• Being the author of the now dead uselessd project, I harbor a knack and appreciation for all things that are useless, or that use less, depending on your point of view. While sitting in my room ...



    by V.R.

    Yes I’m trolling/mocking you anti-systemd retards. That’s what Schopenhauer recommends as a strategy against irrational rhetoric (here of the reactionary kind). I couldn’t care less for irrational people’s reading recommendations.

    P.S.: “Self-projection” is psychobabble grounded in no science."

    – cjsthompson


    Being the author of the now dead uselessd project, I harbor a knack and appreciation for all things that are useless, or that use less, depending on your point of view.

    While sitting in my room drinking absinthe, I was struck with a flash of brilliance. An idea for a project, so devoid of utility, that it is making John Stuart Mill do the tube snake boogie in his grave as we speak.

    Take the Android init daemon… and boot a GNU/Linux system with it.

    (Slackware Linux, as usual.)


    Now the word shall be able to point at this work and be able to see the true icon I aim to promote, that of Robert Nozick fighting the utility monster.

    There are, however, some serious reasons to embark on this project:

    1. To study the core system platform (low-level userspace) of Android.
    2. To see how much Android diverts from GNU/Linux in practice, and whether porting its core daemons and libraries is a practical effort to pursue.
    3. To observe discrepancies between Bionic libc and glibc.
    4. To figure out what Android brings to the table of init daemons and process managers.
    5. It’s a fun idea for a hack.

    The porting process itself roughly follows this order:

    1. Write a standalone Makefile.
    2. Identify all Android-specific interfaces. Insert, rewrite or remove as needed.
    3. Force everything into C++ semantics (see “The C/C++ quagmire” section below).
    4. Write a suitable init.rc file.
    5. Build, copy, append the init parameter on boot and give it a spin.

    Android ain’t GNU/Linux, as we shall observe.

    Let us dive right in to the overview, then.

    Overview of Android init

    The Android init daemon’s documentation is rather scant. Technical information about Android in general before its first formal unveiling in November 2007 is difficult to find, but Git logs at googlesource.com do seem to put the origin of Android init to that same time period, 2007-2008.

    It thus came out after launchd and Upstart, but also predates systemd.

    The intended use case for Android init is quite different compared to most init systems for Unix-like operating systems. Whereas most exist to be proactively used by the sysadmin or to empower them in some way, Android init’s purpose is for device manufacturers to have something they can configure once, shove into an initramfs, fire and never touch again.

    As a result, Android init is configured in a thoroughly monolithic fashion, with a long and elaborate boot time logic being codified largely into one file, though it does support basic imports.

    It is distinguished by its ad-hoc, line-oriented, section-based configuration language, which Rob Landley once said of (paraphrasing) that it “looks like a shell script, but is not”.

    The likely motivation for the language was to encapsulate several common POSIX operations and process manager directives into a mini-shell that can be parsed and executed with minimal overhead, particularly not invoking any environmental and security baggage of a full Unix shell. This made sense for the limited system resources of mobile devices as recently as 2007, and still to this day given the relative heterogeneity of Android installations. Though, one wonders whether writing a basic lexer for chain loading programs, in the vein of execline, would have been a better approach.

    Android init is actually composed of three programs: init, ueventd and watchdogd. However, they all hook into the basename of the argv[0] of the init program, meaning that the latter two are usually accessed as symlinks to init.

    The init configuration language, as read from /init.rc, has five main statements (or semantic constructs): actions, commands, triggers, services and options.

    An action is not unlike a queued event. In fact, it is quite reminiscent of the event mechanism in Upstart jobs. Given Google’s internal usage of Ubuntu as Goobuntu, and their use of Upstart in ChromeOS, it is very likely, though speculation, that the mechanism was influenced from it. The action itself actually just opens a new block scope, whereas the event itself is called a trigger. The init daemon automatically registers several intrinsic triggers like early-init, init and boot, whereas others can be user-defined either through Android system properties (described below), or by using the trigger command within another action.

    They follow the syntax of:

    on boot
        mount tmpfs tmpfs /dev/shm nodev nosuid
        exec -- /bin/mount -a
        # insert other commands here

    command is a tokened directive which encapsulates a function to some POSIX, Android or init-specific interface, not unlike a command line you would execute from a shell. Commands include exec, copy, write, symlink, chmod, hostname, insmod, mount_all and others.

    service is what you’d expect it to be. It’s a definition encapsulating a system service/daemon or one-shot job that accepts an absolute pathname and program arguments. Within its scope it accepts modifiers called options, which include socket definitions for inetd-like superserver functionality, setenv, user, group, class for creating logical groups and so forth. The options are not as featureful as most server/desktop-oriented init(8)s, largely reflecting the fire-and-forget embedded heritage. For example:

    service surfaceflinger /system/bin/surfaceflinger
        class core
        user system
        group graphics drmrpc
        onrestart restart zygote

    The Android init comes with built-in bootcharting and some scripts to process the output, with its intended usage being booting from an emulator with the -bootchart option and interacting with files on the /data partition. The scripts are unportable, and I have not tested bootcharting itself.

    There is no dependency resolution or automatic ordering of any form (other than pre-opening sockets), this being settled once in the init.rc file and tuned per a vendor’s needs. The only way to express service relationships, other than grouping them into classes (though this is more akin to a target or runlevel) is onrestart, so as to resynchronize the state of any services that interact with the one undergoing a restart from the SIGCHLD handler’s state change watcher.

    init.rc files can be complemented or overridden on a hardware-specific basis. This is usually done by vendors for specific SoCs or single-boards.

    The full list of commands and options can be found registered in the keywords.h file, with the implementations in builtins.cpp, and their invocations in init_parser.cpp.

    The main init loop sets $PATH, mounts its reserved socket namespace at /dev/socket, as well as devtmpfs, /dev/pts, procfs and sysfs, sets the SIGCHLD handler for tracking state changes and doing autorestarts, initializes the system property workspace (described below), and then polls on the action queue.

    init can optionally display a boot splash, otherwise defaulting on a console message of “A N D R O I D” in the console_init_action() function of init.cpp.

    ueventd is a hotplug device node manager which subscribes to kernel uevents from a Netlink channel and performs operations on devtmpfs, much like udev, except lighter weight. It reads its rule sets from a static /uevent.rc file, a stock example of which can be found here. Android understands a kernel command line parameter android.hardwareboot for dispatching device-specific uevent-.rc files on startup. It is symlinked to init and its entry point is ueventd_main() from init.cpp.

    ueventd performs as so-called coldboot process, which init explicitly anticipates. It is described in a source code comment in init/devices.cpp as such:

    /* Coldboot walks parts of the /sys tree and pokes the uevent files
    ** to cause the kernel to regenerate device add events that happened
    ** before init's device manager was started
    ** We drain any pending events from the netlink socket every time
    ** we poke another uevent file to make sure we don't overrun the
    ** socket's buffer.

    watchdogd is just a really basic interface to the Linux kernel software watchdog (/dev/watchdog), encapsulating various hardware watchdog timers. It pings into the driver’s buffer under a specified clock interval, triggering a system reset if the response interval is not met. It is symlinked to init and its entry point is watchdogd_main() from init.cpp.

    In conclusion, Android init implements a small event-driven architecture meant for ease of configurability for device manufacturers and of little relevance to most other perspectives, even reasonably technical users.

    The porting process, a.k.a. remove Android-isms from the premises

    The C/C++ quagmire

    The Android core platform, from 2007 onwards, has haphazardly evolved from pure C into a “C with classes” usage of C++. Much of the code between utility libraries and daemons thus remains mixed, and even within C++ programs (compiled with -std=c++11) the level of C versus C++ constructs varies between source files.

    For this port, I decided to force the entire source tree into C++ semantics. One of the classic pitfalls is that C++ does not implicitly convert types from a pointer to void. As such, I needed to statically cast return values of functions like calloc(3) and strrchr(3) in several places.

    Some missing header files for constructs like smart pointers had to be included.

    Android build system

    Android uses a recursive Makefile scheme where there is only one top-level Makefile, and all project subdirectories have an Android.mk file that is ultimately sourced into top-level. A full AOSP build also involves setting up environment variables and some shell macros, but that is outside our scope. More information can be found here.

    For our purposes, we want a standalone project with its own Makefile. I quickly hacked up something similar to this repetitive but sufficient cruft:

    # ueventd and watchdogd are traditionally symlinked to init
    # they're conditionally invoked depending on basename(argv[0])
    # here we just build the binary three-fold
    CFLAGS=-Wall -Wextra -Wno-unused-parameter -Wno-write-strings \
         -Wno-missing-field-initializers \
         -std=c++11 -DGTEST_LINKED_AS_SHARED_LIBRARY=1
    LDLIBS=-lpthread -lrt -lgtest
    INIT_SRCS = bootchart.cpp builtins.cpp devices.cpp init.cpp init_parser.cpp \
            log.cpp parser.cpp signal_handler.cpp util.cpp watchdogd.cpp \
            ueventd_parser.cpp ueventd.cpp
    UTIL_SRCS = klog.cpp stringprintf.cpp file.cpp strings.cpp android_reboot.cpp \
            iosched_policy.cpp multiuser.cpp uevent.cpp fs_mgr.cpp \
            fs_mgr_fstab.cpp strlcat.cpp strlcpy.cpp logwrap.cpp
    TEST_SRCS = init_parser_test.cpp util_test.cpp
    INIT_OBJS = $(SRCS:.c=.o)
    INIT_MAIN = android-init
    all: init ueventd watchdogd
    init: $(OBJS)
        @echo "Building init."
        $(CC) $(CFLAGS) $(INIT_SRCS) $(UTIL_SRCS) \
        -o $(INIT_MAIN) $(INIT_OBJS) \
    ueventd: $(OBJS)
        @echo "Building ueventd, which is hooked to argv[0] of init."
        $(CC) $(CFLAGS) $(INIT_SRCS) $(UTIL_SRCS) \
        -o ueventd $(INIT_OBJS) \
    watchdogd: $(OBJS)
        @echo "Building watchdogd, which is hooked to argv[0] of init."
        $(CC) $(CFLAGS) $(INIT_SRCS) $(UTIL_SRCS) \
        -o watchdogd $(INIT_OBJS) \
    tests: $(OBJS)
        $(CC) $(CFLAGS) init_parser_test.cpp $(UTIL_SRCS) \
        -o init_parser_test $(INIT_OBJS) \
        $(CC) $(CFLAGS) util_test.cpp $(UTIL_SRCS) \
        -o util_test $(INIT_OBJS) \
        rm -f android-init watchdogd ueventd

    Not the use of the Google Tests library in two files. The init parser test had to be modified to remove SELinux seclabel code (which is an indicator that SELinux security context information is being stored in the xattrs of the FS) and to fix the pathnames to match the Unix FHS.


    AOSP refactored some of their internal functions for buffered file I/O, string building, string formatting and logging into a Base class linked to a library called libbase.

    I simply copied base/stringprintf.h, base/strings.h and base/file.h verbatim with their source files and included them to the Makefile. Some headers had to be included for definitions like BUFSIZ and the stdint types. Additionally, instead of using the cutils logging macros, I replaced their usages with calls to fprintf(stderr, “…”) [corresponding to ALOGE].

    Android FHS

    Android does not follow the FHS, instead using its own directory layout optimized for things like easy factory reset. Though variations are seen across device vendors, in general you have everything lumped into /system (including /system/bin, /system/etc and so forth), Dalvik/ART bytecode in /cache, miscellaneous configuration, app cache, crash/debug info and backups in /data, the recovery image partition in /recovery and so forth. More details can be found here.

    The init.rc and ueventd.rc files are actually stored in /. I ended up remapping several pathnames from /system/bin to /sbin (for things like e2fsck and f2fs.fsck), /data to /etc and the .rc configuration files to /etc, as well.

    BSD libc

    Android’s own libc, Bionic, is in fact based in large part to OpenBSD libc. As such, it inherits several of Ulrich Drepper’s archnemeses, namely strlcpy(3) and strlcat(3), in addition to getprogname(3) in the init logging functions.

    I copied and included the strlc* functions, while I replaced getprogname(3) with the glibc-specific program_invocation_short_name, which is akin to the basename of a global scope argv[0] in main().

    There was also the __printflike macro, specific to <sys/cdefs.h> seen in most BSD libcs, which in GCC can be recreated as __attribute__ ((format(printf, 2, 3))), as documented here, allowing for the compiler to type check function arguments as matching printf(3) format string rules.

