This subtree includes data generally related to the kernel. The string and integer information available for the
kern level is detailed below. The changeable column shows whether a process with appropriate privilege may change the value.
Second level name
Type
Changeable
kern.aio_listio_max
integer
yes
kern.boothowto
integer
no
kern.boottime
struct timeval
no
kern.clockrate
struct clockinfo
no
kern.coredump
node
not applicable
kern.cp_time
uint64_t[]
no
kern.cryptodevallowsoft
integer
yes
kern.defcorename
string
yes
kern.detachall
integer
yes
kern.domainname
string
yes
kern.drivers
struct kinfo_drivers
no
kern.dump_on_panic
integer
yes
kern.forkfsleep
integer
yes
kern.hardclock_ticks
integer
no
kern.ipc
node
not applicable
kern.job_control
integer
no
kern.labeloffset
integer
no
kern.labelsector
integer
no
kern.login_name_max
integer
no
kern.logsigexit
integer
yes
kern.mapped_files
integer
no
kern.maxfiles
integer
yes
kern.maxpartitions
integer
no
kern.maxvnodes
integer
yes
kern.mbuf
node
not applicable
kern.memlock_range
integer
no
kern.memory_protection
integer
no
kern.module
node
not applicable
kern.monotonic_clock
integer
no
kern.mqueue
node
not applicable
kern.msgbufsize
integer
no
kern.ntptime
struct ntptimeval
no
kern.osrevision
integer
no
kern.pipe
node
not applicable
kern.posix1version
integer
no
kern.posix_aio
integer
no
kern.posix_barriers
integer
no
kern.posix_reader_writer_locks
integer
no
kern.posix_semaphores
integer
no
kern.posix_spin_locks
integer
no
kern.posix_threads
integer
no
kern.posix_timers
integer
no
kern.proc
struct kinfo_proc
no
kern.proc2
struct kinfo_proc2
no
kern.profiling
node
not applicable
kern.rawpartition
integer
no
kern.root_device
string
no
kern.root_partition
integer
no
kern.rtc_offset
integer
yes
kern.saved_ids
integer
no
kern.securelevel
integer
raise only
kern.somaxkva
integer
yes
kern.synchronized_io
integer
no
kern.timecounter
node
not applicable
kern.tkstat
node
not applicable
kern.usercrypto
integer
yes
kern.userasymcrypto
integer
yes
kern.veriexec
node
not applicable
kern.vnode
struct vnode
no
kern.aio_listio_max
The maximum number of asynchronous I/O operations in a single list I/O call. Like with all variables related to
aio(3), the variable may be created and removed dynamically upon loading or unloading the corresponding kernel module.
kern.aio_max
The maximum number of asynchronous I/O operations.
kern.arandom
This variable picks a random number each time it is queried. The used random number generator (RNG) is based on
arc4random(3).
kern.argmax (KERN_ARGMAX)
kern.boothowto
Flags passed from the boot loader; see
reboot(2) for the meanings of the flags.
kern.boottime (KERN_BOOTTIME)
A struct timeval structure is returned. This structure contains the time that the system was booted.
kern.ccpu (KERN_CCPU)
The scheduler exponential decay value.
kern.clockrate (KERN_CLOCKRATE)
A
struct clockinfo structure is returned. This structure contains the clock, statistics clock and profiling clock frequencies, the number of micro-seconds per hz tick, and the clock skew rate. Refer to
hz(9) for additional details.
kern.consdev (KERN_CONSDEV)
Console device.
kern.coredump
Settings related to set-id processes coredumps. By default, set-id processes do not dump core in situations where other processes would. The settings in this node allows an administrator to change this behavior.
The third level name is
kern.coredump.setid and fourth level variables are described below.
