1#
2# Mach Operating System
3# Copyright (c) 1986 Carnegie-Mellon University
4# All rights reserved.  The CMU software License Agreement
5# specifies the terms and conditions for use and redistribution.
6#  
7#######################################################################
8#
9#	Master machine independent configuration file.
10#
11#	Specific configuration files are created based on this and
12#	the machine specific master file using the doconf script.
13#
14#	Any changes to the master configuration files will affect all
15#	other configuration files based upon it.
16#
17#######################################################################
18#
19#	To build a configuration, execute "doconf <configuration>."
20#	Configurations are specified in the "Configurations:" section
21#	of the MASTER and MASTER.* files as follows:
22#
23#	<configuration> = [ <attribute0> <attribute1> ... <attributeN> ]
24#
25#	Lines in the MASTER and MASTER.* files are selected based on
26#	the attribute selector list, found in a comment at the end of
27#	the line.  This is a list of attributes separated by commas.
28#	The "!" operator selects the line if none of the attributes are
29#	specified.
30#
31#	For example:
32#
33#	<foo,bar>	selects a line if "foo" or "bar" are specified.
34#	<!foo,bar>	selects a line if neither "foo" nor "bar" is
35#			specified.
36#
37#	Lines with no attributes specified are selected for all
38#	configurations.
39#
40#######################################################################
41#
42#  STANDARD CONFIGURATION OPTIONS (select any combination)
43#
44#	debug   = extra kernel level debugging support
45#	mach    = Mach support 
46#
47#  EXPERIMENTAL CONFIGURATION OPTIONS (select any combination, carefully)
48#
49#	host	= host resource control support
50#
51#  MULTI-PROCESSOR CONFIGURATION (select at most one)
52#
53#	multi16 = enable 16 multi-processors
54#	multi32 = enable 32 multi-processors
55#	multi48 = enable 48 multi-processors
56#
57#  SYSTEM SIZE CONFIGURATION (select exactly one)
58#
59#	xlarge = extra large scale system configuration
60#	large  = large scale system configuration
61#	medium = medium scale system configuration
62#	small  = small scale system configuration
63#	xsmall = extra small scale system configuration
64#	bsmall = special extra small scale system configuration 
65#
66#######################################################################
67#  
68#  Standard Mach Research Configurations:
69#  -------- ---- -------- ---------------
70#
71#  These are the default configurations that can be used by most sites.
72#  They are used internally by the Mach project.
73#
74#  MACH      = [mach multi16 medium debug]
75#
76#######################################################################
77#
78ident		NeXT
79
80# obsolete timezone spec
81options		TIMEZONE=0, PST=0
82
83options		QUOTA			# 				# <quota>
84options		INET			#				# <inet>
85options		ABSOLUTETIME_SCALAR_TYPE
86options		NEW_VM_CODE	#				# <newvm>
87options		OLD_VM_CODE	#				# <!newvm>
88options		HW_AST		# Hardware ast support		# <hw_ast>
89options 	HW_FOOTPRINT	# Cache footprint support	# <hw_foot>
90options		CONFIG_LCTX	# Login Context
91
92options 	MACH		# Standard Mach features	# <mach>
93options		MACH_ASSERT	# Compile in assertions		# <mach_assert>
94options		MACH_COMPAT	# Vendor syscall compatibility  # <mach>
95options		MACH_COUNTERS	# counters			# <count>
