HardenedBSD/sys/conf/options
Robert Watson a64ed08955 Introduce extended attribute support for FFS, allowing arbitrary
(name, value) pairs to be associated with inodes.  This support is
used for ACLs, MAC labels, and Capabilities in the TrustedBSD
security extensions, which are currently under development.

In this implementation, attributes are backed to data vnodes in the
style of the quota support in FFS.  Support for FFS extended
attributes may be enabled using the FFS_EXTATTR kernel option
(disabled by default).  Userland utilities and man pages will be
committed in the next batch.  VFS interfaces and man pages have
been in the repo since 4.0-RELEASE and are unchanged.

o ufs/ufs/extattr.h: UFS-specific extattr defines
o ufs/ufs/ufs_extattr.c: bulk of support routines
o ufs/{ufs,ffs,mfs}/*.[ch]: hooks and extattr.h includes
o contrib/softupdates/ffs_softdep.c: extattr.h includes
o conf/options, conf/files, i386/conf/LINT: added FFS_EXTATTR

o coda/coda_vfsops.c: XXX required extattr.h due to ufsmount.h
(This should not be the case, and will be fixed in a future commit)

Currently attributes are not supported in MFS.  This will be fixed.

Reviewed by:	adrian, bp, freebsd-fs, other unthanked souls
Obtained from:	TrustedBSD Project
2000-04-15 03:34:27 +00:00

455 lines
12 KiB
Plaintext