Fourth level name
Type
Changeable
kern.coredump.setid.dump
integer
yes
kern.coredump.setid.group
integer
yes
kern.coredump.setid.mode
integer
yes
kern.coredump.setid.owner
integer
yes
kern.coredump.setid.path
string
yes
kern.coredump.setid.dump
If non-zero, set-id processes will dump core.
kern.coredump.setid.group
The group-id for the set-id processes' coredump.
kern.coredump.setid.mode
The mode for the set-id processes' coredump. See
chmod(1).
kern.coredump.setid.owner
The user-id that will be used as the owner of the set-id processes' coredump.
kern.coredump.setid.path
The path to which set-id processes' coredumps will be saved to. Same syntax as kern.defcorename.
kern.cp_id (KERN_CP_ID)
Mapping of CPU number to CPU id.
kern.cp_time (KERN_CP_TIME)
Returns an array of CPUSTATES uint64_ts. This array contains the number of clock ticks spent in different CPU states. On multi-processor systems, the sum across all CPUs is returned unless appropriate space is given for one data set for each CPU. Data for a specific CPU can also be obtained by adding the number of the CPU at the end of the MIB, enlarging it by one.
kern.cryptodevallowsoft
This variable controls userland access to hardware versus software transforms in the
crypto(4) system. The available values are as follows:
< 0
Always force userlevel requests to use software transforms.
= 0
If present, use hardware and grant userlevel requests for non-accelerated transforms (handling the latter in software).
> 0
Allow user requests only for transforms which are hardware-accelerated.
kern.defcorename (KERN_DEFCORENAME)
Default template for the name of core dump files (see also
proc.pid.corename in the per-process variables
proc.*, and
core(5) for format of this template). The default value is
%n.core and can be changed with the kernel configuration option
options DEFCORENAME (see
options(4) ).
kern.detachall
Detach all devices at shutdown.
kern.domainname (KERN_DOMAINNAME)
Get or set the YP domain name.
kern.drivers (KERN_DRIVERS)
Return an array of struct kinfo_drivers that contains the name and major device numbers of all the device drivers in the current kernel. The d_name field is always a NUL terminated string. The d_bmajor field will be set to -1 if the driver doesn't have a block device.
kern.dump_on_panic (KERN_DUMP_ON_PANIC)
Perform a crash dump on system
panic(9).
kern.file (KERN_FILE)
Return the entire file table. The returned data consists of a single struct filelist followed by an array of struct file, whose size depends on the current number of such objects in the system.
kern.forkfsleep (KERN_FORKFSLEEP)
If
fork(2) system call fails due to limit on number of processes (either the global maxproc limit or user's one), wait for this many milliseconds before returning
EAGAIN error to process. Useful to keep heavily forking runaway processes in bay. Default zero (no sleep). Maximum is 20 seconds.
kern.fscale (KERN_FSCALE)
The kernel fixed-point scale factor.
kern.fsync (KERN_FSYNC)
Return 1 if the POSIX 1003.1b File Synchronization Option is available on this system, otherwise 0.
kern.hardclock_ticks (KERN_HARDCLOCK_TICKS)
kern.hostid (KERN_HOSTID)
kern.hostname (KERN_HOSTNAME)
kern.iov_max (KERN_IOV_MAX)
kern.ipc (KERN_SYSVIPC)
Return information about the SysV IPC parameters. The third level names for the ipc variables are detailed below.
Third level name
Type
Changeable
kern.ipc.sysvmsg
integer
no
kern.ipc.sysvsem
integer
no
kern.ipc.sysvshm
integer
no
kern.ipc.sysvipc_info
struct
no
kern.ipc.shmmax
integer
yes
kern.ipc.shmmni
integer
yes
kern.ipc.shmseg
integer
yes
kern.ipc.shmmaxpgs
integer
yes
kern.ipc.shm_use_phys
integer
yes
kern.ipc.msgmni
integer
yes
kern.ipc.msgseg
integer
yes
kern.ipc.semmni
integer
yes
kern.ipc.semmns
integer
yes
kern.ipc.semmnu
integer
yes
kern.ipc.sysvmsg (KERN_SYSVIPC_MSG)
Returns 1 if System V style message queue functionality is available on this system, otherwise 0.
kern.ipc.sysvsem (KERN_SYSVIPC_SEM)
Returns 1 if System V style semaphore functionality is available on this system, otherwise 0.
kern.ipc.sysvshm (KERN_SYSVIPC_SHM)
Returns 1 if System V style share memory functionality is available on this system, otherwise 0.
kern.ipc.sysvipc_info (KERN_SYSVIPC_INFO)
Return System V style IPC configuration and run-time information. The fourth level name selects the System V style IPC facility.