    System properties

    Android has its Bionic libc-specific feature called system properties, or just properties. They represent an odd blend between sysctl-like key-value pairs (the same dot.separated.string.format) and registry keys. They are used by both low-level Android programs and Android apps running in the Dalvik/ART VM for runtime configuration and feature toggles.

    Android properties are implemented as a region of shared memory called the property workspace, which resides in the property service, implemented as part of Android init and initialized in the PID1 main loop. Properties will then be loaded from the /default.prop, /system/build.prop, /system/default.prop and /data/local.prop files in persistent storage.

    The property service itself listens on /dev/socket/property_service, which init polls on for events. Only the property service can manipulate the property workspace. Processes wanting to use properties go through the libcutils property functions (or a higher level Java wrapper), themselves calling the Bionic libc functions. The shared memory block is loaded into their own virtual address space for properties to be read, however writing operations are further redirected to the property service’s control socket.

    In essence, they’re used as a rather ad-hoc IPC and synchronization based on top of shared memory and file descriptors. Android init itself can create custom triggers from init.rc based on reacting to property changes, and uses them in its core logic in several places to probe for subsystems.

    Because they’re not exactly portable (they actually might be in theory, since the Bionic code doesn’t appear to do anything too low-level, but I didn’t bother to go that far and that might actually be a research topic and blog article for another time), I eviscerated them entirely. The property service, all property checks, set/getprop, load_all_prop, load_persist_prop commands, initialization and so forth were removed, and so the ability to have properties act as triggers.

    The fs_mgr

    The fs_mgr is an object bundled into a library, with an optional standalone utility, for parsing, traversing and performing mount operations based on fstab(5) operation. It is written purely in C.

    Only portions of it from its source files were added, particularly the basic parsing, swapon, mount/umount, tmpfs mount and fsck logic (which simply exec()s /sbin/e2fsck). Code for low-level ext4 superblock parsing, encryptable partitions and the Verified Boot (signed bootloader and initramfs; see below) scheme was not kept. Static casts and adjustments to mount calls were made where necessary.


    libcutils are rather self-explanatory. They are AOSP’s low-level C interfaces for the kernel and libc subsystems used all throughout core system platform.

    In our case, we imported the following:

    <cutils/klog.h> for logging to /dev/kmsg. The __printflike macro had to be expanded as explained in the “BSD libc” section.

    <cutils/android_reboot.h for the system reboot callbacks. The <linux/reboot.h> header had to be included, and the __unused macro expanded to __attribute__((unused)) in the flags parameter of the android_reboot_with_callback() function, which itself is called from the higher-level android_reboot().

    <cutils/iosched_priority.h for wrapping the ioprio_get(2) and ioprio_set(2) system calls.

    <cutils/multiuser.h for calculating application UIDs.

    <cutils/uevent.h> for the low-level Netlink connection that ueventd uses to subscribe to kernel uevents. To avoid a C++ scope boundary crossing error where a jump label skips some struct initializations, those had to be moved to the top level of the uevent_kernel_rcv() function.

    <cutils/list.h> for simple doubly linked list macros.

    Of <cutils/sockets.h, all we needed was to set two macros: ANDROID_SOCKET_ENV_PREFIX and ANDROID_SOCKET_DIR (/dev/socket).


    Android init uses SELinux security contexts very liberally. Though I’m not one to yell “OH GOD SELINUX IS NSA BACKDOOR, YOU’RE ALL PART OF THE BOTNET NOW”, I legitimately am not a fan of its convoluted RBAC model. I have instead always appreciated the elegance of a nice capability-based system (not to be confused with the deceptively named POSIX capabilities).

    Furthermore, Slackware has never officially supported SELinux, nor PAM. These are all blessings in my mind, but I wasn’t willing to go through the effort of being distribution SELinux maintainer just for this one-off project.

    The Android init also uses AOSP-specific SELinux extensions, which are unportable.

    SELinux removal entailed ridding of the setcon, restorecon, restorecon_recursive and seclabel commands, as well as SELinux initialization, policy loading and context creation/checking code sprinkled throughout init, ueventd and utilities. The open_devnull_stdio() function in utils.cpp retained its attempt to open /sys/fs/selinux/null, since it can handle failures gracefully and default to /dev/null anyway.

    Keychord driver and keycodes

    Android has a scarcely documented keychord driver registered as a device node at /dev/keychord, which is used for, among other things, setting keycode combinations to trigger debug actions for Android init-supervised services during adb sessions.

    As it is heavily system-specific and irrelevant to our use cases, it was removed, along with the (undocumented) keycodes option in the init.rc parser.


    logwrapper is a basic superserver utility library that forks/execs a program while redirecting its stdout/stderr either to the Android system log by priority, or the kernel ring buffer log.

    In our case, we imported it with C++ type casting modifications, and again the ALOGE macros redefined to fprintf(stderr, …).

    It was needed largely because of the android_fork_execvp_ext() function, used in the fs_mgr for launching /sbin/mkswap and /sbin/e2fsck on the parsed fstab(5) structure, as well as in the built-in unmount_and_fsck() function which is called as part of the shutdown procedure.

    Verified boot

    Android since 4.4 “Kit Kat” has a so-called “verified boot” system based on a DeviceMapper extension which uses signed Merkle trees of an ext4 image, verifying each read block by comparing it to the tree passed during setup. It is officially documented here.

    There are two commands verity_get_state and verity_load_state related to said DeviceMapper module, which have been removed. These functions internally delegate to the fs_mgr, this portion of which we have not copied over. It is specifically in fs_mgr/fs_mgr_verity.c, which is where the bulk of the verified boot logic in general resides.


    AOSP ships with the ext4_utils for manipulating the low-level disk layout of ext4fs, which is well specified in this kernel wiki article. Particularly, AOSP implemented their ext4_crypt_init_extensions as part of the verified boot scheme described above, later merged into upstream Linux.

    Since we did not need this and did not want to meddle with aligning ext4 structure definitions, it was removed entirely in the device management along with the installkey command.

    File system config definitions

    Android’s system image generation tools like mkbootfs define some system properties and definitions for user and group IDs matching various subsystems, like debug bridge, camera, NFC, DHCP client and so forth. These are defined in <private/android_filesystem_config.h>.

    In our case, there was a setegid(2) operation taking the value of AID_ROOT, which is unsurprisingly just 0.

    That’s mostly it. On to the final phase.

    Build, configure, run

    Well, shit.

    After building the thing, I copied it over to /sbin/android-init. I then wrote a crude init.rc (parsed in /etc/init.rc in the port) file based on the Slackware Linux rc scripts.

    It’s quite ugly, but elegance was no priority here:

    # Android init.rc file for a Slackware Linux 14.1 system
    on early-init
       loglevel 3
       export PATH=/sbin:/usr/sbin:/bin:/usr/bin
       export LANG=C
    on boot
       hostname thatmemeisdank
       # RTC tick rate
       sysctltkz 10000
       exec -- /sbin/hwclock --hctosys
       exec -- /sbin/swapon -a
       rm /etc/mtab
       symlink /proc/mtab /etc/mtab
       # kmods
       exec -- /sbin/depmod -A
       insmod parport_pc
       insmod lp
       insmod agpgart
       insmod loop
       mount tmpfs cgroup_root /sys/fs/cgroup mode=0750,uid=0,gid=1000
       mount tmpfs none /run mode=0755
       # Create location for fs_mgr to store abbreviated output from filesystem
       # checker programs.
       mkdir /dev/fscklogs 0770 root system
       exec -- /sbin/sysctl -e -p /etc/sysctl.conf
       # new utmp entry
       exec -- /bin/touch /var/run/utmp
       chown root:utmp /var/run/utmp
       chmod 664 /var/run/utmp
       chmod 664 /var/log/dmesg
       rm /etc/nologin
       mount_all /etc/fstab
       # entropy pool
       exec -- /bin/cat /etc/random-seed > /dev/urandom
       exec -- /usr/bin/dd if=/dev/urandom of=/etc/random-seed count=1 bs=512 2> /dev/null
       chmod 600 /etc/random-seed
       # services
       class_start core
       class_start network
       class_start jobs
       class_start gettys
    service syslogd /usr/sbin/syslogd -a -d /var/log 
       class core
       onrestart restart klogd
    service klogd /usr/sbin/klogd -c 3 -x
       class core
    service bring-up-network-interfaces /etc/rc.d/rc.inet1 start
       class network
    service port-forwarding /etc/rc.d/rc.ip_forward start
       class network
    service inetd /usr/sbin/inetd
       class network
    service acpid /usr/sbin/acpid
       class core
    service crond /usr/sbin/crond -l notice
       class core
    service atd /usr/sbin/atd -b 15 -l 1
       class core
    service dbus-uuidgen /usr/bin/dbus-uuidgen --ensure
       class jobs
    service dbus-system /usr/bin/dbus-daemon --system
       class core
    service httpd /usr/sbin/apachectl -k start
       class core
    service update-so-links /sbin/ldconfig
       class jobs
    service update-font-cache /usr/bin/fc-cache -f
       class jobs
    service gpm /usr/sbin/gpm -m /dev/mouse -t ps2
       class core
    service load-alsa-mixing /usr/sbin/alsactl restore
       class jobs
    service update-mime-database /usr/bin/update-mime-database /usr/share/mime
       class jobs
    service rc-local /etc/rc.d/rc.local
       class jobs
    service pulseaudio /usr/bin/pulseaudio --start --log-target syslog
       class core
    service getty1 /sbin/agetty --noclear 38400 tty1 linux
       class gettys
    service getty2 /sbin/agetty 38400 tty2 linux
       class gettys
    service getty3 /sbin/agetty 38400 tty3 linux
       class gettys
    service getty4 /sbin/agetty 38400 tty4 linux
       class gettys
    service getty5 /sbin/agetty 38400 tty5 linux
       class gettys

    We resort to cheap exec()s a lot, beside the generally messy logic.

    Slackware uses the venerable LILO, which I actually quite enjoy despite most people looking at you like you’re a fossil for using it.

    Anyway, I added an entry to my /etc/lilo.conf like so:

    image = /boot/vmlinuz-huge-smp-$KERNEL_VSN-smp
      root = /dev/sda1
      label = androidinit

    Committed to MBR:

    /sbin/lilo -v

    And reboot.

    The moment of truth

    There’s some good news and some bad news.

    The bad news is this particular experiment failed. The fs_mgr object crashes, but this in of itself isn’t too bad, we can always do a /sbin/mount -a.

    However, despite the init.rc file parsing, the SIGCHLD handler is FUBAR along with the command execution logic, and my suspicion is that this is precisely because of the lack of property service and workspace. Particularly, service state change notifications relied on property getting and setting, which we don’t have, and thus there probably isn’t any information for init(8) to deduce its sequence.

    Now, the interesting thing is that someone did an Android-based init thing for GNU/Linux 5 years prior. I actually don’t know if it’s from 2010, but that was the commit date on GitHub. It might actually be earlier. It doesn’t have system properties at all, and it’s a much smaller pure C program, lacking nearly all of the interfaces we described above. It thus appears to be only loosely based on the Android init code, as compared to my rather faithful porting attempt.

    And it worked… but only barely. Shutdown logic is broken, I’m unaware if it even handles autorestart properly, and way I got it to boot my system was to just lazily exec the /etc/rc.d/rc.S and /etc/rc.d/rc.M scripts, then wrap a few gettys in a class and start those.

    Closing remarks

    (My raw source files can be found at this GitHub repository. Use at your own discretion. If you get something working, open an issue/PR or contact V.R. at the Dark n' Edgy forums.)

    Android ain’t GNU/Linux, and it shows. The amount of AOSP-specific interfaces that diverge and pose practical problems for interoperability with regular GNU/Linux systems, the ones we actually call “Linux” at all in daily speech, are numerous.

    As such, the only practical strategy is not to port, as much as to loosely adapt (as in the aforementioned absabs/init project). Another possibility is that system properties and other intricacies are in fact doable to port, as they simply appear to be shared memory, fds and sockets, even if residing in the libc level. That indeed might be left as an experiment for a later time (if ever), perhaps for totally orthogonal reasons to running Android init.

    The Android init is generally very purpose-built, and in any event it is probably of little interest for servers and desktops. It’s a niche, system-specific thing that to reiterate, solves the problem of being a small event-driven design meant to be configured once and chucked into an initramfs never to be touched again.

