]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/conf/MASTER
xnu-1504.3.12.tar.gz
[apple/xnu.git] / bsd / conf / MASTER
index 10ac705f2c011a007c0b0611ff0073cb2469297e..36c667094d078a4106b3a0bcfbb8c15e25d3d3ae 100644 (file)
 #
 #  EXPERIMENTAL CONFIGURATION OPTIONS (select any combination, carefully)
 #
-#      nbc     = no buffer cache support
-#      simple  = non-rollover clock support
-#      timing  = precision timing support
 #      host    = host resource control support
-#      fixpri  = fixed priority threads
 #
 #  MULTI-PROCESSOR CONFIGURATION (select at most one)
 #
@@ -65,8 +61,7 @@
 #      medium = medium scale system configuration
 #      small  = small scale system configuration
 #      xsmall = extra small scale system configuration
-#      bsmall = special extra small scale system configuration for
-#               (e.g. for boot floppies)
+#      bsmall = special extra small scale system configuration 
 #
 #######################################################################
 #  
@@ -85,15 +80,17 @@ ident               NeXT
 # obsolete timezone spec
 options                TIMEZONE=0, PST=0
 
-options                QUOTA           #                               # <quota>
-options                INET
+options                QUOTA                   #                               # <quota>
+options                INET                    #                               # <inet>
 options                ABSOLUTETIME_SCALAR_TYPE
 options                NEW_VM_CODE     #                               # <newvm>
 options                OLD_VM_CODE     #                               # <!newvm>
 options                HW_AST          # Hardware ast support          # <hw_ast>
 options        HW_FOOTPRINT    # Cache footprint support       # <hw_foot>
+options                CONFIG_LCTX     # Login Context
+
 options        MACH            # Standard Mach features        # <mach>
-options                MACH_ASSERT     # Compile in assertions         # <test>
+options                MACH_ASSERT     # Compile in assertions         # <mach_assert>
 options                MACH_COMPAT     # Vendor syscall compatibility  # <mach>
 options                MACH_COUNTERS   # counters                      # <count>
 options                MACH_DEBUG      # IPC debugging interface       # <mdebug>
@@ -106,7 +103,6 @@ options             MACH_IPC_TEST   # Testing code/printfs          # <ipc_test>
 options                MACH_LDEBUG     # Sanity-check simple locking   # <test>
 options        MACH_NP         # Mach IPC support              # <np>
 options                MACH_NBC        # No buffer cache               # <nbc>
-options                REV_ENDIAN_FS   # Reverse Endian FS             # <revfs>
 options                MACH_NET        # Fast network access           # <mach_net>
 options                MACH_XP         # external pager support        # <xp>
 options                NORMA_IPC       # NORMA IPC support             # <norma_ipc>
@@ -115,7 +111,6 @@ options             NORMA_VM        # NORMA virtual memory support  # <norma_vm>
 options                NORMA_TASK      # NORMA task support            # <norma_task>
 options                NORMA_ETHER     # NORMA across ethernet         # <norma_ether>
 options                SIMPLE_CLOCK    # don't assume fixed tick       # <simple_clock>
-options                STAT_TIME       # Use statistical timing        # <!timing>
 options                XPR_DEBUG       # kernel tracing                # <xpr_debug>
 options                KDEBUG          # kernel tracing                # <kdebug>
 options                DDM_DEBUG       # driverkit-style tracing       # <ddm_debug>
@@ -127,58 +122,93 @@ options           ISO             # ISO stack                     # <iso>
 options                LLC             # 802.2 support                 # <llc>
 options                LOOP            # loopback support              # <loop>
 options                MROUTING        # multicast routing             # <mrouting>
-options                NS              # Netware                       # <ns>
-options                PPP             # PPP                           # <ppp>
 options                ROUTING         # routing                       # <routing>
-options                TPIP            #                               # <tpip>
-options                TUN             #                               # <tun>
+options                NETMIBS         #                               # <netmibs>
 options                VLAN            #                               # <vlan>
-options         IPDIVERT        # Divert sockets (for NAT)      # <ipdivert>
-options         IPFIREWALL      # IP Firewalling (used by NAT)  # <ipfirewall>
-#options        IPFIREWALL_VERBOSE      #                       # <ipfirewall>
-options         IPFIREWALL_FORWARD      #Transparent proxy      # <ipfirewall>
-options         IPFIREWALL_DEFAULT_TO_ACCEPT    # allow everything by default   # <ipfirewall>
-options         IPFIREWALL_KEXT # Kernel extension              # <ipfirewall>
+options                BOND            #                               # <bond>
+options                PF              # Packet Filter                 # <pf>
+options                PF_PKTHDR       # PF tag inside mbuf pkthdr     # <pf_pkthdr>
+options                PFLOG           # PF log interface              # <pflog>
+options                IPDIVERT        # Divert sockets (for NAT)      # <ipdivert>
+options                IPFLOW          # IP fast forwarding            # <ipflow>
+options                IPFIREWALL      # IP Firewalling (used by NAT)  # <ipfirewall>
+options                IPFIREWALL_FORWARD      #Transparent proxy      # <ipfirewall>
+options                IPFIREWALL_DEFAULT_TO_ACCEPT    # allow everything by default   # <ipfirewall>
+options                DUMMYNET        # dummynet support              # <dummynet>
+options                TRAFFIC_MGT     # traffic management support            # <traffic_mgt>
+options                IPFW2           # IP firewall (new version)     # <ipfw2>
 options                MULTICAST       # Internet Protocol Class-D     $
 options                TCPDEBUG        # TCP debug                     # <tcpdebug>
 options                RANDOM_IP_ID    # random (not sequential) ip ids        # <randomipid>
 options                TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set     # <tcpdrop_synfin>
 options                ICMP_BANDLIM    # ICMP bandwidth limiting sysctl
-options                AUDIT           # Security event auditing       # <audit>
+options                IFNET_INPUT_SANITY_CHK  # allow dlil/ifnet input sanity check # <ifnet_input_chk>
+options                SYSV_SEM        # SVID semaphores                       # <sysv_sem>
+options                SYSV_MSG        # SVID messages                         # <sysv_msg>
+options                SYSV_SHM        # SVID shared mem                       # <sysv_shm>
+options                PSYNCH          # pthread synch                         # <psynch>
+options                PANIC_INFO      # want kernel panic info        # <panic_info>
+options                DEVELOPMENT     # dev kernel                            # <development>
+
+# secure_kernel - secure kernel from user programs
+options     SECURE_KERNEL       # <secure_kernel> 
 