KERN_SYSVIPC_MSG_INFO
struct msg_sysctl_info
KERN_SYSVIPC_SEM_INFO
struct sem_sysctl_info
KERN_SYSVIPC_SHM_INFO
struct shm_sysctl_info
KERN_SYSVIPC_MSG_INFO
Return information on the System V style message facility. The
msg_sysctl_info structure is defined in
<sys/msg.h>.
KERN_SYSVIPC_SEM_INFO
Return information on the System V style semaphore facility. The
sem_sysctl_info structure is defined in
<sys/sem.h>.
KERN_SYSVIPC_SHM_INFO
Return information on the System V style shared memory facility. The
shm_sysctl_info structure is defined in
<sys/shm.h>.
kern.ipc.shmmax (KERN_SYSVIPC_SHMMAX)
Max shared memory segment size in bytes.
kern.ipc.shmmni (KERN_SYSVIPC_SHMMNI)
Max number of shared memory identifiers.
kern.ipc.shmseg (KERN_SYSVIPC_SHMSEG)
Max shared memory segments per process.
kern.ipc.shmmaxpgs (KERN_SYSVIPC_SHMMAXPGS)
Max amount of shared memory in pages.
kern.ipc.shm_use_phys (KERN_SYSVIPC_SHMUSEPHYS)
Locking of shared memory in physical memory. If 0, memory can be swapped out, otherwise it will be locked in physical memory.
kern.ipc.msgmni
Max number of message queue identifiers.
kern.ipc.msgseg
Max number of number of message segments.
kern.ipc.semmni
Max number of number of semaphore identifiers.
kern.ipc.semmns
Max number of number of semaphores in system.
kern.ipc.semmnu
Max number of undo structures in system.
kern.job_control (KERN_JOB_CONTROL)
Return 1 if job control is available on this system, otherwise 0.
kern.labeloffset (KERN_LABELOFFSET)
The offset within the sector specified by KERN_LABELSECTOR of the
disklabel(5).
kern.labelsector (KERN_LABELSECTOR)
kern.login_name_max (KERN_LOGIN_NAME_MAX)
The size of the storage required for a login name, in bytes, including the terminating NUL.
kern.logsigexit (KERN_LOGSIGEXIT)
If this flag is non-zero, the kernel will
log(9) all process exits due to signals which create a
core(5) file, and whether the coredump was created.
kern.mapped_files (KERN_MAPPED_FILES)
Returns 1 if the POSIX 1003.1b Memory Mapped Files Option is available on this system, otherwise 0.
kern.maxfiles (KERN_MAXFILES)
The maximum number of open files that may be open in the system.
kern.maxpartitions (KERN_MAXPARTITIONS)
The maximum number of partitions allowed per disk.
kern.maxphys (KERN_MAXPHYS)
Maximum raw I/O transfer size.
kern.maxproc (KERN_MAXPROC)
The maximum number of simultaneous processes the system will allow.
kern.maxptys (KERN_MAXPTYS)
The maximum number of pseudo terminals. This value can be both raised and lowered, though it cannot be set lower than number of currently used ptys. See also
pty(4).
kern.maxvnodes (KERN_MAXVNODES)
The maximum number of vnodes available on the system. This can only be raised.
kern.mbuf (KERN_MBUF)
Return information about the mbuf control variables. Mbufs are data structures which store network packets and other data structures in the networking code, see
mbuf(9). The third level names for the mbuf variables are detailed below. The changeable column shows whether a process with appropriate privilege may change the value.
