_version [ X86 only ] - bootloader_version [ X86 only ]
- callhome [ S390 only ] - callhome [ S390 only ]
- auto_msgmni
- core_pattern - core_pattern
- core_pipe_limit - core_pipe_limit
- core_uses_pid - core_uses_pid
- ctrl-alt-del - ctrl-alt-del
- dentry-state
- dmesg_restrict - dmesg_restrict
- domainname - domainname
- hostname - hostname
- hotplug - hotplug
- java-appletviewer [ binfmt_java, obsolete ]
- java-interpreter [ binfmt_java, obsolete ]
- kptr_restrict - kptr_restrict
- kstack_depth_to_print [ X86 only ] - kstack_depth_to_print [ X86 only ]
- l2cr [ PPC only ] - l2cr [ PPC only ]
...@@ -48,10 +46,14 @@ show up in /proc/sys/kernel: ...@@ -48,10 +46,14 @@ show up in /proc/sys/kernel:
- overflowgid - overflowgid
- overflowuid - overflowuid
- panic - panic
- panic_on_oops
- panic_on_unrecovered_nmi
- pid_max - pid_max
- powersave-nap [ PPC only ] - powersave-nap [ PPC only ]
- panic_on_unrecovered_nmi
- printk - printk
- printk_delay
- printk_ratelimit
- printk_ratelimit_burst
- randomize_va_space - randomize_va_space
- real-root-dev ==> Documentation/initrd.txt - real-root-dev ==> Documentation/initrd.txt
- reboot-cmd [ SPARC only ] - reboot-cmd [ SPARC only ]
...@@ -62,6 +64,7 @@ show up in /proc/sys/kernel: ...@@ -62,6 +64,7 @@ show up in /proc/sys/kernel:
- shmall - shmall
- shmmax [ sysv ipc ] - shmmax [ sysv ipc ]
- shmmni - shmmni
- softlockup_thresh
- stop-a [ SPARC only ] - stop-a [ SPARC only ]
- sysrq ==> Documentation/sysrq.txt - sysrq ==> Documentation/sysrq.txt
- tainted - tainted
...@@ -71,15 +74,6 @@ show up in /proc/sys/kernel: ...@@ -71,15 +74,6 @@ show up in /proc/sys/kernel:
============================================================== ==============================================================
acpi_video_flags:
flags
See Doc*/kernel/power/video.txt, it allows mode of video boot to be
set during run time.
==============================================================
acct: acct:
highwater lowwater frequency highwater lowwater frequency
...@@ -95,6 +89,25 @@ That is, suspend accounting if there left <= 2% free; resume it ...@@ -95,6 +89,25 @@ That is, suspend accounting if there left <= 2% free; resume it
if we got >=4%; consider information about amount of free space if we got >=4%; consider information about amount of free space
valid for 30 seconds. valid for 30 seconds.
==============================================================
acpi_video_flags:
flags
See Doc*/kernel/power/video.txt, it allows mode of video boot to be
set during run time.
==============================================================
auto_msgmni:
Enables/Disables automatic recomputing of msgmni upon memory add/remove
or upon ipc namespace creation/removal (see the msgmni description
above). Echoing "1" into this file enables msgmni automatic recomputing.
Echoing "0" turns it off. auto_msgmni default value is 1.
============================================================== ==============================================================
bootloader_type: bootloader_type:
...@@ -172,22 +185,24 @@ core_pattern is used to specify a core dumpfile pattern name. ...@@ -172,22 +185,24 @@ core_pattern is used to specify a core dumpfile pattern name.
