~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/Documentation/admin-guide/sysctl/fs.rst

Version: ~ [ linux-6.13-rc5 ] ~ [ linux-6.12.7 ] ~ [ linux-6.11.11 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.68 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.122 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.175 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.232 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.288 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.325 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /Documentation/admin-guide/sysctl/fs.rst (Version linux-6.13-rc5) and /Documentation/admin-guide/sysctl/fs.rst (Version linux-4.19.325)


  1 ===============================                   
  2 Documentation for /proc/sys/fs/                   
  3 ===============================                   
  4                                                   
  5 Copyright (c) 1998, 1999,  Rik van Riel <riel@n    
  6                                                   
  7 Copyright (c) 2009,        Shen Feng<shen@cn.fu    
  8                                                   
  9 For general info and legal blurb, please look     
 10                                                   
 11 ----------------------------------------------    
 12                                                   
 13 This file contains documentation for the sysct    
 14 in ``/proc/sys/fs/``.                             
 15                                                   
 16 The files in this directory can be used to tun    
 17 miscellaneous and general things in the operat    
 18 kernel. Since some of the files *can* be used     
 19 system, it is advisable to read both documenta    
 20 before actually making adjustments.               
 21                                                   
 22 1. /proc/sys/fs                                   
 23 ===============                                   
 24                                                   
 25 Currently, these files might (depending on you    
 26 show up in ``/proc/sys/fs``:                      
 27                                                   
 28 .. contents:: :local:                             
 29                                                   
 30                                                   
 31 aio-nr & aio-max-nr                               
 32 -------------------                               
 33                                                   
 34 ``aio-nr`` shows the current system-wide numbe    
 35 requests.  ``aio-max-nr`` allows you to change    
 36 ``aio-nr`` can grow to.  If ``aio-nr`` reaches    
 37 ``io_setup`` will fail with ``EAGAIN``.  Note     
 38 ``aio-max-nr`` does not result in the             
 39 pre-allocation or re-sizing of any kernel data    
 40                                                   
 41 dentry-negative                                   
 42 ----------------------------                      
 43                                                   
 44 Policy for negative dentries. Set to 1 to to a    
 45 file is removed, and 0 to disable it. By defau    
 46                                                   
 47 dentry-state                                      
 48 ------------                                      
 49                                                   
 50 This file shows the values in ``struct dentry_    
 51 ``fs/dcache.c``::                                 
 52                                                   
 53   struct dentry_stat_t dentry_stat {              
 54         long nr_dentry;                           
 55         long nr_unused;                           
 56         long age_limit;         /* age in seco    
 57         long want_pages;        /* pages reque    
 58         long nr_negative;       /* # of unused    
 59         long dummy;             /* Reserved fo    
 60   };                                              
 61                                                   
 62 Dentries are dynamically allocated and dealloc    
 63                                                   
 64 ``nr_dentry`` shows the total number of dentri    
 65 + unused). ``nr_unused shows`` the number of d    
 66 actively used, but are saved in the LRU list f    
 67                                                   
 68 ``age_limit`` is the age in seconds after whic    
 69 can be reclaimed when memory is short and ``wa    
 70 nonzero when ``shrink_dcache_pages()`` has bee    
 71 dcache isn't pruned yet.                          
 72                                                   
 73 ``nr_negative`` shows the number of unused den    
 74 negative dentries which do not map to any file    
 75 they help speeding up rejection of non-existin    
 76 by the users.                                     
 77                                                   
 78                                                   
 79 file-max & file-nr                                
 80 ------------------                                
 81                                                   
 82 The value in ``file-max`` denotes the maximum     
 83 handles that the Linux kernel will allocate. W    
 84 of error messages about running out of file ha    
 85 want to increase this limit.                      
 86                                                   
 87 Historically,the kernel was able to allocate f    
 88 dynamically, but not to free them again. The t    
 89 ``file-nr`` denote the number of allocated fil    
 90 of allocated but unused file handles, and the     
 91 file handles. Linux 2.6 and later always repor    
 92 file handles -- this is not an error, it just     
 93 number of allocated file handles exactly match    
 94 used file handles.                                
 95                                                   
 96 Attempts to allocate more file descriptors tha    
 97 reported with ``printk``, look for::              
 98                                                   
 99   VFS: file-max limit <number> reached            
100                                                   
101 in the kernel logs.                               
