FreeBSD/Linux Kernel Cross Reference
sys/conf/NOTES
1 # $FreeBSD: src/sys/conf/NOTES,v 1.1516 2008/11/12 09:52:06 yongari Exp $
2 #
3 # NOTES -- Lines that can be cut/pasted into kernel and hints configs.
4 #
5 # Lines that begin with 'device', 'options', 'machine', 'ident', 'maxusers',
6 # 'makeoptions', 'hints', etc. go into the kernel configuration that you
7 # run config(8) with.
8 #
9 # Lines that begin with 'hint.' are NOT for config(8), they go into your
10 # hints file. See /boot/device.hints and/or the 'hints' config(8) directive.
11 #
12 # Please use ``make LINT'' to create an old-style LINT file if you want to
13 # do kernel test-builds.
14 #
15 # This file contains machine independent kernel configuration notes. For
16 # machine dependent notes, look in /sys/<arch>/conf/NOTES.
17 #
18
19 #
20 # NOTES conventions and style guide:
21 #
22 # Large block comments should begin and end with a line containing only a
23 # comment character.
24 #
25 # To describe a particular object, a block comment (if it exists) should
26 # come first. Next should come device, options, and hints lines in that
27 # order. All device and option lines must be described by a comment that
28 # doesn't just expand the device or option name. Use only a concise
29 # comment on the same line if possible. Very detailed descriptions of
30 # devices and subsystems belong in man pages.
31 #
32 # A space followed by a tab separates 'options' from an option name. Two
33 # spaces followed by a tab separate 'device' from a device name. Comments
34 # after an option or device should use one space after the comment character.
35 # To comment out a negative option that disables code and thus should not be
36 # enabled for LINT builds, precede 'options' with "#!".
37 #
38
39 #
40 # This is the ``identification'' of the kernel. Usually this should
41 # be the same as the name of your kernel.
42 #
43 ident LINT
44
45 #
46 # The `maxusers' parameter controls the static sizing of a number of
47 # internal system tables by a formula defined in subr_param.c.
48 # Omitting this parameter or setting it to 0 will cause the system to
49 # auto-size based on physical memory.
50 #
51 maxusers 10
52
53 #
54 # The `makeoptions' parameter allows variables to be passed to the
55 # generated Makefile in the build area.
56 #
57 # CONF_CFLAGS gives some extra compiler flags that are added to ${CFLAGS}
58 # after most other flags. Here we use it to inhibit use of non-optimal
59 # gcc built-in functions (e.g., memcmp).
60 #
61 # DEBUG happens to be magic.
62 # The following is equivalent to 'config -g KERNELNAME' and creates
63 # 'kernel.debug' compiled with -g debugging as well as a normal
64 # 'kernel'. Use 'make install.debug' to install the debug kernel
65 # but that isn't normally necessary as the debug symbols are not loaded
66 # by the kernel and are not useful there anyway.
67 #
68 # KERNEL can be overridden so that you can change the default name of your
69 # kernel.
70 #
71 # MODULES_OVERRIDE can be used to limit modules built to a specific list.
72 #
73 makeoptions CONF_CFLAGS=-fno-builtin #Don't allow use of memcmp, etc.
74 #makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols
75 #makeoptions KERNEL=foo #Build kernel "foo" and install "/foo"
76 # Only build ext2fs module plus those parts of the sound system I need.
77 #makeoptions MODULES_OVERRIDE="ext2fs sound/sound sound/driver/maestro3"
78 makeoptions DESTDIR=/tmp
79
80 #
81 # FreeBSD processes are subject to certain limits to their consumption
82 # of system resources. See getrlimit(2) for more details. Each
83 # resource limit has two values, a "soft" limit and a "hard" limit.
84 # The soft limits can be modified during normal system operation, but
85 # the hard limits are set at boot time. Their default values are
86 # in sys/<arch>/include/vmparam.h. There are two ways to change them:
87 #
88 # 1. Set the values at kernel build time. The options below are one
89 # way to allow that limit to grow to 1GB. They can be increased
90 # further by changing the parameters:
91 #
92 # 2. In /boot/loader.conf, set the tunables kern.maxswzone,
93 # kern.maxbcache, kern.maxtsiz, kern.dfldsiz, kern.maxdsiz,
94 # kern.dflssiz, kern.maxssiz and kern.sgrowsiz.
95 #
96 # The options in /boot/loader.conf override anything in the kernel
97 # configuration file. See the function init_param1 in
98 # sys/kern/subr_param.c for more details.
99 #
100
101 options MAXDSIZ=(1024UL*1024*1024)
102 options MAXSSIZ=(128UL*1024*1024)
103 options DFLDSIZ=(1024UL*1024*1024)
104
105 #
106 # BLKDEV_IOSIZE sets the default block size used in user block
107 # device I/O. Note that this value will be overridden by the label
108 # when specifying a block device from a label with a non-0
109 # partition blocksize. The default is PAGE_SIZE.
110 #
111 options BLKDEV_IOSIZE=8192
112
113 #
114 # MAXPHYS and DFLTPHYS
115 #
116 # These are the max and default 'raw' I/O block device access sizes.
117 # Reads and writes will be split into DFLTPHYS chunks. Some applications
118 # have better performance with larger raw I/O access sizes. Typically
119 # MAXPHYS should be twice the size of DFLTPHYS. Note that certain VM
120 # parameters are derived from these values and making them too large
121 # can make an an unbootable kernel.
122 #
123 # The defaults are 64K and 128K respectively.
124 options DFLTPHYS=(64*1024)
125 options MAXPHYS=(128*1024)
126
127
128 # This allows you to actually store this configuration file into
129 # the kernel binary itself. See config(8) for more details.
130 #
131 options INCLUDE_CONFIG_FILE # Include this file in kernel
132
133 options GEOM_AES # Don't use, use GEOM_BDE
134 options GEOM_BDE # Disk encryption.
135 options GEOM_BSD # BSD disklabels
136 options GEOM_CACHE # Disk cache.
137 options GEOM_CONCAT # Disk concatenation.
138 options GEOM_ELI # Disk encryption.
139 options GEOM_FOX # Redundant path mitigation
140 options GEOM_GATE # Userland services.
141 options GEOM_JOURNAL # Journaling.
142 options GEOM_LABEL # Providers labelization.
143 options GEOM_LINUX_LVM # Linux LVM2 volumes
144 options GEOM_MBR # DOS/MBR partitioning
145 options GEOM_MIRROR # Disk mirroring.
146 options GEOM_MULTIPATH # Disk multipath
147 options GEOM_NOP # Test class.
148 options GEOM_PART_APM # Apple partitioning
149 options GEOM_PART_BSD # BSD disklabel
150 options GEOM_PART_GPT # GPT partitioning
151 options GEOM_PART_MBR # MBR partitioning
152 options GEOM_PART_PC98 # PC-9800 disk partitioning
153 options GEOM_PART_VTOC8 # SMI VTOC8 disk label
154 options GEOM_PC98 # NEC PC9800 partitioning
155 options GEOM_RAID3 # RAID3 functionality.
156 options GEOM_SHSEC # Shared secret.
157 options GEOM_STRIPE # Disk striping.
158 options GEOM_SUNLABEL # Sun/Solaris partitioning
159 options GEOM_UZIP # Read-only compressed disks
160 options GEOM_VIRSTOR # Virtual storage.
