红帽全球峰会此内容没有您所选择的语言版本。
Chapter 3. Important Changes to External Kernel Parameters
This chapter provides system administrators with a summary of significant changes in the kernel shipped with Red Hat Enterprise Linux 7.5. These changes include added or updated
proc entries, sysctl, and sysfs default values, boot parameters, kernel configuration options, or any noticeable behavior changes.
Kernel parameters
- amd_iommu_intr = [HW,X86-64]
- Specifies one of the following
AMD IOMMUinterrupt remapping modes.legacy - Use legacy interrupt remapping mode.vapic - Use virtual APIC mode, which allowsIOMMUto inject interrupts directly into guest. This mode requireskvm-amd.avic=1, which is default whenIOMMU HWsupport is present. - debug_pagealloc = [KNL]
- When
CONFIG_DEBUG_PAGEALLOCis set, this parameter enables the feature at boot time. It is disabled by default. To avoid allocating huge chunk of memory fordebug pageallocdo not enable it at boot time, and the operating system will work similarly as with the kernel built withoutCONFIG_DEBUG_PAGEALLOC.Usedebug_pagealloc = onto enable the feature. - ftrace_graph_max_depth = uint[FTRACE]
- This parameter is used with the function graph tracer. It defines the maximum depth it will trace into a function. Its value can be changed at run time by the
max_graph_depth filefile in thetracefstracing directory.The default values is 0, which means that no limit is set. - init_pkru = [x86]
- Specifies the default memory protection keys rights register contents for all processes.The default value is 0x55555554, which disallows access to all but pkey 0. You can override the value in the debugfs file system after boot.
- nopku = [x86]
- Disables the Memory Protection Keys CPU feature found in some Intel CPUs.
- mem_encrypt = [X86-64]
- Provides AMD Secure Memory Encryption (SME) control. The valid arguments are: on, off.The default setting depends on kernel configuration option:on : CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=yoff : CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=nmem_encrypt=on: Activate SMEmem_encrypt=off: Do not activate SME
Kernel parameters to mitigate Spectre and Meltdown issues
- kpti = [X86-64]
- Enables kernel page table isolation.
- nopti = [X86-64]
- Disables kernel page table isolation.
- nospectre_v2 = [X86]
- Disables all mitigations for the Spectre variant 2 (indirect branch speculation) vulnerability. The operating system may allow data leaks with this option, which is equivalent to spectre_v2=off.
- spectre_v2 = [X86]
- Controls mitigation of Spectre variant 2 (indirect branch speculation) vulnerability.The valid arguments are: on, off, auto.on: unconditionally enableoff: unconditionally disableauto: kernel detects whether your CPU model is vulnerableSelecting
onwill, andautomay, choose a mitigation method at run time according to the CPU, the available microcode, the setting of the CONFIG_RETPOLINE configuration option, and the compiler with which the kernel was built.You can also select specific mitigations manually:retpoline: replaces indirect branchesibrs: Intel: Indirect Branch Restricted Speculation (kernel)ibrs_always: Intel: Indirect Branch Restricted Speculation (kernel and user space)Not specifying this option is equivalent to spectre_v2=auto.
Updated /proc/sys/net/core entries
- dev_weight_rx_bias
- The
RPSprocessing, for exampleRFSandaRFS, is competing with the registeredNAPIpoll function of the driver for the per softirq cyclenetdev_budget.This parameter influences the proportion of the configurednetdev_budgetthat is spent onRPSbased packet processing during RX softirq cycles. It also makes currentdev_weightadaptable for asymmetric CPU needs on receiving on transmitting side of the network stack.This parameter is effective on a per CPU basis. Determination is based ondev_weight, and it is calculated in multiplicative way (dev_weight * dev_weight_rx_bias). The default value is 1. - dev_weight_tx_bias
- This parameter scales the maximum number of packets that can be processed during a TX softirq cycle.It is effective on a per CPU basis, and allows scaling of current
dev_weightfor asymmetric net stack processing needs. Make sure to avoid making TX softirq processing a CPU hog.Determination is based ondev_weight, and it is calculated in multiplicative way (dev_weight * dev_weight_rx_bias). The default value is 1.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}