mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-27 13:34:00 +01:00
bd79708dbf
to add actions that run when a TCP frame is sent or received on a TCP session in the ESTABLISHED state. In the base tree, this functionality is only used for the h_ertt module, which is used by the cc_cdg, cc_chd, cc_hd, and cc_vegas congestion control modules. Presently, we incur overhead to check for hooks each time a TCP frame is sent or received on an ESTABLISHED TCP session. This change adds a new compile-time option (TCP_HHOOK) to determine whether to include the hhook(9) framework for TCP. To retain backwards compatibility, I added the TCP_HHOOK option to every configuration file that already defined "options INET". (Therefore, this patch introduces no functional change. In order to see a functional difference, you need to compile a custom kernel without the TCP_HHOOK option.) This change will allow users to easily exclude this functionality from their kernel, should they wish to do so. Note that any users who use a custom kernel configuration and use one of the congestion control modules listed above will need to add the TCP_HHOOK option to their kernel configuration. Reviewed by: rrs, lstewart, hiren (previous version), sjg (makefiles only) Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D8185
158 lines
4.4 KiB
Plaintext
158 lines
4.4 KiB
Plaintext
#
|
|
# Custom kernel for Seagate DockStar (Marvell SheevaPlug based) devices.
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
|
|
#
|
|
# The handbook is also available locally in /usr/share/doc/handbook
|
|
# if you've installed the doc distribution, otherwise always see the
|
|
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
|
|
# latest information.
|
|
#
|
|
# An exhaustive list of options and more detailed explanations of the
|
|
# device lines is also present in the ../../conf/NOTES and NOTES files.
|
|
# If you are in doubt as to the purpose or necessity of a line, check first
|
|
# in NOTES.
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
#NO_UNIVERSE
|
|
|
|
ident DOCKSTAR
|
|
|
|
include "std.arm"
|
|
include "../mv/kirkwood/std.db88f6xxx"
|
|
|
|
options SOC_MV_KIRKWOOD
|
|
|
|
options SCHED_4BSD # 4BSD scheduler
|
|
options INET # InterNETworking
|
|
options INET6 # IPv6 communications protocols
|
|
options TCP_HHOOK # hhook(9) framework for TCP
|
|
options FFS # Berkeley Fast Filesystem
|
|
options SOFTUPDATES # Enable FFS soft updates support
|
|
options NFSCL # Network Filesystem Client
|
|
options NFSLOCKD # Network Lock Manager
|
|
#options NFS_ROOT # NFS usable as /, requires NFSCL
|
|
options MSDOSFS # MSDOS Filesystem
|
|
options CD9660 # ISO 9660 filesystem
|
|
options NULLFS # NULL filesystem
|
|
options TMPFS # Efficient memory filesystem
|
|
options GEOM_PART_GPT # GUID Partition Tables
|
|
options GEOM_PART_BSD # BSD partition scheme
|
|
options GEOM_PART_MBR # MBR partition scheme
|
|
options GEOM_LABEL # Provides labelization
|
|
options GEOM_ELI # Disk encryption
|
|
options SYSVSHM # SYSV-style shared memory
|
|
options SYSVMSG # SYSV-style message queues
|
|
options SYSVSEM # SYSV-style semaphores
|
|
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
|
|
|
|
# Enable these options for nfs root configured via BOOTP.
|
|
#options BOOTP
|
|
#options BOOTP_NFSROOT
|
|
#options BOOTP_NFSV3
|
|
#options BOOTP_WIRED_TO=mge0
|
|
|
|
# If not using BOOTP, use something like one of these...
|
|
#options ROOTDEVNAME=\"ufs:/dev/da0a\"
|
|
options ROOTDEVNAME=\"ufs:/dev/da0s1a\"
|
|
#options ROOTDEVNAME=\"ufs:/dev/da0p10\"
|
|
#options ROOTDEVNAME=\"nfs:192.168.0.254/dreamplug\"
|
|
|
|
# Misc pseudo devices
|
|
device bpf # Required for DHCP
|
|
device firmware # firmware(9) required for USB wlan
|
|
device gif # IPv6 and IPv4 tunneling
|
|
device loop # Network loopback
|
|
device md # Memory/malloc disk
|
|
device pty # BSD-style compatibility pseudo ttys
|
|
device random # Entropy device
|
|
device tun # Packet tunnel.
|
|
device ether # Required for all ethernet devices
|
|
device vlan # 802.1Q VLAN support
|
|
device wlan # 802.11 WLAN support
|
|
|
|
# cam support for umass and ahci
|
|
device scbus
|
|
device pass
|
|
device da
|
|
|
|
# Serial ports
|
|
device uart
|
|
|
|
# Networking
|
|
device mge # Marvell Gigabit Ethernet controller
|
|
device mii
|
|
device mdio
|
|
device e1000phy
|
|
|
|
# USB
|
|
options USB_HOST_ALIGN=32 # Align DMA to cacheline
|
|
device usb # Basic usb support
|
|
device ehci # USB host controller
|
|
device umass # Mass storage
|
|
device uhid # Human-interface devices
|
|
device rum # Ralink Technology RT2501USB wireless NICs
|
|
device uath # Atheros AR5523 wireless NICs
|
|
device ural # Ralink Technology RT2500USB wireless NICs
|
|
device zyd # ZyDAS zb1211/zb1211b wireless NICs
|
|
device urtw # Realtek RTL8187B/L USB
|
|
device upgt # Conexant/Intersil PrismGT SoftMAC USB
|
|
device u3g # USB-based 3G modems (Option, Huawei, Sierra)
|
|
|
|
# I2C (TWSI)
|
|
device iic
|
|
device iicbus
|
|
device twsi
|
|
|
|
# Sound
|
|
device sound
|
|
device snd_uaudio
|
|
|
|
#crypto
|
|
device cesa # Marvell security engine
|
|
device crypto
|
|
device cryptodev
|
|
|
|
# IPSec
|
|
device enc
|
|
options IPSEC
|
|
options IPSEC_NAT_T
|
|
options TCP_SIGNATURE # include support for RFC 2385
|
|
|
|
# IPFW
|
|
options IPFIREWALL
|
|
options IPFIREWALL_DEFAULT_TO_ACCEPT
|
|
options IPFIREWALL_VERBOSE
|
|
options IPFIREWALL_VERBOSE_LIMIT=100
|
|
options IPFIREWALL_NAT
|
|
options LIBALIAS
|
|
options DUMMYNET
|
|
options IPDIVERT
|
|
|
|
#PF
|
|
device pf
|
|
device pflog
|
|
device pfsync
|
|
|
|
# GPIO
|
|
device gpio
|
|
|
|
# ALTQ, required for PF
|
|
options ALTQ # Basic ALTQ support
|
|
options ALTQ_CBQ # Class Based Queueing
|
|
options ALTQ_RED # Random Early Detection
|
|
options ALTQ_RIO # RED In/Out
|
|
options ALTQ_HFSC # Hierarchical Packet Scheduler
|
|
options ALTQ_CDNR # Traffic conditioner
|
|
options ALTQ_PRIQ # Priority Queueing
|
|
options ALTQ_NOPCC # Required if the TSC is unusable
|
|
#options ALTQ_DEBUG
|
|
|
|
# Flattened Device Tree
|
|
options FDT # Configure using FDT/DTB data
|
|
options FDT_DTB_STATIC
|
|
makeoptions FDT_DTS_FILE=dockstar.dts
|