161 options GEOM_VOL # Volume names from UFS superblock
162 options GEOM_ZERO # Performance testing helper.
163
164 #
165 # The root device and filesystem type can be compiled in;
166 # this provides a fallback option if the root device cannot
167 # be correctly guessed by the bootstrap code, or an override if
168 # the RB_DFLTROOT flag (-r) is specified when booting the kernel.
169 #
170 options ROOTDEVNAME=\"ufs:da0s2e\"
171
172
173 #####################################################################
174 # Scheduler options:
175 #
176 # Specifying one of SCHED_4BSD or SCHED_ULE is mandatory. These options
177 # select which scheduler is compiled in.
178 #
179 # SCHED_4BSD is the historical, proven, BSD scheduler. It has a global run
180 # queue and no CPU affinity which makes it suboptimal for SMP. It has very
181 # good interactivity and priority selection.
182 #
183 # SCHED_ULE provides significant performance advantages over 4BSD on many
184 # workloads on SMP machines. It supports cpu-affinity, per-cpu runqueues
185 # and scheduler locks. It also has a stronger notion of interactivity
186 # which leads to better responsiveness even on uniprocessor machines. This
187 # will eventually become the default scheduler.
188 #
189 # SCHED_STATS is a debugging option which keeps some stats in the sysctl
190 # tree at 'kern.sched.stats' and is useful for debugging scheduling decisions.
191 #
192 options SCHED_4BSD
193 options SCHED_STATS
194 #options SCHED_ULE
195
196 #####################################################################
197 # SMP OPTIONS:
198 #
199 # SMP enables building of a Symmetric MultiProcessor Kernel.
200
201 # Mandatory:
202 options SMP # Symmetric MultiProcessor Kernel
203
204 # ADAPTIVE_MUTEXES changes the behavior of blocking mutexes to spin
205 # if the thread that currently owns the mutex is executing on another
206 # CPU. This behaviour is enabled by default, so this option can be used
207 # to disable it.
208 options NO_ADAPTIVE_MUTEXES
209
210 # ADAPTIVE_RWLOCKS changes the behavior of reader/writer locks to spin
211 # if the thread that currently owns the rwlock is executing on another
212 # CPU. This behaviour is enabled by default, so this option can be used
213 # to disable it.
214 options NO_ADAPTIVE_RWLOCKS
215
216 # ADAPTIVE_SX changes the behavior of sx locks to spin if the thread
217 # that currently owns the lock is executing on another CPU. Note that
218 # in addition to enabling this option, individual sx locks must be
219 # initialized with the SX_ADAPTIVESPIN flag.
220 options ADAPTIVE_SX
221
222 # MUTEX_NOINLINE forces mutex operations to call functions to perform each
223 # operation rather than inlining the simple cases. This can be used to
224 # shrink the size of the kernel text segment. Note that this behavior is
225 # already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
226 # and WITNESS options.
227 options MUTEX_NOINLINE
228
229 # RWLOCK_NOINLINE forces rwlock operations to call functions to perform each
230 # operation rather than inlining the simple cases. This can be used to
231 # shrink the size of the kernel text segment. Note that this behavior is
232 # already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
233 # and WITNESS options.
234 options RWLOCK_NOINLINE
235
236 # SX_NOINLINE forces sx lock operations to call functions to perform each
237 # operation rather than inlining the simple cases. This can be used to
238 # shrink the size of the kernel text segment. Note that this behavior is
239 # already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
240 # and WITNESS options.
241 options SX_NOINLINE
242
243 # SMP Debugging Options:
244 #
245 # PREEMPTION allows the threads that are in the kernel to be preempted by
246 # higher priority [interrupt] threads. It helps with interactivity
247 # and allows interrupt threads to run sooner rather than waiting.
248 # WARNING! Only tested on amd64 and i386.
249 # FULL_PREEMPTION instructs the kernel to preempt non-realtime kernel
250 # threads. Its sole use is to expose race conditions and other
251 # bugs during development. Enabling this option will reduce
252 # performance and increase the frequency of kernel panics by
253 # design. If you aren't sure that you need it then you don't.
254 # Relies on the PREEMPTION option. DON'T TURN THIS ON.
255 # MUTEX_DEBUG enables various extra assertions in the mutex code.
256 # SLEEPQUEUE_PROFILING enables rudimentary profiling of the hash table
257 # used to hold active sleep queues as well as sleep wait message
258 # frequency.
259 # TURNSTILE_PROFILING enables rudimentary profiling of the hash table
260 # used to hold active lock queues.
261 # WITNESS enables the witness code which detects deadlocks and cycles
262 # during locking operations.
263 # WITNESS_KDB causes the witness code to drop into the kernel debugger if
264 # a lock hierarchy violation occurs or if locks are held when going to
265 # sleep.
266 # WITNESS_SKIPSPIN disables the witness checks on spin mutexes.
267 options PREEMPTION
268 options FULL_PREEMPTION
269 options MUTEX_DEBUG
270 options WITNESS
271 options WITNESS_KDB
272 options WITNESS_SKIPSPIN
273
274 # LOCK_PROFILING - Profiling locks. See LOCK_PROFILING(9) for details.
275 options LOCK_PROFILING
276 # Set the number of buffers and the hash size. The hash size MUST be larger
277 # than the number of buffers. Hash size should be prime.
278 options MPROF_BUFFERS="1536"
279 options MPROF_HASH_SIZE="1543"
280
281 # Profiling for internal hash tables.
282 options SLEEPQUEUE_PROFILING
283 options TURNSTILE_PROFILING
284
285
286 #####################################################################
287 # COMPATIBILITY OPTIONS
288
289 #
290 # Implement system calls compatible with 4.3BSD and older versions of
291 # FreeBSD. You probably do NOT want to remove this as much current code
292 # still relies on the 4.3 emulation. Note that some architectures that
293 # are supported by FreeBSD do not include support for certain important
294 # aspects of this compatibility option, namely those related to the
295 # signal delivery mechanism.
296 #
297 options COMPAT_43
298
299 # Old tty interface.
300 options COMPAT_43TTY
301
302 # Enable FreeBSD4 compatibility syscalls
303 options COMPAT_FREEBSD4
304
305 # Enable FreeBSD5 compatibility syscalls
306 options COMPAT_FREEBSD5
307
308 # Enable FreeBSD6 compatibility syscalls
309 options COMPAT_FREEBSD6
310
311 # Enable FreeBSD7 compatibility syscalls
312 options COMPAT_FREEBSD7
313
314 #
315 # These three options provide support for System V Interface
316 # Definition-style interprocess communication, in the form of shared
317 # memory, semaphores, and message queues, respectively.
318 #
319 options SYSVSHM
320 options SYSVSEM
321 options SYSVMSG
322
323
324 #####################################################################
325 # DEBUGGING OPTIONS
326
327 #
328 # Compile with kernel debugger related code.
329 #
330 options KDB
331
332 #
333 # Print a stack trace of the current thread on the console for a panic.
334 #
335 options KDB_TRACE
336
337 #
338 # Don't enter the debugger for a panic. Intended for unattended operation
339 # where you may want to enter the debugger from the console, but still want
340 # the machine to recover from a panic.
341 #
342 options KDB_UNATTENDED
343
344 #
345 # Enable the ddb debugger backend.
