社区微信群开通啦,扫一扫抢先加入社区官方微信群
社区微信群
NAME | DESCRIPTION | NOTES | SEE ALSO | COLOPHON |
|
PROC(5) Linux Programmer's Manual PROC(5)
proc - process information pseudo-filesystem
The proc filesystem is a pseudo-filesystem which provides an interface to kernel data structures. It is commonly mounted at /proc. Most of it is read-only, but some files allow kernel variables to be changed. The following list describes many of the files and directories under the /proc hierarchy. /proc/[pid] There is a numerical subdirectory for each running process; the subdirectory is named by the process ID. Each such subdirectory contains the following pseudo-files and directories. /proc/[pid]/attr The files in this directory provide an API for security modules. The contents of this directory are files that can be read and written in order to set security-related attributes. This directory was added to support SELinux, but the intention was that the API be general enough to support other security modules. For the purpose of explanation, examples of how SELinux uses these files are provided below. This directory is present only if the kernel was configured with CONFIG_SECURITY. /proc/[pid]/attr/current (since Linux 2.6.0) The contents of this file represent the current security attributes of the process. In SELinux, this file is used to get the security context of a process. Prior to Linux 2.6.11, this file could not be used to set the security context (a write was always denied), since SELinux limited process security transitions to execve(2) (see the description of /proc/[pid]/attr/exec, below). Since Linux 2.6.11, SELinux lifted this restriction and began supporting "set" operations via writes to this node if authorized by policy, although use of this operation is only suitable for applications that are trusted to maintain any desired separation between the old and new security contexts. Prior to Linux 2.6.28, SELinux did not allow threads within a multi- threaded process to set their security context via this node as it would yield an inconsistency among the security contexts of the threads sharing the same memory space. Since Linux 2.6.28, SELinux lifted this restriction and began supporting "set" operations for threads within a multithreaded process if the new security context is bounded by the old security context, where the bounded relation is defined in policy and guarantees that the new security context has a subset of the permissions of the old security context. Other security modules may choose to support "set" operations via writes to this node. /proc/[pid]/attr/exec (since Linux 2.6.0) This file represents the attributes to assign to the process upon a subsequent execve(2). In SELinux, this is needed to support role/domain transitions, and execve(2) is the preferred point to make such transitions because it offers better control over the initialization of the process in the new security label and the inheritance of state. In SELinux, this attribute is reset on execve(2) so that the new program reverts to the default behavior for any execve(2) calls that it may make. In SELinux, a process can set only its own /proc/[pid]/attr/exec attribute. /proc/[pid]/attr/fscreate (since Linux 2.6.0) This file represents the attributes to assign to files created by subsequent calls to open(2), mkdir(2), symlink(2), and mknod(2) SELinux employs this file to support creation of a file (using the aforementioned system calls) in a secure state, so that there is no risk of inappropriate access being obtained between the time of creation and the time that attributes are set. In SELinux, this attribute is reset on execve(2), so that the new program reverts to the default behavior for any file creation calls it may make, but the attribute will persist across multiple file creation calls within a program unless it is explicitly reset. In SELinux, a process can set only its own /proc/[pid]/attr/fscreate attribute. /proc/[pid]/attr/prev (since Linux 2.6.0) This file contains the security context of the process before the last execve(2); that is, the previous value of /proc/[pid]/attr/current. /proc/[pid]/attr/keycreate (since Linux 2.6.18) If a process writes a security context into this file, all subsequently created keys (add_key(2)) will be labeled with this context. For further information, see the kernel source file Documentation/keys.txt. /proc/[pid]/attr/socketcreate (since Linux 2.6.18) If a process writes a security context into this file, all subsequently created sockets will be labeled with this context. /proc/[pid]/auxv (since 2.6.0-test7) This contains the contents of