mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-25 10:01:02 +01:00
2886 lines
101 KiB
Plaintext
2886 lines
101 KiB
Plaintext
#
|
||
# NOTES -- Lines that can be cut/pasted into kernel and hints configs.
|
||
#
|
||
# Lines that begin with 'device', 'options', 'machine', 'ident', 'maxusers',
|
||
# 'makeoptions', 'hints', etc. go into the kernel configuration that you
|
||
# run config(8) with.
|
||
#
|
||
# Lines that begin with 'envvar hint.' should go into your hints file.
|
||
# See /boot/device.hints and/or the 'hints' config(8) directive.
|
||
#
|
||
# Please use ``make LINT'' to create an old-style LINT file if you want to
|
||
# do kernel test-builds.
|
||
#
|
||
# This file contains machine independent kernel configuration notes. For
|
||
# machine dependent notes, look in /sys/<arch>/conf/NOTES.
|
||
#
|
||
|
||
#
|
||
# NOTES conventions and style guide:
|
||
#
|
||
# Large block comments should begin and end with a line containing only a
|
||
# comment character.
|
||
#
|
||
# To describe a particular object, a block comment (if it exists) should
|
||
# come first. Next should come device, options, and hints lines in that
|
||
# order. All device and option lines must be described by a comment that
|
||
# doesn't just expand the device or option name. Use only a concise
|
||
# comment on the same line if possible. Very detailed descriptions of
|
||
# devices and subsystems belong in man pages.
|
||
#
|
||
# A space followed by a tab separates 'options' from an option name. Two
|
||
# spaces followed by a tab separate 'device' from a device name. Comments
|
||
# after an option or device should use one space after the comment character.
|
||
# To comment out a negative option that disables code and thus should not be
|
||
# enabled for LINT builds, precede 'options' with "#!".
|
||
#
|
||
|
||
#
|
||
# This is the ``identification'' of the kernel. Usually this should
|
||
# be the same as the name of your kernel.
|
||
#
|
||
ident LINT
|
||
|
||
#
|
||
# The `maxusers' parameter controls the static sizing of a number of
|
||
# internal system tables by a formula defined in subr_param.c.
|
||
# Omitting this parameter or setting it to 0 will cause the system to
|
||
# auto-size based on physical memory.
|
||
#
|
||
maxusers 10
|
||
|
||
# To statically compile in device wiring instead of /boot/device.hints
|
||
#hints "LINT.hints" # Default places to look for devices.
|
||
|
||
# Use the following to compile in values accessible to the kernel
|
||
# through getenv() (or kenv(1) in userland). The format of the file
|
||
# is 'variable=value', see kenv(1)
|
||
#
|
||
#env "LINT.env"
|
||
|
||
#
|
||
# The `makeoptions' parameter allows variables to be passed to the
|
||
# generated Makefile in the build area.
|
||
#
|
||
# CONF_CFLAGS gives some extra compiler flags that are added to ${CFLAGS}
|
||
# after most other flags. Here we use it to inhibit use of non-optimal
|
||
# gcc built-in functions (e.g., memcmp).
|
||
#
|
||
# DEBUG happens to be magic.
|
||
# The following is equivalent to 'config -g KERNELNAME' and creates
|
||
# 'kernel.debug' compiled with -g debugging as well as a normal
|
||
# 'kernel'. Use 'make install.debug' to install the debug kernel
|
||
# but that isn't normally necessary as the debug symbols are not loaded
|
||
# by the kernel and are not useful there anyway.
|
||
#
|
||
# KERNEL can be overridden so that you can change the default name of your
|
||
# kernel.
|
||
#
|
||
# MODULES_OVERRIDE can be used to limit modules built to a specific list.
|
||
#
|
||
makeoptions CONF_CFLAGS=-fno-builtin #Don't allow use of memcmp, etc.
|
||
#makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols
|
||
#makeoptions KERNEL=foo #Build kernel "foo" and install "/foo"
|
||
# Only build ext2fs module plus those parts of the sound system I need.
|
||
#makeoptions MODULES_OVERRIDE="ext2fs sound/sound sound/driver/maestro3"
|
||
makeoptions DESTDIR=/tmp
|
||
|
||
#
|
||
# FreeBSD processes are subject to certain limits to their consumption
|
||
# of system resources. See getrlimit(2) for more details. Each
|
||
# resource limit has two values, a "soft" limit and a "hard" limit.
|
||
# The soft limits can be modified during normal system operation, but
|
||
# the hard limits are set at boot time. Their default values are
|
||
# in sys/<arch>/include/vmparam.h. There are two ways to change them:
|
||
#
|
||
# 1. Set the values at kernel build time. The options below are one
|
||
# way to allow that limit to grow to 1GB. They can be increased
|
||
# further by changing the parameters:
|
||
#
|
||
# 2. In /boot/loader.conf, set the tunables kern.maxswzone,
|
||
# kern.maxbcache, kern.maxtsiz, kern.dfldsiz, kern.maxdsiz,
|
||
# kern.dflssiz, kern.maxssiz and kern.sgrowsiz.
|
||
#
|
||
# The options in /boot/loader.conf override anything in the kernel
|
||
# configuration file. See the function init_param1 in
|
||
# sys/kern/subr_param.c for more details.
|
||
#
|
||
|
||
options MAXDSIZ=(1024UL*1024*1024)
|
||
options MAXSSIZ=(128UL*1024*1024)
|
||
options DFLDSIZ=(1024UL*1024*1024)
|
||
|
||
#
|
||
# BLKDEV_IOSIZE sets the default block size used in user block
|
||
# device I/O. Note that this value will be overridden by the label
|
||
# when specifying a block device from a label with a non-0
|
||
# partition blocksize. The default is PAGE_SIZE.
|
||
#
|
||
options BLKDEV_IOSIZE=8192
|
||
|
||
#
|
||
# MAXPHYS and DFLTPHYS
|
||
#
|
||
# These are the maximal and safe 'raw' I/O block device access sizes.
|
||
# Reads and writes will be split into MAXPHYS chunks for known good
|
||
# devices and DFLTPHYS for the rest. Some applications have better
|
||
# performance with larger raw I/O access sizes. Note that certain VM
|
||
# parameters are derived from these values and making them too large
|
||
# can make an unbootable kernel.
|
||
#
|
||
# The defaults are 64K and 128K respectively.
|
||
options DFLTPHYS=(64*1024)
|
||
options MAXPHYS=(128*1024)
|
||
|
||
|
||
# This allows you to actually store this configuration file into
|
||
# the kernel binary itself. See config(8) for more details.
|
||
#
|
||
options INCLUDE_CONFIG_FILE # Include this file in kernel
|
||
|
||
#
|
||
# Compile-time defaults for various boot parameters
|
||
#
|
||
options BOOTVERBOSE=1
|
||
options BOOTHOWTO=RB_MULTIPLE
|
||
|
||
#
|
||
# Compile-time defaults for dmesg boot tagging
|
||
#
|
||
# Default boot tag; may use 'kern.boot_tag' loader tunable to override. The
|
||
# current boot's tag is also exposed via the 'kern.boot_tag' sysctl.
|
||
options BOOT_TAG=\"\"
|
||
# Maximum boot tag size the kernel's static buffer should accommodate. Maximum
|
||
# size for both BOOT_TAG and the assocated tunable.
|
||
options BOOT_TAG_SZ=32
|
||
|
||
options GEOM_CACHE # Disk cache.
|
||
options GEOM_CONCAT # Disk concatenation.
|
||
options GEOM_ELI # Disk encryption.
|
||
options GEOM_GATE # Userland services.
|
||
options GEOM_JOURNAL # Journaling.
|
||
options GEOM_LABEL # Providers labelization.
|
||
options GEOM_LINUX_LVM # Linux LVM2 volumes
|
||
options GEOM_MAP # Map based partitioning
|
||
options GEOM_MIRROR # Disk mirroring.
|
||
options GEOM_MULTIPATH # Disk multipath
|
||
options GEOM_NOP # Test class.
|
||
options GEOM_PART_APM # Apple partitioning
|
||
options GEOM_PART_BSD # BSD disklabel
|
||
options GEOM_PART_BSD64 # BSD disklabel64
|
||
options GEOM_PART_EBR # Extended Boot Records
|
||
options GEOM_PART_GPT # GPT partitioning
|
||
options GEOM_PART_LDM # Logical Disk Manager
|
||
options GEOM_PART_MBR # MBR partitioning
|
||
options GEOM_RAID # Soft RAID functionality.
|
||
options GEOM_RAID3 # RAID3 functionality.
|
||
options GEOM_SHSEC # Shared secret.
|
||
options GEOM_STRIPE # Disk striping.
|
||
options GEOM_UZIP # Read-only compressed disks
|
||
options GEOM_VINUM # Vinum logical volume manager
|
||
options GEOM_VIRSTOR # Virtual storage.
|
||
options GEOM_ZERO # Performance testing helper.
|
||
|
||
#
|
||
# The root device and filesystem type can be compiled in;
|
||
# this provides a fallback option if the root device cannot
|
||
# be correctly guessed by the bootstrap code, or an override if
|
||
# the RB_DFLTROOT flag (-r) is specified when booting the kernel.
|
||
#
|
||
options ROOTDEVNAME=\"ufs:da0s2e\"
|
||
|
||
|
||
#####################################################################
|
||
# Scheduler options:
|
||
#
|
||
# Specifying one of SCHED_4BSD or SCHED_ULE is mandatory. These options
|
||
# select which scheduler is compiled in.
|
||
#
|
||
# SCHED_4BSD is the historical, proven, BSD scheduler. It has a global run
|
||
# queue and no CPU affinity which makes it suboptimal for SMP. It has very
|
||
# good interactivity and priority selection.
|
||
#
|
||
# SCHED_ULE provides significant performance advantages over 4BSD on many
|
||
# workloads on SMP machines. It supports cpu-affinity, per-cpu runqueues
|
||
# and scheduler locks. It also has a stronger notion of interactivity
|
||
# which leads to better responsiveness even on uniprocessor machines. This
|
||
# is the default scheduler.
|
||
#
|
||
# SCHED_STATS is a debugging option which keeps some stats in the sysctl
|
||
# tree at 'kern.sched.stats' and is useful for debugging scheduling decisions.
|
||
#
|
||
options SCHED_4BSD
|
||
options SCHED_STATS
|
||
#options SCHED_ULE
|
||
|
||
#####################################################################
|
||
# SMP OPTIONS:
|
||
#
|
||
# SMP enables building of a Symmetric MultiProcessor Kernel.
|
||
|
||
# Mandatory:
|
||
options SMP # Symmetric MultiProcessor Kernel
|
||
|
||
# EARLY_AP_STARTUP releases the Application Processors earlier in the
|
||
# kernel startup process (before devices are probed) rather than at the
|
||
# end. This is a temporary option for use during the transition from
|
||
# late to early AP startup.
|
||
options EARLY_AP_STARTUP
|
||
|
||
# MAXCPU defines the maximum number of CPUs that can boot in the system.
|
||
# A default value should be already present, for every architecture.
|
||
options MAXCPU=32
|
||
|
||
# NUMA enables use of Non-Uniform Memory Access policies in various kernel
|
||
# subsystems.
|
||
options NUMA
|
||
|
||
# MAXMEMDOM defines the maximum number of memory domains that can boot in the
|
||
# system. A default value should already be defined by every architecture.
|
||
options MAXMEMDOM=2
|
||
|
||
# ADAPTIVE_MUTEXES changes the behavior of blocking mutexes to spin
|
||
# if the thread that currently owns the mutex is executing on another
|
||
# CPU. This behavior is enabled by default, so this option can be used
|
||
# to disable it.
|
||
options NO_ADAPTIVE_MUTEXES
|
||
|
||
# ADAPTIVE_RWLOCKS changes the behavior of reader/writer locks to spin
|
||
# if the thread that currently owns the rwlock is executing on another
|
||
# CPU. This behavior is enabled by default, so this option can be used
|
||
# to disable it.
|
||
options NO_ADAPTIVE_RWLOCKS
|
||
|
||
# ADAPTIVE_SX changes the behavior of sx locks to spin if the thread that
|
||
# currently owns the sx lock is executing on another CPU.
|
||
# This behavior is enabled by default, so this option can be used to
|
||
# disable it.
|
||
options NO_ADAPTIVE_SX
|
||
|
||
# MUTEX_NOINLINE forces mutex operations to call functions to perform each
|
||
# operation rather than inlining the simple cases. This can be used to
|
||
# shrink the size of the kernel text segment. Note that this behavior is
|
||
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
|
||
# and WITNESS options.
|
||
options MUTEX_NOINLINE
|
||
|
||
# RWLOCK_NOINLINE forces rwlock operations to call functions to perform each
|
||
# operation rather than inlining the simple cases. This can be used to
|
||
# shrink the size of the kernel text segment. Note that this behavior is
|
||
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
|
||
# and WITNESS options.
|
||
options RWLOCK_NOINLINE
|
||
|
||
# SX_NOINLINE forces sx lock operations to call functions to perform each
|
||
# operation rather than inlining the simple cases. This can be used to
|
||
# shrink the size of the kernel text segment. Note that this behavior is
|
||
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
|
||
# and WITNESS options.
|
||
options SX_NOINLINE
|
||
|
||
# SMP Debugging Options:
|
||
#
|
||
# CALLOUT_PROFILING enables rudimentary profiling of the callwheel data
|
||
# structure used as backend in callout(9).
|
||
# PREEMPTION allows the threads that are in the kernel to be preempted by
|
||
# higher priority [interrupt] threads. It helps with interactivity
|
||
# and allows interrupt threads to run sooner rather than waiting.
|
||
# FULL_PREEMPTION instructs the kernel to preempt non-realtime kernel
|
||
# threads. Its sole use is to expose race conditions and other
|
||
# bugs during development. Enabling this option will reduce
|
||
# performance and increase the frequency of kernel panics by
|
||
# design. If you aren't sure that you need it then you don't.
|
||
# Relies on the PREEMPTION option. DON'T TURN THIS ON.
|
||
# SLEEPQUEUE_PROFILING enables rudimentary profiling of the hash table
|
||
# used to hold active sleep queues as well as sleep wait message
|
||
# frequency.
|
||
# TURNSTILE_PROFILING enables rudimentary profiling of the hash table
|
||
# used to hold active lock queues.
|
||
# UMTX_PROFILING enables rudimentary profiling of the hash table used
|
||
# to hold active lock queues.
|
||
# WITNESS enables the witness code which detects deadlocks and cycles
|
||
# during locking operations.
|
||
# WITNESS_KDB causes the witness code to drop into the kernel debugger if
|
||
# a lock hierarchy violation occurs or if locks are held when going to
|
||
# sleep.
|
||
# WITNESS_SKIPSPIN disables the witness checks on spin mutexes.
|
||
options PREEMPTION
|
||
options FULL_PREEMPTION
|
||
options WITNESS
|
||
options WITNESS_KDB
|
||
options WITNESS_SKIPSPIN
|
||
|
||
# LOCK_PROFILING - Profiling locks. See LOCK_PROFILING(9) for details.
|
||
options LOCK_PROFILING
|
||
# Set the number of buffers and the hash size. The hash size MUST be larger
|
||
# than the number of buffers. Hash size should be prime.
|
||
options MPROF_BUFFERS="1536"
|
||
options MPROF_HASH_SIZE="1543"
