SupportConsoleDevelopersStart a trialContact

Chapter 5. Important changes to external kernel parameters

This chapter provides system administrators with a summary of significant changes in the kernel distributed with Red Hat Enterprise Linux 9.3. These changes could include, for example, added or updated proc entries, sysctl, and sysfs default values, boot parameters, kernel configuration options, or any noticeable behavior changes.

New kernel parameters

amd_pstate=[X86]

With this kernel parameter, you can scale the performance of the AMD CPU. Available values include:

  • disable - Do not enable amd_pstate as the default scaling driver for the supported processors.
  • passive - Use amd_pstate with passive mode as a scaling driver. In this mode autonomous selection is disabled. Driver requests a required performance level and platform tries to match the same performance level if it is satisfied by guaranteed performance level.
  • active - Use amd_pstate_epp driver instance as the scaling driver, driver provides a hint to the hardware if software wants to bias toward performance (0x0) or energy efficiency (0xff) to the CPPC firmware. Then CPPC power algorithm will calculate the runtime workload and adjust the realtime cores frequency.
  • guided - Activate guided autonomous mode. Driver requests minimum and maximum performance level and the platform autonomously selects a performance level in this range and appropriate to the current workload.
arm64.nosve=[ARM64]
With this kernel parameter, you can unconditionally disable Scalable Vector Extension support.
arm64.nosme=[ARM64]
With this kernel parameter, you can unconditionally disable Scalable Matrix Extension support.
gather_data_sampling=[X86,INTEL]

With this kernel parameter, you can control the Gather Data Sampling (GDS) mitigation.

GDS is a hardware vulnerability that allows unprivileged speculative access to data that was previously stored in vector registers.

This issue is mitigated by default in updated microcode. The mitigation might have a performance impact but can be disabled. On systems without the microcode mitigation disabling AVX serves as a mitigation. Available values include:

  • force - Disable AVX to mitigate systems without microcode mitigation. No effect if the microcode mitigation is present. Known to cause crashes in userspace with buggy AVX enumeration.
  • off - Disable GDS mitigation.
nospectre_bhb=[ARM64]
With this kernel parameter, you can disable all mitigations for Spectre-BHB (branch history injection) vulnerability. System might allow data leaks with this option.
trace_clock=[FTRACE]

With this kernel parameter, you can set the clock used for tracing events at boot up. Available values include:

  • local - Use the per CPU timestamp counter.
  • global - Event timestamps are synchronize across CPUs. Might be slower than the local clock, but better for some race conditions.
  • counter - Simple counting of events (1, 2, ..) note, some counts might be skipped due to the infrastructure grabbing the clock more than once per event.
  • uptime - Use jiffies as the timestamp.
  • perf - Use the same clock that perf uses.
  • mono - Use the ktime_get_mono_fast_ns() function for timestamps.
  • mono_raw - Use the ktime_get_raw_fast_ns() function for timestamps.

  • boot - Use the ktime_get_boot_fast_ns() function for timestamps.

    Architectures might add more clocks, see Documentation/trace/ftrace.rst for more details.

Updated kernel parameters

cgroup.memory=[KNL]

With this kernel parameter, you can pass options to the cgroup memory controller.

  • This parameter takes the format of: <string>

    Available values include:

  • nosocket - Disable socket memory accounting.
  • nokmem - Disable kernel memory accounting.
  • [NEW] nobpf - Disable BPF memory accounting.
hugetlb_free_vmemmap=[KNL]

This kernel parameter enables the feature of freeing unused vmemmap pages associated with each hugetlb page on boot. For this parameter to work, the CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP configuration option must be enabled.

This parameter takes the format of: { on | off (default) }

Available values include:

  • on - enables this feature

  • off - disables this feature

    Note

    The vmemmap pages might be allocated from the added memory block itself when the memory_hotplug.memmap_on_memory module parameter is enabled. Those vmemmap pages cannot be optimized even if this feature is enabled. Other vmemmap pages not allocated from the added memory block itself are not affected.

intel_pstate=[X86]

You can use this kernel parameter for CPU performance scaling. Available values include:

