目录
1. /proc简介2. 内核机制相关3. 进程信息4. 硬件设备相关5. 系统信息6. /dev简介7. 内存相关
1. /proc简介
在linux的根目录下有一个/proc目录,/proc文件系统是一个虚拟文件系统,通过它可以使用一种新的方法在Linux内核空间和用户空间之间进行通信。在/proc文件系统中,我们可以将对虚拟文件的读写作为与内核中实体进行通信的一种手段,但是与普通文件不同的是,这些虚拟文件的内容都是动态创建的(即在我们执行指令的那一刹那才产生的)
/proc文件系统包含了:
1. 一些目录(用作组织信息的方式)例如linux对于当前运行中的每一个进程都在/proc目录下建立一个目录(目录名就是process-id),例如init的进程号是1,则目录名也是12. 虚拟文件虚拟文件可以向用户呈现内核中的一些信息,也可以用作一种从用户空间向内核发送信息的手段
执行: ll /proc,我们可以得到如下结果
dr-xr-xr-x. 8 root root 0 Jul 28 20:31 1dr-xr-xr-x. 8 root root 0 Jul 28 20:31 10dr-xr-xr-x. 8 root root 0 Jul 28 20:31 1024dr-xr-xr-x. 8 root root 0 Jul 28 20:31 11dr-xr-xr-x. 8 root root 0 Jul 28 20:31 12dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12016dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12017dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12018dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12019dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12020dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12021dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12022dr-xr-xr-x. 8 apache apache 0 Jul 30 05:08 12023dr-xr-xr-x. 8 root root 0 Jul 28 20:31 13dr-xr-xr-x. 8 root root 0 Jul 28 20:31 1329dr-xr-xr-x. 8 root root 0 Jul 28 20:32 1349dr-xr-xr-x. 8 root root 0 Jul 28 20:31 14dr-xr-xr-x. 8 root root 0 Jul 28 20:31 147dr-xr-xr-x. 8 root root 0 Jul 28 20:31 148dr-xr-xr-x. 8 root root 0 Jul 28 20:31 149dr-xr-xr-x. 8 root root 0 Jul 28 20:31 15dr-xr-xr-x. 8 root root 0 Jul 30 00:14 15269dr-xr-xr-x. 8 root root 0 Jul 28 20:31 154dr-xr-xr-x. 8 root root 0 Jul 28 20:31 155dr-xr-xr-x. 8 root root 0 Jul 28 20:31 16dr-xr-xr-x. 8 root root 0 Jul 28 20:32 1613dr-xr-xr-x. 8 root root 0 Jul 28 20:32 1638dr-xr-xr-x. 8 root root 0 Jul 28 20:31 17dr-xr-xr-x. 8 root root 0 Jul 30 17:07 17975dr-xr-xr-x. 8 root root 0 Jul 28 20:31 18dr-xr-xr-x. 8 root root 0 Jul 30 17:12 18170dr-xr-xr-x. 8 root root 0 Jul 28 20:31 19dr-xr-xr-x. 8 root root 0 Jul 30 19:46 19703dr-xr-xr-x. 8 root root 0 Jul 30 20:04 19846dr-xr-xr-x. 8 root root 0 Jul 30 20:04 19851dr-xr-xr-x. 8 root root 0 Jul 28 20:31 2dr-xr-xr-x. 8 root root 0 Jul 28 20:31 20dr-xr-xr-x. 8 root root 0 Jul 28 20:31 21dr-xr-xr-x. 8 postfix postfix 0 Jul 31 01:36 21833dr-xr-xr-x. 8 root root 0 Jul 28 20:31 22dr-xr-xr-x. 8 root root 0 Jul 31 01:36 22122dr-xr-xr-x. 8 root root 0 Jul 28 20:31 23dr-xr-xr-x. 8 root root 0 Jul 28 20:31 24dr-xr-xr-x. 8 root root 0 Jul 28 20:31 25dr-xr-xr-x. 8 root root 0 Jul 28 20:31 254dr-xr-xr-x. 8 root root 0 Jul 28 20:31 255dr-xr-xr-x. 8 root root 0 Jul 28 20:31 256dr-xr-xr-x. 8 root root 0 Jul 28 20:31 257dr-xr-xr-x. 8 root root 0 Jul 28 20:31 258dr-xr-xr-x. 8 root root 0 Jul 28 20:31 259dr-xr-xr-x. 8 root root 0 Jul 28 20:31 26dr-xr-xr-x. 8 root root 0 Jul 28 20:31 260dr-xr-xr-x. 8 root root 0 Jul 28 20:31 261dr-xr-xr-x. 8 root root 0 Jul 28 20:31 262dr-xr-xr-x. 8 root root 0 Jul 28 20:31 263dr-xr-xr-x. 8 root root 0 Jul 28 20:31 264dr-xr-xr-x. 8 root root 0 Jul 28 20:31 265dr-xr-xr-x. 8 root root 0 Jul 28 20:31 266dr-xr-xr-x. 8 root root 0 Jul 28 20:31 267dr-xr-xr-x. 8 root root 0 Jul 28 20:31 268dr-xr-xr-x. 8 root root 0 Jul 28 20:31 269dr-xr-xr-x. 8 root root 0 Jul 28 20:31 27dr-xr-xr-x. 8 root root 0 Jul 28 20:31 270dr-xr-xr-x. 8 root root 0 Jul 28 20:31 271dr-xr-xr-x. 8 root root 0 Jul 28 20:31 272dr-xr-xr-x. 8 root root 0 Jul 28 20:31 273dr-xr-xr-x. 8 root root 0 Jul 28 20:31 274dr-xr-xr-x. 8 root root 0 Jul 28 20:31 275dr-xr-xr-x. 8 root root 0 Jul 28 20:31 276dr-xr-xr-x. 8 root root 0 Jul 28 20:31 277dr-xr-xr-x. 8 root root 0 Jul 28 20:31 278dr-xr-xr-x. 8 root root 0 Jul 28 20:31 279dr-xr-xr-x. 8 root root 0 Jul 28 20:31 28dr-xr-xr-x. 8 root root 0 Jul 28 20:31 280dr-xr-xr-x. 8 root root 0 Jul 28 20:31 281dr-xr-xr-x. 8 root root 0 Jul 28 20:31 282dr-xr-xr-x. 8 root root 0 Jul 28 20:31 283dr-xr-xr-x. 8 root root 0 Jul 28 20:31 29dr-xr-xr-x. 8 root root 0 Jul 28 20:31 3dr-xr-xr-x. 8 root root 0 Jul 28 20:31 30dr-xr-xr-x. 8 root root 0 Jul 28 20:31 31dr-xr-xr-x. 8 root root 0 Jul 28 20:31 32dr-xr-xr-x. 8 root root 0 Jul 28 20:31 342dr-xr-xr-x. 8 root root 0 Jul 28 20:31 343dr-xr-xr-x. 8 root root 0 Jul 28 20:31 368dr-xr-xr-x. 8 root root 0 Jul 28 20:31 37dr-xr-xr-x. 8 root root 0 Jul 28 20:31 38dr-xr-xr-x. 8 root root 0 Jul 28 20:31 4dr-xr-xr-x. 8 root root 0 Jul 28 20:31 40dr-xr-xr-x. 8 root root 0 Jul 28 20:31 41dr-xr-xr-x. 8 root root 0 Jul 28 20:31 434dr-xr-xr-x. 8 root root 0 Jul 28 20:31 5dr-xr-xr-x. 8 root root 0 Jul 28 20:31 512dr-xr-xr-x. 8 root root 0 Jul 28 20:31 6dr-xr-xr-x. 8 root root 0 Jul 28 20:31 7dr-xr-xr-x. 8 root root 0 Jul 28 20:31 71dr-xr-xr-x. 8 dbus dbus 0 Jul 28 20:32 7682dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7693dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7699dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7716dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7718dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7743dr-xr-xr-x. 8 haldaemon haldaemon 0 Jul 28 20:32 7752dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7753dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7799dr-xr-xr-x. 8 haldaemon haldaemon 0 Jul 28 20:32 7803dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7820dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7838dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7884dr-xr-xr-x. 8 root root 0 Jul 28 20:32 7900dr-xr-xr-x. 8 root root 0 Jul 28 20:31 8dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8016dr-xr-xr-x. 8 postfix postfix 0 Jul 28 20:32 8023dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8040dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8048dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8058dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8072dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8089dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8112dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8117dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8119dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8121dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8125dr-xr-xr-x. 