the ELF interpreter information passed to the process at exec time. The format is one unsigned long ID plus one unsigned long value for each entry. The last entry contains two zeros. See also getauxval(3). /proc/[pid]/cgroup (since Linux 2.6.24) This file describes control groups to which the process/task belongs. For each cgroup hierarchy there is one entry containing colon-separated fields of the form: 5:cpuacct,cpu,cpuset:/daemons The colon-separated fields are, from left to right: 1. hierarchy ID number 2. set of subsystems bound to the hierarchy 3. control group in the hierarchy to which the process belongs This file is present only if the CONFIG_CGROUPS kernel configuration option is enabled. /proc/[pid]/clear_refs (since Linux 2.6.22) This is a write-only file, writable only by owner of the process. The following values may be written to the file: 1 (since Linux 2.6.22) Reset the PG_Referenced and ACCESSED/YOUNG bits for all the pages associated with the process. (Before kernel 2.6.32, writing any nonzero value to this file had this effect.) 2 (since Linux 2.6.32) Reset the PG_Referenced and ACCESSED/YOUNG bits for all anonymous pages associated with the process. 3 (since Linux 2.6.32) Reset the PG_Referenced and ACCESSED/YOUNG bits for all file-mapped pages associated with the process. Clearing the PG_Referenced and ACCESSED/YOUNG bits provides a method to measure approximately how much memory a process is using. One first inspects the values in the "Referenced" fields for the VMAs shown in /proc/[pid]/smaps to get an idea of the memory footprint of the process. One then clears the PG_Referenced and ACCESSED/YOUNG bits and, after some measured time interval, once again inspects the values in the "Referenced" fields to get an idea of the change in memory footprint of the process during the measured interval. If one is interested only in inspecting the selected mapping types, then the value 2 or 3 can be used instead of 1. A further value can be written to affect a different bit: 4 (since Linux 3.11) Clear the soft-dirty bit for all the pages associated with the process. This is used (in conjunction with /proc/[pid]/pagemap) by the check-point restore system to discover which pages of a process have been dirtied since the file /proc/[pid]/clear_refs was written to. Writing any value to /proc/[pid]/clear_refs other than those listed above has no effect. The /proc/[pid]/clear_refs file is present only if the CONFIG_PROC_PAGE_MONITOR kernel configuration option is enabled. /proc/[pid]/cmdline This read-only file holds the complete command line for the process, unless the process is a zombie. In the latter case, there is nothing in this file: that is, a read on this file will return 0 characters. The command-line arguments appear in this file as a set of strings separated by null bytes (' '), with a further null byte after the last string. /proc/[pid]/comm (since Linux 2.6.33) This file exposes the process's comm value—that is, the command name associated with the process. Different threads in the same process may have different comm values, accessible via /proc/[pid]/task/[tid]/comm. A thread may modify its comm value, or that of any of other thread in the same thread group (see the discussion of CLONE_THREAD in clone(2)), by writing to the file /proc/self/task/[tid]/comm. Strings longer than TASK_COMM_LEN (16) characters are silently truncated. This file provides a superset of the prctl(2) PR_SET_NAME and PR_GET_NAME operations, and is employed by pthread_setname_np(3) when used to rename threads other than the caller. /proc/[pid]/coredump_filter (since Linux 2.6.23) See core(5). /proc/[pid]/cpuset (since Linux 2.6.12) See cpuset(7). /proc/[pid]/cwd This is a symbolic link to the current working directory of the process. To find out the current working directory of process 20, for instance, you can do this: $ cd /proc/20/cwd; /bin/pwd Note that the pwd command is often a shell built-in, and might not work properly. In bash(1), you may use pwd -P. In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)). /proc/[pid]/environ This file contains the environment for the process. The entries are separated by null bytes (' '), and there may be a null byte at the end. Thus, to print out the environment of process 1, you would do: $ strings /proc/1/environ /proc/[pid]/exe Under Linux 2.2 and later, this file is a symbolic link containing the actual pathname of the executed command. This symbolic link can be dereferenced normally; attempting to open it will open the executable. You can even type /proc/[pid]/exe to run another copy of the same