    But, then again, say what you will about Android init. At least it doesn’t warrant a goddamned annual conference.

    ztguang 2019-01-01 17:01:36
  • The loglevels are defined as follows: 0 (KERN_EMERG) system is unusable 1 (KERN_ALERT) action must be taken immediately 2 (KERN_CRIT) critical conditions 3 (KERN_ERR) error conditions 4 (KERN_WARNING...

     memblock=debug  [KNL] Enable memblock debug messages.

            load_ramdisk=   [RAM] [Deprecated]

            lockd.nlm_grace_period=P  [NFS] Assign grace period.
                            Format: <integer>

            lockd.nlm_tcpport=N     [NFS] Assign TCP port.
                            Format: <integer>

            lockd.nlm_timeout=T     [NFS] Assign timeout value.
                            Format: <integer>

            lockd.nlm_udpport=M     [NFS] Assign UDP port.
                            Format: <integer>

            lockdown=       [SECURITY]
                            { integrity | confidentiality }
                            Enable the kernel lockdown feature. If set to
                            integrity, kernel features that allow userland to
                            modify the running kernel are disabled. If set to
                            confidentiality, kernel features that allow userland
                            to extract confidential information from the kernel
                            are also disabled.

            locktorture.nreaders_stress= [KNL]
                            Set the number of locking read-acquisition kthreads.
                            Defaults to being automatically set based on the
                            number of online CPUs.

            locktorture.nwriters_stress= [KNL]
                            Set the number of locking write-acquisition kthreads.

            locktorture.onoff_holdoff= [KNL]
                            Set time (s) after boot for CPU-hotplug testing.

            locktorture.onoff_interval= [KNL]
                            Set time (s) between CPU-hotplug operations, or
                            zero to disable CPU-hotplug testing.

            locktorture.shuffle_interval= [KNL]
                            Set task-shuffle interval (jiffies).  Shuffling
                            tasks allows some CPUs to go into dyntick-idle
                            mode during the locktorture test.

            locktorture.shutdown_secs= [KNL]
                            Set time (s) after boot system shutdown.  This
                            is useful for hands-off automated testing.

            locktorture.stat_interval= [KNL]
                            Time (s) between statistics printk()s.

            locktorture.stutter= [KNL]
                            Time (s) to stutter testing, for example,
                            specifying five seconds causes the test to run for
                            five seconds, wait for five seconds, and so on.
                            This tests the locking primitive's ability to
                            transition abruptly to and from idle.

            locktorture.torture_type= [KNL]
                            Specify the locking implementation to test.

            locktorture.verbose= [KNL]
                            Enable additional printk() statements.

            logibm.irq=     [HW,MOUSE] Logitech Bus Mouse Driver
                            Format: <irq>

            loglevel=       All Kernel Messages with a loglevel smaller than the
                            console loglevel will be printed to the console. It can
                            also be changed with klogd or other programs. The
                            loglevels are defined as follows:

                            0 (KERN_EMERG)          system is unusable
                            1 (KERN_ALERT)          action must be taken immediately
                            2 (KERN_CRIT)           critical conditions
                            3 (KERN_ERR)            error conditions
                            4 (KERN_WARNING)        warning conditions
                            5 (KERN_NOTICE)         normal but significant condition
                            6 (KERN_INFO)           informational
                            7 (KERN_DEBUG)          debug-level messages

            log_buf_len=n[KMG]      Sets the size of the printk ring buffer,
                            in bytes.  n must be a power of two and greater
                            than the minimal size. The minimal size is defined
                            by LOG_BUF_SHIFT kernel config parameter. There is
                            also CONFIG_LOG_CPU_MAX_BUF_SHIFT config parameter
                            that allows to increase the default size depending on
                            the number of CPUs. See init/Kconfig for more details.

            logo.nologo     [FB] Disables display of the built-in Linux logo.
                            This may be used to provide more screen space for
                            kernel log messages and is useful when debugging
                            kernel boot problems.

            lp=0            [LP]    Specify parallel ports to use, e.g,
            lp=port[,port...]       lp=none,parport0 (lp0 not configured, lp1 uses
            lp=reset                first parallel port). 'lp=0' disables the
            lp=auto                 printer driver. 'lp=reset' (which can be
                                    specified in addition to the ports) causes
                                    attached printers to be reset. Using
                                    lp=port1,port2,... specifies the parallel ports
                                    to associate lp devices with, starting with
                                    lp0. A port specification may be 'none' to skip
                                    that lp device, or a parport name such as
                                    'parport0'. Specifying 'lp=auto' instead of a
                                    port specification list means that device IDs
                                    from each port should be examined, to see if
                                    an IEEE 1284-compliant printer is attached; if
                                    so, the driver will manage that printer.
                                    See also header of drivers/char/lp.c.

            lpj=n           [KNL]
                            Sets loops_per_jiffy to given constant, thus avoiding
                            time-consuming boot-time autodetection (up to 250 ms per
                            CPU). 0 enables autodetection (default). To determine
                            the correct value for your kernel, boot with normal
                            autodetection and see what value is printed. Note that
                            on SMP systems the preset will be applied to all CPUs,
                            which is likely to cause problems if your CPUs need
                            significantly divergent settings. An incorrect value
                            will cause delays in the kernel to be wrong, leading to
                            unpredictable I/O errors and other breakage. Although
                            unlikely, in the extreme case this might damage your

            ltpc=           [NET]
                            Format: <io>,<irq>,<dma>

            lsm.debug       [SECURITY] Enable LSM initialization debugging output.

                            [SECURITY] Choose order of LSM initialization. This
                            overrides CONFIG_LSM, and the "security=" parameter.

            machvec=        [IA-64] Force the use of a particular machine-vector
                            (machvec) in a generic kernel.
                            Example: machvec=hpzx1

            machtype=       [Loongson] Share the same kernel image file between
                            different yeeloong laptops.
                            Example: machtype=lemote-yeeloong-2f-7inch

            max_addr=nn[KMG]        [KNL,BOOT,ia64] All physical memory greater
                            than or equal to this physical address is ignored.

            maxcpus=        [SMP] Maximum number of processors that an SMP kernel
                            will bring up during bootup.  maxcpus=n : n >= 0 limits
                            the kernel to bring up 'n' processors. Surely after
                            bootup you can bring up the other plugged cpu by executing
                            "echo 1 > /sys/devices/system/cpu/cpuX/online". So maxcpus
                            only takes effect during system bootup.
                            While n=0 is a special case, it is equivalent to "nosmp",
                            which also disables the IO APIC.

            max_loop=       [LOOP] The number of loop block devices that get
            (loop.max_loop) unconditionally pre-created at init time. The default
                            number is configured by BLK_DEV_LOOP_MIN_COUNT. Instead
                            of statically allocating a predefined number, loop
                            devices can be requested on-demand with the
                            /dev/loop-control interface.

            mce             [X86-32] Machine Check Exception

            mce=option      [X86-64] See Documentation/x86/x86_64/boot-options.rst

            md=             [HW] RAID subsystems devices and level
                            See Documentation/admin-guide/md.rst.

            mdacon=         [MDA]
                            Format: <first>,<last>
                            Specifies range of consoles to be captured by the MDA.

            mds=            [X86,INTEL]
                            Control mitigation for the Micro-architectural Data
                            Sampling (MDS) vulnerability.

                            Certain CPUs are vulnerable to an exploit against CPU
                            internal buffers which can forward information to a
                            disclosure gadget under certain conditions.

                            In vulnerable processors, the speculatively
                            forwarded data can be used in a cache side channel
                            attack, to access data to which the attacker does
                            not have direct access.

                            This parameter controls the MDS mitigation. The
                            options are:

                            full       - Enable MDS mitigation on vulnerable CPUs
                            full,nosmt - Enable MDS mitigation and disable
                                         SMT on vulnerable CPUs
                            off        - Unconditionally disable MDS mitigation

                            On TAA-affected machines, mds=off can be prevented by
                            an active TAA mitigation as both vulnerabilities are
                            mitigated with the same mechanism so in order to disable
                            this mitigation, you need to specify tsx_async_abort=off

                            Not specifying this option is equivalent to

                            For details see: Documentation/admin-guide/hw-vuln/mds.rst

            mem=nn[KMG]     [KNL,BOOT] Force usage of a specific amount of memory
                            Amount of memory to be used in cases as follows:

                            1 for test;
                            2 when the kernel is not able to see the whole system memory;
                            3 memory that lies after 'mem=' boundary is excluded from
                             the hypervisor, then assigned to KVM guests.

                            [X86] Work as limiting max address. Use together
                            with memmap= to avoid physical address space collisions.
                            Without memmap= PCI devices could be placed at addresses
                            belonging to unused RAM.

                            Note that this only takes effects during boot time since
                            in above case 3, memory may need be hot added after boot
                            if system memory of hypervisor is not sufficient.

            mem=nopentium   [BUGS=X86-32] Disable usage of 4MB pages for kernel

                            [KNL,SH] Allow user to override the default size for
                            per-device physically contiguous DMA buffers.

                            [KNL] Set the initial state for the memory hotplug
                            onlining policy. If not specified, the default value is
                            set according to the
                            CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE kernel config
                            See Documentation/admin-guide/mm/memory-hotplug.rst.

            memmap=exactmap [KNL,X86] Enable setting of an exact
                            E820 memory map, as specified by the user.
                            Such memmap=exactmap lines can be constructed based on
                            BIOS output or other requirements. See the memmap=nn@ss
                            option description.

                            [KNL, X86, MIPS, XTENSA] Force usage of a specific region of memory.
                            Region of memory to be used is from ss to ss+nn.
                            If @ss[KMG] is omitted, it is equivalent to mem=nn[KMG],
                            which limits max address to nn[KMG].
                            Multiple different regions can be specified,
                            comma delimited.

                            [KNL,ACPI] Mark specific memory as ACPI data.
                            Region of memory to be marked is from ss to ss+nn.

                            [KNL,ACPI] Mark specific memory as reserved.
                            Region of memory to be reserved is from ss to ss+nn.
                            Example: Exclude memory from 0x18690000-0x1869ffff
                            Some bootloaders may need an escape character before '$',
                            like Grub2, otherwise '$' and the following number
                            will be eaten.

                            [KNL,X86] Mark specific memory as protected.
                            Region of memory to be used, from ss to ss+nn.
                            The memory region may be marked as e820 type 12 (0xc)
                            and is NVDIMM or ADR memory.

                            [KNL,ACPI] Convert memory within the specified region
                            from <oldtype> to <newtype>. If "-<oldtype>" is left
                            out, the whole region will be marked as <newtype>,
                            even if previously unavailable. If "+<newtype>" is left
                            out, matching memory will be removed. Types are
                            specified as e820 types, e.g., 1 = RAM, 2 = reserved,
                            3 = ACPI, 12 = PRAM.

            memory_corruption_check=0/1 [X86]
                            Some BIOSes seem to corrupt the first 64k of
                            memory when doing things like suspend/resume.
                            Setting this option will scan the memory
                            looking for corruption.  Enabling this will
                            both detect corruption and prevent the kernel
                            from using the memory being corrupted.
                            However, its intended as a diagnostic tool; if
                            repeatable BIOS-originated corruption always
                            affects the same memory, you can use memmap=
                            to prevent the kernel from using that memory.

            memory_corruption_check_size=size [X86]
                            By default it checks for corruption in the low
                            64k, making this memory unavailable for normal
                            use.  Use this parameter to scan for
                            corruption in more or less memory.

            memory_corruption_check_period=seconds [X86]
                            By default it checks for corruption every 60
                            seconds.  Use this parameter to check at some
                            other rate.  0 disables periodic checking.

            memtest=        [KNL,X86,ARM,PPC] Enable memtest
                            Format: <integer>
                            default : 0 <disable>
                            Specifies the number of memtest passes to be
                            performed. Each pass selects another test
                            pattern from a given set of patterns. Memtest
                            fills the memory with this pattern, validates
                            memory contents and reserves bad memory
                            regions that are detected.

            mem_encrypt=    [X86-64] AMD Secure Memory Encryption (SME) control
                            Valid arguments: on, off
                            Default (depends on kernel configuration option):
                              on  (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y)
                              off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n)
                            mem_encrypt=on:         Activate SME
                            mem_encrypt=off:        Do not activate SME

                            Refer to Documentation/virt/kvm/amd-memory-encryption.rst
                            for details on when memory encryption can be activated.

            mem_sleep_default=      [SUSPEND] Default system suspend mode:
                            s2idle  - Suspend-To-Idle
                            shallow - Power-On Suspend or equivalent (if supported)
                            deep    - Suspend-To-RAM or equivalent (if supported)
                            See Documentation/admin-guide/pm/sleep-states.rst.

            meye.*=         [HW] Set MotionEye Camera parameters
                            See Documentation/admin-guide/media/meye.rst.

            mfgpt_irq=      [IA-32] Specify the IRQ to use for the
                            Multi-Function General Purpose Timers on AMD Geode

            mfgptfix        [X86-32] Fix MFGPT timers on AMD Geode platforms when
                            the BIOS has incorrectly applied a workaround. TinyBIOS
                            version 0.98 is known to be affected, 0.99 fixes the
                            problem by letting the user disable the workaround.

            mga=            [HW,DRM]

            min_addr=nn[KMG]        [KNL,BOOT,ia64] All physical memory below this
                            physical address is ignored.

            mini2440=       [ARM,HW,KNL]
                            Default: "0tb"
                            MINI2440 configuration specification:
                            0 - The attached screen is the 3.5" TFT
                            1 - The attached screen is the 7" TFT
                            2 - The VGA Shield is attached (1024x768)
                            Leaving out the screen size parameter will not load
                            the TFT driver, and the framebuffer will be left
                            b - Enable backlight. The TFT backlight pin will be
                            linked to the kernel VESA blanking code and a GPIO
                            LED. This parameter is not necessary when using the
                            VGA shield.
                            c - Enable the s3c camera interface.
                            t - Reserved for enabling touchscreen support. The
                            touchscreen support is not enabled in the mainstream
                            kernel as of 2.6.30, a preliminary port can be found
                            in the "bleeding edge" mini2440 support kernel at

                            [X86,PPC,S390,ARM64] Control optional mitigations for
                            CPU vulnerabilities.  This is a set of curated,
                            arch-independent options, each of which is an
                            aggregation of existing arch-specific options.