|
||
|
||
# Profiling for the callout(9) backend.
|
||
options CALLOUT_PROFILING
|
||
|
||
# Profiling for internal hash tables.
|
||
options SLEEPQUEUE_PROFILING
|
||
options TURNSTILE_PROFILING
|
||
options UMTX_PROFILING
|
||
|
||
# Debugging traces for epoch(9) misuse
|
||
options EPOCH_TRACE
|
||
|
||
#####################################################################
|
||
# COMPATIBILITY OPTIONS
|
||
|
||
# Old tty interface.
|
||
options COMPAT_43TTY
|
||
|
||
# Note that as a general rule, COMPAT_FREEBSD<n> depends on
|
||
# COMPAT_FREEBSD<n+1>, COMPAT_FREEBSD<n+2>, etc.
|
||
|
||
# Enable FreeBSD4 compatibility syscalls
|
||
options COMPAT_FREEBSD4
|
||
|
||
# Enable FreeBSD5 compatibility syscalls
|
||
options COMPAT_FREEBSD5
|
||
|
||
# Enable FreeBSD6 compatibility syscalls
|
||
options COMPAT_FREEBSD6
|
||
|
||
# Enable FreeBSD7 compatibility syscalls
|
||
options COMPAT_FREEBSD7
|
||
|
||
# Enable FreeBSD9 compatibility syscalls
|
||
options COMPAT_FREEBSD9
|
||
|
||
# Enable FreeBSD10 compatibility syscalls
|
||
options COMPAT_FREEBSD10
|
||
|
||
# Enable FreeBSD11 compatibility syscalls
|
||
options COMPAT_FREEBSD11
|
||
|
||
# Enable FreeBSD12 compatibility syscalls
|
||
options COMPAT_FREEBSD12
|
||
|
||
# Enable FreeBSD13 compatibility syscalls
|
||
options COMPAT_FREEBSD13
|
||
|
||
# Enable FreeBSD14 compatibility syscalls
|
||
options COMPAT_FREEBSD14
|
||
|
||
# Enable Linux Kernel Programming Interface
|
||
options COMPAT_LINUXKPI
|
||
|
||
#
|
||
# These three options provide support for System V Interface
|
||
# Definition-style interprocess communication, in the form of shared
|
||
# memory, semaphores, and message queues, respectively.
|
||
#
|
||
options SYSVSHM
|
||
options SYSVSEM
|
||
options SYSVMSG
|
||
|
||
|
||
#####################################################################
|
||
# DEBUGGING OPTIONS
|
||
|
||
#
|
||
# Compile with kernel debugger related code.
|
||
#
|
||
options KDB
|
||
|
||
#
|
||
# Print a stack trace of the current thread on the console for a panic.
|
||
#
|
||
options KDB_TRACE
|
||
|
||
#
|
||
# Don't enter the debugger for a panic. Intended for unattended operation
|
||
# where you may want to enter the debugger from the console, but still want
|
||
# the machine to recover from a panic.
|
||
#
|
||
options KDB_UNATTENDED
|
||
|
||
#
|
||
# Enable the ddb debugger backend.
|
||
#
|
||
options DDB
|
||
|
||
#
|
||
# Print the numerical value of symbols in addition to the symbolic
|
||
# representation.
|
||
#
|
||
options DDB_NUMSYM
|
||
|
||
#
|
||
# Enable the remote gdb debugger backend.
|
||
#
|
||
options GDB
|
||
|
||
#
|
||
# Trashes list pointers when they become invalid (i.e., the element is
|
||
# removed from a list). Relatively inexpensive to enable.
|
||
#
|
||
options QUEUE_MACRO_DEBUG_TRASH
|
||
|
||
#
|
||
# Stores information about the last caller to modify the list object
|
||
# in the list object. Requires additional memory overhead.
|
||
#
|
||
#options QUEUE_MACRO_DEBUG_TRACE
|
||
|
||
#
|
||
# SYSCTL_DEBUG enables a 'sysctl' debug tree that can be used to dump the
|
||
# contents of the registered sysctl nodes on the console. It is disabled by
|
||
# default because it generates excessively verbose console output that can
|
||
# interfere with serial console operation.
|
||
#
|
||
options SYSCTL_DEBUG
|
||
|
||
#
|
||
# Enable textdump by default, this disables kernel core dumps.
|
||
#
|
||
options TEXTDUMP_PREFERRED
|
||
|
||
#
|
||
# Enable extra debug messages while performing textdumps.
|
||
#
|
||
options TEXTDUMP_VERBOSE
|
||
|
||
#
|
||
# NO_SYSCTL_DESCR omits the sysctl node descriptions to save space in the
|
||
# resulting kernel.
|
||
options NO_SYSCTL_DESCR
|
||
|
||
#
|
||
# MALLOC_DEBUG_MAXZONES enables multiple uma zones for malloc(9)
|
||
# allocations that are smaller than a page. The purpose is to isolate
|
||
# different malloc types into hash classes, so that any buffer
|
||
# overruns or use-after-free will usually only affect memory from
|
||
# malloc types in that hash class. This is purely a debugging tool;
|
||
# by varying the hash function and tracking which hash class was
|
||
# corrupted, the intersection of the hash classes from each instance
|
||
# will point to a single malloc type that is being misused. At this
|
||
# point inspection or memguard(9) can be used to catch the offending
|
||
# code.
|
||
#
|
||
options MALLOC_DEBUG_MAXZONES=8
|
||
|
||
#
|
||
# DEBUG_MEMGUARD builds and enables memguard(9), a replacement allocator
|
||
# for the kernel used to detect modify-after-free scenarios. See the
|
||
# memguard(9) man page for more information on usage.
|
||
#
|
||
options DEBUG_MEMGUARD
|
||
|
||
#
|
||
# DEBUG_REDZONE enables buffer underflows and buffer overflows detection for
|
||
# malloc(9).
|
||
#
|
||
options DEBUG_REDZONE
|
||
|
||
#
|
||
# EARLY_PRINTF enables support for calling a special printf (eprintf)
|
||
# very early in the kernel (before cn_init() has been called). This
|
||
# should only be used for debugging purposes early in boot. Normally,
|
||
# it is not defined. It is commented out here because this feature
|
||
# isn't generally available. And the required eputc() isn't defined.
|
||
#
|
||
#options EARLY_PRINTF
|
||
|
||
#
|
||
# KTRACE enables the system-call tracing facility ktrace(2). To be more
|
||
# SMP-friendly, KTRACE uses a worker thread to process most trace events
|
||
# asynchronously to the thread generating the event. This requires a
|
||
# pre-allocated store of objects representing trace events. The
|
||
# KTRACE_REQUEST_POOL option specifies the initial size of this store.
|
||
# The size of the pool can be adjusted both at boottime and runtime via
|
||
# the kern.ktrace_request_pool tunable and sysctl.
|
||
#
|
||
options KTRACE #kernel tracing
|
||
options KTRACE_REQUEST_POOL=101
|
||
|
||
#
|
||
# KTR is a kernel tracing facility imported from BSD/OS. It is
|
||
# enabled with the KTR option. KTR_ENTRIES defines the number of
|
||
# entries in the circular trace buffer; it may be an arbitrary number.
|
||
# KTR_BOOT_ENTRIES defines the number of entries during the early boot,
|
||
# before malloc(9) is functional.
|
||
# KTR_COMPILE defines the mask of events to compile into the kernel as
|
||
# defined by the KTR_* constants in <sys/ktr.h>. KTR_MASK defines the
|
||
# initial value of the ktr_mask variable which determines at runtime
|
||
# what events to trace. KTR_CPUMASK determines which CPU's log
|
||
# events, with bit X corresponding to CPU X. The layout of the string
|
||
# passed as KTR_CPUMASK must match a series of bitmasks each of them
|
||
# separated by the "," character (ie:
|
||
# KTR_CPUMASK=0xAF,0xFFFFFFFFFFFFFFFF). KTR_VERBOSE enables
|
||
# dumping of KTR events to the console by default. This functionality
|
||
# can be toggled via the debug.ktr_verbose sysctl and defaults to off
|
||
# if KTR_VERBOSE is not defined. See ktr(4) and ktrdump(8) for details.
|
||
#
|
||
options KTR
|
||
options KTR_BOOT_ENTRIES=1024
|
||
options KTR_ENTRIES=(128*1024)
|
||
options KTR_COMPILE=(KTR_ALL)
|
||
options KTR_MASK=KTR_INTR
|
||
options KTR_CPUMASK=0x3
|
||
options KTR_VERBOSE
|
||
|
||
#
|
||
# ALQ(9) is a facility for the asynchronous queuing of records from the kernel
|
||
# to a vnode, and is employed by services such as ktr(4) to produce trace
|
||
# files based on a kernel event stream. Records are written asynchronously
|
||
# in a worker thread.
|
||
#
|
||
options ALQ
|
||
options KTR_ALQ
|
||
|
||
#
|
||
# The INVARIANTS option is used in a number of source files to enable
|
||
# extra sanity checking of internal structures. This support is not
|
||
# enabled by default because of the extra time it would take to check
|
||
# for these conditions, which can only occur as a result of
|
||
# programming errors.
|
||
#
|
||
options INVARIANTS
|
||
|
||
#
|
||
# The INVARIANT_SUPPORT option makes us compile in support for
|
||
# verifying some of the internal structures. It is a prerequisite for
|
||
# 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be
|
||
# called. The intent is that you can set 'INVARIANTS' for single
|
||
# source files (by changing the source file or specifying it on the
|
||
# command line) if you have 'INVARIANT_SUPPORT' enabled. Also, if you
|
||
# wish to build a kernel module with 'INVARIANTS', then adding
|
||
# 'INVARIANT_SUPPORT' to your kernel will provide all the necessary
|
||
# infrastructure without the added overhead.
|
||
#
|
||
options INVARIANT_SUPPORT
|
||
|
||
#
|
||
# The KASSERT_PANIC_OPTIONAL option allows kasserts to fire without
|
||
# necessarily inducing a panic. Panic is the default behavior, but
|
||
# runtime options can configure it either entirely off, or off with a
|
||
# limit.
|
||
#
|
||
options KASSERT_PANIC_OPTIONAL
|
||
|
||
#
|
||
# The DIAGNOSTIC option is used to enable extra debugging information
|
||
# and invariants checking. The added checks are too expensive or noisy
|
||
# for an INVARIANTS kernel and thus are disabled by default. It is
|
||
# expected that a kernel configured with DIAGNOSTIC will also have the
|
||
# INVARIANTS option enabled.
|
||
#
|
||
options DIAGNOSTIC
|
||
|
||
#
|
||
# REGRESSION causes optional kernel interfaces necessary only for regression
|
||
# testing to be enabled. These interfaces may constitute security risks
|
||
# when enabled, as they permit processes to easily modify aspects of the
|
||
# run-time environment to reproduce unlikely or unusual (possibly normally
|
||
# impossible) scenarios.
|
||
#
|
||
options REGRESSION
|
||
|
||
#
|
||
# This option lets some drivers co-exist that can't co-exist in a running
|
||
# system. This is used to be able to compile all kernel code in one go for
|
||
# quality assurance purposes (like this file, which the option takes it name
|
||
# from.)
|
||
#
|
||
options COMPILING_LINT
|
||
|
||
#
|
||
# STACK enables the stack(9) facility, allowing the capture of kernel stack
|
||
# for the purpose of procinfo(1), etc. stack(9) will also be compiled in
|
||
# automatically if DDB(4) is compiled into the kernel.
|
||
#
|
||
options STACK
|
||
|
||
#
|
||
# The NUM_CORE_FILES option specifies the limit for the number of core
|
||
# files generated by a particular process, when the core file format
|
||
# specifier includes the %I pattern. Since we only have 1 character for
|
||
# the core count in the format string, meaning the range will be 0-9, the
|
||
# maximum value allowed for this option is 10.
|
||
# This core file limit can be adjusted at runtime via the debug.ncores
|
||
# sysctl.
|
||
#
|
||
options NUM_CORE_FILES=5
|
||
|
||
#
|
||
# The TSLOG option enables timestamped logging of events, especially
|
||
# function entries/exits, in order to track the time spent by the kernel.
|
||
# In particular, this is useful when investigating the early boot process,
|
||
# before it is possible to use more sophisticated tools like DTrace.
|
||
# The TSLOGSIZE option controls the size of the (preallocated, fixed
|
||
# length) buffer used for storing these events (default: 262144 records).
|
||
# The TSLOG_PAGEZERO option enables TSLOG of pmap_zero_page; this must be
|
||
# enabled separately since it typically generates too many records to be
|
||
# useful.
|
||
#
|
||
# For security reasons the TSLOG option should not be enabled on systems
|
||
# used in production.
|
||
#
|
||
options TSLOG
|
||
options TSLOGSIZE=262144
|
||
|
||
|
||
#####################################################################
|
||
# PERFORMANCE MONITORING OPTIONS
|
||
|
||
#
|
||
# The hwpmc driver that allows the use of in-CPU performance monitoring
|
||
# counters for performance monitoring. The base kernel needs to be configured
|
||
# with the 'options' line, while the hwpmc device can be either compiled
|
||
# in or loaded as a loadable kernel module.
|
||
#
|
||
# Additional configuration options may be required on specific architectures,
|
||
# please see hwpmc(4).
|
||
|
||
device hwpmc # Driver (also a loadable module)
|
||
options HWPMC_DEBUG
|
||
options HWPMC_HOOKS # Other necessary kernel hooks
|
||
|
||
|
||
#####################################################################
|
||
# NETWORKING OPTIONS
|
||
|
||
#
|
||
# Protocol families
|
||
#
|
||
options INET #Internet communications protocols
|
||
options INET6 #IPv6 communications protocols
|
||
#
|
||
# Note if you include INET/INET6 or both options
|
||
# You *must* define at least one of the congestion control
|
||
# options or the compile will fail. GENERIC defines
|
||
# options CC_CUBIC. You may want to specify a default
|
||
# if multiple congestion controls are compiled in.
|
||
# The string in default is the name of the
|
||
# cc module as it would appear in the sysctl for
|
||
# setting the default. The code defines CUBIC
|
||
# as default, or the sole cc_module compiled in.
|
||
#
|
||
options CC_CDG
|
||
options CC_CHD
|
||
options CC_CUBIC
|
||
options CC_DCTCP
|
||
options CC_HD
|
||
options CC_HTCP
|
||
options CC_NEWRENO
|
||
options CC_VEGAS
|
||
options CC_DEFAULT=\"cubic\"
|
||
options RATELIMIT # TX rate limiting support
|
||
|
||
options ROUTETABLES=2 # allocated fibs up to 65536. default is 1.
|
||
# but that would be a bad idea as they are large.
|
||
|
||
options TCP_OFFLOAD # TCP offload support.
|
||
options TCP_RFC7413 # TCP Fast Open
|
||
|
||
options TCPHPTS
|
||
|
||
# In order to enable IPSEC you MUST also add device crypto to
|
||
# your kernel configuration
|
||
options IPSEC #IP security (requires device crypto)
