xnu-2050.22.13.tar.gz

[apple/xnu.git] / bsd / conf / MASTER
diff --git a/bsd/conf/MASTER b/bsd/conf/MASTER

index 9459048eb2e6bc1bcb5f25a0d166baa2cbfa82a8..17c0acc529faf7f76553c73163675693b849fa6c 100644 (file)
--- a/bsd/conf/MASTER
+++ b/bsd/conf/MASTER
@@ -101,6 +101,7 @@ options             MACH_IPC_COMPAT # Enable old IPC interface      # <ipc_compat>
  options                MACH_IPC_DEBUG  # Enable IPC debugging calls    # <ipc_debug>
  options                MACH_IPC_TEST   # Testing code/printfs          # <ipc_test>
  options                MACH_LDEBUG     # Sanity-check simple locking   # <test>
  options                MACH_IPC_DEBUG  # Enable IPC debugging calls    # <ipc_debug>
  options                MACH_IPC_TEST   # Testing code/printfs          # <ipc_test>
  options                MACH_LDEBUG     # Sanity-check simple locking   # <test>
+options                CONFIG_ZLEAKS   # Live zone leak debug sysctls  # <zleaks>
  options        MACH_NP         # Mach IPC support              # <np>
  options                MACH_NBC        # No buffer cache               # <nbc>
  options                MACH_NET        # Fast network access           # <mach_net>
  options        MACH_NP         # Mach IPC support              # <np>
  options                MACH_NBC        # No buffer cache               # <nbc>
  options                MACH_NET        # Fast network access           # <mach_net>
@@ -113,6 +114,8 @@ options             NORMA_ETHER     # NORMA across ethernet         # <norma_ether>
  options                SIMPLE_CLOCK    # don't assume fixed tick       # <simple_clock>
  options                XPR_DEBUG       # kernel tracing                # <xpr_debug>
  options                KDEBUG          # kernel tracing                # <kdebug>
  options                SIMPLE_CLOCK    # don't assume fixed tick       # <simple_clock>
  options                XPR_DEBUG       # kernel tracing                # <xpr_debug>
  options                KDEBUG          # kernel tracing                # <kdebug>
+options                IST_KDEBUG      # limited kernel tracing        # <ist_kdebug>
+options                NO_KDEBUG       # no kernel tracing # <no_kdebug>
  options                DDM_DEBUG       # driverkit-style tracing       # <ddm_debug>
  options                MACH_OLD_VM_COPY # Old vm_copy technology       # <!newvm>
  options                NO_DIRECT_RPC   # for untyped mig servers       # 
  options                DDM_DEBUG       # driverkit-style tracing       # <ddm_debug>
  options                MACH_OLD_VM_COPY # Old vm_copy technology       # <!newvm>
  options                NO_DIRECT_RPC   # for untyped mig servers       # 
@@ -123,9 +126,18 @@ options            LLC             # 802.2 support                 # <llc>
  options                LOOP            # loopback support              # <loop>
  options                MROUTING        # multicast routing             # <mrouting>
  options                ROUTING         # routing                       # <routing>
  options                LOOP            # loopback support              # <loop>
  options                MROUTING        # multicast routing             # <mrouting>
  options                ROUTING         # routing                       # <routing>
-options                NETMIBS         #                               # <netmibs>
  options                VLAN            #                               # <vlan>
  options                BOND            #                               # <bond>
  options                VLAN            #                               # <vlan>
  options                BOND            #                               # <bond>
+options                PF              # Packet Filter                 # <pf>
+options                PF_ALTQ         # PF ALTQ (Alternate Queueing)  # <pf_altq>
+options                PFLOG           # PF log interface              # <pflog>
+options                PKTSCHED_CBQ    # CBQ packet scheduler          # <pktsched_cbq>
+options                PKTSCHED_HFSC   # H-FSC packet scheduler        # <pktsched_hfsc>
+options                PKTSCHED_PRIQ   # PRIQ packet scheduler         # <pktsched_priq>
+options                PKTSCHED_FAIRQ  # FAIRQ packet scheduler        # <pktsched_fairq>
+options                CLASSQ_BLUE     # BLUE queueing algorithm       # <classq_blue>
+options                CLASSQ_RED      # RED queueing algorithm        # <classq_red>
+options                CLASSQ_RIO      # RIO queueing algorithm        # <classq_rio>
  options                IPDIVERT        # Divert sockets (for NAT)      # <ipdivert>
  options                IPFIREWALL      # IP Firewalling (used by NAT)  # <ipfirewall>
  options                IPFIREWALL_FORWARD      #Transparent proxy      # <ipfirewall>
  options                IPDIVERT        # Divert sockets (for NAT)      # <ipdivert>
  options                IPFIREWALL      # IP Firewalling (used by NAT)  # <ipfirewall>
  options                IPFIREWALL_FORWARD      #Transparent proxy      # <ipfirewall>
@@ -139,21 +151,21 @@ options           RANDOM_IP_ID    # random (not sequential) ip ids        # <randomipid>
  options                TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set     # <tcpdrop_synfin>
  options                ICMP_BANDLIM    # ICMP bandwidth limiting sysctl
  options                IFNET_INPUT_SANITY_CHK  # allow dlil/ifnet input sanity check # <ifnet_input_chk>
  options                TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set     # <tcpdrop_synfin>
  options                ICMP_BANDLIM    # ICMP bandwidth limiting sysctl
  options                IFNET_INPUT_SANITY_CHK  # allow dlil/ifnet input sanity check # <ifnet_input_chk>
-options                AUDIT           # Security event auditing       # <audit>
  options                SYSV_SEM        # SVID semaphores                       # <sysv_sem>
  options                SYSV_MSG        # SVID messages                         # <sysv_msg>
  options                SYSV_SHM        # SVID shared mem                       # <sysv_shm>
  options                SYSV_SEM        # SVID semaphores                       # <sysv_sem>
  options                SYSV_MSG        # SVID messages                         # <sysv_msg>
  options                SYSV_SHM        # SVID shared mem                       # <sysv_shm>
-options                PANIC_INFO      # want kernel panic info        # <panic_info>
+options                PSYNCH          # pthread synch                         # <psynch>
  options                DEVELOPMENT     # dev kernel                            # <development>
  