Third level name
Type
Changeable
kern.mbuf.mblowat
integer
yes
kern.mbuf.mclbytes
integer
yes
kern.mbuf.mcllowat
integer
yes
kern.mbuf.msize
integer
yes
kern.mbuf.nmbclusters
integer
yes
The variables are as follows:
kern.mbuf.mblowat (MBUF_MBLOWAT)
The mbuf low water mark.
kern.mbuf.mclbytes (MBUF_MCLBYTES)
The mbuf cluster size.
kern.mbuf.mcllowat (MBUF_MCLLOWAT)
The mbuf cluster low water mark.
kern.mbuf.msize (MBUF_MSIZE)
The mbuf base size.
kern.mbuf.nmbclusters (MBUF_NMBCLUSTERS)
The limit on the number of mbuf clusters. The variable can only be increased, and only increased on machines with direct-mapped pool pages.
kern.memlock (KERN_MEMLOCK)
Returns 1 if the POSIX 1003.1b Process Memory Locking Option is available on this system, otherwise 0.
kern.memlock_range (KERN_MEMLOCK_RANGE)
Returns 1 if the POSIX 1003.1b Range Memory Locking Option is available on this system, otherwise 0.
kern.memory_protection (KERN_MEMORY_PROTECTION)
Returns 1 if the POSIX 1003.1b Memory Protection Option is available on this system, otherwise 0.
kern.module
Settings related to kernel modules. The third level names for the settings are described below.
Third level name
Type
Changeable
kern.module.autoload
integer
yes
kern.module.verbose
integer
yes
The variables are as follows:
kern.module.autoload
A boolean that controls whether kernel modules are loaded automatically. See for example
modstat(8) for additional details.
kern.module.verbose
A boolean that enables or disables verbose debug messages related to kernel modules.
kern.monotonic_clock (KERN_MONOTONIC_CLOCK)
Returns the standard version the implementation of the POSIX 1003.1b Monotonic Clock Option conforms to, otherwise 0.
kern.mqueue
Settings related to POSIX message queues; see
mqueue(3). This node is created dynamically when the corresponding kernel module is loaded. The third level names for the settings are described below.
Third level name
Type
Changeable
kern.mqueue.mq_open_max
integer
yes
kern.mqueue.mq_prio_max
integer
yes
kern.mqueue.mq_max_msgsize
integer
yes
kern.mqueue.mq_def_maxmsg
integer
yes
kern.mqueue.mq_max_maxmsg
integer
yes
The variables are:
kern.mqueue.mq_open_max
The maximum number of message queue descriptors any single process can open.
kern.mqueue.mq_prio_max
The maximum priority of a message.
kern.mqueue.mq_max_msgsize
The maximum size of a message in a message queue.
kern.mqueue.mq_def_maxmsg
The default maximum message count.
kern.mqueue.mq_max_maxmsg
The maximum number of messages in a message queue.
kern.msgbuf (KERN_MSGBUF)
The kernel message buffer, rotated so that the head of the circular kernel message buffer is at the start of the returned data. The returned data may contain NUL bytes.
kern.msgbufsize (KERN_MSGBUFSIZE)
The maximum number of characters that the kernel message buffer can hold.
kern.ngroups (KERN_NGROUPS)
The maximum number of supplemental groups.
kern.ntptime (KERN_NTPTIME)
A
struct ntptimeval structure is returned. This structure contains data used by the
ntpd(8) program.
kern.osrelease (KERN_OSRELEASE)
The system release string.
kern.osrevision (KERN_OSREV)
The system revision string.
kern.ostype (KERN_OSTYPE)
The system type string.
kern.pipe (KERN_PIPE)
Pipe settings. The third level names for the integer pipe settings is detailed below. The changeable column shows whether a process with appropriate privilege may change the value.