+options     OLD_SEMWAIT_SIGNAL  # old semwait_signal handler
 
 #
 #      4.4 general kernel 
 #
-options        COMPAT_43       # 4.3 BSD compatibility         # <compat_43>
+options                SOCKETS         # socket support                        # <inet, inet6, netat>
 options        DIAGNOSTIC      # diagnostics                           # <diagnostic>
-options                KTRACE          # ktrace support                        # <ktrace>
+options                CONFIG_DTRACE   # dtrace support                        # <config_dtrace>
 options                GPROF           # build profiling                       # <profile>
+options                SENDFILE        # sendfile                                      # <sendfile>
+options                NETWORKING      # networking layer                      # <inet, inet6, netat>
+options                CONFIG_FSE      # file system events            # <config_fse>
+options                CONFIG_IMAGEBOOT        # local image boot      # <config_imageboot>
+options                CONFIG_SOWUPCALL        # SB_UPCALL on sowwakeup        # <config_sowupcall>
+options                CONFIG_MBUF_NOEXPAND    # limit mbuf expansion  # <config_mbuf_noexpand>
+options                CONFIG_MBUF_JUMBO       # jumbo cluster pool    # <config_mbuf_jumbo>
+options                CONFIG_MBUF_TAGS_MALLOC # use malloc for tags   # <config_mbuf_tags_malloc>
+options                CONFIG_FORCE_OUT_IFP    # Enable IP_FORCE_OUT_IFP # <config_force_out_ifp>
+options                CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # <config_ifef_nowindowscale>
+
+options                CONFIG_WORKQUEUE        # <config_workqueue>
+
 