|
||
|
||
# Option IPSEC_SUPPORT does not enable IPsec, but makes it possible to
|
||
# load it as a kernel module. You still MUST add device crypto to your kernel
|
||
# configuration.
|
||
options IPSEC_SUPPORT
|
||
#options IPSEC_DEBUG #debug for IP security
|
||
|
||
# Alternative TCP stacks
|
||
options TCP_BBR
|
||
options TCP_RACK
|
||
|
||
# TLS framing and encryption/decryption of data over TCP sockets.
|
||
options KERN_TLS # TLS transmit and receive offload
|
||
|
||
# Netlink kernel/user<>kernel/user messaging interface
|
||
options NETLINK
|
||
|
||
#
|
||
# SMB/CIFS requester
|
||
# NETSMB enables support for SMB protocol, it requires LIBMCHAIN and LIBICONV
|
||
# options.
|
||
options NETSMB #SMB/CIFS requester
|
||
|
||
# mchain library. It can be either loaded as KLD or compiled into kernel
|
||
options LIBMCHAIN
|
||
|
||
# libalias library, performing NAT
|
||
options LIBALIAS
|
||
|
||
#
|
||
# SCTP is a NEW transport protocol defined by
|
||
# RFC2960 updated by RFC3309 and RFC3758.. and
|
||
# soon to have a new base RFC and many many more
|
||
# extensions. This release supports all the extensions
|
||
# including many drafts (most about to become RFC's).
|
||
# It is the reference implementation of SCTP
|
||
# and is quite well tested.
|
||
#
|
||
# Note YOU MUST have both INET and INET6 defined.
|
||
# You don't have to enable V6, but SCTP is
|
||
# dual stacked and so far we have not torn apart
|
||
# the V6 and V4.. since an association can span
|
||
# both a V6 and V4 address at the SAME time :-)
|
||
#
|
||
# The SCTP_SUPPORT option does not enable SCTP, but provides the necessary
|
||
# support for loading SCTP as a loadable kernel module.
|
||
#
|
||
options SCTP
|
||
options SCTP_SUPPORT
|
||
|
||
# There are bunches of options:
|
||
# this one turns on all sorts of
|
||
# nastily printing that you can
|
||
# do. It's all controlled by a
|
||
# bit mask (settable by socket opt and
|
||
# by sysctl). Including will not cause
|
||
# logging until you set the bits.. but it
|
||
# can be quite verbose.. so without this
|
||
# option we don't do any of the tests for
|
||
# bits and prints.. which makes the code run
|
||
# faster.. if you are not debugging don't use.
|
||
options SCTP_DEBUG
|
||
|
||
#
|
||
# All that options after that turn on specific types of
|
||
# logging. You can monitor CWND growth, flight size
|
||
# and all sorts of things. Go look at the code and
|
||
# see. I have used this to produce interesting
|
||
# charts and graphs as well :->
|
||
#
|
||
# I have not yet committed the tools to get and print
|
||
# the logs, I will do that eventually .. before then
|
||
# if you want them send me an email rrs@freebsd.org
|
||
# You basically must have ktr(4) enabled for these
|
||
# and you then set the sysctl to turn on/off various
|
||
# logging bits. Use ktrdump(8) to pull the log and run
|
||
# it through a display program.. and graphs and other
|
||
# things too.
|
||
#
|
||
options SCTP_LOCK_LOGGING
|
||
options SCTP_MBUF_LOGGING
|
||
options SCTP_MBCNT_LOGGING
|
||
options SCTP_PACKET_LOGGING
|
||
options SCTP_LTRACE_CHUNKS
|
||
options SCTP_LTRACE_ERRORS
|
||
|
||
# OpenFabrics Enterprise Distribution (Infiniband).
|
||
options OFED
|
||
options OFED_DEBUG_INIT
|
||
|
||
# Sockets Direct Protocol
|
||
options SDP
|
||
options SDP_DEBUG
|
||
|
||
# IP over Infiniband
|
||
options IPOIB
|
||
options IPOIB_DEBUG
|
||
options IPOIB_CM
|
||
|
||
# altq(9). Enable the base part of the hooks with the ALTQ option.
|
||
# Individual disciplines must be built into the base system and can not be
|
||
# loaded as modules at this point. ALTQ requires a stable TSC so if yours is
|
||
# broken or changes with CPU throttling then you must also have the ALTQ_NOPCC
|
||
# option.
|
||
options ALTQ
|
||
options ALTQ_CBQ # Class Based Queueing
|
||
options ALTQ_RED # Random Early Detection
|
||
options ALTQ_RIO # RED In/Out
|
||
options ALTQ_CODEL # CoDel Active Queueing
|
||
options ALTQ_HFSC # Hierarchical Packet Scheduler
|
||
options ALTQ_FAIRQ # Fair Packet Scheduler
|
||
options ALTQ_CDNR # Traffic conditioner
|
||
options ALTQ_PRIQ # Priority Queueing
|
||
options ALTQ_NOPCC # Required if the TSC is unusable
|
||
options ALTQ_DEBUG
|
||
|
||
# netgraph(4). Enable the base netgraph code with the NETGRAPH option.
|
||
# Individual node types can be enabled with the corresponding option
|
||
# listed below; however, this is not strictly necessary as netgraph
|
||
# will automatically load the corresponding KLD module if the node type
|
||
# is not already compiled into the kernel. Each type below has a
|
||
# corresponding man page, e.g., ng_async(8).
|
||
options NETGRAPH # netgraph(4) system
|
||
options NETGRAPH_DEBUG # enable extra debugging, this
|
||
# affects netgraph(4) and nodes
|
||
# Node types
|
||
options NETGRAPH_ASYNC
|
||
options NETGRAPH_BLUETOOTH # ng_bluetooth(4)
|
||
options NETGRAPH_BLUETOOTH_HCI # ng_hci(4)
|
||
options NETGRAPH_BLUETOOTH_L2CAP # ng_l2cap(4)
|
||
options NETGRAPH_BLUETOOTH_SOCKET # ng_btsocket(4)
|
||
options NETGRAPH_BLUETOOTH_UBT # ng_ubt(4)
|
||
options NETGRAPH_BLUETOOTH_UBTBCMFW # ubtbcmfw(4)
|
||
options NETGRAPH_BPF
|
||
options NETGRAPH_BRIDGE
|
||
options NETGRAPH_CAR
|
||
options NETGRAPH_CHECKSUM
|
||
options NETGRAPH_CISCO
|
||
options NETGRAPH_DEFLATE
|
||
options NETGRAPH_DEVICE
|
||
options NETGRAPH_ECHO
|
||
options NETGRAPH_EIFACE
|
||
options NETGRAPH_ETHER
|
||
options NETGRAPH_FRAME_RELAY
|
||
options NETGRAPH_GIF
|
||
options NETGRAPH_GIF_DEMUX
|
||
options NETGRAPH_HOLE
|
||
options NETGRAPH_IFACE
|
||
options NETGRAPH_IP_INPUT
|
||
options NETGRAPH_IPFW
|
||
options NETGRAPH_KSOCKET
|
||
options NETGRAPH_L2TP
|
||
options NETGRAPH_LMI
|
||
options NETGRAPH_MPPC_COMPRESSION
|
||
options NETGRAPH_MPPC_ENCRYPTION
|
||
options NETGRAPH_NETFLOW
|
||
options NETGRAPH_NAT
|
||
options NETGRAPH_ONE2MANY
|
||
options NETGRAPH_PATCH
|
||
options NETGRAPH_PIPE
|
||
options NETGRAPH_PPP
|
||
options NETGRAPH_PPPOE
|
||
options NETGRAPH_PPTPGRE
|
||
options NETGRAPH_PRED1
|
||
options NETGRAPH_RFC1490
|
||
options NETGRAPH_SOCKET
|
||
options NETGRAPH_SPLIT
|
||
options NETGRAPH_TAG
|
||
options NETGRAPH_TCPMSS
|
||
options NETGRAPH_TEE
|
||
options NETGRAPH_UI
|
||
options NETGRAPH_VJC
|
||
options NETGRAPH_VLAN
|
||
|
||
# Network stack virtualization.
|
||
options VIMAGE
|
||
options VNET_DEBUG # debug for VIMAGE
|
||
|
||
#
|
||
# Network interfaces:
|
||
# The `loop' device is MANDATORY when networking is enabled.
|
||
device loop
|
||
|
||
# The `ether' device provides generic code to handle
|
||
# Ethernets; it is MANDATORY when an Ethernet device driver is
|
||
# configured.
|
||
device ether
|
||
|
||
# The `vlan' device implements the VLAN tagging of Ethernet frames
|
||
# according to IEEE 802.1Q.
|
||
device vlan
|
||
|
||
# The `vxlan' device implements the VXLAN encapsulation of Ethernet
|
||
# frames in UDP packets according to RFC7348.
|
||
device vxlan
|
||
|
||
# The `wlan' device provides generic code to support 802.11
|
||
# drivers, including host AP mode; it is MANDATORY for the wi,
|
||
# and ath drivers and will eventually be required by all 802.11 drivers.
|
||
device wlan
|
||
options IEEE80211_DEBUG #enable debugging msgs
|
||
options IEEE80211_DEBUG_REFCNT
|
||
options IEEE80211_SUPPORT_MESH #enable 802.11s D3.0 support
|
||
options IEEE80211_SUPPORT_TDMA #enable TDMA support
|
||
|
||
# The `wlan_wep', `wlan_tkip', and `wlan_ccmp' devices provide
|
||
# support for WEP, TKIP, and AES-CCMP crypto protocols optionally
|
||
# used with 802.11 devices that depend on the `wlan' module.
|
||
device wlan_wep
|
||
device wlan_ccmp
|
||
device wlan_tkip
|
||
|
||
# The `wlan_xauth' device provides support for external (i.e. user-mode)
|
||
# authenticators for use with 802.11 drivers that use the `wlan'
|
||
# module and support 802.1x and/or WPA security protocols.
|
||
device wlan_xauth
|
||
|
||
# The `wlan_acl' device provides a MAC-based access control mechanism
|
||
# for use with 802.11 drivers operating in ap mode and using the
|
||
# `wlan' module.
|
||
# The 'wlan_amrr' device provides AMRR transmit rate control algorithm
|
||
device wlan_acl
|
||
device wlan_amrr
|
||
|
||
# The `bpf' device enables the Berkeley Packet Filter. Be
|
||
# aware of the legal and administrative consequences of enabling this
|
||
# option. DHCP requires bpf.
|
||
device bpf
|
||
|
||
# The `netmap' device implements memory-mapped access to network
|
||
# devices from userspace, enabling wire-speed packet capture and
|
||
# generation even at 10Gbit/s. Requires support in the device
|
||
# driver. Supported drivers are ixgbe, e1000, re.
|
||
device netmap
|
||
|
||
# The `disc' device implements a minimal network interface,
|
||
# which throws away all packets sent and never receives any. It is
|
||
# included for testing and benchmarking purposes.
|
||
device disc
|
||
|
||
# The `epair' device implements a virtual back-to-back connected Ethernet
|
||
# like interface pair.
|
||
device epair
|
||
|
||
# The `edsc' device implements a minimal Ethernet interface,
|
||
# which discards all packets sent and receives none.
|
||
device edsc
|
||
|
||
# The `tuntap' device implements (user-)ppp, nos-tun(8) and a pty-like virtual
|
||
# Ethernet interface
|
||
device tuntap
|
||
|
||
# The `gif' device implements IPv6 over IP4 tunneling,
|
||
# IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling and
|
||
# IPv6 over IPv6 tunneling.
|
||
# The `gre' device implements GRE (Generic Routing Encapsulation) tunneling,
|
||
# as specified in the RFC 2784 and RFC 2890.
|
||
# The `me' device implements Minimal Encapsulation within IPv4 as
|
||
# specified in the RFC 2004.
|
||
# The XBONEHACK option allows the same pair of addresses to be configured on
|
||
# multiple gif interfaces.
|
||
device gif
|
||
device gre
|
||
device me
|
||
options XBONEHACK
|
||
|
||
# The `stf' device implements 6to4 encapsulation.
|
||
device stf
|
||
|
||
# The pf packet filter consists of three devices:
|
||
# The `pf' device provides /dev/pf and the firewall code itself.
|
||
# The `pflog' device provides the pflog0 interface which logs packets.
|
||
# The `pfsync' device provides the pfsync0 interface used for
|
||
# synchronization of firewall state tables (over the net).
|
||
device pf
|
||
device pflog
|
||
device pfsync
|
||
|
||
# Bridge interface.
|
||
device if_bridge
|
||
|
||
# Common Address Redundancy Protocol. See carp(4) for more details.
|
||
device carp
|
||
|
||
# IPsec interface.
|
||
device enc
|
||
|
||
# Link aggregation interface.
|
||
device lagg
|
||
|
||
# WireGuard interface.
|
||
device wg
|
||
|
||
# dummymbuf – mbuf alteration pfil hooks
|
||
device dummymbuf
|
||
|
||
#
|
||
# Internet family options:
|
||
#
|
||
# MROUTING enables the kernel multicast packet forwarder, which works
|
||
# with mrouted and XORP.
|
||
#
|
||
# IPFIREWALL enables support for IP firewall construction, in
|
||
# conjunction with the `ipfw' program. IPFIREWALL_VERBOSE sends
|
||
# logged packets to the system logger. IPFIREWALL_VERBOSE_LIMIT
|
||
# limits the number of times a matching entry can be logged.
|
||
#
|
||
# WARNING: IPFIREWALL defaults to a policy of "deny ip from any to any"
|
||
# and if you do not add other rules during startup to allow access,
|
||
# YOU WILL LOCK YOURSELF OUT. It is suggested that you set firewall_type=open
|
||
# in /etc/rc.conf when first enabling this feature, then refining the
|
||
# firewall rules in /etc/rc.firewall after you've tested that the new kernel
|
||
# feature works properly.
|
||
#
|
||
# IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
|
||
# allow everything. Use with care, if a cracker can crash your
|
||
# firewall machine, they can get to your protected machines. However,
|
||
# if you are using it as an as-needed filter for specific problems as
|
||
# they arise, then this may be for you. Changing the default to 'allow'
|
||
# means that you won't get stuck if the kernel and /sbin/ipfw binary get
|
||
# out of sync.
|
||
#
|
||
# IPDIVERT enables the divert IP sockets, used by ``ipfw divert''. It
|
||
# depends on IPFIREWALL if compiled into the kernel.
|
||
#
|
||
# IPFIREWALL_NAT adds support for in kernel nat in ipfw, and it requires
|
||
# LIBALIAS.
|
||
#
|
||
# IPFIREWALL_NAT64 adds support for in kernel NAT64 in ipfw.
|
||
#
|
||
# IPFIREWALL_NPTV6 adds support for in kernel NPTv6 in ipfw.
|
||
#
|
||
# IPFIREWALL_PMOD adds support for protocols modification module. Currently
|
||
# it supports only TCP MSS modification.
|
||
#
|
||
# IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
|
||
# packets without touching the TTL). This can be useful to hide firewalls
|
||
# from traceroute and similar tools.
|
||
#
|
||
# PF_DEFAULT_TO_DROP causes the default pf(4) rule to deny everything.
|
||
#
|
||
# TCPPCAP enables code which keeps the last n packets sent and received
|
||
# on a TCP socket.
|
||
#
|
||
# TCP_BLACKBOX enables enhanced TCP event logging.
|
||
#
|
||
# TCP_HHOOK enables the hhook(9) framework hooks for the TCP stack.
|
||
# SOCKET_HHOOK enables the hhook(9) framework hooks for socket operations.
|
||
#
|
||
# ROUTE_MPATH provides support for multipath routing.
|
||
#
|
||
options MROUTING # Multicast routing
|
||
options IPFIREWALL #firewall
|
||
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
|
||
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
|
||
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
|
||
options IPFIREWALL_NAT #ipfw kernel nat support
|
||
options IPFIREWALL_NAT64 #ipfw kernel NAT64 support
|
||
options IPFIREWALL_NPTV6 #ipfw kernel IPv6 NPT support
|
||
options IPDIVERT #divert sockets
|
||
options IPFILTER #ipfilter support
|
||
options IPFILTER_LOG #ipfilter logging
|
||
options IPFILTER_LOOKUP #ipfilter pools
|
||
options IPFILTER_DEFAULT_BLOCK #block all packets by default
|
||
options IPSTEALTH #support for stealth forwarding
|
||
options PF_DEFAULT_TO_DROP #drop everything by default
|
||
options TCPPCAP
|
||
options TCP_BLACKBOX
|
||
options TCP_HHOOK
|
||
options SOCKET_HHOOK
|
||
options ROUTE_MPATH
|
||
|
||
# The MBUF_STRESS_TEST option enables options which create
|
||
# various random failures / extreme cases related to mbuf
|
||
# functions. See mbuf(9) for a list of available test cases.
|
||
# MBUF_PROFILING enables code to profile the mbuf chains
|
||
# exiting the system (via participating interfaces) and
|
||
# return a logarithmic histogram of monitored parameters
|
||
# (e.g. packet size, wasted space, number of mbufs in chain).
|
||
options MBUF_STRESS_TEST
|
||
options MBUF_PROFILING
|
||
|
||
# Statically link in accept filters
|
||
options ACCEPT_FILTER_DATA
|
||
options ACCEPT_FILTER_DNS
|
||
options ACCEPT_FILTER_HTTP
|
||
options ACCEPT_FILTER_TLS
|
||
|
||
# TCP_SIGNATURE adds support for RFC 2385 (TCP-MD5) digests. These are
|
||
# carried in TCP option 19. This option is commonly used to protect
|
||
# TCP sessions (e.g. BGP) where IPSEC is not available nor desirable.
|
||
# This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
|
||
# This requires the use of 'device crypto' and either 'options IPSEC' or
|
||
# 'options IPSEC_SUPPORT'.
|
||
options TCP_SIGNATURE #include support for RFC 2385
|
||
|
||
# DUMMYNET enables the "dummynet" bandwidth limiter. You need IPFIREWALL
|
||
# as well. See dummynet(4) and ipfw(8) for more info. When you run
|
||
# DUMMYNET, HZ/kern.hz should be at least 1000 for adequate response.
|
||
options DUMMYNET
|
||
|
||
# The DEBUGNET option enables a basic debug/panic-time networking API. It
|
||
# is used by NETDUMP and NETGDB.
|
||
options DEBUGNET
|
||
|
||
# The NETDUMP option enables netdump(4) client support in the kernel.
|
||
# This allows a panicking kernel to transmit a kernel dump to a remote host.
|
||
options NETDUMP
|
||
|
||
# The NETGDB option enables netgdb(4) support in the kernel. This allows a
|
||
# panicking kernel to be debugged as a GDB remote over the network.
|
||
options NETGDB
|
||
|
||
#####################################################################
|
||
# FILESYSTEM OPTIONS
|
||
|
||
#
|
||
# Only the root filesystem needs to be statically compiled or preloaded
|
||
# as module; everything else will be automatically loaded at mount
|
||
# time. Some people still prefer to statically compile other
|
||
# filesystems as well.
|
||
#
|
||
# NB: The UNION filesystem was known to be buggy in the past. It is now
|
||
# being actively maintained, although there are still some issues being
|
||
# resolved.
|
||
#
|
||
|
||
# One of these is mandatory:
|
||
options FFS #Fast filesystem
|
||
options NFSCL #Network File System client
|
||
|
||
# The rest are optional:
|
||
options AUTOFS #Automounter filesystem
|
||
options CD9660 #ISO 9660 filesystem
|
||
options FDESCFS #File descriptor filesystem
|
||
options FUSEFS #FUSEFS support module
|
||
options MSDOSFS #MS DOS File System (FAT, FAT32)
|
||
options NFSLOCKD #Network Lock Manager
|
||
options NFSD #Network Filesystem Server
|
||
options KGSSAPI #Kernel GSSAPI implementation
|
||
|
||
options NULLFS #NULL filesystem
|
||
options PROCFS #Process filesystem (requires PSEUDOFS)