Third level name
Type
Changeable
kern.pipe.kvasiz
integer
yes
kern.pipe.maxbigpipes
integer
yes
kern.pipe.maxkvasz
integer
yes
kern.pipe.limitkva
integer
yes
kern.pipe.nbigpipes
integer
yes
The variables are as follows:
kern.pipe.kvasiz (KERN_PIPE_KVASIZ)
Amount of kernel memory consumed by pipe buffers.
kern.pipe.maxbigpipes (KERN_PIPE_MAXBIGPIPES)
Maximum number of "big" pipes.
kern.pipe.maxkvasz (KERN_PIPE_MAXKVASZ)
Maximum amount of kernel memory to be used for pipes.
kern.pipe.limitkva (KERN_PIPE_LIMITKVA)
Limit for direct transfers via page loan.
kern.pipe.nbigpipes (KERN_PIPE_NBIGPIPES)
Number of "big" pipes.
kern.posix1version (KERN_POSIX1)
The version of ISO/IEC 9945 (POSIX 1003.1) with which the system attempts to comply.
kern.posix_aio
The version of IEEE Std 1003.1 (“POSIX.1”) and its Asynchronous I/O option to which the system attempts to conform.
kern.posix_barriers (KERN_POSIX_BARRIERS)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Barriers option to which the system attempts to conform, otherwise 0.
kern.posix_reader_writer_locks (KERN_POSIX_READER_WRITER_LOCKS)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Read-Write Locks option to which the system attempts to conform, otherwise 0.
kern.posix_semaphores (KERN_POSIX_SEMAPHORES)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Semaphores option to which the system attempts to conform, otherwise 0.
kern.posix_spin_locks (KERN_POSIX_SPIN_LOCKS)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Spin Locks option to which the system attempts to conform, otherwise 0.
kern.posix_threads (KERN_POSIX_THREADS)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Threads option to which the system attempts to conform, otherwise 0.
kern.posix_timers (KERN_POSIX_TIMERS)
The version of IEEE Std 1003.1 (“POSIX.1”) and its Timers option to which the system attempts to conform, otherwise 0.
kern.proc (KERN_PROC)
Return the entire process table, or a subset of it. An array of
struct kinfo_proc structures is returned, whose size depends on the current number of such objects in the system. The third and fourth level numeric names are as follows:
Third level name
Fourth level is:
KERN_PROC_PID
A process ID
KERN_PROC_PGRP
A process group
KERN_PROC_RGID
A real group ID
KERN_PROC_RUID
A real user ID
KERN_PROC_SESSION
A session ID
KERN_PROC_TTY
A tty device
kern.proc2 (KERN_PROC2)
As for KERN_PROC, but an array of struct kinfo_proc2 structures are returned. The fifth level name is the size of the struct kinfo_proc2 and the sixth level name is the number of structures to return.
kern.proc_args (KERN_PROC_ARGS)
Return the argv or environment strings (or the number thereof) of a process. Multiple strings are returned separated by NUL characters. The third level name is the process ID. The fourth level name is as follows:
KERN_PROC_ARGV
The argv strings
KERN_PROC_ENV
The environ strings
KERN_PROC_NARGV
The number of argv strings
KERN_PROC_NENV
The number of environ strings
kern.profiling (KERN_PROF)
Return profiling information about the kernel. If the kernel is not compiled for profiling, attempts to retrieve any of the KERN_PROF values will fail with
EOPNOTSUPP. The third level names for the string and integer profiling information is detailed below. The changeable column shows whether a process with appropriate privilege may change the value.
Third level name
Type
Changeable
kern.profiling.count
u_short[]
yes
kern.profiling.froms
u_short[]
yes
kern.profiling.gmonparam
struct gmonparam
no
kern.profiling.state
integer
yes
kern.profiling.tos
struct tostruct
yes
The variables are as follows:
kern.profiling.count (GPROF_COUNT)
Array of statistical program counter counts.
kern.profiling.froms (GPROF_FROMS)
Array indexed by program counter of call-from points.
kern.profiling.gmonparams (GPROF_GMONPARAM)
Structure giving the sizes of the above arrays.
kern.profiling.state (GPROF_STATE)
Profiling state. If set to GMON_PROF_ON, starts profiling. If set to GMON_PROF_OFF, stops profiling.