8 root root 0 Jul 28 20:33 8128dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8136dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8139dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8155dr-xr-xr-x. 8 gdm gdm 0 Jul 28 20:32 8225dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8231dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8273dr-xr-xr-x. 8 rtkit rtkit 0 Jul 28 20:32 8284dr-xr-xr-x. 8 root root 0 Jul 28 20:32 8290dr-xr-xr-x. 8 root root 0 Jul 28 20:31 866dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8926dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8936dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8944dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8945dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8959dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8968dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8969dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8974dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8981dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8982dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8996dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8997dr-xr-xr-x. 8 root root 0 Jul 28 20:39 8999dr-xr-xr-x. 8 root root 0 Jul 28 20:31 9dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9005dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9007dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9009dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9011dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9015dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9016dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9018dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9019dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9020dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9023dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9024dr-xr-xr-x. 8 root root 0 Jul 30 05:08 9028dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9031dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9032dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9036dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9039dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9046dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9052dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9054dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9061dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9065dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9066dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9067dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9072dr-xr-xr-x. 8 root root 0 Jul 30 05:08 9073dr-xr-xr-x. 8 root root 0 Jul 30 05:08 9082dr-xr-xr-x. 8 root root 0 Jul 28 20:39 9118dr-xr-xr-x. 8 root root 0 Jul 28 20:40 9124dr-xr-xr-x. 8 root utmp 0 Jul 28 20:40 9125dr-xr-xr-x. 8 root root 0 Jul 28 20:40 9126dr-xr-xr-x. 8 root root 0 Jul 28 20:43 9160dr-xr-xr-x. 8 root root 0 Jul 28 20:31 936dr-xr-xr-x. 8 root root 0 Jul 28 20:31 937dr-xr-xr-x. 8 root root 0 Jul 28 21:27 9474dr-xr-xr-x. 8 root root 0 Jul 28 20:31 974dr-xr-xr-x. 8 root root 0 Jul 28 20:31 975dr-xr-xr-x. 8 root root 0 Jul 28 22:05 9779dr-xr-xr-x. 10 root root 0 Jul 28 20:32 acpidr-xr-xr-x. 5 root root 0 Jul 31 01:36 asound-r--r--r--. 1 root root 0 Jul 31 01:36 buddyinfodr-xr-xr-x. 6 root root 0 Jul 28 20:31 bus-r--r--r--. 1 root root 0 Jul 31 01:36 cgroups-r--r--r--. 1 root root 0 Jul 31 01:36 cmdline-r--r--r--. 1 root root 0 Jul 31 01:36 cpuinfo-r--r--r--. 1 root root 0 Jul 31 01:36 crypto-r--r--r--. 1 root root 0 Jul 31 01:36 devices-r--r--r--. 1 root root 0 Jul 31 01:36 diskstats-r--r--r--. 1 root root 0 Jul 31 01:36 dmadr-xr-xr-x. 2 root root 0 Jul 31 01:36 driver-r--r--r--. 1 root root 0 Jul 31 01:36 execdomains-r--r--r--. 1 root root 0 Jul 31 01:36 fb-r--r--r--. 1 root root 0 Jul 31 01:36 filesystemsdr-xr-xr-x. 5 root root 0 Jul 31 01:36 fs-r--r--r--. 1 root root 0 Jul 31 01:36 interrupts-r--r--r--. 1 root root 0 Jul 31 01:36 iomem-r--r--r--. 1 root root 0 Jul 31 01:36 ioportsdr-xr-xr-x. 2 root root 0 Jul 31 01:36 ipmidr-xr-xr-x. 55 root root 0 Jul 31 01:36 irq-r--r--r--. 1 root root 0 Jul 31 01:36 kallsyms-r--------. 1 root root 4096 Jul 31 01:36 kcore-r--r--r--. 1 root root 0 Jul 31 01:36 keys-r--r--r--. 1 root root 0 Jul 31 01:36 key-users-r--------. 1 root root 0 Jul 28 20:32 kmsg-r--------. 1 root root 0 Jul 31 01:36 kpagecount-r--------. 1 root root 0 Jul 31 01:36 kpageflags-r--r--r--. 1 root root 0 Jul 31 01:36 loadavg-r--r--r--. 1 root root 0 Jul 31 01:36 locks-r--r--r--. 1 root root 0 Jul 28 20:32 mdstat-r--r--r--. 1 root root 0 Jul 28 20:32 meminfo-r--r--r--. 1 root root 0 Jul 31 01:36 misc-r--r--r--. 1 root root 0 Jul 31 01:36 moduleslrwxrwxrwx. 1 root root 11 Jul 31 01:36 mounts -> self/mountsdr-xr-xr-x. 3 root root 0 Jul 31 01:36 mpt-r--r--r--. 1 root root 0 Jul 31 01:36 mtd-rw-r--r--. 1 root root 0 Jul 28 20:32 mtrrlrwxrwxrwx. 1 root root 8 Jul 31 01:36 net -> self/net-r--r--r--. 1 root root 0 Jul 31 01:36 pagetypeinfo-r--r--r--. 1 root root 0 Jul 31 01:36 partitions-r--r--r--. 1 root root 0 Jul 31 01:36 sched_debug-r--r--r--. 1 root root 0 Jul 31 01:36 schedstatdr-xr-xr-x. 4 root root 0 Jul 31 01:36 scsilrwxrwxrwx. 1 root root 64 Jul 31 00:01 self -> 22122-rw-r--r--. 1 root root 0 Jul 31 01:36 slabinfo-r--r--r--. 1 root root 0 Jul 31 01:36 softirqs-r--r--r--. 1 root root 0 Jul 28 20:32 stat-r--r--r--. 1 root root 0 Jul 31 01:36 swapsdr-xr-xr-x. 1 root root 0 Jul 28 20:31 sys--w-------. 1 root root 0 Jul 31 01:36 sysrq-triggerdr-xr-xr-x. 2 root root 0 Jul 31 01:36 sysvipc-r--r--r--. 1 root root 0 Jul 31 01:36 timer_list-rw-r--r--. 1 root root 0 Jul 31 01:36 timer_statsdr-xr-xr-x. 4 root root 0 Jul 31 01:36 tty-r--r--r--. 1 root root 0 Jul 31 01:36 uptime-r--r--r--. 1 root root 0 Jul 31 01:36 version-r--------. 1 root root 0 Jul 31 01:36 vmallocinfo-r--r--r--. 1 root root 0 Jul 28 20:32 vmstat-r--r--r--. 1 root root 0 Jul 31 01:36 zoneinfo