executable as is being run by process [pid]. In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)). Under Linux 2.0 and earlier, /proc/[pid]/exe is a pointer to the binary which was executed, and appears as a symbolic link. A readlink(2) call on this file under Linux 2.0 returns a string in the format: [device]:inode For example, [0301]:1502 would be inode 1502 on device major 03 (IDE, MFM, etc. drives) minor 01 (first partition on the first drive). find(1) with the -inum option can be used to locate the file. /proc/[pid]/fd/ This is a subdirectory containing one entry for each file which the process has open, named by its file descriptor, and which is a symbolic link to the actual file. Thus, 0 is standard input, 1 standard output, 2 standard error, and so on. For file descriptors for pipes and sockets, the entries will be symbolic links whose content is the file type with the inode. A readlink(2) call on this file returns a string in the format: type:[inode] For example, socket:[2248868] will be a socket and its inode is 2248868. For sockets, that inode can be used to find more information in one of the files under /proc/net/. For file descriptors that have no corresponding inode (e.g., file descriptors produced by epoll_create(2), eventfd(2), inotify_init(2), signalfd(2), and timerfd(2)), the entry will be a symbolic link with contents of the form anon_inode:<file-type> In some cases, the file-type is surrounded by square brackets. For example, an epoll file descriptor will have a symbolic link whose content is the string anon_inode:[eventpoll]. In a multithreaded process, the contents of this directory are not available if the main thread has already terminated (typically by calling pthread_exit(3)). Programs that will take a filename as a command-line argument, but will not take input from standard input if no argument is supplied, or that write to a file named as a command-line argument, but will not send their output to standard output if no argument is supplied, can nevertheless be made to use standard input or standard out using /proc/[pid]/fd. For example, assuming that -i is the flag designating an input file and -o is the flag designating an output file: $ foobar -i /proc/self/fd/0 -o /proc/self/fd/1 ... and you have a working filter. /proc/self/fd/N is approximately the same as /dev/fd/N in some UNIX and UNIX-like systems. Most Linux MAKEDEV scripts symbolically link /dev/fd to /proc/self/fd, in fact. Most systems provide symbolic links /dev/stdin, /dev/stdout, and /dev/stderr, which respectively link to the files 0, 1, and 2 in /proc/self/fd. Thus the example command above could be written as: $ foobar -i /dev/stdin -o /dev/stdout ... /proc/[pid]/fdinfo/ (since Linux 2.6.22) This is a subdirectory containing one entry for each file which the process has open, named by its file descriptor. The files in this directory are readable only by the owner of the process. The contents of each file can be read to obtain information about the corresponding file descriptor. The content depends on the type of file referred to by the corresponding descriptor. For regular files and directories, we see something like: $ cat /proc/12015/fdinfo/4 pos: 1000 flags: 01002002 mnt_id: 21 The pos field is a decimal number showing the current file offset. The flags field is an octal number that displays the file access mode and file status flags (see open(2)). The mnt_id field, present since Linux 3.15, is the ID of the mount point containing this file. See the description of /proc/[pid]/mountinfo. For eventfd file descriptors (see eventfd(2)), we see the following fields: pos: 0 flags: 02 mnt_id: 10 eventfd-count: 40 eventfd-count is the current value of the eventfd counter, in hexadecimal. For epoll file descriptors (see epoll(7)), we see the following fields: pos: 0 flags: 02 mnt_id: 10 tfd: 9 events: 19 data: 74253d2500000009 tfd: 7 events: 19 data: 74253d2500000007 Each of the lines beginning tfd describes one of the file descriptors being monitored via the epoll file descriptor (see epoll_ctl(2) for some details). The tfd field is the number of the file descriptor. The events field is a hexadecimal mask of the events being monitored for this file descriptor. The data field is the data value associated with this file descriptor. For signalfd file descriptors (see signalfd(2)), we see the following fields: pos: 0 flags: 02 mnt_id: 10 sigmask: 0000000000000006 sigmask is the hexadecimal mask of signals that are accepted via this signalfd file descriptor. (In this example, bits 2 and 3 are set, corresponding to the signals SIGINT and SIGQUIT; see