diff options
Diffstat (limited to 'Documentation/sysctl')
| -rw-r--r-- | Documentation/sysctl/fs.txt | 18 | ||||
| -rw-r--r-- | Documentation/sysctl/vm.txt | 30 |
2 files changed, 26 insertions, 22 deletions
diff --git a/Documentation/sysctl/fs.txt b/Documentation/sysctl/fs.txt index 13d6166d7a27..8c235b6e4246 100644 --- a/Documentation/sysctl/fs.txt +++ b/Documentation/sysctl/fs.txt | |||
| @@ -163,16 +163,22 @@ This value can be used to query and set the core dump mode for setuid | |||
| 163 | or otherwise protected/tainted binaries. The modes are | 163 | or otherwise protected/tainted binaries. The modes are |
| 164 | 164 | ||
| 165 | 0 - (default) - traditional behaviour. Any process which has changed | 165 | 0 - (default) - traditional behaviour. Any process which has changed |
| 166 | privilege levels or is execute only will not be dumped | 166 | privilege levels or is execute only will not be dumped. |
| 167 | 1 - (debug) - all processes dump core when possible. The core dump is | 167 | 1 - (debug) - all processes dump core when possible. The core dump is |
| 168 | owned by the current user and no security is applied. This is | 168 | owned by the current user and no security is applied. This is |
| 169 | intended for system debugging situations only. Ptrace is unchecked. | 169 | intended for system debugging situations only. Ptrace is unchecked. |
| 170 | This is insecure as it allows regular users to examine the memory | ||
| 171 | contents of privileged processes. | ||
| 170 | 2 - (suidsafe) - any binary which normally would not be dumped is dumped | 172 | 2 - (suidsafe) - any binary which normally would not be dumped is dumped |
| 171 | readable by root only. This allows the end user to remove | 173 | anyway, but only if the "core_pattern" kernel sysctl is set to |
| 172 | such a dump but not access it directly. For security reasons | 174 | either a pipe handler or a fully qualified path. (For more details |
| 173 | core dumps in this mode will not overwrite one another or | 175 | on this limitation, see CVE-2006-2451.) This mode is appropriate |
| 174 | other files. This mode is appropriate when administrators are | 176 | when administrators are attempting to debug problems in a normal |
| 175 | attempting to debug problems in a normal environment. | 177 | environment, and either have a core dump pipe handler that knows |
| 178 | to treat privileged core dumps with care, or specific directory | ||
| 179 | defined for catching core dumps. If a core dump happens without | ||
| 180 | a pipe handler or fully qualifid path, a message will be emitted | ||
| 181 | to syslog warning about the lack of a correct setting. | ||
| 176 | 182 | ||
| 177 | ============================================================== | 183 | ============================================================== |
| 178 | 184 | ||
diff --git a/Documentation/sysctl/vm.txt b/Documentation/sysctl/vm.txt index 96f0ee825bed..dcc2a94ae34e 100644 --- a/Documentation/sysctl/vm.txt +++ b/Documentation/sysctl/vm.txt | |||
| @@ -42,7 +42,6 @@ Currently, these files are in /proc/sys/vm: | |||
| 42 | - mmap_min_addr | 42 | - mmap_min_addr |
| 43 | - nr_hugepages | 43 | - nr_hugepages |
| 44 | - nr_overcommit_hugepages | 44 | - nr_overcommit_hugepages |
| 45 | - nr_pdflush_threads | ||
| 46 | - nr_trim_pages (only if CONFIG_MMU=n) | 45 | - nr_trim_pages (only if CONFIG_MMU=n) |
| 47 | - numa_zonelist_order | 46 | - numa_zonelist_order |
| 48 | - oom_dump_tasks | 47 | - oom_dump_tasks |
| @@ -426,16 +425,6 @@ See Documentation/vm/hugetlbpage.txt | |||
| 426 | 425 | ||
| 427 | ============================================================== | 426 | ============================================================== |
| 428 | 427 | ||
| 429 | nr_pdflush_threads | ||
| 430 | |||
| 431 | The current number of pdflush threads. This value is read-only. | ||
| 432 | The value changes according to the number of dirty pages in the system. | ||
| 433 | |||
| 434 | When necessary, additional pdflush threads are created, one per second, up to | ||
| 435 | nr_pdflush_threads_max. | ||
| 436 | |||
| 437 | ============================================================== | ||
| 438 | |||
| 439 | nr_trim_pages | 428 | nr_trim_pages |
| 440 | 429 | ||
| 441 | This is available only on NOMMU kernels. | 430 | This is available only on NOMMU kernels. |
| @@ -502,9 +491,10 @@ oom_dump_tasks | |||
| 502 | 491 | ||
| 503 | Enables a system-wide task dump (excluding kernel threads) to be | 492 | Enables a system-wide task dump (excluding kernel threads) to be |
| 504 | produced when the kernel performs an OOM-killing and includes such | 493 | produced when the kernel performs an OOM-killing and includes such |
| 505 | information as pid, uid, tgid, vm size, rss, cpu, oom_adj score, and | 494 | information as pid, uid, tgid, vm size, rss, nr_ptes, swapents, |
| 506 | name. This is helpful to determine why the OOM killer was invoked | 495 | oom_score_adj score, and name. This is helpful to determine why the |
| 507 | and to identify the rogue task that caused it. | 496 | OOM killer was invoked, to identify the rogue task that caused it, |
| 497 | and to determine why the OOM killer chose the task it did to kill. | ||
| 508 | 498 | ||
| 509 | If this is set to zero, this information is suppressed. On very | 499 | If this is set to zero, this information is suppressed. On very |
| 510 | large systems with thousands of tasks it may not be feasible to dump | 500 | large systems with thousands of tasks it may not be feasible to dump |
| @@ -574,16 +564,24 @@ of physical RAM. See above. | |||
| 574 | 564 | ||
| 575 | page-cluster | 565 | page-cluster |
| 576 | 566 | ||
| 577 | page-cluster controls the number of pages which are written to swap in | 567 | page-cluster controls the number of pages up to which consecutive pages |
| 578 | a single attempt. The swap I/O size. | 568 | are read in from swap in a single attempt. This is the swap counterpart |
| 569 | to page cache readahead. | ||
| 570 | The mentioned consecutivity is not in terms of virtual/physical addresses, | ||
| 571 | but consecutive on swap space - that means they were swapped out together. | ||
| 579 | 572 | ||
| 580 | It is a logarithmic value - setting it to zero means "1 page", setting | 573 | It is a logarithmic value - setting it to zero means "1 page", setting |
| 581 | it to 1 means "2 pages", setting it to 2 means "4 pages", etc. | 574 | it to 1 means "2 pages", setting it to 2 means "4 pages", etc. |
| 575 | Zero disables swap readahead completely. | ||
| 582 | 576 | ||
| 583 | The default value is three (eight pages at a time). There may be some | 577 | The default value is three (eight pages at a time). There may be some |
| 584 | small benefits in tuning this to a different value if your workload is | 578 | small benefits in tuning this to a different value if your workload is |
| 585 | swap-intensive. | 579 | swap-intensive. |
| 586 | 580 | ||
| 581 | Lower values mean lower latencies for initial faults, but at the same time | ||
| 582 | extra faults and I/O delays for following faults if they would have been part of | ||
| 583 | that consecutive pages readahead would have brought in. | ||
| 584 | |||
| 587 | ============================================================= | 585 | ============================================================= |
| 588 | 586 | ||
| 589 | panic_on_oom | 587 | panic_on_oom |