xref: /xnu-10063.121.3/config/MASTER (revision 2c2f96dc2b9a4408a43d3150ae9c105355ca3daa) 
1#
2# Mach Operating System
3# Copyright (c) 1986 Carnegie-Mellon University
4# Copyright 2001-2018 Apple Inc.
5#
6# All rights reserved.  The CMU software License Agreement
7# specifies the terms and conditions for use and redistribution.
8#
9#######################################################################
10#
11#	Master machine independent configuration file.
12#
13#	Specific configuration files are created based on this and
14#	the machine specific master file using the doconf script.
15#
16#	Any changes to the master configuration files will affect all
17#	other configuration files based upon it.
18#
19#######################################################################
20#
21#	To build a configuration, execute "doconf <configuration>."
22#	Configurations are specified in the "Configurations:" section
23#	of the MASTER and MASTER.* files as follows:
24#
25#	<configuration> = [ <attribute0> <attribute1> ... <attributeN> ]
26#
27#	Lines in the MASTER and MASTER.* files are selected based on
28#	the attribute selector list, found in a comment at the end of
29#	the line.  This is a list of attributes separated by commas.
30#	The "!" operator selects the line if none of the attributes are
31#	specified.
32#
33#	For example:
34#
35#	<foo,bar>	selects a line if "foo" or "bar" are specified.
36#	<!foo,bar>	selects a line if neither "foo" nor "bar" is
37#			specified.
38#
39#	Lines with no attributes specified are selected for all
40#	configurations.
41#
42#######################################################################
43#
44#  SYSTEM SIZE CONFIGURATION (select exactly one)
45#
46#	xlarge = extra large scale system configuration
47#	large  = large scale system configuration
48#	medium = medium scale system configuration
49#	small  = small scale system configuration
50#	xsmall = extra small scale system configuration
51#	bsmall = special extra small scale system configuration
52#
53#######################################################################
54#
55
56options		INET		#				# <inet>
57
58options 	MACH		# Standard Mach features	# <mach>
59options		MACH_FLIPC	# Fast-Local IPC		# <mach_flipc>
60options		LOOP		# loopback support		# <loop>
61options		VLAN		#				# <vlan>
62options		BOND		#				# <bond>
63options		IF_FAKE		#				# <if_fake>
64options		IF_HEADLESS	#				# <if_headless>
65options		IF_REDIRECT	#				# <if_redirect>
66options		AH_ALL_CRYPTO	# AH all crypto algs		# <ah_all_crypto>
67options		PF		# Packet Filter			# <pf>
68options		PF_ECN		# PF use ECN marking		# <pf_ecn>
69options		PFLOG		# PF log interface		# <pflog>
70options		MEASURE_BW	# interface bandwidth measurement # <measure_bw>
71options		DUMMYNET	# dummynet support		# <dummynet>
72options		TRAFFIC_MGT	# traffic management support		# <traffic_mgt>
73options		MULTICAST	# Internet Protocol Class-D	$
74options		TCPDEBUG	# TCP debug			# <tcpdebug>
75options		IFNET_INPUT_SANITY_CHK	# allow dlil/ifnet input sanity check # <ifnet_input_chk>
76options		MULTIPATH	# Multipath domain		# <multipath>
77options		MPTCP		# Multipath TCP			# <mptcp>
78options		SYSV_SEM	# SVID semaphores		# <sysv_sem>
79options		SYSV_MSG	# SVID messages			# <sysv_msg>
80options		SYSV_SHM	# SVID shared mem		# <sysv_shm>
81options		PSYNCH		# pthread synch			# <psynch>
82options		FLOW_DIVERT								# <flow_divert>
83options		NECP									# <necp>
84options		CONTENT_FILTER	#						# <content_filter>
85options 	PACKET_MANGLER	#						# <packet_mangler>