# $FreeBSD$
#
# On the handling of kernel options
#
# All kernel options should be listed in LINT, with suitable
# descriptions. Negative options (options that make some code not
# compile) should be commented out; LINT should compile as much code
# as possible. Try to structure option-using code so that a single
# option only switch code on, or only switch code off, to make it
# possible to have a full compile-test. If necessary, you can include
# "opt_lint.h" and check for COMPILING_LINT to get maximum code
# coverage.
#
# All new options shall also be listed in either "conf/options" or
# "<machine>/conf/options.<machine>". Options that affect a single
# source-file <xxx>.[c|s] should be directed into "opt_<xxx>.h", while
# options that affect multiple files should either go in
# "opt_global.h" if this is a kernel-wide option (used just about
# everywhere), or in "opt_<option-name-in-lower-case>.h" if it affect
# only some files. Note that the effect of listing only an option
# without a header-file-name in conf/options (and cousins) is that the
# last convention is followed.
#
# This handling scheme is not yet fully implemented.
#
#
# Format of this file:
# Option name filename
#
# If filename is missing, the default is
# opt_<name-of-option-in-lower-case>.h
# Adaptec aic7xxx SCSI controller options
AHC_ALLOW_MEMIO opt_aic7xxx.h # Allow PCI devices to use memory
# mapped I/O
AHC_TMODE_ENABLE opt_aic7xxx.h # Bitmap of units to enable
# targetmode operations.
AHC_DUMP_EEPROM opt_aic7xxx.h # Dump the contents of our
# configuration prom.
ADW_ALLOW_MEMIO opt_adw.h # Allow PCI devices to use memory
# mapped I/O
# Miscellaneous options.
COMPAT_43 opt_compat.h
COMPAT_SUNOS opt_compat.h
COMPILING_LINT opt_lint.h
CY_PCI_FASTINTR
DDB
DDB_UNATTENDED opt_ddb.h
GDB_REMOTE_CHAT opt_ddb.h
DEVFS
HW_WDOG
KTRACE
MD_ROOT opt_md.h
MD_ROOT_SIZE opt_md.h
MFS_ROOT opt_mfs.h
MFS_ROOT_SIZE opt_mfs.h
NTIMECOUNTER opt_ntp.h
NSWAPDEV opt_swap.h
PPS_SYNC opt_ntp.h
QUOTA
SPX_HACK
SUIDDIR opt_suiddir.h
SYSVMSG opt_sysvipc.h
SYSVSEM opt_sysvipc.h
SYSVSHM opt_sysvipc.h
SHMALL opt_sysvipc.h
SHMMAX opt_sysvipc.h
SHMMAXPGS opt_sysvipc.h
SHMMIN opt_sysvipc.h
SHMMNI opt_sysvipc.h
SHMSEG opt_sysvipc.h
UCONSOLE
ICMP_BANDLIM
VFS_AIO
# POSIX kernel options
P1003_1B opt_posix.h
_KPOSIX_PRIORITY_SCHEDULING opt_posix.h
_KPOSIX_VERSION opt_posix.h
# Do we want the config file compiled into the kernel?
INCLUDE_CONFIG_FILE opt_config.h
# Options for static file systems. These should only be used at config
# time, since the corresponding lkms cannot work if there are any static
# dependencies. Unusability is enforced by hiding the defines for the
# options in a never-included header.
EXT2FS opt_dontuse.h
FDESC opt_dontuse.h
KERNFS opt_dontuse.h
MFS opt_dontuse.h
MSDOSFS opt_dontuse.h
NULLFS opt_dontuse.h
PORTAL opt_dontuse.h
PROCFS opt_dontuse.h
UMAPFS opt_dontuse.h
NTFS opt_dontuse.h
# These static filesystems has one slightly bogus static dependency in
# sys/i386/i386/autoconf.c. If any of these filesystems are
# statically compiled into the kernel, code for mounting them as root
# filesystems will be enabled - but look below. Boot-code is purposely
# unavailable for the LKM-based versions.
CODA
CD9660
FFS
NFS
NWFS
# If you are following the conditions in the copyright,
# you can enable soft-updates which will speed up a lot of thigs
# and make the system safer from crashes at the same time.
# otherwise a STUB module will be compiled in.
SOFTUPDATES opt_ffs.h
# Enabling this option turns on support for extended attributes
# in FFS, which can be used to support high security configurations
# as well as new file system features.
FFS_EXTATTR opt_ffs.h
# The above static dependencies are planned removed, with a
# <filesystem>_ROOT option to control if it usable as root. This list
# allows these options to be present in config files already (though
# they won't make any difference yet).
CD9660_ROOT opt_cd9660.h
FFS_ROOT opt_ffs.h
NFS_ROOT opt_nfsroot.h
# The union static file system has bogus static dependencies, so it isn't
# hidden yet.
UNION
# Options used only in param.c.
HZ opt_param.h
MAXFILES opt_param.h
MAXUSERS opt_param.h
MSGMNB opt_param.h
MSGMNI opt_param.h
MSGSEG opt_param.h
MSGSSZ opt_param.h
MSGTQL opt_param.h
NBUF opt_param.h
NMBCLUSTERS opt_param.h
NSFBUFS opt_param.h
SEMMAP opt_param.h
SEMMNI opt_param.h
SEMMNS opt_param.h
SEMMNU opt_param.h
SEMMSL opt_param.h
SEMOPM opt_param.h
SEMUME opt_param.h
# Generic SCSI options.
CAM_MAX_HIGHPOWER opt_cam.h
CAMDEBUG opt_cam.h
CAM_DEBUG_DELAY opt_cam.h
CAM_DEBUG_BUS opt_cam.h
CAM_DEBUG_TARGET opt_cam.h
CAM_DEBUG_LUN opt_cam.h
CAM_DEBUG_FLAGS opt_cam.h
SCSI_DELAY opt_scsi.h
SCSI_NO_SENSE_STRINGS opt_scsi.h
SCSI_NO_OP_STRINGS opt_scsi.h
# Options used only in cam/scsi/scsi_cd.c
CHANGER_MIN_BUSY_SECONDS opt_cd.h
CHANGER_MAX_BUSY_SECONDS opt_cd.h
# Options used only in cam/scsi/scsi_sa.c.
SA_SPACE_TIMEOUT opt_sa.h
SA_REWIND_TIMEOUT opt_sa.h
SA_ERASE_TIMEOUT opt_sa.h
SA_1FM_AT_EOD opt_sa.h
# Options used only in cam/scsi/scsi_pt.c
SCSI_PT_DEFAULT_TIMEOUT opt_pt.h
# Options used only in cam/scsi/scsi_ses.c
SES_ENABLE_PASSTHROUGH opt_ses.h
# Options used in dev/sym/ (Symbios SCSI driver).
SYM_SETUP_LP_PROBE_MAP opt_sym.h #-Low Priority Probe Map (bits)