  • disable - Do not enable intel_pstate as the default scaling driver for the supported processors.
  • [NEW] active - Use intel_pstate driver to bypass the scaling governors layer of cpufreq and provides it own algorithms for p-state selection. There are two P-state selection algorithms provided by intel_pstate in the active mode: powersave and performance. The way they both operate depends on whether or not the hardware managed P-states (HWP) feature has been enabled in the processor and possibly on the processor model.
  • passive - Use intel_pstate as a scaling driver, but configure it to work with generic cpufreq governors (instead of enabling its internal governor). This mode cannot be used along with the hardware-managed P-states (HWP) feature.
  • force - Enable intel_pstate on systems that prohibit it by default in favor of acpi-cpufreq. Forcing the intel_pstate driver instead of acpi-cpufreq might disable platform features, such as thermal controls and power capping, that rely on ACPI P-States information being indicated to OSPM and therefore should be used with caution. This option does not work with processors that are not supported by the intel_pstate driver or on platforms that use pcc-cpufreq instead of acpi-cpufreq.
  • no_hwp - Do not enable hardware P state control (HWP) if available.
  • hwp_only - Only load intel_pstate on systems that support hardware P state control (HWP) if available.
  • support_acpi_ppc - Enforce ACPI _PPC performance limits. If the Fixed ACPI Description Table specifies preferred power management profile as "Enterprise Server" or "Performance Server", then this feature is turned on by default.
  • per_cpu_perf_limits - Allow per-logical-CPU P-State performance control limits using the cpufreq sysfs interface.
kvm-arm.mode=[KVM,ARM]

With this kernel parameter, you can select one of KVM/arm64’s modes of operation. Available values include:

  • none - Forcefully disable KVM.
  • nvhe - Standard nVHE-based mode, without support for protected guests.
  • protected - nVHE-based mode with support for guests whose state is kept private from the host. Setting mode to protected disables kexec and hibernation for the host.

  • [NEW] nested - VHE-based mode with support for nested virtualization. Requires at least ARMv8.3 hardware. The nested option is experimental and should be used with extreme caution.

    Defaults to VHE/nVHE based on hardware support.

libata.force=[LIBATA]

With this kernel parameter, you can force configurations.

The format is a comma-separated list of "[ID:]VAL" where ID is PORT[.DEVICE]. PORT and DEVICE are decimal numbers matching port, link or device. Basically, it matches the ATA ID string printed on console by libata.

  • If the whole ID part is omitted, the last PORT and DEVICE values are used.
  • If ID has not been specified yet, the configuration applies to all ports, links and devices.
  • If only the DEVICE value is omitted, the parameter applies to the port and all links and devices behind it. DEVICE number of 0 either selects the first device or the first fan-out link behind PMP device. It does not select the host link. DEVICE number of 15 selects the host link and device attached to it.

  • The VAL specifies the configuration to force. As long as there is no ambiguity, shortcut notation is allowed. For example, both 1.5 and 1.5G would work for 1.5Gbps.

    With the libata.force= parameter, you can force the following configurations:

  • Cable type: 40c, 80c, short40c, unk, ign or sata. Any ID with matching PORT is used.
  • SATA link speed limit: 1.5Gbps or 3.0Gbps.
  • Transfer mode: pio[0-7], mwdma[0-4] and udma[0-7]. udma[/][16,25,33,44,66,100,133] notation is also allowed.
  • nohrst, nosrst, norst: suppress hard, soft and both resets.
  • rstonce: only attempt one reset during hot-unplug link recovery.
  • [NEW] [no]dbdelay: Enable or disable the extra 200ms delay before debouncing a link PHY and device presence detection.
  • [no]ncq: Turn on or off NCQ.
  • [no]ncqtrim: Enable or disable queued DSM TRIM.
  • [NEW] [no]ncqati: Enable or disable NCQ trim on ATI chipset.
  • [NEW] [no]trim: Enable or disable (unqueued) TRIM.
  • [NEW] trim_zero: Indicate that TRIM command zeroes data.
  • [NEW] max_trim_128m: Set 128M maximum trim size limit.
  • [NEW] [no]dma: Turn on or off DMA transfers.
  • atapi_dmadir: Enable ATAPI DMADIR bridge support.
  • atapi_mod16_dma: Enable the use of ATAPI DMA for commands that are not a multiple of 16 bytes.
  • [no]dmalog: Enable or disable the use of the READ LOG DMA EXT command to access logs.
  • [no]iddevlog: Enable or disable access to the identify device data log.
  • [no]logdir: Enable or disable access to the general purpose log directory.
  • [NEW] max_sec_128: Set transfer size limit to 128 sectors.
  • [NEW] max_sec_1024: Set or clear transfer size limit to 1024 sectors.
  • [NEW] max_sec_lba48: Set or clear transfer size limit to 65535 sectors.
  • [NEW] [no]lpm: Enable or disable link power management.
  • [NEW] [no]setxfer: Indicate if transfer speed mode setting should be skipped.
  • [NEW] [no]fua: Disable or enable FUA (Force Unit Access) support for devices supporting this feature.
  • dump_id: Dump IDENTIFY data.

