X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/fe8ab488e9161c46dd9885d58fc52996dc0249ff..3903760236c30e3b5ace7a4eefac3a269d68957c:/config/MASTER diff --git a/config/MASTER b/config/MASTER index 7e0b5f60c..16a1f7853 100644 --- a/config/MASTER +++ b/config/MASTER @@ -53,7 +53,7 @@ ####################################################################### # -options INET # # +options INET # # options HW_AST # Hardware ast support # options HW_FOOTPRINT # Cache footprint support # @@ -63,6 +63,7 @@ options MACH_FASTLINK # Fast symbolic links options MACH_HOST # Mach host (resource alloc.) # options MACH_IPC_COMPAT # Enable old IPC interface # options MACH_IPC_TEST # Testing code/printfs # +options MACH_FLIPC # Fast-Local IPC # options MACH_NP # Mach IPC support # options MACH_NBC # No buffer cache # options MACH_NET # Fast network access # @@ -75,7 +76,7 @@ options AH_ALL_CRYPTO # AH all crypto algs # options IPCOMP_ZLIB # IP compression using zlib # options PF # Packet Filter # options PF_ALTQ # PF ALTQ (Alternate Queueing) # -options PF_ECN # PF use ECN marking # +options PF_ECN # PF use ECN marking # options PFLOG # PF log interface # options PKTSCHED_CBQ # CBQ packet scheduler # options PKTSCHED_HFSC # H-FSC packet scheduler # @@ -85,13 +86,8 @@ options MEASURE_BW # interface bandwidth measurement # options CLASSQ_BLUE # BLUE queueing algorithm # options CLASSQ_RED # RED queueing algorithm # options CLASSQ_RIO # RIO queueing algorithm # -options IPDIVERT # Divert sockets (for NAT) # -options IPFIREWALL # IP Firewalling (used by NAT) # -options IPFIREWALL_FORWARD #Transparent proxy # -options IPFIREWALL_DEFAULT_TO_ACCEPT # allow everything by default # options DUMMYNET # dummynet support # options TRAFFIC_MGT # traffic management support # -options IPFW2 # IP firewall (new version) # options MULTICAST # Internet Protocol Class-D $ options TCPDEBUG # TCP debug # options TCP_DROP_SYNFIN # Drop TCP packets with SYN+FIN set # @@ -99,14 +95,15 @@ options ICMP_BANDLIM # ICMP bandwidth limiting sysctl options IFNET_INPUT_SANITY_CHK # allow dlil/ifnet input sanity check # options MULTIPATH # Multipath domain # options MPTCP # Multipath TCP # -options SYSV_SEM # SVID semaphores # -options SYSV_MSG # SVID messages # -options SYSV_SHM # SVID shared mem # -options PSYNCH # pthread synch # +options SYSV_SEM # SVID semaphores # +options SYSV_MSG # SVID messages # +options SYSV_SHM # SVID shared mem # +options PSYNCH # pthread synch # options FLOW_DIVERT # options NECP # options CONTENT_FILTER # # options PACKET_MANGLER # # + # secure_kernel - secure kernel from user programs options SECURE_KERNEL # @@ -115,35 +112,29 @@ options OLD_SEMWAIT_SIGNAL # old semwait_signal handler # # 4.4 general kernel # -options SOCKETS # socket support # -options DIAGNOSTIC # diagnostics # -options GPROF # build profiling # +options SOCKETS # socket support # +options DIAGNOSTIC # diagnostics # +options GPROF # build profiling # options PROFILE # kernel profiling # options SENDFILE # sendfile # -options NETWORKING # networking layer # +options NETWORKING # networking layer # options CONFIG_FSE # file system events # options CONFIG_IMAGEBOOT # local image boot # options