346 #
347 options DDB
348
349 #
350 # Print the numerical value of symbols in addition to the symbolic
351 # representation.
352 #
353 options DDB_NUMSYM
354
355 #
356 # Enable the remote gdb debugger backend.
357 #
358 options GDB
359
360 #
361 # Enable the kernel DTrace hooks which are required to load the DTrace
362 # kernel modules.
363 #
364 options KDTRACE_HOOKS
365
366 #
367 # SYSCTL_DEBUG enables a 'sysctl' debug tree that can be used to dump the
368 # contents of the registered sysctl nodes on the console. It is disabled by
369 # default because it generates excessively verbose console output that can
370 # interfere with serial console operation.
371 #
372 options SYSCTL_DEBUG
373
374 #
375 # DEBUG_MEMGUARD builds and enables memguard(9), a replacement allocator
376 # for the kernel used to detect modify-after-free scenarios. See the
377 # memguard(9) man page for more information on usage.
378 #
379 options DEBUG_MEMGUARD
380
381 #
382 # DEBUG_REDZONE enables buffer underflows and buffer overflows detection for
383 # malloc(9).
384 #
385 options DEBUG_REDZONE
386
387 #
388 # KTRACE enables the system-call tracing facility ktrace(2). To be more
389 # SMP-friendly, KTRACE uses a worker thread to process most trace events
390 # asynchronously to the thread generating the event. This requires a
391 # pre-allocated store of objects representing trace events. The
392 # KTRACE_REQUEST_POOL option specifies the initial size of this store.
393 # The size of the pool can be adjusted both at boottime and runtime via
394 # the kern.ktrace_request_pool tunable and sysctl.
395 #
396 options KTRACE #kernel tracing
397 options KTRACE_REQUEST_POOL=101
398
399 #
400 # KTR is a kernel tracing mechanism imported from BSD/OS. Currently
401 # it has no userland interface aside from a few sysctl's. It is
402 # enabled with the KTR option. KTR_ENTRIES defines the number of
403 # entries in the circular trace buffer; it must be a power of two.
404 # KTR_COMPILE defines the mask of events to compile into the kernel as
405 # defined by the KTR_* constants in <sys/ktr.h>. KTR_MASK defines the
406 # initial value of the ktr_mask variable which determines at runtime
407 # what events to trace. KTR_CPUMASK determines which CPU's log
408 # events, with bit X corresponding to CPU X. KTR_VERBOSE enables
409 # dumping of KTR events to the console by default. This functionality
410 # can be toggled via the debug.ktr_verbose sysctl and defaults to off
411 # if KTR_VERBOSE is not defined.
412 #
413 options KTR
414 options KTR_ENTRIES=1024
415 options KTR_COMPILE=(KTR_INTR|KTR_PROC)
416 options KTR_MASK=KTR_INTR
417 options KTR_CPUMASK=0x3
418 options KTR_VERBOSE
419
420 #
421 # ALQ(9) is a facility for the asynchronous queuing of records from the kernel
422 # to a vnode, and is employed by services such as KTR(4) to produce trace
423 # files based on a kernel event stream. Records are written asynchronously
424 # in a worker thread.
425 #
426 options ALQ
427 options KTR_ALQ
428
429 #
430 # The INVARIANTS option is used in a number of source files to enable
431 # extra sanity checking of internal structures. This support is not
432 # enabled by default because of the extra time it would take to check
433 # for these conditions, which can only occur as a result of
434 # programming errors.
435 #
436 options INVARIANTS
437
438 #
439 # The INVARIANT_SUPPORT option makes us compile in support for
440 # verifying some of the internal structures. It is a prerequisite for
441 # 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be
442 # called. The intent is that you can set 'INVARIANTS' for single
443 # source files (by changing the source file or specifying it on the
444 # command line) if you have 'INVARIANT_SUPPORT' enabled. Also, if you
445 # wish to build a kernel module with 'INVARIANTS', then adding
446 # 'INVARIANT_SUPPORT' to your kernel will provide all the necessary
447 # infrastructure without the added overhead.
448 #
449 options INVARIANT_SUPPORT
450
451 #
452 # The DIAGNOSTIC option is used to enable extra debugging information
453 # from some parts of the kernel. As this makes everything more noisy,
454 # it is disabled by default.
455 #
456 options DIAGNOSTIC
457
458 #
459 # REGRESSION causes optional kernel interfaces necessary only for regression
460 # testing to be enabled. These interfaces may constitute security risks
461 # when enabled, as they permit processes to easily modify aspects of the
462 # run-time environment to reproduce unlikely or unusual (possibly normally
463 # impossible) scenarios.
464 #
465 options REGRESSION
466
467 #
468 # RESTARTABLE_PANICS allows one to continue from a panic as if it were
469 # a call to the debugger to continue from a panic as instead. It is only
470 # useful if a kernel debugger is present. To restart from a panic, reset
471 # the panicstr variable to NULL and continue execution. This option is
472 # for development use only and should NOT be used in production systems
473 # to "workaround" a panic.
474 #
475 #options RESTARTABLE_PANICS
476
477 #
478 # This option let some drivers co-exist that can't co-exist in a running
479 # system. This is used to be able to compile all kernel code in one go for
480 # quality assurance purposes (like this file, which the option takes it name
481 # from.)
482 #
483 options COMPILING_LINT
484
485 #
486 # STACK enables the stack(9) facility, allowing the capture of kernel stack
487 # for the purpose of procinfo(1), etc. stack(9) will also be compiled in
488 # automatically if DDB(4) is compiled into the kernel.
489 #
490 options STACK
491
492
493 #####################################################################
494 # PERFORMANCE MONITORING OPTIONS
495
496 #
497 # The hwpmc driver that allows the use of in-CPU performance monitoring
498 # counters for performance monitoring. The base kernel needs to configured
499 # with the 'options' line, while the hwpmc device can be either compiled
500 # in or loaded as a loadable kernel module.
501 #
502 # Additional configuration options may be required on specific architectures,
503 # please see hwpmc(4).
504
505 device hwpmc # Driver (also a loadable module)
506 options HWPMC_HOOKS # Other necessary kernel hooks
507
508
509 #####################################################################
510 # NETWORKING OPTIONS
511
512 #
513 # Protocol families
514 #
515 options INET #Internet communications protocols
516 options INET6 #IPv6 communications protocols
517
518 options ROUTETABLES=2 # max 16. 1 is back compatible.
519
520 # In order to enable IPSEC you MUST also add device crypto to
521 # your kernel configuration
522 options IPSEC #IP security (requires device crypto)
523 #options IPSEC_DEBUG #debug for IP security
524 #
525 # Set IPSEC_FILTERTUNNEL to force packets coming through a tunnel
526 # to be processed by any configured packet filtering twice.
527 # The default is that packets coming out of a tunnel are _not_ processed;
528 # they are assumed trusted.
529 #
530 # IPSEC history is preserved for such packets, and can be filtered
531 # using ipfw(8)'s 'ipsec' keyword, when this option is enabled.
532 #
533 #options IPSEC_FILTERTUNNEL #filter ipsec packets from a tunnel
534
535 options IPX #IPX/SPX communications protocols
536
537 options NCP #NetWare Core protocol
538
539 options NETATALK #Appletalk communications protocols
540 options NETATALKDEBUG #Appletalk debugging
541
542 #
543 # SMB/CIFS requester
544 # NETSMB enables support for SMB protocol, it requires LIBMCHAIN and LIBICONV
545 # options.