  • disable: Disable this device.

    Note

    If there are multiple matching configurations changing the same attribute, the last one is used.

mitigations=[X86,PPC,S390,ARM64]

With this kernel parameter, you can control optional mitigations for CPU vulnerabilities. This is a set of curated, arch-independent options, each of which is an aggregation of existing arch-specific options. Available values include:

  • off - disable all optional CPU mitigations. This improves system performance, but it can also expose users to several CPU vulnerabilities. The off value is equivalent to:

    • if nokaslr then kpti=0 [ARM64]
    • gather_data_sampling=off [X86]
    • kvm.nx_huge_pages=off [X86]
    • l1tf=off [X86]
    • mds=off [X86]
    • mmio_stale_data=off [X86]
    • no_entry_flush [PPC]
    • no_uaccess_flush [PPC]
    • nobp=0 [S390]
    • nopti [X86,PPC]
    • nospectre_bhb [ARM64]
    • nospectre_v1 [X86,PPC]
    • nospectre_v2 [X86,PPC,S390,ARM64]
    • retbleed=off [X86]
    • spec_store_bypass_disable=off [X86,PPC]
    • spectre_v2_user=off [X86]
    • srbds=off [X86,INTEL]
    • ssbd=force-off [ARM64]

    • tsx_async_abort=off [X86]

      Exceptions: This does not have any effect on kvm.nx_huge_pages when kvm.nx_huge_pages=force.

  • auto (default) - Mitigate all CPU vulnerabilities, but leave SMT enabled, even if it is vulnerable. This is for users who do not want to be surprised by SMT getting disabled across kernel upgrades, or who have other ways of avoiding SMT-based attacks.

  • auto,nosmt - Mitigate all CPU vulnerabilities, disabling SMT if needed. This is for users who always want to be fully mitigated, even if it means losing SMT. The auto,nosmt options are equivalent to:

    • l1tf=flush,nosmt [X86]
    • mds=full,nosmt [X86]
    • tsx_async_abort=full,nosmt [X86]
    • mmio_stale_data=full,nosmt [X86]
    • retbleed=auto,nosmt [X86]
nomodeset

With this kernel parameter, you can disable kernel modesetting. Most systems' firmware sets up a display mode and provides framebuffer memory for output. With nomodeset, DRM and fbdev drivers will not load if they could possibly displace the preinitialized output. Only the system framebuffer will be available for use. The drivers will not perform display-mode changes or accelerated rendering.

This parameter is especially useful as error fallback, or for testing and debugging.

rdt=[HW,X86,RDT]

With this kernel parameter, you can turn on or off individual RDT features. The list includes: cmt, mbmtotal, mbmlocal, l3cat, l3cdp, l2cat, l2cdp, mba, smba, bmec.

For example, to turn on cmt and turn off mba use: 

rdt=cmt,!mba
rodata=[KNL]

With this kernel parameter, you can disable read-only kernel mappings. Available options include:

  • on - Mark read-only kernel memory as read-only (default).
  • off - Leave read-only kernel memory writable for debugging.
  • [NEW] full - Mark read-only kernel memory and aliases as read-only [arm64].

Removed kernel parameters

nobats=[PPC]
With this kernel parameter, you can forbid the use of BATs for mapping kernel lowmem on "Classic" PPC cores.
noltlbs=[PPC]
With this kernel parameter, you can forbid the use of huge page and tlb entries for kernel lowmem mapping on PPC40x and PPC8xx.
swapaccount=[0|1]=[KNL]
With this kernel parameter, you can enable or disable accounting of swap in memory resource controller. For more information, see Documentation/admin-guide/cgroup-v1/memory.rst.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.