  # secure_kernel - secure kernel from user programs
  options     SECURE_KERNEL       # <secure_kernel> 
  
  options                DEVELOPMENT     # dev kernel                            # <development>
  
  # secure_kernel - secure kernel from user programs
  options     SECURE_KERNEL       # <secure_kernel> 
  
+options     OLD_SEMWAIT_SIGNAL  # old semwait_signal handler
+
  #
  #      4.4 general kernel 
  #
  options                SOCKETS         # socket support                        # <inet, inet6, netat>
  #
  #      4.4 general kernel 
  #
  options                SOCKETS         # socket support                        # <inet, inet6, netat>
-options        COMPAT_43_TTY   # 4.3 BSD tty compat    # <compat_43_tty>
  options        DIAGNOSTIC      # diagnostics                           # <diagnostic>
  options                CONFIG_DTRACE   # dtrace support                        # <config_dtrace>
  options                GPROF           # build profiling                       # <profile>
  options        DIAGNOSTIC      # diagnostics                           # <diagnostic>
  options                CONFIG_DTRACE   # dtrace support                        # <config_dtrace>
  options                GPROF           # build profiling                       # <profile>
@@ -162,11 +174,9 @@ options            NETWORKING      # networking layer                      # <inet, inet6, netat>
  options                CONFIG_FSE      # file system events            # <config_fse>
  options                CONFIG_IMAGEBOOT        # local image boot      # <config_imageboot>
  options                CONFIG_SOWUPCALL        # SB_UPCALL on sowwakeup        # <config_sowupcall>
  options                CONFIG_FSE      # file system events            # <config_fse>
  options                CONFIG_IMAGEBOOT        # local image boot      # <config_imageboot>
  options                CONFIG_SOWUPCALL        # SB_UPCALL on sowwakeup        # <config_sowupcall>
-options                CONFIG_FORCE_OUT_IFP    # Force IP output to use an interface # <config_force_out_ifp>
-options                CONFIG_MBUF_NOEXPAND    # limit mbuf expansion  # <config_mbuf_noexpand>
  options                CONFIG_MBUF_JUMBO       # jumbo cluster pool    # <config_mbuf_jumbo>
  options                CONFIG_MBUF_JUMBO       # jumbo cluster pool    # <config_mbuf_jumbo>
-options                CONFIG_SCOPEDROUTING    # scoped routing on by default  # <config_scopedrouting>
-options                CONFIG_IP_EDGEHOLE      # Drop tagged packets at EDGE interface # <config_ip_edgehole>
+options                CONFIG_FORCE_OUT_IFP    # Enable IP_FORCE_OUT_IFP # <config_force_out_ifp>
+options                CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # <config_ifef_nowindowscale>
  