546 options NETSMB #SMB/CIFS requester
547
548 # mchain library. It can be either loaded as KLD or compiled into kernel
549 options LIBMCHAIN
550
551 # libalias library, performing NAT
552 options LIBALIAS
553
554 #
555 # SCTP is a NEW transport protocol defined by
556 # RFC2960 updated by RFC3309 and RFC3758.. and
557 # soon to have a new base RFC and many many more
558 # extensions. This release supports all the extensions
559 # including many drafts (most about to become RFC's).
560 # It is the premeier SCTP implementation in the NET
561 # and is quite well tested.
562 #
563 # Note YOU MUST have both INET and INET6 defined.
564 # you don't have to enable V6, but SCTP is
565 # dual stacked and so far we have not teased apart
566 # the V6 and V4.. since an association can span
567 # both a V6 and V4 address at the SAME time :-)
568 #
569 options SCTP
570 # There are bunches of options:
571 # this one turns on all sorts of
572 # nastly printing that you can
573 # do. Its all controled by a
574 # bit mask (settable by socket opt and
575 # by sysctl). Including will not cause
576 # logging until you set the bits.. but it
577 # can be quite verbose.. so without this
578 # option we don't do any of the tests for
579 # bits and prints.. which makes the code run
580 # faster.. if you are not debugging don't use.
581 options SCTP_DEBUG
582 #
583 # This option turns off the CRC32c checksum. Basically
584 # You will not be able to talk to anyone else that
585 # has not done this. Its more for expermentation to
586 # see how much CPU the CRC32c really takes. Most new
587 # cards for TCP support checksum offload.. so this
588 # option gives you a "view" into what SCTP would be
589 # like with such an offload (which only exists in
590 # high in iSCSI boards so far). With the new
591 # splitting 8's algorithm its not as bad as it used
592 # to be.. but it does speed things up try only
593 # for in a captured lab environment :-)
594 options SCTP_WITH_NO_CSUM
595 #
596
597 #
598 # All that options after that turn on specific types of
599 # logging. You can monitor CWND growth, flight size
600 # and all sorts of things. Go look at the code and
601 # see. I have used this to produce interesting
602 # charts and graphs as well :->
603 #
604 # I have not yet commited the tools to get and print
605 # the logs, I will do that eventually .. before then
606 # if you want them send me an email rrs@freebsd.org
607 # You basically must have KTR enabled for these
608 # and you then set the sysctl to turn on/off various
609 # logging bits. Use ktrdump to pull the log and run
610 # it through a dispaly program.. and graphs and other
611 # things too.
612 #
613 options SCTP_LOCK_LOGGING
614 options SCTP_MBUF_LOGGING
615 options SCTP_MBCNT_LOGGING
616 options SCTP_PACKET_LOGGING
617 options SCTP_LTRACE_CHUNKS
618 options SCTP_LTRACE_ERRORS
619
620
621 # altq(9). Enable the base part of the hooks with the ALTQ option.
622 # Individual disciplines must be built into the base system and can not be
623 # loaded as modules at this point. ALTQ requires a stable TSC so if yours is
624 # broken or changes with CPU throttling then you must also have the ALTQ_NOPCC
625 # option.
626 options ALTQ
627 options ALTQ_CBQ # Class Based Queueing
628 options ALTQ_RED # Random Early Detection
629 options ALTQ_RIO # RED In/Out
630 options ALTQ_HFSC # Hierarchical Packet Scheduler
631 options ALTQ_CDNR # Traffic conditioner
632 options ALTQ_PRIQ # Priority Queueing
633 options ALTQ_NOPCC # Required if the TSC is unusable
634 options ALTQ_DEBUG
635
636 # netgraph(4). Enable the base netgraph code with the NETGRAPH option.
637 # Individual node types can be enabled with the corresponding option
638 # listed below; however, this is not strictly necessary as netgraph
639 # will automatically load the corresponding KLD module if the node type
640 # is not already compiled into the kernel. Each type below has a
641 # corresponding man page, e.g., ng_async(8).
642 options NETGRAPH # netgraph(4) system
643 options NETGRAPH_DEBUG # enable extra debugging, this
644 # affects netgraph(4) and nodes
645 # Node types
646 options NETGRAPH_ASYNC
647 options NETGRAPH_ATMLLC
648 options NETGRAPH_ATM_ATMPIF
649 options NETGRAPH_BLUETOOTH # ng_bluetooth(4)
650 options NETGRAPH_BLUETOOTH_BT3C # ng_bt3c(4)
651 options NETGRAPH_BLUETOOTH_HCI # ng_hci(4)
652 options NETGRAPH_BLUETOOTH_L2CAP # ng_l2cap(4)
653 options NETGRAPH_BLUETOOTH_SOCKET # ng_btsocket(4)
654 options NETGRAPH_BLUETOOTH_UBT # ng_ubt(4)
655 options NETGRAPH_BLUETOOTH_UBTBCMFW # ubtbcmfw(4)
656 options NETGRAPH_BPF
657 options NETGRAPH_BRIDGE
658 options NETGRAPH_CAR
659 options NETGRAPH_CISCO
660 options NETGRAPH_DEFLATE
661 options NETGRAPH_DEVICE
662 options NETGRAPH_ECHO
663 options NETGRAPH_EIFACE
664 options NETGRAPH_ETHER
665 options NETGRAPH_FEC
666 options NETGRAPH_FRAME_RELAY
667 options NETGRAPH_GIF
668 options NETGRAPH_GIF_DEMUX
669 options NETGRAPH_HOLE
670 options NETGRAPH_IFACE
671 options NETGRAPH_IP_INPUT
672 options NETGRAPH_IPFW
673 options NETGRAPH_KSOCKET
674 options NETGRAPH_L2TP
675 options NETGRAPH_LMI
676 # MPPC compression requires proprietary files (not included)
677 #options NETGRAPH_MPPC_COMPRESSION
678 options NETGRAPH_MPPC_ENCRYPTION
679 options NETGRAPH_NETFLOW
680 options NETGRAPH_NAT
681 options NETGRAPH_ONE2MANY
682 options NETGRAPH_PPP
683 options NETGRAPH_PPPOE
684 options NETGRAPH_PPTPGRE
685 options NETGRAPH_PRED1
686 options NETGRAPH_RFC1490
687 options NETGRAPH_SOCKET
688 options NETGRAPH_SPLIT
689 options NETGRAPH_SPPP
690 options NETGRAPH_TAG
691 options NETGRAPH_TCPMSS
692 options NETGRAPH_TEE
693 options NETGRAPH_UI
694 options NETGRAPH_VJC
695
696 # NgATM - Netgraph ATM
697 options NGATM_ATM
698 options NGATM_ATMBASE
699 options NGATM_SSCOP
700 options NGATM_SSCFU
701 options NGATM_UNI
702 options NGATM_CCATM
703
704 device mn # Munich32x/Falc54 Nx64kbit/sec cards.
705
706 #
707 # Network interfaces:
708 # The `loop' device is MANDATORY when networking is enabled.
709 # The `ether' device provides generic code to handle
710 # Ethernets; it is MANDATORY when an Ethernet device driver is
711 # configured or token-ring is enabled.
