The /proc filesystem…

Maroua alaya
6 min readJan 17, 2022

--

Hello again, it’s my first time to write a blog in my Specialization: System programming & Algorithm. I think it was amazing to learn about linux.

We take a look at the concept of proc filesystem. We will try to describe how it works, We’ll go also over some examples of the proc filesystem.

I really hope this article helps you develop, or refine your skills.So, let’s get started!!

To keep things organized let’s ask some questions and try to answer them one by one:

What exactly is filesystem?

What is the /proc filesystem?

What is the /proc/mem file?

What is the /proc/maps file?

I’d like to start by looking first at the issue of the file System in Linux.

A Linux file system is a structured collection of files on a disk drive or a partition. A partition is a segment of memory and contains some specific data. In our machine, there can be various partitions of the memory. Generally, every cell has a file system.

The general-purpose computer system needs to store data systematically so that we can easily access the files in less time. It keeps the data on hard disks (HDD) or some equivalent storage type. There may be below reasons for maintaining the file system:

  • The computer saves data to the RAM storage; it may lose the data if it gets turned off. However, non-volatile RAM (Flash RAM and SSD) is available to maintain the data after the power interruption.
  • Data storage is preferred on hard drives compared to standard RAM as RAM costs more than disk space. The hard disks costs are dropping gradually comparatively the RAM.

Linux File System Structure

Linux file system has a hierarchical file structure as it contains a root directory and its sub directories. All other guides can be accessed from the root directory. A partition usually has only one file system, but it may have more than one.

The data structure needs to support a hierarchical directory structure; this structure describes the available and used disk space for a particular block. It also has the files’ other details, such as file size, date & time of creation, update, and last modified.

Also, it stores advanced information about the section of the disk, such as partitions and volumes.

The advanced data and its structures contain the information about the file system stored on the drive; it is distinct and independent of the file system metadata.

Let’s move on to / directory(individual high-level directories.)

Moving on to the next section, let’s take a look at the proc filesystem, and explains what it has to do with Linux process management.

So, What is the /proc filesystem:

The proc filesystem (procfs) is a special filesystem in Unix-like operating systems that presents information about processes and other system information in a hierarchical file-like structure, providing a more convenient and standardized method for dynamically accessing process data held in the kernel than traditional tracing methods or direct access to kernel memory. Typically, it is mapped to a mount point named /proc at boot time. The proc file system acts as an interface to internal data structures in the kernel.

Now I’d like to move on to the directory /proc:

In all Linux systems, /proc directory is used. This directory is not a real file system. It is a virtual file system in that procfs are information about processes. /proc is mapped and mount on boot.

As shown above numbered directories represent processes and it is known as PIDs. CPU information (cpuinfo), memory (meminfo), Filesystems that contain system information.

Next I’d like run the cat command on any of the files in /proc to list the information’ s as per your requirement.

let’s take for example the /proc/mem file:

This file provides information about distribution and utilization of memory. This
varies by architecture and compile options. The following is from a
8GB PIII, which has highmem enabled. You may not have all of these fields.

Please note that the output of the command “cat /proc/meminfo” would be different depending on the OS and architecture of the server. The fields listed below may be slightly different or not present in your system.

At the top you see a summary of the most common values people would like to look at. Below you find some of individual values we will discuss:

  • MemTotal: Total usable ram (i.e. physical ram minus a few reserved bits and the kernel binary code)
  • MemFree: Is sum of LowFree+HighFree (overall stat)
  • Buffers: Memory in buffer cache. mostly useless as metric nowadays Relatively temporary storage for raw disk blocks shouldn’t get tremendously large.
  • Cached: Memory in the pagecache (diskcache) minus SwapCache, Doesn’t include SwapCached
  • SwapCache: Memory that once was swapped out, is swapped back in but still also is in the swapfile (if memory is needed it doesn’t need to be swapped out AGAIN because it is already in the swapfile. This saves I/O )
  • Active: Memory that has been used more recently and usually not reclaimed unless absolute necessary.
  • Dirty: Memory which is waiting to get written back to the disk
  • Writeback: Memory which is actively being written back to the disk
  • Mapped: files which have been mapped, such as libraries
  • Slab: in-kernel data structures cache…

Moving on to the next part, I’d like to talk about /proc/maps file:

The /proc/PID/maps file contains the currently mapped memory regions and their access permissions.The operation set in the corresponding kernel is proc_pid_maps_op, and the specific export function is Show_map.

Each row in /proc/$PID/maps describes a region of contiguous virtual memory in a process or thread. Each row has the following fields:

address           perms offset  dev   inode   pathname
08048000-08056000 r-xp 00000000 03:0c 64593 /usr/sbin/gpm

Let’s take an example with pid equal to 177037:

cat 177073/maps
The format is:

address perms offset dev inode pathname

where "address" is the address space in the process that it occupies, "perms"
is a set of permissions:
r = read
w = write
x = execute
s = shared
p = private (copy on write)

"offset" is the offset into the mapping, "dev" is the device (major:minor), and
"inode" is the inode on that device. 0 indicates that no inode is associated
with the memory region, as the case would be with BSS (uninitialized data).
The "pathname" shows the name associated file for this mapping. If the mapping
is not associated with a file:
[heap] = the heap of the program
[stack] = the stack of the main process
[vdso] = the "virtual dynamic shared object", the kernel system call handler

or if empty, the mapping is anonymous.

Well, that brings us to the end of the final section. Now, I’d like to summarize by this conclusion:

Proc file system (procfs) is virtual file system created on fly when system boots and is dissolved at time of system shut down.

It contains useful information about the processes that are currently running, it is regarded as control and information center for kernel.

The proc file system also provides communication medium between kernel space and user space.

Finally, I think that it can be so important to explore your filesystem. So go forth with tree, ls, and cd into uncharted territory then move from one directory to another and take a look around. Soon you’ll discover that the Linux filesystem and how it is laid out really makes a lot of sense, and you will intuitively know where to find apps, documentation, and other resources.

Thanks for reading!

Maroua Alaya.

--

--