xref: /linux/Documentation/admin-guide/sysctl/kernel.rst (revision 64b14a184e83eb62ea0615e31a409956049d40e7)
1===================================
2Documentation for /proc/sys/kernel/
3===================================
4
5.. See scripts/check-sysctl-docs to keep this up to date
6
7
8Copyright (c) 1998, 1999,  Rik van Riel <riel@nl.linux.org>
9
10Copyright (c) 2009,        Shen Feng<shen@cn.fujitsu.com>
11
12For general info and legal blurb, please look in
13Documentation/admin-guide/sysctl/index.rst.
14
15------------------------------------------------------------------------------
16
17This file contains documentation for the sysctl files in
18``/proc/sys/kernel/``.
19
20The files in this directory can be used to tune and monitor
21miscellaneous and general things in the operation of the Linux
22kernel. Since some of the files *can* be used to screw up your
23system, it is advisable to read both documentation and source
24before actually making adjustments.
25
26Currently, these files might (depending on your configuration)
27show up in ``/proc/sys/kernel``:
28
29.. contents:: :local:
30
31
32acct
33====
34
35::
36
37    highwater lowwater frequency
38
39If BSD-style process accounting is enabled these values control
40its behaviour. If free space on filesystem where the log lives
41goes below ``lowwater``% accounting suspends. If free space gets
42above ``highwater``% accounting resumes. ``frequency`` determines
43how often do we check the amount of free space (value is in
44seconds). Default:
45
46::
47
48    4 2 30
49
50That is, suspend accounting if free space drops below 2%; resume it
51if it increases to at least 4%; consider information about amount of
52free space valid for 30 seconds.
53
54
55acpi_video_flags
56================
57
58See Documentation/power/video.rst. This allows the video resume mode to be set,
59in a similar fashion to the ``acpi_sleep`` kernel parameter, by
60combining the following values:
61
62= =======
631 s3_bios
642 s3_mode
654 s3_beep
66= =======
67
68
69auto_msgmni
70===========
71
72This variable has no effect and may be removed in future kernel
73releases. Reading it always returns 0.
74Up to Linux 3.17, it enabled/disabled automatic recomputing of
75`msgmni`_
76upon memory add/remove or upon IPC namespace creation/removal.
77Echoing "1" into this file enabled msgmni automatic recomputing.
78Echoing "0" turned it off. The default value was 1.
79
80
81bootloader_type (x86 only)
82==========================
83
84This gives the bootloader type number as indicated by the bootloader,
85shifted left by 4, and OR'd with the low four bits of the bootloader
86version.  The reason for this encoding is that this used to match the
87``type_of_loader`` field in the kernel header; the encoding is kept for
88backwards compatibility.  That is, if the full bootloader type number
89is 0x15 and the full version number is 0x234, this file will contain
90the value 340 = 0x154.
91
92See the ``type_of_loader`` and ``ext_loader_type`` fields in
93Documentation/x86/boot.rst for additional information.
94
95
96bootloader_version (x86 only)
97=============================
98
99The complete bootloader version number.  In the example above, this
100file will contain the value 564 = 0x234.
101
102See the ``type_of_loader`` and ``ext_loader_ver`` fields in
103Documentation/x86/boot.rst for additional information.
104
105
106bpf_stats_enabled
107=================
108
109Controls whether the kernel should collect statistics on BPF programs
110(total time spent running, number of times run...). Enabling
111statistics causes a slight reduction in performance on each program
112run. The statistics can be seen using ``bpftool``.
113
114= ===================================
1150 Don't collect statistics (default).
1161 Collect statistics.
117= ===================================
118
119
120cad_pid
121=======
122
123This is the pid which will be signalled on reboot (notably, by
124Ctrl-Alt-Delete). Writing a value to this file which doesn't
125correspond to a running process will result in ``-ESRCH``.
126
127See also `ctrl-alt-del`_.
128
129
130cap_last_cap
131============
132
133Highest valid capability of the running kernel.  Exports
134``CAP_LAST_CAP`` from the kernel.
135
136
137core_pattern
138============
139
140``core_pattern`` is used to specify a core dumpfile pattern name.
141
142* max length 127 characters; default value is "core"
143* ``core_pattern`` is used as a pattern template for the output
144  filename; certain string patterns (beginning with '%') are
145  substituted with their actual values.
146* backward compatibility with ``core_uses_pid``:
147
148	If ``core_pattern`` does not include "%p" (default does not)
149	and ``core_uses_pid`` is set, then .PID will be appended to
150	the filename.
151
152* corename format specifiers
153
154	========	==========================================
155	%<NUL>		'%' is dropped
156	%%		output one '%'
157	%p		pid
158	%P		global pid (init PID namespace)
159	%i		tid
160	%I		global tid (init PID namespace)
161	%u		uid (in initial user namespace)
162	%g		gid (in initial user namespace)
163	%d		dump mode, matches ``PR_SET_DUMPABLE`` and
164			``/proc/sys/fs/suid_dumpable``
165	%s		signal number
166	%t		UNIX time of dump
167	%h		hostname
168	%e		executable filename (may be shortened, could be changed by prctl etc)
169	%f      	executable filename
170	%E		executable path
171	%c		maximum size of core file by resource limit RLIMIT_CORE
172	%<OTHER>	both are dropped
173	========	==========================================
174
175* If the first character of the pattern is a '|', the kernel will treat
176  the rest of the pattern as a command to run.  The core dump will be
177  written to the standard input of that program instead of to a file.
178
179
180core_pipe_limit
181===============
182
183This sysctl is only applicable when `core_pattern`_ is configured to
184pipe core files to a user space helper (when the first character of
185``core_pattern`` is a '|', see above).
186When collecting cores via a pipe to an application, it is occasionally
187useful for the collecting application to gather data about the
188crashing process from its ``/proc/pid`` directory.
189In order to do this safely, the kernel must wait for the collecting
190process to exit, so as not to remove the crashing processes proc files
191prematurely.
192This in turn creates the possibility that a misbehaving userspace
193collecting process can block the reaping of a crashed process simply
194by never exiting.
195This sysctl defends against that.
196It defines how many concurrent crashing processes may be piped to user
197space applications in parallel.
198If this value is exceeded, then those crashing processes above that
199value are noted via the kernel log and their cores are skipped.
2000 is a special value, indicating that unlimited processes may be
201captured in parallel, but that no waiting will take place (i.e. the
202collecting process is not guaranteed access to ``/proc/<crashing
203pid>/``).