|
||
options PSEUDOFS #Pseudo-filesystem framework
|
||
options PSEUDOFS_TRACE #Debugging support for PSEUDOFS
|
||
options SMBFS #SMB/CIFS filesystem
|
||
options TMPFS #Efficient memory filesystem
|
||
options UDF #Universal Disk Format
|
||
options UNIONFS #Union filesystem
|
||
# The xFS_ROOT options REQUIRE the associated ``options xFS''
|
||
options NFS_ROOT #NFS usable as root device
|
||
|
||
# Soft updates is a technique for improving filesystem speed and
|
||
# making abrupt shutdown less risky.
|
||
#
|
||
options SOFTUPDATES
|
||
|
||
# Extended attributes allow additional data to be associated with files,
|
||
# and is used for ACLs, Capabilities, and MAC labels.
|
||
# See src/sys/ufs/ufs/README.extattr for more information.
|
||
options UFS_EXTATTR
|
||
options UFS_EXTATTR_AUTOSTART
|
||
|
||
# Access Control List support for UFS filesystems. The current ACL
|
||
# implementation requires extended attribute support, UFS_EXTATTR,
|
||
# for the underlying filesystem.
|
||
# See src/sys/ufs/ufs/README.acls for more information.
|
||
options UFS_ACL
|
||
|
||
# Directory hashing improves the speed of operations on very large
|
||
# directories at the expense of some memory.
|
||
options UFS_DIRHASH
|
||
|
||
# Gjournal-based UFS journaling support.
|
||
options UFS_GJOURNAL
|
||
|
||
# Make space in the kernel for a root filesystem on a md device.
|
||
# Define to the number of kilobytes to reserve for the filesystem.
|
||
# This is now optional.
|
||
# If not defined, the root filesystem passed in as the MFS_IMAGE makeoption
|
||
# will be automatically embedded in the kernel during linking. Its exact size
|
||
# will be consumed within the kernel.
|
||
# If defined, the old way of embedding the filesystem in the kernel will be
|
||
# used. That is to say MD_ROOT_SIZE KB will be allocated in the kernel and
|
||
# later, the filesystem image passed in as the MFS_IMAGE makeoption will be
|
||
# dd'd into the reserved space if it fits.
|
||
options MD_ROOT_SIZE=10
|
||
|
||
# Make the md device a potential root device, either with preloaded
|
||
# images of type mfs_root or md_root.
|
||
options MD_ROOT
|
||
|
||
# Write-protect the md root device so that it may not be mounted writeable.
|
||
options MD_ROOT_READONLY
|
||
|
||
# Allow to read MD image from external memory regions
|
||
options MD_ROOT_MEM
|
||
|
||
# Disk quotas are supported when this option is enabled.
|
||
options QUOTA #enable disk quotas
|
||
|
||
# If you are running a machine just as a fileserver for PC and MAC
|
||
# users, using SAMBA, you may consider setting this option
|
||
# and keeping all those users' directories on a filesystem that is
|
||
# mounted with the suiddir option. This gives new files the same
|
||
# ownership as the directory (similar to group). It's a security hole
|
||
# if you let these users run programs, so confine it to file-servers
|
||
# (but it'll save you lots of headaches in those cases). Root owned
|
||
# directories are exempt and X bits are cleared. The suid bit must be
|
||
# set on the directory as well; see chmod(1). PC owners can't see/set
|
||
# ownerships so they keep getting their toes trodden on. This saves
|
||
# you all the support calls as the filesystem it's used on will act as
|
||
# they expect: "It's my dir so it must be my file".
|
||
#
|
||
options SUIDDIR
|
||
|
||
# NFS options:
|
||
options NFS_MINATTRTIMO=3 # VREG attrib cache timeout in sec
|
||
options NFS_MAXATTRTIMO=60
|
||
options NFS_MINDIRATTRTIMO=30 # VDIR attrib cache timeout in sec
|
||
options NFS_MAXDIRATTRTIMO=60
|
||
options NFS_DEBUG # Enable NFS Debugging
|
||
|
||
#
|
||
# Add support for the EXT2FS filesystem of Linux fame. Be a bit
|
||
# careful with this - the ext2fs code has a tendency to lag behind
|
||
# changes and not be exercised very much, so mounting read/write could
|
||
# be dangerous (and even mounting read only could result in panics.)
|
||
#
|
||
options EXT2FS
|
||
|
||
# The system memory devices; /dev/mem, /dev/kmem
|
||
device mem
|
||
|
||
# The kernel symbol table device; /dev/ksyms
|
||
device ksyms
|
||
|
||
# Optional character code conversion support with LIBICONV.
|
||
# Each option requires their base file system and LIBICONV.
|
||
options CD9660_ICONV
|
||
options MSDOSFS_ICONV
|
||
options UDF_ICONV
|
||
|
||
|
||
#####################################################################
|
||
# POSIX P1003.1B
|
||
|
||
# Real time extensions added in the 1993 POSIX
|
||
# _KPOSIX_PRIORITY_SCHEDULING: Build in _POSIX_PRIORITY_SCHEDULING
|
||
|
||
options _KPOSIX_PRIORITY_SCHEDULING
|
||
# p1003_1b_semaphores are very experimental,
|
||
# user should be ready to assist in debugging if problems arise.
|
||
options P1003_1B_SEMAPHORES
|
||
|
||
# POSIX message queue
|
||
options P1003_1B_MQUEUE
|
||
|
||
#####################################################################
|
||
# SECURITY POLICY PARAMETERS
|
||
|
||
# Support for BSM audit
|
||
options AUDIT
|
||
|
||
# Support for Mandatory Access Control (MAC):
|
||
options MAC
|
||
options MAC_BIBA
|
||
options MAC_BSDEXTENDED
|
||
options MAC_DDB
|
||
options MAC_IFOFF
|
||
options MAC_IPACL
|
||
options MAC_LOMAC
|
||
options MAC_MLS
|
||
options MAC_NONE
|
||
options MAC_NTPD
|
||
options MAC_PARTITION
|
||
options MAC_PORTACL
|
||
options MAC_PRIORITY
|
||
options MAC_SEEOTHERUIDS
|
||
options MAC_STUB
|
||
options MAC_TEST
|
||
options MAC_VERIEXEC
|
||
options MAC_VERIEXEC_SHA1
|
||
options MAC_VERIEXEC_SHA256
|
||
options MAC_VERIEXEC_SHA384
|
||
options MAC_VERIEXEC_SHA512
|
||
device mac_veriexec_parser
|
||
|
||
# Support for Capsicum
|
||
options CAPABILITIES # fine-grained rights on file descriptors
|
||
options CAPABILITY_MODE # sandboxes with no global namespace access
|
||
|
||
|
||
#####################################################################
|
||
# CLOCK OPTIONS
|
||
|
||
# The granularity of operation is controlled by the kernel option HZ (default
|
||
# frequency of 1000 Hz or a period 1ms between calls). Virtual machine guests
|
||
# use a value of 100. Lower values may lower overhead at the expense of accuracy
|
||
# of scheduling, though the adaptive tick code reduces that overhead.
|
||
|
||
options HZ=100
|
||
|
||
# Enable support for the kernel PLL to use an external PPS signal,
|
||
# under supervision of [x]ntpd(8)
|
||
# More info in ntpd documentation: http://www.eecis.udel.edu/~ntp
|
||
|
||
options PPS_SYNC
|
||
|
||
# Enable support for generic feed-forward clocks in the kernel.
|
||
# The feed-forward clock support is an alternative to the feedback oriented
|
||
# ntpd/system clock approach, and is to be used with a feed-forward
|
||
# synchronization algorithm such as the RADclock:
|
||
# More info here: http://www.synclab.org/radclock
|
||
|
||
options FFCLOCK
|
||
|
||
|
||
#####################################################################
|
||
# SCSI DEVICES
|
||
|
||
# SCSI DEVICE CONFIGURATION
|
||
|
||
# The SCSI subsystem consists of the `base' SCSI code, a number of
|
||
# high-level SCSI device `type' drivers, and the low-level host-adapter
|
||
# device drivers. The host adapters are listed in the ISA and PCI
|
||
# device configuration sections below.
|
||
#
|
||
# It is possible to wire down your SCSI devices so that a given bus,
|
||
# target, and LUN always come on line as the same device unit. In
|
||
# earlier versions the unit numbers were assigned in the order that
|
||
# the devices were probed on the SCSI bus. This means that if you
|
||
# removed a disk drive, you may have had to rewrite your /etc/fstab
|
||
# file, and also that you had to be careful when adding a new disk
|
||
# as it may have been probed earlier and moved your device configuration
|
||
# around.
|
||
|
||
# This old behavior is maintained as the default behavior. The unit
|
||
# assignment begins with the first non-wired down unit for a device
|
||
# type. For example, if you wire a disk as "da3" then the first
|
||
# non-wired disk will be assigned da4.
|
||
|
||
# The syntax for wiring down devices is:
|
||
|
||
envvar hint.scbus.0.at="ahc0"
|
||
envvar hint.scbus.1.at="ahc1"
|
||
envvar hint.scbus.1.bus="0"
|
||
envvar hint.scbus.3.at="ahc2"
|
||
envvar hint.scbus.3.bus="0"
|
||
envvar hint.scbus.2.at="ahc2"
|
||
envvar hint.scbus.2.bus="1"
|
||
envvar hint.da.0.at="scbus0"
|
||
envvar hint.da.0.target="0"
|
||
envvar hint.da.0.unit="0"
|
||
envvar hint.da.1.at="scbus3"
|
||
envvar hint.da.1.target="1"
|
||
envvar hint.da.2.at="scbus2"
|
||
envvar hint.da.2.target="3"
|
||
envvar hint.sa.1.at="scbus1"
|
||
envvar hint.sa.1.target="6"
|
||
|
||
# "units" (SCSI logical unit number) that are not specified are
|
||
# treated as if specified as LUN 0.
|
||
|
||
# All SCSI devices allocate as many units as are required.
|
||
|
||
# The ch driver drives SCSI Media Changer ("jukebox") devices.
|
||
#
|
||
# The da driver drives SCSI Direct Access ("disk") and Optical Media
|
||
# ("WORM") devices.
|
||
#
|
||
# The sa driver drives SCSI Sequential Access ("tape") devices.
|
||
#
|
||
# The cd driver drives SCSI Read Only Direct Access ("cd") devices.
|
||
#
|
||
# The ses driver drives SCSI Environment Services ("ses") and
|
||
# SAF-TE ("SCSI Accessible Fault-Tolerant Enclosure") devices.
|
||
#
|
||
# The pt driver drives SCSI Processor devices.
|
||
#
|
||
# The sg driver provides a passthrough API that is compatible with the
|
||
# Linux SG driver. It will work in conjunction with the Linuxulator
|
||
# to run linux SG apps. It can also stand on its own and provide
|
||
# source level API compatibility for porting apps to FreeBSD.
|
||
#
|
||
# Target Mode support is provided here but also requires that a SIM
|
||
# (SCSI Host Adapter Driver) provide support as well.
|
||
#
|
||
# The targ driver provides target mode support as a Processor type device.
|
||
# It exists to give the minimal context necessary to respond to Inquiry
|
||
# commands. There is a sample user application that shows how the rest
|
||
# of the command support might be done in /usr/share/examples/scsi_target.
|
||
#
|
||
# The targbh driver provides target mode support and exists to respond
|
||
# to incoming commands that do not otherwise have a logical unit assigned
|
||
# to them.
|
||
#
|
||
# The pass driver provides a passthrough API to access the CAM subsystem.
|
||
|
||
device scbus #base SCSI code
|
||
device ch #SCSI media changers
|
||
device da #SCSI direct access devices (aka disks)
|
||
device sa #SCSI tapes
|
||
device cd #SCSI CD-ROMs
|
||
device ses #Enclosure Services (SES and SAF-TE)
|
||
device pt #SCSI processor
|
||
device targ #SCSI Target Mode Code
|
||
device targbh #SCSI Target Mode Blackhole Device
|
||
device pass #CAM passthrough driver
|
||
device sg #Linux SCSI passthrough
|
||
device ctl #CAM Target Layer
|
||
|
||
# CAM OPTIONS:
|
||
# debugging options:
|
||
# CAMDEBUG Compile in all possible debugging.
|
||
# CAM_DEBUG_COMPILE Debug levels to compile in.
|
||
# CAM_DEBUG_FLAGS Debug levels to enable on boot.
|
||
# CAM_DEBUG_BUS Limit debugging to the given bus.
|
||
# CAM_DEBUG_TARGET Limit debugging to the given target.
|
||
# CAM_DEBUG_LUN Limit debugging to the given lun.
|
||
# CAM_DEBUG_DELAY Delay in us after printing each debug line.
|
||
# CAM_IO_STATS Publish additional CAM device statics by sysctl
|
||
#
|
||
# CAM_MAX_HIGHPOWER: Maximum number of concurrent high power (start unit) cmds
|
||
# SCSI_NO_SENSE_STRINGS: When defined disables sense descriptions
|
||
# SCSI_NO_OP_STRINGS: When defined disables opcode descriptions
|
||
# SCSI_DELAY: The number of MILLISECONDS to freeze the SIM (scsi adapter)
|
||
# queue after a bus reset, and the number of milliseconds to
|
||
# freeze the device queue after a bus device reset. This
|
||
# can be changed at boot and runtime with the
|
||
# kern.cam.scsi_delay tunable/sysctl.
|
||
options CAMDEBUG
|
||
options CAM_DEBUG_COMPILE=-1
|
||
options CAM_DEBUG_FLAGS=(CAM_DEBUG_INFO|CAM_DEBUG_PROBE|CAM_DEBUG_PERIPH)
|
||
options CAM_DEBUG_BUS=-1
|
||
options CAM_DEBUG_TARGET=-1
|
||
options CAM_DEBUG_LUN=-1
|
||
options CAM_DEBUG_DELAY=1
|
||
options CAM_MAX_HIGHPOWER=4
|
||
options SCSI_NO_SENSE_STRINGS
|
||
options SCSI_NO_OP_STRINGS
|
||
options SCSI_DELAY=5000 # Be pessimistic about Joe SCSI device
|
||
options CAM_IOSCHED_DYNAMIC
|
||
options CAM_IO_STATS
|
||
options CAM_TEST_FAILURE
|
||
|
||
# Options for the CAM CDROM driver:
|
||
# CHANGER_MIN_BUSY_SECONDS: Guaranteed minimum time quantum for a changer LUN
|
||
# CHANGER_MAX_BUSY_SECONDS: Maximum time quantum per changer LUN, only
|
||
# enforced if there is I/O waiting for another LUN
|
||
# The compiled in defaults for these variables are 2 and 10 seconds,
|
||
# respectively.
|
||
#
|
||
# These can also be changed on the fly with the following sysctl variables:
|
||
# kern.cam.cd.changer.min_busy_seconds
|
||
# kern.cam.cd.changer.max_busy_seconds
|
||
#
|
||
options CHANGER_MIN_BUSY_SECONDS=2
|
||
options CHANGER_MAX_BUSY_SECONDS=10
|
||
|
||
# Options for the CAM sequential access driver:
|
||
# SA_IO_TIMEOUT: Timeout for read/write/wfm operations, in minutes
|
||
# SA_SPACE_TIMEOUT: Timeout for space operations, in minutes
|
||
# SA_REWIND_TIMEOUT: Timeout for rewind operations, in minutes
|
||
# SA_ERASE_TIMEOUT: Timeout for erase operations, in minutes
|
||
# SA_1FM_AT_EOD: Default to model which only has a default one filemark at EOT.
|
||
options SA_IO_TIMEOUT=4
|
||
options SA_SPACE_TIMEOUT=60
|
||
options SA_REWIND_TIMEOUT=(2*60)
|
||
options SA_ERASE_TIMEOUT=(4*60)
|
||
options SA_1FM_AT_EOD
|
||
|
||
# Optional timeout for the CAM processor target (pt) device
|
||
# This is specified in seconds. The default is 60 seconds.
|
||
options SCSI_PT_DEFAULT_TIMEOUT=60
|
||
|
||
# Optional enable of doing SES passthrough on other devices (e.g., disks)
|
||
#
|
||
# Normally disabled because a lot of newer SCSI disks report themselves
|
||
# as having SES capabilities, but this can then clot up attempts to build
|
||
# a topology with the SES device that's on the box these drives are in....
|
||
options SES_ENABLE_PASSTHROUGH
|
||
|
||
# iSCSI
|
||
#
|
||
# iSCSI permits access to SCSI peripherals over a network connection
|
||
# (e.g. via a TCP/IP socket)
|
||
|
||
device cfiscsi # CAM Target Layer iSCSI target frontend
|
||
device iscsi # iSCSI initiator
|
||
device iser # iSCSI Extensions for RDMA (iSER) initiator
|
||
|
||
|
||
#####################################################################
|
||
# MISCELLANEOUS DEVICES AND OPTIONS
|
||
|
||
device pty #BSD-style compatibility pseudo ttys
|
||
device nmdm #back-to-back tty devices
|
||
device md #Memory/malloc disk
|
||
device snp #Snoop device - to look at pty/vty/etc..