kern.profiling.tos (GPROF_TOS)
Array of struct tostruct describing destination of calls and their counts.
kern.rawpartition (KERN_RAWPARTITION)
The raw partition of a disk (a == 0).
kern.root_device (KERN_ROOT_DEVICE)
The name of the root device (e.g., “wd0”).
kern.root_partition (KERN_ROOT_PARTITION)
The root partition on the root device (a == 0).
kern.rtc_offset (KERN_RTC_OFFSET)
Return the offset of real time clock from UTC in minutes.
kern.saved_ids (KERN_SAVED_IDS)
Returns 1 if saved set-group and saved set-user ID is available.
kern.sbmax (KERN_SBMAX)
Maximum socket buffer size.
kern.securelevel (KERN_SECURELVL)
kern.somaxkva (KERN_SOMAXKVA)
Maximum amount of kernel memory to be used for socket buffers.
kern.synchronized_io (KERN_SYNCHRONIZED_IO)
Returns 1 if the POSIX 1003.1b Synchronized I/O Option is available on this system, otherwise 0.
kern.timecounter (dynamic)
Display and control the timecounter source of the system.
Third level name
Type
Changeable
kern.timecounter.choice
string
no
kern.timecounter.hardware
string
yes
kern.timecounter.timestepwarnings
integer
yes
The variables are as follows:
kern.timecounter.choice (dynamic)
The list of available timecounters with their quality and frequency.
kern.timecounter.hardware (dynamic)
The currently selected timecounter source.
kern.timecounter.timestepwarnings (dynamic)
If non-zero display a message each time the time is stepped.
kern.timex (KERN_TIMEX)
Not available.
kern.tkstat (KERN_TKSTAT)
Return information about the number of characters sent and received on ttys. The third level names for the tty statistic variables are detailed below. The changeable column shows whether a process with appropriate privilege may change the value.
Third level name
Type
Changeable
kern.tkstat.cancc
quad
no
kern.tkstat.rawcc
quad
no
The variables are as follows:
kern.tkstat.cancc (KERN_TKSTAT_CANCC)
The number of canonical input characters.
kern.tkstat.nin (KERN_TKSTAT_NIN)
The total number of input characters.
kern.tkstat.nout (KERN_TKSTAT_NOUT)
The total number of output characters.
kern.tkstat.rawcc (KERN_TKSTAT_RAWCC)
The number of raw input characters.
kern.urandom (KERN_URND)
Random integer value.
kern.usercrypto
When enabled, allows userland to
open(2) the
/dev/crypto special device, used by the
crypto(4) system.
kern.userasymcrypto
Enables or disables the use of software asymmetric crypto support in the
crypto(4) system.
kern.veriexec
Runtime information for
veriexec(8).
Third level name
Type
Changeable
kern.veriexec.algorithms
string
no
kern.veriexec.count
node
not applicable
kern.veriexec.strict
integer
yes
kern.veriexec.verbose
integer
yes
kern.veriexec.algorithms
Returns a string with the supported algorithms in Veriexec.
kern.veriexec.count
Sub-nodes are added to this node as new mounts are monitored by Veriexec. Each mount will be under its own tableN node. Under each node there will be three variables, indicating the mount point, the file-system type, and the number of entries.
kern.veriexec.strict
Controls the strict level of Veriexec. See
security(8) for more information on each level's implications.
kern.veriexec.verbose
Controls the verbosity level of Veriexec. If 0, only the minimal indication required will be given about what's happening - fingerprint mismatches, removal of entries from the tables, modification of a fingerprinted file. If 1, more messages will be printed (ie., when a file with a valid fingerprint is accessed). Verbose level 2 is debug mode.
kern.version (KERN_VERSION)
The system version string.
kern.vnode (KERN_VNODE)
Return the entire vnode table. Note, the vnode table is not necessarily a consistent snapshot of the system. The returned data consists of an array whose size depends on the current number of such objects in the system. Each element of the array contains the kernel address of a vnode struct vnode * followed by the vnode itself struct vnode.