Linux magic system request

Table of content

Linux Magic System Request

What is a magic SysRq key?

It is a ‘magical’ key combo you can hit which the kernel will respond to regardless of whatever else it is doing, unless it is completely locked up.

How to enable magic SysRq key

You need to say “yes” to ‘Magic SysRq key (CONFIG_MAGIC_SYSRQ) when configuring the kernel. When running a kernel with SysRq compiled in, /proc/sys/kernel/sysrq controls the functions allowed to be invoked via the SysRq key. The default value in this file is set by the CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE config symbol, which itself defaults to 1.

Here is the list of possible values in /proc/sys/kernel/sysrq:

  • 0 - disable sysrq completely
  • 1 - enable all functions of sysrq
  • >1 - bitmask of allowed sysrq functions (see below for detailed function description):
      2 =   0x2 - enable control of console logging level
      4 =   0x4 - enable control of keyboard (SAK, unraw)
      8 =   0x8 - enable debugging dumps of processes etc.
     16 =  0x10 - enable sync command
     32 =  0x20 - enable remount read-only
     64 =  0x40 - enable signalling of processes (term, kill, oom-kill)
    128 =  0x80 - allow reboot/poweroff
    256 = 0x100 - allow nicing of all RT tasks
    

You can set the value in the file by the following command:

$ echo "number" >/proc/sys/kernel/sysrq

The number may be written here either as decimal or as hexadecimal with the 0x prefix. CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE must always be written in hexadecimal.

Note that the value of /proc/sys/kernel/sysrq influences only the invocation via a keyboard. Invocation of any operation via /proc/sysrq-trigger is always allowed (by a user with root privileges).

How to use magic SysRq key

On x86 : You press the key combo ALT-SysRq-<command key>. : > Some keyboards may not have a key labeled SysRq. The SysRq key is also known as the Print Screen key. Also some keyboards cannot handle so many keys being pressed at the same time, so you might have better luck with press Alt, press SysRq, release SysRq, press <command key>, release everything.

On SPARC : You press ALT-STOP-<command key>

On the serial console (PC style standard serial ports only) : You send a BREAK, then within 5 seconds a command key. Sending BREAK twice is interpreted as a normal BREAK.

On PowerPC : Press ALT - Print Screen (or F13) - <command key>. Print Screen (or F13) - <command key> may suffice.

On all : Write a character to /proc/sysrq-trigger. e.g.: : echo t > /proc/sysrq-trigger

The <command key> is case sensitive.

Command keys

CommandFunction
bWill immediately reboot the system without syncing or unmounting your disks.
cWill perform a system crash and a crashdump will be taken if configured.
dShows all locks that are held.
eSend a SIGTERM to all processes, except for init.
fWill call the oom killer to kill a memory hog process, but do not panic if nothing can be killed.
gUsed by kgdb (kernel debugger)
hWill display help (actually any other key than those listed here will display help. but h is easy to remember :-)
iSend a SIGKILL to all processes, except for init.
jForcibly “Just thaw it” - filesystems frozen by the FIFREEZE ioctl.
kSecure Access Key (SAK) Kills all programs on the current virtual console. NOTE: See important comments below in SAK section.
lShows a stack backtrace for all active CPUs.
mWill dump current memory info to your console.
nUsed to make RT tasks nice-able
oWill shut your system off (if configured and supported).
pWill dump the current registers and flags to your console.
qWill dump per CPU lists of all armed hrtimers (but NOT regular timer_list timers) and detailed information about all clockevent devices.
rTurns off keyboard raw mode and sets it to XLATE.
sWill attempt to sync all mounted filesystems.
tWill dump a list of current tasks and their information to your console.
uWill attempt to remount all mounted filesystems read-only.
vForcefully restores framebuffer console
vCauses ETM buffer dump [ARM-specific]
wDumps tasks that are in uninterruptable (blocked) state.
xUsed by xmon interface on ppc/powerpc platforms. Show global PMU Registers on sparc64. Dump all TLB entries on MIPS.
yShow global CPU Registers [SPARC-64 specific]
zDump the ftrace buffer
0-9Sets the console log level, controlling which kernel messages will be printed to your console. (0, for example would make it so that only emergency messages like PANICs or OOPSes would make it to your console.)

Usefull scenarios

Well, unraw(r) is very handy when your X server or a svgalib program crashes.

sak(k) (Secure Access Key) is useful when you want to be sure there is no trojan program running at console which could grab your password when you would try to login. It will kill all programs on given console, thus letting you make sure that the login prompt you see is actually the one from init, not some trojan program.

Important In its true form it is not a true SAK like the one in a c2 compliant system, and it should not be mistaken as such.

It seems others find it useful as (System Attention Key) which is useful when you want to exit a program that will not let you switch consoles. (For example, X or a svgalib program.)

reboot(b) is good when you’re unable to shut down, it is an equivalent of pressing the “reset” button.

crash(c) can be used to manually trigger a crashdump when the system is hung. Note that this just triggers a crash if there is no dump mechanism available.

sync(s) is handy before yanking removable medium or after using a rescue shell that provides no graceful shutdown – it will ensure your data is safely written to the disk. Note that the sync hasn’t taken place until you see the “OK” and “Done” appear on the screen.

umount(u) can be used to mark filesystems as properly unmounted. From the running system’s point of view, they will be remounted read-only. The remount isn’t complete until you see the “OK” and “Done” message appear on the screen.

The loglevels 0-9 are useful when your console is being flooded with kernel messages you do not want to see. Selecting 0 will prevent all but the most urgent kernel messages from reaching your console. (They will still be logged if syslogd/klogd are alive, though.)

term(e) and kill(i) are useful if you have some sort of runaway process you are unable to kill any other way, especially if it’s spawning other processes.

“just thaw it(j)” is useful if your system becomes unresponsive due to a frozen (probably root) filesystem via the FIFREEZE ioctl.