Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

Chapter 3. Important Changes to External Kernel Parameters

This chapter provides system administrators with a summary of significant changes in the kernel shipped with Red Hat Enterprise Linux 7.4. These changes include added or updated proc entries, sysctl, and sysfs default values, boot parameters, kernel configuration options, or any noticeable behavior changes.

Updated /proc/sys/kernel entries

hung_task_panic
Controls the behavior of the kernel when an unresponsive task is detected. This file occurs if CONFIG_DETECT_HUNG_TASK is enabled.
Format: { "0" | "1" }
0 - Continue operation. Default behavior.
1 - Panic immediately.
hung_task_check_count
Provides the upper bound on the number of tasks that are checked. This file occurs if CONFIG_DETECT_HUNG_TASK is enabled.
hung_task_timeout_secs
Checks interval. Reports a warning in case that a task in D state is not scheduled for longer time than this value. This file occurs if CONFIG_DETECT_HUNG_TASK is enabled.
0 - Infinite timeout - no checking done.
hung_task_warning
Provides the maximum number of warnings to report during a check interval. When this value is reached, no more warnings will be reported. This file occurs if CONFIG_DETECT_HUNG_TASK is enabled.
-1 - Reports an infinite number of warnings.
panic_on_rcu_stall
When set to 1, calls the panic() function after RCU stall detection messages. This is useful to define the root cause of RCU stalls using a vmcore.
0 - Do not panic when RCU stall takes place. Default behavior.
1 - Panic after printing RCU stall messages.

Updated /proc/sys/user entries

You can use the files in the /proc/sys/user directory to override the default limits for the number of namespaces and other objects that have per user namespace limits. The purpose of these limits is to stop programs that malfunction and attempt to create a high number of objects. The default values of these limits are adjusted so that any program in normal operation cannot reach them.
The creation of per user namespace objects is charged to the user in the user namespace who created the object and who verified to be below the per user limit in that user namespace. The creation of such objects happens in user namespaces and is also charged to all users who created user namespaces.
This recursive counting of created objects ensures that creating a user namespace does not allow a user to exceed their current limits.
The updated files in /proc/sys/user are:
max_cgroup_namespaces
The maximum number of control group namespaces that any user in the current user namespace can create.
max_ipc_namespaces
The maximum number of interprocess communication namespaces that any user in the current user namespace can create.
max_mnt_namespaces
The maximum number of mount namespaces that any user in the current user namespace can create.
max_net_namespaces
The maximum number of network namespaces that any user in the current user namespace can create.
max_pid_namespaces
The maximum number of process ID namespaces that any user in the current user namespace can create.
max_user_namespaces
The maximum number of user ID namespaces that any user in the current user namespace can create.
max_uts_namespaces
The maximum number of UNIX Timesharing System (UTS) namespaces that any user in the current user namespace can create.

Kernel parameters

acpi_force_table_verification [HW,ACPI]
Enables table checksum verification during early stage. By default, disabled on the 32-bit AMD and Intel architecture due to early mapping size limitation.
acpi_no_auto_ssdt [HW,ACPI]
Disables automatic loading of Secondary System Description Table (SSDT).
acpi_no_static_ssdt [HW,ACPI]
Disables installation of static SSDTs at early boot time. By default, SSDTs contained in the Root System Description Table (RSDT) or eXtended System Descriptor Table (XSDT) are installed automatically and they appear in the /sys/firmware/acpi/tables directory.
This option turns off this feature. Specifying this option does not affect dynamic table installation which installs SSDT tables to the /sys/firmware/acpi/tables/dynamic directory.
irqaffinity= [SMP]
Sets the default irq affinity mask in the following formats:
Format: <cpu number>,..., <cpu number>
or
<cpu number>-<cpu number>
You can use a positive range in ascending order or a combination.
<cpu number>,...,<cpu number>-<cpu number>
nokaslr [KNL]]
Disables installation of static SSDTs at early boot time. By default, SSDTs contained in the RSDT or XSDT are installed automatically and they appear in the /sys/firmware/acpi/tables directory.
Disables kernel and module base offset Address SpaceLayout Randomization (ASLR) if CONFIG_RANDOMIZE_BASE is set.
nohibernate
Disables hibernation and resume.
crash_kexec_post_notifiers
Runs kdump after running panic-notifiers and dumping kmsg.
[PCI] hpbussize=nn
Provides the minimum amount of additional bus numbers reserved for buses below a hotplug bridge. Default is 1.
pcie_port_pm=[PCIE]
PCIe port power management handling:
Format: { "off" | "force" }
off - Disables power management of all PCIe ports.
1 - Enables power management of all PCIe ports.
sunrpc.svc_rpc_per_connection_limit=[NFS,SUNRPC]
Limits the number of requests for the server to process in parallel from a single connection. The default value is 0 (no limit).