712 # The `vlan' device implements the VLAN tagging of Ethernet frames
713 # according to IEEE 802.1Q. It requires `device miibus'.
714 # The `wlan' device provides generic code to support 802.11
715 # drivers, including host AP mode; it is MANDATORY for the wi,
716 # and ath drivers and will eventually be required by all 802.11 drivers.
717 # The `wlan_wep', `wlan_tkip', and `wlan_ccmp' devices provide
718 # support for WEP, TKIP, and AES-CCMP crypto protocols optionally
719 # used with 802.11 devices that depend on the `wlan' module.
720 # The `wlan_xauth' device provides support for external (i.e. user-mode)
721 # authenticators for use with 802.11 drivers that use the `wlan'
722 # module and support 802.1x and/or WPA security protocols.
723 # The `wlan_acl' device provides a MAC-based access control mechanism
724 # for use with 802.11 drivers operating in ap mode and using the
725 # `wlan' module.
726 # The `fddi' device provides generic code to support FDDI.
727 # The `arcnet' device provides generic code to support Arcnet.
728 # The `sppp' device serves a similar role for certain types
729 # of synchronous PPP links (like `cx', `ar').
730 # The `sl' device implements the Serial Line IP (SLIP) service.
731 # The `ppp' device implements the Point-to-Point Protocol.
732 # The `bpf' device enables the Berkeley Packet Filter. Be
733 # aware of the legal and administrative consequences of enabling this
734 # option. The number of devices determines the maximum number of
735 # simultaneous BPF clients programs runnable. DHCP requires bpf.
736 # The `disc' device implements a minimal network interface,
737 # which throws away all packets sent and never receives any. It is
738 # included for testing and benchmarking purposes.
739 # The `edsc' device implements a minimal Ethernet interface,
740 # which discards all packets sent and receives none.
741 # The `tap' device is a pty-like virtual Ethernet interface
742 # The `tun' device implements (user-)ppp and nos-tun
743 # The `gif' device implements IPv6 over IP4 tunneling,
744 # IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling and
745 # IPv6 over IPv6 tunneling.
746 # The `gre' device implements two types of IP4 over IP4 tunneling:
747 # GRE and MOBILE, as specified in the RFC1701 and RFC2004.
748 # The XBONEHACK option allows the same pair of addresses to be configured on
749 # multiple gif interfaces.
750 # The `faith' device captures packets sent to it and diverts them
751 # to the IPv4/IPv6 translation daemon.
752 # The `stf' device implements 6to4 encapsulation.
753 # The `ef' device provides support for multiple ethernet frame types
754 # specified via ETHER_* options. See ef(4) for details.
755 #
756 # The pf packet filter consists of three devices:
757 # The `pf' device provides /dev/pf and the firewall code itself.
758 # The `pflog' device provides the pflog0 interface which logs packets.
759 # The `pfsync' device provides the pfsync0 interface used for
760 # synchronization of firewall state tables (over the net).
761 #
762 # The PPP_BSDCOMP option enables support for compress(1) style entire
763 # packet compression, the PPP_DEFLATE is for zlib/gzip style compression.
764 # PPP_FILTER enables code for filtering the ppp data stream and selecting
765 # events for resetting the demand dial activity timer - requires bpf.
766 # See pppd(8) for more details.
767 #
768 device ether #Generic Ethernet
769 device vlan #VLAN support (needs miibus)
770 device wlan #802.11 support
771 options IEEE80211_DEBUG #enable debugging msgs
772 options IEEE80211_AMPDU_AGE #age frames in AMPDU reorder q's
773 device wlan_wep #802.11 WEP support
774 device wlan_ccmp #802.11 CCMP support
775 device wlan_tkip #802.11 TKIP support
776 device wlan_xauth #802.11 external authenticator support
777 device wlan_acl #802.11 MAC ACL support
778 device wlan_amrr #AMRR transmit rate control algorithm
779 device token #Generic TokenRing
780 device fddi #Generic FDDI
781 device arcnet #Generic Arcnet
782 device sppp #Generic Synchronous PPP
783 device loop #Network loopback device
784 device bpf #Berkeley packet filter
785 device disc #Discard device based on loopback
786 device edsc #Ethernet discard device
787 device tap #Virtual Ethernet driver
788 device tun #Tunnel driver (ppp(8), nos-tun(8))
789 device gre #IP over IP tunneling
790 device if_bridge #Bridge interface
791 device pf #PF OpenBSD packet-filter firewall
792 device pflog #logging support interface for PF
793 device pfsync #synchronization interface for PF
794 device carp #Common Address Redundancy Protocol
795 device enc #IPsec interface
796 device lagg #Link aggregation interface
797
798 device ef # Multiple ethernet frames support
799 options ETHER_II # enable Ethernet_II frame
800 options ETHER_8023 # enable Ethernet_802.3 (Novell) frame
801 options ETHER_8022 # enable Ethernet_802.2 frame
802 options ETHER_SNAP # enable Ethernet_802.2/SNAP frame
803
804 # for IPv6
805 device gif #IPv6 and IPv4 tunneling
806 options XBONEHACK
807 device faith #for IPv6 and IPv4 translation
808 device stf #6to4 IPv6 over IPv4 encapsulation
809
810 #
811 # Internet family options:
812 #
813 # MROUTING enables the kernel multicast packet forwarder, which works
814 # with mrouted and XORP.
815 #
816 # IPFIREWALL enables support for IP firewall construction, in
817 # conjunction with the `ipfw' program. IPFIREWALL_VERBOSE sends
818 # logged packets to the system logger. IPFIREWALL_VERBOSE_LIMIT
819 # limits the number of times a matching entry can be logged.
820 #
821 # WARNING: IPFIREWALL defaults to a policy of "deny ip from any to any"
822 # and if you do not add other rules during startup to allow access,
823 # YOU WILL LOCK YOURSELF OUT. It is suggested that you set firewall_type=open
824 # in /etc/rc.conf when first enabling this feature, then refining the
825 # firewall rules in /etc/rc.firewall after you've tested that the new kernel
826 # feature works properly.
827 #
828 # IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
829 # allow everything. Use with care, if a cracker can crash your
830 # firewall machine, they can get to your protected machines. However,
831 # if you are using it as an as-needed filter for specific problems as
832 # they arise, then this may be for you. Changing the default to 'allow'
833 # means that you won't get stuck if the kernel and /sbin/ipfw binary get
834 # out of sync.
835 #
836 # IPDIVERT enables the divert IP sockets, used by ``ipfw divert''. It
837 # depends on IPFIREWALL if compiled into the kernel.
838 #
839 # IPFIREWALL_FORWARD enables changing of the packet destination either
840 # to do some sort of policy routing or transparent proxying. Used by
841 # ``ipfw forward''. All redirections apply to locally generated
842 # packets too. Because of this great care is required when
843 # crafting the ruleset.
844 #
845 # IPFIREWALL_NAT adds support for in kernel nat in ipfw, and it requires
846 # LIBALIAS.
847 #
848 # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
849 # packets without touching the TTL). This can be useful to hide firewalls
850 # from traceroute and similar tools.
851 #
852 # TCPDEBUG enables code which keeps traces of the TCP state machine
853 # for sockets with the SO_DEBUG option set, which can then be examined
854 # using the trpt(8) utility.