                                    Disable all optional CPU mitigations.  This
                                    improves system performance, but it may also
                                    expose users to several CPU vulnerabilities.
                                    Equivalent to: nopti [X86,PPC]
                                                   kpti=0 [ARM64]
                                                   nospectre_v1 [X86,PPC]
                                                   nobp=0 [S390]
                                                   nospectre_v2 [X86,PPC,S390,ARM64]
                                                   spectre_v2_user=off [X86]
                                                   spec_store_bypass_disable=off [X86,PPC]
                                                   ssbd=force-off [ARM64]
                                                   l1tf=off [X86]
                                                   mds=off [X86]
                                                   tsx_async_abort=off [X86]
                                                   kvm.nx_huge_pages=off [X86]
                                                   no_entry_flush [PPC]
                                                   no_uaccess_flush [PPC]

                                                   This does not have any effect on
                                                   kvm.nx_huge_pages when

                            auto (default)
                                    Mitigate all CPU vulnerabilities, but leave SMT
                                    enabled, even if it's vulnerable.  This is for
                                    users who don't want to be surprised by SMT
                                    getting disabled across kernel upgrades, or who
                                    have other ways of avoiding SMT-based attacks.
                                    Equivalent to: (default behavior)

                                    Mitigate all CPU vulnerabilities, disabling SMT
                                    if needed.  This is for users who always want to
                                    be fully mitigated, even if it means losing SMT.
                                    Equivalent to: l1tf=flush,nosmt [X86]
                                                   mds=full,nosmt [X86]
                                                   tsx_async_abort=full,nosmt [X86]

                            [KNL] When CONFIG_DEBUG_MEMORY_INIT is set, this
                            parameter allows control of the logging verbosity for
                            the additional memory initialisation checks. A value
                            of 0 disables mminit logging and a level of 4 will
                            log everything. Information is printed at KERN_DEBUG
                            so loglevel=8 may also need to be specified.

                            [KNL] When CONFIG_MODULE_SIG is set, this means that
                            modules without (valid) signatures will fail to load.
                            Note that if CONFIG_MODULE_SIG_FORCE is set, that
                            is always true, so this option does nothing.

            module_blacklist=  [KNL] Do not load a comma-separated list of
                            modules.  Useful for debugging problem modules.

                            [MOUSE] Maximum time between finger touching and
                            leaving touchpad surface for touch to be considered
                            a tap and be reported as a left button click (for
                            touchpads working in absolute mode only).
                            Format: <msecs>
            mousedev.xres=  [MOUSE] Horizontal screen resolution, used for devices
                            reporting absolute coordinates, such as tablets
            mousedev.yres=  [MOUSE] Vertical screen resolution, used for devices
                            reporting absolute coordinates, such as tablets

            movablecore=    [KNL,X86,IA-64,PPC]
                            Format: nn[KMGTPE] | nn%
                            This parameter is the complement to kernelcore=, it
                            specifies the amount of memory used for migratable
                            allocations.  If both kernelcore and movablecore is
                            specified, then kernelcore will be at *least* the
                            specified value but may be more.  If movablecore on its
                            own is specified, the administrator must be careful
                            that the amount of memory usable for all allocations
                            is not too small.

            movable_node    [KNL] Boot-time switch to make hotplugable memory
                            NUMA nodes to be movable. This means that the memory
                            of such nodes will be usable only for movable
                            allocations which rules out almost all kernel
                            allocations. Use with caution!

            MTD_Partition=  [MTD]
                            Format: <name>,<region-number>,<size>,<offset>

            MTD_Region=     [MTD] Format:

            mtdparts=       [MTD]
                            See drivers/mtd/parsers/cmdlinepart.c

            multitce=off    [PPC]  This parameter disables the use of the pSeries
                            firmware feature for updating multiple TCE entries
                            at a time.

            onenand.bdry=   [HW,MTD] Flex-OneNAND Boundary Configuration

                            Format: [die0_boundary][,die0_lock][,die1_boundary][,die1_lock]

                            boundary - index of last SLC block on Flex-OneNAND.
                                       The remaining blocks are configured as MLC blocks.
                            lock     - Configure if Flex-OneNAND boundary should be locked.
                                       Once locked, the boundary cannot be changed.
                                       1 indicates lock status, 0 indicates unlock status.

            mtdset=         [ARM]
                            ARM/S3C2412 JIVE boot control

                            See arch/arm/mach-s3c/mach-jive.c

                            [HW] Make the MicroTouch USB driver use raw coordinates
                            ('y', default) or cooked coordinates ('n')

            mtrr_chunk_size=nn[KMG] [X86]
                            used for mtrr cleanup. It is largest continuous chunk
                            that could hold holes aka. UC entries.

            mtrr_gran_size=nn[KMG] [X86]
                            Used for mtrr cleanup. It is granularity of mtrr block.
                            Default is 1.
                            Large value could prevent small alignment from
                            using up MTRRs.

            mtrr_spare_reg_nr=n [X86]
                            Format: <integer>
                            Range: 0,7 : spare reg number
                            Default : 1
                            Used for mtrr cleanup. It is spare mtrr entries number.
                            Set to 2 or more if your graphical card needs more.

            n2=             [NET] SDL Inc. RISCom/N2 synchronous serial card

            netdev=         [NET] Network devices parameters
                            Format: <irq>,<io>,<mem_start>,<mem_end>,<name>
                            Note that mem_start is often overloaded to mean
                            something different and driver-specific.
                            This usage is only documented in each driver source
                            file if at all.

                            [NETFILTER] Enable connection tracking flow accounting
                            0 to disable accounting
                            1 to enable accounting
                            Default value is 0.

            nfsaddrs=       [NFS] Deprecated.  Use ip= instead.
                            See Documentation/admin-guide/nfs/nfsroot.rst.

            nfsroot=        [NFS] nfs root filesystem for disk-less boxes.
                            See Documentation/admin-guide/nfs/nfsroot.rst.

            nfsrootdebug    [NFS] enable nfsroot debugging messages.
                            See Documentation/admin-guide/nfs/nfsroot.rst.

                            [NFSv4] set the total number of threads that the
                            NFS client will assign to service NFSv4 callback

                            [NFS] set the TCP port on which the NFSv4 callback
                            channel should listen.

                            [NFS] sets the pathname to the program which is used
                            to update the NFS client cache entries.

                            [NFS] sets the timeout after which an attempt to
                            update a cache entry is deemed to have failed.

                            [NFS] set the maximum lifetime for idmapper cache

                            [NFS] enable 64-bit inode numbers.
                            If zero, the NFS client will fake up a 32-bit inode
                            number for the readdir() and stat() syscalls instead
                            of returning the full 64-bit number.
                            The default is to return 64-bit inode numbers.

                            [NFSv4.1] Sets the maximum number of session
                            slots the client will assign to the callback
                            channel. This determines the maximum number of
                            callbacks the client will process in parallel for
                            a particular server.

                            [NFSv4.1] Sets the maximum number of session slots
                            the client will attempt to negotiate with the server.
                            This limits the number of simultaneous RPC requests
                            that the client can send to the NFSv4.1 server.
                            Note that there is little point in setting this
                            value higher than the max_tcp_slot_table_limit.

                            [NFSv4] When set to the default of '1', this option
                            ensures that both the RPC level authentication
                            scheme and the NFS level operations agree to use
                            numeric uids/gids if the mount is using the
                            'sec=sys' security flavour. In effect it is
                            disabling idmapping, which can make migration from
                            legacy NFSv2/v3 systems to NFSv4 easier.
                            Servers that do not support this mode of operation
                            will be autodetected by the client, and it will fall
                            back to using the idmapper.
                            To turn off this behaviour, set the value to '0'.
                            [NFS4] Specify an additional fixed unique ident-
                            ification string that NFSv4 clients can insert into
                            their nfs_client_id4 string.  This is typically a
                            UUID that is generated at system install time.

            nfs.send_implementation_id =
                            [NFSv4.1] Send client implementation identification
                            information in exchange_id requests.
                            If zero, no implementation identification information
                            will be sent.
                            The default is to send the implementation identification

            nfs.recover_lost_locks =
                            [NFSv4] Attempt to recover locks that were lost due
                            to a lease timeout on the server. Please note that
                            doing this risks data corruption, since there are
                            no guarantees that the file will remain unchanged
                            after the locks are lost.
                            If you want to enable the kernel legacy behaviour of
                            attempting to recover these locks, then set this
                            parameter to '1'.
                            The default parameter value of '0' causes the kernel
                            not to attempt recovery of lost locks.

            nfs4.layoutstats_timer =
                            [NFSv4.2] Change the rate at which the kernel sends
                            layoutstats to the pNFS metadata server.

                            Setting this to value to 0 causes the kernel to use
                            whatever value is the default set by the layout
                            driver. A non-zero value sets the minimum interval
                            in seconds between layoutstats transmissions.

                            [NFSv4] When set to the default of '1', the NFSv4
                            server will return only numeric uids and gids to
                            clients using auth_sys, and will accept numeric uids
                            and gids from such clients.  This is intended to ease
                            migration from NFSv2/v3.

            nmi_backtrace.backtrace_idle [KNL]
                            Dump stacks even of idle CPUs in response to an
                            NMI stack-backtrace request.

            nmi_debug=      [KNL,SH] Specify one or more actions to take
                            when a NMI is triggered.
                            Format: [state][,regs][,debounce][,die]

            nmi_watchdog=   [KNL,BUGS=X86] Debugging features for SMP kernels
                            Format: [panic,][nopanic,][num]
                            Valid num: 0 or 1
                            0 - turn hardlockup detector in nmi_watchdog off
                            1 - turn hardlockup detector in nmi_watchdog on
                            When panic is specified, panic when an NMI watchdog
                            timeout occurs (or 'nopanic' to not panic on an NMI
                            watchdog, if CONFIG_BOOTPARAM_HARDLOCKUP_PANIC is set)
                            To disable both hard and soft lockup detectors,
                            please see 'nowatchdog'.
                            This is useful when you use a panic=... timeout and
                            need the box quickly up again.

                            These settings can be accessed at runtime via
                            the nmi_watchdog and hardlockup_panic sysctls.

                            [NET] Specifies amount of time (in seconds) that
                            netpoll should wait for a carrier. By default netpoll
                            waits 4 seconds.

            no387           [BUGS=X86-32] Tells the kernel to use the 387 maths
                            emulation library even if a 387 maths coprocessor
                            is present.

            no5lvl          [X86-64] Disable 5-level paging mode. Forces
                            kernel to use 4-level paging instead.

            nofsgsbase      [X86] Disables FSGSBASE instructions.