|
||
device ccd #Concatenated disk driver
|
||
device firmware #firmware(9) support
|
||
|
||
# Kernel side iconv library
|
||
options LIBICONV
|
||
|
||
# Size of the kernel message buffer. Should be N * pagesize.
|
||
options MSGBUF_SIZE=40960
|
||
|
||
|
||
#####################################################################
|
||
# HARDWARE BUS CONFIGURATION
|
||
|
||
#
|
||
# PCI bus & PCI options:
|
||
#
|
||
device pci
|
||
options PCI_HP # PCI-Express native HotPlug
|
||
options PCI_IOV # PCI SR-IOV support
|
||
|
||
|
||
#####################################################################
|
||
# HARDWARE DEVICE CONFIGURATION
|
||
|
||
# For ISA the required hints are listed.
|
||
# PCI, CardBus, and SD/MMC are self identifying buses, so
|
||
# no hints are needed.
|
||
|
||
#
|
||
# Mandatory devices:
|
||
#
|
||
|
||
# These options are valid for other keyboard drivers as well.
|
||
options KBD_DISABLE_KEYMAP_LOAD # refuse to load a keymap
|
||
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
|
||
|
||
# Define keyboard latency (try 200/15 for a snappy interactive console)
|
||
options KBD_DELAY1=200 # define initial key delay
|
||
options KBD_DELAY2=15 # define key delay
|
||
|
||
device kbdmux # keyboard multiplexer
|
||
options KBDMUX_DFLT_KEYMAP # specify the built-in keymap
|
||
makeoptions KBDMUX_DFLT_KEYMAP=it.iso
|
||
|
||
options FB_DEBUG # Frame buffer debugging
|
||
|
||
# Enable experimental features of the syscons terminal emulator (teken).
|
||
options TEKEN_CONS25 # cons25-style terminal emulation
|
||
options TEKEN_UTF8 # UTF-8 output handling
|
||
|
||
# The vt video console driver.
|
||
device vt
|
||
options VT_ALT_TO_ESC_HACK=1 # Prepend ESC sequence to ALT keys
|
||
options VT_MAXWINDOWS=16 # Number of virtual consoles
|
||
options VT_TWOBUTTON_MOUSE # Use right mouse button to paste
|
||
|
||
# The following options set the maximum framebuffer size.
|
||
options VT_FB_MAX_HEIGHT=480
|
||
options VT_FB_MAX_WIDTH=640
|
||
|
||
# The following options will let you change the default vt terminal colors.
|
||
options TERMINAL_NORM_ATTR=(FG_GREEN|BG_BLACK)
|
||
options TERMINAL_KERN_ATTR=(FG_LIGHTRED|BG_BLACK)
|
||
|
||
#
|
||
# Optional devices:
|
||
#
|
||
|
||
#
|
||
# SCSI host adapters:
|
||
#
|
||
# aacraid: Adaptec by PMC RAID controllers, Series 6/7/8 and upcoming
|
||
# families. Container interface, CAM required.
|
||
# ahc: Adaptec 274x/284x/2910/293x/294x/394x/3950x/3960x/398X/4944/
|
||
# 19160x/29160x, aic7770/aic78xx
|
||
# ahd: Adaptec 29320/39320 Controllers.
|
||
# isp: Qlogic ISP 1020, 1040 and 1040B PCI SCSI host adapters,
|
||
# ISP 1240 Dual Ultra SCSI, ISP 1080 and 1280 (Dual) Ultra2,
|
||
# ISP 12160 Ultra3 SCSI,
|
||
# Qlogic ISP 2100 and ISP 2200 1Gb Fibre Channel host adapters.
|
||
# Qlogic ISP 2300 and ISP 2312 2Gb Fibre Channel host adapters.
|
||
# Qlogic ISP 2322 and ISP 6322 2Gb Fibre Channel host adapters.
|
||
# ispfw: Firmware module for Qlogic host adapters
|
||
# mpr: LSI-Logic MPT/Fusion Gen 3
|
||
# mps: LSI-Logic MPT/Fusion Gen 2
|
||
# mpt: LSI-Logic MPT/Fusion 53c1020 or 53c1030 Ultra4
|
||
# or FC9x9 Fibre Channel host adapters.
|
||
# sym: Symbios/Logic 53C8XX family of PCI-SCSI I/O processors:
|
||
# 53C810, 53C810A, 53C815, 53C825, 53C825A, 53C860, 53C875,
|
||
# 53C876, 53C885, 53C895, 53C895A, 53C896, 53C897, 53C1510D,
|
||
# 53C1010-33, 53C1010-66.
|
||
|
||
device aacraid
|
||
device ahc
|
||
device ahd
|
||
device isp
|
||
envvar hint.isp.0.disable="1"
|
||
envvar hint.isp.0.role="3"
|
||
envvar hint.isp.0.prefer_iomap="1"
|
||
envvar hint.isp.0.prefer_memmap="1"
|
||
envvar hint.isp.0.fwload_disable="1"
|
||
envvar hint.isp.0.ignore_nvram="1"
|
||
envvar hint.isp.0.fullduplex="1"
|
||
envvar hint.isp.0.topology="lport"
|
||
envvar hint.isp.0.topology="nport"
|
||
envvar hint.isp.0.topology="lport-only"
|
||
envvar hint.isp.0.topology="nport-only"
|
||
# we can't get u_int64_t types, nor can we get strings if it's got
|
||
# a leading 0x, hence this silly dodge.
|
||
envvar hint.isp.0.portwnn="w50000000aaaa0000"
|
||
envvar hint.isp.0.nodewnn="w50000000aaaa0001"
|
||
device ispfw
|
||
device mpr # LSI-Logic MPT-Fusion 3
|
||
device mps # LSI-Logic MPT-Fusion 2
|
||
device mpt # LSI-Logic MPT-Fusion
|
||
device sym
|
||
|
||
# The aic7xxx driver will attempt to use memory mapped I/O for all PCI
|
||
# controllers that have it configured only if this option is set. Unfortunately,
|
||
# this doesn't work on some motherboards, which prevents it from being the
|
||
# default.
|
||
options AHC_ALLOW_MEMIO
|
||
|
||
# Dump the contents of the ahc controller configuration PROM.
|
||
options AHC_DUMP_EEPROM
|
||
|
||
# Bitmap of units to enable targetmode operations.
|
||
options AHC_TMODE_ENABLE
|
||
|
||
# Compile in Aic7xxx Debugging code.
|
||
options AHC_DEBUG
|
||
|
||
# Aic7xxx driver debugging options. See sys/dev/aic7xxx/aic7xxx.h
|
||
options AHC_DEBUG_OPTS
|
||
|
||
# Print register bitfields in debug output. Adds ~128k to driver
|
||
# See ahc(4).
|
||
options AHC_REG_PRETTY_PRINT
|
||
|
||
# Compile in aic79xx debugging code.
|
||
options AHD_DEBUG
|
||
|
||
# Aic79xx driver debugging options. Adds ~215k to driver. See ahd(4).
|
||
options AHD_DEBUG_OPTS=0xFFFFFFFF
|
||
|
||
# Print human-readable register definitions when debugging
|
||
options AHD_REG_PRETTY_PRINT
|
||
|
||
# Bitmap of units to enable targetmode operations.
|
||
options AHD_TMODE_ENABLE
|
||
|
||
# Options used in dev/isp/ (Qlogic SCSI/FC driver).
|
||
#
|
||
# ISP_TARGET_MODE - enable target mode operation
|
||
#
|
||
options ISP_TARGET_MODE=1
|
||
#
|
||
# ISP_DEFAULT_ROLES - default role
|
||
# none=0
|
||
# target=1
|
||
# initiator=2
|
||
# both=3 (not supported currently)
|
||
#
|
||
# ISP_INTERNAL_TARGET (trivial internal disk target, for testing)
|
||
#
|
||
options ISP_DEFAULT_ROLES=0
|
||
|
||
#options SYM_SETUP_SCSI_DIFF #-HVD support for 825a, 875, 885
|
||
# disabled:0 (default), enabled:1
|
||
#options SYM_SETUP_PCI_PARITY #-PCI parity checking
|
||
# disabled:0, enabled:1 (default)
|
||
#options SYM_SETUP_MAX_LUN #-Number of LUNs supported
|
||
# default:8, range:[1..64]
|
||
|
||
#
|
||
# Compaq "CISS" RAID controllers (SmartRAID 5* series)
|
||
# These controllers have a SCSI-like interface, and require the
|
||
# CAM infrastructure.
|
||
#
|
||
device ciss
|
||
|
||
#
|
||
# Compaq Smart RAID, Mylex DAC960 and AMI MegaRAID controllers. Only
|
||
# one entry is needed; the code will find and configure all supported
|
||
# controllers.
|
||
#
|
||
device ida # Compaq Smart RAID
|
||
device mlx # Mylex DAC960
|
||
device mfi # LSI MegaRAID SAS
|
||
device mfip # LSI MegaRAID SAS passthrough, requires CAM
|
||
options MFI_DEBUG
|
||
device mrsas # LSI/Avago MegaRAID SAS/SATA, 6Gb/s and 12Gb/s
|
||
|
||
# NVM Express
|
||
#
|
||
# nvme: PCI-express NVM Express host controllers
|
||
# nvmf: NVM Express over Fabrics host
|
||
# nvmft: NVM Express over Fabrics CAM Target Layer frontend
|
||
# nvmf_tcp: TCP transport for NVM Express over Fabrics
|
||
# nda: CAM NVMe disk driver
|
||
# nvd: non-CAM NVMe disk driver
|
||
|
||
device nvme # PCI-express NVMe host driver
|
||
options NVME_USE_NVD=1 # Use nvd(4) instead of the CAM nda(4) driver
|
||
device nvmf # NVMeoF host driver
|
||
device nvmft # NVMeoF ctl(4) frontend
|
||
device nvmf_tcp # NVMeoF TCP transport
|
||
device nda # NVMe direct access devices (aka disks)
|
||
device nvd # expose NVMe namespaces as disks, depends on nvme
|
||
|
||
#
|
||
# Serial ATA host controllers:
|
||
#
|
||
# ahci: Advanced Host Controller Interface (AHCI) compatible
|
||
# mvs: Marvell 88SX50XX/88SX60XX/88SX70XX/SoC controllers
|
||
# siis: SiliconImage SiI3124/SiI3132/SiI3531 controllers
|
||
#
|
||
# These drivers are part of cam(4) subsystem. They supersede less featured
|
||
# ata(4) subsystem drivers, supporting same hardware.
|
||
|
||
device ahci # AHCI-compatible SATA controllers
|
||
device mvs # Marvell 88SX50XX/88SX60XX/88SX70XX/SoC SATA
|
||
device siis # SiliconImage SiI3124/SiI3132/SiI3531 SATA
|
||
device ada # ATA/SATA direct access devices (aka disks)
|
||
|
||
#
|
||
# The 'ATA' driver supports all legacy ATA/ATAPI controllers, including
|
||
# PC Card devices. You only need one "device ata" for it to find all
|
||
# PCI and PC Card ATA/ATAPI devices on modern machines.
|
||
# Alternatively, individual bus and chipset drivers may be chosen by using
|
||
# the 'atacore' driver then selecting the drivers on a per vendor basis.
|
||
# For example to build a system which only supports a VIA chipset,
|
||
# omit 'ata' and include the 'atacore', 'atapci' and 'atavia' drivers.
|
||
device ata # Legacy ATA/SATA controllers
|
||
|
||
# Modular ATA
|
||
#device atacore # Core ATA functionality
|
||
#device ataisa # ISA bus support
|
||
#device atapci # PCI bus support; only generic chipset support
|
||
|
||
# PCI ATA chipsets
|
||
#device ataacard # ACARD
|
||
#device ataacerlabs # Acer Labs Inc. (ALI)
|
||
#device ataamd # American Micro Devices (AMD)
|
||
#device ataati # ATI
|
||
#device atacenatek # Cenatek
|
||
#device atacypress # Cypress
|
||
#device atacyrix # Cyrix
|
||
#device atahighpoint # HighPoint
|
||
#device ataintel # Intel
|
||
#device ataite # Integrated Technology Inc. (ITE)
|
||
#device atajmicron # JMicron
|
||
#device atamarvell # Marvell
|
||
#device atamicron # Micron
|
||
#device atanational # National
|
||
#device atanetcell # NetCell
|
||
#device atanvidia # nVidia
|
||
#device atapromise # Promise
|
||
#device ataserverworks # ServerWorks
|
||
#device atasiliconimage # Silicon Image Inc. (SiI) (formerly CMD)
|
||
#device atasis # Silicon Integrated Systems Corp.(SiS)
|
||
#device atavia # VIA Technologies Inc.
|
||
|
||
#
|
||
# For older non-PCI, non-PnPBIOS systems, these are the hints lines to add:
|
||
envvar hint.ata.0.at="isa"
|
||
envvar hint.ata.0.port="0x1f0"
|
||
envvar hint.ata.0.irq="14"
|
||
envvar hint.ata.1.at="isa"
|
||
envvar hint.ata.1.port="0x170"
|
||
envvar hint.ata.1.irq="15"
|
||
|
||
#
|
||
# uart: generic driver for serial interfaces.
|
||
#
|
||
device uart
|
||
|
||
# Options for uart(4)
|
||
options UART_PPS_ON_CTS # Do time pulse capturing using CTS
|
||
# instead of DCD.
|
||
options UART_POLL_FREQ # Set polling rate, used when hw has
|
||
# no interrupt support (50 Hz default).
|
||
|
||
# The following hint should only be used for pure ISA devices. It is not
|
||
# needed otherwise. Use of hints is strongly discouraged.
|
||
envvar hint.uart.0.at="isa"
|
||
|
||
# The following 3 hints are used when the UART is a system device (i.e., a
|
||
# console or debug port), but only on platforms that don't have any other
|
||
# means to pass the information to the kernel. The unit number of the hint
|
||
# is only used to bundle the hints together. There is no relation to the
|
||
# unit number of the probed UART.
|
||
envvar hint.uart.0.port="0x3f8"
|
||
envvar hint.uart.0.flags="0x10"
|
||
envvar hint.uart.0.baud="115200"