855 #
856 options MROUTING # Multicast routing
857 options IPFIREWALL #firewall
858 options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
859 options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
860 options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
861 options IPFIREWALL_FORWARD #packet destination changes
862 options IPFIREWALL_NAT #ipfw kernel nat support
863 options IPDIVERT #divert sockets
864 options IPFILTER #ipfilter support
865 options IPFILTER_LOG #ipfilter logging
866 options IPFILTER_LOOKUP #ipfilter pools
867 options IPFILTER_DEFAULT_BLOCK #block all packets by default
868 options IPSTEALTH #support for stealth forwarding
869 options TCPDEBUG
870
871 # The MBUF_STRESS_TEST option enables options which create
872 # various random failures / extreme cases related to mbuf
873 # functions. See mbuf(9) for a list of available test cases.
874 # MBUF_PROFILING enables code to profile the mbuf chains
875 # exiting the system (via participating interfaces) and
876 # return a logarithmic histogram of monitored parameters
877 # (e.g. packet size, wasted space, number of mbufs in chain).
878 options MBUF_STRESS_TEST
879 options MBUF_PROFILING
880
881 # Statically Link in accept filters
882 options ACCEPT_FILTER_DATA
883 options ACCEPT_FILTER_DNS
884 options ACCEPT_FILTER_HTTP
885
886 # TCP_SIGNATURE adds support for RFC 2385 (TCP-MD5) digests. These are
887 # carried in TCP option 19. This option is commonly used to protect
888 # TCP sessions (e.g. BGP) where IPSEC is not available nor desirable.
889 # This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
890 # This requires the use of 'device crypto', 'options IPSEC'
891 # or 'device cryptodev'.
892 options TCP_SIGNATURE #include support for RFC 2385
893
894 # DUMMYNET enables the "dummynet" bandwidth limiter. You need IPFIREWALL
895 # as well. See dummynet(4) and ipfw(8) for more info. When you run
896 # DUMMYNET it is advisable to also have at least "options HZ=1000" to achieve
897 # a smooth scheduling of the traffic.
898 options DUMMYNET
899
900 # Zero copy sockets support. This enables "zero copy" for sending and
901 # receiving data via a socket. The send side works for any type of NIC,
902 # the receive side only works for NICs that support MTUs greater than the
903 # page size of your architecture and that support header splitting. See
904 # zero_copy(9) for more details.
905 options ZERO_COPY_SOCKETS
906
907
908 #####################################################################
909 # FILESYSTEM OPTIONS
910
911 #
912 # Only the root, /usr, and /tmp filesystems need be statically
913 # compiled; everything else will be automatically loaded at mount
914 # time. (Exception: the UFS family--- FFS --- cannot
915 # currently be demand-loaded.) Some people still prefer to statically
916 # compile other filesystems as well.
917 #
918 # NB: The PORTAL filesystem is known to be buggy, and WILL panic your
919 # system if you attempt to do anything with it. It is included here
920 # as an incentive for some enterprising soul to sit down and fix it.
921 # The UNION filesystem was known to be buggy in the past. It is now
922 # being actively maintained, although there are still some issues being
923 # resolved.
924 #
925
926 # One of these is mandatory:
927 options FFS #Fast filesystem
928 options NFSCLIENT #Network File System client
929
930 # The rest are optional:
931 options CD9660 #ISO 9660 filesystem
932 options FDESCFS #File descriptor filesystem
933 options HPFS #OS/2 File system
934 options MSDOSFS #MS DOS File System (FAT, FAT32)
935 options NFSSERVER #Network File System server
936 options NFSLOCKD #Network Lock Manager
937 options NTFS #NT File System
938 options NULLFS #NULL filesystem
939 # Broken (depends on NCP):
940 #options NWFS #NetWare filesystem
941 options PORTALFS #Portal filesystem
942 options PROCFS #Process filesystem (requires PSEUDOFS)
943 options PSEUDOFS #Pseudo-filesystem framework
944 options PSEUDOFS_TRACE #Debugging support for PSEUDOFS
945 options SMBFS #SMB/CIFS filesystem
946 options UDF #Universal Disk Format
947 options UNIONFS #Union filesystem
948 # The xFS_ROOT options REQUIRE the associated ``options xFS''
949 options NFS_ROOT #NFS usable as root device
950
951 # Soft updates is a technique for improving filesystem speed and
952 # making abrupt shutdown less risky.
953 #
954 options SOFTUPDATES
955
956 # Extended attributes allow additional data to be associated with files,
957 # and is used for ACLs, Capabilities, and MAC labels.
958 # See src/sys/ufs/ufs/README.extattr for more information.
959 options UFS_EXTATTR
960 options UFS_EXTATTR_AUTOSTART
961
962 # Access Control List support for UFS filesystems. The current ACL
963 # implementation requires extended attribute support, UFS_EXTATTR,
964 # for the underlying filesystem.
965 # See src/sys/ufs/ufs/README.acls for more information.
966 options UFS_ACL
967
968 # Directory hashing improves the speed of operations on very large
969 # directories at the expense of some memory.
970 options UFS_DIRHASH
971
972 # Gjournal-based UFS journaling support.
973 options UFS_GJOURNAL
974
975 # Make space in the kernel for a root filesystem on a md device.
976 # Define to the number of kilobytes to reserve for the filesystem.
977 options MD_ROOT_SIZE=10
978
979 # Make the md device a potential root device, either with preloaded
980 # images of type mfs_root or md_root.
981 options MD_ROOT
982
983 # Disk quotas are supported when this option is enabled.
984 options QUOTA #enable disk quotas
985
986 # If you are running a machine just as a fileserver for PC and MAC
987 # users, using SAMBA or Netatalk, you may consider setting this option
988 # and keeping all those users' directories on a filesystem that is
989 # mounted with the suiddir option. This gives new files the same
990 # ownership as the directory (similar to group). It's a security hole
991 # if you let these users run programs, so confine it to file-servers
992 # (but it'll save you lots of headaches in those cases). Root owned
993 # directories are exempt and X bits are cleared. The suid bit must be
994 # set on the directory as well; see chmod(1) PC owners can't see/set
995 # ownerships so they keep getting their toes trodden on. This saves
996 # you all the support calls as the filesystem it's used on will act as
997 # they expect: "It's my dir so it must be my file".
998 #
999 options SUIDDIR
1000
1001 # NFS options:
1002 options NFS_MINATTRTIMO=3 # VREG attrib cache timeout in sec
1003 options NFS_MAXATTRTIMO=60
1004 options NFS_MINDIRATTRTIMO=30 # VDIR attrib cache timeout in sec
1005 options NFS_MAXDIRATTRTIMO=60
1006 options NFS_GATHERDELAY=10 # Default write gather delay (msec)
1007 options NFS_WDELAYHASHSIZ=16 # and with this
1008 options NFS_DEBUG # Enable NFS Debugging
1009
1010 # Coda stuff:
1011 options CODA #CODA filesystem.
1012 device vcoda #coda minicache <-> venus comm.
1013 # Use the old Coda 5.x venus<->kernel interface instead of the new
1014 # realms-aware 6.x protocol.
1015 #options CODA_COMPAT_5
1016
1017 #
1018 # Add support for the EXT2FS filesystem of Linux fame. Be a bit
1019 # careful with this - the ext2fs code has a tendency to lag behind
1020 # changes and not be exercised very much, so mounting read/write could
1021 # be dangerous (and even mounting read only could result in panics.)
