X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/b7266188b87f3620ec3f9f717e57194a7dd989fe..39236c6e673c41db228275375ab7fdb0f837b292:/bsd/conf/MASTER diff --git a/bsd/conf/MASTER b/bsd/conf/MASTER index 36c667094..da9dcbea2 100644 --- a/bsd/conf/MASTER +++ b/bsd/conf/MASTER @@ -82,7 +82,6 @@ options TIMEZONE=0, PST=0 options QUOTA # # options INET # # -options ABSOLUTETIME_SCALAR_TYPE options NEW_VM_CODE # # options OLD_VM_CODE # # options HW_AST # Hardware ast support # @@ -101,36 +100,35 @@ options MACH_IPC_COMPAT # Enable old IPC interface # options MACH_IPC_DEBUG # Enable IPC debugging calls # options MACH_IPC_TEST # Testing code/printfs # options MACH_LDEBUG # Sanity-check simple locking # +options CONFIG_ZLEAKS # Live zone leak debug sysctls # options MACH_NP # Mach IPC support # options MACH_NBC # No buffer cache # options MACH_NET # Fast network access # options MACH_XP # external pager support # -options NORMA_IPC # NORMA IPC support # -options NORMA_DEVICE # NORMA unified device names # -options NORMA_VM # NORMA virtual memory support # -options NORMA_TASK # NORMA task support # -options NORMA_ETHER # NORMA across ethernet # options SIMPLE_CLOCK # don't assume fixed tick # options XPR_DEBUG # kernel tracing # options KDEBUG # kernel tracing # +options IST_KDEBUG # limited kernel tracing # +options NO_KDEBUG # no kernel tracing # options DDM_DEBUG # driverkit-style tracing # options MACH_OLD_VM_COPY # Old vm_copy technology # options NO_DIRECT_RPC # for untyped mig servers # -options IPX # ipx stack # -options EON # # -options ISO # ISO stack # -options LLC # 802.2 support # options LOOP # loopback support # options MROUTING # multicast routing # -options ROUTING # routing # -options NETMIBS # # options VLAN # # options BOND # # options PF # Packet Filter # -options PF_PKTHDR # PF tag inside mbuf pkthdr # +options PF_ALTQ # PF ALTQ (Alternate Queueing) # options PFLOG # PF log interface # +options PKTSCHED_CBQ # CBQ packet scheduler # +options PKTSCHED_HFSC # H-FSC packet scheduler # +options PKTSCHED_PRIQ # PRIQ packet scheduler # +options PKTSCHED_FAIRQ # FAIRQ packet scheduler # +options MEASURE_BW # interface bandwidth measurement # +options CLASSQ_BLUE # BLUE queueing algorithm # +options CLASSQ_RED # RED queueing algorithm # +options CLASSQ_RIO # RIO queueing algorithm # options IPDIVERT # Divert sockets (for NAT) # -options IPFLOW # IP fast forwarding # options IPFIREWALL # IP Firewalling (used by NAT) # options IPFIREWALL_FORWARD #Transparent proxy # options IPFIREWALL_DEFAULT_TO_ACCEPT # allow everything by default # @@ -139,16 +137,17 @@ options TRAFFIC_MGT # traffic management support # options IPFW2 # IP firewall (new version) # options MULTICAST # Internet Protocol Class-D $ options TCPDEBUG # TCP debug # -options RANDOM_IP_ID # random (not sequential) ip ids # options TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set # options ICMP_BANDLIM # ICMP bandwidth limiting sysctl options IFNET_INPUT_SANITY_CHK # allow dlil/ifnet input sanity check # +options MULTIPATH # Multipath domain # +options MPTCP # Multipath TCP # options SYSV_SEM # SVID semaphores # options SYSV_MSG # SVID messages # options SYSV_SHM # SVID shared mem # options PSYNCH # pthread synch # -options PANIC_INFO # want kernel panic info # options DEVELOPMENT # dev kernel # +options FLOW_DIVERT # # secure_kernel - secure kernel from user programs options SECURE_KERNEL # @@ -158,35 +157,35 @@ options OLD_SEMWAIT_SIGNAL # old semwait_signal handler # # 4.4 general kernel # -options SOCKETS # socket support # +options SOCKETS # socket support # options DIAGNOSTIC # diagnostics # options CONFIG_DTRACE # dtrace support # options GPROF # build profiling # options SENDFILE # sendfile # -options NETWORKING # networking layer # +options NETWORKING # networking layer # options CONFIG_FSE # file system events # options CONFIG_IMAGEBOOT # local image boot # -options CONFIG_SOWUPCALL # SB_UPCALL on sowwakeup # -options CONFIG_MBUF_NOEXPAND # limit mbuf expansion # options CONFIG_MBUF_JUMBO # jumbo cluster pool # -options CONFIG_MBUF_TAGS_MALLOC # use malloc for tags # options CONFIG_FORCE_OUT_IFP # Enable IP_FORCE_OUT_IFP # options CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # options CONFIG_WORKQUEUE # - # # 4.4 filesystems # options FFS # Fast Filesystem Support # options HFS # HFS/HFS+ support # +options MOCKFS # Boot from an executable # options FIFO # fifo support # -options UNION # union_fs support # options FDESC # fdesc_fs support # options DEVFS # devfs support # options JOURNALING # journaling support # options HFS_COMPRESSION # hfs compression # +options CONFIG_HFS_STD # hfs standard support # +options CONFIG_HFS_TRIM # hfs trims unused blocks # +options CONFIG_HFS_MOUNT_UNMAP #hfs trims blocks at mount # +options CONFIG_HFS_DIRLINK #allow directory hardlink creation # # # file system features @@ -194,8 +193,12 @@ options HFS_COMPRESSION # hfs compression # options QUOTA # file system quotas # options REV_ENDIAN_FS # Reverse Endian FS # options NAMEDSTREAMS # named stream vnop support # +options CONFIG_APPLEDOUBLE # apple double support # options CONFIG_VOLFS # volfs path support (legacy) # options CONFIG_IMGSRC_ACCESS # source of imageboot dmg # +options CONFIG_TRIGGERS # trigger vnodes # +options CONFIG_EXT_RESOLVER # e.g. memberd # +options CONFIG_SEARCHFS # searchfs syscall support # # # NFS support @@ -203,12 +206,6 @@ options CONFIG_IMGSRC_ACCESS # source of imageboot dmg # options NFSCLIENT # Be an NFS client # options NFSSERVER # Be an NFS server # -# -# AppleTalk Support -# -options NETAT # AppleTalk support # -#options AURP_SUPPORT # AppleTalk Update Routing # - # # Machine Independent Apple Features # @@ -220,15 +217,11 @@ options OBJCTEST # Objc internal test # options KERNEL_STACK # MI kernel stack support # profile # build a profiling kernel # -# -# Point-to-Point Protocol support -# -pseudo-device ppp 2 # - # # IPv6 Support # options "INET6" # kernel IPv6 Support # +options IPV6SEND # Secure Neighbor Discovery # options IPSEC # IP security # options IPSEC_ESP # IP security # options "IPV6FIREWALL" # IPv6 Firewall Feature # @@ -237,12 +230,10 @@ options "IPV6FIREWALL_DEFAULT_TO_ACCEPT" #IPv6 Firewall Feature # pseudo-device dummy 2 # -pseudo-device faith 1 # pseudo-device stf 1 # options crypto # options ALLCRYPTO # -options randomipid # options ZLIB # inflate/deflate support # @@ -290,7 +281,6 @@ options CONFIG_KN_HASHSIZE=20 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=10240 # -options CONFIG_VNODES=1024 # options CONFIG_VNODES=750 # options CONFIG_VNODE_FREE_MIN=500 # @@ -340,18 +330,18 @@ options CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)" # options CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)" # options CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)" # -# -# set maximum space used for packet buffers -# -options CONFIG_USESOCKTHRESHOLD=1 # -options CONFIG_USESOCKTHRESHOLD=0 # - # # Configure size of TCP hash table # options CONFIG_TCBHASHSIZE=4096 # options CONFIG_TCBHASHSIZE=128 # +# +# Configure bandwidth limiting sysctl +# +options CONFIG_ICMP_BANDLIM=250 # +options CONFIG_ICMP_BANDLIM=50 # + # # configurable async IO options # CONFIG_AIO_MAX - system wide limit of async IO requests. @@ -394,6 +384,12 @@ options CONFIG_MFCTBLSIZ=256 # options CONFIG_MFCTBLSIZ=128 # options CONFIG_MFCTBLSIZ=16 # +# +# configurable kernel message buffer size +# +options CONFIG_MSG_BSIZE=4096 # +options CONFIG_MSG_BSIZE=16384 # + # # configurable kernel - use these options to strip strings from panic # and printf calls. @@ -405,35 +401,66 @@ options CONFIG_NO_PRINTF_STRINGS # options CONFIG_NO_KPRINTF_STRINGS # # -# configurable kernel - general switch to say we are building for an -# embedded device +# use finer-grained lock groups for the proc subsystem # -options CONFIG_EMBEDDED # - -# only execute signed code. Hang this off config_embedded since there's -# nothing more appropriate right now -# -options CONFIG_ENFORCE_SIGNED_CODE # +options CONFIG_FINE_LOCK_GROUPS # # support dynamic signing of code # options CONFIG_DYNAMIC_CODE_SIGNING # # -# code decryption... used on embedded for app protection -# must be set in all the bsd/conf and osfmk/conf MASTER files +# User Content Protection, used on embedded +# +options CONFIG_PROTECT # + +# +# enable per-process memory priority tracking +# +options CONFIG_MEMORYSTATUS # + +# +# enable jetsam - used on embedded +# +options CONFIG_JETSAM # + +# +# enable freezing of suspended processes - used on embedded +# +options CONFIG_FREEZE # + +options CHECK_CS_VALIDATION_BITMAP # + +# +# memory pressure event support +# must be set in both bsd/conf and osfmk/conf MASTER files +# +options VM_PRESSURE_EVENTS # + +# +# Enable inheritance of importance through specially marked mach ports and for file locks +# For now debug is enabled wherever inheritance is # -options CONFIG_CODE_DECRYPTION # +options IMPORTANCE_INHERITANCE # +options IMPORTANCE_DEBUG # +options CONFIG_TELEMETRY # + +options CONFIG_PROC_UUID_POLICY # + +# +# In-kernel tests +# +options CONFIG_IN_KERNEL_TESTS # # # Ethernet (ARP) # -pseudo-device ether # +pseudo-device ether # # # Network loopback device # -pseudo-device loop # +pseudo-device loop # # # UCB pseudo terminal service # @@ -455,6 +482,7 @@ pseudo-device vndevice 16 init vndevice_init # pseudo-device vndevice 8 init vndevice_init # pseudo-device vndevice 4 init vndevice_init # pseudo-device vndevice 3 init vndevice_init # +pseudo-device vndevice 2 init vndevice_init # pseudo-device vndevice 2 init vndevice_init # # @@ -465,7 +493,7 @@ pseudo-device mdevdevice 1 init mdevinit # # packet filter device # -pseudo-device bpfilter 4 init bpf_init # +pseudo-device bpfilter 4 init bpf_init # # # fsevents device @@ -485,4 +513,3 @@ pseudo-device sdt 1 init sdt_init # pseudo-device systrace 1 init systrace_init # pseudo-device fbt 1 init fbt_init # pseudo-device profile_prvd 1 init profile_init # -