core_pipe_limit: core_pipe_limit:
This sysctl is only applicable when core_pattern is configured to pipe core This sysctl is only applicable when core_pattern is configured to pipe
files to a user space helper (when the first character of core_pattern is a '|', core files to a user space helper (when the first character of
see above). When collecting cores via a pipe to an application, it is core_pattern is a '|', see above). When collecting cores via a pipe
occasionally useful for the collecting application to gather data about the to an application, it is occasionally useful for the collecting
crashing process from its /proc/pid directory. In order to do this safely, the application to gather data about the crashing process from its
kernel must wait for the collecting process to exit, so as not to remove the /proc/pid directory. In order to do this safely, the kernel must wait
crashing processes proc files prematurely. This in turn creates the possibility for the collecting process to exit, so as not to remove the crashing
that a misbehaving userspace collecting process can block the reaping of a processes proc files prematurely. This in turn creates the
crashed process simply by never exiting. This sysctl defends against that. It possibility that a misbehaving userspace collecting process can block
defines how many concurrent crashing processes may be piped to user space the reaping of a crashed process simply by never exiting. This sysctl
applications in parallel. If this value is exceeded, then those crashing defends against that. It defines how many concurrent crashing
processes above that value are noted via the kernel log and their cores are processes may be piped to user space applications in parallel. If
skipped. 0 is a special value, indicating that unlimited processes may be this value is exceeded, then those crashing processes above that value
captured in parallel, but that no waiting will take place (i.e. the collecting are noted via the kernel log and their cores are skipped. 0 is a
process is not guaranteed access to /proc/<crashing pid>/). This value defaults special value, indicating that unlimited processes may be captured in
to 0. parallel, but that no waiting will take place (i.e. the collecting
process is not guaranteed access to /proc/<crashing pid>/). This
value defaults to 0.
============================================================== ==============================================================
...@@ -218,14 +233,14 @@ to decide what to do with it. ...@@ -218,14 +233,14 @@ to decide what to do with it.
dmesg_restrict: dmesg_restrict:
This toggle indicates whether unprivileged users are prevented from using This toggle indicates whether unprivileged users are prevented
dmesg(8) to view messages from the kernel's log buffer. When from using dmesg(8) to view messages from the kernel's log buffer.
dmesg_restrict is set to (0) there are no restrictions. When When dmesg_restrict is set to (0) there are no restrictions. When
dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use dmesg_restrict is set set to (1), users must have CAP_SYSLOG to use
dmesg(8). dmesg(8).
The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the default The kernel config option CONFIG_SECURITY_DMESG_RESTRICT sets the
value of dmesg_restrict. default value of dmesg_restrict.
============================================================== ==============================================================
...@@ -256,13 +271,6 @@ Default value is "/sbin/hotplug". ...@@ -256,13 +271,6 @@ Default value is "/sbin/hotplug".
============================================================== ==============================================================
l2cr: (PPC only)
This flag controls the L2 cache of G3 processor boards. If
0, the cache is disabled. Enabled if nonzero.
==============================================================
kptr_restrict: kptr_restrict:
This toggle indicates whether restrictions are placed on This toggle indicates whether restrictions are placed on
...@@ -283,6 +291,13 @@ kernel stack. ...@@ -283,6 +291,13 @@ kernel stack.
============================================================== ==============================================================
l2cr: (PPC only)
This flag controls the L2 cache of G3 processor boards. If
0, the cache is disabled. Enabled if nonzero.
==============================================================
modules_disabled: modules_disabled:
A toggle value indicating if modules are allowed to be loaded A toggle value indicating if modules are allowed to be loaded
...@@ -293,6 +308,21 @@ to false. ...@@ -293,6 +308,21 @@ to false.
============================================================== ==============================================================
nmi_watchdog:
Enables/Disables the NMI watchdog on x86 systems. When the value is
non-zero the NMI watchdog is enabled and will continuously test all
online cpus to determine whether or not they are still functioning
properly. Currently, passing "nmi_watchdog=" parameter at boot time is
required for this function to work.
If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel
parameter), the NMI watchdog shares registers with oprofile. By
disabling the NMI watchdog, oprofile may have more registers to
utilize.
==============================================================
osrelease, ostype & version: osrelease, ostype & version:
# cat osrelease # cat osrelease
...@@ -312,10 +342,10 @@ The only way to tune these values is to rebuild the kernel :-) ...@@ -312,10 +342,10 @@ The only way to tune these values is to rebuild the kernel :-)
overflowgid & overflowuid: overflowgid & overflowuid:
if your architecture did not always support 32-bit UIDs (i.e. arm, i386, if your architecture did not always support 32-bit UIDs (i.e. arm,
m68k, sh, and sparc32), a fixed UID and GID will be returned to i386, m68k, sh, and sparc32), a fixed UID and GID will be returned to
applications that use the old 16-bit UID/GID system calls, if the actual applications that use the old 16-bit UID/GID system calls, if the
UID or GID would exceed 65535. actual UID or GID would exceed 65535.