204This value defaults to 0.
205
206
207core_uses_pid
208=============
209
210The default coredump filename is "core".  By setting
211``core_uses_pid`` to 1, the coredump filename becomes core.PID.
212If `core_pattern`_ does not include "%p" (default does not)
213and ``core_uses_pid`` is set, then .PID will be appended to
214the filename.
215
216
217ctrl-alt-del
218============
219
220When the value in this file is 0, ctrl-alt-del is trapped and
221sent to the ``init(1)`` program to handle a graceful restart.
222When, however, the value is > 0, Linux's reaction to a Vulcan
223Nerve Pinch (tm) will be an immediate reboot, without even
224syncing its dirty buffers.
225
226Note:
227  when a program (like dosemu) has the keyboard in 'raw'
228  mode, the ctrl-alt-del is intercepted by the program before it
229  ever reaches the kernel tty layer, and it's up to the program
230  to decide what to do with it.
231
232
233dmesg_restrict
234==============
235
236This toggle indicates whether unprivileged users are prevented
237from using ``dmesg(8)`` to view messages from the kernel's log
238buffer.
239When ``dmesg_restrict`` is set to 0 there are no restrictions.
240When ``dmesg_restrict`` is set to 1, users must have
241``CAP_SYSLOG`` to use ``dmesg(8)``.
242
243The kernel config option ``CONFIG_SECURITY_DMESG_RESTRICT`` sets the
244default value of ``dmesg_restrict``.
245
246
247domainname & hostname
248=====================
249
250These files can be used to set the NIS/YP domainname and the
251hostname of your box in exactly the same way as the commands
252domainname and hostname, i.e.::
253
254	# echo "darkstar" > /proc/sys/kernel/hostname
255	# echo "mydomain" > /proc/sys/kernel/domainname
256
257has the same effect as::
258
259	# hostname "darkstar"
260	# domainname "mydomain"
261
262Note, however, that the classic darkstar.frop.org has the
263hostname "darkstar" and DNS (Internet Domain Name Server)
264domainname "frop.org", not to be confused with the NIS (Network
265Information Service) or YP (Yellow Pages) domainname. These two
266domain names are in general different. For a detailed discussion
267see the ``hostname(1)`` man page.
268
269
270firmware_config
271===============
272
273See Documentation/driver-api/firmware/fallback-mechanisms.rst.
274
275The entries in this directory allow the firmware loader helper
276fallback to be controlled:
277
278* ``force_sysfs_fallback``, when set to 1, forces the use of the
279  fallback;
280* ``ignore_sysfs_fallback``, when set to 1, ignores any fallback.
281
282
283ftrace_dump_on_oops
284===================
285
286Determines whether ``ftrace_dump()`` should be called on an oops (or
287kernel panic). This will output the contents of the ftrace buffers to
288the console.  This is very useful for capturing traces that lead to
289crashes and outputting them to a serial console.
290
291= ===================================================
2920 Disabled (default).
2931 Dump buffers of all CPUs.
2942 Dump the buffer of the CPU that triggered the oops.
295= ===================================================
296
297
298ftrace_enabled, stack_tracer_enabled
299====================================
300
301See Documentation/trace/ftrace.rst.
302
303
304hardlockup_all_cpu_backtrace
305============================
306
307This value controls the hard lockup detector behavior when a hard
308lockup condition is detected as to whether or not to gather further
309debug information. If enabled, arch-specific all-CPU stack dumping
310will be initiated.
311
312= ============================================
3130 Do nothing. This is the default behavior.
3141 On detection capture more debug information.
315= ============================================
316
317
318hardlockup_panic
319================
320
321This parameter can be used to control whether the kernel panics
322when a hard lockup is detected.
323
324= ===========================
3250 Don't panic on hard lockup.
3261 Panic on hard lockup.
327= ===========================
328
329See Documentation/admin-guide/lockup-watchdogs.rst for more information.
330This can also be set using the nmi_watchdog kernel parameter.
331
332
333hotplug
334=======
335
336Path for the hotplug policy agent.
337Default value is ``CONFIG_UEVENT_HELPER_PATH``, which in turn defaults
338to the empty string.
339
340This file only exists when ``CONFIG_UEVENT_HELPER`` is enabled. Most
341modern systems rely exclusively on the netlink-based uevent source and
342don't need this.
343
344
345hung_task_all_cpu_backtrace
346===========================
347
348If this option is set, the kernel will send an NMI to all CPUs to dump
349their backtraces when a hung task is detected. This file shows up if
350CONFIG_DETECT_HUNG_TASK and CONFIG_SMP are enabled.
351
3520: Won't show all CPUs backtraces when a hung task is detected.
353This is the default behavior.
354
3551: Will non-maskably interrupt all CPUs and dump their backtraces when
356a hung task is detected.
357
358
359hung_task_panic
360===============
361
362Controls the kernel's behavior when a hung task is detected.
363This file shows up if ``CONFIG_DETECT_HUNG_TASK`` is enabled.
364
365= =================================================
3660 Continue operation. This is the default behavior.
3671 Panic immediately.
368= =================================================
369
370
371hung_task_check_count
372=====================
373
374The upper bound on the number of tasks that are checked.
375This file shows up if ``CONFIG_DETECT_HUNG_TASK`` is enabled.
376
377
378hung_task_timeout_secs
379======================
380
381When a task in D state did not get scheduled
382for more than this value report a warning.
383This file shows up if ``CONFIG_DETECT_HUNG_TASK`` is enabled.
384
3850 means infinite timeout, no checking is done.
386
387Possible values to set are in range {0:``LONG_MAX``/``HZ``}.
388
389
390hung_task_check_interval_secs
391=============================
392
393Hung task check interval. If hung task checking is enabled
394(see `hung_task_timeout_secs`_), the check is done every
395``hung_task_check_interval_secs`` seconds.
396This file shows up if ``CONFIG_DETECT_HUNG_TASK`` is enabled.
397
3980 (default) means use ``hung_task_timeout_secs`` as checking
399interval.
400
401Possible values to set are in range {0:``LONG_MAX``/``HZ``}.
402
403
404hung_task_warnings
405==================
406
407The maximum number of warnings to report. During a check interval
408if a hung task is detected, this value is decreased by 1.
409When this value reaches 0, no more warnings will be reported.
410This file shows up if ``CONFIG_DETECT_HUNG_TASK`` is enabled.
411
412-1: report an infinite number of warnings.
