Chapter 5. Important changes to external kernel parameters
This chapter provides system administrators with a summary of significant changes in the kernel distributed with Red Hat Enterprise Linux 9.4. These changes could include, for example, added or updated proc
entries, sysctl
, and sysfs
default values, boot parameters, kernel configuration options, or any noticeable behavior changes.
New kernel parameters
accept_memory=
[MM]
Values:
lazy
(default)- By default, unaccepted memory is accepted lazily to avoid prolonged boot times. The lazy option adds some runtime overhead until all memory is eventually accepted. In most cases, the overhead is negligible.
eager
-
For some workloads or for debugging purposes, you can use
accept_memory=eager
to accept all memory at once during boot.
arm64.nomops
[ARM64]
Unconditionally disable Memory Copy and Memory Set instructions support.
cgroup_favordynmods=
[KNL]
Enable or disable favordynmods
.
Values:
-
true
-
false
Defaults to the value of CONFIG_CGROUP_FAVOR_DYNMODS
.
early_page_ext
[KNL]
Enforces page_ext
initialization to earlier stages to cover more early boot allocations.
Note that as side effect, some optimizations might be disabled to achieve that: for example, parallelized memory initialization is disabled. Therefore, the boot process might take longer, especially on systems with much memory.
Available with CONFIG_PAGE_EXTENSION=y
.
fw_devlink.sync_state=
[KNL]
When all devices that could probe have finished probing, this parameter controls what to do with devices that have not yet received their sync_state()
calls.
Values:
strict
(default)- Continue waiting on consumers to probe successfully.
timeout
-
Give up waiting on consumers and call
sync_state()
on any devices that have not yet received theirsync_state()
calls afterdeferred_probe_timeout
has expired or bylate_initcall()
ifCONFIG_MODULES
isfalse
.
ia32_emulation=
[X86-64]
Values:
true
-
Allows loading 32-bit programs and executing 32-bit syscalls, essentially overriding
IA32_EMULATION_DEFAULT_DISABLED
at boot time. false
- Unconditionally disables IA32 emulation.
kunit.enable=
[KUNIT]
Enable executing KUnit tests. Requires CONFIG_KUNIT
to be set to be fully enabled.
You can override the default value using KUNIT_DEFAULT_ENABLED
.
The default is 1 (enabled).
mtrr=debug
[X86]
Enable printing debug information related to MTRR registers at boot time.
rcupdate.rcu_cpu_stall_cputime=
[KNL]
Provide statistics on the CPU time and count of interrupts and tasks during the sampling period. For multiple continuous RCU stalls, all sampling periods begin at half of the first RCU stall timeout.
rcupdate.rcu_exp_stall_task_details=
[KNL]
Print stack dumps of any tasks blocking the current expedited RCU grace period during an expedited RCU CPU stall warning.
spec_rstack_overflow=
[X86]
Control RAS overflow mitigation on AMD Zen CPUs.
Values:
off
- Disable mitigation
microcode
- Enable only microcode mitigation.
safe-ret
(default)- Enable software-only safe RET mitigation.
ibpb
- Enable mitigation by issuing IBPB on kernel entry.
ibpb-vmexit
- Issue IBPB only on VMEXIT. This mitigation is specific to cloud environments.
workqueue.unbound_cpus=
[KNL,SMP]
Specify to constrain one or some CPUs to use in unbound workqueues.
Value: A list of CPUs.
By default, all online CPUs are available for unbound workqueues.
Updated kernel parameters
amd_iommu=
[HW, X86-64]
Pass parameters to the AMD IOMMU driver in the system.
Values:
fullflush
-
Deprecated, equivalent to
iommu.strict=1
. off
- Do not initialize any AMD IOMMU found in the system.
force_isolation
-
Force device isolation for all devices. The IOMMU driver is not allowed anymore to lift isolation requirements as needed. This option does not override
iommu=pt
. force_enable
- Force enable the IOMMU on platforms known to be buggy with IOMMU enabled. Use this option with care.
- New:
pgtbl_v1
(default) - Use version 1 page table for DMA-API.
- New:
pgtbl_v2
- Use version 2 page table for DMA-API.
- New:
irtcachedis
- Disable Interrupt Remapping Table (IRT) caching.
nosmt
[KNL, PPC, S390]
Disable symmetric multithreading (SMT). Equivalent to smt=1
.
[KNL, X86, PPC]
Disable symmetric multithreading (SMT).
nosmt=force
-
Force disable SMT. Cannot be undone using the
sysfs
control file.
page_reporting.page_reporting_order=
[KNL]
Minimal page reporting order.
Value: integer.
Adjust the minimal page reporting order.
New: The page reporting is disabled when it exceeds MAX_ORDER
.
tsc=
Disable clocksource stability checks for TSC.
Values:
- [x86]
reliable
- Mark tsc clocksource as reliable. This disables clocksource verification at runtime, and the stability checks done at bootup. Used to enable high-resolution timer mode on older hardware, and in virtualized environment.
- [x86]
noirqtime
-
Do not use TSC to do
irq
accounting. Used to run time disableIRQ_TIME_ACCOUNTING
on any platforms where RDTSC is slow and this accounting might add overhead. - [x86]
unstable
- Mark the TSC clocksource as unstable. This marks the TSC unconditionally unstable at bootup and avoids any further wobbles once the TSC watchdog notices.
- [x86]
nowatchdog
- Disable clocksource watchdog. Used in situations with strict latency requirements, where interruptions from clocksource watchdog are not acceptable.
- [x86]
recalibrate
- Force recalibration against a HW timer (HPET or PM timer) on systems whose TSC frequency was obtained from HW or FW using either an MSR or CPUID(0x15). Warn if the difference is more than 500 ppm.
- New: [x86]
watchdog
Use TSC as the watchdog clocksource with which to check other HW timers (HPET or PM timer), but only on systems where TSC has been deemed trustworthy.
An earlier
tsc=nowatchdog
suppresses this. A latertsc=nowatchdog
overrides this. A console message flags any such suppression or overriding.
usbcore.authorized_default=
[USB]
Default USB device authorization.
Values:
- New:
-1
(default) - Authorized (same as 1).
0
- Not authorized.
1
- Authorized.
2
- Authorized if the device connects to an internal port.
Removed kernel parameters
-
cpu0_hotplug
-
sysfs.deprecated
New sysctl parameters
io_uring_group
Values:
1
-
A process must either be privileged (
CAP_SYS_ADMIN
) or be in theio_uring_group
group to create anio_uring
instance. -1
(default)-
Only processes with the
CAP_SYS_ADMIN
capability can createio_uring
instances.
numa_balancing_promote_rate_limit_MBps
Too high promotion or demotion throughput between different memory types might hurt application latency. You can use this parameter to rate-limit the promotion throughput. The per-node maximum promotion throughput in MB/s is limited to be no more than the set value.
A rule of thumb is to set this to less than 1/10 of the PMEM node write bandwidth.
Updated sysctl parameters
io_uring_disabled
Prevents all processes from creating new io_uring
instances. Enabling this shrinks the attack surface of the kernel.
Values:
- New:
0
-
All processes can create
io_uring
instances as normal. - New:
1
io_uring
creation is disabled for unprivileged processes not in the io_uring_group group.io_uring_setup()
fails with-EPERM
. Existingio_uring
instances can still be used.See the documentation for
io_uring_group
for more information.- New:
2
(default) -
io_uring
creation is disabled for all processes.io_uring_setup()
always fails with-EPERM
. Existingio_uring
instances can still be used.