signal(7).) /proc/[pid]/io (since kernel 2.6.20) This file contains I/O statistics for the process, for example: # cat /proc/3828/io rchar: 323934931 wchar: 323929600 syscr: 632687 syscw: 632675 read_bytes: 0 write_bytes: 323932160 cancelled_write_bytes: 0 The fields are as follows: rchar: characters read The number of bytes which this task has caused to be read from storage. This is simply the sum of bytes which this process passed to read(2) and similar system calls. It includes things such as terminal I/O and is unaffected by whether or not actual physical disk I/O was required (the read might have been satisfied from pagecache). wchar: characters written The number of bytes which this task has caused, or shall cause to be written to disk. Similar caveats apply here as with rchar. syscr: read syscalls Attempt to count the number of read I/O operations—that is, system calls such as read(2) and pread(2). syscw: write syscalls Attempt to count the number of write I/O operations— that is, system calls such as write(2) and pwrite(2). read_bytes: bytes read Attempt to count the number of bytes which this process really did cause to be fetched from the storage layer. This is accurate for block-backed filesystems. write_bytes: bytes written Attempt to count the number of bytes which this process caused to be sent to the storage layer. cancelled_write_bytes: The big inaccuracy here is truncate. If a process writes 1MB to a file and then deletes the file, it will in fact perform no writeout. But it will have been accounted as having caused 1MB of write. In other words: this field represents the number of bytes which this process caused to not happen, by truncating pagecache. A task can cause "negative" I/O too. If this task truncates some dirty pagecache, some I/O which another task has been accounted for (in its write_bytes) will not be happening. Note: In the current implementation, things are a bit racy on 32-bit systems: if process A reads process B's /proc/[pid]/io while process B is updating one of these 64-bit counters, process A could see an intermediate result. /proc/[pid]/gid_map (since Linux 3.5) See user_namespaces(7). /proc/[pid]/limits (since Linux 2.6.24) This file displays the soft limit, hard limit, and units of measurement for each of the process's resource limits (see getrlimit(2)). Up to and including Linux 2.6.35, this file is protected to allow reading only by the real UID of the process. Since Linux 2.6.36, this file is readable by all users on the system. /proc/[pid]/map_files/ (since kernel 3.3) This subdirectory contains entries corresponding to memory- mapped files (see mmap(2)). Entries are named by memory region start and end address pair (expressed as hexadecimal numbers), and are symbolic links to the mapped files themselves. Here is an example, with the output wrapped and reformatted to fit on an 80-column display: # ls -l /proc/self/map_files/ lr--------. 1 root root 64 Apr 16 21:31 3252e00000-3252e20000 -> /usr/lib64/ld-2.15.so ... Although these entries are present for memory regions that were mapped with the MAP_FILE flag, the way anonymous shared memory (regions created with the MAP_ANON | MAP_SHARED flags) is implemented in Linux means that such regions also appear on this directory. Here is an example where the target file is the deleted /dev/zero one: lrw-------. 1 root root 64 Apr 16 21:33 7fc075d2f000-7fc075e6f000 -> /dev/zero (deleted) This directory appears only if the CONFIG_CHECKPOINT_RESTORE kernel configuration option is enabled. Privilege (CAP_SYS_ADMIN) is required to view the contents of this directory. /proc/[pid]/maps A file containing the currently mapped memory regions and their access permissions. See mmap(2) for some further information about memory mappings. The format of the file is: address perms offset dev inode pathname 00400000-00452000 r-xp 00000000 08:02 173521 /usr/bin/dbus-daemon 00651000-00652000 r--p 00051000 08:02 173521 /usr/bin/dbus-daemon 00652000-00655000 rw-p 00052000 08:02 173521 /usr/bin/dbus-daemon 00e03000-00e24000 rw-p 00000000 00:00 0 [heap] 00e24000-011f7000 rw-p 00000000 00:00 0 [heap] ... 35b1800000-35b1820000 r-xp 00000000 08:02 135522 /usr/lib64/ld-2.15.so 35b1a1f000-35b1a20000 r--p 0001f000 08:02 135522 /usr/lib64/ld-2.15.so 35b1a20000-35b1a21000 rw-p 00020000 08:02 135522 /usr/lib64/ld-2.15.so 35b1a21000-35b1a22000 rw-p 00000000 00:00 0 35b1c00000-35b1dac000 r-xp 00000000 08:02 135870 /usr/lib64/libc-2.15.so 35b1dac000-35b1fac000 ---p 001ac000 08:02 135870 /usr/lib64/libc-2.15.so 35b1fac000-35b1fb0000 r--p 001ac000 08:02 135870 /usr/lib64/libc-2.15.so 35b1fb0000-35b1fb2000 rw-p 001b0000 08:02 135870 /usr/lib64/libc-2.15.so ... f2c6ff8c000-7f2c7078c000 rw-p 00000000 00:00 0 [stack:986] ... 