                            [HW] Never suspend the console
                            Disable suspending of consoles during suspend and
                            hibernate operations.  Once disabled, debugging
                            messages can reach various consoles while the rest
                            of the system is being put to sleep (ie, while
                            debugging driver suspend/resume hooks).  This may
                            not work reliably with all consoles, but is known
                            to work with serial and VGA consoles.
                            To facilitate more flexible debugging, we also add
                            console_suspend, a printk module parameter to control
                            it. Users could use console_suspend (usually
                            /sys/module/printk/parameters/console_suspend) to
                            turn on/off it dynamically.

            novmcoredd      [KNL,KDUMP]
                            Disable device dump. Device dump allows drivers to
                            append dump data to vmcore so you can collect driver
                            specified debug info.  Drivers can append the data
                            without any limit and this data is stored in memory,
                            so this may cause significant memory stress.  Disabling
                            device dump can help save memory but the driver debug
                            data will be no longer available.  This parameter
                            is only available when CONFIG_PROC_VMCORE_DEVICE_DUMP
                            is set.

            noaliencache    [MM, NUMA, SLAB] Disables the allocation of alien
                            caches in the slab allocator.  Saves per-node memory,
                            but will impact performance.

            noalign         [KNL,ARM]

            noaltinstr      [S390] Disables alternative instructions patching
                            (CPU alternatives feature).

            noapic          [SMP,APIC] Tells the kernel to not make use of any
                            IOAPICs that may be present in the system.

            noautogroup     Disable scheduler automatic task group creation.

            nobats          [PPC] Do not use BATs for mapping kernel lowmem
                            on "Classic" PPC cores.

            nocache         [ARM]

            noclflush       [BUGS=X86] Don't use the CLFLUSH instruction

            nodelayacct     [KNL] Disable per-task delay accounting

            nodsp           [SH] Disable hardware DSP at boot time.

            noefi           Disable EFI runtime services support.

            no_entry_flush  [PPC] Don't flush the L1-D cache when entering the kernel.

            noexec          [IA-64]

            noexec          [X86]
                            On X86-32 available only on PAE configured kernels.
                            noexec=on: enable non-executable mappings (default)
                            noexec=off: disable non-executable mappings

            nosmap          [X86,PPC]
                            Disable SMAP (Supervisor Mode Access Prevention)
                            even if it is supported by processor.

            nosmep          [X86,PPC]
                            Disable SMEP (Supervisor Mode Execution Prevention)
                            even if it is supported by processor.

            noexec32        [X86-64]
                            This affects only 32-bit executables.
                            noexec32=on: enable non-executable mappings (default)
                                    read doesn't imply executable mappings
                            noexec32=off: disable non-executable mappings
                                    read implies executable mappings

            nofpu           [MIPS,SH] Disable hardware FPU at boot time.

            nofxsr          [BUGS=X86-32] Disables x86 floating point extended
                            register save and restore. The kernel will only save
                            legacy floating-point registers on task switch.

            nohugeiomap     [KNL,X86,PPC,ARM64] Disable kernel huge I/O mappings.

            nosmt           [KNL,S390] Disable symmetric multithreading (SMT).
                            Equivalent to smt=1.

                            [KNL,X86] Disable symmetric multithreading (SMT).
                            nosmt=force: Force disable SMT, cannot be undone
                                         via the sysfs control file.

            nospectre_v1    [X86,PPC] Disable mitigations for Spectre Variant 1
                            (bounds check bypass). With this option data leaks are
                            possible in the system.

            nospectre_v2    [X86,PPC_FSL_BOOK3E,ARM64] Disable all mitigations for
                            the Spectre variant 2 (indirect branch prediction)
                            vulnerability. System may allow data leaks with this

                            [HW] Disable all mitigations for the Speculative Store Bypass vulnerability

                            [PPC] Don't flush the L1-D cache after accessing user data.

            noxsave         [BUGS=X86] Disables x86 extended register state save
                            and restore using xsave. The kernel will fallback to
                            enabling legacy floating-point and sse state.

            noxsaveopt      [X86] Disables xsaveopt used in saving x86 extended
                            register states. The kernel will fall back to use
                            xsave to save the states. By using this parameter,
                            performance of saving the states is degraded because
                            xsave doesn't support modified optimization while
                            xsaveopt supports it on xsaveopt enabled systems.

            noxsaves        [X86] Disables xsaves and xrstors used in saving and
                            restoring x86 extended register state in compacted
                            form of xsave area. The kernel will fall back to use
                            xsaveopt and xrstor to save and restore the states
                            in standard form of xsave area. By using this
                            parameter, xsave area per process might occupy more
                            memory on xsaves enabled systems.

            nohlt           [ARM,ARM64,MICROBLAZE,SH] Forces the kernel to busy wait
                            in do_idle() and not use the arch_cpu_idle()
                            implementation; requires CONFIG_GENERIC_IDLE_POLL_SETUP
                            to be effective. This is useful on platforms where the
                            sleep(SH) or wfi(ARM,ARM64) instructions do not work
                            correctly or when doing power measurements to evalute
                            the impact of the sleep instructions. This is also
                            useful when using JTAG debugger.

            no_file_caps    Tells the kernel not to honor file capabilities.  The
                            only way then for a file to be executed with privilege
                            is to be setuid root or executed by root.

            nohalt          [IA-64] Tells the kernel not to use the power saving
                            function PAL_HALT_LIGHT when idle. This increases
                            power-consumption. On the positive side, it reduces
                            interrupt wake-up latency, which may improve performance
                            in certain environments such as networked servers or
                            real-time systems.

                            Force pointers printed to the console or buffers to be
                            unhashed.  By default, when a pointer is printed via %p
                            format string, that pointer is "hashed", i.e. obscured
                            by hashing the pointer value.  This is a security feature
                            that hides actual kernel addresses from unprivileged
                            users, but it also makes debugging the kernel more
                            difficult since unequal pointers can no longer be
                            compared.  However, if this command-line option is
                            specified, then all normal pointers will have their true
                            value printed.  Pointers printed via %pK may still be
                            hashed.  This option should only be specified when
                            debugging the kernel.  Please do not use on production

            nohibernate     [HIBERNATION] Disable hibernation and resume.

            nohz=           [KNL] Boottime enable/disable dynamic ticks
                            Valid arguments: on, off
                            Default: on

            nohz_full=      [KNL,BOOT,SMP,ISOL]
                            The argument is a cpu list, as described above.
                            In kernels built with CONFIG_NO_HZ_FULL=y, set
                            the specified list of CPUs whose tick will be stopped
                            whenever possible. The boot CPU will be forced outside
                            the range to maintain the timekeeping.  Any CPUs
                            in this list will have their RCU callbacks offloaded,
                            just as if they had also been called out in the
                            rcu_nocbs= boot parameter.

            noiotrap        [SH] Disables trapped I/O port accesses.

            noirqdebug      [X86-32] Disables the code which attempts to detect and
                            disable unhandled interrupt sources.

            no_timer_check  [X86,APIC] Disables the code which tests for
                            broken timer IRQ sources.

            noisapnp        [ISAPNP] Disables ISA PnP code.

            noinitrd        [RAM] Tells the kernel not to load any configured
                            initial RAM disk.

            nointremap      [X86-64, Intel-IOMMU] Do not enable interrupt
                            [Deprecated - use intremap=off]

            nointroute      [IA-64]

            noinvpcid       [X86] Disable the INVPCID cpu feature.

            nojitter        [IA-64] Disables jitter checking for ITC timers.

            no-kvmclock     [X86,KVM] Disable paravirtualized KVM clock driver

            no-kvmapf       [X86,KVM] Disable paravirtualized asynchronous page
                            fault handling.

                            [X86,PV_OPS] Disable paravirtualized VMware scheduler
                            clock and use the default one.

            no-steal-acc    [X86,PV_OPS,ARM64] Disable paravirtualized steal time
                            accounting. steal time is computed, but won't
                            influence scheduler behaviour

            nolapic         [X86-32,APIC] Do not enable or use the local APIC.

            nolapic_timer   [X86-32,APIC] Do not use the local APIC timer.

            noltlbs         [PPC] Do not use large page/tlb entries for kernel
                            lowmem mapping on PPC40x and PPC8xx

            nomca           [IA-64] Disable machine check abort handling

            nomce           [X86-32] Disable Machine Check Exception

            nomfgpt         [X86-32] Disable Multi-Function General Purpose
                            Timer usage (for AMD Geode machines).

            nonmi_ipi       [X86] Disable using NMI IPIs during panic/reboot to
                            shutdown the other cpus.  Instead use the REBOOT_VECTOR

            nomodule        Disable module load

            nopat           [X86] Disable PAT (page attribute table extension of
                            pagetables) support.

            nopcid          [X86-64] Disable the PCID cpu feature.

            norandmaps      Don't use address space randomization.  Equivalent to
                            echo 0 > /proc/sys/kernel/randomize_va_space

            noreplace-smp   [X86-32,SMP] Don't replace SMP instructions
                            with UP alternatives

            nordrand        [X86] Disable kernel use of the RDRAND and
                            RDSEED instructions even if they are supported
                            by the processor.  RDRAND and RDSEED are still
                            available to user space applications.

            noresume        [SWSUSP] Disables resume and restores original swap

            no-scroll       [VGA] Disables scrollback.
                            This is required for the Braillex ib80-piezo Braille
                            reader made by F.H. Papenmeier (Germany).

            nosbagart       [IA-64]

            nosep           [BUGS=X86-32] Disables x86 SYSENTER/SYSEXIT support.

            nosgx           [X86-64,SGX] Disables Intel SGX kernel support.

            nosmp           [SMP] Tells an SMP kernel to act as a UP kernel,
                            and disable the IO APIC.  legacy for "maxcpus=0".

            nosoftlockup    [KNL] Disable the soft-lockup detector.

            nosync          [HW,M68K] Disables sync negotiation for all devices.

            nowatchdog      [KNL] Disable both lockup detectors, i.e.
                            soft-lockup and NMI watchdog (hard-lockup).

            nowb            [ARM]

            nox2apic        [X86-64,APIC] Do not enable x2APIC mode.

            cpu0_hotplug    [X86] Turn on CPU0 hotplug feature when
                            CONFIG_BOOTPARAM_HOTPLUG_CPU0 is off.
                            Some features depend on CPU0. Known dependencies are:
                            1. Resume from suspend/hibernate depends on CPU0.
                            Suspend/hibernate will fail if CPU0 is offline and you
                            need to online CPU0 before suspend/hibernate.
                            2. PIC interrupts also depend on CPU0. CPU0 can't be
                            removed if a PIC interrupt is detected.
                            It's said poweroff/reboot may depend on CPU0 on some
                            machines although I haven't seen such issues so far
                            after CPU0 is offline on a few tested machines.
                            If the dependencies are under your control, you can
                            turn on cpu0_hotplug.

            nps_mtm_hs_ctr= [KNL,ARC]
                            This parameter sets the maximum duration, in
                            cycles, each HW thread of the CTOP can run
                            without interruptions, before HW switches it.
                            The actual maximum duration is 16 times this
                            parameter's value.
                            Format: integer between 1 and 255
                            Default: 255

            nptcg=          [IA-64] Override max number of concurrent global TLB
                            purges which is reported from either PAL_VM_SUMMARY or
                            SAL PALO.

            nr_cpus=        [SMP] Maximum number of processors that an SMP kernel
                            could support.  nr_cpus=n : n >= 1 limits the kernel to
                            support 'n' processors. It could be larger than the
                            number of already plugged CPU during bootup, later in
                            runtime you can physically add extra cpu until it reaches
                            n. So during boot up some boot time memory for per-cpu
                            variables need be pre-allocated for later physical cpu
                            hot plugging.

            nr_uarts=       [SERIAL] maximum number of UARTs to be registered.

            numa_balancing= [KNL,X86] Enable or disable automatic NUMA balancing.
                            Allowed values are enable and disable

            numa_zonelist_order= [KNL, BOOT] Select zonelist order for NUMA.
                            'node', 'default' can be specified
                            This can be set from sysctl after boot.
                            See Documentation/admin-guide/sysctl/vm.rst for details.

            ohci1394_dma=early      [HW] enable debugging via the ohci1394 driver.
                            See Documentation/core-api/debugging-via-ohci1394.rst for more

            olpc_ec_timeout= [OLPC] ms delay when issuing EC commands
                            Rather than timing out after 20 ms if an EC
                            command is not properly ACKed, override the length
                            of the timeout.  We have interrupts disabled while
                            waiting for the ACK, so if this is set too high
                            interrupts *may* be lost!

            omap_mux=       [OMAP] Override bootloader pin multiplexing.
                            Format: <mux_mode0.mode_name=value>...
                            For example, to override I2C bus2:

            oops=panic      Always panic on oopses. Default is to just kill the
                            process, but there is a small probability of
                            deadlocking the machine.
                            This will also cause panics on machine check exceptions.
                            Useful together with panic=30 to trigger a reboot.