413
414
415hyperv_record_panic_msg
416=======================
417
418Controls whether the panic kmsg data should be reported to Hyper-V.
419
420= =========================================================
4210 Do not report panic kmsg data.
4221 Report the panic kmsg data. This is the default behavior.
423= =========================================================
424
425
426ignore-unaligned-usertrap
427=========================
428
429On architectures where unaligned accesses cause traps, and where this
430feature is supported (``CONFIG_SYSCTL_ARCH_UNALIGN_NO_WARN``;
431currently, ``arc`` and ``ia64``), controls whether all unaligned traps
432are logged.
433
434= =============================================================
4350 Log all unaligned accesses.
4361 Only warn the first time a process traps. This is the default
437  setting.
438= =============================================================
439
440See also `unaligned-trap`_ and `unaligned-dump-stack`_. On ``ia64``,
441this allows system administrators to override the
442``IA64_THREAD_UAC_NOPRINT`` ``prctl`` and avoid logs being flooded.
443
444
445kexec_load_disabled
446===================
447
448A toggle indicating if the ``kexec_load`` syscall has been disabled.
449This value defaults to 0 (false: ``kexec_load`` enabled), but can be
450set to 1 (true: ``kexec_load`` disabled).
451Once true, kexec can no longer be used, and the toggle cannot be set
452back to false.
453This allows a kexec image to be loaded before disabling the syscall,
454allowing a system to set up (and later use) an image without it being
455altered.
456Generally used together with the `modules_disabled`_ sysctl.
457
458
459kptr_restrict
460=============
461
462This toggle indicates whether restrictions are placed on
463exposing kernel addresses via ``/proc`` and other interfaces.
464
465When ``kptr_restrict`` is set to 0 (the default) the address is hashed
466before printing.
467(This is the equivalent to %p.)
468
469When ``kptr_restrict`` is set to 1, kernel pointers printed using the
470%pK format specifier will be replaced with 0s unless the user has
471``CAP_SYSLOG`` and effective user and group ids are equal to the real
472ids.
473This is because %pK checks are done at read() time rather than open()
474time, so if permissions are elevated between the open() and the read()
475(e.g via a setuid binary) then %pK will not leak kernel pointers to
476unprivileged users.
477Note, this is a temporary solution only.
478The correct long-term solution is to do the permission checks at
479open() time.
480Consider removing world read permissions from files that use %pK, and
481using `dmesg_restrict`_ to protect against uses of %pK in ``dmesg(8)``
482if leaking kernel pointer values to unprivileged users is a concern.
483
484When ``kptr_restrict`` is set to 2, kernel pointers printed using
485%pK will be replaced with 0s regardless of privileges.
486
487
488modprobe
489========
490
491The full path to the usermode helper for autoloading kernel modules,
492by default ``CONFIG_MODPROBE_PATH``, which in turn defaults to
493"/sbin/modprobe".  This binary is executed when the kernel requests a
494module.  For example, if userspace passes an unknown filesystem type
495to mount(), then the kernel will automatically request the
496corresponding filesystem module by executing this usermode helper.
497This usermode helper should insert the needed module into the kernel.
498
499This sysctl only affects module autoloading.  It has no effect on the
500ability to explicitly insert modules.
501
502This sysctl can be used to debug module loading requests::
503
504    echo '#! /bin/sh' > /tmp/modprobe
505    echo 'echo "$@" >> /tmp/modprobe.log' >> /tmp/modprobe
506    echo 'exec /sbin/modprobe "$@"' >> /tmp/modprobe
507    chmod a+x /tmp/modprobe
508    echo /tmp/modprobe > /proc/sys/kernel/modprobe
509
510Alternatively, if this sysctl is set to the empty string, then module
511autoloading is completely disabled.  The kernel will not try to
512execute a usermode helper at all, nor will it call the
513kernel_module_request LSM hook.
514
515If CONFIG_STATIC_USERMODEHELPER=y is set in the kernel configuration,
516then the configured static usermode helper overrides this sysctl,
517except that the empty string is still accepted to completely disable
518module autoloading as described above.
519
520modules_disabled
521================
522
523A toggle value indicating if modules are allowed to be loaded
524in an otherwise modular kernel.  This toggle defaults to off
525(0), but can be set true (1).  Once true, modules can be
526neither loaded nor unloaded, and the toggle cannot be set back
527to false.  Generally used with the `kexec_load_disabled`_ toggle.
528
529
530.. _msgmni:
531
532msgmax, msgmnb, and msgmni
533==========================
534
535``msgmax`` is the maximum size of an IPC message, in bytes. 8192 by
536default (``MSGMAX``).
537
538``msgmnb`` is the maximum size of an IPC queue, in bytes. 16384 by
539default (``MSGMNB``).
540
541``msgmni`` is the maximum number of IPC queues. 32000 by default
542(``MSGMNI``).
543
544
545msg_next_id, sem_next_id, and shm_next_id (System V IPC)
546========================================================
547
548These three toggles allows to specify desired id for next allocated IPC
549object: message, semaphore or shared memory respectively.
550
551By default they are equal to -1, which means generic allocation logic.
552Possible values to set are in range {0:``INT_MAX``}.
553
554Notes:
555  1) kernel doesn't guarantee, that new object will have desired id. So,
556     it's up to userspace, how to handle an object with "wrong" id.
557  2) Toggle with non-default value will be set back to -1 by kernel after
558     successful IPC object allocation. If an IPC object allocation syscall
559     fails, it is undefined if the value remains unmodified or is reset to -1.
560
561
562ngroups_max
563===========
564
565Maximum number of supplementary groups, _i.e._ the maximum size which
566``setgroups`` will accept. Exports ``NGROUPS_MAX`` from the kernel.
567
568
569
570nmi_watchdog
571============
572
573This parameter can be used to control the NMI watchdog
574(i.e. the hard lockup detector) on x86 systems.
575
576= =================================
5770 Disable the hard lockup detector.
5781 Enable the hard lockup detector.
579= =================================
580
581The hard lockup detector monitors each CPU for its ability to respond to
582timer interrupts. The mechanism utilizes CPU performance counter registers
583that are programmed to generate Non-Maskable Interrupts (NMIs) periodically
584while a CPU is busy. Hence, the alternative name 'NMI watchdog'.
585
586The NMI watchdog is disabled by default if the kernel is running as a guest
587in a KVM virtual machine. This default can be overridden by adding::
588
589   nmi_watchdog=1
590
591to the guest kernel command line (see
592Documentation/admin-guide/kernel-parameters.rst).