|
||
|
||
# `flags' for serial drivers that support consoles, like uart(4):
|
||
# 0x10 enable console support for this unit. Other console flags
|
||
# (if applicable) are ignored unless this is set. Enabling
|
||
# console support does not make the unit the preferred console.
|
||
# Boot with -h or set boot_serial=YES in the loader.
|
||
# Currently, at most one unit can have console support; the
|
||
# first one (in config file order) with this flag set is
|
||
# preferred.
|
||
# 0x80 use this port for serial line gdb support in ddb. Also known
|
||
# as debug port.
|
||
#
|
||
|
||
# Options for serial drivers that support consoles:
|
||
options BREAK_TO_DEBUGGER # A BREAK/DBG on the console goes to
|
||
# ddb, if available.
|
||
|
||
# Solaris implements a new BREAK which is initiated by a character
|
||
# sequence CR ~ ^b which is similar to a familiar pattern used on
|
||
# Sun servers by the Remote Console. There are FreeBSD extensions:
|
||
# CR ~ ^p requests force panic and CR ~ ^r requests a clean reboot.
|
||
options ALT_BREAK_TO_DEBUGGER
|
||
|
||
# Serial Communications Controller
|
||
# Supports the Freescale/NXP QUad Integrated and Zilog Z8530 multi-channel
|
||
# communications controllers.
|
||
device scc
|
||
|
||
# PCI Universal Communications driver
|
||
# Supports various multi port PCI I/O cards.
|
||
device puc
|
||
|
||
#
|
||
# Network interfaces:
|
||
#
|
||
# MII bus support is required for many PCI Ethernet NICs,
|
||
# namely those which use MII-compliant transceivers or implement
|
||
# transceiver control interfaces that operate like an MII. Adding
|
||
# "device miibus" to the kernel config pulls in support for the generic
|
||
# miibus API, the common support for bit-bang'ing the MII and all
|
||
# of the PHY drivers, including a generic one for PHYs that aren't
|
||
# specifically handled by an individual driver. Support for specific
|
||
# PHYs may be built by adding "device mii", "device mii_bitbang" if
|
||
# needed by the NIC driver and then adding the appropriate PHY driver.
|
||
device mii # Minimal MII support
|
||
device mii_bitbang # Common module for bit-bang'ing the MII
|
||
device miibus # MII support w/ bit-bang'ing and all PHYs
|
||
|
||
device acphy # Altima Communications AC101
|
||
device amphy # AMD AM79c873 / Davicom DM910{1,2}
|
||
device atphy # Attansic/Atheros F1
|
||
device axphy # Asix Semiconductor AX88x9x
|
||
device bmtphy # Broadcom BCM5201/BCM5202 and 3Com 3c905C
|
||
device bnxt # Broadcom NetXtreme-C/NetXtreme-E
|
||
device brgphy # Broadcom BCM54xx/57xx 1000baseTX
|
||
device cgem # Cadence GEM Gigabit Ethernet
|
||
device ciphy # Cicada/Vitesse CS/VSC8xxx
|
||
device e1000phy # Marvell 88E1000 1000/100/10-BT
|
||
device gentbi # Generic 10-bit 1000BASE-{LX,SX} fiber ifaces
|
||
device icsphy # ICS ICS1889-1893
|
||
device ip1000phy # IC Plus IP1000A/IP1001
|
||
device jmphy # JMicron JMP211/JMP202
|
||
device lxtphy # Level One LXT-970
|
||
device nsgphy # NatSemi DP8361/DP83865/DP83891
|
||
device nsphy # NatSemi DP83840A
|
||
device nsphyter # NatSemi DP83843/DP83815
|
||
device pnaphy # HomePNA
|
||
device qsphy # Quality Semiconductor QS6612
|
||
device rdcphy # RDC Semiconductor R6040
|
||
device rgephy # RealTek 8169S/8110S/8211B/8211C
|
||
device rlphy # RealTek 8139
|
||
device rlswitch # RealTek 8305
|
||
device smcphy # SMSC LAN91C111
|
||
device tdkphy # TDK 89Q2120
|
||
device truephy # LSI TruePHY
|
||
device xmphy # XaQti XMAC II
|
||
|
||
# ae: Support for gigabit ethernet adapters based on the Attansic/Atheros
|
||
# L2 PCI-Express FastEthernet controllers.
|
||
# age: Support for gigabit ethernet adapters based on the Attansic/Atheros
|
||
# L1 PCI express gigabit ethernet controllers.
|
||
# alc: Support for Atheros AR8131/AR8132 PCIe ethernet controllers.
|
||
# ale: Support for Atheros AR8121/AR8113/AR8114 PCIe ethernet controllers.
|
||
# ath: Atheros a/b/g WiFi adapters (requires ath_hal and wlan)
|
||
# bce: Broadcom NetXtreme II (BCM5706/BCM5708) PCI/PCIe Gigabit Ethernet
|
||
# adapters.
|
||
# bfe: Broadcom BCM4401 Ethernet adapter.
|
||
# bge: Support for gigabit ethernet adapters based on the Broadcom
|
||
# BCM570x family of controllers, including the 3Com 3c996-T,
|
||
# the Netgear GA302T, the SysKonnect SK-9D21 and SK-9D41, and
|
||
# the embedded gigE NICs on Dell PowerEdge 2550 servers.
|
||
# bnxt: Broadcom NetXtreme-C and NetXtreme-E PCIe 10/25/50G Ethernet adapters.
|
||
# bxe: Broadcom NetXtreme II (BCM5771X/BCM578XX) PCIe 10Gb Ethernet
|
||
# adapters.
|
||
# bwi: Broadcom BCM430* and BCM431* family of wireless adapters.
|
||
# bwn: Broadcom BCM43xx family of wireless adapters.
|
||
# cas: Sun Cassini/Cassini+ and National Semiconductor DP83065 Saturn
|
||
# cxgb: Chelsio T3 based 1GbE/10GbE PCIe Ethernet adapters.
|
||
# cxgbe:Chelsio T4, T5, and T6-based 1/10/25/40/100GbE PCIe Ethernet
|
||
# adapters.
|
||
# cxgbev: Chelsio T4, T5, and T6-based PCIe Virtual Functions.
|
||
# dc: Support for PCI fast ethernet adapters based on the DEC/Intel 21143
|
||
# and various workalikes including:
|
||
# the ADMtek AL981 Comet and AN985 Centaur, the ASIX Electronics
|
||
# AX88140A and AX88141, the Davicom DM9100 and DM9102, the Lite-On
|
||
# 82c168 and 82c169 PNIC, the Lite-On/Macronix LC82C115 PNIC II
|
||
# and the Macronix 98713/98713A/98715/98715A/98725 PMAC. This driver
|
||
# replaces the old al, ax, dm, pn and mx drivers. List of brands:
|
||
# Digital DE500-BA, Kingston KNE100TX, D-Link DFE-570TX, SOHOware SFA110,
|
||
# SVEC PN102-TX, CNet Pro110B, 120A, and 120B, Compex RL100-TX,
|
||
# LinkSys LNE100TX, LNE100TX V2.0, Jaton XpressNet, Alfa Inc GFC2204,
|
||
# KNE110TX.
|
||
# em: Intel Pro/1000 Gigabit Ethernet 82542, 82543, 82544 based adapters.
|
||
# fxp: Intel EtherExpress Pro/100B
|
||
# (hint of prefer_iomap can be done to prefer I/O instead of Mem mapping)
|
||
# gem: Apple GMAC/Sun ERI/Sun GEM
|
||
# jme: JMicron JMC260 Fast Ethernet/JMC250 Gigabit Ethernet based adapters.
|
||
# le: AMD Am7900 LANCE and Am79C9xx PCnet
|
||
# lge: Support for PCI gigabit ethernet adapters based on the Level 1
|
||
# LXT1001 NetCellerator chipset. This includes the D-Link DGE-500SX,
|
||
# SMC TigerCard 1000 (SMC9462SX), and some Addtron cards.
|
||
# lio: Support for Cavium 23XX Ethernet adapters
|
||
# malo: Marvell Libertas wireless NICs.
|
||
# mwl: Marvell 88W8363 802.11n wireless NICs.
|
||
# Requires the mwl firmware module
|
||
# mwlfw: Marvell 88W8363 firmware
|
||
# msk: Support for gigabit ethernet adapters based on the Marvell/SysKonnect
|
||
# Yukon II Gigabit controllers, including 88E8021, 88E8022, 88E8061,
|
||
# 88E8062, 88E8035, 88E8036, 88E8038, 88E8050, 88E8052, 88E8053,
|
||
# 88E8055, 88E8056 and D-Link 560T/550SX.
|
||
# mlxfw: Mellanox firmware update module.
|
||
# mlx5: Mellanox ConnectX-4 and ConnectX-4 LX IB and Eth shared code module.
|
||
# mlx5en:Mellanox ConnectX-4 and ConnectX-4 LX PCIe Ethernet adapters.
|
||
# my: Myson Fast Ethernet (MTD80X, MTD89X)
|
||
# nge: Support for PCI gigabit ethernet adapters based on the National
|
||
# Semiconductor DP83820 and DP83821 chipset. This includes the
|
||
# SMC EZ Card 1000 (SMC9462TX), D-Link DGE-500T, Asante FriendlyNet
|
||
# GigaNIX 1000TA and 1000TPC, the Addtron AEG320T, the Surecom
|
||
# EP-320G-TX and the Netgear GA622T.
|
||
# oce: Emulex 10 Gbit adapters (OneConnect Ethernet)
|
||
# ral: Ralink Technology IEEE 802.11 wireless adapter
|
||
# re: RealTek 8139C+/8169/816xS/811xS/8101E PCI/PCIe Ethernet adapter
|
||
# rl: Support for PCI fast ethernet adapters based on the RealTek 8129/8139
|
||
# chipset. Note that the RealTek driver defaults to using programmed
|
||
# I/O to do register accesses because memory mapped mode seems to cause
|
||
# severe lockups on SMP hardware. This driver also supports the
|
||
# Accton EN1207D `Cheetah' adapter, which uses a chip called
|
||
# the MPX 5030/5038, which is either a RealTek in disguise or a
|
||
# RealTek workalike. Note that the D-Link DFE-530TX+ uses the RealTek
|
||
# chipset and is supported by this driver, not the 'vr' driver.
|
||
# rtwn: RealTek wireless adapters.
|
||
# rtwnfw: RealTek wireless firmware.
|
||
# sge: Silicon Integrated Systems SiS190/191 Fast/Gigabit Ethernet adapter
|
||
# sis: Support for NICs based on the Silicon Integrated Systems SiS 900,
|
||
# SiS 7016 and NS DP83815 PCI fast ethernet controller chips.
|
||
# sk: Support for the SysKonnect SK-984x series PCI gigabit ethernet NICs.
|
||
# This includes the SK-9841 and SK-9842 single port cards (single mode
|
||
# and multimode fiber) and the SK-9843 and SK-9844 dual port cards
|
||
# (also single mode and multimode).
|
||
# The driver will autodetect the number of ports on the card and
|
||
# attach each one as a separate network interface.
|
||
# ste: Sundance Technologies ST201 PCI fast ethernet controller, includes
|
||
# the D-Link DFE-550TX.
|
||
# stge: Support for gigabit ethernet adapters based on the Sundance/Tamarack
|
||
# TC9021 family of controllers, including the Sundance ST2021/ST2023,
|
||
# the Sundance/Tamarack TC9021, the D-Link DL-4000 and ASUS NX1101.
|
||
# ti: Support for PCI gigabit ethernet NICs based on the Alteon Networks
|
||
# Tigon 1 and Tigon 2 chipsets. This includes the Alteon AceNIC, the
|
||
# 3Com 3c985, the Netgear GA620 and various others. Note that you will
|
||
# probably want to bump up kern.ipc.nmbclusters a lot to use this driver.
|
||
# vr: Support for various fast ethernet adapters based on the VIA
|
||
# Technologies VT3043 `Rhine I' and VT86C100A `Rhine II' chips,
|
||
# including the D-Link DFE520TX and D-Link DFE530TX (see 'rl' for
|
||
# DFE530TX+), the Hawking Technologies PN102TX, and the AOpen/Acer ALN-320.
|
||
# vte: DM&P Vortex86 RDC R6040 Fast Ethernet
|
||
# xl: Support for the 3Com 3c900, 3c905, 3c905B and 3c905C (Fast)
|
||
# Etherlink XL cards and integrated controllers. This includes the
|
||
# integrated 3c905B-TX chips in certain Dell Optiplex and Dell
|
||
# Precision desktop machines and the integrated 3c905-TX chips
|
||
# in Dell Latitude laptop docking stations.
|
||
# Also supported: 3Com 3c980(C)-TX, 3Com 3cSOHO100-TX, 3Com 3c450-TX
|
||
|
||
# PCI Ethernet NICs that use the common MII bus controller code.
|
||
device ae # Attansic/Atheros L2 FastEthernet
|
||
device age # Attansic/Atheros L1 Gigabit Ethernet
|
||
device alc # Atheros AR8131/AR8132 Ethernet
|
||
device ale # Atheros AR8121/AR8113/AR8114 Ethernet
|
||
device bce # Broadcom BCM5706/BCM5708 Gigabit Ethernet
|
||
device bfe # Broadcom BCM440x 10/100 Ethernet
|
||
device bge # Broadcom BCM570xx Gigabit Ethernet
|
||
device cas # Sun Cassini/Cassini+ and NS DP83065 Saturn
|
||
device dc # DEC/Intel 21143 and various workalikes
|
||
device et # Agere ET1310 10/100/Gigabit Ethernet
|
||
device fxp # Intel EtherExpress PRO/100B (82557, 82558)
|
||
envvar hint.fxp.0.prefer_iomap="0"
|
||
device gem # Apple GMAC/Sun ERI/Sun GEM
|
||
device jme # JMicron JMC250 Gigabit/JMC260 Fast Ethernet
|
||
device lge # Level 1 LXT1001 gigabit Ethernet
|
||
device lio # Support for Cavium 23XX Ethernet adapters
|
||
device mlxfw # Mellanox firmware update module
|
||
device mlx5 # Shared code module between IB and Ethernet
|
||
device mlx5en # Mellanox ConnectX-4 and ConnectX-4 LX
|
||
device msk # Marvell/SysKonnect Yukon II Gigabit Ethernet
|
||
device my # Myson Fast Ethernet (MTD80X, MTD89X)
|
||
device nge # NatSemi DP83820 gigabit Ethernet
|
||
device re # RealTek 8139C+/8169/8169S/8110S
|
||
device rl # RealTek 8129/8139
|
||
device sge # Silicon Integrated Systems SiS190/191
|
||
device sis # Silicon Integrated Systems SiS 900/SiS 7016
|
||
device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
|
||
device ste # Sundance ST201 (D-Link DFE-550TX)
|
||
device stge # Sundance/Tamarack TC9021 gigabit Ethernet
|
||
device vr # VIA Rhine, Rhine II
|
||
device vte # DM&P Vortex86 RDC R6040 Fast Ethernet
|
||
device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
|
||
|
||
# PCI/PCI-X/PCIe Ethernet NICs that use iflib infrastructure
|
||
device iflib
|
||
device em # Intel Pro/1000 Gigabit Ethernet
|
||
device ix # Intel Pro/10Gbe PCIE Ethernet
|
||
device ixv # Intel Pro/10Gbe PCIE Ethernet VF
|
||
|
||
# PCI Ethernet NICs.
|
||
device cxgb # Chelsio T3 10 Gigabit Ethernet
|
||
device cxgb_t3fw # Chelsio T3 10 Gigabit Ethernet firmware
|
||
device cxgbe # Chelsio T4-T6 1/10/25/40/100 Gigabit Ethernet
|
||
device cxgbev # Chelsio T4-T6 Virtual Functions
|
||
device le # AMD Am7900 LANCE and Am79C9xx PCnet
|
||
device mxge # Myricom Myri-10G 10GbE NIC
|
||
device oce # Emulex 10 GbE (OneConnect Ethernet)
|
||
device ti # Alteon Networks Tigon I/II gigabit Ethernet
|
||
|
||
# PCI IEEE 802.11 Wireless NICs
|
||
device ath # Atheros pci/cardbus NIC's
|
||
device ath_hal # pci/cardbus chip support
|
||
#device ath_ar5210 # AR5210 chips
|
||
#device ath_ar5211 # AR5211 chips
|
||
#device ath_ar5212 # AR5212 chips
|
||
#device ath_rf2413
|
||
#device ath_rf2417
|
||
#device ath_rf2425
|
||
#device ath_rf5111
|
||
#device ath_rf5112
|
||
#device ath_rf5413
|
||
#device ath_ar5416 # AR5416 chips
|
||
# All of the AR5212 parts have a problem when paired with the AR71xx
|
||
# CPUS. These parts have a bug that triggers a fatal bus error on the AR71xx
|
||
# only. Details of the exact nature of the bug are sketchy, but some can be
|
||
# found at https://forum.openwrt.org/viewtopic.php?pid=70060 on pages 4, 5 and
|
||
# 6. This option enables this workaround. There is a performance penalty
|
||
# for this work around, but without it things don't work at all. The DMA
|
||
# from the card usually bursts 128 bytes, but on the affected CPUs, only
|
||
# 4 are safe.
|
||
options AH_RXCFG_SDMAMW_4BYTES
|
||
#device ath_ar9160 # AR9160 chips
|
||
#device ath_ar9280 # AR9280 chips
|
||
#device ath_ar9285 # AR9285 chips
|
||
device ath_rate_sample # SampleRate tx rate control for ath
|
||
device bwi # Broadcom BCM430* BCM431*
|
||
device bwn # Broadcom BCM43xx
|
||
device malo # Marvell Libertas wireless NICs.
|
||
device mwl # Marvell 88W8363 802.11n wireless NICs.
|
||
device mwlfw
|
||
device ral # Ralink Technology RT2500 wireless NICs.