7fffb2c0d000-7fffb2c2e000 rw-p 00000000 00:00 0 [stack] 7fffb2d48000-7fffb2d49000 r-xp 00000000 00:00 0 [vdso] The address field is the address space in the process that the mapping occupies. The perms field is a set of permissions: r = read w = write x = execute s = shared p = private (copy on write) The offset field is the offset into the file/whatever; dev is the device (major:minor); inode is the inode on that device. 0 indicates that no inode is associated with the memory region, as would be the case with BSS (uninitialized data). The pathname field will usually be the file that is backing the mapping. For ELF files, you can easily coordinate with the offset field by looking at the Offset field in the ELF program headers (readelf -l). There are additional helpful pseudo-paths: [stack] The initial process's (also known as the main thread's) stack. [stack:<tid>] (since Linux 3.4) A thread's stack (where the <tid> is a thread ID). It corresponds to the /proc/[pid]/task/[tid]/ path. [vdso] The virtual dynamically linked shared object. [heap] The process's heap. If the pathname field is blank, this is an anonymous mapping as obtained via the mmap(2) function. There is no easy way to coordinate this back to a process's source, short of running it through gdb(1), strace(1), or similar. Under Linux 2.0, there is no field giving pathname. /proc/[pid]/mem This file can be used to access the pages of a process's memory through open(2), read(2), and lseek(2). /proc/[pid]/mountinfo (since Linux 2.6.26) This file contains information about mount points. It contains lines of the form: 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue (1)(2)(3) (4) (5) (6) (7) (8) (9) (10) (11) The numbers in parentheses are labels for the descriptions below: (1) mount ID: unique identifier of the mount (may be reused after umount(2)). (2) parent ID: ID of parent mount (or of self for the top of the mount tree). (3) major:minor: value of st_dev for files on filesystem (see stat(2)). (4) root: root of the mount within the filesystem. (5) mount point: mount point relative to the process's root. (6) mount options: per-mount options. (7) optional fields: zero or more fields of the form "tag[:value]". (8) separator: marks the end of the optional fields. (9) filesystem type: name of filesystem in the form "type[.subtype]". (10) mount source: filesystem-specific information or "none". (11) super options: per-superblock options. Parsers should ignore all unrecognized optional fields. Currently the possible optional fields are: shared:X mount is shared in peer group X master:X mount is slave to peer group X propagate_from:X mount is slave and receives propagation from peer group X (*) unbindable mount is unbindable (*) X is the closest dominant peer group under the process's root. If X is the immediate master of the mount, or if there is no dominant peer group under the same root, then only the "master:X" field is present and not the "propagate_from:X" field. For more information on mount propagation see: Documentation/filesystems/sharedsubtree.txt in the Linux kernel source tree. /proc/[pid]/mounts (since Linux 2.4.19) This is a list of all the filesystems currently mounted in the process's mount namespace. The format of this file is documented in fstab(5). Since kernel version 2.6.15, this file is pollable: after opening the file for reading, a change in this file (i.e., a filesystem mount or unmount) causes select(2) to mark the file descriptor as readable, and poll(2) and epoll_wait(2) mark the file as having an error condition. See namespaces(7) for more information. /proc/[pid]/mountstats (since Linux 2.6.17) This file exports information (statistics, configuration information) about the mount points in the process's mount namespace. Lines in this file have the form: device /dev/sda7 mounted on /home with fstype ext3 [statistics] ( 1 ) ( 2 ) (3 ) (4) The fields in each line are: (1) The name of the mounted device (or "nodevice" if there is no corresponding device). (2) The mount point within the filesystem tree. (3) The filesystem type. (4) Optional statistics and configuration information. Currently (as at Linux 2.6.26), only NFS filesystems export information via this field. This file is readable only by the owner of the process. See namespaces(7) for more information. /proc/[pid]/ns/ (since Linux 3.0) This is a subdirectory containing one entry for each namespace that supports being manipulated by setns(2). For more information, see