CONFIG_MBUF_JUMBO # jumbo cluster pool # -options CONFIG_FORCE_OUT_IFP # Enable IP_FORCE_OUT_IFP # -options CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # options CONFIG_WORKQUEUE # # # 4.4 filesystems # -options HFS # HFS/HFS+ support # -options MOCKFS # Boot from an executable # +options MOCKFS # Boot from an executable # options FIFO # fifo support # options FDESC # fdesc_fs support # options DEVFS # devfs support # -options JOURNALING # journaling support # -options HFS_COMPRESSION # hfs compression # -options CONFIG_HFS_STD # hfs standard support # -options CONFIG_HFS_TRIM # hfs trims unused blocks # -options CONFIG_HFS_MOUNT_UNMAP #hfs trims blocks at mount # -options CONFIG_HFS_DIRLINK #allow directory hardlink creation # -options CONFIG_DEV_KMEM # /dev/kmem device for reading KVA # +options ROUTEFS # routefs support # +options NULLFS # nullfs support # +options FS_COMPRESSION # fs compression # +options CONFIG_DEV_KMEM # /dev/kmem device for reading KVA # # # file system features @@ -156,7 +147,6 @@ options CONFIG_IMGSRC_ACCESS # source of imageboot dmg # options CONFIG_TRIGGERS # trigger vnodes # options CONFIG_EXT_RESOLVER # e.g. memberd # options CONFIG_SEARCHFS # searchfs syscall support # -options CONFIG_SECLUDED_RENAME # secluded rename syscall # # # NFS support @@ -167,30 +157,30 @@ options NFSSERVER # Be an NFS server # # # Machine Independent Apple Features # -profile # build a profiling kernel # +profile # build a profiling kernel # # # IPv6 Support # -options "INET6" # kernel IPv6 Support # -options IPV6SEND # Secure Neighbor Discovery # -options IPSEC # IP security # -options IPSEC_ESP # IP security # -options "IPV6FIREWALL" # IPv6 Firewall Feature # +options "INET6" # kernel IPv6 Support # +options IPV6SEND # Secure Neighbor Discovery # +options IPSEC # IP security # +options IPSEC_ESP # IP security # +options "IPV6FIREWALL" # IPv6 Firewall Feature # options "IPV6FIREWALL_DEFAULT_TO_ACCEPT" #IPv6 Firewall Feature # #options "IPV6FIREWALL_VERBOSE" #IPv6 Firewall Feature # -pseudo-device gif 1 # -pseudo-device dummy 2 # -pseudo-device stf 1 # +pseudo-device gif 1 # +pseudo-device dummy 2 # +pseudo-device stf 1 # -options CRYPTO # -options CRYPTO_SHA2 # -options ENCRYPTED_SWAP # +options CRYPTO # +options CRYPTO_SHA2 # +options ENCRYPTED_SWAP # -options ZLIB # inflate/deflate support # +options ZLIB # inflate/deflate support # -options IF_BRIDGE # +options IF_BRIDGE # # # configurable kernel event related resources @@ -215,13 +205,13 @@ options CONFIG_KN_HASHSIZE=20 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=263168 # options CONFIG_VNODES=10240 # -options CONFIG_VNODES=750 # +options CONFIG_VNODES=750 # -options CONFIG_VNODE_FREE_MIN=500 # -options CONFIG_VNODE_FREE_MIN=300 # -options CONFIG_VNODE_FREE_MIN=200 # -options CONFIG_VNODE_FREE_MIN=100 # -options CONFIG_VNODE_FREE_MIN=75 # +options CONFIG_VNODE_FREE_MIN=500 # +options CONFIG_VNODE_FREE_MIN=300 # +options CONFIG_VNODE_FREE_MIN=200 # +options CONFIG_VNODE_FREE_MIN=100 # +options CONFIG_VNODE_FREE_MIN=75 # options CONFIG_NC_HASH=5120 # options CONFIG_NC_HASH=4096 # @@ -236,15 +226,6 @@ options CONFIG_VFS_NAMES=2048 # options CONFIG_MAX_CLUSTERS=8 # options