593
594
595numa_balancing
596==============
597
598Enables/disables automatic page fault based NUMA memory
599balancing. Memory is moved automatically to nodes
600that access it often.
601
602Enables/disables automatic NUMA memory balancing. On NUMA machines, there
603is a performance penalty if remote memory is accessed by a CPU. When this
604feature is enabled the kernel samples what task thread is accessing memory
605by periodically unmapping pages and later trapping a page fault. At the
606time of the page fault, it is determined if the data being accessed should
607be migrated to a local memory node.
608
609The unmapping of pages and trapping faults incur additional overhead that
610ideally is offset by improved memory locality but there is no universal
611guarantee. If the target workload is already bound to NUMA nodes then this
612feature should be disabled. Otherwise, if the system overhead from the
613feature is too high then the rate the kernel samples for NUMA hinting
614faults may be controlled by the `numa_balancing_scan_period_min_ms,
615numa_balancing_scan_delay_ms, numa_balancing_scan_period_max_ms,
616numa_balancing_scan_size_mb`_, and numa_balancing_settle_count sysctls.
617
618
619numa_balancing_scan_period_min_ms, numa_balancing_scan_delay_ms, numa_balancing_scan_period_max_ms, numa_balancing_scan_size_mb
620===============================================================================================================================
621
622
623Automatic NUMA balancing scans tasks address space and unmaps pages to
624detect if pages are properly placed or if the data should be migrated to a
625memory node local to where the task is running.  Every "scan delay" the task
626scans the next "scan size" number of pages in its address space. When the
627end of the address space is reached the scanner restarts from the beginning.
628
629In combination, the "scan delay" and "scan size" determine the scan rate.
630When "scan delay" decreases, the scan rate increases.  The scan delay and
631hence the scan rate of every task is adaptive and depends on historical
632behaviour. If pages are properly placed then the scan delay increases,
633otherwise the scan delay decreases.  The "scan size" is not adaptive but
634the higher the "scan size", the higher the scan rate.
635
636Higher scan rates incur higher system overhead as page faults must be
637trapped and potentially data must be migrated. However, the higher the scan
638rate, the more quickly a tasks memory is migrated to a local node if the
639workload pattern changes and minimises performance impact due to remote
640memory accesses. These sysctls control the thresholds for scan delays and
641the number of pages scanned.
642
643``numa_balancing_scan_period_min_ms`` is the minimum time in milliseconds to
644scan a tasks virtual memory. It effectively controls the maximum scanning
645rate for each task.
646
647``numa_balancing_scan_delay_ms`` is the starting "scan delay" used for a task
648when it initially forks.
649
650``numa_balancing_scan_period_max_ms`` is the maximum time in milliseconds to
651scan a tasks virtual memory. It effectively controls the minimum scanning
652rate for each task.
653
654``numa_balancing_scan_size_mb`` is how many megabytes worth of pages are
655scanned for a given scan.
656
657
658oops_all_cpu_backtrace
659======================
660
661If this option is set, the kernel will send an NMI to all CPUs to dump
662their backtraces when an oops event occurs. It should be used as a last
663resort in case a panic cannot be triggered (to protect VMs running, for
664example) or kdump can't be collected. This file shows up if CONFIG_SMP
665is enabled.
666
6670: Won't show all CPUs backtraces when an oops is detected.
668This is the default behavior.
669
6701: Will non-maskably interrupt all CPUs and dump their backtraces when
671an oops event is detected.
672
673
674osrelease, ostype & version
675===========================
676
677::
678
679  # cat osrelease
680  2.1.88
681  # cat ostype
682  Linux
683  # cat version
684  #5 Wed Feb 25 21:49:24 MET 1998
685
686The files ``osrelease`` and ``ostype`` should be clear enough.
687``version``
688needs a little more clarification however. The '#5' means that
689this is the fifth kernel built from this source base and the
690date behind it indicates the time the kernel was built.
691The only way to tune these values is to rebuild the kernel :-)
692
693
694overflowgid & overflowuid
695=========================
696
697if your architecture did not always support 32-bit UIDs (i.e. arm,
698i386, m68k, sh, and sparc32), a fixed UID and GID will be returned to
699applications that use the old 16-bit UID/GID system calls, if the
700actual UID or GID would exceed 65535.
701
702These sysctls allow you to change the value of the fixed UID and GID.
703The default is 65534.
704
705
706panic
707=====
708
709The value in this file determines the behaviour of the kernel on a
710panic:
711
712* if zero, the kernel will loop forever;
713* if negative, the kernel will reboot immediately;
714* if positive, the kernel will reboot after the corresponding number
715  of seconds.
716
717When you use the software watchdog, the recommended setting is 60.
718
719
720panic_on_io_nmi
721===============
722
723Controls the kernel's behavior when a CPU receives an NMI caused by
724an IO error.
725
726= ==================================================================
7270 Try to continue operation (default).
7281 Panic immediately. The IO error triggered an NMI. This indicates a
729  serious system condition which could result in IO data corruption.
730  Rather than continuing, panicking might be a better choice. Some
731  servers issue this sort of NMI when the dump button is pushed,
732  and you can use this option to take a crash dump.
733= ==================================================================
734
735
736panic_on_oops
737=============
738
739Controls the kernel's behaviour when an oops or BUG is encountered.
740
741= ===================================================================
7420 Try to continue operation.
7431 Panic immediately.  If the `panic` sysctl is also non-zero then the
744  machine will be rebooted.
745= ===================================================================
746
747
748panic_on_stackoverflow
749======================
750
751Controls the kernel's behavior when detecting the overflows of
752kernel, IRQ and exception stacks except a user stack.
753This file shows up if ``CONFIG_DEBUG_STACKOVERFLOW`` is enabled.
754
755= ==========================
7560 Try to continue operation.
7571 Panic immediately.
758= ==========================
759
760
761panic_on_unrecovered_nmi
762========================
763
764The default Linux behaviour on an NMI of either memory or unknown is
765to continue operation. For many environments such as scientific
766computing it is preferable that the box is taken out and the error
767dealt with than an uncorrected parity/ECC error get propagated.
768
769A small number of systems do generate NMIs for bizarre random reasons
770such as power management so the default is off. That sysctl works like
771the existing panic controls already in that directory.
772
773
774panic_on_warn
775=============
776
777Calls panic() in the WARN() path when set to 1.  This is useful to avoid
778a kernel rebuild when attempting to kdump at the location of a WARN().