 #
 #      4.4 filesystems 
 #
-options                FFS             # Fast Filesystem Support       # <ffs>
-options                HFS             # HFS/HFS+ support              # <hfs>
+options                FFS                     # Fast Filesystem Support       # <ffs>
+options                HFS                     # HFS/HFS+ support              # <hfs>
 options                FIFO            # fifo support                  # <fifo>
 options                UNION           # union_fs support              # <union>
 options                FDESC           # fdesc_fs support              # <fdesc>
-options                CD9660          # ISO 9660 CD-ROM support       # <cd9660>
-options                VOLFS           # volfs support                 # <volfs>
 options                DEVFS           # devfs support                 # <devfs>
-options                SYNTHFS         # synthfs support               # <synthfs>
+options                JOURNALING      # journaling support    # <journaling>
+options                HFS_COMPRESSION # hfs compression       # <hfs_compression>
+
+#
+#      file system features
+#
+options                QUOTA           # file system quotas            # <quota>
+options                REV_ENDIAN_FS   # Reverse Endian FS             # <revfs>
+options                NAMEDSTREAMS    # named stream vnop support     # <namedstreams>
+options                CONFIG_VOLFS    # volfs path support (legacy)   # <config_volfs>
+options                CONFIG_IMGSRC_ACCESS # source of imageboot dmg  # <config_imgsrc_access>
 
 #
 # NFS support
 #
-options                NFSCLIENT       # Be an NFS client              # <nfsserver>
-options                NFSSERVER       # Be an NFS server              # <nfsclient>
+options                NFSCLIENT       # Be an NFS client              # <nfsclient>
+options                NFSSERVER       # Be an NFS server              # <nfsserver>
 
 #
 # AppleTalk Support
 #
-options                NETAT           # AppleTalk support             # <netat>
-options                AURP_SUPPORT    # AppleTalk Update Routing      # <netat>
+options                NETAT                   # AppleTalk support                             # <netat>
+#options               AURP_SUPPORT    # AppleTalk Update Routing      # <netat>
+
 #
 # Machine Independent Apple Features
 #
@@ -188,7 +218,7 @@ options             DRIVERKIT       # driverkit support             # <driverkit>
 options                KERNOBJC        # Objective-C support           # <kernobjc>
 options                OBJCTEST        # Objc internal test            # <objctest>
 options                KERNEL_STACK    # MI kernel stack support       # <kernstack>
-profile                                # build a profiling kernel      # <profile>
+profile                                                # build a profiling kernel      # <profile>
 
 #
 #  Point-to-Point Protocol support
@@ -202,8 +232,8 @@ options         "INET6"                     # kernel IPv6 Support           # <inet6>
 options         IPSEC                                  # IP security                   # <ipsec>
 options         IPSEC_ESP                              # IP security                   # <ipsec>
 options         "IPV6FIREWALL"                         # IPv6 Firewall Feature         # <ipv6firewall>
-options         "IPV6FIREWALL_DEFAULT_TO_ACCEPT"  #IPv6 Firewall Feature       # <ipv6firewall>
-options         "IPV6FIREWALL_VERBOSE"                 #IPv6 Firewall Feature          # <ipv6firewall>
+options         "IPV6FIREWALL_DEFAULT_TO_ACCEPT"       #IPv6 Firewall Feature          # <ipv6firewall>
+#options         "IPV6FIREWALL_VERBOSE"                #IPv6 Firewall Feature          # <ipv6firewall>
 
 pseudo-device   gif     1              # <gif>
 pseudo-device   dummy   2              # <dummy>
@@ -211,6 +241,12 @@ pseudo-device   faith   1          # <faith>
 pseudo-device   stf    1               # <stf>
 