namespaces(7). /proc/[pid]/numa_maps (since Linux 2.6.14) See numa(7). /proc/[pid]/oom_adj (since Linux 2.6.11) This file can be used to adjust the score used to select which process should be killed in an out-of-memory (OOM) situation. The kernel uses this value for a bit-shift operation of the process's oom_score value: valid values are in the range -16 to +15, plus the special value -17, which disables OOM-killing altogether for this process. A positive score increases the likelihood of this process being killed by the OOM-killer; a negative score decreases the likelihood. The default value for this file is 0; a new process inherits its parent's oom_adj setting. A process must be privileged (CAP_SYS_RESOURCE) to update this file. Since Linux 2.6.36, use of this file is deprecated in favor of /proc/[pid]/oom_score_adj. /proc/[pid]/oom_score (since Linux 2.6.11) This file displays the current score that the kernel gives to this process for the purpose of selecting a process for the OOM-killer. A higher score means that the process is more likely to be selected by the OOM-killer. The basis for this score is the amount of memory used by the process, with increases (+) or decreases (-) for factors including: * whether the process creates a lot of children using fork(2) (+); * whether the process has been running a long time, or has used a lot of CPU time (-); * whether the process has a low nice value (i.e., > 0) (+); * whether the process is privileged (-); and * whether the process is making direct hardware access (-). The oom_score also reflects the adjustment specified by the oom_score_adj or oom_adj setting for the process. /proc/[pid]/oom_score_adj (since Linux 2.6.36) This file can be used to adjust the badness heuristic used to select which process gets killed in out-of-memory conditions. The badness heuristic assigns a value to each candidate task ranging from 0 (never kill) to 1000 (always kill) to determine which process is targeted. The units are roughly a proportion along that range of allowed memory the process may allocate from, based on an estimation of its current memory and swap use. For example, if a task is using all allowed memory, its badness score will be 1000. If it is using half of its allowed memory, its score will be 500. There is an additional factor included in the badness score: root processes are given 3% extra memory over other tasks. The amount of "allowed" memory depends on the context in which the OOM-killer was called. If it is due to the memory assigned to the allocating task's cpuset being exhausted, the allowed memory represents the set of mems assigned to that cpuset (see cpuset(7)). If it is due to a mempolicy's node(s) being exhausted, the allowed memory represents the set of mempolicy nodes. If it is due to a memory limit (or swap limit) being reached, the allowed memory is that configured limit. Finally, if it is due to the entire system being out of memory, the allowed memory represents all allocatable resources. The value of oom_score_adj is added to the badness score before it is used to determine which task to kill. Acceptable values range from -1000 (OOM_SCORE_ADJ_MIN) to +1000 (OOM_SCORE_ADJ_MAX). This allows user space to control the preference for OOM-killing, ranging from always preferring a certain task or completely disabling it from OOM killing. The lowest possible value, -1000, is equivalent to disabling OOM- killing entirely for that task, since it will always report a badness score of 0. Consequently, it is very simple for user space to define the amount of memory to consider for each task. Setting a oom_score_adj value of +500, for example, is roughly equivalent to allowing the remainder of tasks sharing the same system, cpuset, mempolicy, or memory controller resources to use at least 50% more memory. A value of -500, on the other hand, would be roughly equivalent to discounting 50% of the task's allowed memory from being considered as scoring against the task. For backward compatibility with previous kernels, /proc/[pid]/oom_adj can still be used to tune the badness score. Its value is scaled linearly with oom_score_adj. Writing to /proc/[pid]/oom_score_adj or /proc/[pid]/oom_adj will change the other with its scaled value. /proc/[pid]/pagemap (since Linux 2.6.25) This file shows the mapping of each of the process's virtual pages into physical page frames or swap area. It contains one 64-bit value for each virtual page, with the bits set as follows: 63 If set, the page is present in RAM. 62 If set, the page is in swap space 61 (since Linux 3.5) The page is a file-mapped page or a shared anonymous page. 60-56 (since Linux 3.11) Zero 55 (Since Linux 3.11) PTE is soft-dirty (see the kernel source file Documentation/vm/soft-dirty.txt). 