779
780= ================================================
7810 Only WARN(), default behaviour.
7821 Call panic() after printing out WARN() location.
783= ================================================
784
785
786panic_print
787===========
788
789Bitmask for printing system info when panic happens. User can chose
790combination of the following bits:
791
792=====  ============================================
793bit 0  print all tasks info
794bit 1  print system memory info
795bit 2  print timer info
796bit 3  print locks info if ``CONFIG_LOCKDEP`` is on
797bit 4  print ftrace buffer
798=====  ============================================
799
800So for example to print tasks and memory info on panic, user can::
801
802  echo 3 > /proc/sys/kernel/panic_print
803
804
805panic_on_rcu_stall
806==================
807
808When set to 1, calls panic() after RCU stall detection messages. This
809is useful to define the root cause of RCU stalls using a vmcore.
810
811= ============================================================
8120 Do not panic() when RCU stall takes place, default behavior.
8131 panic() after printing RCU stall messages.
814= ============================================================
815
816
817perf_cpu_time_max_percent
818=========================
819
820Hints to the kernel how much CPU time it should be allowed to
821use to handle perf sampling events.  If the perf subsystem
822is informed that its samples are exceeding this limit, it
823will drop its sampling frequency to attempt to reduce its CPU
824usage.
825
826Some perf sampling happens in NMIs.  If these samples
827unexpectedly take too long to execute, the NMIs can become
828stacked up next to each other so much that nothing else is
829allowed to execute.
830
831===== ========================================================
8320     Disable the mechanism.  Do not monitor or correct perf's
833      sampling rate no matter how CPU time it takes.
834
8351-100 Attempt to throttle perf's sample rate to this
836      percentage of CPU.  Note: the kernel calculates an
837      "expected" length of each sample event.  100 here means
838      100% of that expected length.  Even if this is set to
839      100, you may still see sample throttling if this
840      length is exceeded.  Set to 0 if you truly do not care
841      how much CPU is consumed.
842===== ========================================================
843
844
845perf_event_paranoid
846===================
847
848Controls use of the performance events system by unprivileged
849users (without CAP_PERFMON).  The default value is 2.
850
851For backward compatibility reasons access to system performance
852monitoring and observability remains open for CAP_SYS_ADMIN
853privileged processes but CAP_SYS_ADMIN usage for secure system
854performance monitoring and observability operations is discouraged
855with respect to CAP_PERFMON use cases.
856
857===  ==================================================================
858 -1  Allow use of (almost) all events by all users.
859
860     Ignore mlock limit after perf_event_mlock_kb without
861     ``CAP_IPC_LOCK``.
862
863>=0  Disallow ftrace function tracepoint by users without
864     ``CAP_PERFMON``.
865
866     Disallow raw tracepoint access by users without ``CAP_PERFMON``.
867
868>=1  Disallow CPU event access by users without ``CAP_PERFMON``.
869
870>=2  Disallow kernel profiling by users without ``CAP_PERFMON``.
871===  ==================================================================
872
873
874perf_event_max_stack
875====================
876
877Controls maximum number of stack frames to copy for (``attr.sample_type &
878PERF_SAMPLE_CALLCHAIN``) configured events, for instance, when using
879'``perf record -g``' or '``perf trace --call-graph fp``'.
880
881This can only be done when no events are in use that have callchains
882enabled, otherwise writing to this file will return ``-EBUSY``.
883
884The default value is 127.
885
886
887perf_event_mlock_kb
888===================
889
890Control size of per-cpu ring buffer not counted against mlock limit.
891
892The default value is 512 + 1 page
893
894
895perf_event_max_contexts_per_stack
896=================================
897
898Controls maximum number of stack frame context entries for
899(``attr.sample_type & PERF_SAMPLE_CALLCHAIN``) configured events, for
900instance, when using '``perf record -g``' or '``perf trace --call-graph fp``'.
901
902This can only be done when no events are in use that have callchains
903enabled, otherwise writing to this file will return ``-EBUSY``.
904
905The default value is 8.
906
907
908perf_user_access (arm64 only)
909=================================
910
911Controls user space access for reading perf event counters. When set to 1,
912user space can read performance monitor counter registers directly.
913
914The default value is 0 (access disabled).
915
916See Documentation/arm64/perf.rst for more information.
917
918
919pid_max
920=======
921
922PID allocation wrap value.  When the kernel's next PID value
923reaches this value, it wraps back to a minimum PID value.
924PIDs of value ``pid_max`` or larger are not allocated.
925
926
927ns_last_pid
928===========
929
930The last pid allocated in the current (the one task using this sysctl
931lives in) pid namespace. When selecting a pid for a next task on fork
932kernel tries to allocate a number starting from this one.
933
934
935powersave-nap (PPC only)
936========================
937
938If set, Linux-PPC will use the 'nap' mode of powersaving,
939otherwise the 'doze' mode will be used.
940
941
942==============================================================
943
944printk
945======
946
947The four values in printk denote: ``console_loglevel``,
948``default_message_loglevel``, ``minimum_console_loglevel`` and
949``default_console_loglevel`` respectively.
950
951These values influence printk() behavior when printing or
952logging error messages. See '``man 2 syslog``' for more info on
953the different loglevels.
954
955======================== =====================================
956console_loglevel         messages with a higher priority than
957                         this will be printed to the console
958default_message_loglevel messages without an explicit priority
959                         will be printed with this priority
960minimum_console_loglevel minimum (highest) value to which
961                         console_loglevel can be set
962default_console_loglevel default value for console_loglevel
963======================== =====================================
964
965
966printk_delay
967============
968
969Delay each printk message in ``printk_delay`` milliseconds
970
971Value from 0 - 10000 is allowed.
972
973
974printk_ratelimit
975================
976
977Some warning messages are rate limited. ``printk_ratelimit`` specifies
978the minimum length of time between these messages (in seconds).
979The default value is 5 seconds.
980
981A value of 0 will disable rate limiting.
982
983
984printk_ratelimit_burst
985======================
986
987While long term we enforce one message per `printk_ratelimit`_
988seconds, we do allow a burst of messages to pass through.
989``printk_ratelimit_burst`` specifies the number of messages we can
990send before ratelimiting kicks in.
991
992The default value is 10 messages.
993
994
995printk_devkmsg
996==============
997
998Control the logging to ``/dev/kmsg`` from userspace:
999
1000========= =============================================
1001ratelimit default, ratelimited
1002on        unlimited logging to /dev/kmsg from userspace
1003off       logging to /dev/kmsg disabled
1004========= =============================================
1005
1006The kernel command line parameter ``printk.devkmsg=`` overrides this and is
1007a one-time setting until next reboot: once set, it cannot be changed by
1008this sysctl interface anymore.