  options                CONFIG_WORKQUEUE        # <config_workqueue>
  
  
  options                CONFIG_WORKQUEUE        # <config_workqueue>
  
@@ -176,11 +186,14 @@ options           CONFIG_WORKQUEUE        # <config_workqueue>
  options                FFS                     # Fast Filesystem Support       # <ffs>
  options                HFS                     # HFS/HFS+ support              # <hfs>
  options                FIFO            # fifo support                  # <fifo>
  options                FFS                     # Fast Filesystem Support       # <ffs>
  options                HFS                     # HFS/HFS+ support              # <hfs>
  options                FIFO            # fifo support                  # <fifo>
-options                UNION           # union_fs support              # <union>
  options                FDESC           # fdesc_fs support              # <fdesc>
  options                FDESC           # fdesc_fs support              # <fdesc>
-options                CD9660          # ISO 9660 CD-ROM support       # <cd9660>
  options                DEVFS           # devfs support                 # <devfs>
  options                JOURNALING      # journaling support    # <journaling>
  options                DEVFS           # devfs support                 # <devfs>
  options                JOURNALING      # journaling support    # <journaling>
+options                HFS_COMPRESSION # hfs compression       # <hfs_compression>
+options                CONFIG_HFS_STD  # hfs standard support  # <config_hfs_std>
+options                CONFIG_HFS_TRIM # hfs trims unused blocks       # <config_hfs_trim>
+options                CONFIG_HFS_MOUNT_UNMAP  #hfs trims blocks at mount      # <config_hfs_mount_unmap>
+
  
  #
  #      file system features
  
  #
  #      file system features
@@ -189,6 +202,11 @@ options            QUOTA           # file system quotas            # <quota>
  options                REV_ENDIAN_FS   # Reverse Endian FS             # <revfs>
  options                NAMEDSTREAMS    # named stream vnop support     # <namedstreams>
  options                CONFIG_VOLFS    # volfs path support (legacy)   # <config_volfs>
  options                REV_ENDIAN_FS   # Reverse Endian FS             # <revfs>
  options                NAMEDSTREAMS    # named stream vnop support     # <namedstreams>
  options                CONFIG_VOLFS    # volfs path support (legacy)   # <config_volfs>
+options                CONFIG_IMGSRC_ACCESS # source of imageboot dmg  # <config_imgsrc_access>
+options                CONFIG_TRIGGERS # trigger vnodes                # <config_triggers>
+options                CONFIG_VFS_FUNNEL # thread unsafe vfs's # <config_vfs_funnel>
+options                CONFIG_EXT_RESOLVER # e.g. memberd              # <config_ext_resolver>
+options                CONFIG_SEARCHFS # searchfs syscall support      # <config_searchfs>
  
  #
  # NFS support
  
  #
  # NFS support
@@ -230,7 +248,6 @@ options         "IPV6FIREWALL_DEFAULT_TO_ACCEPT"    #IPv6 Firewall Feature          # <ip
  
  pseudo-device   gif     1              # <gif>
  pseudo-device   dummy   2              # <dummy>
  
  pseudo-device   gif     1              # <gif>
  pseudo-device   dummy   2              # <dummy>
-pseudo-device   faith   1              # <faith>
  pseudo-device   stf    1               # <stf>
  
  options                        crypto                  # <ipsec,crypto>
  pseudo-device   stf    1               # <stf>
  
  options                        crypto                  # <ipsec,crypto>
@@ -239,6 +256,8 @@ options                     randomipid              # <inet,randomipid>
  
  options                ZLIB            # inflate/deflate support       # <zlib>
  
  
  options                ZLIB            # inflate/deflate support       # <zlib>
  
+options                IF_BRIDGE                       # <if_bridge>
+
  makeoptions    LIBDRIVER = "libDriver_kern.o"                  # <libdriver>
  makeoptions    LIBOBJC   = "libkobjc.o"                        # <kernobjc>
  
  makeoptions    LIBDRIVER = "libDriver_kern.o"                  # <libdriver>
  makeoptions    LIBOBJC   = "libkobjc.o"                        # <kernobjc>
  