值得注意的是,使用"sysctl -a | more"指令,我们可以直接获得当前/proc中保存的所有变量,一次性全部显示出来
文章接下来的部分,我们按照逻辑功能对它们进行分类,逐类学习
Relevant Link:
http://www.ibm.com/developerworks/cn/linux/l-proc.htmlhttp://www.comptechdoc.org/os/linux/howlinuxworks/linux_hlproc.htmlhttp://wenku.baidu.com/view/056b1ad780eb6294dd886c78.html
2. 内核机制相关
0x1: /proc/interrupts: The number of interrupts per IRQ
CPU0 0: 606 IO-APIC-edge timer 1: 13433 IO-APIC-edge i8042 3: 3 IO-APIC-edge 4: 53832 IO-APIC-edge 7: 0 IO-APIC-edge parport0 8: 1 IO-APIC-edge rtc0 9: 0 IO-APIC-fasteoi acpi 12: 25137 IO-APIC-edge i8042 14: 0 IO-APIC-edge ata_piix 15: 0 IO-APIC-edge ata_piix 16: 29335 IO-APIC-fasteoi Ensoniq AudioPCI 17: 125483 IO-APIC-fasteoi ehci_hcd:usb1, ioc0 18: 672 IO-APIC-fasteoi uhci_hcd:usb2 19: 542116 IO-APIC-fasteoi eth0 24: 0 PCI-MSI-edge pciehp 25: 0 PCI-MSI-edge pciehp 26: 0 PCI-MSI-edge pciehp 27: 0 PCI-MSI-edge pciehp 28: 0 PCI-MSI-edge pciehp 29: 0 PCI-MSI-edge pciehp 30: 0 PCI-MSI-edge pciehp 31: 0 PCI-MSI-edge pciehp 32: 0 PCI-MSI-edge pciehp 33: 0 PCI-MSI-edge pciehp 34: 0 PCI-MSI-edge pciehp 35: 0 PCI-MSI-edge pciehp 36: 0 PCI-MSI-edge pciehp 37: 0 PCI-MSI-edge pciehp 38: 0 PCI-MSI-edge pciehp 39: 0 PCI-MSI-edge pciehp 40: 0 PCI-MSI-edge pciehp 41: 0 PCI-MSI-edge pciehp 42: 0 PCI-MSI-edge pciehp 43: 0 PCI-MSI-edge pciehp 44: 0 PCI-MSI-edge pciehp 45: 0 PCI-MSI-edge pciehp 46: 0 PCI-MSI-edge pciehp 47: 0 PCI-MSI-edge pciehp 48: 0 PCI-MSI-edge pciehp 49: 0 PCI-MSI-edge pciehp 50: 0 PCI-MSI-edge pciehp 51: 0 PCI-MSI-edge pciehp 52: 0 PCI-MSI-edge pciehp 53: 0 PCI-MSI-edge pciehp 54: 0 PCI-MSI-edge pciehp 55: 0 PCI-MSI-edge pciehp 56: 815644 PCI-MSI-edge ahciNMI: 0 Non-maskable interruptsLOC: 4947286 Local timer interruptsSPU: 0 Spurious interruptsPMI: 0 Performance monitoring interruptsIWI: 0 IRQ work interruptsRES: 0 Rescheduling interruptsCAL: 0 Function call interruptsTLB: 0 TLB shootdownsTRM: 0 Thermal event interruptsTHR: 0 Threshold APIC interruptsMCE: 0 Machine check exceptionsMCP: 391 Machine check pollsERR: 0MIS: 0
0x2: /proc/ioports: A list of currently registered input-output port regions that are in use
列出当前系统所有的输入输出接口
0000-0cf7 : PCI Bus 0000:00 0000-001f : dma1 0020-0021 : pic1 0040-0043 : timer0 0050-0053 : timer1 0060-0060 : keyboard 0064-0064 : keyboard 0070-0071 : rtc0 0080-008f : dma page reg 00a0-00a1 : pic2 00c0-00df : dma2 00f0-00ff : fpu 0170-0177 : 0000:00:07.1 0170-0177 : ata_piix 01f0-01f7 : 0000:00:07.1 01f0-01f7 : ata_piix 02f8-02ff : serial 0376-0376 : 0000:00:07.1 0376-0376 : ata_piix 0378-037a : parport0 03c0-03df : vga+ 03f6-03f6 : 0000:00:07.1 03f6-03f6 : ata_piix 03f8-03ff : serial 0cf0-0cf1 : pnp 00:010cf8-0cff : PCI conf10d00-feff : PCI Bus 0000:00 1000-103f : 0000:00:07.3 1000-103f : pnp 00:01 1000-1003 : ACPI PM1a_EVT_BLK 1004-1005 : ACPI PM1a_CNT_BLK 1008-100b : ACPI PM_TMR 100c-100f : ACPI GPE0_BLK 1010-1015 : ACPI CPU throttle 1040-104f : 0000:00:07.3 1040-104f : pnp 00:01 1060-106f : 0000:00:07.1 1060-106f : ata_piix 1070-107f : 0000:00:0f.0 1080-10bf : 0000:00:07.7 1400-14ff : 0000:00:10.0 2000-3fff : PCI Bus 0000:02 2000-207f : 0000:02:01.0 2000-201f : pcnet32_probe_pci 2080-20bf : 0000:02:02.0 2080-20bf : Ensoniq AudioPCI 20c0-20df : 0000:02:00.0 20c0-20df : uhci_hcd 4000-4fff : PCI Bus 0000:03 5000-5fff : PCI Bus 0000:0b 6000-6fff : PCI Bus 0000:13 7000-7fff : PCI Bus 0000:1b 8000-8fff : PCI Bus 0000:04 9000-9fff : PCI Bus 0000:0c a000-afff : PCI Bus 0000:14 b000-bfff : PCI Bus 0000:1c c000-cfff : PCI Bus 0000:05 d000-dfff : PCI Bus 0000:0d e000-efff : PCI Bus 0000:15 fce0-fcff : pnp 00:0d
0x3: /proc/locks
cat /proc/locks 1: FLOCK ADVISORY WRITE 8089 08:03:694 0 EOF2: POSIX ADVISORY WRITE 8072 08:03:20385 0 EOF3: FLOCK ADVISORY WRITE 8057 08:03:2498 0 EOF4: POSIX ADVISORY WRITE 8040 08:03:2070 0 EOF5: FLOCK ADVISORY WRITE 8016 08:03:19948 0 EOF6: FLOCK ADVISORY WRITE 8016 08:03:335 0 EOF7: FLOCK ADVISORY WRITE 1344 08:03:123 0 EOF
0x4: /proc/modules: A list of kernel modules loaded by the system
tcp_diag 693 0 - Live 0xf7e3e000inet_diag 7334 1 tcp_diag, Live 0xf7e2c000lp 6830 0 - Live 0xf7ef4000rfcomm 61472 4 - Live 0xf8007000sco 14781 2 - Live 0xf7edb000bridge 67439 0 - Live 0xf7f5d000bnep 13428 2 - Live 0xf7ed0000l2cap 47378 16 rfcomm,bnep, Live 0xf7eac0008021q 20355 0 - Live 0xf7e6c000garp 5703 1 8021q, Live 0xf7e41000stp 1626 2 bridge,garp, Live 0xf7e38000llc 4258 3 bridge,garp,stp, Live 0xf7e30000ipt_REJECT 1867 2 - Live 0xf8c98000nf_conntrack_ipv4 7694 2 - Live 0xf8c8f000nf_defrag_ipv4 1039 1 nf_conntrack_ipv4, Live 0xf8c85000iptable_filter 2173 1 - Live 0xf8c7d000ip_tables 9567 1 iptable_filter, Live 0xf8c74000ip6t_REJECT 3987 2 - Live 0xf8c66000nf_conntrack_ipv6 6940 2 - Live 0xf8c5d000nf_defrag_ipv6 8839 1 nf_conntrack_ipv6, Live 0xf8c52000xt_state 1064 4 - Live 0xf8c48000nf_conntrack 65661 3 nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state, Live 0xf8c2b000ip6table_filter 2245 1 - Live 0xf8c0c000ip6_tables 10301 1 ip6table_filter, Live 0xf8c03000ipv6 261676 27 ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6, Live 0xf8bad000fuse 62472 4 - Live 0xf8b3b000uinput 6020 0 - Live 0xf8a16000microcode 12248 0 - Live 0xf8a04000ppdev 7297 0 - Live 0xf89f6000vmware_balloon 5811 0 - Live 0xf89ec000snd_ens1371 16851 4 - Live 0xf89de000snd_rawmidi 18061 1 snd_ens1371, Live 0xf89cb000snd_ac97_codec 95611 1 snd_ens1371, Live 0xf89a2000ac97_bus 968 1 snd_ac97_codec, Live 0xf897d000snd_seq 44677 0 - Live 0xf896a000snd_seq_device 5124 2 snd_rawmidi,snd_seq, Live 0xf8953000snd_pcm 68374 3 snd_ens1371,snd_ac97_codec, Live 0xf8935000snd_timer 17216 3 snd_seq,snd_pcm, Live 0xf8913000snd 52350 13 snd_ens1371,snd_rawmidi,snd_ac97_codec,snd_seq,snd_seq_device,snd_pcm,snd_timer, Live 0xf88f5000soundcore 6390 1 snd, Live 0xf88da000snd_page_alloc 7236 1 snd_pcm, Live 0xf88cf000pcnet32 29234 0 - Live 0xf88be000mii 4476 1 pcnet32, Live 0xf88ac000parport_pc 19086 1 - Live 0xf889f000parport 29925 3 lp,ppdev,parport_pc, Live 