|
||
device rtwn # Realtek wireless NICs
|
||
device rtwnfw
|
||
|
||
# Use sf_buf(9) interface for jumbo buffers on ti(4) controllers.
|
||
#options TI_SF_BUF_JUMBO
|
||
# Turn on the header splitting option for the ti(4) driver firmware. This
|
||
# only works for Tigon II chips, and has no effect for Tigon I chips.
|
||
# This option requires the TI_SF_BUF_JUMBO option above.
|
||
#options TI_JUMBO_HDRSPLIT
|
||
|
||
# These two options allow manipulating the mbuf cluster size and mbuf size,
|
||
# respectively. Be very careful with NIC driver modules when changing
|
||
# these from their default values, because that can potentially cause a
|
||
# mismatch between the mbuf size assumed by the kernel and the mbuf size
|
||
# assumed by a module. The only driver that currently has the ability to
|
||
# detect a mismatch is ti(4).
|
||
options MCLSHIFT=11 # mbuf cluster shift in bits, 11 == 2KB
|
||
options MSIZE=256 # mbuf size in bytes
|
||
|
||
#
|
||
# Sound drivers
|
||
#
|
||
# sound: The generic sound driver.
|
||
#
|
||
|
||
device sound
|
||
|
||
#
|
||
# snd_*: Device-specific drivers.
|
||
#
|
||
# The flags of the device tell the device a bit more info about the
|
||
# device that normally is obtained through the PnP interface.
|
||
# bit 2..0 secondary DMA channel;
|
||
# bit 4 set if the board uses two dma channels;
|
||
# bit 15..8 board type, overrides autodetection; leave it
|
||
# zero if don't know what to put in (and you don't,
|
||
# since this is unsupported at the moment...).
|
||
#
|
||
# snd_als4000: Avance Logic ALS4000 PCI.
|
||
# snd_atiixp: ATI IXP 200/300/400 PCI.
|
||
# snd_cmi: CMedia CMI8338/CMI8738 PCI.
|
||
# snd_cs4281: Crystal Semiconductor CS4281 PCI.
|
||
# snd_csa: Crystal Semiconductor CS461x/428x PCI. (except
|
||
# 4281)
|
||
# snd_emu10k1: Creative EMU10K1 PCI and EMU10K2 (Audigy) PCI.
|
||
# snd_emu10kx: Creative SoundBlaster Live! and Audigy
|
||
# snd_envy24: VIA Envy24 and compatible, needs snd_spicds.
|
||
# snd_envy24ht: VIA Envy24HT and compatible, needs snd_spicds.
|
||
# snd_es137x: Ensoniq AudioPCI ES137x PCI.
|
||
# snd_fm801: Forte Media FM801 PCI.
|
||
# snd_hda: Intel High Definition Audio (Controller) and
|
||
# compatible.
|
||
# snd_hdsp: RME HDSP 9632 and HDSP 9652
|
||
# snd_hdspe: RME HDSPe AIO and RayDAT.
|
||
# snd_ich: Intel ICH AC'97 and some more audio controllers
|
||
# embedded in a chipset, for example nVidia
|
||
# nForce controllers.
|
||
# snd_maestro3: ESS Technology Maestro-3/Allegro PCI.
|
||
# snd_neomagic: Neomagic 256 AV/ZX PCI.
|
||
# snd_solo: ESS Solo-1x PCI.
|
||
# snd_spicds: SPI codec driver, needed by Envy24/Envy24HT drivers.
|
||
# snd_t4dwave: Trident 4DWave DX/NX PCI, Sis 7018 PCI and Acer Labs
|
||
# M5451 PCI.
|
||
# snd_uaudio: USB audio.
|
||
# snd_via8233: VIA VT8233x PCI.
|
||
# snd_via82c686: VIA VT82C686A PCI.
|
||
# snd_vibes: S3 Sonicvibes PCI.
|
||
|
||
device snd_als4000
|
||
device snd_atiixp
|
||
device snd_cmi
|
||
device snd_cs4281
|
||
device snd_csa
|
||
device snd_emu10k1
|
||
device snd_emu10kx
|
||
device snd_envy24
|
||
device snd_envy24ht
|
||
device snd_es137x
|
||
device snd_fm801
|
||
device snd_hda
|
||
device snd_hdsp
|
||
device snd_hdspe
|
||
device snd_ich
|
||
device snd_maestro3
|
||
device snd_neomagic
|
||
device snd_solo
|
||
device snd_spicds
|
||
device snd_t4dwave
|
||
device snd_uaudio
|
||
device snd_via8233
|
||
device snd_via82c686
|
||
device snd_vibes
|
||
|
||
# For non-PnP sound cards:
|
||
envvar hint.pcm.0.at="isa"
|
||
envvar hint.pcm.0.irq="10"
|
||
envvar hint.pcm.0.drq="1"
|
||
envvar hint.pcm.0.flags="0x0"
|
||
envvar hint.sbc.0.at="isa"
|
||
envvar hint.sbc.0.port="0x220"
|
||
envvar hint.sbc.0.irq="5"
|
||
envvar hint.sbc.0.drq="1"
|
||
envvar hint.sbc.0.flags="0x15"
|
||
envvar hint.gusc.0.at="isa"
|
||
envvar hint.gusc.0.port="0x220"
|
||
envvar hint.gusc.0.irq="5"
|
||
envvar hint.gusc.0.drq="1"
|
||
envvar hint.gusc.0.flags="0x13"
|
||
|
||
#
|
||
# Following options are intended for debugging/testing purposes:
|
||
#
|
||
# SND_DEBUG Enable extra debugging code that includes
|
||
# sanity checking and possible increase of
|
||
# verbosity.
|
||
#
|
||
# SND_DIAGNOSTIC Similar in a spirit of INVARIANTS/DIAGNOSTIC,
|
||
# zero tolerance against inconsistencies.
|
||
#
|
||
# SND_FEEDER_MULTIFORMAT By default, only 16/32 bit feeders are compiled
|
||
# in. This options enable most feeder converters
|
||
# except for 8bit. WARNING: May bloat the kernel.
|
||
#
|
||
# SND_FEEDER_FULL_MULTIFORMAT Ditto, but includes 8bit feeders as well.
|
||
#
|
||
# SND_FEEDER_RATE_HP (feeder_rate) High precision 64bit arithmetic
|
||
# as much as possible (the default trying to
|
||
# avoid it). Possible slowdown.
|
||
#
|
||
# SND_PCM_64 (Only applicable for i386/32bit arch)
|
||
# Process 32bit samples through 64bit
|
||
# integer/arithmetic. Slight increase of dynamic
|
||
# range at a cost of possible slowdown.
|
||
#
|
||
# SND_OLDSTEREO Only 2 channels are allowed, effectively
|
||
# disabling multichannel processing.
|
||
#
|
||
options SND_DEBUG
|
||
options SND_DIAGNOSTIC
|
||
options SND_FEEDER_MULTIFORMAT
|
||
options SND_FEEDER_FULL_MULTIFORMAT
|
||
options SND_FEEDER_RATE_HP
|
||
options SND_PCM_64
|
||
options SND_OLDSTEREO
|
||
|
||
#
|
||
# Cardbus
|
||
#
|
||
# cbb: pci/CardBus bridge implementing YENTA interface
|
||
# cardbus: CardBus slots
|
||
device cbb
|
||
device cardbus
|
||
|
||
#
|
||
# MMC/SD
|
||
#
|
||
# mmc MMC/SD bus
|
||
# mmcsd MMC/SD memory card
|
||
# sdhci Generic PCI SD Host Controller
|
||
# rtsx Realtek SD card reader (RTS5209, RTS5227, ...)
|
||
device mmc
|
||
device mmcsd
|
||
device sdhci
|
||
device rtsx
|
||
|
||
#
|
||
# SMB bus
|
||
#
|
||
# System Management Bus support is provided by the 'smbus' device.
|
||
# Access to the SMBus device is via the 'smb' device (/dev/smb*),
|
||
# which is a child of the 'smbus' device.
|
||
#
|
||
# Supported devices:
|
||
# smb standard I/O through /dev/smb*
|
||
#
|
||
# Supported SMB interfaces:
|
||
# iicsmb I2C to SMB bridge with any iicbus interface
|
||
# intpm Intel PIIX4 (82371AB, 82443MX) Power Management Unit
|
||
# alpm Acer Aladdin-IV/V/Pro2 Power Management Unit
|
||
# ichsmb Intel ICH SMBus controller chips (82801AA, 82801AB, 82801BA)
|
||
# viapm VIA VT82C586B/596B/686A and VT8233 Power Management Unit
|
||
# amdpm AMD 756 Power Management Unit
|
||
# amdsmb AMD 8111 SMBus 2.0 Controller
|
||
# nfpm NVIDIA nForce Power Management Unit
|
||
# nfsmb NVIDIA nForce2/3/4 MCP SMBus 2.0 Controller
|
||
# ismt Intel SMBus 2.0 controller chips (on Atom S1200, C2000)
|
||
#
|
||
device smbus # Bus support, required for smb below.
|
||
|
||
device intpm
|
||
options ENABLE_ALART # Control alarm on Intel intpm driver
|
||
device alpm
|
||
device ichsmb
|
||
device viapm
|
||
device amdpm
|
||
device amdsmb
|
||
device nfpm
|
||
device nfsmb
|
||
device ismt
|
||
|
||
device smb
|
||
|
||
# SMBus peripheral devices
|
||
#
|
||
# jedec_dimm Asset and temperature reporting for DDR3 and DDR4 DIMMs
|
||
#
|
||
device jedec_dimm
|
||
|
||
# I2C Bus
|
||
#
|
||
# Philips i2c bus support is provided by the `iicbus' device.
|
||
#
|
||
# Supported devices:
|
||
# ic i2c network interface
|
||
# iic i2c standard io
|
||
# iicsmb i2c to smb bridge. Allow i2c i/o with smb commands.
|
||
# iicoc simple polling driver for OpenCores I2C controller
|
||
#
|
||
# Other:
|
||
# iicbb generic I2C bit-banging code (needed by lpbb)
|
||
#
|
||
device iicbus # Bus support, required for ic/iic/iicsmb below.
|
||
device iicbb # bitbang driver; implements i2c on a pair of gpio pins
|
||
|
||
device ic
|
||
device iic # userland access to i2c slave devices via ioctl(8)
|
||
device iicsmb # smb over i2c bridge
|
||
device iicoc # OpenCores I2C controller support
|
||
|
||
# I2C bus multiplexer (mux) devices
|
||
device iicmux # i2c mux core driver
|
||
device iic_gpiomux # i2c mux hardware controlled via gpio pins
|
||
device ltc430x # LTC4305 and LTC4306 i2c mux chips
|
||
|
||
# I2C peripheral devices
|
||
#
|
||
device ad7418 # Analog Devices temp and voltage sensor
|
||
device ads111x # Texas Instruments ADS101x and ADS111x ADCs
|
||
device ds1307 # Dallas DS1307 RTC and compatible
|
||
device ds13rtc # All Dallas/Maxim ds13xx chips
|
||
device ds1672 # Dallas DS1672 RTC
|
||
device ds3231 # Dallas DS3231 RTC + temperature
|
||
device fan53555 # Fairchild Semi FAN53555/SYR82x Regulator
|
||
device icee # AT24Cxxx and compatible EEPROMs
|
||
device isl12xx # Intersil ISL12xx RTC
|
||
device lm75 # LM75 compatible temperature sensor
|
||
device nxprtc # NXP RTCs: PCA/PFC212x PCA/PCF85xx
|
||
device rtc8583 # Epson RTC-8583
|
||
device s35390a # Seiko Instruments S-35390A RTC
|
||
device sy8106a # Silergy Corp. SY8106A buck regulator
|
||
|
||
# Parallel-Port Bus
|
||
#
|
||
# Parallel port bus support is provided by the `ppbus' device.
|
||
# Multiple devices may be attached to the parallel port, devices
|
||
# are automatically probed and attached when found.
|
||
#
|
||
# Supported devices:
|
||
# lpt Parallel Printer
|
||
# plip Parallel network interface
|
||
# ppi General-purpose I/O ("Geek Port") + IEEE1284 I/O
|
||
# pps Pulse per second Timing Interface
|
||
# lpbb Philips official parallel port I2C bit-banging interface
|
||
# pcfclock Parallel port clock driver.
|
||
#
|
||
# Supported interfaces:
|
||
# ppc ISA-bus parallel port interfaces.
|
||
#
|
||
|
||
options PPC_PROBE_CHIPSET # Enable chipset specific detection
|
||
# (see flags in ppc(4))
|
||
options DEBUG_1284 # IEEE1284 signaling protocol debug
|
||
options PERIPH_1284 # Makes your computer act as an IEEE1284
|
||
# compliant peripheral
|
||
options DONTPROBE_1284 # Avoid boot detection of PnP parallel devices
|
||
options LPT_DEBUG # Printer driver debug
|
||
options PPC_DEBUG # Parallel chipset level debug
|
||
options PLIP_DEBUG # Parallel network IP interface debug
|
||
options PCFCLOCK_VERBOSE # Verbose pcfclock driver
|
||
options PCFCLOCK_MAX_RETRIES=5 # Maximum read tries (default 10)
|
||
|
||
device ppc
|
||
envvar hint.ppc.0.at="isa"
|
||
envvar hint.ppc.0.irq="7"
|
||
device ppbus
|
||
device lpt
|
||
device plip
|
||
device ppi
|
||
device pps
|
||
device lpbb
|
||
device pcfclock
|
||
|
||
# General Purpose I/O pins
|
||
device dwgpio # Synopsys DesignWare APB GPIO Controller
|
||
device gpio # gpio interfaces and bus support
|
||
device gpiobacklight # sysctl control of gpio-based backlight
|
||
device gpioiic # i2c via gpio bitbang
|
||
device gpiokeys # kbd(4) glue for gpio-based key input
|
||
device gpioled # led(4) gpio glue
|
||
device gpiopower # event handler for gpio-based powerdown
|
||
device gpiopps # Pulse per second input from gpio pin
|
||
device gpioregulator # extres/regulator glue for gpio pin
|
||
device gpiospi # SPI via gpio bitbang
|
||
device gpioths # 1-wire temp/humidity sensor on gpio pin
|
||
|
||
# Pulse width modulation
|
||
device pwmbus # pwm interface and bus support
|
||
device pwmc # userland control access to pwm outputs
|
||
|
||
#
|
||
# Etherswitch framework and drivers
|
||
#
|
||
# etherswitch The etherswitch(4) framework
|
||
# miiproxy Proxy device for miibus(4) functionality
|
||
#
|
||
# Switch hardware support:
|
||
# arswitch Atheros switches
|
||
# ip17x IC+ 17x family switches
|
||
# rtl8366r Realtek RTL8366 switches
|
||
# ukswitch Multi-PHY switches
|
||
#
|
||
device etherswitch
|
||
device miiproxy
|
||
device arswitch
|
||
device ip17x
|
||
device rtl8366rb
|
||
device ukswitch
|
||
|
||
# Kernel BOOTP support
|
||
|
||
options BOOTP # Use BOOTP to obtain IP address/hostname
|
||
# Requires NFSCL and NFS_ROOT
|
||
options BOOTP_NFSROOT # NFS mount root filesystem using BOOTP info
|
||
options BOOTP_NFSV3 # Use NFS v3 to NFS mount root
|
||
options BOOTP_COMPAT # Workaround for broken bootp daemons.
|
||
options BOOTP_WIRED_TO=fxp0 # Use interface fxp0 for BOOTP
|
||
options BOOTP_BLOCKSIZE=8192 # Override NFS block size
|
||
|
||
#
|
||
# Enable software watchdog routines, even if hardware watchdog is present.
|
||
# By default, software watchdog timer is enabled only if no hardware watchdog
|
||
# is present.
|
||
#
|
||
options SW_WATCHDOG
|
||
|
||
#
|
||
# Add the software deadlock resolver thread.
|
||
#
|
||
options DEADLKRES
|
||
|
||
# Set the number of sf_bufs to allocate. sf_bufs are virtual buffers
|
||
# for sendfile(2) that are used to map file VM pages, and normally
|
||
# default to a quantity that is roughly 16*MAXUSERS+512. You would
|
||
# typically want about 4 of these for each simultaneous file send.
|
||
#
|
||
options NSFBUFS=1024
|
||
|
||
#
|
||
# Enable extra debugging code for locks. This stores the filename and
|
||
# line of whatever acquired the lock in the lock itself, and changes a
|
||
# number of function calls to pass around the relevant data. This is
|
||
# not at all useful unless you are debugging lock code. Note that
|
||
# modules should be recompiled as this option modifies KBI.
|
||
#
|
||
options DEBUG_LOCKS
|
||
|
||
#
|
||
# VirtIO support
|
||
#
|
||
# The virtio entry provides a generic bus for use by the device drivers.
|
||
# It must be combined with an interface that communicates with the host.
|
||
# Multiple such interfaces are defined by the VirtIO specification
|
||
# including PCI and MMIO.
|
||
#
|
||
device virtio # Generic VirtIO bus (required)
|
||
device virtio_mmio # VirtIO MMIO Interface
|
||
device virtio_pci # VirtIO PCI Interface
|
||
device vtnet # VirtIO Ethernet device
|
||
device virtio_balloon # VirtIO Memory Balloon device
|
||
device virtio_blk # VirtIO Block device
|
||
device virtio_console # VirtIO Console device
|
||
device virtio_gpu # VirtIO GPU device
|
||
device virtio_random # VirtIO Entropy device
|
||
device virtio_scmi # VirtIO SCMI device
|
||
device virtio_scsi # VirtIO SCSI device
|
||
|
||
#####################################################################
|
||
# HID support
|
||
device hid # Generic HID support
|
||
options HID_DEBUG # enable debug msgs
|
||
device hidbus # HID bus
|
||
device hidmap # HID to evdev mapping
|
||
device hidraw # Raw access driver
|
||
options HIDRAW_MAKE_UHID_ALIAS # install /dev/uhid alias
|
||
device hconf # Multitouch configuration TLC
|
||
device hcons # Consumer controls
|
||
device hgame # Generic game controllers
|
||
device hkbd # HID keyboard
|
||
device hms # HID mouse
|
||
device hmt # HID multitouch (MS-compatible)