86options 	REMOTE_VIF	#						# <remote_vif>
87options		SKYWALK		#		# <skywalk>
88options		CONFIG_NEXUS_USER_PIPE	#	# <config_nexus_user_pipe>
89options		CONFIG_NEXUS_KERNEL_PIPE #	# <config_nexus_kernel_pipe>
90options		CONFIG_NEXUS_MONITOR	#	# <config_nexus_monitor>
91options		CONFIG_NEXUS_FLOWSWITCH	#	# <config_nexus_flowswitch>
92options		CONFIG_NEXUS_NETIF	#	# <config_nexus_netif>
93options		CONFIG_MBUF_MCACHE	# mbufs use mcache	# <config_mbuf_mcache>
94options		KCTL_TEST		# kernel control test	# <kctl_test>
95
96# secure_kernel - secure kernel from user programs
97options     SECURE_KERNEL       # <secure_kernel>
98
99#
100#	4.4 general kernel
101#
102options		SOCKETS		# socket support		# <inet>
103options 	DIAGNOSTIC	# diagnostics			# <diagnostic>
104options		PROFILE		# kernel profiling		# <profile>
105options		SENDFILE	# sendfile					# <sendfile>
106options		NETWORKING	# networking layer		# <inet>
107options		CONFIG_FSE	# file system events		# <config_fse>
108options		CONFIG_IMAGEBOOT	# local image boot	# <config_imageboot>
109options		CONFIG_MBUF_JUMBO	# jumbo cluster pool	# <config_mbuf_jumbo>
110options		CONFIG_IMAGEBOOT_IMG4	# authenticate image with AppleImage4	# <config_imageboot_img4>
111options		CONFIG_IMAGEBOOT_CHUNKLIST	# authenticate image with a chunk list	# <config_imageboot_chunklist>
112
113options		CONFIG_WORKLOOP_DEBUG	# <config_workloop_debug>
114
115#
116#	4.4 filesystems
117#
118options		MOCKFS		# Boot from an executable	# <mockfs>
119options		FIFO		# fifo support			# <fifo>
120options		FDESC		# fdesc_fs support		# <fdesc>
121options		DEVFS		# devfs support			# <devfs>
122options		ROUTEFS		# routefs support		# <routefs>
123options		NULLFS		# nullfs support 		# <nullfs>
124options		BINDFS		# bindfs support 		# <bindfs>
125options		FS_COMPRESSION	# fs compression	    # <fs_compression>
126options		CONFIG_DEV_KMEM	    # /dev/kmem device for reading KVA	# <config_dev_kmem>
127
128#
129#	file system features
130#
131options		QUOTA		# file system quotas		# <quota>
132options		NAMEDSTREAMS	# named stream vnop support	# <namedstreams>
133options		CONFIG_APPLEDOUBLE # apple double support	# <config_appledouble>
134options		CONFIG_VOLFS	# volfs path support (legacy)	# <config_volfs>
135options		CONFIG_IMGSRC_ACCESS # source of imageboot dmg	# <config_imgsrc_access>
136options		CONFIG_TRIGGERS	# trigger vnodes		# <config_triggers>
137options		CONFIG_EXT_RESOLVER # e.g. memberd		# <config_ext_resolver>
138options		CONFIG_SEARCHFS	# searchfs syscall support	# <config_searchfs>
139options		CONFIG_MNT_SUID # allow suid binaries  # <config_mnt_suid>
140options		CONFIG_MNT_ROOTSNAP # allow rooting from snapshot # <config_mnt_rootsnap>
141options 	CONFIG_ROSV_STARTUP # allow read-only system volume startup # <config_rosv_startup>
142options		CONFIG_FIRMLINKS # support "firmlinks" # <config_firmlinks>
143options 	CONFIG_MOUNT_VM # mount VM volume on startup # <config_mount_vm>
144options 	CONFIG_MOUNT_PREBOOTRECOVERY # mount Preboot and/or Recovery volume on startup # <config_mount_prebootrecovery>
145options		CONFIG_DATALESS_FILES # support dataless file materialization # <config_dataless_files>
146options         CONFIG_BASESYSTEMROOT # mount BaseSystem as initial root filesystem on some kinds of startup # <config_basesystemroot>
147options         CONFIG_UNION_MOUNTS # support union mounts # <config_union_mounts>
148options		CONFIG_FILE_LEASES # local file leasing support # <config_file_leases>
149
150#
151# VFS debugging
152#
153options		CONFIG_IOCOUNT_TRACE	# enable vnode's iocount tracing # <config_iocount_trace>
154
155# NFS support
156#
157options		NFSSERVER	# Be an NFS server		# <nfsserver>
158options		CONFIG_NETBOOT	# network booting		# <config_netboot>
159
160#
161# Machine Independent Apple Features
162#
163profile				# build a profiling kernel	# <profile>
164
165#
166# IPv6 Support
167#
168options         IPSEC           # IP security            	# <ipsec>
169options         IPSEC_ESP       # IP security            	# <ipsec>
170
171pseudo-device   gif     1				# <gif>
172pseudo-device   dummy   2				# <dummy>
173pseudo-device   stf 	1 				# <stf>
174
175options			CRYPTO				# <ipsec,crypto>
176options			CRYPTO_SHA2			# <crypto_sha2>
177options			ENCRYPTED_SWAP			# <encrypted_swap>
178
179options			CONFIG_IMG4			# <config_img4>
180
181options		ZLIB	# inflate/deflate support	# <zlib>
182options		ZLIBC	# inflate/deflate support	# <zlibc>
183
184options		IF_BRIDGE				# <if_bridge>
185
186#
187#  configurable kernel event related resources
188#
189options   CONFIG_KN_HASHSIZE=64		# <medium,large,xlarge>
190options   CONFIG_KN_HASHSIZE=48		# <small,xsmall>
191options   CONFIG_KN_HASHSIZE=20		# <bsmall>
192
193#
194#  configurable vfs related resources
195#  CONFIG_VNODES - used to pre allocate vnode related resources
196#  CONFIG_NC_HASH - name cache hash table allocation
197#  CONFIG_VFS_NAMES - name strings
198#
199#  263168 magic number for medium CONFIG_VNODES is based on memory
200#  Number vnodes  is (memsize/64k) + 1024
201#  This is the calculation that is used by launchd in tiger
202#  we are clipping the max based on 16G
203#  ie ((16*1024*1024*1024)/(64 *1024)) + 1024 = 263168;
204
205options   CONFIG_VNODES=263168		# <large,xlarge>
206options   CONFIG_VNODES=263168		# <medium>
207options   CONFIG_VNODES=10240		# <small>
208options   CONFIG_VNODES=750		# <bsmall>
209
210options   CONFIG_NC_HASH=5120		# <large,xlarge>
211options   CONFIG_NC_HASH=4096		# <medium>
212options   CONFIG_NC_HASH=2048		# <small,xsmall>
213options   CONFIG_NC_HASH=1024		# <bsmall>
214
215options   CONFIG_VFS_NAMES=5120		# <large,xlarge>
216options   CONFIG_VFS_NAMES=4096		# <medium>
217options   CONFIG_VFS_NAMES=3072		# <small,xsmall>
218options   CONFIG_VFS_NAMES=2048		# <bsmall>
219
220options   CONFIG_MAX_CLUSTERS=8		# <xlarge,large,medium>
221options   CONFIG_MAX_CLUSTERS=4		# <small,xsmall,bsmall>
222
223#
224#  configurable options for minumum number of buffers for kernel memory
225#
226options   CONFIG_MIN_NBUF=256		# <medium,large,xlarge>
227options   CONFIG_MIN_NBUF=128		# <small>
228options   CONFIG_MIN_NBUF=80		# <xsmall>
229options   CONFIG_MIN_NBUF=64		# <bsmall>
230
231options   CONFIG_MIN_NIOBUF=128		# <medium,large,xlarge>
232options   CONFIG_MIN_NIOBUF=64		# <xsmall,small>
233options   CONFIG_MIN_NIOBUF=32		# <bsmall>
234
235#
236# set maximum space used for packet buffers
237#
238options        CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)"	# <large,xlarge>
239options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"	# <medium>
240options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"	# <bsmall,xsmall,small>
241
242#
243# Configure size of TCP hash table
244#
245options CONFIG_TCBHASHSIZE=4096		# <medium,large,xlarge>
246options CONFIG_TCBHASHSIZE=128		# <xsmall,small,bsmall>
247
248#
249#  configurable async IO options
250#  CONFIG_AIO_MAX - system wide limit of async IO requests.
251#  CONFIG_AIO_PROCESS_MAX - process limit of async IO requests.
252#  CONFIG_AIO_THREAD_COUNT - number of async IO worker threads created.
253#
254options   CONFIG_AIO_MAX=360			# <xlarge>
255options   CONFIG_AIO_MAX=180			# <large>
256options   CONFIG_AIO_MAX=90			# <medium>
257options   CONFIG_AIO_MAX=45			# <small>
258options   CONFIG_AIO_MAX=20			# <xsmall>
259options   CONFIG_AIO_MAX=10			# <bsmall>
260
261options   CONFIG_AIO_PROCESS_MAX=64		# <xlarge>
262options   CONFIG_AIO_PROCESS_MAX=32		# <large>
263options   CONFIG_AIO_PROCESS_MAX=16		# <medium>
264options   CONFIG_AIO_PROCESS_MAX=12		# <small>
265options   CONFIG_AIO_PROCESS_MAX=8		# <xsmall>
266options   CONFIG_AIO_PROCESS_MAX=4		# <bsmall>
267
268options   CONFIG_AIO_THREAD_COUNT=16		# <xlarge>
269options   CONFIG_AIO_THREAD_COUNT=8		# <large>
270options   CONFIG_AIO_THREAD_COUNT=4		# <medium>
271options   CONFIG_AIO_THREAD_COUNT=3		# <small>
272options   CONFIG_AIO_THREAD_COUNT=2		# <xsmall,bsmall>
273
274options   CONFIG_MAXVIFS=32			# <medium,large,xlarge>
275options   CONFIG_MAXVIFS=16			# <small,xsmall>
276options   CONFIG_MAXVIFS=2			# <bsmall>
277
278options   CONFIG_MFCTBLSIZ=256			# <medium,large,xlarge>
279options   CONFIG_MFCTBLSIZ=128			# <small,xsmall>
280options   CONFIG_MFCTBLSIZ=16			# <bsmall>
281
282#
283# configurable kernel message buffer size
284#
285options   CONFIG_MSG_BSIZE_REL=16384		# <msgb_small>
286options   CONFIG_MSG_BSIZE_DEV=131072		# <msgb_small>
287options   CONFIG_MSG_BSIZE_REL=131072		# <msgb_large>
288options   CONFIG_MSG_BSIZE_DEV=131072		# <msgb_large>
289options   CONFIG_MSG_BSIZE=CONFIG_MSG_BSIZE_REL	# <!development,debug>
290options   CONFIG_MSG_BSIZE=CONFIG_MSG_BSIZE_DEV	# <development,debug>
291
292#
293# maximum size of the per-process Mach IPC table
294#
295options   CONFIG_IPC_TABLE_ENTRIES_SIZE_MAX=3145728  	# 3M == 131072 entries	# <bsmall,small,xsmall>
296options   CONFIG_IPC_TABLE_ENTRIES_SIZE_MAX=7340032 	# 7M == 305834 entries	# <medium,large,xlarge>
297options   CONFIG_IPC_TABLE_REQUEST_SIZE_MAX=1048576 	# 1M == 65536 requests	# <bsmall,small,xsmall>
298options   CONFIG_IPC_TABLE_REQUEST_SIZE_MAX=2097152 	# 2M == 131072 requests	# <medium,large,xlarge>
299
300#
301# maximum copyout size for IPC debugging tools
302#
303options CONFIG_IPC_KERNEL_MAP_SIZE=32	# 32M	# <bsmall,small,xsmall>
304options CONFIG_IPC_KERNEL_MAP_SIZE=64	# 64M	# <medium,large,xlarge>
305
306#
307#  configurable kernel - use these options to strip strings from panic
308#  and printf calls.
309#  no_printf_str - saves around 45K of kernel footprint.
310#
311options   CONFIG_NO_PRINTF_STRINGS		# <no_printf_str>
312options   CONFIG_NO_KPRINTF_STRINGS		# <no_kprintf_str>
313
314# support vsprintf (deprecated in favor of vsnprintf)
315options   CONFIG_VSPRINTF               # <vsprintf>
316
317#
318# configurable kernel - general switch to say we are building for an
319# embedded device
320#
321options   CONFIG_EMBEDDED			# <config_embedded>
322
323
324# Compile XNU with SPTM support. This option should be used mutually exclusively
325# with the config_pmap_ppl option
326options   CONFIG_SPTM				# <config_sptm>
327
328
329# Enable support for commmunication with exclaves. Requires SPTM support.
330options		CONFIG_EXCLAVES			# <config_exclaves>
331
332# Compile XNU with PPL support.
333options   CONFIG_PMAP_PPL			# <config_pmap_ppl>
334
335options   NOS_ARM_ASM			# <nos_arm_asm>
336options   NOS_ARM_PMAP			# <nos_arm_pmap>
337
338# support dynamic signing of code
339#
340options		CONFIG_DYNAMIC_CODE_SIGNING	# <dynamic_codesigning>
341
342# enforce library validation on all processes.
343#
344options		CONFIG_ENFORCE_LIBRARY_VALIDATION  # <config_library_validation>
345
346# support loading a second static trust cache
347#
348options CONFIG_SECOND_STATIC_TRUST_CACHE # <second_static_trust_cache>
349
350# support supplemental signatures
351#
352options CONFIG_SUPPLEMENTAL_SIGNATURES # <config_supplemental_signatures>
353
354#
355# code decryption... used on embedded for app protection, DSMOS on desktop
356#
357options		CONFIG_CODE_DECRYPTION		# <config_code_decryption>
358
359#
360# User Content Protection, used on embedded
361#
362options		CONFIG_PROTECT			# <config_protect>
363
364#allow write-protection of key page
365options		CONFIG_KEYPAGE_WP		# <config_keypage_wp>
366
367#
368# allow vm_pageout_scan to dynamically adjust its priority based on priorities of waiters
369#
370options		CONFIG_VPS_DYNAMIC_PRIO		# <vps_dynamic_prio>
371
372#
373# enable per-process memory priority tracking
374#
375options		CONFIG_MEMORYSTATUS		# <memorystatus>
376
377options		CONFIG_DEFERRED_RECLAIM		# <config_deferred_reclaim>
378
379#
380# enable jetsam - used on embedded
381#
382options		CONFIG_JETSAM			# <jetsam>
383
384#
385# enable new wait queue implementation stats / debugging
386#
387options		CONFIG_WAITQ_STATS			# <config_waitq_stats>
388
389#
390# enable freezing of suspended processes - used on embedded
391#
392options		CONFIG_FREEZE			# <freeze>
393
394options		CHECK_CS_VALIDATION_BITMAP	# <config_cs_validation_bitmap>
395
396#
397# enable physical writes accounting
398#
399options		CONFIG_PHYS_WRITE_ACCT		# <phys_write_acct>
400
401#
402# enable detection of file cache thrashing - used on platforms with
403# dynamic VM compression enabled
404#
405options		CONFIG_PHANTOM_CACHE		# <phantom_cache>
406
407#
408# enable detection of anonymous pages staying unmodified after first use
409# - used on platforms with dynamic VM compression enabled
410#
411options		CONFIG_TRACK_UNMODIFIED_ANON_PAGES		# <track_unmodified_anon_pages>
412
413#
414# memory pressure event support
415#
416options		VM_PRESSURE_EVENTS		# <vm_pressure_events>
417
418options		CONFIG_SECLUDED_MEMORY		# <config_secluded_memory>
419
420#
421# Ledger features
422#
423options		CONFIG_LEDGER_INTERVAL_MAX	# <config_ledger_interval_max>
424
425#
426# I/O Scheduling
427#
428options		CONFIG_IOSCHED			# <config_iosched>
429
430#
431# Accounting for I/O usage
432#
433options 	CONFIG_IO_ACCOUNTING 		# <config_io_accounting>
434
435#
436# Enable inheritance of importance through specially marked mach ports and for file locks
437# For now debug is enabled wherever inheritance is
438#
439options		IMPORTANCE_INHERITANCE		# <importance_inheritance>
440options		IMPORTANCE_TRACE		# <importance_trace>
441options		IMPORTANCE_DEBUG		# <importance_debug>
442
443options		CONFIG_TELEMETRY		# <config_telemetry>
444
445options		CONFIG_PROC_UUID_POLICY		# <config_proc_uuid_policy>
446
447#
448# ECC data logging
449#
450options		CONFIG_ECC_LOGGING		# <config_ecc_logging>
451
452#
453# Application core dumps
454#
455options		CONFIG_COREDUMP			# <config_coredump>
456
457#
458# Vnode guards
459#
460options		CONFIG_VNGUARD			# <config_vnguard>
461
462#
463# Paravirtualization
464#
465options		CONFIG_PV_TICKET		# <config_pv_ticket>
466
467#
468# Enable extended VM address space and user heap segregation
469#
470options     CONFIG_MAP_RANGES       # <config_map_ranges>
471
472#
473#  Ethernet (ARP)
474#
475pseudo-device	ether				# <networking,inet>
476#
477#  Network loopback device
478#
479pseudo-device	loop				# <networking,inet>
480#
481#  UCB pseudo terminal service
482#
483pseudo-device  pty     512 init pty_init       # <xlarge>
484pseudo-device  pty     256 init pty_init       # <large>
485pseudo-device  pty     128 init pty_init       # <medium>
486pseudo-device  pty      48 init pty_init       # <small>
487pseudo-device  pty      16 init pty_init       # <xsmall>
488pseudo-device  pty       8 init pty_init       # <bsmall>
489#
490# Cloning pseudo terminal service
491#
492pseudo-device	ptmx	1 init ptmx_init
493
494#
495# memory device
496pseudo-device	mdevdevice	1	init	mdevinit
497
498#
499#
500# packet filter device
501#
502pseudo-device	bpfilter	4	init	bpf_init		# <networking,inet>
503
504#
505# fsevents device
506pseudo-device	fsevents	1	init	fsevents_init	# <config_fse>
507
508pseudo-device	random		1	init	random_init
509pseudo-device	dtrace		1	init	dtrace_init	# <config_dtrace>
510pseudo-device	helper		1	init	helper_init	# <config_dtrace>
511pseudo-device	lockstat	1	init	lockstat_init	# <config_dtrace>
512pseudo-device	lockprof	1	init	lockprof_init	# <config_dtrace>
513pseudo-device	sdt		1	init	sdt_init	# <config_dtrace>
514pseudo-device	systrace	1	init	systrace_init	# <config_dtrace>
515pseudo-device	fbt		1	init	fbt_init	# <config_dtrace>
516pseudo-device	profile_prvd	1	init	profile_init	# <config_dtrace>
517
518# monotonic devices
519pseudo-device monotonic 1 init mt_dev_init # <config_cpu_counters>
520
521#
522# IOKit configuration options
523#
524
525options		HIBERNATION	# system hibernation	# <hibernation>
526options		IOKITCPP	# C++ implementation	# <iokitcpp>
527options		IOKITSTATS	# IOKit statistics	# <iokitstats>
528options		IOTRACKING	# IOKit tracking	# <iotracking>
529options		CONFIG_SLEEP	#			# <config_sleep>
530options		CONFIG_MAX_THREADS=500	# IOConfigThread threads
531options         NO_KEXTD                		# <no_kextd>
532options         NO_KERNEL_HID           		# <no_kernel_hid>
533
534#
535# Libkern configuration options
536#
537
538options		LIBKERNCPP		# C++ implementation	# <libkerncpp>
539options		CONFIG_BLOCKS		# Blocks runtime	# <config_blocks>
540options		CONFIG_KXLD		# kxld/runtime linking of kexts # <config_kxld>
541options		CONFIG_KEC_FIPS		# Kernel External Components for FIPS compliance (KEC_FIPS) # <config_kec_fips>
542
543# Note that when adding this config option to an architecture, one MUST
544# add the architecture to the preprocessor test at the beginning of
545# libkern/kmod/cplus_{start.c,stop.c}.
546options         CONFIG_STATIC_CPPINIT   # Static library initializes kext cpp runtime # <config_static_cppinit>
547
548#
549# libsa configuration options
550#
551
552# CONFIG_KEXT_BASEMENT - alloc post boot loaded kexts after prelinked kexts
553#
554options		CONFIG_KEXT_BASEMENT		#	# <config_kext_basement>
555
556#
557# Persona Management
558#
559options		CONFIG_PERSONAS	    # Persona management    # <config_personas>
560options		PERSONA_DEBUG	    # Persona debugging     # <persona_debug>
561
562#
563# security configuration options
564#
565
566options		CONFIG_MACF	# Mandatory Access Control Framework	# <config_macf>
567options		CONFIG_MACF_SOCKET_SUBSET	# MAC socket subest (no labels)	# <config_macf>
568#options	CONFIG_MACF_DEBUG   # debug	    	    # <config_macf>
569
570options		CONFIG_AUDIT	    # Kernel auditing	    # <config_audit>
571
572options		CONFIG_ARCADE		# Arcade validation support	# <config_arcade>
573
574options		CONFIG_SETUID		# setuid/setgid support # <config_setuid>
575
576options		CONFIG_SECURE_BSD_ROOT	# secure BSD root	# <config_secure_bsd_root>
577
578options		CONFIG_KAS_INFO		# kas_info support	# <config_kas_info>
579
580options		CONFIG_PROC_RESOURCE_LIMITS	# Per process limits for resources like file descriptors and mach ports  # <config_proc_resource_limits>
581
582#
583# MACH configuration options.
584#
585
586#
587# This defines configuration options that are normally used only during
588# kernel code development and debugging. They add run-time error checks or
589# statistics gathering, which will slow down the system
590#
591##########################################################
592#
593# MACH_ASSERT controls the assert() and ASSERT() macros, used to verify the
594#	consistency of various algorithms in the kernel. The performance impact
595#	of this option is significant.
596#
597options		MACH_ASSERT	#		# <mach_assert>
598options		MACH_VM_DEBUG	#				# <debug>
599options		CONFIG_ZLEAKS	# Live zone leak debugging	# <zleaks>
600options		CONFIG_VOUCHER_DEPRECATED # Enable deprecated voucher managers # <config_voucher_deprecated>
601
602#
603# CONFIG_DEBUGGER_FOR_ZONE_INFO restricts zone info so that it is only
604# available when the kernel is being debugged.
605#
606options		CONFIG_DEBUGGER_FOR_ZONE_INFO	# <debugger_for_zone_info>
607#
608# MACH_LDEBUG controls the internal consistency checks and
609#	data gathering in the locking package. This also enables a debug-only
610#	version of simple-locks on uniprocessor machines. The code size and
611#	performance impact of this option is significant.
612#
613options		MACH_LDEBUG	#		# <debug>
614
615#
616# configuration option for full, partial, or no kernel debug event tracing
617#
618options		KDEBUG			# kernel tracing	# <kdebug>
619options		IST_KDEBUG		# limited tracing	# <ist_kdebug>
620options		NO_KDEBUG       	# no kernel tracing 	# <no_kdebug>
621
622#
623# CONFIG_DTRACE enables code needed to support DTrace. Currently this is
624# only used for delivery of traps/interrupts to DTrace.
625#
626options		CONFIG_DTRACE		#		    # <config_dtrace>
627
628options		LOCK_STATS		#		    # <lock_stats>
629
630# kernel performance tracing
631options     KPERF                  # <kperf>
632
633options     CONFIG_CPU_COUNTERS     # <config_cpu_counters>
634
635options     CONFIG_PERVASIVE_CPI    # <config_pervasive_cpi>
636options     CONFIG_PERVASIVE_ENERGY # <config_pervasive_energy>
637
638options     CONFIG_IOTRACE          # Physical IO tracing    # <config_iotrace>
639
640options     PGO                    # <pgo>
641
642# DEVELOPMENT define for development builds
643options		DEVELOPMENT	# dev kernel	    	    # <development>
644
645# DEBUG kernel
646options		DEBUG		# general debugging code    # <debug>
647options		CONFIG_NONFATAL_ASSERTS	# non fatal asserts	# <softasserts>
648
649options		MACH_BSD	# BSD subsystem on top of Mach	# <mach_bsd>
650options         IOKIT		#				# <iokit>
651
652#
653#  configurable kernel related resources (CONFIG_THREAD_MAX needs to stay in
654#  sync with bsd/conf/MASTER until we fix the config system... todo XXX
655#
656options   CONFIG_THREAD_MAX=2560		# <medium,large,xlarge>
657options   CONFIG_THREAD_MAX=1536		# <small,xsmall>
658options   CONFIG_THREAD_MAX=1024		# <bsmall>
659
660options   CONFIG_TASK_MAX=1024			# <medium,large,xlarge>
661options   CONFIG_TASK_MAX=768			# <small,>
662options   CONFIG_TASK_MAX=512			# <xsmall,bsmall>
663
664#
665# Minimum zone map size: 115 MB
666#
667options   CONFIG_ZONE_MAP_MIN=120586240	# <xsmall,bsmall,small,medium,large,xlarge>
668
669# vc_progress_white - make the progress gear white instead of black
670options	  CONFIG_VC_PROGRESS_WHITE		# <vc_progress_white>
671
672#
673# Timeshare scheduler implementations
674#
675options		CONFIG_SCHED_TRADITIONAL	# <config_sched_traditional>
676options		CONFIG_SCHED_PROTO		# <config_sched_proto>
677options		CONFIG_SCHED_GRRR		# <config_sched_grrr>
678options		CONFIG_SCHED_GRRR_CORE		# <config_sched_grrr>
679options		CONFIG_SCHED_MULTIQ		# <config_sched_multiq>
680options		CONFIG_SCHED_TIMESHARE_CORE	# <config_sched_traditional,config_sched_multiq>
681options		CONFIG_CLUTCH			# <config_clutch>
682options 	CONFIG_SCHED_AUTO_JOIN		# <config_sched_auto_join>
683options 	CONFIG_SCHED_RT_ALLOW		# <config_sched_rt_allow>
684
685options		CONFIG_SCHED_IDLE_IN_PLACE	# <config_sched_idle_in_place>
686options		CONFIG_SCHED_SFI		# <config_sched_sfi>
687options		CONFIG_PROB_GZALLOC		# <pgzalloc>
688options		CONFIG_SCHED_DEFERRED_AST	# <config_sched_deferred_ast>
689
690options		CONFIG_PREADOPT_TG			# <config_preadopt_tg>
691options		CONFIG_PREADOPT_TG_DEBUG	# <config_preadopt_tg_debug>
692
693# Enable allocation of contiguous physical memory through vm_map_enter_cpm()
694options		VM_CPM				# <vm_cpm>
695
696# This is overridden by the board configuration's HAS_FAST_CNTVCT.
697options	    CONFIG_SKIP_PRECISE_USER_KERNEL_TIME    # <config_skip_precise_user_kernel_time>
698
699#
700# Switch to disable cpu, wakeup and high memory watermark monitors
701#
702options 	CONFIG_NOMONITORS			# <config_nomonitors>
703
704options		MACH_KDP	    # KDP		# <mach_kdp>
705options		CONFIG_SERIAL_KDP   # KDP over serial	# <config_serial_kdp>
706options		CONFIG_KDP_INTERACTIVE_DEBUGGING	# <kdp_interactive_debugging>
707options		CONFIG_KDP_COREDUMP_ENCRYPTION	# Support for encrypting kernel coredumps	# <config_kdp_coredump_encryption>
708
709options 	CONFIG_TASKWATCH
710options 	CONFIG_USER_NOTIFICATION		# <config_user_notification>
711#
712# Kernel Power On Self Tests
713#
714options		CONFIG_XNUPOST				# <config_xnupost>
715
716#
717# Kernel proc reference instrumentation
718#
719options PROC_REF_DEBUG					# <proc_ref_debug>
720
721#
722# Kernel Voucher Attr Manager for Activity Trace
723#
724options 	CONFIG_ATM				# <config_atm>
725
726# Group related tasks together into coalitions
727options		CONFIG_COALITIONS			# <config_coalitions>
728
729# Enable support for sysdiagnose notifications
730options		CONFIG_SYSDIAGNOSE			# <config_sysdiagnose>
731
732# Configurable Security Restrictions
733options		CONFIG_CSR				# <config_csr>
734options		CONFIG_CSR_FROM_DT		# <config_csr_from_dt>
735
736# Enable collection of IO Compression statistics
737options		CONFIG_IO_COMPRESSION_STATS		# <config_io_compression_stats>
738
739#
740# Console options
741#
742options		SERIAL_CONSOLE	# bi-directional serial over UART
743options		VIDEO_CONSOLE	# uni-directional output over framebuffer
744
745#
746# Syscall options
747#
748options		CONFIG_REQUIRES_U32_MUNGING	# incoming U32 argument structures must be munged to match U64	# <config_requires_u32_munging>
749
750#
751# copyout() instrumentation
752#
753options		COPYOUT_SHIM			# Shim for copyout memory analysis via kext #<copyout_shim>
754
755#
756# Enable hardware correlation of mach absolute time
757# across intel/arm boundary
758options		CONFIG_MACH_BRIDGE_SEND_TIME #  # <config_mach_bridge_send_time>
759options		CONFIG_MACH_BRIDGE_RECV_TIME #  # <config_mach_bridge_recv_time>
760
761options		CONFIG_QUIESCE_COUNTER # Support for _COMM_PAGE_CPU_QUIESCENT_COUNTER # <config_quiesce_counter>
762options		CONFIG_ARM_PFZ	# Support for PFZ on ARM # <config_arm_pfz>
763
764#
765# Sanitizers
766#
767options		CONFIG_KASAN		# <config_kasan>
768options		CONFIG_UBSAN		# <config_ubsan>
769
770options		CONFIG_KCOV			# <config_kcov>
771options		CONFIG_KSANCOV		# <config_ksancov>
772options		CONFIG_STKSZ		# <config_stksz>
773
774# dark boot support
775options		CONFIG_DARKBOOT		# <config_darkboot>
776
777# support for tracking service port labels for stackshots/debugging
778options		CONFIG_SERVICE_PORT_INFO # <config_service_port_info>
779
780# support for processes delaying idle sleep for pending IO
781options		CONFIG_DELAY_IDLE_SLEEP # <config_delay_idle_sleep>
782
783# support for storing a 64-bit user supplied value in the proc structure
784options		CONFIG_PROC_UDATA_STORAGE # <config_proc_udata_storage>
785
786pseudo-device ksancov 1 init ksancov_init_dev # <config_ksancov>
787
788# Debug instrumentation for statistics and catching of code that
789# leaves interrupts masked or preemption disabled for an excessive
790# period of time.
791options		SCHED_HYGIENE_DEBUG # <sched_hygiene_debug>
792
793# support for system call rejection/tracing
794options		CONFIG_DEBUG_SYSCALL_REJECTION	# <config_debug_syscall_rejection>
795
796# Extensible panic log support
797options		CONFIG_EXT_PANICLOG		# <config_ext_paniclog>
798
799# support for collecting statistics on task suspension
800options		CONFIG_TASK_SUSPEND_STATS	# <config_task_suspend_stats>
801