 options                        crypto                  # <ipsec,crypto>
+options                        ALLCRYPTO               # <xlarge,large,medium>
+options                        randomipid              # <inet,randomipid>
+
+options                ZLIB            # inflate/deflate support       # <zlib>
+
+options                IF_BRIDGE                       # <if_bridge>
 
 makeoptions    LIBDRIVER = "libDriver_kern.o"                  # <libdriver>
 makeoptions    LIBOBJC   = "libkobjc.o"                        # <kernobjc>
@@ -219,7 +255,7 @@ maxusers    64              # <xlarge>
 maxusers       50              # <large>
 maxusers       32              # <medium>
 maxusers       16              # <small>
-maxusers       8               # <xsmall,msmall>
+maxusers       8               # <xsmall>
 maxusers       2               # <bsmall>
 
 #
@@ -231,22 +267,195 @@ pseudo-device    cpus            16      # <multi16>
 pseudo-device  cpus            2       # <multi2>
 pseudo-device  cpus            1       # <!multi64,multi32,multi16,multi2>
 
+#
+#  configurable kernel event related resources 
+#
+options   CONFIG_KN_HASHSIZE=64                # <medium,large,xlarge>
+options   CONFIG_KN_HASHSIZE=48                # <small,xsmall>
+options   CONFIG_KN_HASHSIZE=20                # <bsmall>
+
+#
+#  configurable vfs related resources 
+#  CONFIG_VNODES - used to pre allocate vnode related resources 
+#  CONFIG_VNODE_FREE_MIN - mininmum number of free vnodes 
+#  CONFIG_NC_HASH - name cache hash table allocation
+#  CONFIG_VFS_NAMES - name strings
+#
+#  263168 magic number for medium CONFIG_VNODES is based on memory 
+#  Number vnodes  is (memsize/64k) + 1024 
+#  This is the calculation that is used by launchd in tiger
+#  we are clipping the max based on 16G 
+#  ie ((16*1024*1024*1024)/(64 *1024)) + 1024 = 263168;
+
+options   CONFIG_VNODES=263168         # <large,xlarge>
+options   CONFIG_VNODES=263168         # <medium>
+options   CONFIG_VNODES=10240          # <small>
+options   CONFIG_VNODES=1024           # <xsmall>
+options   CONFIG_VNODES=750                    # <bsmall>
+
+options   CONFIG_VNODE_FREE_MIN=500            # <large,xlarge>
+options   CONFIG_VNODE_FREE_MIN=300            # <medium>
+options   CONFIG_VNODE_FREE_MIN=200            # <small>
+options   CONFIG_VNODE_FREE_MIN=100            # <xsmall>
+options   CONFIG_VNODE_FREE_MIN=75             # <bsmall>
+
+options   CONFIG_NC_HASH=5120          # <large,xlarge>
+options   CONFIG_NC_HASH=4096          # <medium>
+options   CONFIG_NC_HASH=2048          # <small,xsmall>
+options   CONFIG_NC_HASH=1024          # <bsmall>
+
+options   CONFIG_VFS_NAMES=5120                # <large,xlarge>
+options   CONFIG_VFS_NAMES=4096                # <medium>
+options   CONFIG_VFS_NAMES=3072                # <small,xsmall>
+options   CONFIG_VFS_NAMES=2048                # <bsmall>
+
+options   CONFIG_MAX_CLUSTERS=8                # <xlarge,large,medium>
+options   CONFIG_MAX_CLUSTERS=4                # <small,xsmall,bsmall>
+
+#
+#  configurable kauth credential related resources 
+#
+options   KAUTH_CRED_PRIMES_COUNT=7            # <medium,large,xlarge>
+options   KAUTH_CRED_PRIMES_COUNT=3            # <bsmall,xsmall,small>
+
+options   KAUTH_CRED_PRIMES="{97, 241, 397, 743, 1499, 3989, 7499}"            # <medium,large,xlarge>
+options   KAUTH_CRED_PRIMES="{5, 17, 97}"                                                              # <bsmall,xsmall,small>
+
+#
+#  configurable options for minumum number of buffers for kernel memory 
+#
+options   CONFIG_MIN_NBUF=256          # <medium,large,xlarge>
+options   CONFIG_MIN_NBUF=128          # <small>
+options   CONFIG_MIN_NBUF=80           # <xsmall>
+options   CONFIG_MIN_NBUF=64           # <bsmall>
+
+options   CONFIG_MIN_NIOBUF=128                # <medium,large,xlarge>
+options   CONFIG_MIN_NIOBUF=64         # <xsmall,small>
+options   CONFIG_MIN_NIOBUF=32         # <bsmall>
+
+#
+# set maximum space used for packet buffers
+#
+options        CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)"         # <large,xlarge>
+options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"          # <medium>
+options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"          # <bsmall,xsmall,small>