0xf8887000btusb 14139 2 - Live 0xf8872000bluetooth 83558 9 rfcomm,sco,bnep,l2cap,btusb, Live 0xf884c000rfkill 14794 3 bluetooth, Live 0xf8823000sg 24038 0 - Live 0xf8810000i2c_piix4 11156 0 - Live 0xf87fe000i2c_core 25632 1 i2c_piix4, Live 0xf87eb000ext4 335766 2 - Live 0xf807c000jbd2 76054 1 ext4, Live 0xf7ff3000mbcache 6017 1 ext4, Live 0xf7fd1000sr_mod 13282 0 - Live 0xf7fc5000cdrom 33416 1 sr_mod, Live 0xf7fb1000sd_mod 34952 4 - Live 0xf7f97000crc_t10dif 1217 1 sd_mod, Live 0xf7f84000ahci 35561 0 - Live 0xf7f72000pata_acpi 2513 0 - Live 0xf7f5b000ata_generic 2805 0 - Live 0xf7f54000ata_piix 20861 0 - Live 0xf7f2c000mptspi 14567 3 - Live 0xf7ef7000mptscsih 31362 1 mptspi, Live 0xf7ee2000mptbase 86744 2 mptspi,mptscsih, Live 0xf7eb9000scsi_transport_spi 20014 1 mptspi, Live 0xf7e93000dm_mirror 11969 0 - Live 0xf7e83000dm_region_hash 9644 1 dm_mirror, Live 0xf7e74000dm_log 8322 2 dm_mirror,dm_region_hash, Live 0xf7e68000dm_mod 70099 2 dm_mirror,dm_log, Live 0xf7e48000
lsmod指令就是通过这个虚拟设备(整个/proc就是一个沟通user mode和kernel mode的虚拟设备)获取到的
0x5: /proc/net: Various network pseudo files. The netstat command suite provides cleaner access to these filesnet指令就是通过读者/proc/net目录下的文件得到的网络连接信息的
1. arp: The kernel address resolution protocol table2. dev: Network device status information3. ipx4. ipx_route5. rarp: used to provide rarp services6. raw: A dump of the RAW socket table7. route: Looks like route8. snmp: Holds the ASCII databases used for the IP, ICMP, TCP, and UDP management information bases for an snmp agent.9. tcp: A dump of the TCP socket table.10. udp: A dump of the UDP socket table11. unix: Lists UNIX domain sockets and their status12. packet 显示了当前正在处理网络数据包的进程http://blog.cloudpassage.com/2012/09/05/warn-packet-sniffer-running/http://www.onlamp.com/pub/a/linux/2000/11/16/LinuxAdmin.html
这个目录下还有很多文件,但是作用不大,就没有列出来,有兴趣的朋友可以使用: ll /proc/net/进行查看
0x6: /proc/slabinfo
slabinfo - version: 2.1# name: tunables : slabdata bridge_fdb_cache 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0nf_conntrack_expect 0 0 168 23 1 : tunables 120 60 0 : slabdata 0 0 0nf_conntrack_c0acb540 1 16 240 16 1 : tunables 120 60 0 : slabdata 1 1 0fib6_nodes 22 113 32 113 1 : tunables 120 60 0 : slabdata 1 1 0ip6_dst_cache 13 30 256 15 1 : tunables 120 60 0 : slabdata 2 2 0ndisc_cache 1 20 192 20 1 : tunables 120 60 0 : slabdata 1 1 0ip6_mrt_cache 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0RAWv6 4 5 768 5 1 : tunables 54 27 0 : slabdata 1 1 0UDPLITEv6 0 0 704 11 2 : tunables 54 27 0 : slabdata 0 0 0UDPv6 0 0 704 11 2 : tunables 54 27 0 : slabdata 0 0 0tw_sock_TCPv6 0 0 256 15 1 : tunables 120 60 0 : slabdata 0 0 0request_sock_TCPv6 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0TCPv6 3 5 1408 5 2 : tunables 24 12 0 : slabdata 1 1 0fuse_request 4 13 296 13 1 : tunables 54 27 0 : slabdata 1 1 0fuse_inode 3 9 448 9 1 : tunables 54 27 0 : slabdata 1 1 0jbd2_1k 0 0 1024 4 1 : tunables 54 27 0 : slabdata 0 0 0avtab_node 551052 551145 16 203 1 : tunables 120 60 0 : slabdata 2715 2715 0ext4_inode_cache 77697 78576 644 6 1 : tunables 54 27 0 : slabdata 13096 13096 0ext4_xattr 11 78 48 78 1 : tunables 120 60 0 : slabdata 1 1 0ext4_free_block_extents 0 0 36 101 1 : tunables 120 60 0 : slabdata 0 0 0ext4_alloc_context 0 0 108 36 1 : tunables 120 60 0 : slabdata 0 0 0ext4_prealloc_space 3 56 68 56 1 : tunables 120 60 0 : slabdata 1 1 0ext4_system_zone 0 0 24 145 1 : tunables 120 60 0 : slabdata 0 0 0jbd2_journal_handle 0 0 20 169 1 : tunables 120 60 0 : slabdata 0 0 0jbd2_journal_head 8 315 60 63 1 : tunables 120 60 0 : slabdata 5 5 0jbd2_revoke_table 4 254 12 254 1 : tunables 120 60 0 : slabdata 1 1 0jbd2_revoke_record 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0sd_ext_cdb 2 113 32 113 1 : tunables 120 60 0 : slabdata 1 1 0scsi_sense_cache 90 90 128 30 1 : tunables 120 60 0 : slabdata 3 3 0scsi_cmd_cache 80 80 192 20 1 : tunables 120 60 0 : slabdata 4 4 0dm_raid1_read_record 0 0 1052 7 2 : tunables 24 12 0 : slabdata 0 0 0kcopyd_job 0 0 2340 3 2 : tunables 24 12 0 : slabdata 0 0 0io 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0dm_uevent 0 0 2460 3 2 : tunables 24 12 0 : slabdata 0 0 0dm_rq_clone_bio_info 0 0 8 339 1 : tunables 120 60 0 : slabdata 0 0 0dm_rq_target_io 0 0 248 16 1 : tunables 120 60 0 : slabdata 0 0 0dm_target_io 0 0 16 203 1 : tunables 120 60 0 : slabdata 0 0 0dm_io 0 0 24 145 1 : tunables 120 60 0 : slabdata 0 0 0flow_cache 0 0 84 46 1 : tunables 120 60 0 : slabdata 0 0 0uhci_urb_priv 5 127 28 127 1 : tunables 120 60 0 : slabdata 1 1 0cfq_io_context 75 112 68 56 1 : tunables 120 60 0 : slabdata 2 2 0cfq_queue 75 78 152 26 1 : tunables 120 60 0 : slabdata 3 3 0bsg_cmd 0 0 284 14 1 : tunables 54 27 0 : slabdata 0 0 0mqueue_inode_cache 1 7 576 7 1 : tunables 54 27 0 : slabdata 1 1 0isofs_inode_cache 0 0 380 10 1 : tunables 54 27 0 : slabdata 0 0 0hugetlbfs_inode_cache 1 11 352 11 1 : tunables 54 27 0 : slabdata 1 1 0dquot 0 0 192 20 1 : tunables 120 60 0 : slabdata 0 0 0kioctx 0 0 256 15 1 : tunables 120 60 0 : slabdata 0 0 0kiocb 0 0 192 20 1 : tunables 120 60 0 : slabdata 0 0 0inotify_event_private_data 2 203 16 203 1 : tunables 120 60 0 : slabdata 1 1 0inotify_inode_mark_entry 234 252 60 63 1 : tunables 120 60 0 : slabdata 4 4 0dnotify_mark_entry 0 0 60 63 1 : tunables 120 60 0 : slabdata 0 0 0dnotify_struct 0 0 20 169 1 : tunables 120 60 0 : slabdata 0 0 0dio 0 0 320 12 1 : tunables 54 27 0 : slabdata 0 0 0fasync_cache 5 203 16 203 1 : tunables 120 60 0 : slabdata 1 1 0ksm_mm_slot 0 0 24 145 1 : tunables 120 60 0 : slabdata 0 0 0ksm_stable_node 0 0 20 169 1 : tunables 120 60 0 : slabdata 0 0 0ksm_rmap_item 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0utrace_engine 0 0 28 127 1 : tunables 120 60 0 : slabdata 0 0 0utrace 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0pid_namespace 0 0 76 50 1 : tunables 120 60 0 : slabdata 0 0 0posix_timers_cache 0 0 120 32 1 : tunables 120 60 0 : slabdata 0 0 0uid_cache 5 59 64 59 1 : tunables 120 60 0 : slabdata 1 