1009
1010==============================================================
1011
1012
1013pty
1014===
1015
1016See Documentation/filesystems/devpts.rst.
1017
1018
1019random
1020======
1021
1022This is a directory, with the following entries:
1023
1024* ``boot_id``: a UUID generated the first time this is retrieved, and
1025  unvarying after that;
1026
1027* ``entropy_avail``: the pool's entropy count, in bits;
1028
1029* ``poolsize``: the entropy pool size, in bits;
1030
1031* ``urandom_min_reseed_secs``: obsolete (used to determine the minimum
1032  number of seconds between urandom pool reseeding).
1033
1034* ``uuid``: a UUID generated every time this is retrieved (this can
1035  thus be used to generate UUIDs at will);
1036
1037* ``write_wakeup_threshold``: when the entropy count drops below this
1038  (as a number of bits), processes waiting to write to ``/dev/random``
1039  are woken up.
1040
1041If ``drivers/char/random.c`` is built with ``ADD_INTERRUPT_BENCH``
1042defined, these additional entries are present:
1043
1044* ``add_interrupt_avg_cycles``: the average number of cycles between
1045  interrupts used to feed the pool;
1046
1047* ``add_interrupt_avg_deviation``: the standard deviation seen on the
1048  number of cycles between interrupts used to feed the pool.
1049
1050
1051randomize_va_space
1052==================
1053
1054This option can be used to select the type of process address
1055space randomization that is used in the system, for architectures
1056that support this feature.
1057
1058==  ===========================================================================
10590   Turn the process address space randomization off.  This is the
1060    default for architectures that do not support this feature anyways,
1061    and kernels that are booted with the "norandmaps" parameter.
1062
10631   Make the addresses of mmap base, stack and VDSO page randomized.
1064    This, among other things, implies that shared libraries will be
1065    loaded to random addresses.  Also for PIE-linked binaries, the
1066    location of code start is randomized.  This is the default if the
1067    ``CONFIG_COMPAT_BRK`` option is enabled.
1068
10692   Additionally enable heap randomization.  This is the default if
1070    ``CONFIG_COMPAT_BRK`` is disabled.
1071
1072    There are a few legacy applications out there (such as some ancient
1073    versions of libc.so.5 from 1996) that assume that brk area starts
1074    just after the end of the code+bss.  These applications break when
1075    start of the brk area is randomized.  There are however no known
1076    non-legacy applications that would be broken this way, so for most
1077    systems it is safe to choose full randomization.
1078
1079    Systems with ancient and/or broken binaries should be configured
1080    with ``CONFIG_COMPAT_BRK`` enabled, which excludes the heap from process
1081    address space randomization.
1082==  ===========================================================================
1083
1084
1085real-root-dev
1086=============
1087
1088See Documentation/admin-guide/initrd.rst.
1089
1090
1091reboot-cmd (SPARC only)
1092=======================
1093
1094??? This seems to be a way to give an argument to the Sparc
1095ROM/Flash boot loader. Maybe to tell it what to do after
1096rebooting. ???
1097
1098
1099sched_energy_aware
1100==================
1101
1102Enables/disables Energy Aware Scheduling (EAS). EAS starts
1103automatically on platforms where it can run (that is,
1104platforms with asymmetric CPU topologies and having an Energy
1105Model available). If your platform happens to meet the
1106requirements for EAS but you do not want to use it, change
1107this value to 0.
1108
1109task_delayacct
1110===============
1111
1112Enables/disables task delay accounting (see
1113Documentation/accounting/delay-accounting.rst. Enabling this feature incurs
1114a small amount of overhead in the scheduler but is useful for debugging
1115and performance tuning. It is required by some tools such as iotop.
1116
1117sched_schedstats
1118================
1119
1120Enables/disables scheduler statistics. Enabling this feature
1121incurs a small amount of overhead in the scheduler but is
1122useful for debugging and performance tuning.
1123
1124sched_util_clamp_min
1125====================
1126
1127Max allowed *minimum* utilization.
1128
1129Default value is 1024, which is the maximum possible value.
1130
1131It means that any requested uclamp.min value cannot be greater than
1132sched_util_clamp_min, i.e., it is restricted to the range
1133[0:sched_util_clamp_min].
1134
1135sched_util_clamp_max
1136====================
1137
1138Max allowed *maximum* utilization.
1139
1140Default value is 1024, which is the maximum possible value.
1141
1142It means that any requested uclamp.max value cannot be greater than
1143sched_util_clamp_max, i.e., it is restricted to the range
1144[0:sched_util_clamp_max].
1145
1146sched_util_clamp_min_rt_default
1147===============================
1148
1149By default Linux is tuned for performance. Which means that RT tasks always run
1150at the highest frequency and most capable (highest capacity) CPU (in
1151heterogeneous systems).
1152
1153Uclamp achieves this by setting the requested uclamp.min of all RT tasks to
11541024 by default, which effectively boosts the tasks to run at the highest
1155frequency and biases them to run on the biggest CPU.
1156
1157This knob allows admins to change the default behavior when uclamp is being
1158used. In battery powered devices particularly, running at the maximum
1159capacity and frequency will increase energy consumption and shorten the battery
1160life.
1161
1162This knob is only effective for RT tasks which the user hasn't modified their
1163requested uclamp.min value via sched_setattr() syscall.
1164
1165This knob will not escape the range constraint imposed by sched_util_clamp_min
1166defined above.
1167
1168For example if
1169
1170	sched_util_clamp_min_rt_default = 800
1171	sched_util_clamp_min = 600
1172
1173Then the boost will be clamped to 600 because 800 is outside of the permissible
1174range of [0:600]. This could happen for instance if a powersave mode will
1175restrict all boosts temporarily by modifying sched_util_clamp_min. As soon as
1176this restriction is lifted, the requested sched_util_clamp_min_rt_default
1177will take effect.
1178
1179seccomp
1180=======
1181
1182See Documentation/userspace-api/seccomp_filter.rst.
1183
1184
1185sg-big-buff
1186===========
1187
1188This file shows the size of the generic SCSI (sg) buffer.
1189You can't tune it just yet, but you could change it on
1190compile time by editing ``include/scsi/sg.h`` and changing
1191the value of ``SG_BIG_BUFF``.