54-0 If the page is present in RAM (bit 63), then these bits provide the page frame number, which can be used to index /proc/kpageflags and /proc/kpagecount. If the page is present in swap (bit 62), then bits 4-0 give the swap type, and bits 54-5 encode the swap offset. Before Linux 3.11, bits 60-55 were used to encode the base-2 log of the page size. To employ /proc/[pid]/pagemap efficiently, use /proc/[pid]/maps to determine which areas of memory are actually mapped and seek to skip over unmapped regions. The /proc/[pid]/pagemap file is present only if the CONFIG_PROC_PAGE_MONITOR kernel configuration option is enabled. /proc/[pid]/personality (since Linux 2.6.28) This read-only file exposes the process's execution domain, as set by personality(2). The value is displayed in hexadecimal notation. /proc/[pid]/root UNIX and Linux support the idea of a per-process root of the filesystem, set by the chroot(2) system call. This file is a symbolic link that points to the process's root directory, and behaves in the same way as exe, and fd/*. In a multithreaded process, the contents of this symbolic link are not available if the main thread has already terminated (typically by calling pthread_exit(3)). /proc/[pid]/seccomp (from Linux 2.6.12 to 2.6.22) Read/set the seccomp mode for the process. If this file contains the value zero, seccomp mode is not enabled. Writing the value 1 to this file (irreversibly) places the process in seccomp mode: the only permitted system calls are read(2), write(2), _exit(2), and sigreturn(2). This file went away in Linux 2.6.23, when it was replaced by a prctl(2)-based mechanism. /proc/[pid]/setgroups (since Linux 3.19) See user_namespaces(7). /proc/[pid]/smaps (since Linux 2.6.14) This file shows memory consumption for each of the process's mappings. (The pmap(1) command displays similar information, in a form that may be easier for parsing.) For each mapping there is a series of lines such as the following: 00400000-0048a000 r-xp 00000000 fd:03 960637 /bin/bash Size: 552 kB Rss: 460 kB Pss: 100 kB Shared_Clean: 452 kB Shared_Dirty: 0 kB Private_Clean: 8 kB Private_Dirty: 0 kB Referenced: 460 kB Anonymous: 0 kB AnonHugePages: 0 kB Swap: 0 kB KernelPageSize: 4 kB MMUPageSize: 4 kB Locked: 0 kB The first of these lines shows the same information as is displayed for the mapping in /proc/[pid]/maps. The remaining lines show the size of the mapping, the amount of the mapping that is currently resident in RAM ("Rss"), the process' proportional share of this mapping ("Pss"), the number of clean and dirty shared pages in the mapping, and the number of clean and dirty private pages in the mapping. "Referenced" indicates the amount of memory currently marked as referenced or accessed. "Anonymous" shows the amount of memory that does not belong to any file. "Swap" shows how much would-be- anonymous memory is also used, but out on swap. The "KernelPageSize" entry is the page size used by the kernel to back a VMA. This matches the size used by the MMU in the majority of cases. However, one counter-example occurs on PPC64 kernels whereby a kernel using 64K as a base page size may still use 4K pages for the MMU on older processors. To distinguish, this patch reports "MMUPageSize" as the page size used by the MMU. The "Locked" indicates whether the mapping is locked in memory or not. "VmFlags" field represents the kernel flags associated with the particular virtual memory area in two letter encoded manner. The codes are the following: rd - readable wr - writable ex - executable sh - shared mr - may read mw - may write me - may execute ms - may share gd - stack segment grows down pf - pure PFN range dw - disabled write to the mapped file lo - pages are locked in memory io - memory mapped I/O area sr - sequential read advise provided rr - random read advise provided dc - do not copy area on fork de - do not expand area on remapping ac - area is accountable nr - swap space is not reserved for the area ht - area uses huge tlb pages nl - non-linear mapping ar - architecture specific flag dd - do not include area into core dump sd - soft-dirty flag mm - mixed map area hg - huge page advise flag nh - no-huge page advise flag mg - mergeable advise flag The /proc/[pid]/smaps file is present only if the 版权声明:本文来源CSDN,感谢博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明。
原文链接:https://blog.csdn.net/Aaronzzq/article/details/45288785
站方申明:本站部分内容来自社区用户分享,若涉及侵权,请联系站方删除。
如果觉得我的文章对您有用,请随意打赏。你的支持将鼓励我继续创作!