HardenedBSD/sys/arm/conf/DOCKSTAR
Jonathan T. Looney bd79708dbf In the TCP stack, the hhook(9) framework provides hooks for kernel modules
to add actions that run when a TCP frame is sent or received on a TCP
session in the ESTABLISHED state. In the base tree, this functionality is
only used for the h_ertt module, which is used by the cc_cdg, cc_chd, cc_hd,
and cc_vegas congestion control modules.

Presently, we incur overhead to check for hooks each time a TCP frame is
sent or received on an ESTABLISHED TCP session.

This change adds a new compile-time option (TCP_HHOOK) to determine whether
to include the hhook(9) framework for TCP. To retain backwards
compatibility, I added the TCP_HHOOK option to every configuration file that
already defined "options INET". (Therefore, this patch introduces no
functional change. In order to see a functional difference, you need to
compile a custom kernel without the TCP_HHOOK option.) This change will
allow users to easily exclude this functionality from their kernel, should
they wish to do so.

Note that any users who use a custom kernel configuration and use one of the
congestion control modules listed above will need to add the TCP_HHOOK
option to their kernel configuration.

Reviewed by:	rrs, lstewart, hiren (previous version), sjg (makefiles only)
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D8185
2016-10-12 02:16:42 +00:00

158 lines
4.4 KiB
Plaintext

#
# Custom kernel for Seagate DockStar (Marvell SheevaPlug based) devices.
#
# $FreeBSD$
#
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD$
#
#NO_UNIVERSE
ident DOCKSTAR
include "std.arm"
include "../mv/kirkwood/std.db88f6xxx"
options SOC_MV_KIRKWOOD
options SCHED_4BSD # 4BSD scheduler
options INET # InterNETworking
options INET6 # IPv6 communications protocols
options TCP_HHOOK # hhook(9) framework for TCP
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options NFSCL # Network Filesystem Client
options NFSLOCKD # Network Lock Manager
#options NFS_ROOT # NFS usable as /, requires NFSCL
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 filesystem
options NULLFS # NULL filesystem
options TMPFS # Efficient memory filesystem
options GEOM_PART_GPT # GUID Partition Tables
options GEOM_PART_BSD # BSD partition scheme
options GEOM_PART_MBR # MBR partition scheme
options GEOM_LABEL # Provides labelization
options GEOM_ELI # Disk encryption
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
# Enable these options for nfs root configured via BOOTP.
#options BOOTP
#options BOOTP_NFSROOT
#options BOOTP_NFSV3
#options BOOTP_WIRED_TO=mge0
# If not using BOOTP, use something like one of these...
#options ROOTDEVNAME=\"ufs:/dev/da0a\"
options ROOTDEVNAME=\"ufs:/dev/da0s1a\"
#options ROOTDEVNAME=\"ufs:/dev/da0p10\"
#options ROOTDEVNAME=\"nfs:192.168.0.254/dreamplug\"
# Misc pseudo devices
device bpf # Required for DHCP
device firmware # firmware(9) required for USB wlan
device gif # IPv6 and IPv4 tunneling
device loop # Network loopback
device md # Memory/malloc disk
device pty # BSD-style compatibility pseudo ttys
device random # Entropy device
device tun # Packet tunnel.
device ether # Required for all ethernet devices
device vlan # 802.1Q VLAN support
device wlan # 802.11 WLAN support
# cam support for umass and ahci
device scbus
device pass
device da
# Serial ports
device uart
# Networking
device mge # Marvell Gigabit Ethernet controller
device mii
device mdio
device e1000phy
# USB
options USB_HOST_ALIGN=32 # Align DMA to cacheline
device usb # Basic usb support
device ehci # USB host controller
device umass # Mass storage
device uhid # Human-interface devices
device rum # Ralink Technology RT2501USB wireless NICs
device uath # Atheros AR5523 wireless NICs
device ural # Ralink Technology RT2500USB wireless NICs
device zyd # ZyDAS zb1211/zb1211b wireless NICs
device urtw # Realtek RTL8187B/L USB
device upgt # Conexant/Intersil PrismGT SoftMAC USB
device u3g # USB-based 3G modems (Option, Huawei, Sierra)
# I2C (TWSI)
device iic
device iicbus
device twsi
# Sound
device sound
device snd_uaudio
#crypto
device cesa # Marvell security engine
device crypto
device cryptodev
# IPSec
device enc
options IPSEC
options IPSEC_NAT_T
options TCP_SIGNATURE # include support for RFC 2385
# IPFW
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPFIREWALL_NAT
options LIBALIAS
options DUMMYNET
options IPDIVERT
#PF
device pf
device pflog
device pfsync
# GPIO
device gpio
# ALTQ, required for PF
options ALTQ # Basic ALTQ support
options ALTQ_CBQ # Class Based Queueing
options ALTQ_RED # Random Early Detection
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler
options ALTQ_CDNR # Traffic conditioner
options ALTQ_PRIQ # Priority Queueing
options ALTQ_NOPCC # Required if the TSC is unusable
#options ALTQ_DEBUG
# Flattened Device Tree
options FDT # Configure using FDT/DTB data
options FDT_DTB_STATIC
makeoptions FDT_DTS_FILE=dockstar.dts