96options		MACH_DEBUG	# IPC debugging interface	# <mdebug>
97options		MACH_FASTLINK	# Fast symbolic links
98options		MACH_FIXPRI	# Fixed priority threads	# <fixpri>
99options		MACH_HOST	# Mach host (resource alloc.)	# <host>
100options		MACH_IPC_COMPAT	# Enable old IPC interface	# <ipc_compat>
101options		MACH_IPC_DEBUG	# Enable IPC debugging calls	# <ipc_debug>
102options		MACH_IPC_TEST	# Testing code/printfs		# <ipc_test>
103options		MACH_LDEBUG	# Sanity-check simple locking	# <test>
104options		CONFIG_ZLEAKS	# Live zone leak debug sysctls	# <zleaks>
105options 	MACH_NP		# Mach IPC support		# <np>
106options		MACH_NBC	# No buffer cache		# <nbc>
107options		MACH_NET	# Fast network access		# <mach_net>
108options		MACH_XP		# external pager support	# <xp>
109options		NORMA_IPC	# NORMA IPC support		# <norma_ipc>
110options		NORMA_DEVICE	# NORMA unified device names	# <norma_device>
111options		NORMA_VM	# NORMA virtual memory support	# <norma_vm>
112options		NORMA_TASK	# NORMA task support		# <norma_task>
113options		NORMA_ETHER	# NORMA across ethernet		# <norma_ether>
114options		SIMPLE_CLOCK	# don't assume fixed tick	# <simple_clock>
115options		XPR_DEBUG	# kernel tracing		# <xpr_debug>
116options		KDEBUG		# kernel tracing		# <kdebug>
117options		IST_KDEBUG	# limited kernel tracing 	# <ist_kdebug>
118options		NO_KDEBUG       # no kernel tracing # <no_kdebug>
119options		DDM_DEBUG	# driverkit-style tracing	# <ddm_debug>
120options		MACH_OLD_VM_COPY # Old vm_copy technology	# <!newvm>
121options		NO_DIRECT_RPC	# for untyped mig servers	# 
122options		IPX		# ipx stack 			# <ipx>
123options		EON		# 				# <eon>
124options		ISO		# ISO stack			# <iso>
125options		LLC		# 802.2 support			# <llc>
126options		LOOP		# loopback support		# <loop>
127options		MROUTING	# multicast routing		# <mrouting>
128options		ROUTING		# routing			# <routing>
129options		VLAN		#				# <vlan>
130options		BOND		#				# <bond>
131options		PF		# Packet Filter			# <pf>
132options		PF_ALTQ		# PF ALTQ (Alternate Queueing)	# <pf_altq>
133options		PFLOG		# PF log interface		# <pflog>
134options		PKTSCHED_CBQ	# CBQ packet scheduler		# <pktsched_cbq>
135options		PKTSCHED_HFSC	# H-FSC packet scheduler	# <pktsched_hfsc>
136options		PKTSCHED_PRIQ	# PRIQ packet scheduler		# <pktsched_priq>
137options		PKTSCHED_FAIRQ	# FAIRQ packet scheduler	# <pktsched_fairq>
138options		CLASSQ_BLUE	# BLUE queueing algorithm	# <classq_blue>
139options		CLASSQ_RED	# RED queueing algorithm	# <classq_red>
140options		CLASSQ_RIO	# RIO queueing algorithm	# <classq_rio>
141options		IPDIVERT        # Divert sockets (for NAT)      # <ipdivert>
142options		IPFIREWALL      # IP Firewalling (used by NAT)  # <ipfirewall>
143options		IPFIREWALL_FORWARD      #Transparent proxy      # <ipfirewall>
144options		IPFIREWALL_DEFAULT_TO_ACCEPT    # allow everything by default   # <ipfirewall>
145options		DUMMYNET	# dummynet support		# <dummynet>
146options		TRAFFIC_MGT	# traffic management support		# <traffic_mgt>
147options		IPFW2		# IP firewall (new version)	# <ipfw2>
148options		MULTICAST	# Internet Protocol Class-D	$
149options		TCPDEBUG	# TCP debug			# <tcpdebug>
150options		RANDOM_IP_ID	# random (not sequential) ip ids	# <randomipid>
151options		TCP_DROP_SYNFIN	# Drop TCP packets with SYN+FIN set	# <tcpdrop_synfin>
152options		ICMP_BANDLIM	# ICMP bandwidth limiting sysctl