+
+#
+# set maximum space used for packet buffers
+#
+options CONFIG_USESOCKTHRESHOLD=1      # <large,xlarge,medium>
+options CONFIG_USESOCKTHRESHOLD=0      # <bsmall,xsmall,small>
+
+#
+# Configure size of TCP hash table
+#
+options CONFIG_TCBHASHSIZE=4096                # <medium,large,xlarge>
+options CONFIG_TCBHASHSIZE=128         # <xsmall,small,bsmall>
+
+#
+#  configurable async IO options 
+#  CONFIG_AIO_MAX - system wide limit of async IO requests.
+#  CONFIG_AIO_PROCESS_MAX - process limit of async IO requests.
+#  CONFIG_AIO_THREAD_COUNT - number of async IO worker threads created.
+#
+options   CONFIG_AIO_MAX=360           # <xlarge>
+options   CONFIG_AIO_MAX=180           # <large>
+options   CONFIG_AIO_MAX=90                    # <medium>
+options   CONFIG_AIO_MAX=45                    # <small>
+options   CONFIG_AIO_MAX=20                    # <xsmall>
+options   CONFIG_AIO_MAX=10                    # <bsmall>
+
+options   CONFIG_AIO_PROCESS_MAX=64            # <xlarge>
+options   CONFIG_AIO_PROCESS_MAX=32            # <large>
+options   CONFIG_AIO_PROCESS_MAX=16            # <medium>
+options   CONFIG_AIO_PROCESS_MAX=12            # <small>
+options   CONFIG_AIO_PROCESS_MAX=8             # <xsmall>
+options   CONFIG_AIO_PROCESS_MAX=4             # <bsmall>
+
+options   CONFIG_AIO_THREAD_COUNT=16   # <xlarge>
+options   CONFIG_AIO_THREAD_COUNT=8            # <large>
+options   CONFIG_AIO_THREAD_COUNT=4            # <medium>
+options   CONFIG_AIO_THREAD_COUNT=3            # <small>
+options   CONFIG_AIO_THREAD_COUNT=2            # <xsmall,bsmall>
+
+#
+#  configurable kernel related resources (CONFIG_THREAD_MAX needs to stay in 
+#  sync with osfmk/conf/MASTER until we fix the config system...) todo XXX
+#
+options   CONFIG_THREAD_MAX=2560               # <medium,large,xlarge>
+options   CONFIG_THREAD_MAX=1536               # <small,xsmall>
+options   CONFIG_THREAD_MAX=1024               # <bsmall>
+
+options   CONFIG_MAXVIFS=32                            # <medium,large,xlarge>
+options   CONFIG_MAXVIFS=16                            # <small,xsmall>
+options   CONFIG_MAXVIFS=2                             # <bsmall>
+
+options   CONFIG_MFCTBLSIZ=256                 # <medium,large,xlarge>
+options   CONFIG_MFCTBLSIZ=128                 # <small,xsmall>
+options   CONFIG_MFCTBLSIZ=16                  # <bsmall>
+
+#
+#  configurable kernel - use these options to strip strings from panic
+#  and printf calls.
+#  no_panic_str - saves around 50K of kernel footprint.
+#  no_printf_str - saves around 45K of kernel footprint.
+#
+options   CONFIG_NO_PANIC_STRINGS              # <no_panic_str>
+options   CONFIG_NO_PRINTF_STRINGS             # <no_printf_str>
+options   CONFIG_NO_KPRINTF_STRINGS            # <no_kprintf_str>
+
+#
+# configurable kernel - general switch to say we are building for an
+# embedded device
+#
+options   CONFIG_EMBEDDED                      # <config_embedded>
+
+# only execute signed code. Hang this off config_embedded since there's
+# nothing more appropriate right now
+#
+options   CONFIG_ENFORCE_SIGNED_CODE           # <config_embedded>
+
+# support dynamic signing of code
+#
+options                CONFIG_DYNAMIC_CODE_SIGNING     # <dynamic_codesigning>
+
+#
+# code decryption... used on embedded for app protection
+# must be set in all the bsd/conf and osfmk/conf MASTER files
+#
+options                CONFIG_CODE_DECRYPTION  # <config_embedded>
+
+
 #
 #  Ethernet (ARP)
 #
-pseudo-device  ether
+pseudo-device  ether                   # <networking,inet,inet6,netat>
 #
 #  Network loopback device
 #
-pseudo-device  loop
+pseudo-device  loop                    # <networking,inet,inet6,netat>
 #
 #  UCB pseudo terminal service
 #
-pseudo-device  pty     128 init pty_init
+pseudo-device  pty     512 init pty_init       # <xlarge>
+pseudo-device  pty     256 init pty_init       # <large>
+pseudo-device  pty     128 init pty_init       # <medium>
+pseudo-device  pty      48 init pty_init       # <small>
+pseudo-device  pty      16 init pty_init       # <xsmall>
+pseudo-device  pty       8 init pty_init       # <bsmall>
+#
+# Cloning pseudo terminal service
+#
+pseudo-device  ptmx    1 init ptmx_init
 