|
||
device hpen # Generic pen driver
|
||
device hsctrl # System controls
|
||
device ps4dshock # Sony PS4 DualShock 4 gamepad driver
|
||
device xb360gp # XBox 360 gamepad driver
|
||
|
||
#####################################################################
|
||
# USB support
|
||
# UHCI controller
|
||
device uhci
|
||
# OHCI controller
|
||
device ohci
|
||
# EHCI controller
|
||
device ehci
|
||
# XHCI controller
|
||
device xhci
|
||
# SL811 Controller
|
||
#device slhci
|
||
# General USB code (mandatory for USB)
|
||
device usb
|
||
#
|
||
# USB Double Bulk Pipe devices
|
||
device udbp
|
||
# USB temperature meter
|
||
device ugold
|
||
# USB LED
|
||
device uled
|
||
# Human Interface Device (anything with buttons and dials)
|
||
device uhid
|
||
# USB keyboard
|
||
device ukbd
|
||
# USB printer
|
||
device ulpt
|
||
# USB mass storage driver (Requires scbus and da)
|
||
device umass
|
||
# USB mass storage driver for device-side mode
|
||
device usfs
|
||
# USB support for Belkin F5U109 and Magic Control Technology serial adapters
|
||
device umct
|
||
# USB modem support
|
||
device umodem
|
||
# USB mouse
|
||
device ums
|
||
# USB touchpad(s)
|
||
device atp
|
||
device wsp
|
||
# eGalax USB touch screen
|
||
device uep
|
||
# Diamond Rio 500 MP3 player
|
||
device urio
|
||
# HID-over-USB driver
|
||
device usbhid
|
||
|
||
#
|
||
# USB serial support
|
||
device ucom
|
||
# USB support for 3G modem cards by Option, Novatel, Huawei and Sierra
|
||
device u3g
|
||
# USB support for Technologies ARK3116 based serial adapters
|
||
device uark
|
||
# USB support for Belkin F5U103 and compatible serial adapters
|
||
device ubsa
|
||
# USB support for serial adapters based on the FT8U100AX and FT8U232AM
|
||
device uftdi
|
||
# USB support for some Windows CE based serial communication.
|
||
device uipaq
|
||
# USB support for Prolific PL-2303 serial adapters
|
||
device uplcom
|
||
# USB support for Silicon Laboratories CP2101/CP2102 based USB serial adapters
|
||
device uslcom
|
||
# USB Visor and Palm devices
|
||
device uvisor
|
||
# USB serial support for DDI pocket's PHS
|
||
device uvscom
|
||
#
|
||
# USB ethernet support
|
||
device uether
|
||
# ADMtek USB ethernet. Supports the LinkSys USB100TX,
|
||
# the Billionton USB100, the Melco LU-ATX, the D-Link DSB-650TX
|
||
# and the SMC 2202USB. Also works with the ADMtek AN986 Pegasus
|
||
# eval board.
|
||
device aue
|
||
|
||
# ASIX Electronics AX88172 USB 2.0 ethernet driver. Used in the
|
||
# LinkSys USB200M and various other adapters.
|
||
device axe
|
||
# ASIX Electronics AX88178A/AX88179 USB 2.0/3.0 gigabit ethernet driver.
|
||
device axge
|
||
|
||
#
|
||
# Devices which communicate using Ethernet over USB, particularly
|
||
# Communication Device Class (CDC) Ethernet specification. Supports
|
||
# Sharp Zaurus PDAs, some DOCSIS cable modems and so on.
|
||
device cdce
|
||
#
|
||
# CATC USB-EL1201A USB ethernet. Supports the CATC Netmate
|
||
# and Netmate II, and the Belkin F5U111.
|
||
device cue
|
||
#
|
||
# Kawasaki LSI ethernet. Supports the LinkSys USB10T,
|
||
# Entrega USB-NET-E45, Peracom Ethernet Adapter, the
|
||
# 3Com 3c19250, the ADS Technologies USB-10BT, the ATen UC10T,
|
||
# the Netgear EA101, the D-Link DSB-650, the SMC 2102USB
|
||
# and 2104USB, and the Corega USB-T.
|
||
device kue
|
||
#
|
||
# RealTek RTL8150 USB to fast ethernet. Supports the Melco LUA-KTX
|
||
# and the GREEN HOUSE GH-USB100B.
|
||
device rue
|
||
#
|
||
# Davicom DM9601E USB to fast ethernet. Supports the Corega FEther USB-TXC.
|
||
device udav
|
||
#
|
||
# RealTek RTL8152/RTL8153 USB Ethernet driver
|
||
device ure
|
||
#
|
||
# Moschip MCS7730/MCS7840 USB to fast ethernet. Supports the Sitecom LN030.
|
||
device mos
|
||
#
|
||
# HSxPA devices from Option N.V
|
||
device uhso
|
||
|
||
# Realtek RTL8188SU/RTL8191SU/RTL8192SU wireless driver
|
||
device rsu
|
||
#
|
||
# Ralink Technology RT2501USB/RT2601USB wireless driver
|
||
device rum
|
||
# Ralink Technology RT2700U/RT2800U/RT3000U wireless driver
|
||
device run
|
||
#
|
||
# Atheros AR5523 wireless driver
|
||
device uath
|
||
#
|
||
# Conexant/Intersil PrismGT wireless driver
|
||
device upgt
|
||
#
|
||
# Ralink Technology RT2500USB wireless driver
|
||
device ural
|
||
#
|
||
# RNDIS USB ethernet driver
|
||
device urndis
|
||
# Realtek RTL8187B/L wireless driver
|
||
device urtw
|
||
#
|
||
# ZyDas ZD1211/ZD1211B wireless driver
|
||
device zyd
|
||
#
|
||
# Sierra USB wireless driver
|
||
device usie
|
||
|
||
#
|
||
# debugging options for the USB subsystem
|
||
#
|
||
options USB_DEBUG
|
||
options U3G_DEBUG
|
||
|
||
# options for ukbd:
|
||
options UKBD_DFLT_KEYMAP # specify the built-in keymap
|
||
makeoptions UKBD_DFLT_KEYMAP=jp.106
|
||
|
||
# options for uplcom:
|
||
options UPLCOM_INTR_INTERVAL=100 # interrupt pipe interval
|
||
# in milliseconds
|
||
|
||
# options for uvscom:
|
||
options UVSCOM_DEFAULT_OPKTSIZE=8 # default output packet size
|
||
options UVSCOM_INTR_INTERVAL=100 # interrupt pipe interval
|
||
# in milliseconds
|
||
|
||
#####################################################################
|
||
# FireWire support
|
||
|
||
device firewire # FireWire bus code
|
||
device sbp # SCSI over Firewire (Requires scbus and da)
|
||
device sbp_targ # SBP-2 Target mode (Requires scbus and targ)
|
||
device fwe # Ethernet over FireWire (non-standard!)
|
||
device fwip # IP over FireWire (RFC2734 and RFC3146)
|
||
|
||
#####################################################################
|
||
# dcons support (Dumb Console Device)
|
||
|
||
device dcons # dumb console driver
|
||
device dcons_crom # FireWire attachment
|
||
options DCONS_BUF_SIZE=16384 # buffer size
|
||
options DCONS_POLL_HZ=100 # polling rate
|
||
options DCONS_FORCE_CONSOLE=0 # force to be the primary console
|
||
options DCONS_FORCE_GDB=1 # force to be the gdb device
|
||
|
||
#####################################################################
|
||
# crypto subsystem
|
||
#
|
||
# This is a port of the OpenBSD crypto framework. Include this when
|
||
# configuring IPSEC and when you have a h/w crypto device to accelerate
|
||
# user applications that link to OpenSSL.
|
||
#
|
||
# Drivers are ports from OpenBSD with some simple enhancements that have
|
||
# been fed back to OpenBSD.
|
||
|
||
device crypto # core crypto support
|
||
|
||
# Only install the cryptodev device if you are running tests, or know
|
||
# specifically why you need it. In most cases, it is not needed and
|
||
# will make things slower.
|
||
device cryptodev # /dev/crypto for access to h/w
|
||
|
||
device rndtest # FIPS 140-2 entropy tester
|
||
|
||
device ccr # Chelsio T6
|
||
|
||
device hifn # Hifn 7951, 7781, etc.
|
||
options HIFN_DEBUG # enable debugging support: hw.hifn.debug
|
||
options HIFN_RNDTEST # enable rndtest support
|
||
|
||
device safe # SafeNet 1141
|
||
options SAFE_DEBUG # enable debugging support: hw.safe.debug
|
||
options SAFE_RNDTEST # enable rndtest support
|
||
|
||
#####################################################################
|
||
|
||
|
||
#
|
||
# Embedded system options:
|
||
#
|
||
# An embedded system might want to run something other than init.
|
||
options INIT_PATH=/sbin/init:/rescue/init
|
||
|
||
# Debug options
|
||
options BUS_DEBUG # enable newbus debugging
|
||
options DEBUG_VFS_LOCKS # enable VFS lock debugging
|
||
options SOCKBUF_DEBUG # enable sockbuf last record/mb tail checking
|
||
options IFMEDIA_DEBUG # enable debugging in net/if_media.c
|
||
|
||
#
|
||
# Verbose SYSINIT
|
||
#
|
||
# Make the SYSINIT process performed by mi_startup() verbose. This is very
|
||
# useful when porting to a new architecture. If DDB is also enabled, this
|
||
# will print function names instead of addresses. If defined with a value
|
||
# of zero, the verbose code is compiled-in but disabled by default, and can
|
||
# be enabled with the debug.verbose_sysinit=1 tunable.
|
||
options VERBOSE_SYSINIT
|
||
|
||
#####################################################################
|
||
# SYSV IPC KERNEL PARAMETERS
|
||
#
|
||
# Maximum number of System V semaphores that can be used on the system at
|
||
# one time.
|
||
options SEMMNI=11
|
||
|
||
# Total number of semaphores system wide
|
||
options SEMMNS=61
|
||
|
||
# Total number of undo structures in system
|
||
options SEMMNU=31
|
||
|
||
# Maximum number of System V semaphores that can be used by a single process
|
||
# at one time.
|
||
options SEMMSL=61
|
||
|
||
# Maximum number of operations that can be outstanding on a single System V
|
||
# semaphore at one time.
|
||
options SEMOPM=101
|
||
|
||
# Maximum number of undo operations that can be outstanding on a single
|
||
# System V semaphore at one time.
|
||
options SEMUME=11
|
||
|
||
# Maximum number of shared memory pages system wide.
|
||
options SHMALL=1025
|
||
|
||
# Maximum size, in bytes, of a single System V shared memory region.
|
||
options SHMMAX=(SHMMAXPGS*PAGE_SIZE+1)
|
||
options SHMMAXPGS=1025
|
||
|
||
# Minimum size, in bytes, of a single System V shared memory region.
|
||
options SHMMIN=2
|
||
|
||
# Maximum number of shared memory regions that can be used on the system
|
||
# at one time.
|
||
options SHMMNI=33
|
||
|
||
# Maximum number of System V shared memory regions that can be attached to
|
||
# a single process at one time.
|
||
options SHMSEG=9
|
||
|
||
# Set the amount of time (in seconds) the system will wait before
|
||
# rebooting automatically when a kernel panic occurs. If set to (-1),
|
||
# the system will wait indefinitely until a key is pressed on the
|
||
# console.
|
||
options PANIC_REBOOT_WAIT_TIME=16
|
||
|
||
# Attempt to bypass the buffer cache and put data directly into the
|
||
# userland buffer for read operation when O_DIRECT flag is set on the
|
||
# file. Both offset and length of the read operation must be
|
||
# multiples of the physical media sector size.
|
||
#
|
||
options DIRECTIO
|
||
|
||
# Specify a lower limit for the number of swap I/O buffers. They are
|
||
# (among other things) used when bypassing the buffer cache due to
|
||
# DIRECTIO kernel option enabled and O_DIRECT flag set on file.
|
||
#
|
||
options NSWBUF_MIN=120
|
||
|
||
#####################################################################
|
||
|
||
# More undocumented options for linting.
|
||
# Note that documenting these is not considered an affront.
|
||
|
||
options CAM_DEBUG_DELAY
|
||
|
||
options DEBUG
|
||
|
||
# Kernel filelock debugging.
|
||
options LOCKF_DEBUG
|
||
|
||
# System V compatible message queues
|
||
# Please note that the values provided here are used to test kernel
|
||
# building. The defaults in the sources provide almost the same numbers.
|
||
# MSGSSZ must be a power of 2 between 8 and 1024.
|
||
options MSGMNB=2049 # Max number of chars in queue
|
||
options MSGMNI=41 # Max number of message queue identifiers
|
||
options MSGSEG=2049 # Max number of message segments
|
||
options MSGSSZ=16 # Size of a message segment
|
||
options MSGTQL=41 # Max number of messages in system
|
||
|
||
options NBUF=512 # Number of buffer headers
|
||
|
||
options SC_DEBUG_LEVEL=5 # Syscons debug level
|
||
options SC_RENDER_DEBUG # syscons rendering debugging
|
||
|
||
options VFS_BIO_DEBUG # VFS buffer I/O debugging
|
||
|
||
options KSTACK_MAX_PAGES=32 # Maximum pages to give the kernel stack
|
||
options KSTACK_USAGE_PROF
|
||
|
||
# Adaptec Array Controller driver options
|
||
options AAC_DEBUG # Debugging levels:
|
||
# 0 - quiet, only emit warnings
|
||
# 1 - noisy, emit major function
|
||
# points and things done
|
||
# 2 - extremely noisy, emit trace
|
||
# items in loops, etc.
|
||
|
||
# Resource Accounting
|
||
options RACCT
|
||
|
||
# Resource Limits
|
||
options RCTL
|
||
|
||
# Yet more undocumented options for linting.
|
||
options MAXFILES=999
|
||
|
||
# Random number generator
|
||
# Alternative algorithm.
|
||
#options RANDOM_FENESTRASX
|
||
# Allow the CSPRNG algorithm to be loaded as a module.
|
||
#options RANDOM_LOADABLE
|
||
# Select this to allow high-rate but potentially expensive
|
||
# harvesting of Slab-Allocator entropy. In very high-rate
|
||
# situations the value of doing this is dubious at best.
|
||
options RANDOM_ENABLE_UMA # slab allocator
|
||
|
||
# Select this to allow high-rate but potentially expensive
|
||
# harvesting of the m_next pointer in the mbuf. Note that
|
||
# the m_next pointer is NULL except when receiving > 4K
|
||
# jumbo frames or sustained bursts by way of LRO. Thus in
|
||
# the common case it is stirring zero in to the entropy
|
||
# pool. In cases where it is not NULL it is pointing to one
|
||
# of a small (in the thousands to 10s of thousands) number
|
||
# of 256 byte aligned mbufs. Hence it is, even in the best
|
||
# case, a poor source of entropy. And in the absence of actual
|
||
# runtime analysis of entropy collection may mislead the user in
|
||
# to believe that substantially more entropy is being collected
|
||
# than in fact is - leading to a different class of security
|
||
# risk. In high packet rate situations ethernet entropy
|
||
# collection is also very expensive, possibly leading to as
|
||
# much as a 50% drop in packets received.
|
||
# This option is present to maintain backwards compatibility
|
||
# if desired, however it cannot be recommended for use in any
|
||
# environment.
|
||
options RANDOM_ENABLE_ETHER # ether_input
|
||
|
||
# Module to enable execution of application via emulators like QEMU
|
||
options IMGACT_BINMISC
|
||
|
||
# zlib I/O stream support
|
||
# This enables support for compressed core dumps.
|
||
options GZIO
|
||
|
||
# PAX and HardenedBSD related knobs
|
||
options PAX # Enable the PAX framework
|
||
options PAX_CONTROL_ACL # PaX MAC framework, required for secadm
|
||
options PAX_CONTROL_ACL_OVERRIDE_SUPPORT # Allow to override hbsdcontrol settings with ACLs
|
||
options PAX_CONTROL_EXTATTR # extattr based control framework for hbsdcontrol
|
||
options PAX_ASLR # Address Space Layout Randomization
|
||
options PAX_HARDENING # Other hardening features
|
||
options PAX_NOEXEC # Remove WX pages from user-space and enforce W^X
|
||
options PAX_SEGVGUARD # Track and ban failing process
|
||
options PAX_SYSCTLS # Run-time settings for PAX and Hardening
|
||
options PAX_JAIL_SUPPORT # Allow to override PAX settings per jail
|
||
options PAX_INSECURE_MODE # Allow to override INVARIANTS enforcements
|
||
options HBSD_DEBUG
|
||
|
||
# zstd support
|
||
# This enables support for Zstd compressed core dumps, GEOM_UZIP images,
|
||
# and is required by zfs if statically linked.
|
||
options ZSTDIO
|
||
|
||
# BHND(4) drivers
|
||
options BHND_LOGLEVEL # Logging threshold level
|
||
|
||
# evdev interface
|
||
device evdev # input event device support
|
||
options EVDEV_SUPPORT # evdev support in legacy drivers
|
||
options EVDEV_DEBUG # enable event debug msgs
|
||
device uinput # install /dev/uinput cdev
|
||
options UINPUT_DEBUG # enable uinput debug msgs
|
||
|
||
# Encrypted kernel crash dumps.
|
||
options EKCD
|
||
|
||
# Serial Peripheral Interface (SPI) support.
|
||
device spibus # Bus support.
|
||
device at45d # DataFlash driver
|
||
device cqspi #
|
||
device mx25l # SPIFlash driver
|
||
device n25q #
|
||
device spigen # Generic access to SPI devices from userland.
|
||
# Enable legacy /dev/spigenN name aliases for /dev/spigenX.Y devices.
|
||
options SPIGEN_LEGACY_CDEVNAME # legacy device names for spigen
|
||
|
||
# Compression supports.
|
||
device zlib # gzip/zlib compression/decompression library
|
||
device xz # xz_embedded LZMA de-compression library
|
||
|
||
# Kernel support for stats(3).
|
||
options STATS
|
||
|
||
# File system monitoring
|
||
device filemon # file monitoring for make(1) meta-mode
|