1022 #
1023 options EXT2FS
1024
1025 #
1026 # Add support for the ReiserFS filesystem (used in Linux). Currently,
1027 # this is limited to read-only access.
1028 #
1029 options REISERFS
1030
1031 #
1032 # Add support for the SGI XFS filesystem. Currently,
1033 # this is limited to read-only access.
1034 #
1035 options XFS
1036
1037 # Use real implementations of the aio_* system calls. There are numerous
1038 # stability and security issues in the current aio code that make it
1039 # unsuitable for inclusion on machines with untrusted local users.
1040 options VFS_AIO
1041
1042 # Cryptographically secure random number generator; /dev/random
1043 device random
1044
1045 # The system memory devices; /dev/mem, /dev/kmem
1046 device mem
1047
1048 # Optional character code conversion support with LIBICONV.
1049 # Each option requires their base file system and LIBICONV.
1050 options CD9660_ICONV
1051 options MSDOSFS_ICONV
1052 options NTFS_ICONV
1053 options UDF_ICONV
1054
1055
1056 #####################################################################
1057 # POSIX P1003.1B
1058
1059 # Real time extensions added in the 1993 POSIX
1060 # _KPOSIX_PRIORITY_SCHEDULING: Build in _POSIX_PRIORITY_SCHEDULING
1061
1062 options _KPOSIX_PRIORITY_SCHEDULING
1063 # p1003_1b_semaphores are very experimental,
1064 # user should be ready to assist in debugging if problems arise.
1065 options P1003_1B_SEMAPHORES
1066
1067 # POSIX message queue
1068 options P1003_1B_MQUEUE
1069
1070 #####################################################################
1071 # SECURITY POLICY PARAMETERS
1072
1073 # Support for BSM audit
1074 options AUDIT
1075
1076 # Support for Mandatory Access Control (MAC):
1077 options MAC
1078 options MAC_BIBA
1079 options MAC_BSDEXTENDED
1080 options MAC_IFOFF
1081 options MAC_LOMAC
1082 options MAC_MLS
1083 options MAC_NONE
1084 options MAC_PARTITION
1085 options MAC_PORTACL
1086 options MAC_SEEOTHERUIDS
1087 options MAC_STUB
1088 options MAC_TEST
1089
1090
1091 #####################################################################
1092 # CLOCK OPTIONS
1093
1094 # The granularity of operation is controlled by the kernel option HZ whose
1095 # default value (1000 on most architectures) means a granularity of 1ms
1096 # (1s/HZ). Historically, the default was 100, but finer granularity is
1097 # required for DUMMYNET and other systems on modern hardware. There are
1098 # reasonable arguments that HZ should, in fact, be 100 still; consider,
1099 # that reducing the granularity too much might cause excessive overhead in
1100 # clock interrupt processing, potentially causing ticks to be missed and thus
1101 # actually reducing the accuracy of operation.
1102
1103 options HZ=100
1104
1105 # Enable support for the kernel PLL to use an external PPS signal,
1106 # under supervision of [x]ntpd(8)
1107 # More info in ntpd documentation: http://www.eecis.udel.edu/~ntp
1108
1109 options PPS_SYNC
1110
1111
1112 #####################################################################
1113 # SCSI DEVICES
1114
1115 # SCSI DEVICE CONFIGURATION
1116
1117 # The SCSI subsystem consists of the `base' SCSI code, a number of
1118 # high-level SCSI device `type' drivers, and the low-level host-adapter
1119 # device drivers. The host adapters are listed in the ISA and PCI
1120 # device configuration sections below.
1121 #
1122 # It is possible to wire down your SCSI devices so that a given bus,
1123 # target, and LUN always come on line as the same device unit. In
1124 # earlier versions the unit numbers were assigned in the order that
1125 # the devices were probed on the SCSI bus. This means that if you
1126 # removed a disk drive, you may have had to rewrite your /etc/fstab
1127 # file, and also that you had to be careful when adding a new disk
1128 # as it may have been probed earlier and moved your device configuration
1129 # around. (See also option GEOM_VOL for a different solution to this
1130 # problem.)
1131
1132 # This old behavior is maintained as the default behavior. The unit
1133 # assignment begins with the first non-wired down unit for a device
1134 # type. For example, if you wire a disk as "da3" then the first
1135 # non-wired disk will be assigned da4.
1136
1137 # The syntax for wiring down devices is:
1138
1139 hint.scbus.0.at="ahc0"
1140 hint.scbus.1.at="ahc1"
1141 hint.scbus.1.bus="0"
1142 hint.scbus.3.at="ahc2"
1143 hint.scbus.3.bus="0"
1144 hint.scbus.2.at="ahc2"
1145 hint.scbus.2.bus="1"
1146 hint.da.0.at="scbus0"
1147 hint.da.0.target="0"
1148 hint.da.0.unit="0"
1149 hint.da.1.at="scbus3"
1150 hint.da.1.target="1"
1151 hint.da.2.at="scbus2"
1152 hint.da.2.target="3"
1153 hint.sa.1.at="scbus1"
1154 hint.sa.1.target="6"
1155
1156 # "units" (SCSI logical unit number) that are not specified are
1157 # treated as if specified as LUN 0.
1158
1159 # All SCSI devices allocate as many units as are required.
1160
1161 # The ch driver drives SCSI Media Changer ("jukebox") devices.
1162 #
1163 # The da driver drives SCSI Direct Access ("disk") and Optical Media
1164 # ("WORM") devices.
1165 #
1166 # The sa driver drives SCSI Sequential Access ("tape") devices.
1167 #
1168 # The cd driver drives SCSI Read Only Direct Access ("cd") devices.
1169 #
1170 # The ses driver drives SCSI Environment Services ("ses") and
1171 # SAF-TE ("SCSI Accessible Fault-Tolerant Enclosure") devices.
1172 #
1173 # The pt driver drives SCSI Processor devices.
1174 #
1175 # The sg driver provides a passthrough API that is compatible with the
1176 # Linux SG driver. It will work in conjunction with the COMPAT_LINUX
1177 # option to run linux SG apps. It can also stand on its own and provide
1178 # source level API compatiblity for porting apps to FreeBSD.
1179 #
1180 # Target Mode support is provided here but also requires that a SIM
1181 # (SCSI Host Adapter Driver) provide support as well.
1182 #
1183 # The targ driver provides target mode support as a Processor type device.
1184 # It exists to give the minimal context necessary to respond to Inquiry
1185 # commands. There is a sample user application that shows how the rest
1186 # of the command support might be done in /usr/share/examples/scsi_target.
1187 #
1188 # The targbh driver provides target mode support and exists to respond
1189 # to incoming commands that do not otherwise have a logical unit assigned
1190 # to them.
1191 #
1192 # The "unknown" device (uk? in pre-2.0.5) is now part of the base SCSI
1193 # configuration as the "pass" driver.
1194
1195 device scbus #base SCSI code
1196 device ch #SCSI media changers
1197 device da #SCSI direct access devices (aka disks)
1198 device sa #SCSI tapes
1199 device cd #SCSI CD-ROMs
1200 device ses #SCSI Environmental Services (and SAF-TE)
1201 device pt #SCSI processor
1202 device targ #SCSI Target Mode Code
1203 device targbh #SCSI Target Mode Blackhole Device
1204 device pass #CAM passthrough driver
1205 device sg #Linux SCSI passthrough
1206
1207 # CAM OPTIONS:
1208 # debugging options:
1209 # -- NOTE -- If you specify one of the bus/target/lun options, you must
1210 # specify them all!
