X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/c910b4d9d2451126ae3917b931cd4390c11e1d52..db6096698656d32db7df630594bd9617ee54f828:/bsd/conf/MASTER diff --git a/bsd/conf/MASTER b/bsd/conf/MASTER index 9459048eb..17c0acc52 100644 --- a/bsd/conf/MASTER +++ b/bsd/conf/MASTER @@ -101,6 +101,7 @@ options MACH_IPC_COMPAT # Enable old IPC interface # options MACH_IPC_DEBUG # Enable IPC debugging calls # options MACH_IPC_TEST # Testing code/printfs # options MACH_LDEBUG # Sanity-check simple locking # +options CONFIG_ZLEAKS # Live zone leak debug sysctls # options MACH_NP # Mach IPC support # options MACH_NBC # No buffer cache # options MACH_NET # Fast network access # @@ -113,6 +114,8 @@ options NORMA_ETHER # NORMA across ethernet # options SIMPLE_CLOCK # don't assume fixed tick # options XPR_DEBUG # kernel tracing # options KDEBUG # kernel tracing # +options IST_KDEBUG # limited kernel tracing # +options NO_KDEBUG # no kernel tracing # options DDM_DEBUG # driverkit-style tracing # options MACH_OLD_VM_COPY # Old vm_copy technology # options NO_DIRECT_RPC # for untyped mig servers # @@ -123,9 +126,18 @@ options LLC # 802.2 support # options LOOP # loopback support # options MROUTING # multicast routing # options ROUTING # routing # -options NETMIBS # # options VLAN # # options BOND # # +options PF # Packet Filter # +options PF_ALTQ # PF ALTQ (Alternate Queueing) # +options PFLOG # PF log interface # +options PKTSCHED_CBQ # CBQ packet scheduler # +options PKTSCHED_HFSC # H-FSC packet scheduler # +options PKTSCHED_PRIQ # PRIQ packet scheduler # +options PKTSCHED_FAIRQ # FAIRQ packet scheduler # +options CLASSQ_BLUE # BLUE queueing algorithm # +options CLASSQ_RED # RED queueing algorithm # +options CLASSQ_RIO # RIO queueing algorithm # options IPDIVERT # Divert sockets (for NAT) # options IPFIREWALL # IP Firewalling (used by NAT) # options IPFIREWALL_FORWARD #Transparent proxy # @@ -139,21 +151,21 @@ options RANDOM_IP_ID # random (not sequential) ip ids # options TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set # options ICMP_BANDLIM # ICMP bandwidth limiting sysctl options IFNET_INPUT_SANITY_CHK # allow dlil/ifnet input sanity check # -options AUDIT # Security event auditing # options SYSV_SEM # SVID semaphores # options SYSV_MSG # SVID messages # options SYSV_SHM # SVID shared mem # -options PANIC_INFO # want kernel panic info # +options PSYNCH # pthread synch # options DEVELOPMENT # dev kernel # # secure_kernel - secure kernel from user programs options SECURE_KERNEL # +options OLD_SEMWAIT_SIGNAL # old semwait_signal handler + # # 4.4 general kernel # options SOCKETS # socket support # -options COMPAT_43_TTY # 4.3 BSD tty compat # options DIAGNOSTIC # diagnostics # options CONFIG_DTRACE # dtrace support # options GPROF # build profiling # @@ -162,11 +174,9 @@ options NETWORKING # networking layer # options CONFIG_FSE # file system events # options CONFIG_IMAGEBOOT # local image boot # options CONFIG_SOWUPCALL # SB_UPCALL on sowwakeup # -options CONFIG_FORCE_OUT_IFP # Force IP output to use an interface # -options CONFIG_MBUF_NOEXPAND # limit mbuf expansion # options CONFIG_MBUF_JUMBO # jumbo cluster pool # -options CONFIG_SCOPEDROUTING # scoped routing on by default # -options CONFIG_IP_EDGEHOLE # Drop tagged packets at EDGE interface # +options CONFIG_FORCE_OUT_IFP # Enable IP_FORCE_OUT_IFP # +options CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # options CONFIG_WORKQUEUE # @@ -176,11 +186,14 @@ options CONFIG_WORKQUEUE # options FFS # Fast Filesystem Support # options HFS # HFS/HFS+ support # options FIFO # fifo support # -options UNION # union_fs support # options FDESC # fdesc_fs support # -options CD9660 # ISO 9660 CD-ROM support # options DEVFS # devfs support # options JOURNALING # journaling support # +options HFS_COMPRESSION # hfs compression # +options CONFIG_HFS_STD # hfs standard support # +options CONFIG_HFS_TRIM # hfs trims unused blocks # +options CONFIG_HFS_MOUNT_UNMAP #hfs trims blocks at mount # + # # file system features @@ -189,6 +202,11 @@ options QUOTA # file system quotas # options REV_ENDIAN_FS # Reverse Endian FS # options NAMEDSTREAMS # named stream vnop support # options CONFIG_VOLFS # volfs path support (legacy) # +options CONFIG_IMGSRC_ACCESS # source of imageboot dmg # +options CONFIG_TRIGGERS # trigger vnodes # +options CONFIG_VFS_FUNNEL # thread unsafe vfs's # +options CONFIG_EXT_RESOLVER # e.g. memberd # +options CONFIG_SEARCHFS # searchfs syscall support # # # NFS support @@ -230,7 +248,6 @@ options "IPV6FIREWALL_DEFAULT_TO_ACCEPT" #IPv6 Firewall Feature # pseudo-device dummy 2 # -pseudo-device faith 1 # pseudo-device stf 1 # options crypto # @@ -239,6 +256,8 @@ options randomipid # options ZLIB # inflate/deflate support # +options IF_BRIDGE # + makeoptions LIBDRIVER = "libDriver_kern.o" # makeoptions LIBOBJC = "libkobjc.o" # @@ -281,8 +300,7 @@ options CONFIG_KN_HASHSIZE=20 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=10240 # -options CONFIG_VNODES=1024 # -options CONFIG_VNODES=640 # +options CONFIG_VNODES=750 # options CONFIG_VNODE_FREE_MIN=500 # options CONFIG_VNODE_FREE_MIN=300 # @@ -300,6 +318,9 @@ options CONFIG_VFS_NAMES=4096 # options CONFIG_VFS_NAMES=3072 # options CONFIG_VFS_NAMES=2048 # +options CONFIG_MAX_CLUSTERS=8 # +options CONFIG_MAX_CLUSTERS=4 # + # # configurable kauth credential related resources # @@ -328,17 +349,18 @@ options CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)" # options CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)" # options CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)" # -# set maximum space used for packet buffers -# -options CONFIG_USESOCKTHRESHOLD=1 # -options CONFIG_USESOCKTHRESHOLD=0 # - # # Configure size of TCP hash table # options CONFIG_TCBHASHSIZE=4096 # options CONFIG_TCBHASHSIZE=128 # +# +# Configure bandwidth limiting sysctl +# +options CONFIG_ICMP_BANDLIM=250 # +options CONFIG_ICMP_BANDLIM=50 # + # # configurable async IO options # CONFIG_AIO_MAX - system wide limit of async IO requests. @@ -381,6 +403,12 @@ options CONFIG_MFCTBLSIZ=256 # options CONFIG_MFCTBLSIZ=128 # options CONFIG_MFCTBLSIZ=16 # +# +# configurable kernel message buffer size +# +options CONFIG_MSG_BSIZE=4096 # +options CONFIG_MSG_BSIZE=16384 # + # # configurable kernel - use these options to strip strings from panic # and printf calls. @@ -391,18 +419,59 @@ options CONFIG_NO_PANIC_STRINGS # options CONFIG_NO_PRINTF_STRINGS # options CONFIG_NO_KPRINTF_STRINGS # +# +# use finer-grained lock groups for the proc subsystem +# +options CONFIG_FINE_LOCK_GROUPS # + # # configurable kernel - general switch to say we are building for an # embedded device # options CONFIG_EMBEDDED # +# only execute signed code. Hang this off config_embedded since there's +# nothing more appropriate right now +# +options CONFIG_ENFORCE_SIGNED_CODE # + +# support dynamic signing of code +# +options CONFIG_DYNAMIC_CODE_SIGNING # + # # code decryption... used on embedded for app protection # must be set in all the bsd/conf and osfmk/conf MASTER files # options CONFIG_CODE_DECRYPTION # +# +# User Content Protection, used on embedded +# +options CONFIG_PROTECT # + +# +# enable per-process memory priority tracking +# +options CONFIG_MEMORYSTATUS # + +# +# enable jetsam - used on embedded +# +options CONFIG_JETSAM # + +# +# enable freezing of suspended processes - used on embedded +# +options CONFIG_FREEZE # + +options CHECK_CS_VALIDATION_BITMAP # + +# +# memory pressure event support +# must be set in both bsd/conf and osfmk/conf MASTER files +# +options VM_PRESSURE_EVENTS # # # Ethernet (ARP) @@ -433,6 +502,7 @@ pseudo-device vndevice 16 init vndevice_init # pseudo-device vndevice 8 init vndevice_init # pseudo-device vndevice 4 init vndevice_init # pseudo-device vndevice 3 init vndevice_init # +pseudo-device vndevice 2 init vndevice_init # pseudo-device vndevice 2 init vndevice_init # # @@ -463,4 +533,3 @@ pseudo-device sdt 1 init sdt_init # pseudo-device systrace 1 init systrace_init # pseudo-device fbt 1 init fbt_init # pseudo-device profile_prvd 1 init profile_init # -