                            [KNL] Boolean flag to control whether the page allocator
                            should randomize its free lists. The randomization may
                            be automatically enabled if the kernel detects it is
                            running on a platform with a direct-mapped memory-side
                            cache, and this parameter can be used to
                            override/disable that behavior. The state of the flag
                            can be read from sysfs at:

            page_owner=     [KNL] Boot-time page_owner enabling option.
                            Storage of the information about who allocated
                            each page is disabled in default. With this switch,
                            we can turn it on.
                            on: enable the feature

            page_poison=    [KNL] Boot-time parameter changing the state of
                            poisoning on the buddy allocator, available with
                            off: turn off poisoning (default)
                            on: turn on poisoning

            panic=          [KNL] Kernel behaviour on panic: delay <timeout>
                            timeout > 0: seconds before rebooting
                            timeout = 0: wait forever
                            timeout < 0: reboot immediately
                            Format: <timeout>

            panic_print=    Bitmask for printing system info when panic happens.
                            User can chose combination of the following bits:
                            bit 0: print all tasks info
                            bit 1: print system memory info
                            bit 2: print timer info
                            bit 3: print locks info if CONFIG_LOCKDEP is on
                            bit 4: print ftrace buffer
                            bit 5: print all printk messages in buffer

            panic_on_taint= Bitmask for conditionally calling panic() in add_taint()
                            Format: <hex>[,nousertaint]
                            Hexadecimal bitmask representing the set of TAINT flags
                            that will cause the kernel to panic when add_taint() is
                            called with any of the flags in this set.
                            The optional switch "nousertaint" can be utilized to
                            prevent userspace forced crashes by writing to sysctl
                            /proc/sys/kernel/tainted any flagset matching with the
                            bitmask set on panic_on_taint.
                            See Documentation/admin-guide/tainted-kernels.rst for
                            extra details on the taint flags that users can pick
                            to compose the bitmask to assign to panic_on_taint.

            panic_on_warn   panic() instead of WARN().  Useful to cause kdump
                            on a WARN().

                            Run kdump after running panic-notifiers and dumping
                            kmsg. This only for the users who doubt kdump always
                            succeeds in any situation.
                            Note that this also increases risks of kdump failure,
                            because some panic notifiers can make the crashed
                            kernel more unstable.

            parkbd.port=    [HW] Parallel port number the keyboard adapter is
                            connected to, default is 0.
                            Format: <parport#>
            parkbd.mode=    [HW] Parallel port keyboard adapter mode of operation,
                            0 for XT, 1 for AT (default is AT).
                            Format: <mode>

            parport=        [HW,PPT] Specify parallel ports. 0 disables.
                            Format: { 0 | auto | 0xBBB[,IRQ[,DMA]] }
                            Use 'auto' to force the driver to use any
                            IRQ/DMA settings detected (the default is to
                            ignore detected IRQ/DMA settings because of
                            possible conflicts). You can specify the base
                            address, IRQ, and DMA settings; IRQ and DMA
                            should be numbers, or 'auto' (for using detected
                            settings on that particular port), or 'nofifo'
                            (to avoid using a FIFO even if it is detected).
                            Parallel ports are assigned in the order they
                            are specified on the command line, starting
                            with parport0.

            parport_init_mode=      [HW,PPT]
                            Configure VIA parallel port to operate in
                            a specific mode. This is necessary on Pegasos
                            computer where firmware has no options for setting
                            up parallel port mode and sets it to spp.
                            Currently this function knows 686a and 8231 chips.
                            Format: [spp|ps2|epp|ecp|ecpepp]

                            Halt all CPUs after the first oops has been printed for
                            the specified number of seconds.  This is to be used if
                            your oopses keep scrolling off the screen.

            pcbit=          [HW,ISDN]

            pcd.            [PARIDE]
                            See header of drivers/block/paride/pcd.c.
                            See also Documentation/admin-guide/blockdev/paride.rst.

            pci=option[,option...]  [PCI] various PCI subsystem options.

                                    Some options herein operate on a specific device
                                    or a set of devices (<pci_dev>). These are
                                    specified in one of the following formats:


                                    Note: the first format specifies a PCI
                                    bus/device/function address which may change
                                    if new hardware is inserted, if motherboard
                                    firmware changes, or due to changes caused
                                    by other kernel parameters. If the
                                    domain is left unspecified, it is
                                    taken to be zero. Optionally, a path
                                    to a device through multiple device/function
                                    addresses can be specified after the base
                                    address (this is more robust against
                                    renumbering issues).  The second format
                                    selects devices using IDs from the
                                    configuration space which may match multiple
                                    devices in the system.

                    earlydump       dump PCI config space before the kernel
                                    changes anything
                    off             [X86] don't probe for the PCI bus
                    bios            [X86-32] force use of PCI BIOS, don't access
                                    the hardware directly. Use this if your machine
                                    has a non-standard PCI host bridge.
                    nobios          [X86-32] disallow use of PCI BIOS, only direct
                                    hardware access methods are allowed. Use this
                                    if you experience crashes upon bootup and you
                                    suspect they are caused by the BIOS.
                    conf1           [X86] Force use of PCI Configuration Access
                                    Mechanism 1 (config address in IO port 0xCF8,
                                    data in IO port 0xCFC, both 32-bit).
                    conf2           [X86] Force use of PCI Configuration Access
                                    Mechanism 2 (IO port 0xCF8 is an 8-bit port for
                                    the function, IO port 0xCFA, also 8-bit, sets
                                    bus number. The config space is then accessed
                                    through ports 0xC000-0xCFFF).
                                    See http://wiki.osdev.org/PCI for more info
                                    on the configuration access mechanisms.
                    noaer           [PCIE] If the PCIEAER kernel config parameter is
                                    enabled, this kernel boot option can be used to
                                    disable the use of PCIE advanced error reporting.
                    nodomains       [PCI] Disable support for multiple PCI
                                    root domains (aka PCI segments, in ACPI-speak).
                    nommconf        [X86] Disable use of MMCONFIG for PCI
                    check_enable_amd_mmconf [X86] check for and enable
                                    properly configured MMIO access to PCI
                                    config space on AMD family 10h CPU
                    nomsi           [MSI] If the PCI_MSI kernel config parameter is
                                    enabled, this kernel boot option can be used to
                                    disable the use of MSI interrupts system-wide.
                    noioapicquirk   [APIC] Disable all boot interrupt quirks.
                                    Safety option to keep boot IRQs enabled. This
                                    should never be necessary.
                    ioapicreroute   [APIC] Enable rerouting of boot IRQs to the
                                    primary IO-APIC for bridges that cannot disable
                                    boot IRQs. This fixes a source of spurious IRQs
                                    when the system masks IRQs.
                    noioapicreroute [APIC] Disable workaround that uses the
                                    boot IRQ equivalent of an IRQ that connects to
                                    a chipset where boot IRQs cannot be disabled.
                                    The opposite of ioapicreroute.
                    biosirq         [X86-32] Use PCI BIOS calls to get the interrupt
                                    routing table. These calls are known to be buggy
                                    on several machines and they hang the machine
                                    when used, but on other computers it's the only
                                    way to get the interrupt routing table. Try
                                    this option if the kernel is unable to allocate
                                    IRQs or discover secondary PCI buses on your
                    rom             [X86] Assign address space to expansion ROMs.
                                    Use with caution as certain devices share
                                    address decoders between ROMs and other
                    norom           [X86] Do not assign address space to
                                    expansion ROMs that do not already have
                                    BIOS assigned address ranges.
                    nobar           [X86] Do not assign address space to the
                                    BARs that weren't assigned by the BIOS.
                    irqmask=0xMMMM  [X86] Set a bit mask of IRQs allowed to be
                                    assigned automatically to PCI devices. You can
                                    make the kernel exclude IRQs of your ISA cards
                                    this way.
                    pirqaddr=0xAAAAA        [X86] Specify the physical address
                                    of the PIRQ table (normally generated
                                    by the BIOS) if it is outside the
                                    F0000h-100000h range.
                    lastbus=N       [X86] Scan all buses thru bus #N. Can be
                                    useful if the kernel is unable to find your
                                    secondary buses and you want to tell it
                                    explicitly which ones they are.
                    assign-busses   [X86] Always assign all PCI bus
                                    numbers ourselves, overriding
                                    whatever the firmware may have done.
                    usepirqmask     [X86] Honor the possible IRQ mask stored
                                    in the BIOS $PIR table. This is needed on
                                    some systems with broken BIOSes, notably
                                    some HP Pavilion N5400 and Omnibook XE3
                                    notebooks. This will have no effect if ACPI
                                    IRQ routing is enabled.
                    noacpi          [X86] Do not use ACPI for IRQ routing
                                    or for PCI scanning.
                    use_crs         [X86] Use PCI host bridge window information
                                    from ACPI.  On BIOSes from 2008 or later, this
                                    is enabled by default.  If you need to use this,
                                    please report a bug.
                    nocrs           [X86] Ignore PCI host bridge windows from ACPI.
                                    If you need to use this, please report a bug.
                    routeirq        Do IRQ routing for all PCI devices.
                                    This is normally done in pci_enable_device(),
                                    so this option is a temporary workaround
                                    for broken drivers that don't call it.
                    skip_isa_align  [X86] do not align io start addr, so can
                                    handle more pci cards
                    noearly         [X86] Don't do any early type 1 scanning.
                                    This might help on some broken boards which
                                    machine check when some devices' config space
                                    is read. But various workarounds are disabled
                                    and some IOMMU drivers will not work.
                    bfsort          Sort PCI devices into breadth-first order.
                                    This sorting is done to get a device
                                    order compatible with older (<= 2.4) kernels.
                    nobfsort        Don't sort PCI devices into breadth-first order.
                    pcie_bus_tune_off       Disable PCIe MPS (Max Payload Size)
                                    tuning and use the BIOS-configured MPS defaults.
                    pcie_bus_safe   Set every device's MPS to the largest value
                                    supported by all devices below the root complex.
                    pcie_bus_perf   Set device MPS to the largest allowable MPS
                                    based on its parent bus. Also set MRRS (Max
                                    Read Request Size) to the largest supported
                                    value (no larger than the MPS that the device
                                    or bus can support) for best performance.
                    pcie_bus_peer2peer      Set every device's MPS to 128B, which
                                    every device is guaranteed to support. This
                                    configuration allows peer-to-peer DMA between
                                    any pair of devices, possibly at the cost of
                                    reduced performance.  This also guarantees
                                    that hot-added devices will work.
                    cbiosize=nn[KMG]        The fixed amount of bus space which is
                                    reserved for the CardBus bridge's IO window.
                                    The default value is 256 bytes.
                    cbmemsize=nn[KMG]       The fixed amount of bus space which is
                                    reserved for the CardBus bridge's memory
                                    window. The default value is 64 megabytes.
                                    [<order of align>@]<pci_dev>[; ...]
                                    Specifies alignment and device to reassign
                                    aligned memory resources. How to
                                    specify the device is described above.
                                    If <order of align> is not specified,
                                    PAGE_SIZE is used as alignment.
                                    A PCI-PCI bridge can be specified if resource
                                    windows need to be expanded.
                                    To specify the alignment for several
                                    instances of a device, the PCI vendor,
                                    device, subvendor, and subdevice may be
                                    specified, e.g., 12@pci:8086:9c22:103c:198f
                                    for 4096-byte alignment.
                    ecrc=           Enable/disable PCIe ECRC (transaction layer
                                    end-to-end CRC checking).
                                    bios: Use BIOS/firmware settings. This is the
                                    the default.
                                    off: Turn ECRC off
                                    on: Turn ECRC on.
                    hpiosize=nn[KMG]        The fixed amount of bus space which is
                                    reserved for hotplug bridge's IO window.
                                    Default size is 256 bytes.
                    hpmmiosize=nn[KMG]      The fixed amount of bus space which is
                                    reserved for hotplug bridge's MMIO window.
                                    Default size is 2 megabytes.
                    hpmmioprefsize=nn[KMG]  The fixed amount of bus space which is
                                    reserved for hotplug bridge's MMIO_PREF window.
                                    Default size is 2 megabytes.
                    hpmemsize=nn[KMG]       The fixed amount of bus space which is
                                    reserved for hotplug bridge's MMIO and
                                    MMIO_PREF window.
                                    Default size is 2 megabytes.
                    hpbussize=nn    The minimum amount of additional bus numbers
                                    reserved for buses below a hotplug bridge.
                                    Default is 1.
                    realloc=        Enable/disable reallocating PCI bridge resources
                                    if allocations done by BIOS are too small to
                                    accommodate resources required by all child
                                    off: Turn realloc off
                                    on: Turn realloc on
                    realloc         same as realloc=on
                    noari           do not use PCIe ARI.
                    noats           [PCIE, Intel-IOMMU, AMD-IOMMU]
                                    do not use PCIe ATS (and IOMMU device IOTLB).
                    pcie_scan_all   Scan all possible PCIe devices.  Otherwise we
                                    only look for one device below a PCIe downstream
                    big_root_window Try to add a big 64bit memory window to the PCIe
                                    root complex on AMD CPUs. Some GFX hardware
                                    can resize a BAR to allow access to all VRAM.
                                    Adding the window is slightly risky (it may
                                    conflict with unreported devices), so this
                                    taints the kernel.
                    disable_acs_redir=<pci_dev>[; ...]
                                    Specify one or more PCI devices (in the format
                                    specified above) separated by semicolons.
                                    Each device specified will have the PCI ACS
                                    redirect capabilities forced off which will
                                    allow P2P traffic between devices through
                                    bridges without forcing it upstream. Note:
                                    this removes isolation between devices and
                                    may put more devices in an IOMMU group.
                    force_floating  [S390] Force usage of floating interrupts.
                    nomio           [S390] Do not use MIO instructions.
                    norid           [S390] ignore the RID field and force use of
                                    one PCI domain per PCI function

            pcie_aspm=      [PCIE] Forcibly enable or disable PCIe Active State Power
                    off     Disable ASPM.
                    force   Enable ASPM even on devices that claim not to support it.
                            WARNING: Forcing ASPM on may cause system lockups. 