@@ -281,8 +300,7 @@ options   CONFIG_KN_HASHSIZE=20             # <bsmall>
  options   CONFIG_VNODES=263168         # <large,xlarge>
  options   CONFIG_VNODES=263168         # <medium>
  options   CONFIG_VNODES=10240          # <small>
  options   CONFIG_VNODES=263168         # <large,xlarge>
  options   CONFIG_VNODES=263168         # <medium>
  options   CONFIG_VNODES=10240          # <small>
-options   CONFIG_VNODES=1024           # <xsmall>
-options   CONFIG_VNODES=640                    # <bsmall>
+options   CONFIG_VNODES=750                    # <bsmall>
  
  options   CONFIG_VNODE_FREE_MIN=500            # <large,xlarge>
  options   CONFIG_VNODE_FREE_MIN=300            # <medium>
  
  options   CONFIG_VNODE_FREE_MIN=500            # <large,xlarge>
  options   CONFIG_VNODE_FREE_MIN=300            # <medium>
@@ -300,6 +318,9 @@ options   CONFIG_VFS_NAMES=4096             # <medium>
  options   CONFIG_VFS_NAMES=3072                # <small,xsmall>
  options   CONFIG_VFS_NAMES=2048                # <bsmall>
  
  options   CONFIG_VFS_NAMES=3072                # <small,xsmall>
  options   CONFIG_VFS_NAMES=2048                # <bsmall>
  
+options   CONFIG_MAX_CLUSTERS=8                # <xlarge,large,medium>
+options   CONFIG_MAX_CLUSTERS=4                # <small,xsmall,bsmall>
+
  #
  #  configurable kauth credential related resources 
  #
  #
  #  configurable kauth credential related resources 
  #
@@ -328,17 +349,18 @@ options        CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)"            # <large,xlarge>
  options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"          # <medium>
  options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"          # <bsmall,xsmall,small>
  
  options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"          # <medium>
  options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"          # <bsmall,xsmall,small>
  
-# set maximum space used for packet buffers
-#
-options        CONFIG_USESOCKTHRESHOLD=1               # <large,xlarge,medium>
-options        CONFIG_USESOCKTHRESHOLD=0               # <bsmall,xsmall,small>
-
  #
  # Configure size of TCP hash table
  #
  options CONFIG_TCBHASHSIZE=4096                # <medium,large,xlarge>
  options CONFIG_TCBHASHSIZE=128         # <xsmall,small,bsmall>
  
  #
  # Configure size of TCP hash table
  #
  options CONFIG_TCBHASHSIZE=4096                # <medium,large,xlarge>
  options CONFIG_TCBHASHSIZE=128         # <xsmall,small,bsmall>
  
+#
+# Configure bandwidth limiting sysctl
+#
+options CONFIG_ICMP_BANDLIM=250                # <medium,large,xlarge>
+options CONFIG_ICMP_BANDLIM=50         # <xsmall,small,bsmall>
+
  #
  #  configurable async IO options 
  #  CONFIG_AIO_MAX - system wide limit of async IO requests.
  #
  #  configurable async IO options 
  #  CONFIG_AIO_MAX - system wide limit of async IO requests.
@@ -381,6 +403,12 @@ options   CONFIG_MFCTBLSIZ=256                     # <medium,large,xlarge>
  options   CONFIG_MFCTBLSIZ=128                 # <small,xsmall>
  options   CONFIG_MFCTBLSIZ=16                  # <bsmall>
  
  options   CONFIG_MFCTBLSIZ=128                 # <small,xsmall>
  options   CONFIG_MFCTBLSIZ=16                  # <bsmall>
  