# Allows the ncr to take precedence
# 1 (1<<0) -> 810a, 860
# 2 (1<<1) -> 825a, 875, 885, 895
# 4 (1<<2) -> 895a, 896, 1510d
SYM_SETUP_SCSI_DIFF opt_sym.h #-HVD support for 825a, 875, 885
# disabled:0 (default), enabled:1
SYM_SETUP_PCI_PARITY opt_sym.h #-PCI parity checking
# disabled:0, enabled:1 (default)
SYM_SETUP_MAX_LUN opt_sym.h #-Number of LUNs supported
# default:8, range:[1..64]
# Options used only in pci/ncr.c
SCSI_NCR_DEBUG opt_ncr.h
SCSI_NCR_MAX_SYNC opt_ncr.h
SCSI_NCR_MAX_WIDE opt_ncr.h
SCSI_NCR_MYADDR opt_ncr.h
# Options used only in pci/isp_pci.c
SCSI_ISP_NO_FWLOAD_MASK opt_isp.h
SCSI_ISP_NO_NVRAM_MASK opt_isp.h
SCSI_ISP_PREFER_MEM_MAP opt_isp.h
SCSI_ISP_FABRIC opt_isp.h
SCSI_ISP_SCCLUN opt_isp.h
SCSI_ISP_FCDUPLEX opt_isp.h
SCSI_ISP_WWN opt_isp.h
ISP_DISABLE_1020_SUPPORT opt_isp.h
ISP_DISABLE_1080_SUPPORT opt_isp.h
ISP_DISABLE_2100_SUPPORT opt_isp.h
ISP_DISABLE_2200_SUPPORT opt_isp.h
ISP_COMPILE_FW opt_isp.h
ISP_COMPILE_1020_FW opt_isp.h
ISP_COMPILE_1080_FW opt_isp.h
ISP_COMPILE_2100_FW opt_isp.h
ISP_COMPILE_2200_FW opt_isp.h
ISP_TARGET_MODE opt_isp.h
# Options used in the 'ata' ATA/ATAPI driver
ATA_STATIC_ID opt_ata.h
ATA_ENABLE_ATAPI_DMA opt_ata.h
# Resource limits.
DFLDSIZ opt_rlimit.h
MAXDSIZ opt_rlimit.h
# Net stuff.
BOOTP opt_bootp.h
BOOTP_COMPAT opt_bootp.h
BOOTP_NFSROOT opt_bootp.h
BOOTP_NFSV3 opt_bootp.h
BOOTP_WIRED_TO opt_bootp.h
BRIDGE opt_bdg.h
ETHER_II opt_ef.h
ETHER_8023 opt_ef.h
ETHER_8022 opt_ef.h
ETHER_SNAP opt_ef.h
MROUTING opt_mrouting.h
INET opt_inet.h
INET6 opt_inet6.h
IPSEC opt_ipsec.h
IPSEC_ESP opt_ipsec.h
IPSEC_DEBUG opt_ipsec.h
IPSEC_IPV6FWD opt_ipsec.h
IPDIVERT
DUMMYNET opt_ipdn.h
IPFILTER opt_ipfilter.h
IPFILTER_LOG opt_ipfilter.h
IPFIREWALL opt_ipfw.h
IPFIREWALL_VERBOSE opt_ipfw.h
IPFIREWALL_VERBOSE_LIMIT opt_ipfw.h
IPFIREWALL_DEFAULT_TO_ACCEPT opt_ipfw.h
IPFIREWALL_FORWARD opt_ipfw.h
IPV6FIREWALL opt_ip6fw.h
IPV6FIREWALL_VERBOSE opt_ip6fw.h
IPV6FIREWALL_VERBOSE_LIMIT opt_ip6fw.h
IPV6FIREWALL_DEFAULT_TO_ACCEPT opt_ip6fw.h
IPSTEALTH
IPX opt_ipx.h
IPXIP opt_ipx.h
IPTUNNEL opt_ipx.h
NCP opt_ncp.h
NETATALK opt_atalk.h
PPP_BSDCOMP opt_ppp.h
PPP_DEFLATE opt_ppp.h
PPP_FILTER opt_ppp.h
SLIP_IFF_OPTS opt_slip.h
TCP_COMPAT_42 opt_compat.h