153options		IFNET_INPUT_SANITY_CHK	# allow dlil/ifnet input sanity check # <ifnet_input_chk>
154options		SYSV_SEM	# SVID semaphores			# <sysv_sem>
155options		SYSV_MSG	# SVID messages				# <sysv_msg>
156options		SYSV_SHM	# SVID shared mem			# <sysv_shm>
157options		PSYNCH		# pthread synch				# <psynch>
158options		DEVELOPMENT	# dev kernel				# <development>
159
160# secure_kernel - secure kernel from user programs
161options     SECURE_KERNEL       # <secure_kernel> 
162
163options     OLD_SEMWAIT_SIGNAL  # old semwait_signal handler
164
165#
166#	4.4 general kernel 
167#
168options		SOCKETS		# socket support			# <inet, inet6, netat>
169options 	DIAGNOSTIC	# diagnostics				# <diagnostic>
170options		GPROF		# build profiling			# <profile>
171options		SENDFILE	# sendfile					# <sendfile>
172options		NETWORKING	# networking layer			# <inet, inet6, netat>
173options		CONFIG_FSE	# file system events		# <config_fse>
174options		CONFIG_IMAGEBOOT	# local image boot	# <config_imageboot>
175options		CONFIG_SOWUPCALL	# SB_UPCALL on sowwakeup	# <config_sowupcall>
176options		CONFIG_MBUF_JUMBO	# jumbo cluster pool	# <config_mbuf_jumbo>
177options		CONFIG_FORCE_OUT_IFP	# Enable IP_FORCE_OUT_IFP # <config_force_out_ifp>
178options		CONFIG_IFEF_NOWINDOWSCALE # Scale TCP window per driver # <config_ifef_nowindowscale>
179
180options		CONFIG_WORKQUEUE	# <config_workqueue>
181
182#
183#	4.4 filesystems 
184#
185options		FFS			# Fast Filesystem Support	# <ffs>
186options		HFS			# HFS/HFS+ support		# <hfs>
187options		FIFO		# fifo support			# <fifo>
188options		FDESC		# fdesc_fs support		# <fdesc>
189options		DEVFS		# devfs support			# <devfs>
190options		JOURNALING	# journaling support	# <journaling>
191options		HFS_COMPRESSION	# hfs compression	# <hfs_compression>
192options		CONFIG_HFS_STD	# hfs standard support	# <config_hfs_std>
193options		CONFIG_HFS_TRIM	# hfs trims unused blocks	# <config_hfs_trim>
194options		CONFIG_HFS_MOUNT_UNMAP	#hfs trims blocks at mount	# <config_hfs_mount_unmap>
195
196
197#
198#	file system features
199#
200options		QUOTA		# file system quotas		# <quota>
201options		REV_ENDIAN_FS	# Reverse Endian FS		# <revfs>
202options		NAMEDSTREAMS	# named stream vnop support	# <namedstreams>
203options		CONFIG_VOLFS	# volfs path support (legacy)	# <config_volfs>
204options		CONFIG_IMGSRC_ACCESS # source of imageboot dmg	# <config_imgsrc_access>
205options		CONFIG_TRIGGERS	# trigger vnodes		# <config_triggers>
206options		CONFIG_VFS_FUNNEL # thread unsafe vfs's	# <config_vfs_funnel>
207options		CONFIG_EXT_RESOLVER # e.g. memberd		# <config_ext_resolver>
208options		CONFIG_SEARCHFS	# searchfs syscall support	# <config_searchfs>
209
210#
211# NFS support
212#
213options		NFSCLIENT	# Be an NFS client		# <nfsclient>
214options		NFSSERVER	# Be an NFS server		# <nfsserver>
215
216#
217# AppleTalk Support
218#
219options		NETAT			# AppleTalk support				# <netat>
220#options		AURP_SUPPORT    # AppleTalk Update Routing      # <netat>
221
222#
223# Machine Independent Apple Features
224#
225options		KERNSERV	# kernel_server intarface	# <kernserv>
226options		MALLOCDEBUG	# kernel malloc debugging	# <mallocdebug>
227options		DRIVERKIT 	# driverkit support		# <driverkit>
228options		KERNOBJC	# Objective-C support		# <kernobjc>
229options		OBJCTEST	# Objc internal test		# <objctest>
230options		KERNEL_STACK	# MI kernel stack support	# <kernstack>
231profile						# build a profiling kernel	# <profile>
232
233#
234#  Point-to-Point Protocol support
235#
236pseudo-device ppp 2						# <ppp>
237
238#       
239# IPv6 Support
240#       
241options         "INET6"         		# kernel IPv6 Support           # <inet6>
242options         IPSEC                  		# IP security            	# <ipsec>
243options         IPSEC_ESP              		# IP security            	# <ipsec>
244options         "IPV6FIREWALL"         		# IPv6 Firewall Feature   	# <ipv6firewall>
245options         "IPV6FIREWALL_DEFAULT_TO_ACCEPT"	#IPv6 Firewall Feature   	# <ipv6firewall>
246#options         "IPV6FIREWALL_VERBOSE" 		#IPv6 Firewall Feature   	# <ipv6firewall>
247
248pseudo-device   gif     1		# <gif>
249pseudo-device   dummy   2		# <dummy>
250pseudo-device   stf 	1 		# <stf>
251
252options			crypto			# <ipsec,crypto>
253options			ALLCRYPTO		# <xlarge,large,medium>
254options			randomipid		# <inet,randomipid>
255
256options		ZLIB		# inflate/deflate support	# <zlib>
257
258options		IF_BRIDGE			# <if_bridge>
259
260makeoptions	LIBDRIVER = "libDriver_kern.o"			# <libdriver>
261makeoptions	LIBOBJC   = "libkobjc.o"			# <kernobjc>
262
263maxusers	64		# <xlarge>
264maxusers	50		# <large>
265maxusers	32		# <medium>
266maxusers	16		# <small>
267maxusers	8		# <xsmall>
268maxusers	2		# <bsmall>
269
270#
271#  Multi-processor selection
272#
273pseudo-device	cpus		64	# <multi64>
274pseudo-device	cpus		32	# <multi32>
275pseudo-device	cpus		16	# <multi16>
276pseudo-device	cpus		2	# <multi2>
277pseudo-device	cpus		1	# <!multi64,multi32,multi16,multi2>
278
279#
280#  configurable kernel event related resources 
281#
282options   CONFIG_KN_HASHSIZE=64		# <medium,large,xlarge>
283options   CONFIG_KN_HASHSIZE=48		# <small,xsmall>
284options   CONFIG_KN_HASHSIZE=20		# <bsmall>
285
286#
287#  configurable vfs related resources 
288#  CONFIG_VNODES - used to pre allocate vnode related resources 
289#  CONFIG_VNODE_FREE_MIN - mininmum number of free vnodes 
290#  CONFIG_NC_HASH - name cache hash table allocation
291#  CONFIG_VFS_NAMES - name strings
292#
293#  263168 magic number for medium CONFIG_VNODES is based on memory 
294#  Number vnodes  is (memsize/64k) + 1024 
295#  This is the calculation that is used by launchd in tiger
296#  we are clipping the max based on 16G 
297#  ie ((16*1024*1024*1024)/(64 *1024)) + 1024 = 263168;
298
299options   CONFIG_VNODES=263168		# <large,xlarge>
300options   CONFIG_VNODES=263168		# <medium>
301options   CONFIG_VNODES=10240		# <small>
302options   CONFIG_VNODES=750			# <bsmall>
303
304options   CONFIG_VNODE_FREE_MIN=500		# <large,xlarge>
305options   CONFIG_VNODE_FREE_MIN=300		# <medium>
306options   CONFIG_VNODE_FREE_MIN=200		# <small>
307options   CONFIG_VNODE_FREE_MIN=100		# <xsmall>
308options   CONFIG_VNODE_FREE_MIN=75		# <bsmall>
309
310options   CONFIG_NC_HASH=5120		# <large,xlarge>
311options   CONFIG_NC_HASH=4096		# <medium>
312options   CONFIG_NC_HASH=2048		# <small,xsmall>
313options   CONFIG_NC_HASH=1024		# <bsmall>
314
315options   CONFIG_VFS_NAMES=5120		# <large,xlarge>
316options   CONFIG_VFS_NAMES=4096		# <medium>
317options   CONFIG_VFS_NAMES=3072		# <small,xsmall>
318options   CONFIG_VFS_NAMES=2048		# <bsmall>
319
320options   CONFIG_MAX_CLUSTERS=8		# <xlarge,large,medium>
321options   CONFIG_MAX_CLUSTERS=4		# <small,xsmall,bsmall>
322
323#
324#  configurable kauth credential related resources 
325#
326options   KAUTH_CRED_PRIMES_COUNT=7		# <medium,large,xlarge>
327options   KAUTH_CRED_PRIMES_COUNT=3		# <bsmall,xsmall,small>
328
329options   KAUTH_CRED_PRIMES="{97, 241, 397, 743, 1499, 3989, 7499}"		# <medium,large,xlarge>
330options   KAUTH_CRED_PRIMES="{5, 17, 97}"								# <bsmall,xsmall,small>
331
332#
333#  configurable options for minumum number of buffers for kernel memory 
334#
335options   CONFIG_MIN_NBUF=256		# <medium,large,xlarge>
336options   CONFIG_MIN_NBUF=128		# <small>
337options   CONFIG_MIN_NBUF=80		# <xsmall>
338options   CONFIG_MIN_NBUF=64		# <bsmall>
339
340options   CONFIG_MIN_NIOBUF=128		# <medium,large,xlarge>
341options   CONFIG_MIN_NIOBUF=64		# <xsmall,small>
342options   CONFIG_MIN_NIOBUF=32		# <bsmall>
343
344#
345# set maximum space used for packet buffers
346#
347options        CONFIG_NMBCLUSTERS="((1024 * 1024) / MCLBYTES)"		# <large,xlarge>
348options        CONFIG_NMBCLUSTERS="((1024 * 512) / MCLBYTES)"		# <medium>
349options        CONFIG_NMBCLUSTERS="((1024 * 256) / MCLBYTES)"		# <bsmall,xsmall,small>
350
351#
352# Configure size of TCP hash table
353#
354options CONFIG_TCBHASHSIZE=4096		# <medium,large,xlarge>
355options CONFIG_TCBHASHSIZE=128		# <xsmall,small,bsmall>
356
357#
358# Configure bandwidth limiting sysctl
359#
360options CONFIG_ICMP_BANDLIM=250		# <medium,large,xlarge>
361options CONFIG_ICMP_BANDLIM=50		# <xsmall,small,bsmall>
362
363#
364#  configurable async IO options 
365#  CONFIG_AIO_MAX - system wide limit of async IO requests.
366#  CONFIG_AIO_PROCESS_MAX - process limit of async IO requests.
367#  CONFIG_AIO_THREAD_COUNT - number of async IO worker threads created.
368#
369options   CONFIG_AIO_MAX=360		# <xlarge>
370options   CONFIG_AIO_MAX=180		# <large>
371options   CONFIG_AIO_MAX=90			# <medium>
372options   CONFIG_AIO_MAX=45			# <small>
373options   CONFIG_AIO_MAX=20			# <xsmall>
374options   CONFIG_AIO_MAX=10			# <bsmall>
375
376options   CONFIG_AIO_PROCESS_MAX=64		# <xlarge>
377options   CONFIG_AIO_PROCESS_MAX=32		# <large>
378options   CONFIG_AIO_PROCESS_MAX=16		# <medium>
379options   CONFIG_AIO_PROCESS_MAX=12		# <small>
380options   CONFIG_AIO_PROCESS_MAX=8		# <xsmall>
381options   CONFIG_AIO_PROCESS_MAX=4		# <bsmall>
382
383options   CONFIG_AIO_THREAD_COUNT=16	# <xlarge>
384options   CONFIG_AIO_THREAD_COUNT=8		# <large>
385options   CONFIG_AIO_THREAD_COUNT=4		# <medium>
386options   CONFIG_AIO_THREAD_COUNT=3		# <small>
387options   CONFIG_AIO_THREAD_COUNT=2		# <xsmall,bsmall>
388
389#
390#  configurable kernel related resources (CONFIG_THREAD_MAX needs to stay in 
391#  sync with osfmk/conf/MASTER until we fix the config system...) todo XXX
392#
393options   CONFIG_THREAD_MAX=2560		# <medium,large,xlarge>
394options   CONFIG_THREAD_MAX=1536		# <small,xsmall>
395options   CONFIG_THREAD_MAX=1024		# <bsmall>
396
397options   CONFIG_MAXVIFS=32				# <medium,large,xlarge>
398options   CONFIG_MAXVIFS=16				# <small,xsmall>
399options   CONFIG_MAXVIFS=2				# <bsmall>
400
401options   CONFIG_MFCTBLSIZ=256			# <medium,large,xlarge>
402options   CONFIG_MFCTBLSIZ=128			# <small,xsmall>
403options   CONFIG_MFCTBLSIZ=16			# <bsmall>
404
405#
406# configurable kernel message buffer size
407#
408options   CONFIG_MSG_BSIZE=4096			# <bsmall,small,xsmall>
409options   CONFIG_MSG_BSIZE=16384		# <medium,large,xlarge>
410
411#
412#  configurable kernel - use these options to strip strings from panic
413#  and printf calls.
414#  no_panic_str - saves around 50K of kernel footprint.
415#  no_printf_str - saves around 45K of kernel footprint.
416#
417options   CONFIG_NO_PANIC_STRINGS		# <no_panic_str>
418options   CONFIG_NO_PRINTF_STRINGS		# <no_printf_str>
419options   CONFIG_NO_KPRINTF_STRINGS		# <no_kprintf_str>
420
421#
422# use finer-grained lock groups for the proc subsystem
423#
424options   CONFIG_FINE_LOCK_GROUPS               # <medium,large,xlarge>
425
426#
427# configurable kernel - general switch to say we are building for an
428# embedded device
429#
430options   CONFIG_EMBEDDED			# <config_embedded>
431
432# only execute signed code. Hang this off config_embedded since there's
433# nothing more appropriate right now
434#
435options   CONFIG_ENFORCE_SIGNED_CODE		# <config_embedded>
436
437# support dynamic signing of code
438#
439options		CONFIG_DYNAMIC_CODE_SIGNING	# <dynamic_codesigning>
440
441#
442# code decryption... used on embedded for app protection
443# must be set in all the bsd/conf and osfmk/conf MASTER files
444#
445#options		CONFIG_CODE_DECRYPTION	# <config_embedded>
446
447#
448# User Content Protection, used on embedded
449#
450options		CONFIG_PROTECT	# <config_protect>
451
452#
453# enable per-process memory priority tracking
454#
455options		CONFIG_MEMORYSTATUS				# <memorystatus>
456
457#
458# enable jetsam - used on embedded
459#
460options		CONFIG_JETSAM				# <jetsam>
461
462#
463# enable freezing of suspended processes - used on embedded
464#
465options		CONFIG_FREEZE					# <freeze>
466
467options		CHECK_CS_VALIDATION_BITMAP			# <config_cs_validation_bitmap>
468
469#
470# memory pressure event support
471# must be set in both bsd/conf and osfmk/conf MASTER files
472#
473options		VM_PRESSURE_EVENTS		# <vm_pressure_events>
474
475#
476#  Ethernet (ARP)
477#
478pseudo-device	ether			# <networking,inet,inet6,netat>
479#
480#  Network loopback device
481#
482pseudo-device	loop			# <networking,inet,inet6,netat>
483#
484#  UCB pseudo terminal service
485#
486pseudo-device  pty     512 init pty_init       # <xlarge>
487pseudo-device  pty     256 init pty_init       # <large>
488pseudo-device  pty     128 init pty_init       # <medium>
489pseudo-device  pty      48 init pty_init       # <small>
490pseudo-device  pty      16 init pty_init       # <xsmall>
491pseudo-device  pty       8 init pty_init       # <bsmall>
492#
493# Cloning pseudo terminal service
494#
495pseudo-device	ptmx	1 init ptmx_init
496
497#
498# vnode device
499#
500pseudo-device  vndevice	   16       init    vndevice_init   # <xlarge>
501pseudo-device  vndevice		8       init    vndevice_init   # <large>
502pseudo-device  vndevice		4       init    vndevice_init   # <medium>
503pseudo-device  vndevice		3       init    vndevice_init   # <small>
504pseudo-device  vndevice		2       init    vndevice_init   # <xsmall>
505pseudo-device  vndevice		2       init    vndevice_init   # <bsmall>
506
507#
508# memory device
509pseudo-device	mdevdevice	1	init	mdevinit
510
511#
512#
513# packet filter device
514#
515pseudo-device	bpfilter	4	init	bpf_init		# <networking,inet,inet6,netat>
516
517#
518# fsevents device
519pseudo-device	fsevents	1	init	fsevents_init	# <config_fse>
520
521#
522#  shim to "linux" mach disk drivers  (mach drivers must also be turned on)
523#
524# now using iokit disk shim, this is code is obsolete
525#pseudo-device diskshim
526
527pseudo-device	random		1	init	random_init
528