1 0UNIX 592 609 512 7 1 : tunables 54 27 0 : slabdata 87 87 0ip_mrt_cache 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0UDP-Lite 0 0 640 6 1 : tunables 54 27 0 : slabdata 0 0 0tcp_bind_bucket 4 113 32 113 1 : tunables 120 60 0 : slabdata 1 1 0inet_peer_cache 2 59 64 59 1 : tunables 120 60 0 : slabdata 1 1 0secpath_cache 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0xfrm_dst_cache 0 0 320 12 1 : tunables 54 27 0 : slabdata 0 0 0ip_fib_alias 0 0 16 203 1 : tunables 120 60 0 : slabdata 0 0 0ip_fib_hash 10 101 36 101 1 : tunables 120 60 0 : slabdata 1 1 0ip_dst_cache 21 30 256 15 1 : tunables 120 60 0 : slabdata 2 2 0arp_cache 4 20 192 20 1 : tunables 120 60 0 : slabdata 1 1 0PING 0 0 576 7 1 : tunables 54 27 0 : slabdata 0 0 0RAW 2 7 576 7 1 : tunables 54 27 0 : slabdata 1 1 0UDP 2 6 640 6 1 : tunables 54 27 0 : slabdata 1 1 0tw_sock_TCP 0 0 192 20 1 : tunables 120 60 0 : slabdata 0 0 0request_sock_TCP 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0TCP 5 6 1280 3 1 : tunables 24 12 0 : slabdata 2 2 0eventpoll_pwq 59 101 36 101 1 : tunables 120 60 0 : slabdata 1 1 0eventpoll_epi 59 90 128 30 1 : tunables 120 60 0 : slabdata 3 3 0sgpool-128 2 2 3072 2 2 : tunables 24 12 0 : slabdata 1 1 0sgpool-64 2 5 1536 5 2 : tunables 24 12 0 : slabdata 1 1 0sgpool-32 2 5 768 5 1 : tunables 54 27 0 : slabdata 1 1 0sgpool-16 2 10 384 10 1 : tunables 54 27 0 : slabdata 1 1 0sgpool-8 4 20 192 20 1 : tunables 120 60 0 : slabdata 1 1 0scsi_data_buffer 0 0 20 169 1 : tunables 120 60 0 : slabdata 0 0 0blkdev_integrity 0 0 64 59 1 : tunables 120 60 0 : slabdata 0 0 0blkdev_queue 27 28 1744 4 2 : tunables 24 12 0 : slabdata 7 7 0blkdev_requests 68 68 224 17 1 : tunables 120 60 0 : slabdata 4 4 0blkdev_ioc 72 144 52 72 1 : tunables 120 60 0 : slabdata 2 2 0fsnotify_event_holder 0 0 12 254 1 : tunables 120 60 0 : slabdata 0 0 0fsnotify_event 2 63 60 63 1 : tunables 120 60 0 : slabdata 1 1 0bio-0 4 30 128 30 1 : tunables 120 60 0 : slabdata 1 1 0biovec-256 2 2 3072 2 2 : tunables 24 12 0 : slabdata 1 1 0biovec-128 0 0 1536 5 2 : tunables 24 12 0 : slabdata 0 0 0biovec-64 0 0 768 5 1 : tunables 54 27 0 : slabdata 0 0 0biovec-16 0 0 192 20 1 : tunables 120 60 0 : slabdata 0 0 0bip-256 2 2 3136 2 2 : tunables 24 12 0 : slabdata 1 1 0bip-128 0 0 1600 5 2 : tunables 24 12 0 : slabdata 0 0 0bip-64 0 0 832 9 2 : tunables 54 27 0 : slabdata 0 0 0bip-16 0 0 256 15 1 : tunables 120 60 0 : slabdata 0 0 0bip-4 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0bip-1 0 0 64 59 1 : tunables 120 60 0 : slabdata 0 0 0sock_inode_cache 679 684 448 9 1 : tunables 54 27 0 : slabdata 76 76 0skbuff_fclone_cache 0 0 384 10 1 : tunables 54 27 0 : slabdata 0 0 0skbuff_head_cache 111 120 192 20 1 : tunables 120 60 0 : slabdata 6 6 0file_lock_cache 7 39 100 39 1 : tunables 120 60 0 : slabdata 1 1 0net_namespace 0 0 1376 5 2 : tunables 24 12 0 : slabdata 0 0 0shmem_inode_cache 726 729 448 9 1 : tunables 54 27 0 : slabdata 81 81 0Acpi-Operand 4288 4416 40 92 1 : tunables 120 60 0 : slabdata 48 48 0Acpi-ParseExt 0 0 48 78 1 : tunables 120 60 0 : slabdata 0 0 0Acpi-Parse 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0Acpi-State 0 0 44 84 1 : tunables 120 60 0 : slabdata 0 0 0Acpi-Namespace 3218 3335 24 145 1 : tunables 120 60 0 : slabdata 23 23 0task_delay_info 279 300 76 50 1 : tunables 120 60 0 : slabdata 6 6 0taskstats 7 12 328 12 1 : tunables 54 27 0 : slabdata 1 1 0proc_inode_cache 4663 4790 384 10 1 : tunables 54 27 0 : slabdata 479 479 0sigqueue 8 27 144 27 1 : tunables 120 60 0 : slabdata 1 1 0bdev_cache 31 35 512 7 1 : tunables 54 27 0 : slabdata 5 5 0sysfs_dir_cache 12048 12050 76 50 1 : tunables 120 60 0 : slabdata 241 241 0mnt_cache 29 40 192 20 1 : tunables 120 60 0 : slabdata 2 2 0filp 4890 5010 128 30 1 : tunables 120 60 0 : slabdata 167 167 0inode_cache 10624 10626 352 11 1 : tunables 54 27 0 : slabdata 966 966 0dentry 103609 105386 132 29 1 : tunables 120 60 0 : slabdata 3634 3634 0names_cache 6 6 4096 1 1 : tunables 24 12 0 : slabdata 6 6 0avc_node 512 624 48 78 1 : tunables 120 60 0 : slabdata 8 8 0selinux_inode_security 94408 96012 44 84 1 : tunables 120 60 0 : slabdata 1143 1143 0radix_tree_node 22287 22347 296 13 1 : tunables 54 27 0 : slabdata 1719 1719 0key_jar 3 30 128 30 1 : tunables 120 60 0 : slabdata 1 1 0buffer_head 27980 30485 56 67 1 : tunables 120 60 0 : slabdata 455 455 0nsproxy 0 0 24 145 1 : tunables 120 60 0 : slabdata 0 0 0vm_area_struct 9472 10218 100 39 1 : tunables 120 60 0 : slabdata 262 262 0mm_struct 99 99 448 9 1 : tunables 54 27 0 : slabdata 11 11 0fs_cache 104 113 32 113 1 : tunables 120 60 0 : slabdata 1 1 0files_cache 105 105 256 15 1 : tunables 120 60 0 : slabdata 7 7 0signal_cache 180 180 640 6 1 : tunables 54 27 0 : slabdata 30 30 0sighand_cache 177 177 1344 3 1 : tunables 24 12 0 : slabdata 59 59 0task_xstate 279 279 832 9 2 : tunables 54 27 0 : slabdata 31 31 0task_struct 274 276 1360 3 1 : tunables 24 12 0 : slabdata 92 92 0cred_jar 423 510 128 30 1 : tunables 120 60 0 : slabdata 17 17 0anon_vma_chain 6501 7540 24 145 1 : tunables 120 60 0 : slabdata 52 52 0anon_vma 5053 5577 20 169 1 : tunables 120 60 0 : slabdata 33 33 0pid 295 295 64 59 1 : tunables 120 60 0 : slabdata 5 5 0idr_layer_cache 626 650 148 26 1 : tunables 120 60 0 : slabdata 25 25 0size-4194304(DMA) 0 0 4194304 1 1024 : tunables 1 1 0 : slabdata 0 0 0size-4194304 0 0 4194304 1 1024 : tunables 1 1 0 : slabdata 0 0 0size-2097152(DMA) 0 0 2097152 1 512 : tunables 1 1 0 : slabdata 0 0 0size-2097152 0 0 2097152 1 512 : tunables 1 1 0 : slabdata 0 0 0size-1048576(DMA) 0 0 1048576 1 256 : tunables 1 1 0 : slabdata 0 0 0size-1048576 0 0 1048576 1 256 : tunables 1 1 0 : slabdata 0 0 0size-524288(DMA) 0 0 524288 1 128 : tunables 1 1 0 : slabdata 0 0 0size-524288 0 0 524288 1 128 : tunables 1 1 0 : slabdata 0 0 0size-262144(DMA) 0 0 262144 1 64 : tunables 1 1 0 : slabdata 0 0 0size-262144 0 0 262144 1 64 : tunables 1 1 0 : slabdata 0 0 0size-131072(DMA) 0 0 131072 1 32 : tunables 8 4 0 : slabdata 0 