102                                                   
103                                                   
104 inode-nr & inode-state                            
105 ----------------------                            
106                                                   
107 As with file handles, the kernel allocates the    
108 dynamically, but can't free them yet.             
109                                                   
110 The file ``inode-nr`` contains the first two i    
111 ``inode-state``, so we'll skip to that file...    
112                                                   
113 ``inode-state`` contains three actual numbers     
114 The actual numbers are, in order of appearance    
115 ``nr_free_inodes`` and ``preshrink``.             
116                                                   
117 ``nr_inodes`` stands for the number of inodes     
118 allocated.                                        
119                                                   
120 ``nr_free_inodes`` represents the number of fr    
121 preshrink is nonzero when the                     
122 system needs to prune the inode list instead o    
123 more.                                             
124                                                   
125                                                   
126 mount-max                                         
127 ---------                                         
128                                                   
129 This denotes the maximum number of mounts that    
130 in a mount namespace.                             
131                                                   
132                                                   
133 nr_open                                           
134 -------                                           
135                                                   
136 This denotes the maximum number of file-handle    
137 allocate. Default value is 1024*1024 (1048576)    
138 enough for most machines. Actual limit depends    
139 resource limit.                                   
140                                                   
141                                                   
142 overflowgid & overflowuid                         
143 -------------------------                         
144                                                   
145 Some filesystems only support 16-bit UIDs and     
146 UIDs and GIDs are 32 bits. When one of these f    
147 with writes enabled, any UID or GID that would    
148 to a fixed value before being written to disk.    
149                                                   
150 These sysctls allow you to change the value of    
151 The default is 65534.                             
152                                                   
153                                                   
154 pipe-user-pages-hard                              
155 --------------------                              
156                                                   
157 Maximum total number of pages a non-privileged    
158 Once this limit is reached, no new pipes may b    
159 below the limit again. When set to 0, no limit    
160 setting.                                          
161                                                   
162                                                   
163 pipe-user-pages-soft                              
164 --------------------                              
165                                                   
166 Maximum total number of pages a non-privileged    
167 before the pipe size gets limited to a single     
168 new pipes will be limited to a single page in     
169 limit total memory usage, and trying to increa    
170 denied until usage goes below the limit again.    
171 allocate up to 1024 pipes at their default siz    
172 applied.                                          
173                                                   
174                                                   
175 protected_fifos                                   
176 ---------------                                   
177                                                   
178 The intent of this protection is to avoid unin    
179 an attacker-controlled FIFO, where a program e    
180 file.                                             
181                                                   
182 When set to "0", writing to FIFOs is unrestric    
183                                                   
184 When set to "1" don't allow ``O_CREAT`` open o    
185 in world writable sticky directories, unless t    
186 owner of the directory.                           
187                                                   
188 When set to "2" it also applies to group writa    
189                                                   
190 This protection is based on the restrictions i    
191                                                   
192                                                   
193 protected_hardlinks                               
194 --------------------                              
195                                                   
196 A long-standing class of security issues is th    
197 time-of-check-time-of-use race, most commonly     
198 directories like ``/tmp``. The common method o    
199 is to cross privilege boundaries when followin    
200 root process follows a hardlink created by ano    
201 on systems without separated partitions, this     
202 from "pinning" vulnerable setuid/setgid files     
203 the administrator, or linking to special files    
204                                                   
205 When set to "0", hardlink creation behavior is    
206                                                   
207 When set to "1" hardlinks cannot be created by    
208 already own the source file, or do not have re    
209                                                   
210 This protection is based on the restrictions i    
211                                                   
212                                                   
213 protected_regular                                 
214 -----------------                                 
215                                                   
216 This protection is similar to `protected_fifos    
217 avoids writes to an attacker-controlled regula    
218 expected to create one.                           
219                                                   
220 When set to "0", writing to regular files is u    
221                                                   
222 When set to "1" don't allow ``O_CREAT`` open o    
223 don't own in world writable sticky directories    
224 owned by the owner of the directory.              