    lianshaohua 2021-03-10 17:57:20
  • 下面的内容摘自Symbian S60 3rd Edition SDK,先把英文原版贴在... How to use UIDs《如何使用UID》How to use UIDsA UID is a globally unique identifier(全局唯一标志符,wave注) consisting of a 32-bit number.


    下面的内容摘自Symbian S60 3rd Edition SDK,先把英文原版贴在这里,等时间充足的时候我再把它翻译出来。 How to use UIDs《如何使用UID》<注:UID:Unique IDentifier唯一标志符>

    How to use UIDs

    A UID is a globally unique identifier(全局唯一标志符,wave注) consisting of a 32-bit number.

    In Symbian OS, objects are identified by a compound identifier, known as the UID type, which is constructed from three 32 bit identifiers. The individual UIDs making up the UID type are referred to as UID1, UID2 and UID3.

    Symbian OS makes widespread use of UIDs:

    • UIDs are used to identify the types of objects at runtime and loadtime, for example identifying executables, DLLs, filestores.

    • UIDs are used to verify that objects present compatible and expected interfaces at runtime and loadtime, for example verifying that DLLs or filestores are of the expected type.

    • UIDs are fundamental to the association of applications with documents. For example, associating a document with an application allows the system to launch the application when the document is opened.

    A file's three UIDs are stored in the first 12 bytes of the file.

    To program successfully, developers need to understand why and how to use UIDs in their programs.

    What UIDs are for

    From a user's point of view, conventional file names are preferable to UIDs for file identification. Symbian OS therefore supports a flexible, long filename, file naming scheme.

    However from a system point of view, guaranteed unique, 32-bit numbers provide for much safer, systematic, and more lightweight identification.

    UID1, UID2 and UID3 have the following general characteristics:

    • UID1 indicates the structure of the file, for example, whether it is an executable, a DLL or a file store.

    • The meaning of UID2 depends on the type of object it applies to. For polymorphic interface (plug-in framework) DLLs, UID2 identifies the interface that the DLL implements. For static interface (shared library) DLLs that others link to, the UID2 value is always the same. For executables (with the exception of GUI applications), the UID2 value is ignored.

    • UID3 distinguishes between objects with the same UID2 and can be thought of as a project identifier. For example, for an application, the same UID3 is shared by the executable, registration file (which defines the application's icon, caption, and some capability information), and all documents.

      In OS versions with platform security, the Secure ID (SID) for a binary is taken to be the same as the third UID for that file. If an application (EXE) does not specify a UID3 or specifies it as zero, then the Secure ID is undefined for the application. This has several consequences, including lack of privacy for data used by that application.

    The UID type is a TUidType object and is constructed from a combination of all or some of the three possible UIDs. The UID type can be queried to return its component UID1, UID2 and UID3 values.

    If no UIDs are attached to an object, then all three component UIDs are returned as KUidNull.


    UID1, UID2, UID3, and the no UIDs case

    An object in Symbian OS and more particularly files in Symbian OS may have all, some, or none of the three possible UIDs defined.

    Symbian OS predefines all possible UID1 values and the UID2 values used for GUI applications and static interface DLLs at system level. Developers refer to them by their constant names, although in project (.mmp) files, hexadecimal numbers are used.

    • UID1: examples include KExecutableImageUid, KDynamicLibraryUid and KDirectFileStoreLayoutUid

    • UID2: examples include KSharedLibraryUid (0x1000008d) for a static interface DLL and KUidApp (0x100039CE) for a GUI application

    • Developers are responsible for ensuring that where UID3 values are required, they are properly allocated. See the Symbian Signed web site for information on how to allocate UIDs.

    Note that in project (.mmp) files, UID2 and UID3 values can be specified, but UID1 values cannot; the UID1 value is implied by the project's target type.


    EXE targets and UIDs

    All executable targets have a UID1 of KExecutableImageUid. This is defined by Symbian OS and is automatically built into any executable target based on the exe target type declared in the project file.

    A UID2 value should be specified by GUI applications (.EXE) and the application architecture expects this to be KUidApp (0x100039CE). Console applications (also .EXE), which are often used for testing and as example code, do not need to specify a UID2, and if they do, it is ignored. All executables should however specify a UID3 value, in part because it is used as the secure ID (SID) of the process, which is used as the executable's private directory name.


    DLLs and UIDs

    All DLLs, whether they have static or polymorphic interfaces, have a UID1 of KDynamicLibraryUid. This is defined by Symbian OS and is automatically built into any DLL target based on the dll target type declared in the project file.

    For static interface DLLs, the UID2 is KSharedLibraryUid. The UID3, which is used to identify the interface to the library, must be allocated by Symbian Signed.

    For polymorphic DLLs (for instance ECom plugins, device drivers and front end processors), UID2 identifies the interface that the DLL implements. UID3 (which, if required, must be allocated by Symbian Signed) may be used to identify a specific implementation of that interface.


    Documents and UIDs

    In Symbian OS, documents are really file-stores: stores which can be closed and re-opened. There are two different kinds of file store, direct file stores which are write-once-read-many, and permanent file stores which are write-many-read-many.

    A document's UID1 will therefore be one of KDirectFileStoreLayoutUid or KPermanentFileStoreLayoutUid. The UID2 and/or UID3 will be application dependent.

    Every native document must have an appropriate UID1 which should be set by the application which creates the document. Typically documents may have a UID2 of KUidAppDllDoc and a UID3 shared with the creating application. More precisely, a document’s UID3 should match that of the application which will open it.

    Only the UID1 is required, but in most cases developers will want to specify second and third UIDs for the documents their applications create and use. These UIDs are used by the application architecture framework to manage associations between applications and their documents. This allows an application to be found and launched when a file is opened, and it also allows an application icon to be associated with documents in system shell displays. Conversely, it allows an application, when opening files, to select only applicable files.

    Symbian OS also allows default file associations with the implication that in some cases users may want to select a different application to open a file. Applications which support this must therefore be able to open documents whose third UID differs from their own.

    Applications may also want to open non-native documents which have no UIDs, and may wish to be specified as default applications for these documents.


    UIDs in package files

    Package (.PKG) files are used in Symbian OS to provide the information required to create Symbian installation (.SIS) files. Each SIS file contains a UID, which is defined in the package file's package header. This UID should be allocated in the same way as other UIDs, through Symbian Signed.


    Uniqueness and allocation

    Because UIDs are fundamental to Symbian OS, it is important that they are used correctly when developing programs. To ensure uniqueness, it is essential that UIDs are properly allocated.

    Uniqueness is guaranteed by managing allocation centrally from a single database. All UIDs must therefore be assigned to users by a central allocating authority.

    With the introduction of platform security, UIDs are also split into protected and unprotected ranges. Any UID values falling below 0x7FFFFFFF are classed as "protected" and are only intended for use with signed applications (or those pre-installed in ROM). The software installer will refuse to install an unsigned application if it uses a package UID in the protected range.

    Developers can request UIDs through https://www.symbiansigned.com. For more information, see https://www.symbiansigned.com/app/page/uidfaq. Note that from version 9 of Symbian OS, UIDs are no longer requested from uid@symbiandevnet.com.

    Reserved range for development only

    During development, or for test code, temporary UIDs may be chosen from the unprotected test range 0xExxxxxxx. These UIDs can be used during development for unsigned applications but must not be used in released software. Note that such applications may not be installable via a SIS file. See the Symbian Signed website for more information.

    Care must still be taken to avoid clashes within development teams and between multiple projects, including old projects which may still be installed on an emulator or native platforms. UID clashes may stop a program from loading correctly, typically leading to Not Found errors.

    wave_1102 2007-10-10 16:45:00
  • Running MySQL on Amazon EC2 with EBS (Elastic Block Store) This tutorial describes one approach to using Amazon EC2's Elastic Block Store

    Running MySQL on Amazon EC2 with EBS (Elastic Block Store)

    This tutorial describes one approach to using Amazon EC2's Elastic Block Store (EBS) as a persistent storage mechanism for a production MySQL database server, including snapshot backup and restore.

    This guide covers:
    • Benefits of using EBS for MySQL
    • Setting up an EBS volume on an EC2 instance for use with MySQL
    • Configuring MySQL to use the EBS volume for data files and binary logs
    • Snapshotting the database
    • Restoring the snapshotted database on a second EC2 instance
    This explicitly does  not cover:
    • How to set up an Amazon EC2 account
    • How to use MySQL
    • Advanced multi-host redundancy, master/slave, failover, scaling, clusters

    The focus here is on simplicity and to help the reader get a feel for the basics of what EBS offers to database servers.

    Benefits of using EBS for MySQL

    There are numerous reasons why you will want to run your MySQL database on EBS. Some of them are obvious and some are wonderful. They include:

    Persistent storage in the event of instance failure - If an EBS volume is used as the storage for a MySQL database, then the data is protected from instance termination or failure. You can simply attach/mount the volume on another instance and MySQL will run its normal recovery procedures to bring the database up to date with the binary logs.

    Safety & Replication - According to Amazon, "EBS volume data is replicated across multiple servers". This makes your data safer than the default instance storage.

    Improved performance - Early reports from studies on random access disk IO performance indicate that EBS IO rates can be faster than ephemeral storage and even local disk IO. This has obvious benefits for databases which are often IO bound.

    Large data storage capacity - EBS volumes can be up to 1TB in size. You can go larger with LVM or RAID across EBS volumes, or by placing different databases or table files on different EBS volumes.

    Instance type portability - If you find that your current small EC2 instance is not able to handle your growing demand, you can switch the EBS volume holding your MySQL database to a running extra large instance in a matter of seconds without having to copy the database across the network. Downgrade instance types later to save money.

    Fast and easy backups - EBS snapshots alone can be a sufficiently attractive reason to move a database server to Amazon EC2. Being able to take live, consistent, binary snapshots of the database in just a few seconds is a thing of beauty. Add in the ability to create a new EBS volume from a snapshot so another EC2 instance can run against an exact copy of that database... and you've opened up new worlds of possibilities.

    Technology choices

    This guide shows examples using the Amazon EC2 API command line tools which are assumed to be installed on your local system. Many of the same results can be accomplished with the AWS Console, the Firefox EC2 plugin or with some of the 3rd party web management interfaces to Amazon EC2 such as RightScale.

    This guide shows examples using Ubuntu 9.10 (Karmic). The same concepts would apply with slight modifications on Debian, Fedora, Red Hat, CentOS, and other Linux distributions. The latest versions of the Ubuntu AMIs can be found on the following page maintained by the author: http://alestic.com

    This guide shows examples using the XFS file system. Besides being a stable, modern, high performance, journaling file system, XFS supports file system freeze/thaw which is extremely useful for ensuring a consistent state during EBS snapshots. XFS also supports file system growth which can be used if your database and other data are reaching the limits of your current volume size.