0 0size-131072 0 0 131072 1 32 : tunables 8 4 0 : slabdata 0 0 0size-65536(DMA) 0 0 65536 1 16 : tunables 8 4 0 : slabdata 0 0 0size-65536 2 2 65536 1 16 : tunables 8 4 0 : slabdata 2 2 0size-32768(DMA) 0 0 32768 1 8 : tunables 8 4 0 : slabdata 0 0 0size-32768 0 0 32768 1 8 : tunables 8 4 0 : slabdata 0 0 0size-16384(DMA) 0 0 16384 1 4 : tunables 8 4 0 : slabdata 0 0 0size-16384 37 37 16384 1 4 : tunables 8 4 0 : slabdata 37 37 0size-8192(DMA) 0 0 8192 1 2 : tunables 8 4 0 : slabdata 0 0 0size-8192 9 9 8192 1 2 : tunables 8 4 0 : slabdata 9 9 0size-4096(DMA) 0 0 4096 1 1 : tunables 24 12 0 : slabdata 0 0 0size-4096 59 59 4096 1 1 : tunables 24 12 0 : slabdata 59 59 0size-2048(DMA) 0 0 2048 2 1 : tunables 24 12 0 : slabdata 0 0 0size-2048 150 150 2048 2 1 : tunables 24 12 0 : slabdata 75 75 0size-1024(DMA) 0 0 1024 4 1 : tunables 54 27 0 : slabdata 0 0 0size-1024 516 516 1024 4 1 : tunables 54 27 0 : slabdata 129 129 0size-512(DMA) 0 0 512 8 1 : tunables 54 27 0 : slabdata 0 0 0size-512 842 856 512 8 1 : tunables 54 27 0 : slabdata 107 107 0size-256(DMA) 0 0 256 15 1 : tunables 120 60 0 : slabdata 0 0 0size-256 144 150 256 15 1 : tunables 120 60 0 : slabdata 10 10 0size-192(DMA) 0 0 192 20 1 : tunables 120 60 0 : slabdata 0 0 0size-192 960 960 192 20 1 : tunables 120 60 0 : slabdata 48 48 0size-128(DMA) 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0size-128 776 780 128 30 1 : tunables 120 60 0 : slabdata 26 26 0size-96(DMA) 0 0 128 30 1 : tunables 120 60 0 : slabdata 0 0 0size-96 1470 1470 128 30 1 : tunables 120 60 0 : slabdata 49 49 0size-64(DMA) 0 0 64 59 1 : tunables 120 60 0 : slabdata 0 0 0size-32(DMA) 0 0 32 113 1 : tunables 120 60 0 : slabdata 0 0 0size-64 5007 5133 64 59 1 : tunables 120 60 0 : slabdata 87 87 0size-32 368885 369058 32 113 1 : tunables 120 60 0 : slabdata 3266 3266 0kmem_cache 186 195 256 15 1 : tunables 120 60 0 : slabdata 13 13 0
0x7: /proc/sys: Directory corresponding to kernel variables
1. debug2. dev3. fs4. kernel 4.1 domainname 4.2 file-max 4.3 file-nr 4.4 hostname 4.5 inode-max 4.6 inode-nr 4.7 osrelease 4.8 ostype 4.9 panic 4.10 real-root-dev 4.11 securelevel 4.12 version5. net6. proc7. sunrpc8. vm
0x8: /proc/kallsyms
在v2.6.0的内核中,为了更好地调试内核,引入新的功能kallsyms(前提是编译内核的时候开启了: static int all_symbols = 1;)kallsyms把内核用到的所有函数地址和名称连接进内核文件,当内核启动后,同时加载到内存中
1. 当发生oops,例如在内核中访问空地址时,内核就会解析eip位于哪个函数中,并打印出形如:EIP is at cleanup_module+0xb/0x1d [client]的信息,2. 调用栈也用可读的方式显示出来.Call Trace:[] sys_delete_module+0x191/0x1ce[ ] do_page_fault+0x189/0x51d[ ] syscall_call+0x7/0xb3. 还可以查找某个函数例如的sys_fork的地址,然后hook它,kprobe就是这么干的
在v2.6.20 中,还可以包含所有符号的地址,应此功能更强大,就相当于内核中有了System.map了,这时候就可以很方便的查找sys_call_table的地址了
echo 0 > /proc/sys/kernel/kptr_restrict sysctlcat /proc/kallsyms //输出全部内核导出的、未导出的符号表
Relevant Link:
http://blog.sina.com.cn/s/blog_86b97e1601010z3b.htmlhttp://blog.chinaunix.net/uid-27717694-id-3985448.html
3. 进程信息
0x1: 以进程PID为目录名的目录
当前linux运行中的每一个进程在/proc下一定都可以找到一个对应的以它的进程号作为目录名的子目录,这个目录描述这个进程的相关信息。
每个进程对应的目录都包含了如下的子目录1. cmdline: The command line the process was invoked with启动当前进程的命令行,即用户使用什么指令来启动这个进程,例如: /usr/bin/shell arg1 arg2,则这个shell进程的cmdline就是"/usr/bin/shell arg1 arg2"2. cwd: A link to the current working directory of the process指向当前进程的"工作目录"的符号链接3. environ: The process environment当前进程的环境变量4. exe: A pointer appearing as a symbolic link to the binary that was executed这个进程对应于磁盘上的程序文件名称,包括完整路径,例如"/usr/bin/shell"5. fd: A subdirectory with one entry per file that the process has open 1) 0-std input 2) 1-std output 3) 2-std err6. maps: Contains the currently mapped memory regions and their access permissions. The format is:address perms offset dev idnode filename08048000-0804e000 r-xp 00000400 0302 192233 /sbin/init0804e000-0804f000 rw-p 00005000 0302 192233 /sbin/init 7. mem: The memory of the process that accesses the /dev/mem device8. root: Points to the root filesystem指向根目录"/"的符号链接9. stat: Status information about the process used by the ps command 1) pid: Process id(进程pdi) 2) comm: The executable filename(可执行文件名) 3) state: 3.1) R(running) 3.2) S(sleeping interruptable) 3.3) D(sleeping) 3.4) Z(zombie) 3.5) T(stopped on a signal) 4) ppid: Parent process ID(父进程pid) 5) pgrp: Process group ID(进程所属组) 6) session: The process session ID(进程session会话id) 7) tty: The tty the process is using(进程所使用的tty) 8) tpgid: The process group ID of the owning process of the tty the current process is connected to. 9) flags: Process flags 10) minflt: Minor faults the process has made 11) cminflt: Minor faults the process and its children have made. 12) majflt 13) cmajflt 14) utime: The number of jiffies (processor time) that this process has been scheduled in user mode 当前进程在"用户态"所消耗的CPU调度时间 15) stime: in kernel mode 当前进程在"内核态"所消耗的CPU调度时间 16) cutime: This process and its children in user mode 当前进程以及子进程在"用户态"所消耗的CPU时间 17) cstime: in kernel mode 当前进程以及子进程在"内核态"所消耗的CPU时间 18) counter: The maximum time of this processes next time slice 这个字段和CPU调度相关,counter表明它的所剩的时间片,即动态优先级(时间片越少自然优先级就越低了) 19) priority: The priority of the nice(process priority) value plus fifteen 20) timeout: The time in jiffies of the process's next timeout. 21) itrealvalue: The time in jiffies before the next SIGALRM is sent to the process because of an internal timer. 22) starttime: Time the process started after system boot 当前进程已运行时间 23) vsize: Virtual memory size 当前进程所占用的虚拟内存 24) rlim: Current limit in bytes of the rss of the process. 25) startcode: The address above which program text can run. 26) endcode: The address below which program text can run. 27) startstack: The address of the start of the stack 28) kstkesp: The current value of esp for the process as found in the kernel stack page. 29) kstkeip: The current 32 bit instruction pointer, EIP. 30) signal: The bitmap of pending signals 31) blocked: The bitmap of blocked signals 32) sigignore: The bitmap of ignored signals 33) sigcatch: The bitmap of catched signals 34) wchan: The channel in which the process is waiting. The "ps -l" command gives somewhat of a list.