TCPDEBUG
TCP_DROP_SYNFIN opt_tcp_input.h
TCP_RESTRICT_RST opt_tcp_input.h
# Netgraph(4). Use option NETGRAPH to enable the base netgraph code.
# Each netgraph node type can be either be compiled into the kernel
# or loaded dynamically. To get the former, include the corresponding
# option below. Each type has its own man page, e.g. ng_async(8).
NETGRAPH
NETGRAPH_ASYNC opt_netgraph.h
NETGRAPH_BPF opt_netgraph.h
NETGRAPH_CISCO opt_netgraph.h
NETGRAPH_ECHO opt_netgraph.h
NETGRAPH_FRAME_RELAY opt_netgraph.h
NETGRAPH_HOLE opt_netgraph.h
NETGRAPH_IFACE opt_netgraph.h
NETGRAPH_KSOCKET opt_netgraph.h
NETGRAPH_LMI opt_netgraph.h
# MPPC compression requires proprietary files (not included)
NETGRAPH_MPPC_COMPRESSION opt_netgraph.h
NETGRAPH_MPPC_ENCRYPTION opt_netgraph.h
NETGRAPH_PPP opt_netgraph.h
NETGRAPH_PPPOE opt_netgraph.h
NETGRAPH_PPTPGRE opt_netgraph.h
NETGRAPH_RFC1490 opt_netgraph.h
NETGRAPH_SOCKET opt_netgraph.h
NETGRAPH_TEE opt_netgraph.h
NETGRAPH_TTY opt_netgraph.h
NETGRAPH_UI opt_netgraph.h
NETGRAPH_VJC opt_netgraph.h
# ATM (HARP version)
ATM_CORE opt_atm.h
ATM_IP opt_atm.h
ATM_SIGPVC opt_atm.h
ATM_SPANS opt_atm.h
ATM_UNI opt_atm.h
# XXX Conflict: # of devices vs network protocol (Native ATM).
# This makes "atm.h" unusable.
NATM opt_natm.h
DPT_ALLOW_MEMIO opt_dpt.h # Allow PCI devices to use memory
# mapped I/O
# DPT driver debug flags
DPT_MEASURE_PERFORMANCE opt_dpt.h
DPT_HANDLE_TIMEOUTS opt_dpt.h
DPT_TIMEOUT_FACTOR opt_dpt.h
DPT_LOST_IRQ opt_dpt.h
DPT_RESET_HBA opt_dpt.h
# Misc debug flags. Most of these should probably be replaced with
# 'DEBUG', and then let people recompile just the interesting modules
# with 'make CC="cc -DDEBUG"'.
CLUSTERDEBUG opt_debug_cluster.h
DEBUG_1284 opt_ppb_1284.h
VP0_DEBUG opt_vpo.h
LPT_DEBUG opt_lpt.h
PLIP_DEBUG opt_plip.h
LOCKF_DEBUG opt_debug_lockf.h
LOUTB opt_debug_outb.h
NPX_DEBUG opt_debug_npx.h
NETATALKDEBUG opt_atalk.h
SI_DEBUG opt_debug_si.h
# Fb options
FB_DEBUG opt_fb.h
FB_INSTALL_CDEV opt_fb.h
# ppbus related options
PERIPH_1284 opt_ppb_1284.h
DONTPROBE_1284 opt_ppb_1284.h
# smbus related options
ENABLE_ALART opt_intpm.h
# These cause changes all over the kernel
BLKDEV_IOSIZE opt_global.h
DEBUG opt_global.h