+#
+# configurable kernel message buffer size
+#
+options   CONFIG_MSG_BSIZE=4096                        # <bsmall,small,xsmall>
+options   CONFIG_MSG_BSIZE=16384               # <medium,large,xlarge>
+
  #
  #  configurable kernel - use these options to strip strings from panic
  #  and printf calls.
  #
  #  configurable kernel - use these options to strip strings from panic
  #  and printf calls.
@@ -391,18 +419,59 @@ options   CONFIG_NO_PANIC_STRINGS         # <no_panic_str>
  options   CONFIG_NO_PRINTF_STRINGS             # <no_printf_str>
  options   CONFIG_NO_KPRINTF_STRINGS            # <no_kprintf_str>
  
  options   CONFIG_NO_PRINTF_STRINGS             # <no_printf_str>
  options   CONFIG_NO_KPRINTF_STRINGS            # <no_kprintf_str>
  
+#
+# use finer-grained lock groups for the proc subsystem
+#
+options   CONFIG_FINE_LOCK_GROUPS               # <medium,large,xlarge>
+
  #
  # configurable kernel - general switch to say we are building for an
  # embedded device
  #
  options   CONFIG_EMBEDDED                      # <config_embedded>
  
  #
  # configurable kernel - general switch to say we are building for an
  # embedded device
  #
  options   CONFIG_EMBEDDED                      # <config_embedded>
  
+# only execute signed code. Hang this off config_embedded since there's
+# nothing more appropriate right now
+#
+options   CONFIG_ENFORCE_SIGNED_CODE           # <config_embedded>
+
+# support dynamic signing of code
+#
+options                CONFIG_DYNAMIC_CODE_SIGNING     # <dynamic_codesigning>
+
  #
  # code decryption... used on embedded for app protection
  # must be set in all the bsd/conf and osfmk/conf MASTER files
  #
  options                CONFIG_CODE_DECRYPTION  # <config_embedded>
  
  #
  # code decryption... used on embedded for app protection
  # must be set in all the bsd/conf and osfmk/conf MASTER files
  #
  options                CONFIG_CODE_DECRYPTION  # <config_embedded>
  
+#
+# User Content Protection, used on embedded
+#
+options                CONFIG_PROTECT  # <config_protect>
+
+#
+# enable per-process memory priority tracking
+#
+options                CONFIG_MEMORYSTATUS                             # <memorystatus>
+
+#
+# enable jetsam - used on embedded
+#
+options                CONFIG_JETSAM                           # <jetsam>
+
+#
+# enable freezing of suspended processes - used on embedded
+#
+options                CONFIG_FREEZE                                   # <freeze>
+
+options                CHECK_CS_VALIDATION_BITMAP                      # <config_cs_validation_bitmap>
+
+#
+# memory pressure event support
+# must be set in both bsd/conf and osfmk/conf MASTER files
+#
+options                VM_PRESSURE_EVENTS              # <vm_pressure_events>
  
  #
  #  Ethernet (ARP)
  
  #
  #  Ethernet (ARP)
@@ -433,6 +502,7 @@ pseudo-device  vndevice        16       init    vndevice_init   # <xlarge>
  pseudo-device  vndevice                8       init    vndevice_init   # <large>
  pseudo-device  vndevice                4       init    vndevice_init   # <medium>
  pseudo-device  vndevice                3       init    vndevice_init   # <small>
  pseudo-device  vndevice                8       init    vndevice_init   # <large>
  pseudo-device  vndevice                4       init    vndevice_init   # <medium>
  pseudo-device  vndevice                3       init    vndevice_init   # <small>
+pseudo-device  vndevice                2       init    vndevice_init   # <xsmall>
  pseudo-device  vndevice                2       init    vndevice_init   # <bsmall>
  
  #
  pseudo-device  vndevice                2       init    vndevice_init   # <bsmall>
  
  #
@@ -463,4 +533,3 @@ pseudo-device       sdt             1       init    sdt_init        # <config_dtrace>
  pseudo-device  systrace        1       init    systrace_init   # <config_dtrace>
  pseudo-device  fbt             1       init    fbt_init        # <config_dtrace>
  pseudo-device  profile_prvd    1       init    profile_init    # <config_dtrace>
  pseudo-device  systrace        1       init    systrace_init   # <config_dtrace>
  pseudo-device  fbt             1       init    fbt_init        # <config_dtrace>
  pseudo-device  profile_prvd    1       init    profile_init    # <config_dtrace>
-