0x2: /proc/[pid]/maps
这个文件用于查看进程的虚拟地址空间是如何使用的,文件有6列,分别为:
1. 地址:库在进程里地址范围2. 权限:虚拟内存的权限 1) r = 读 2) w = 写 3) x = 执行 4) s = 共享 5) p = 私有3. 偏移量:库在进程里地址范围4. 设备:映像文件的主设备号和次设备号 5. 节点:映像文件的节点号6. 路径: 映像文件的路径
每项都与一个"struct vm_area_struct"结构成员对应
http://www.cnblogs.com/LittleHann/p/3865490.html搜索:0x2: vm_area_struct
Relevant Link:
http://blog.sina.com.cn/s/blog_49f07e46010148m0.html
0x3: /proc/[pid]/mem
Linux下使用ptrace调用可以监视和控制其他进程,并能够改变进程的寄存器值和内核映像。ptrace提供了PTRACE_PEEKDATA来实现进程内存读取,这是原语级的操作,在x86_64下一次仅读取8字节。因此在读取量较大时,需要反复调用ptrace。/proc/<PID>/mem接口提供了read调用,只需一次就可以读取任意大小内存
Relevant Link:
http://my.oschina.net/u/180497/blog/141673http://yuangeqingtian.blog.51cto.com/6994701/1214789
4. 硬件设备相关
0x1: /proc/bus
1. pci: A directory 1.1 00: A directory containing filenames like 00.0, 07.0, 07.1, 07.2, 08.0, 09.0, and 0b.0. Each are 256 bytes long and appear to be in binary form 1.2 02: A directory 1.3 devices I think this file numerically identifies devices on the pci bus. My file contains: 枚举列出了当前系统挂接的总线设备 2. input: A directory 输入设备 3. pccard: A directory pccard设备 4. usb: A directory usb设备
0x2: /proc/cpuinfo: CPU architecture information
processor : 0vendor_id : GenuineIntelcpu family : 6model : 69model name : Intel(R) Core(TM) i5-4200U CPU @ 1.60GHzstepping : 1cpu MHz : 2294.740cache size : 3072 KBfdiv_bug : nohlt_bug : nof00f_bug : nocoma_bug : nofpu : yesfpu_exception : yescpuid level : 13wp : yesflags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss nx pdpe1gb rdtscp constant_tsc up arch_perfmon pebs bts xtopology tsc_reliable nonstop_tsc aperfmperf unfair_spinlock pni pclmulqdq ssse3 fma pcid sse4_1 sse4_2 x2apic movbe popcnt xsave avx f16c rdrand hypervisor ida arat epb xsaveopt pln pts dts fsgsbase smepbogomips : 4589.48clflush size : 64cache_alignment : 64address sizes : 40 bits physical, 48 bits virtualpower management:
0x3: /proc/devices: Text listing of major numbers and device groups
列出当前系统挂载(mount)的设备
Character devices: 1 mem 4 /dev/vc/0 4 tty 4 ttyS 5 /dev/tty 5 /dev/console 5 /dev/ptmx 6 lp 7 vcs 10 misc 13 input 14 sound 21 sg 29 fb 99 ppdev116 alsa128 ptm136 pts162 raw180 usb189 usb_device202 cpu/msr203 cpu/cpuid216 rfcomm249 hidraw250 usbmon251 bsg252 pcmcia253 watchdog254 rtcBlock devices: 1 ramdisk259 blkext 7 loop 8 sd 9 md 11 sr 65 sd 66 sd 67 sd 68 sd 69 sd 70 sd 71 sd128 sd129 sd130 sd131 sd132 sd133 sd134 sd135 sd253 device-mapper254 mdp
0x4: /proc/dma: A list of ISA direct memory access channels in use
4: cascade
0x5: /proc/fs
1. ext42. jbd23. nfsd
0x6: /proc/mounts: Shows mounted filesystems. Shows device, mount point, filesystem type, permissions, and two flags
rootfs / rootfs rw 0 0proc /proc proc rw,relatime 0 0sysfs /sys sysfs rw,seclabel,relatime 0 0devtmpfs /dev devtmpfs rw,seclabel,relatime,size=960940k,nr_inodes=183013,mode=755 0 0devpts /dev/pts devpts rw,seclabel,relatime,gid=5,mode=620,ptmxmode=000 0 0tmpfs /dev/shm tmpfs rw,seclabel,relatime 0 0/dev/sda3 / ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0none /selinux selinuxfs rw,relatime 0 0devtmpfs /dev devtmpfs rw,seclabel,relatime,size=960940k,nr_inodes=183013,mode=755 0 0/proc/bus/usb /proc/bus/usb usbfs rw,relatime 0 0/dev/sda1 /boot ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0vmware-vmblock /var/run/vmblock-fuse fuse.vmware-vmblock rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other 0 0gvfs-fuse-daemon /root/.gvfs fuse.gvfs-fuse-daemon rw,nosuid,nodev,relatime,user_id=0,group_id=0 0 0
0x7: /proc/mtrr
reg00: base=0x000000000 ( 0MB), size= 2048MB, count=1: write-back
0x8: /proc/scsi: A directory with scsi files and driver directories
1. scsi: A list of all scsi devices known to the kernel2. device_info - Various scsi driver brand namesdr-xr-xr-x 3 root root 0 Jun 4 17:03 ./dr-xr-xr-x 117 root root 0 May 21 21:10 ../-r--r--r-- 1 root root 0 Jun 4 17:03 device_info-r--r--r-- 1 root root 0 Jun 4 17:03 scsidr-xr-xr-x 2 root root 0 Jun 4 17:03 sg/
0x9: /proc/ioports
root@iZ231vybmaeZ:/usr/local/aegis/aegis_client/aegis_00_73# cat /proc/ioports 0000-0cf7 : PCI Bus 0000:00 0000-001f : dma1 0020-0021 : pic1 0040-0043 : timer0 0050-0053 : timer1 0060-0060 : keyboard 0064-0064 : keyboard 0070-0071 : rtc0 0080-008f : dma page reg 00a0-00a1 : pic2 00c0-00df : dma2 00f0-00ff : fpu 0170-0177 : 0000:00:01.1 0170-0177 : ata_piix 01f0-01f7 : 0000:00:01.1 01f0-01f7 : ata_piix 0376-0376 : 0000:00:01.1 0376-0376 : ata_piix 03c0-03df : vga+ 03f2-03f2 : floppy 03f4-03f5 : floppy 03f6-03f6 : 0000:00:01.1 03f6-03f6 : ata_piix 03f7-03f7 : floppy 04d0-04d1 : pnp 00:02 08a0-08a3 : pnp 00:02 0cc0-0ccf : pnp 00:020cf8-0cff : PCI conf10d00-ffff : PCI Bus 0000:00 10c0-1141 : pnp 00:01 1f40-1f7f : 0000:00:01.3 1f40-1f43 : ACPI PM1a_EVT_BLK 1f44-1f45 : ACPI PM1a_CNT_BLK 1f48-1f4b : ACPI PM_TMR 1f68-1f6f : ACPI GPE0_BLK b010-b015 : ACPI CPU throttle b044-b047 : pnp 00:01 c000-c0ff : 0000:00:03.0 c000-c0ff : xen-platform-pci c100-c11f : 0000:00:01.2 c100-c11f : uhci_hcd c120-c12f : 0000:00:01.1 c120-c12f : ata_piix
5. 系统信息
0x1: /proc/cmdline: 系统命令行
cmdline: The command line at system startup. My file contains:
"ro root=UUID=c03bcf41-af81-41b2-b476-e986f278bbb2 rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=129M@0M KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet"
0x2: /proc/filesystems: A text listing of the filesystems compiled into the kernel
显示当前系统已经安装支持的文件系统驱动(即支持哪些文件系统)
nodev sysfsnodev rootfsnodev bdevnodev procnodev cgroupnodev cpusetnodev tmpfsnodev devtmpfsnodev binfmt_miscnodev debugfsnodev securityfsnodev sockfsnodev usbfsnodev pipefsnodev anon_inodefsnodev inotifyfsnodev devptsnodev ramfsnodev hugetlbfs iso9660nodev pstorenodev mqueuenodev selinuxfs ext4nodev fuse fuseblknodev fusectl
0x3: /proc/kcore: Represents the physical memory of the system stored in the core format