These sysctls allow you to change the value of the fixed UID and GID. These sysctls allow you to change the value of the fixed UID and GID.
The default is 65534. The default is 65534.
...@@ -324,9 +354,22 @@ The default is 65534. ...@@ -324,9 +354,22 @@ The default is 65534.
panic: panic:
The value in this file represents the number of seconds the The value in this file represents the number of seconds the kernel
kernel waits before rebooting on a panic. When you use the waits before rebooting on a panic. When you use the software watchdog,
software watchdog, the recommended setting is 60. the recommended setting is 60.
==============================================================
panic_on_unrecovered_nmi:
The default Linux behaviour on an NMI of either memory or unknown is
to continue operation. For many environments such as scientific
computing it is preferable that the box is taken out and the error
dealt with than an uncorrected parity/ECC error get propagated.
A small number of systems do generate NMI's for bizarre random reasons
such as power management so the default is off. That sysctl works like
the existing panic controls already in that directory.
============================================================== ==============================================================
...@@ -376,6 +419,14 @@ the different loglevels. ...@@ -376,6 +419,14 @@ the different loglevels.
============================================================== ==============================================================
printk_delay:
Delay each printk message in printk_delay milliseconds
Value from 0 - 10000 is allowed.
==============================================================
printk_ratelimit: printk_ratelimit:
Some warning messages are rate limited. printk_ratelimit specifies Some warning messages are rate limited. printk_ratelimit specifies
...@@ -395,15 +446,7 @@ send before ratelimiting kicks in. ...@@ -395,15 +446,7 @@ send before ratelimiting kicks in.
============================================================== ==============================================================
printk_delay: randomize_va_space:
Delay each printk message in printk_delay milliseconds
Value from 0 - 10000 is allowed.
==============================================================
randomize-va-space:
This option can be used to select the type of process address This option can be used to select the type of process address
space randomization that is used in the system, for architectures space randomization that is used in the system, for architectures
...@@ -509,49 +552,11 @@ can be ORed together: ...@@ -509,49 +552,11 @@ can be ORed together:
============================================================== ==============================================================
auto_msgmni:
Enables/Disables automatic recomputing of msgmni upon memory add/remove or
upon ipc namespace creation/removal (see the msgmni description above).
Echoing "1" into this file enables msgmni automatic recomputing.
Echoing "0" turns it off.
auto_msgmni default value is 1.
==============================================================
nmi_watchdog:
Enables/Disables the NMI watchdog on x86 systems. When the value is non-zero
the NMI watchdog is enabled and will continuously test all online cpus to
determine whether or not they are still functioning properly. Currently,
passing "nmi_watchdog=" parameter at boot time is required for this function
to work.
If LAPIC NMI watchdog method is in use (nmi_watchdog=2 kernel parameter), the
NMI watchdog shares registers with oprofile. By disabling the NMI watchdog,
oprofile may have more registers to utilize.
==============================================================
unknown_nmi_panic: unknown_nmi_panic:
The value in this file affects behavior of handling NMI. When the value is The value in this file affects behavior of handling NMI. When the
non-zero, unknown NMI is trapped and then panic occurs. At that time, kernel value is non-zero, unknown NMI is trapped and then panic occurs. At
debugging information is displayed on console. that time, kernel debugging information is displayed on console.
NMI switch that most IA32 servers have fires unknown NMI up, for example.
If a system hangs up, try pressing the NMI switch.
==============================================================
panic_on_unrecovered_nmi:
The default Linux behaviour on an NMI of either memory or unknown is to continue
operation. For many environments such as scientific computing it is preferable
that the box is taken out and the error dealt with than an uncorrected
parity/ECC error get propogated.
A small number of systems do generate NMI's for bizarre random reasons such as
power management so the default is off. That sysctl works like the existing
panic controls already in that directory.
NMI switch that most IA32 servers have fires unknown NMI up, for
example. If a system hangs up, try pressing the NMI switch.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment