xref: /xnu-10002.61.3/config/MASTER (revision 0f4c859e951fba394238ab619495c4e1d54d0f34) 
1#
2# Mach Operating System
3# Copyright (c) 1986 Carnegie-Mellon University
4# Copyright 2001-2018 Apple Inc.
5#
6# All rights reserved.  The CMU software License Agreement
7# specifies the terms and conditions for use and redistribution.
8#
9#######################################################################
10#
11#	Master machine independent configuration file.
12#
13#	Specific configuration files are created based on this and
14#	the machine specific master file using the doconf script.
15#
16#	Any changes to the master configuration files will affect all
17#	other configuration files based upon it.
18#
19#######################################################################
20#
21#	To build a configuration, execute "doconf <configuration>."
22#	Configurations are specified in the "Configurations:" section
23#	of the MASTER and MASTER.* files as follows:
24#
25#	<configuration> = [ <attribute0> <attribute1> ... <attributeN> ]
26#
27#	Lines in the MASTER and MASTER.* files are selected based on
28#	the attribute selector list, found in a comment at the end of
29#	the line.  This is a list of attributes separated by commas.
30#	The "!" operator selects the line if none of the attributes are
31#	specified.
32#
33#	For example:
34#
35#	<foo,bar>	selects a line if "foo" or "bar" are specified.
36#	<!foo,bar>	selects a line if neither "foo" nor "bar" is
37#			specified.
38#
39#	Lines with no attributes specified are selected for all
40#	configurations.
41#
42#######################################################################
43#
44#  SYSTEM SIZE CONFIGURATION (select exactly one)
45#
46#	xlarge = extra large scale system configuration
47#	large  = large scale system configuration
48#	medium = medium scale system configuration
49#	small  = small scale system configuration
50#	xsmall = extra small scale system configuration
51#	bsmall = special extra small scale system configuration
52#
53#######################################################################
54#
55
56options		INET		#				# <inet>
57
58options 	MACH		# Standard Mach features	# <mach>
59options		MACH_FLIPC	# Fast-Local IPC		# <mach_flipc>
60options		LOOP		# loopback support		# <loop>
61options		VLAN		#				# <vlan>
62options		BOND		#				# <bond>
63options		IF_FAKE		#				# <if_fake>
64options		IF_HEADLESS	#				# <if_headless>
65options		IF_REDIRECT	#				# <if_redirect>
66options		AH_ALL_CRYPTO	# AH all crypto algs		# <ah_all_crypto>
67options		PF		# Packet Filter			# <pf>
68options		PF_ECN		# PF use ECN marking		# <pf_ecn>
69options		PFLOG		# PF log interface		# <pflog>
70options		MEASURE_BW	# interface bandwidth measurement # <measure_bw>
71options		DUMMYNET	# dummynet support		# <dummynet>
72options		TRAFFIC_MGT	# traffic management support		# <traffic_mgt>
73options		MULTICAST	# Internet Protocol Class-D	$
74options		TCPDEBUG	# TCP debug			# <tcpdebug>
75options		IFNET_INPUT_SANITY_CHK	# allow dlil/ifnet input sanity check # <ifnet_input_chk>
76options		MULTIPATH	# Multipath domain		# <multipath>
77options		MPTCP		# Multipath TCP			# <mptcp>
78options		SYSV_SEM	# SVID semaphores		# <sysv_sem>
79options		SYSV_MSG	# SVID messages			# <sysv_msg>
80options		SYSV_SHM	# SVID shared mem		# <sysv_shm>
81options		PSYNCH		# pthread synch			# <psynch>
82options		FLOW_DIVERT								# <flow_divert>
83options		NECP									# <necp>
84options		CONTENT_FILTER	#						# <content_filter>
85options 	PACKET_MANGLER	#						# <packet_mangler>
86options 	REMOTE_VIF	#						# <remote_vif>
87options		SKYWALK		#		# <skywalk>
88options		CONFIG_NEXUS_USER_PIPE	#	# <config_nexus_user_pipe>
89options		CONFIG_NEXUS_KERNEL_PIPE #	# <config_nexus_kernel_pipe>
90options		CONFIG_NEXUS_MONITOR	#	# <config_nexus_monitor>
91options		CONFIG_NEXUS_FLOWSWITCH	#	# <config_nexus_flowswitch>
92options		CONFIG_NEXUS_NETIF	#	# <config_nexus_netif>
93options		CONFIG_MBUF_MCACHE	# mbufs use mcache	# <config_mbuf_mcache>
94options		KCTL_TEST		# kernel control test	# <kctl_test>
95
96# secure_kernel - secure kernel from user programs
97options     SECURE_KERNEL       # <secure_kernel>
98
99#
100#	4.4 general kernel
101#
102options		SOCKETS		# socket support		# <inet>
103options 	DIAGNOSTIC	# diagnostics			# <diagnostic>
104options		PROFILE		# kernel profiling		# <profile>
105options		SENDFILE	# sendfile					# <sendfile>
106options		NETWORKING	# networking layer		# <inet>
107options		CONFIG_FSE	# file system events		# <config_fse>
108options		CONFIG_IMAGEBOOT	# local image boot	# <config_imageboot>
109options		CONFIG_MBUF_JUMBO	# jumbo cluster pool	# <config_mbuf_jumbo>
110options		CONFIG_IMAGEBOOT_IMG4	# authenticate image with AppleImage4	# <config_imageboot_img4>
111options		CONFIG_IMAGEBOOT_CHUNKLIST	# authenticate image with a chunk list	# <config_imageboot_chunklist>
112
113options		CONFIG_WORKLOOP_DEBUG	# <config_workloop_debug>
114
115#
116#	4.4 filesystems
117#
118options		MOCKFS		# Boot from an executable	# <mockfs>
119options		FIFO		# fifo support			# <fifo>
120options		FDESC		# fdesc_fs support		# <fdesc>
121options		DEVFS		# devfs support			# <devfs>
122options		ROUTEFS		# routefs support		# <routefs>
123options		NULLFS		# nullfs support 		# <nullfs>
124options		BINDFS		# bindfs support 		# <bindfs>
125options		FS_COMPRESSION	# fs compression	    # <fs_compression>
126options		CONFIG_DEV_KMEM	    # /dev/kmem device for reading KVA	# <config_dev_kmem>
127
128#
129#	file system features
130#
131options		QUOTA		# file system quotas		# <quota>
132options		NAMEDSTREAMS	# named stream vnop support	# <namedstreams>
133options		CONFIG_APPLEDOUBLE # apple double support	# <config_appledouble>
134options		CONFIG_VOLFS	# volfs path support (legacy)	# <config_volfs>
135options		CONFIG_IMGSRC_ACCESS # source of imageboot dmg	# <config_imgsrc_access>
136options		CONFIG_TRIGGERS	# trigger vnodes		# <config_triggers>
137options		CONFIG_EXT_RESOLVER # e.g. memberd		# <config_ext_resolver>
138options		CONFIG_SEARCHFS	# searchfs syscall support	# <config_searchfs>
139options		CONFIG_MNT_SUID # allow suid binaries  # <config_mnt_suid>
140options		CONFIG_MNT_ROOTSNAP # allow rooting from snapshot # <config_mnt_rootsnap>
141options 	CONFIG_ROSV_STARTUP # allow read-only system volume startup # <config_rosv_startup>
142options		CONFIG_FIRMLINKS # support "firmlinks" # <config_firmlinks>
143options 	CONFIG_MOUNT_VM # mount VM volume on startup # <config_mount_vm>
144options 	CONFIG_MOUNT_PREBOOTRECOVERY # mount Preboot and/or Recovery volume on startup # <config_mount_prebootrecovery>
145options		CONFIG_DATALESS_FILES # support dataless file materialization # <config_dataless_files>
146options         CONFIG_BASESYSTEMROOT # mount BaseSystem as initial root filesystem on some kinds of startup # <config_basesystemroot>
147options         CONFIG_UNION_MOUNTS # support union mounts # <config_union_mounts>
148options		CONFIG_FILE_LEASES # local file leasing support # <config_file_leases>
149
150#
151# VFS debugging
152#
153options		CONFIG_IOCOUNT_TRACE	# enable vnode's iocount tracing # <config_iocount_trace>
154
155# NFS support
156#
157options		NFSSERVER	# Be an NFS server		# <nfsserver>
158options		CONFIG_NETBOOT	# network booting		# <config_netboot>
159
160#
161# Machine Independent Apple Features
162#
163profile				# build a profiling kernel	# <profile>
164
165#
166# IPv6 Support
167#
168options         IPSEC           # IP security            	# <ipsec>
169options         IPSEC_ESP       # IP security            	# <ipsec>
170
171pseudo-device   gif     1				# <gif>
172pseudo-device   dummy   2				# <dummy>
173pseudo-device   stf 	1 				# <stf>
174
175options			CRYPTO				# <ipsec,crypto>
176options			CRYPTO_SHA2			# <crypto_sha2>
177options			ENCRYPTED_SWAP			# <encrypted_swap>
178
179options			CONFIG_IMG4			# <config_img4>
180
181options		ZLIB	# inflate/deflate support	# <zlib>
182options		ZLIBC	# inflate/deflate support	# <zlibc>
183
184options		IF_BRIDGE				# <if_bridge>
185
186#
187#  configurable kernel event related resources
188#
189options   CONFIG_KN_HASHSIZE=64		# <medium,large,xlarge>
190options   CONFIG_KN_HASHSIZE=48		# <small,xsmall>
191options   CONFIG_KN_HASHSIZE=20		# <bsmall>
192
193#
194#  configurable vfs related resources
195#  CONFIG_VNODES - used to pre allocate vnode related resources
196#  CONFIG_NC_HASH - name cache hash table allocation
197#  CONFIG_VFS_NAMES - name strings
198#
199#  263168 magic number for medium CONFIG_VNODES is based on memory
200#  Number vnodes  is (memsize/64k) + 1024
201#  This is the calculation that is used by launchd in tiger
202#  we are clipping the max based on 16G
203#  ie ((16*1024*1024*1024)/(64 *1024)) + 1024 = 263168;
204
205options   CONFIG_VNODES=263168		# <large,xlarge>
206options   CONFIG_VNODES=263168		# <medium>
207options   CONFIG_VNODES=10240		# <small>
208options   CONFIG_VNODES=750		# <bsmall>
209
210options   CONFIG_NC_HASH=5120		# <large,xlarge>
211options   CONFIG_NC_HASH=4096		# <medium>
212options   CONFIG_NC_HASH=2048		# <small,xsmall>
213options   CONFIG_NC_HASH=1024		# <bsmall>
214
215options   CONFIG_VFS_NAMES=5120		# <large,xlarge>
216options   CONFIG_VFS_NAMES=4096		# <medium>
217options   CONFIG_VFS_NAMES=3072		# <small,xsmall>
218options   CONFIG_VFS_NAMES=2048		# <bsmall>
219
220options   CONFIG_MAX_CLUSTERS=8		# <xlarge,large,medium>
221options   CONFIG_MAX_CLUSTERS=4		# <small,xsmall,bsmall>
222
223#
224#  configurable options for minumum number of buffers for kernel memory
225#
226options   CONFIG_MIN_NBUF=256		# <medium,large,xlarge>
227options   CONFIG_MIN_NBUF=128		# <small>
228options   CONFIG_MIN_NBUF=80		# <xsmall>
229options   CONFIG_MIN_NBUF=64		# <bsmall>
230
231options   CONFIG_MIN_NIOBUF=128		# <medium,large,xlarge>
232options   CONFIG_MIN_NIOBUF=64		# <xsmall,small>
233options   CONFIG_MIN_NIOBUF=32		# <bsmall>
234
235#
236# set maximum space used for packet buffers
237#
238options        CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)"	# <large,xlarge>
239options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"	# <medium>
240options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"	# <bsmall,xsmall,small>
241
242#
243# Configure size of TCP hash table
244#
245options CONFIG_TCBHASHSIZE=4096		# <medium,large,xlarge>
246options CONFIG_TCBHASHSIZE=128		# <xsmall,small,bsmall>
247
248#
249#  configurable async IO options
250#  CONFIG_AIO_MAX - system wide limit of async IO requests.
251#  CONFIG_AIO_PROCESS_MAX - process limit of async IO requests.
252#  CONFIG_AIO_THREAD_COUNT - number of async IO worker threads created.
253#
254options   CONFIG_AIO_MAX=360			# <xlarge>
255options   CONFIG_AIO_MAX=180			# <large>
256options   CONFIG_AIO_MAX=90			# <medium>
257options   CONFIG_AIO_MAX=45			# <small>
258options   CONFIG_AIO_MAX=20			# <xsmall>
259options   CONFIG_AIO_MAX=10			# <bsmall>
260
261options   CONFIG_AIO_PROCESS_MAX=64		# <xlarge>
262options   CONFIG_AIO_PROCESS_MAX=32		# <large>
263options   CONFIG_AIO_PROCESS_MAX=16		# <medium>
264options   CONFIG_AIO_PROCESS_MAX=12		# <small>
265options   CONFIG_AIO_PROCESS_MAX=8		# <xsmall>
266options   CONFIG_AIO_PROCESS_MAX=4		# <bsmall>
267
268options   CONFIG_AIO_THREAD_COUNT=16		# <xlarge>
269options   CONFIG_AIO_THREAD_COUNT=8		# <large>
270options   CONFIG_AIO_THREAD_COUNT=4		# <medium>
271options   CONFIG_AIO_THREAD_COUNT=3		# <small>
272options   CONFIG_AIO_THREAD_COUNT=2		# <xsmall,bsmall>
273
274options   CONFIG_MAXVIFS=32			# <medium,large,xlarge>
275options   CONFIG_MAXVIFS=16			# <small,xsmall>
276options   CONFIG_MAXVIFS=2			# <bsmall>
277
278options   CONFIG_MFCTBLSIZ=256			# <medium,large,xlarge>
279options   CONFIG_MFCTBLSIZ=128			# <small,xsmall>
280options   CONFIG_MFCTBLSIZ=16			# <bsmall>
281
282#
283# configurable kernel message buffer size
284#
285options   CONFIG_MSG_BSIZE_REL=16384		# <msgb_small>
286options   CONFIG_MSG_BSIZE_DEV=131072		# <msgb_small>
287options   CONFIG_MSG_BSIZE_REL=131072		# <msgb_large>
288options   CONFIG_MSG_BSIZE_DEV=131072		# <msgb_large>
289options   CONFIG_MSG_BSIZE=CONFIG_MSG_BSIZE_REL	# <!development,debug>
290options   CONFIG_MSG_BSIZE=CONFIG_MSG_BSIZE_DEV	# <development,debug>
291
292#
293# maximum size of the per-process Mach IPC table
294#
295options   CONFIG_IPC_TABLE_ENTRIES_SIZE_MAX=3145728  	# 3M == 131072 entries	# <bsmall,small,xsmall>
296options   CONFIG_IPC_TABLE_ENTRIES_SIZE_MAX=7340032 	# 7M == 305834 entries	# <medium,large,xlarge>
297options   CONFIG_IPC_TABLE_REQUEST_SIZE_MAX=1048576 	# 1M == 65536 requests	# <bsmall,small,xsmall>
298options   CONFIG_IPC_TABLE_REQUEST_SIZE_MAX=2097152 	# 2M == 131072 requests	# <medium,large,xlarge>
299
300#
301# maximum copyout size for IPC debugging tools
302#
303options CONFIG_IPC_KERNEL_MAP_SIZE=32	# 32M	# <bsmall,small,xsmall>
304options CONFIG_IPC_KERNEL_MAP_SIZE=64	# 64M	# <medium,large,xlarge>
305
306#
307#  configurable kernel - use these options to strip strings from panic
308#  and printf calls.
309#  no_printf_str - saves around 45K of kernel footprint.
310#
311options   CONFIG_NO_PRINTF_STRINGS		# <no_printf_str>
312options   CONFIG_NO_KPRINTF_STRINGS		# <no_kprintf_str>
313
314# support vsprintf (deprecated in favor of vsnprintf)
315options   CONFIG_VSPRINTF               # <vsprintf>
316
317#
318# configurable kernel - general switch to say we are building for an
319# embedded device
320#
321options   CONFIG_EMBEDDED			# <config_embedded>
322
323
324# Compile XNU with PPL support.
325options   CONFIG_PMAP_PPL			# <config_pmap_ppl>
326
327options   NOS_ARM_ASM			# <nos_arm_asm>
328options   NOS_ARM_PMAP			# <nos_arm_pmap>
329
330# support dynamic signing of code
331#
332options		CONFIG_DYNAMIC_CODE_SIGNING	# <dynamic_codesigning>
333
334# enforce library validation on all processes.
335#
336options		CONFIG_ENFORCE_LIBRARY_VALIDATION  # <config_library_validation>
337
338# support loading a second static trust cache
339#
340options CONFIG_SECOND_STATIC_TRUST_CACHE # <second_static_trust_cache>
341
342# support supplemental signatures
343#
344options CONFIG_SUPPLEMENTAL_SIGNATURES # <config_supplemental_signatures>
345
346#
347# code decryption... used on embedded for app protection, DSMOS on desktop
348#
349options		CONFIG_CODE_DECRYPTION		# <config_code_decryption>
350
351#
352# User Content Protection, used on embedded
353#
354options		CONFIG_PROTECT			# <config_protect>
355
356#allow write-protection of key page
357options		CONFIG_KEYPAGE_WP		# <config_keypage_wp>
358
359#
360# allow vm_pageout_scan to dynamically adjust its priority based on priorities of waiters
361#
362options		CONFIG_VPS_DYNAMIC_PRIO		# <vps_dynamic_prio>
363
364#
365# enable per-process memory priority tracking
366#
367options		CONFIG_MEMORYSTATUS		# <memorystatus>
368
369options		CONFIG_DEFERRED_RECLAIM		# <config_deferred_reclaim>
370
371#
372# enable jetsam - used on embedded
373#
374options		CONFIG_JETSAM			# <jetsam>
375
376#
377# enable new wait queue implementation stats / debugging
378#
379options		CONFIG_WAITQ_STATS			# <config_waitq_stats>
380
381#
382# enable freezing of suspended processes - used on embedded
383#
384options		CONFIG_FREEZE			# <freeze>
385
386options		CHECK_CS_VALIDATION_BITMAP	# <config_cs_validation_bitmap>
387
388#
389# enable physical writes accounting
390#
391options		CONFIG_PHYS_WRITE_ACCT		# <phys_write_acct>
392
393#
394# enable detection of file cache thrashing - used on platforms with
395# dynamic VM compression enabled
396#
397options		CONFIG_PHANTOM_CACHE		# <phantom_cache>
398
399#
400# enable detection of anonymous pages staying unmodified after first use
401# - used on platforms with dynamic VM compression enabled
402#
403options		CONFIG_TRACK_UNMODIFIED_ANON_PAGES		# <track_unmodified_anon_pages>
404
405#
406# memory pressure event support
407#
408options		VM_PRESSURE_EVENTS		# <vm_pressure_events>
409
410options		CONFIG_SECLUDED_MEMORY		# <config_secluded_memory>
411
412#
413# Ledger features
414#
415options		CONFIG_LEDGER_INTERVAL_MAX	# <config_ledger_interval_max>
416
417#
418# I/O Scheduling
419#
420options		CONFIG_IOSCHED			# <config_iosched>
421
422#
423# Accounting for I/O usage
424#
425options 	CONFIG_IO_ACCOUNTING 		# <config_io_accounting>
426
427#
428# Enable inheritance of importance through specially marked mach ports and for file locks
429# For now debug is enabled wherever inheritance is
430#
431options		IMPORTANCE_INHERITANCE		# <importance_inheritance>
432options		IMPORTANCE_TRACE		# <importance_trace>
433options		IMPORTANCE_DEBUG		# <importance_debug>
434
435options		CONFIG_TELEMETRY		# <config_telemetry>
436
437options		CONFIG_PROC_UUID_POLICY		# <config_proc_uuid_policy>
438
439#
440# ECC data logging
441#
442options		CONFIG_ECC_LOGGING		# <config_ecc_logging>
443
444#
445# Application core dumps
446#
447options		CONFIG_COREDUMP			# <config_coredump>
448
449#
450# Vnode guards
451#
452options		CONFIG_VNGUARD			# <config_vnguard>
453
454#
455# Paravirtualization
456#
457options		CONFIG_PV_TICKET		# <config_pv_ticket>
458
459#
460# Enable extended VM address space and user heap segregation
461#
462options     CONFIG_MAP_RANGES       # <config_map_ranges>
463
464#
465#  Ethernet (ARP)
466#
467pseudo-device	ether				# <networking,inet>
468#
469#  Network loopback device
470#
471pseudo-device	loop				# <networking,inet>
472#
473#  UCB pseudo terminal service
474#
475pseudo-device  pty     512 init pty_init       # <xlarge>
476pseudo-device  pty     256 init pty_init       # <large>
477pseudo-device  pty     128 init pty_init       # <medium>
478pseudo-device  pty      48 init pty_init       # <small>
479pseudo-device  pty      16 init pty_init       # <xsmall>
480pseudo-device  pty       8 init pty_init       # <bsmall>
481#
482# Cloning pseudo terminal service
483#
484pseudo-device	ptmx	1 init ptmx_init
485
486#
487# memory device
488pseudo-device	mdevdevice	1	init	mdevinit
489
490#
491#
492# packet filter device
493#
494pseudo-device	bpfilter	4	init	bpf_init		# <networking,inet>
495
496#
497# fsevents device
498pseudo-device	fsevents	1	init	fsevents_init	# <config_fse>
499
500pseudo-device	random		1	init	random_init
501pseudo-device	dtrace		1	init	dtrace_init	# <config_dtrace>
502pseudo-device	helper		1	init	helper_init	# <config_dtrace>
503pseudo-device	lockstat	1	init	lockstat_init	# <config_dtrace>
504pseudo-device	lockprof	1	init	lockprof_init	# <config_dtrace>
505pseudo-device	sdt		1	init	sdt_init	# <config_dtrace>
506pseudo-device	systrace	1	init	systrace_init	# <config_dtrace>
507pseudo-device	fbt		1	init	fbt_init	# <config_dtrace>
508pseudo-device	profile_prvd	1	init	profile_init	# <config_dtrace>
509
510
511pseudo-device perfmon 1 init perfmon_dev_init # <config_perfmon>
512
513#
514# IOKit configuration options
515#
516
517options		HIBERNATION	# system hibernation	# <hibernation>
518options		IOKITCPP	# C++ implementation	# <iokitcpp>
519options		IOKITSTATS	# IOKit statistics	# <iokitstats>
520options		IOTRACKING	# IOKit tracking	# <iotracking>
521options		CONFIG_SLEEP	#			# <config_sleep>
522options		CONFIG_MAX_THREADS=500	# IOConfigThread threads
523options         NO_KEXTD                		# <no_kextd>
524options         NO_KERNEL_HID           		# <no_kernel_hid>
525
526#
527# Libkern configuration options
528#
529
530options		LIBKERNCPP		# C++ implementation	# <libkerncpp>
531options		CONFIG_BLOCKS		# Blocks runtime	# <config_blocks>
532options		CONFIG_KXLD		# kxld/runtime linking of kexts # <config_kxld>
533options		CONFIG_KEC_FIPS		# Kernel External Components for FIPS compliance (KEC_FIPS) # <config_kec_fips>
534
535# Note that when adding this config option to an architecture, one MUST
536# add the architecture to the preprocessor test at the beginning of
537# libkern/kmod/cplus_{start.c,stop.c}.
538options         CONFIG_STATIC_CPPINIT   # Static library initializes kext cpp runtime # <config_static_cppinit>
539
540#
541# libsa configuration options
542#
543
544# CONFIG_KEXT_BASEMENT - alloc post boot loaded kexts after prelinked kexts
545#
546options		CONFIG_KEXT_BASEMENT		#	# <config_kext_basement>
547
548#
549# Persona Management
550#
551options		CONFIG_PERSONAS	    # Persona management    # <config_personas>
552options		PERSONA_DEBUG	    # Persona debugging     # <persona_debug>
553
554#
555# security configuration options
556#
557
558options		CONFIG_MACF	# Mandatory Access Control Framework	# <config_macf>
559options		CONFIG_MACF_SOCKET_SUBSET	# MAC socket subest (no labels)	# <config_macf>
560#options	CONFIG_MACF_DEBUG   # debug	    	    # <config_macf>
561
562options		CONFIG_AUDIT	    # Kernel auditing	    # <config_audit>
563
564options		CONFIG_ARCADE		# Arcade validation support	# <config_arcade>
565
566options		CONFIG_SETUID		# setuid/setgid support # <config_setuid>
567
568options		CONFIG_SECURE_BSD_ROOT	# secure BSD root	# <config_secure_bsd_root>
569
570options		CONFIG_KAS_INFO		# kas_info support	# <config_kas_info>
571
572options		CONFIG_PROC_RESOURCE_LIMITS	# Per process limits for resources like file descriptors and mach ports  # <config_proc_resource_limits>
573
574#
575# MACH configuration options.
576#
577
578#
579# This defines configuration options that are normally used only during
580# kernel code development and debugging. They add run-time error checks or
581# statistics gathering, which will slow down the system
582#
583##########################################################
584#
585# MACH_ASSERT controls the assert() and ASSERT() macros, used to verify the
586#	consistency of various algorithms in the kernel. The performance impact
587#	of this option is significant.
588#
589options		MACH_ASSERT	#		# <mach_assert>
590options		MACH_VM_DEBUG	#				# <debug>
591options		CONFIG_ZLEAKS	# Live zone leak debugging	# <zleaks>
592options		CONFIG_VOUCHER_DEPRECATED # Enable deprecated voucher managers # <config_voucher_deprecated>
593
594#
595# CONFIG_DEBUGGER_FOR_ZONE_INFO restricts zone info so that it is only
596# available when the kernel is being debugged.
597#
598options		CONFIG_DEBUGGER_FOR_ZONE_INFO	# <debugger_for_zone_info>
599#
600# MACH_LDEBUG controls the internal consistency checks and
601#	data gathering in the locking package. This also enables a debug-only
602#	version of simple-locks on uniprocessor machines. The code size and
603#	performance impact of this option is significant.
604#
605options		MACH_LDEBUG	#		# <debug>
606
607#
608# configuration option for full, partial, or no kernel debug event tracing
609#
610options		KDEBUG			# kernel tracing	# <kdebug>
611options		IST_KDEBUG		# limited tracing	# <ist_kdebug>
612options		NO_KDEBUG       	# no kernel tracing 	# <no_kdebug>
613
614#
615# CONFIG_DTRACE enables code needed to support DTrace. Currently this is
616# only used for delivery of traps/interrupts to DTrace.
617#
618options		CONFIG_DTRACE		#		    # <config_dtrace>
619
620options		LOCK_STATS		#		    # <lock_stats>
621
622# kernel performance tracing
623options     KPERF                  # <kperf>
624options     KPC                    # <kpc>
625
626
627options     CONFIG_PERVASIVE_CPI    # <config_pervasive_cpi>
628options     CONFIG_PERVASIVE_ENERGY # <config_pervasive_energy>
629
630options     CONFIG_IOTRACE          # Physical IO tracing    # <config_iotrace>
631
632#
633# CONFIG_PERFMON enables code to interface with performance monitoring hardware,
634# which count hardware events like cache misses and branch mispredicts.
635#
636options     CONFIG_PERFMON         # <config_perfmon>
637
638options     PGO                    # <pgo>
639
640# DEVELOPMENT define for development builds
641options		DEVELOPMENT	# dev kernel	    	    # <development>
642
643# DEBUG kernel
644options		DEBUG		# general debugging code    # <debug>
645options		CONFIG_NONFATAL_ASSERTS	# non fatal asserts	# <softasserts>
646
647options		MACH_BSD	# BSD subsystem on top of Mach	# <mach_bsd>
648options         IOKIT		#				# <iokit>
649
650#
651#  configurable kernel related resources (CONFIG_THREAD_MAX needs to stay in
652#  sync with bsd/conf/MASTER until we fix the config system... todo XXX
653#
654options   CONFIG_THREAD_MAX=2560		# <medium,large,xlarge>
655options   CONFIG_THREAD_MAX=1536		# <small,xsmall>
656options   CONFIG_THREAD_MAX=1024		# <bsmall>
657
658options   CONFIG_TASK_MAX=1024			# <medium,large,xlarge>
659options   CONFIG_TASK_MAX=768			# <small,>
660options   CONFIG_TASK_MAX=512			# <xsmall,bsmall>
661
662#
663# Minimum zone map size: 115 MB
664#
665options   CONFIG_ZONE_MAP_MIN=120586240	# <xsmall,bsmall,small,medium,large,xlarge>
666
667# vc_progress_white - make the progress gear white instead of black
668options	  CONFIG_VC_PROGRESS_WHITE		# <vc_progress_white>
669
670#
671# Timeshare scheduler implementations
672#
673options		CONFIG_SCHED_TRADITIONAL	# <config_sched_traditional>
674options		CONFIG_SCHED_PROTO		# <config_sched_proto>
675options		CONFIG_SCHED_GRRR		# <config_sched_grrr>
676options		CONFIG_SCHED_GRRR_CORE		# <config_sched_grrr>
677options		CONFIG_SCHED_MULTIQ		# <config_sched_multiq>
678options		CONFIG_SCHED_TIMESHARE_CORE	# <config_sched_traditional,config_sched_multiq>
679options		CONFIG_CLUTCH			# <config_clutch>
680options 	CONFIG_SCHED_AUTO_JOIN		# <config_sched_auto_join>
681options 	CONFIG_SCHED_RT_ALLOW		# <config_sched_rt_allow>
682
683options		CONFIG_SCHED_IDLE_IN_PLACE	# <config_sched_idle_in_place>
684options		CONFIG_SCHED_SFI		# <config_sched_sfi>
685options		CONFIG_PROB_GZALLOC		# <pgzalloc>
686options		CONFIG_SCHED_DEFERRED_AST	# <config_sched_deferred_ast>
687
688options		CONFIG_PREADOPT_TG			# <config_preadopt_tg>
689options		CONFIG_PREADOPT_TG_DEBUG	# <config_preadopt_tg_debug>
690
691# Enable allocation of contiguous physical memory through vm_map_enter_cpm()
692options		VM_CPM				# <vm_cpm>
693
694# This is overridden by the board configuration's HAS_FAST_CNTVCT.
695options	    CONFIG_SKIP_PRECISE_USER_KERNEL_TIME    # <config_skip_precise_user_kernel_time>
696
697#
698# Switch to disable cpu, wakeup and high memory watermark monitors
699#
700options 	CONFIG_NOMONITORS			# <config_nomonitors>
701
702options		MACH_KDP	    # KDP		# <mach_kdp>
703options		CONFIG_SERIAL_KDP   # KDP over serial	# <config_serial_kdp>
704options		CONFIG_KDP_INTERACTIVE_DEBUGGING	# <kdp_interactive_debugging>
705options		CONFIG_KDP_COREDUMP_ENCRYPTION	# Support for encrypting kernel coredumps	# <config_kdp_coredump_encryption>
706
707options 	CONFIG_TASKWATCH
708options 	CONFIG_USER_NOTIFICATION		# <config_user_notification>
709#
710# Kernel Power On Self Tests
711#
712options		CONFIG_XNUPOST				# <config_xnupost>
713
714#
715# Kernel proc reference instrumentation
716#
717options PROC_REF_DEBUG					# <proc_ref_debug>
718
719#
720# Kernel Voucher Attr Manager for Activity Trace
721#
722options 	CONFIG_ATM				# <config_atm>
723
724# Group related tasks together into coalitions
725options		CONFIG_COALITIONS			# <config_coalitions>
726
727# Enable support for sysdiagnose notifications
728options		CONFIG_SYSDIAGNOSE			# <config_sysdiagnose>
729
730# Configurable Security Restrictions
731options		CONFIG_CSR				# <config_csr>
732options		CONFIG_CSR_FROM_DT		# <config_csr_from_dt>
733
734# Enable collection of IO Compression statistics
735options		CONFIG_IO_COMPRESSION_STATS		# <config_io_compression_stats>
736
737#
738# Console options
739#
740options		SERIAL_CONSOLE	# bi-directional serial over UART
741options		VIDEO_CONSOLE	# uni-directional output over framebuffer
742
743#
744# Syscall options
745#
746options		CONFIG_REQUIRES_U32_MUNGING	# incoming U32 argument structures must be munged to match U64	# <config_requires_u32_munging>
747
748#
749# copyout() instrumentation
750#
751options		COPYOUT_SHIM			# Shim for copyout memory analysis via kext #<copyout_shim>
752
753#
754# Enable hardware correlation of mach absolute time
755# across intel/arm boundary
756options		CONFIG_MACH_BRIDGE_SEND_TIME #  # <config_mach_bridge_send_time>
757options		CONFIG_MACH_BRIDGE_RECV_TIME #  # <config_mach_bridge_recv_time>
758
759options		CONFIG_QUIESCE_COUNTER # Support for _COMM_PAGE_CPU_QUIESCENT_COUNTER # <config_quiesce_counter>
760options		CONFIG_ARM_PFZ	# Support for PFZ on ARM # <config_arm_pfz>
761
762#
763# Sanitizers
764#
765options		CONFIG_KASAN		# <config_kasan>
766options		CONFIG_UBSAN		# <config_ubsan>
767
768options		CONFIG_KCOV			# <config_kcov>
769options		CONFIG_KSANCOV		# <config_ksancov>
770options		CONFIG_STKSZ		# <config_stksz>
771
772# dark boot support
773options		CONFIG_DARKBOOT		# <config_darkboot>
774
775# support for tracking service port labels for stackshots/debugging
776options		CONFIG_SERVICE_PORT_INFO # <config_service_port_info>
777
778# support for processes delaying idle sleep for pending IO
779options		CONFIG_DELAY_IDLE_SLEEP # <config_delay_idle_sleep>
780
781# support for storing a 64-bit user supplied value in the proc structure
782options		CONFIG_PROC_UDATA_STORAGE # <config_proc_udata_storage>
783
784pseudo-device ksancov 1 init ksancov_init_dev # <config_ksancov>
785
786# Debug instrumentation for statistics and catching of code that
787# leaves interrupts masked or preemption disabled for an excessive
788# period of time.
789options		SCHED_HYGIENE_DEBUG # <sched_hygiene_debug>
790
791# support for system call rejection/tracing
792options		CONFIG_DEBUG_SYSCALL_REJECTION	# <config_debug_syscall_rejection>
793
794# Extensible panic log support
795options		CONFIG_EXT_PANICLOG		# <config_ext_paniclog>
796
797# support for collecting statistics on task suspension
798options		CONFIG_TASK_SUSPEND_STATS	# <config_task_suspend_stats>
799