CONFIG_MAX_CLUSTERS=4 # -# -# configurable kauth credential related resources -# -options KAUTH_CRED_PRIMES_COUNT=7 # -options KAUTH_CRED_PRIMES_COUNT=3 # - -options KAUTH_CRED_PRIMES="{97, 241, 397, 743, 1499, 3989, 7499}" # -options KAUTH_CRED_PRIMES="{5, 17, 97}" # - # # configurable options for minumum number of buffers for kernel memory # @@ -260,9 +241,9 @@ options CONFIG_MIN_NIOBUF=32 # # # set maximum space used for packet buffers # -options CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)" # -options CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)" # -options CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)" # +options CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)" # +options CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)" # +options CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)" # # # Configure size of TCP hash table @@ -282,8 +263,8 @@ options CONFIG_ICMP_BANDLIM=50 # # CONFIG_AIO_PROCESS_MAX - process limit of async IO requests. # CONFIG_AIO_THREAD_COUNT - number of async IO worker threads created. # -options CONFIG_AIO_MAX=360 # -options CONFIG_AIO_MAX=180 # +options CONFIG_AIO_MAX=360 # +options CONFIG_AIO_MAX=180 # options CONFIG_AIO_MAX=90 # options CONFIG_AIO_MAX=45 # options CONFIG_AIO_MAX=20 # @@ -296,15 +277,15 @@ options CONFIG_AIO_PROCESS_MAX=12 # options CONFIG_AIO_PROCESS_MAX=8 # options CONFIG_AIO_PROCESS_MAX=4 # -options CONFIG_AIO_THREAD_COUNT=16 # +options CONFIG_AIO_THREAD_COUNT=16 # options CONFIG_AIO_THREAD_COUNT=8 # options CONFIG_AIO_THREAD_COUNT=4 # options CONFIG_AIO_THREAD_COUNT=3 # options CONFIG_AIO_THREAD_COUNT=2 # -options CONFIG_MAXVIFS=32 # -options CONFIG_MAXVIFS=16 # -options CONFIG_MAXVIFS=2 # +options CONFIG_MAXVIFS=32 # +options CONFIG_MAXVIFS=16 # +options CONFIG_MAXVIFS=2 # options CONFIG_MFCTBLSIZ=256 # options CONFIG_MFCTBLSIZ=128 # @@ -316,6 +297,13 @@ options CONFIG_MFCTBLSIZ=16 # options CONFIG_MSG_BSIZE=4096 # options CONFIG_MSG_BSIZE=16384 # +# +# maximum size of the per-process Mach IPC table +# +options CONFIG_IPC_TABLE_ENTRIES_STEPS=64 # 137898 entries # +options CONFIG_IPC_TABLE_ENTRIES_STEPS=256 # 300714 entries # + + # # configurable kernel - use these options to strip strings from panic # and printf calls. @@ -343,46 +331,68 @@ options CONFIG_ENFORCE_LIBRARY_VALIDATION # # # code decryption... used on embedded for app protection, DSMOS on desktop # -options CONFIG_CODE_DECRYPTION # +options CONFIG_CODE_DECRYPTION # # # User Content Protection, used on embedded # -options CONFIG_PROTECT # +options CONFIG_PROTECT # # # enable per-process memory priority tracking # -options CONFIG_MEMORYSTATUS # +options CONFIG_MEMORYSTATUS # # # enable jetsam - used on embedded # -options CONFIG_JETSAM # +options CONFIG_JETSAM # + +# +# enable new link table implementation stats/debugging +# (adds mesaureable overhead) +# +options CONFIG_LTABLE_STATS # +options CONFIG_LTABLE_DEBUG # + +# +# enable new wait queue implementation stats / debugging +# +options CONFIG_WAITQ_STATS # +options CONFIG_WAITQ_DEBUG # # # enable freezing of suspended processes - used on embedded # -options CONFIG_FREEZE # +options CONFIG_FREEZE # -options CHECK_CS_VALIDATION_BITMAP # +options CHECK_CS_VALIDATION_BITMAP # # # enable detectiion of file cache thrashing - used on platforms with # dynamic VM compression enabled # -options CONFIG_PHANTOM_CACHE # +options CONFIG_PHANTOM_CACHE # # # memory pressure event support # options VM_PRESSURE_EVENTS # +options CONFIG_SECLUDED_MEMORY # + +options CONFIG_BACKGROUND_QUEUE # + # # I/O Scheduling # options CONFIG_IOSCHED # +# +# Accounting for I/O usage +# +options CONFIG_IO_ACCOUNTING # + # # Enable inheritance of importance through specially marked mach ports and for file locks # For now debug is enabled wherever inheritance is @@ -390,28 +400,28 @@ options CONFIG_IOSCHED # options IMPORTANCE_INHERITANCE # options IMPORTANCE_DEBUG # -options CONFIG_TELEMETRY # +options CONFIG_TELEMETRY # options CONFIG_PROC_UUID_POLICY # -# -# In-kernel tests -# -options CONFIG_IN_KERNEL_TESTS # - # # ECC data logging # -options CONFIG_ECC_LOGGING # +options CONFIG_ECC_LOGGING # + +# +# Application core dumps +# +options CONFIG_COREDUMP # # # Ethernet (ARP) # -pseudo-device ether # +pseudo-device ether # # # Network loopback device # -pseudo-device loop # +pseudo-device loop # # # UCB pseudo terminal service # @@ -459,12 +469,13 @@ pseudo-device profile_prvd 1 init profile_init # # options HIBERNATION # system hibernation # -options IOKITCPP # C++ implementation # -options IOKITSTATS # IOKit statistics # -options CONFIG_SLEEP # # +options IOKITCPP # C++ implementation # +options IOKITSTATS # IOKit statistics # +options IOTRACKING # IOKit tracking # +options CONFIG_SLEEP # # options CONFIG_MAX_THREADS=64 # IOConfigThread threads -options NO_KEXTD # -options NO_KERNEL_HID # +options NO_KEXTD # +options NO_KERNEL_HID # # # Libkern configuration options @@ -485,21 +496,25 @@ options CONFIG_STATIC_CPPINIT # Static library initializes kext cpp ru # CONFIG_KEXT_BASEMENT - alloc post boot loaded kexts after prelinked kexts # -options CONFIG_KEXT_BASEMENT # # +options CONFIG_KEXT_BASEMENT # # # -# security configuration options +# Persona Management # +options CONFIG_PERSONAS # Persona management # +options PERSONA_DEBUG # Persona debugging # -options CONFIG_LCTX # Login Context +# +# security configuration options +# -options CONFIG_MACF # Mandatory Access Control Framework # +options CONFIG_MACF # Mandatory Access Control Framework # options CONFIG_MACF_SOCKET_SUBSET # MAC socket subest (no labels) # -#options CONFIG_MACF_SOCKET # MAC socket labels # -#options CONFIG_MACF_NET # mbuf # -#options CONFIG_MACF_DEBUG # debug # +#options CONFIG_MACF_SOCKET # MAC socket labels # +#options CONFIG_MACF_NET # mbuf # +#options CONFIG_MACF_DEBUG # debug # -options CONFIG_AUDIT # Kernel auditing # +options CONFIG_AUDIT # Kernel auditing # # @@ -509,7 +524,6 @@ options CONFIG_AUDIT # Kernel auditing # # forcibly suspending tasks when the demand exceeds supply. This # option should be on. # -options MACH_PAGEMAP # options MACH_RT options TASK_SWAPPER # @@ -534,13 +548,13 @@ options MACH_ASSERT # # # options MACH_DEBUG # IPC debugging interface # options MACH_IPC_DEBUG # Enable IPC debugging calls # -options MACH_VM_DEBUG # # +options MACH_VM_DEBUG # # # # MACH_MP_DEBUG control the possible dead locks that may occur by