1192
1193There shouldn't be any reason to change this value. If
1194you can come up with one, you probably know what you
1195are doing anyway :)
1196
1197
1198shmall
1199======
1200
1201This parameter sets the total amount of shared memory pages that
1202can be used system wide. Hence, ``shmall`` should always be at least
1203``ceil(shmmax/PAGE_SIZE)``.
1204
1205If you are not sure what the default ``PAGE_SIZE`` is on your Linux
1206system, you can run the following command::
1207
1208	# getconf PAGE_SIZE
1209
1210
1211shmmax
1212======
1213
1214This value can be used to query and set the run time limit
1215on the maximum shared memory segment size that can be created.
1216Shared memory segments up to 1Gb are now supported in the
1217kernel.  This value defaults to ``SHMMAX``.
1218
1219
1220shmmni
1221======
1222
1223This value determines the maximum number of shared memory segments.
12244096 by default (``SHMMNI``).
1225
1226
1227shm_rmid_forced
1228===============
1229
1230Linux lets you set resource limits, including how much memory one
1231process can consume, via ``setrlimit(2)``.  Unfortunately, shared memory
1232segments are allowed to exist without association with any process, and
1233thus might not be counted against any resource limits.  If enabled,
1234shared memory segments are automatically destroyed when their attach
1235count becomes zero after a detach or a process termination.  It will
1236also destroy segments that were created, but never attached to, on exit
1237from the process.  The only use left for ``IPC_RMID`` is to immediately
1238destroy an unattached segment.  Of course, this breaks the way things are
1239defined, so some applications might stop working.  Note that this
1240feature will do you no good unless you also configure your resource
1241limits (in particular, ``RLIMIT_AS`` and ``RLIMIT_NPROC``).  Most systems don't
1242need this.
1243
1244Note that if you change this from 0 to 1, already created segments
1245without users and with a dead originative process will be destroyed.
1246
1247
1248sysctl_writes_strict
1249====================
1250
1251Control how file position affects the behavior of updating sysctl values
1252via the ``/proc/sys`` interface:
1253
1254  ==   ======================================================================
1255  -1   Legacy per-write sysctl value handling, with no printk warnings.
1256       Each write syscall must fully contain the sysctl value to be
1257       written, and multiple writes on the same sysctl file descriptor
1258       will rewrite the sysctl value, regardless of file position.
1259   0   Same behavior as above, but warn about processes that perform writes
1260       to a sysctl file descriptor when the file position is not 0.
1261   1   (default) Respect file position when writing sysctl strings. Multiple
1262       writes will append to the sysctl value buffer. Anything past the max
1263       length of the sysctl value buffer will be ignored. Writes to numeric
1264       sysctl entries must always be at file position 0 and the value must
1265       be fully contained in the buffer sent in the write syscall.
1266  ==   ======================================================================
1267
1268
1269softlockup_all_cpu_backtrace
1270============================
1271
1272This value controls the soft lockup detector thread's behavior
1273when a soft lockup condition is detected as to whether or not
1274to gather further debug information. If enabled, each cpu will
1275be issued an NMI and instructed to capture stack trace.
1276
1277This feature is only applicable for architectures which support
1278NMI.
1279
1280= ============================================
12810 Do nothing. This is the default behavior.
12821 On detection capture more debug information.
1283= ============================================
1284
1285
1286softlockup_panic
1287=================
1288
1289This parameter can be used to control whether the kernel panics
1290when a soft lockup is detected.
1291
1292= ============================================
12930 Don't panic on soft lockup.
12941 Panic on soft lockup.
1295= ============================================
1296
1297This can also be set using the softlockup_panic kernel parameter.
1298
1299
1300soft_watchdog
1301=============
1302
1303This parameter can be used to control the soft lockup detector.
1304
1305= =================================
13060 Disable the soft lockup detector.
13071 Enable the soft lockup detector.
1308= =================================
1309
1310The soft lockup detector monitors CPUs for threads that are hogging the CPUs
1311without rescheduling voluntarily, and thus prevent the 'migration/N' threads
1312from running, causing the watchdog work fail to execute. The mechanism depends
1313on the CPUs ability to respond to timer interrupts which are needed for the
1314watchdog work to be queued by the watchdog timer function, otherwise the NMI
1315watchdog — if enabled — can detect a hard lockup condition.
1316
1317
1318stack_erasing
1319=============
1320
1321This parameter can be used to control kernel stack erasing at the end
1322of syscalls for kernels built with ``CONFIG_GCC_PLUGIN_STACKLEAK``.
1323
1324That erasing reduces the information which kernel stack leak bugs
1325can reveal and blocks some uninitialized stack variable attacks.
1326The tradeoff is the performance impact: on a single CPU system kernel
1327compilation sees a 1% slowdown, other systems and workloads may vary.
1328
1329= ====================================================================
13300 Kernel stack erasing is disabled, STACKLEAK_METRICS are not updated.
13311 Kernel stack erasing is enabled (default), it is performed before
1332  returning to the userspace at the end of syscalls.
1333= ====================================================================
1334
1335
1336stop-a (SPARC only)
1337===================
1338
1339Controls Stop-A:
1340
1341= ====================================
13420 Stop-A has no effect.
13431 Stop-A breaks to the PROM (default).
1344= ====================================
1345
1346Stop-A is always enabled on a panic, so that the user can return to
1347the boot PROM.
1348
1349
1350sysrq
1351=====
1352
1353See Documentation/admin-guide/sysrq.rst.
1354
1355
1356tainted
1357=======
1358
1359Non-zero if the kernel has been tainted. Numeric values, which can be
1360ORed together. The letters are seen in "Tainted" line of Oops reports.
1361
1362======  =====  ==============================================================
1363     1  `(P)`  proprietary module was loaded
1364     2  `(F)`  module was force loaded
1365     4  `(S)`  kernel running on an out of specification system
1366     8  `(R)`  module was force unloaded
1367    16  `(M)`  processor reported a Machine Check Exception (MCE)
1368    32  `(B)`  bad page referenced or some unexpected page flags
1369    64  `(U)`  taint requested by userspace application
1370   128  `(D)`  kernel died recently, i.e. there was an OOPS or BUG
1371   256  `(A)`  an ACPI table was overridden by user
1372   512  `(W)`  kernel issued warning
1373  1024  `(C)`  staging driver was loaded
1374  2048  `(I)`  workaround for bug in platform firmware applied
1375  4096  `(O)`  externally-built ("out-of-tree") module was loaded
1376  8192  `(E)`  unsigned module was loaded
1377 16384  `(L)`  soft lockup occurred
1378 32768  `(K)`  kernel has been live patched
1379 65536  `(X)`  Auxiliary taint, defined and used by for distros
1380131072  `(T)`  The kernel was built with the struct randomization plugin
1381======  =====  ==============================================================
1382
1383See Documentation/admin-guide/tainted-kernels.rst for more information.