    Setting up an EBS volume on an EC2 instance for use with MySQL

    To get started, we'll run an EC2 instance, create an EBS volume, and attach the volume to the instance. You can run the instance in any availability zone, just make sure to create the volume in the same zone so it can be attached to the instance.

    As mentioned in the previous section, we assume that you have installed the EC2 API command line tools on your local system.

    Run an instance of Ubuntu 9.10 Karmic base install specifying your ssh keypair name. Make a note of the instance id (say, i-IIII1111). Check to see if the instance is running (might take a minute) and make a note of the external hostname (say, HOST1111).

    ec2-run-instances -z us-east-1a --key YOURKEYPAIR ami-1515f67c
    ec2-describe-instances i-IIII1111

    Create a new 10 GB EBS volume and make a note of the volume id (say, vol-VVVV1111). Check to see if the new volume is available (might take a few seconds).

    ec2-create-volume -z us-east-1a -s 10
    ec2-describe-volumes vol-VVVV1111

    Once it's available, attach the EBS volume to the instance as /dev/sdh

    ec2-attach-volume -d /dev/sdh -i i-IIII1111 vol-VVVV1111

    Now we can set things up on the instance itself, so connect to it and install the necessary software on the instance. Enter and record a secure MySQL root password when prompted.

    ssh -i YOURSSHKEYFILE ubuntu@HOST1111
    sudo apt-get update && sudo apt-get upgrade -y
    sudo apt-get install -y xfsprogs mysql-server

    Create an XFS file system on the EBS volume and mount it as /vol

    grep -q xfs /proc/filesystems || sudo modprobe xfs
    sudo mkfs.xfs /dev/sdh
    echo "/dev/sdh /vol xfs noatime 0 0" | sudo tee -a /etc/fstab
    sudo mkdir -m 000 /vol
    sudo mount /vol

    You now have a 10 GB (or whatever size you specified) EBS volume mounted under /vol with an XFS file system, and it will be automatically mounted if the instance reboots.

    Anything you store under /vol (including MySQL files) will persist beyond the life of the current instance, and you can take snapshots of this volume for backup or replication.

    Configuring MySQL to use the EBS volume

    Now that we have an EBS volume mounted on the instance with a good file system, let's put the MySQL database on that volume and tell MySQL where it is.

    Stop the MySQL server.

    sudo /etc/init.d/mysql stop

    Move the existing database files to the EBS volume. Point MySQL to the correct database files on the EBS volume using mount bind.

    sudo mkdir /vol/etc /vol/lib /vol/log
    sudo mv /etc/mysql     /vol/etc/
    sudo mv /var/lib/mysql /vol/lib/
    sudo mv /var/log/mysql /vol/log/
    sudo mkdir /etc/mysql
    sudo mkdir /var/lib/mysql
    sudo mkdir /var/log/mysql
    echo "/vol/etc/mysql /etc/mysql     none bind" | sudo tee -a /etc/fstab
    sudo mount /etc/mysql
    echo "/vol/lib/mysql /var/lib/mysql none bind" | sudo tee -a /etc/fstab
    sudo mount /var/lib/mysql
    echo "/vol/log/mysql /var/log/mysql none bind" | sudo tee -a /etc/fstab
    sudo mount /var/log/mysql

    Restart the MySQL server.

    sudo /etc/init.d/mysql start

    You are now running MySQL with all of the data and binary log files persistently stored on a high performance, redundant EBS volume!

    To prove to yourself that a later snapshot saved your database changes, you might want to load some data or simply create a placeholder database with a SQL statement like:

    mysql -u root -p -e 'CREATE DATABASE tutorial_sample'

    Your data is pretty safe here, but let's make it even safer with snapshot backups.

    Snapshotting the database

    An EBS snapshot is a point in time copy of the complete EBS volume. It will save the current state of all files that were placed on that volume at a block level including the MySQL database data and binary logs. Snapshots are saved to Amazon S3 which is even more secure than EBS in that it is archived in multiple geographic locations.

    Since file systems and databases often have things in memory on their way to disk and active processes can be changing the state of the disk so that it isn't always entirely consistent with itself, we take pains to flush, lock, and freeze the database and the file system for the few moments that it takes to create the EBS snapshot. This may cause a slight pause in activity on that system, but if the process is automated, it tends to be sufficiently short that most folks won't notice.

    To be able to type all the required commands in a single connection to the EC2 instance, this example uses the mysql "SYSTEM" statement to run command line programs, but these commands don't really have to be run from inside MySQL to be effective.

    Start a MySQL session on the instance, using the password you set above.

    mysql -u root -p

    In the mysql session, flush the tables to disk and acquire a lock. Flush the file system to disk and freeze it. Do not exit the MySQL session or you will lose the lock and snapshot potentially inconsistent database files!

    SYSTEM sudo xfs_freeze -f /vol

    Note: The output from SHOW MASTER STATUS can be handy if you later want to start a slave database from the snapshot.

    On your local system (which has the EC2 API command line tools installed) create a snapshot of the EBS volume. Make a note of the snapshot id (say, snap-SSSS1111).

    ec2-create-snapshot vol-VVVV1111

    Back in the same MySQL session on the instance, unfreeze the file system, release the database lock, and you're done!

    SYSTEM sudo xfs_freeze -u /vol

    Though the ec2-create-snapshot command returns quickly, the actual snapshot may take a while to complete writing to S3. Have no fear, it will be consistent as of the time the snapshot was initiated above and no further database or disk writes on the instance will affect it.

    You can monitor the progress of the snapshot with this command:

    ec2-describe-snapshots snap-SSSS1111

    Note: If you have a busy database with some long running statements, then acquiring a database lock may be difficult without interfering with operations. However, if all of your tables use the InnoDB engine, then you may skip the LOCK/UNLOCK statements above. MySQL will restore the database to a consistent state when it is run against the binary backup.

    Automated snapshot program

    The above sequence of MySQL statements and shell commands can be a bit of a hassle when performed manually, not to mention that database activity will be blocked while you are typing, so...

    The ec2-consistent-snapshot program automates the appropriate flushing and locking of MySQL and XFS file systems while the EBS snapshot is initiated. To install this on Ubuntu, use the following steps:

    codename=$(lsb_release -cs)
    echo "deb http://ppa.launchpad.net/alestic/ppa/ubuntu $codename main"|
      sudo tee /etc/apt/sources.list.d/alestic-ppa.list    
    sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys BE09C571
    sudo apt-get update
    sudo apt-get install -y ec2-consistent-snapshot
    sudo PERL_MM_USE_DEFAULT=1 cpan Net::Amazon::EC2

    The documentation can be accessed using:

    man ec2-consistent-snapshot

    This program can be run from a scheduled cron job on the EC2 instance to automate backup snapshots while you sleep.

    Since each snapshot only takes up space based on which blocks have changed since the last snapshot and since there may be additional compression applied, the incremental cost of frequent snapshots can sometimes be small.

    Restoring the snapshotted database

    So you want to check out the snapshot of your MySQL database to see if it really has the right data. Or, you'd like to test some code on an instance which has nearly current production data without risk to the live production database. Or, you want to start a MySQL replication slave. Or, you need to recover from an unfortunate DELETE statement without a WHERE clause...

    We'll start another EC2 instance to run the second database server. It is not necessary to terminate the original instance; both can be running in parallel. The second instance and volume must be together in the same availability zone, though it does not have to be where the first instance/volume reside.

    Run a second instance, making a note of the instance id (say, i-IIII2222). Check to see if the instance is running (might take a minute) and make a note of the external hostname (say, HOST2222).

    ec2-run-instances -z us-east-1b --key YOURKEYPAIR ami-1515f67c
    ec2-describe-instances i-IIII2222

    Create a second EBS volume based on the snapshot of the original volume and make a note of the volume id (say, vol-VVVV2222). Check to see if the second volume is available (might take a while).

    ec2-create-volume -z us-east-1b --snapshot snap-SSSS1111
    ec2-describe-volumes vol-VVVV2222

    Once it's available, attach the second EBS volume to the second instance as /dev/sdh

    ec2-attach-volume -d /dev/sdh -i i-IIII2222 vol-VVVV2222

    Note: If the original instance had crashed or been terminated, we could skip the creation of a second volume from a snapshot and simply attach the original volume to the second instance. The remainder of these instructions would apply just the same for getting up and running with that original volume, though you might want to run xfs_check just before mounting to make sure the file system is in a consistent state after the crash.

    Now, hop on to the second instance, install the required software, and mount the attached EBS volume. (The MySQL password does not matter here because we will be using a pre-existing database.) We also make sure the files are owned by mysql, just in case UIDs are different on the new instance.

    ssh -i YOURSSHKEYFILE ubuntu@HOST2222
    sudo apt-get update && sudo apt-get upgrade -y
    export DEBIAN_FRONTEND=noninteractive
    sudo -E apt-get install -y xfsprogs mysql-server
    echo "/dev/sdh /vol xfs noatime 0 0" | sudo tee -a /etc/fstab
    sudo mkdir -m 000 /vol
    sudo mount /vol
    sudo find /vol/{lib,log}/mysql/ ! -user  root -print0 | 
      sudo xargs -0 -r chown mysql
    sudo find /vol/{lib,log}/mysql/ ! -group root -a ! -group adm -print0 |
      sudo xargs -0 -r chgrp mysql

    Point MySQL to the correct database files on the EBS volume.

    sudo /etc/init.d/mysql stop
    echo "/vol/etc/mysql /etc/mysql     none bind" | sudo tee -a /etc/fstab
    sudo mount /etc/mysql
    echo "/vol/lib/mysql /var/lib/mysql none bind" | sudo tee -a /etc/fstab
    sudo mount /var/lib/mysql
    echo "/vol/log/mysql /var/log/mysql none bind" | sudo tee -a /etc/fstab
    sudo mount /var/log/mysql
    sudo /etc/init.d/mysql start

    You now have a second machine running against an exact copy of the first database at the time of the snapshot. Imagine the possibilities and smile!

    You can verify this by looking for the "tutorial_sample" database you created earlier.

    mysql -u root -p -e 'SHOW DATABASES'

    Note: Each of these instances has mounted a different volume and is using a different set of database files. Though they would have started out sharing similar values in the database, any changes made in one will not be reflected in the other.


    If you followed the above steps, you will have created resources which will continue to be charged against your EC2 account until you release them. Here are the steps to shut down and delete everything created in this tutorial. The first commands run on the instances:

    Unmount the EBS volume file systems on each of the EC2 instances.

    sudo /etc/init.d/mysql stop
    sudo umount /etc/mysql /var/lib/mysql /var/log/mysql /vol

    The rest of the commands should be run on your local system (which has the EC2 API command line tools installed):

    Detach EBS volumes from EC2 instances, delete the volumes, delete the snapshots, and shutdown the instances.

    ec2-detach-volume vol-VVVV1111
    ec2-detach-volume vol-VVVV2222
    ec2-delete-volume vol-VVVV1111
    ec2-delete-volume vol-VVVV2222
    ec2-delete-snapshot snap-SSSS1111
    ec2-terminate-instances i-IIII1111
    ec2-terminate-instances i-IIII2222

    Verify that it's all gone.

    Koupoo 2011-08-03 13:11:03
  • weixin_30864831 2021-06-07 07:04:12
  • qq_15347925 2021-08-26 18:02:35
  • laojing123 2012-07-26 16:44:53
  • qq_45683435 2020-01-22 16:07:23
  • renfengjun 2017-12-26 14:56:07
  • baidu_41666295 2020-01-06 20:32:16
  • lively1982 2015-09-17 10:23:58
  • zhanglong_4444 2021-09-22 11:40:20
  • u010132993 2016-12-19 22:54:24
  • weixin_41738417 2019-03-28 11:19:47
  • wzsy 2009-08-05 13:51:00
  • liukeforever 2010-08-27 11:01:00
  • mounter625 2019-10-23 21:50:00
  • weixin_33949359 2016-08-23 14:29:00
  • qwfys200 2019-11-28 16:34:54
  • gjz175 2015-10-18 15:05:17
  • xgbing 2019-09-09 09:18:57
  • QQ1084283172 2017-04-01 22:03:27
  • CCJHDOPC 2016-09-30 16:42:50
  • bailiweixb 2019-02-01 15:46:34
  • snowman_sp 2005-11-28 23:00:00
  • dog250 2019-08-20 22:27:38
  • laofan995149 2020-09-05 11:42:25
  • thh159 2019-03-10 15:18:58



1 2 3 4 5 ... 20
收藏数 787
精华内容 314