 #
 # vnode device
-pseudo-device  vndevice        4       init    vndevice_init
+#
+pseudo-device  vndevice           16       init    vndevice_init   # <xlarge>
+pseudo-device  vndevice                8       init    vndevice_init   # <large>
+pseudo-device  vndevice                4       init    vndevice_init   # <medium>
+pseudo-device  vndevice                3       init    vndevice_init   # <small>
+pseudo-device  vndevice                2       init    vndevice_init   # <bsmall>
 
 #
 # memory device
@@ -256,7 +465,11 @@ pseudo-device      mdevdevice      1       init    mdevinit
 #
 # packet filter device
 #
-pseudo-device  bpfilter        4       init    bpf_init
+pseudo-device  bpfilter        4       init    bpf_init                # <networking,inet,inet6,netat>
+
+#
+# fsevents device
+pseudo-device  fsevents        1       init    fsevents_init   # <config_fse>
 
 #
 #  shim to "linux" mach disk drivers  (mach drivers must also be turned on)
@@ -265,4 +478,11 @@ pseudo-device      bpfilter        4       init    bpf_init
 #pseudo-device diskshim
 
 pseudo-device  random          1       init    random_init
+pseudo-device  dtrace          1       init    dtrace_init     # <config_dtrace>
+pseudo-device  helper          1       init    helper_init     # <config_dtrace>
+pseudo-device  lockstat        1       init    lockstat_init   # <config_dtrace>
+pseudo-device  sdt             1       init    sdt_init        # <config_dtrace>
+pseudo-device  systrace        1       init    systrace_init   # <config_dtrace>
+pseudo-device  fbt             1       init    fbt_init        # <config_dtrace>
+pseudo-device  profile_prvd    1       init    profile_init    # <config_dtrace>