controlling # that IPL level has been raised down to SPL0 after some calls to # hardclock device driver. # -options MACH_MP_DEBUG # # +options MACH_MP_DEBUG # # # # ZONE_DEBUG keeps track of all zalloc()ed elements to perform further # operations on each element. @@ -549,10 +563,6 @@ options ZONE_DEBUG # # options CONFIG_ZLEAKS # Live zone leak debugging # -# -options ZONE_ALIAS_ADDR # # - - # # CONFIG_TASK_ZONE_INFO allows per-task zone information to be extracted # Primarily useful for xnu debug and development. @@ -584,13 +594,13 @@ options MACH_LDEBUG # # # options KDEBUG # kernel tracing # options IST_KDEBUG # limited tracing # -options NO_KDEBUG # no kernel tracing # +options NO_KDEBUG # no kernel tracing # # # CONFIG_DTRACE enables code needed to support DTrace. Currently this is # only used for delivery of traps/interrupts to DTrace. # -options CONFIG_DTRACE # # +options CONFIG_DTRACE # # # kernel performance tracing options KPERF # @@ -598,13 +608,13 @@ options KPC # # MACH_COUNTERS enables code that handles various counters in the system. # -options MACH_COUNTERS # # +options MACH_COUNTERS # # # DEVELOPMENT define for development builds -options DEVELOPMENT # dev kernel # +options DEVELOPMENT # dev kernel # # DEBUG kernel -options DEBUG # general debugging code # +options DEBUG # general debugging code # ########################################################## # @@ -654,11 +664,6 @@ options CONFIG_ZLEAK_TRACE_MAP_NUM=4096 # # vc_progress_white - make the progress gear white instead of black options CONFIG_VC_PROGRESS_WHITE # -# -# Context switched counters -# -options CONFIG_COUNTERS # - # # Timeshare scheduler implementations # @@ -668,41 +673,60 @@ options CONFIG_SCHED_GRRR # options CONFIG_SCHED_GRRR_CORE # options CONFIG_SCHED_MULTIQ # options CONFIG_SCHED_TIMESHARE_CORE # -options CONFIG_SCHED_FAIRSHARE_CORE # -options CONFIG_SCHED_IDLE_IN_PLACE # +options CONFIG_SCHED_IDLE_IN_PLACE # +options CONFIG_SCHED_SFI # options CONFIG_GZALLOC # +options CONFIG_SCHED_DEFERRED_AST # # Enable allocation of contiguous physical memory through vm_map_enter_cpm() -options VM_CPM # +options VM_CPM # -options CONFIG_SKIP_PRECISE_USER_KERNEL_TIME # +options CONFIG_SKIP_PRECISE_USER_KERNEL_TIME # # # Switch to disable cpu, wakeup and high memory watermark monitors # -options CONFIG_NOMONITORS # +options CONFIG_NOMONITORS # -options MACH_KDP # KDP # -options CONFIG_SERIAL_KDP # KDP over serial # +options MACH_KDP # KDP # +options CONFIG_SERIAL_KDP # KDP over serial # options CONFIG_KDP_INTERACTIVE_DEBUGGING # +# +# Kernel Power On Self Tests +# +options CONFIG_XNUPOST # + +# +# Kernel proc reference instrumentation +# +options PROC_REF_DEBUG # + +# +# Kernel OS reason debug instrumentation +# +options OS_REASON_DEBUG # + # # Kernel Voucher Attr Manager for Activity Trace # -options CONFIG_ATM # +options CONFIG_ATM # # # Kernel Voucher Attr Manager for BANK # -options CONFIG_BANK # +options CONFIG_BANK # # Group related tasks together into coalitions options CONFIG_COALITIONS # +# Enable support for sysdiagnose notifications +options CONFIG_SYSDIAGNOSE # + # Configurable Security Restrictions -options CONFIG_CSR # +options CONFIG_CSR # # # Console options