1384
1385Note:
1386  writes to this sysctl interface will fail with ``EINVAL`` if the kernel is
1387  booted with the command line option ``panic_on_taint=<bitmask>,nousertaint``
1388  and any of the ORed together values being written to ``tainted`` match with
1389  the bitmask declared on panic_on_taint.
1390  See Documentation/admin-guide/kernel-parameters.rst for more details on
1391  that particular kernel command line option and its optional
1392  ``nousertaint`` switch.
1393
1394threads-max
1395===========
1396
1397This value controls the maximum number of threads that can be created
1398using ``fork()``.
1399
1400During initialization the kernel sets this value such that even if the
1401maximum number of threads is created, the thread structures occupy only
1402a part (1/8th) of the available RAM pages.
1403
1404The minimum value that can be written to ``threads-max`` is 1.
1405
1406The maximum value that can be written to ``threads-max`` is given by the
1407constant ``FUTEX_TID_MASK`` (0x3fffffff).
1408
1409If a value outside of this range is written to ``threads-max`` an
1410``EINVAL`` error occurs.
1411
1412
1413traceoff_on_warning
1414===================
1415
1416When set, disables tracing (see Documentation/trace/ftrace.rst) when a
1417``WARN()`` is hit.
1418
1419
1420tracepoint_printk
1421=================
1422
1423When tracepoints are sent to printk() (enabled by the ``tp_printk``
1424boot parameter), this entry provides runtime control::
1425
1426    echo 0 > /proc/sys/kernel/tracepoint_printk
1427
1428will stop tracepoints from being sent to printk(), and::
1429
1430    echo 1 > /proc/sys/kernel/tracepoint_printk
1431
1432will send them to printk() again.
1433
1434This only works if the kernel was booted with ``tp_printk`` enabled.
1435
1436See Documentation/admin-guide/kernel-parameters.rst and
1437Documentation/trace/boottime-trace.rst.
1438
1439
1440.. _unaligned-dump-stack:
1441
1442unaligned-dump-stack (ia64)
1443===========================
1444
1445When logging unaligned accesses, controls whether the stack is
1446dumped.
1447
1448= ===================================================
14490 Do not dump the stack. This is the default setting.
14501 Dump the stack.
1451= ===================================================
1452
1453See also `ignore-unaligned-usertrap`_.
1454
1455
1456unaligned-trap
1457==============
1458
1459On architectures where unaligned accesses cause traps, and where this
1460feature is supported (``CONFIG_SYSCTL_ARCH_UNALIGN_ALLOW``; currently,
1461``arc`` and ``parisc``), controls whether unaligned traps are caught
1462and emulated (instead of failing).
1463
1464= ========================================================
14650 Do not emulate unaligned accesses.
14661 Emulate unaligned accesses. This is the default setting.
1467= ========================================================
1468
1469See also `ignore-unaligned-usertrap`_.
1470
1471
1472unknown_nmi_panic
1473=================
1474
1475The value in this file affects behavior of handling NMI. When the
1476value is non-zero, unknown NMI is trapped and then panic occurs. At
1477that time, kernel debugging information is displayed on console.
1478
1479NMI switch that most IA32 servers have fires unknown NMI up, for
1480example.  If a system hangs up, try pressing the NMI switch.
1481
1482
1483unprivileged_bpf_disabled
1484=========================
1485
1486Writing 1 to this entry will disable unprivileged calls to ``bpf()``;
1487once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` or ``CAP_BPF``
1488will return ``-EPERM``. Once set to 1, this can't be cleared from the
1489running kernel anymore.
1490
1491Writing 2 to this entry will also disable unprivileged calls to ``bpf()``,
1492however, an admin can still change this setting later on, if needed, by
1493writing 0 or 1 to this entry.
1494
1495If ``BPF_UNPRIV_DEFAULT_OFF`` is enabled in the kernel config, then this
1496entry will default to 2 instead of 0.
1497
1498= =============================================================
14990 Unprivileged calls to ``bpf()`` are enabled
15001 Unprivileged calls to ``bpf()`` are disabled without recovery
15012 Unprivileged calls to ``bpf()`` are disabled
1502= =============================================================
1503
1504watchdog
1505========
1506
1507This parameter can be used to disable or enable the soft lockup detector
1508*and* the NMI watchdog (i.e. the hard lockup detector) at the same time.
1509
1510= ==============================
15110 Disable both lockup detectors.
15121 Enable both lockup detectors.
1513= ==============================
1514
1515The soft lockup detector and the NMI watchdog can also be disabled or
1516enabled individually, using the ``soft_watchdog`` and ``nmi_watchdog``
1517parameters.
1518If the ``watchdog`` parameter is read, for example by executing::
1519
1520   cat /proc/sys/kernel/watchdog
1521
1522the output of this command (0 or 1) shows the logical OR of
1523``soft_watchdog`` and ``nmi_watchdog``.
1524
1525
1526watchdog_cpumask
1527================
1528
1529This value can be used to control on which cpus the watchdog may run.
1530The default cpumask is all possible cores, but if ``NO_HZ_FULL`` is
1531enabled in the kernel config, and cores are specified with the
1532``nohz_full=`` boot argument, those cores are excluded by default.
1533Offline cores can be included in this mask, and if the core is later
1534brought online, the watchdog will be started based on the mask value.
1535
1536Typically this value would only be touched in the ``nohz_full`` case
1537to re-enable cores that by default were not running the watchdog,
1538if a kernel lockup was suspected on those cores.
1539
1540The argument value is the standard cpulist format for cpumasks,
1541so for example to enable the watchdog on cores 0, 2, 3, and 4 you
1542might say::
1543
1544  echo 0,2-4 > /proc/sys/kernel/watchdog_cpumask
1545
1546
1547watchdog_thresh
1548===============
1549
1550This value can be used to control the frequency of hrtimer and NMI
1551events and the soft and hard lockup thresholds. The default threshold
1552is 10 seconds.
1553
1554The softlockup threshold is (``2 * watchdog_thresh``). Setting this
1555tunable to zero will disable lockup detection altogether.
1556