/proc/kcore: ELF 32-bit LSB core file Intel 80386, version 1 (SYSV), SVR4-style, from 'ro root=UUID=c03bcf41-af81-41b2-b476-e986f278bbb2 rd_NO_LUKS rd_NO_LVM LANG=en_U'
0x4: /proc/kmsg: This file can be used to log system messages
输入指令
cat /proc/kmsg
命令行会进入消息循环阻塞状态,不断打印出当前系统的的message,我们可以利用这个特性进行内核开发的调试
0x5: /proc/loadavg: Load average numbers
显示当前系统负载情况
0.00 0.00 0.00 1/275 24279
0x6: /proc/meminfo: report memory usage
MemTotal: 1938768 kBMemFree: 593004 kBBuffers: 78100 kBCached: 750600 kBSwapCached: 0 kBActive: 589528 kBInactive: 373588 kBActive(anon): 48524 kBInactive(anon): 90908 kBActive(file): 541004 kBInactive(file): 282680 kBUnevictable: 0 kBMlocked: 0 kBHighTotal: 1189832 kBHighFree: 584536 kBLowTotal: 748936 kBLowFree: 8468 kBSwapTotal: 4161528 kBSwapFree: 4161528 kBDirty: 24 kBWriteback: 0 kBAnonPages: 134436 kBMapped: 70708 kBShmem: 5016 kBSlab: 353944 kBSReclaimable: 31848 kBSUnreclaim: 322096 kBKernelStack: 2184 kBPageTables: 7208 kBNFS_Unstable: 0 kBBounce: 0 kBWritebackTmp: 0 kBCommitLimit: 5130912 kBCommitted_AS: 650372 kBVmallocTotal: 122880 kBVmallocUsed: 5908 kBVmallocChunk: 103832 kBHugePages_Total: 0HugePages_Free: 0HugePages_Rsvd: 0HugePages_Surp: 0Hugepagesize: 2048 kBDirectMap4k: 12280 kBDirectMap2M: 894976 kB
0x7: /proc/misc
229 fuse223 uinput184 microcode 57 rfkill 58 device-mapper 59 network_throughput 60 network_latency 61 cpu_dma_latency 62 crash175 agpgart144 nvram228 hpet231 snapshot227 mcelog 63 vga_arbiter
0x8: /proc/partitions: Lists the partitions and their device major and minor numbers
major minor #blocks name 8 0 10485760 sda 8 1 307200 sda1 8 2 4161536 sda2 8 3 6016000 sda3
0x9: /proc/stat: kernel statistics subdirectory
显示和系统当前运行状态有关的信息
1. cpu: Jiffies spent in user mode, user mode with low priority, system mode, and idle.2. disk: Four disk entries not yet implemented3. page: The number of pages the system paged in and out.4. swap: Swap pages that have been brought in and out.5. intr: The number of interrupts received form the system boot6. ctxt: The number of context switches that the system underwent.7. btime: Boot time in seconds since Jan 1, 1970.
cat /proc/stat
cpu 3355 2034 14361 34172 957 143 75 0 0cpu0 3355 2034 14361 34172 957 143 75 0 0intr 313510 209 383 0 3 268 0 0 0 1 0 0 0 3578 0 0 0 2034 79701 478 294 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 3014 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0ctxt 364763btime 1406815679processes 3447procs_running 1procs_blocked 0softirq 520879 0 205379 252 298 79676 0 592 0 100 234582
0x10: /proc/swaps: A file defining swap partitions
显示当前系统内存交换文件
Filename Type Size Used Priority/dev/sda2 partition 4161528 0 -1
0x11: /proc/tty
1. driver: A directory 1. serial 2. drivers: A file listing device drivers/dev/tty /dev/tty 5 0 system:/dev/tty/dev/console /dev/console 5 1 system:console/dev/ptmx /dev/ptmx 5 2 system/dev/vc/0 /dev/vc/0 4 0 system:vtmasterrfcomm /dev/rfcomm 216 0-255 serialserial /dev/ttyS 4 64-95 serialpty_slave /dev/pts 136 0-1048575 pty:slavepty_master /dev/ptm 128 0-1048575 pty:masterunknown /dev/tty 4 1-63 console
0x12: /proc/version
Linux version 2.6.32-431.20.5.el6.centos.plus.i686 (mockbuild@c6b9.bsys.dev.centos.org) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Fri Jul 25 06:25:17 UTC 2014
0x13: /proc/sys/
The /proc/sys/ directory is different from others in /proc/ because it not only provides information about the system but also allows the system administrator to immediately enable and disable kernel features.
Relevant Link:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-proc-dir-sys.html
6. /dev简介
设备文件分为两种: 块设备文件(b)和字符设备文件(c),对于/dev我们需要明白,它不是设备驱动,linux有自己的设备驱动,/dev下的文件只是访问相应驱动的接口
设备文件一般存放在/dev目录下,对常见设备文件作如下说明:/dev/hd[a-t]:IDE设备/dev/sd[a-z]:SCSI设备/dev/fd[0-7]:标准软驱/dev/md[0-31]:软raid设备/dev/loop[0-7]:本地回环设备/dev/ram[0-15]:内存/dev/null:无限数据接收设备,相当于黑洞/dev/zero:无限零资源/dev/tty[0-63]:虚拟终端/dev/ttyS[0-3]:串口/dev/lp[0-3]:并口/dev/console:控制台(tty)/dev/fb[0-31]:framebuffer/dev/cdrom => /dev/hdc/dev/modem => /dev/ttyS[0-9]/dev/pilot => /dev/ttyS[0-9]/dev/random:随机数设备/dev/urandom:随机数设备
0x1: tty(本地交互终端shell设备) "tty"这个词源于Teletypes,或者teletypewriters,原来指的是电传打字机,是通过串行线用打印机键盘通过阅读和发送信息的东西,后 来这东西被键盘与显示器取代,所以现在叫终端比较合适。终端是一种字符型设备,它有多种类型,通常使用tty来简称各种类型的终端设备。通常我们在linux下看到的控制台(console)是由几个设备完成的。分别是
1. /dev/tty0tty0就是/dev/console,由linux/drivers/char/console.c对应2. /dev/tty13. /dev/tty2tty1,tty2就是不同的虚拟终端(virtual console)。通常使用热键alt+Fn来在这些虚拟终端之间进行切换。由和vt.c对应4. /dev/tty35. /dev/tty46. /dev/tty57. /dev/tty6...
0x2: pty(远程登录交互终端shell设备)
我们在远程telnet到主机或使用xterm时也需要一个终端交互,这就是虚拟终端pty(pseudo-tty)
ll /dev/pts
/dev/pts是远程登陆(telnet,ssh等)后创建的控制台设备文件所在的目录。由于可能有好几千个用户登陆,所以/dev/pts其实是动态生成的,不象其他设备文件是构建系统时就已经产生的硬盘节点(如果未使用devfs)
1. /dev/pts/0第一个用户登陆,console的设备文件为/dev/pts/02. /dev/pts/1第二个为/dev/pts/13. 以此类推//这里的0、1、2、3不是具体的标准输入或输出,而是整个控制台
Relevant Link:
http://blog.csdn.net/maopig/article/details/7195048http://www.jz123.cn/text/1929468.html
7. 内存相关
0x1: /proc/iomem: I/O内存
zhenghan.zh@miser010249213142.yh $ cat /proc/iomem 00010000-0009dbff : System RAM0009dc00-0009ffff : reserved000a0000-000bffff : Video RAM area000c0000-000c8bff : Video ROM000c9000-000c97ff : Adapter ROM000c9800-000cb9ff : Adapter ROM000f0000-000fffff : System ROM00100000-dfffcfff : System RAM 00200000-0047dd90 : Kernel code 0047dd91-005c075f : Kernel datadfffd000-dfffffff : reservedf0000000-f1ffffff : 0000:00:02.0f2000000-f2000fff : 0000:00:02.0f2010000-f201ffff : 0000:00:02.0f2020000-f2020fff : 0000:00:03.0 f2020000-f2020fff : virtio-pcif2030000-f203ffff : 0000:00:03.0f2040000-f2040fff : 0000:00:04.0 f2040000-f2040fff : virtio-pcifffbc000-ffffffff : reserved100000000-2132fffff : System RAM
Copyright (c) 2014 LittleHann All rights reserved