1211 # CAMDEBUG: When defined enables debugging macros
1212 # CAM_DEBUG_BUS: Debug the given bus. Use -1 to debug all busses.
1213 # CAM_DEBUG_TARGET: Debug the given target. Use -1 to debug all targets.
1214 # CAM_DEBUG_LUN: Debug the given lun. Use -1 to debug all luns.
1215 # CAM_DEBUG_FLAGS: OR together CAM_DEBUG_INFO, CAM_DEBUG_TRACE,
1216 # CAM_DEBUG_SUBTRACE, and CAM_DEBUG_CDB
1217 #
1218 # CAM_MAX_HIGHPOWER: Maximum number of concurrent high power (start unit) cmds
1219 # SCSI_NO_SENSE_STRINGS: When defined disables sense descriptions
1220 # SCSI_NO_OP_STRINGS: When defined disables opcode descriptions
1221 # SCSI_DELAY: The number of MILLISECONDS to freeze the SIM (scsi adapter)
1222 # queue after a bus reset, and the number of milliseconds to
1223 # freeze the device queue after a bus device reset. This
1224 # can be changed at boot and runtime with the
1225 # kern.cam.scsi_delay tunable/sysctl.
1226 options CAMDEBUG
1227 options CAM_DEBUG_BUS=-1
1228 options CAM_DEBUG_TARGET=-1
1229 options CAM_DEBUG_LUN=-1
1230 options CAM_DEBUG_FLAGS=(CAM_DEBUG_INFO|CAM_DEBUG_TRACE|CAM_DEBUG_CDB)
1231 options CAM_MAX_HIGHPOWER=4
1232 options SCSI_NO_SENSE_STRINGS
1233 options SCSI_NO_OP_STRINGS
1234 options SCSI_DELAY=5000 # Be pessimistic about Joe SCSI device
1235
1236 # Options for the CAM CDROM driver:
1237 # CHANGER_MIN_BUSY_SECONDS: Guaranteed minimum time quantum for a changer LUN
1238 # CHANGER_MAX_BUSY_SECONDS: Maximum time quantum per changer LUN, only
1239 # enforced if there is I/O waiting for another LUN
1240 # The compiled in defaults for these variables are 2 and 10 seconds,
1241 # respectively.
1242 #
1243 # These can also be changed on the fly with the following sysctl variables:
1244 # kern.cam.cd.changer.min_busy_seconds
1245 # kern.cam.cd.changer.max_busy_seconds
1246 #
1247 options CHANGER_MIN_BUSY_SECONDS=2
1248 options CHANGER_MAX_BUSY_SECONDS=10
1249
1250 # Options for the CAM sequential access driver:
1251 # SA_IO_TIMEOUT: Timeout for read/write/wfm operations, in minutes
1252 # SA_SPACE_TIMEOUT: Timeout for space operations, in minutes
1253 # SA_REWIND_TIMEOUT: Timeout for rewind operations, in minutes
1254 # SA_ERASE_TIMEOUT: Timeout for erase operations, in minutes
1255 # SA_1FM_AT_EOD: Default to model which only has a default one filemark at EOT.
1256 options SA_IO_TIMEOUT=4
1257 options SA_SPACE_TIMEOUT=60
1258 options SA_REWIND_TIMEOUT=(2*60)
1259 options SA_ERASE_TIMEOUT=(4*60)
1260 options SA_1FM_AT_EOD
1261
1262 # Optional timeout for the CAM processor target (pt) device
1263 # This is specified in seconds. The default is 60 seconds.
1264 options SCSI_PT_DEFAULT_TIMEOUT=60
1265
1266 # Optional enable of doing SES passthrough on other devices (e.g., disks)
1267 #
1268 # Normally disabled because a lot of newer SCSI disks report themselves
1269 # as having SES capabilities, but this can then clot up attempts to build
1270 # build a topology with the SES device that's on the box these drives
1271 # are in....
1272 options SES_ENABLE_PASSTHROUGH
1273
1274
1275 #####################################################################
1276 # MISCELLANEOUS DEVICES AND OPTIONS
1277
1278 device pty #BSD-style compatibility pseudo ttys
1279 device nmdm #back-to-back tty devices
1280 device md #Memory/malloc disk
1281 device snp #Snoop device - to look at pty/vty/etc..
1282 device ccd #Concatenated disk driver
1283 device firmware #firmware(9) support
1284
1285 # Kernel side iconv library
1286 options LIBICONV
1287
1288 # Size of the kernel message buffer. Should be N * pagesize.
1289 options MSGBUF_SIZE=40960
1290
1291
1292 #####################################################################
1293 # HARDWARE DEVICE CONFIGURATION
1294
1295 # For ISA the required hints are listed.
1296 # EISA, MCA, PCI, CardBus, SD/MMC and pccard are self identifying buses, so
1297 # no hints are needed.
1298
1299 #
1300 # Mandatory devices:
1301 #
1302
1303 # These options are valid for other keyboard drivers as well.
1304 options KBD_DISABLE_KEYMAP_LOAD # refuse to load a keymap
1305 options KBD_INSTALL_CDEV # install a CDEV entry in /dev
1306
1307 options FB_DEBUG # Frame buffer debugging
1308
1309 device splash # Splash screen and screen saver support
1310
1311 # Various screen savers.
1312 device blank_saver
1313 device daemon_saver
1314 device dragon_saver
1315 device fade_saver
1316 device fire_saver
1317 device green_saver
1318 device logo_saver
1319 device rain_saver
1320 device snake_saver
1321 device star_saver
1322 device warp_saver
1323
1324 # The syscons console driver (SCO color console compatible).
1325 device sc
1326 hint.sc.0.at="isa"
1327 options MAXCONS=16 # number of virtual consoles
1328 options SC_ALT_MOUSE_IMAGE # simplified mouse cursor in text mode
1329 options SC_DFLT_FONT # compile font in
1330 makeoptions SC_DFLT_FONT=cp850
1331 options SC_DISABLE_KDBKEY # disable `debug' key
1332 options SC_DISABLE_REBOOT # disable reboot key sequence
1333 options SC_HISTORY_SIZE=200 # number of history buffer lines
1334 options SC_MOUSE_CHAR=0x3 # char code for text mode mouse cursor
1335 options SC_PIXEL_MODE # add support for the raster text mode
1336
1337 # The following options will let you change the default colors of syscons.
1338 options SC_NORM_ATTR=(FG_GREEN|BG_BLACK)
1339 options SC_NORM_REV_ATTR=(FG_YELLOW|BG_GREEN)
1340 options SC_KERNEL_CONS_ATTR=(FG_RED|BG_BLACK)
1341 options SC_KERNEL_CONS_REV_ATTR=(FG_BLACK|BG_RED)
1342
1343 # The following options will let you change the default behaviour of
1344 # cut-n-paste feature
1345 options SC_CUT_SPACES2TABS # convert leading spaces into tabs
1346 options SC_CUT_SEPCHARS=\"x09\" # set of characters that delimit words
1347 # (default is single space - \"x |