225                                                   
226 When set to "2" it also applies to group writa    
227                                                   
228                                                   
229 protected_symlinks                                
230 ------------------                                
231                                                   
232 A long-standing class of security issues is th    
233 time-of-check-time-of-use race, most commonly     
234 directories like ``/tmp``. The common method o    
235 is to cross privilege boundaries when followin    
236 root process follows a symlink belonging to an    
237 incomplete list of hundreds of examples across    
238 https://cve.mitre.org/cgi-bin/cvekey.cgi?keywo    
239                                                   
240 When set to "0", symlink following behavior is    
241                                                   
242 When set to "1" symlinks are permitted to be f    
243 a sticky world-writable directory, or when the    
244 follower match, or when the directory owner ma    
245                                                   
246 This protection is based on the restrictions i    
247                                                   
248                                                   
249 suid_dumpable                                     
250 -------------                                     
251                                                   
252 This value can be used to query and set the co    
253 or otherwise protected/tainted binaries. The m    
254                                                   
255 =   ==========  ==============================    
256 0   (default)   Traditional behaviour. Any pro    
257                 privilege levels or is execute    
258 1   (debug)     All processes dump core when p    
259                 owned by the current user and     
260                 intended for system debugging     
261                 Ptrace is unchecked.              
262                 This is insecure as it allows     
263                 memory contents of privileged     
264 2   (suidsafe)  Any binary which normally woul    
265                 anyway, but only if the ``core    
266                 :ref:`Documentation/admin-guid    
267                 is set to                         
268                 either a pipe handler or a ful    
269                 details on this limitation, se    
270                 appropriate when administrator    
271                 problems in a normal environme    
272                 pipe handler that knows to tre    
273                 care, or specific directory de    
274                 If a core dump happens without    
275                 qualified path, a message will    
276                 about the lack of a correct se    
277 =   ==========  ==============================    
278                                                   
279                                                   
280                                                   
281 2. /proc/sys/fs/binfmt_misc                       
282 ===========================                       
283                                                   
284 Documentation for the files in ``/proc/sys/fs/    
285 in Documentation/admin-guide/binfmt-misc.rst.     
286                                                   
287                                                   
288 3. /proc/sys/fs/mqueue - POSIX message queues     
289 ==============================================    
290                                                   
291                                                   
292 The "mqueue"  filesystem provides  the necessa    
293 creation of a  user space  library that  imple    
294 API (as noted by the  MSG tag in the  POSIX 10    
295 Interfaces specification.)                        
296                                                   
297 The "mqueue" filesystem contains values for de    
298 amount of resources used by the file system.      
299                                                   
300 ``/proc/sys/fs/mqueue/queues_max`` is a read/w    
301 setting/getting the maximum number of message     
302 system.                                           
303                                                   
304 ``/proc/sys/fs/mqueue/msg_max`` is a read/writ    
305 setting/getting the maximum number of messages    
306 fact it is the limiting value for another (use    
307 ``mq_open`` invocation.  This attribute of a q    
308 or equal to ``msg_max``.                          
309                                                   
310 ``/proc/sys/fs/mqueue/msgsize_max`` is a read/    
311 setting/getting the maximum message size value    
312 every message queue, set during its creation).    
313                                                   
314 ``/proc/sys/fs/mqueue/msg_default`` is a read/    
315 setting/getting the default number of messages    
316 ``attr`` parameter of ``mq_open(2)`` is ``NULL    
317 ``msg_max``, the default value is initialized     
318                                                   
319 ``/proc/sys/fs/mqueue/msgsize_default`` is a r    
320 setting/getting the default message size value    
321 parameter of ``mq_open(2)`` is ``NULL``. If it    
322 ``msgsize_max``, the default value is initiali    
323                                                   
324 4. /proc/sys/fs/epoll - Configuration options     
325 ==============================================    
326                                                   
327 This directory contains configuration options     
328                                                   
329 max_user_watches                                  
330 ----------------                                  
331                                                   
332 Every epoll file descriptor can store a number    
333 for event readiness. Each one of these monitor    
334 This configuration option sets the maximum num    
335 allowed for each user.                            
336 Each "watch" costs roughly 90 bytes on a 32-bi    
337 on a 64-bit one.                                  
338 The current default value for ``max_user_watch    
339 available low memory, divided by the "watch" c    
340                                                   
341 5. /proc/sys/fs/fuse - Configuration options f    
342 ==============================================    
343                                                   
344 This directory contains the following configur    
345 filesystems:                                      
346                                                   
347 ``/proc/sys/fs/fuse/max_pages_limit`` is a rea    
348 setting/getting the maximum number of pages th    
349 requests in FUSE.                                 
                                                      

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php