DEBUG_LOCKS opt_global.h
DEBUG_VFS_LOCKS opt_global.h
DIAGNOSTIC opt_global.h
ENABLE_VFS_IOOPT opt_global.h
INVARIANT_SUPPORT opt_global.h
INVARIANTS opt_global.h
SIMPLELOCK_DEBUG opt_global.h
VFS_BIO_DEBUG opt_global.h
# These are VM related options
VM_KMEM_SIZE opt_vm.h
VM_KMEM_SIZE_SCALE opt_vm.h
VM_KMEM_SIZE_MAX opt_vm.h
NO_SWAPPING opt_vm.h
PQ_NOOPT opt_vmpage.h
PQ_NORMALCACHE opt_vmpage.h
PQ_MEDIUMCACHE opt_vmpage.h
PQ_LARGECACHE opt_vmpage.h
PQ_HUGECACHE opt_vmpage.h
# Standard SMP options
SMP opt_global.h
NCPU opt_smp.h
NBUS opt_smp.h
# sys/netkey
KEY
# Size of the kernel message buffer
MSGBUF_SIZE opt_msgbuf.h
# PCI related options
PCI_QUIET opt_pci.h
COMPAT_OLDPCI
# NFS options
NFS_MINATTRTIMO opt_nfs.h
NFS_MAXATTRTIMO opt_nfs.h
NFS_MINDIRATTRTIMO opt_nfs.h
NFS_MAXDIRATTRTIMO opt_nfs.h
NFS_GATHERDELAY opt_nfs.h
NFS_UIDHASHSIZ opt_nfs.h
NFS_WDELAYHASHSIZ opt_nfs.h
NFS_MUIDHASHSIZ opt_nfs.h
NFS_NOSERVER opt_nfs.h
NFS_DEBUG opt_nfs.h
# For the Bt848/Bt848A/Bt849/Bt878/Bt879 driver
OVERRIDE_CARD opt_bktr.h
OVERRIDE_TUNER opt_bktr.h
OVERRIDE_DBX opt_bktr.h
OVERRIDE_MSP opt_bktr.h
BROOKTREE_SYSTEM_DEFAULT opt_bktr.h
BKTR_USE_PLL opt_bktr.h
BKTR_GPIO_ACCESS opt_bktr.h
BKTR_NO_MSP_RESET opt_bktr.h
BKTR_430_FX_MODE opt_bktr.h
BKTR_SIS_VIA_MODE opt_bktr.h
# meteor opt_meteor.h
METEOR_ALLOC_PAGES opt_meteor.h
METEOR_TEST_VIDEO opt_meteor.h
METEOR_SYSTEM_DEFAULT opt_meteor.h
METEOR_DEALLOC_PAGES opt_meteor.h
METEOR_DEALLOC_ABOVE opt_meteor.h
# Various mi ISA bus flags
COM_ESP opt_sio.h
COM_MULTIPORT opt_sio.h
BREAK_TO_DEBUGGER opt_comconsole.h
# Include tweaks for running under the SimOS machine simulator.
SIMOS opt_simos.h
# options for bus/device framework
BUS_DEBUG opt_bus.h
DEVICE_SYSCTLS opt_bus.h
# options for USB support
UHCI_DEBUG opt_usb.h
OHCI_DEBUG opt_usb.h
USB_DEBUG opt_usb.h
UGEN_DEBUG opt_usb.h
UHID_DEBUG opt_usb.h
UHUB_DEBUG opt_usb.h
UKBD_DEBUG opt_usb.h
ULPT_DEBUG opt_usb.h
UMASS_DEBUG opt_usb.h
UMS_DEBUG opt_usb.h
URIO_DEBUG opt_usb.h
# Vinum options
VINUMDEBUG opt_vinum.h
# Embedded system options
INIT_PATH opt_init_path.h
ROOTDEVNAME opt_rootdevname.h
FDC_DEBUG opt_fdc.h
PCFCLOCK_VERBOSE opt_pcfclock.h
PCFCLOCK_MAX_RETRIES opt_pcfclock.h