options(4) - NetBSD Manual Pages

OPTIONS(4)              NetBSD Kernel Interfaces Manual             OPTIONS(4)


NAME
options -- Miscellaneous kernel configuration options
SYNOPSIS
cinclude ... config ... [no] file-system ... ident ... include ... [no] makeoptions ... maxusers ... [no] options ... [no] pseudo-device ...
DESCRIPTION
This manual page describes a number of miscellaneous kernel configuration options that may be specified in a kernel config file. See config(1) and config(5) for information on how to configure and build kernels. The no form removes a previously specified option. Keywords The following keywords are recognized in a kernel configuration file: cinclude "filename" Conditionally includes another kernel configuration file whose name is filename, which may be double-quoted and may be an explicit path or rela- tive to the kernel source directory. Failure to open the named file is ignored. config exec_name root on rootdev [type fstype] [dumps on dumpdev] Defines a configuration whose kernel executable is named exec_name, nor- mally ``netbsd'', with its root file system of type fstype on the device rootdev, and optionally specifying the location of kernel core dumps on the device dumpdev. dev or dumpdev and fstype may be specified as ``?'', which is a wild card. The root fstype and dumpdev are optional and assumed to be wild carded if they are not specified. device_instance at attachment [locators value [...]] [flags value] Define an instance of the device driver device_instance that attaches to the bus or device named attachment. An attachment may require additional information on where the device can be found, such as an address, chan- nel, function, offset, and/or slot, referred to as locators, whose value often may be a wild card, ``?''. Some device drivers have one or more flags that can be adjusted to affect the way they operate. file-system fs_name [, fs_name [...]] Include support for the file-system fs_name. ident "string" Sets the kernel identification string to string. include "filename" Functions the same as cinclude, except failure to open filename produces a fatal error. options option_name [, option_name=value [...]] Specifies (or sets) the option, or comma-separated list of options, option_name. Some options expect to be assigned a value, which may be an integer, a double-quoted word, a bare word, or an empty string (""). Note that those are eventually handled by the C compiler, so the rules of that language apply. Note: Options that are not defined by device definition files are passed to the compile process as -D flags to the C compiler. makeoptions name=value Defines a make(1) macro name with the value value in the kernel Makefile. maxusers integer Set the maxusers variable in the kernel. no keyword name [arguments [...]] For the config(1) keywords file-system, makeoptions, options, and pseudo- device, no removes the file-system, makeoption, options, or pseudo- device, name. This is useful when a kernel configuration file includes another which has undesired options. For example, a local configuration file that wanted the kitchen sink, but not COMPAT_09 or bridging, might be: include "arch/i386/conf/GENERIC" no options COMPAT_09 no pseudo-device bridge pseudo-device name [N] Includes support for the pseudo-device name. Some pseudo-devices can have multiple or N instances. Compatibility Options options COMPAT_09 Enable binary compatibility with NetBSD 0.9. This enables support for 16-bit user, group, and process IDs (following revisions support 32-bit identifiers). It also allows the use of the deprecated getdomainname(3), setdomainname(3), and uname(3) syscalls. This option also allows using numeric file system identifiers rather than strings. Post NetBSD 0.9 versions use string identifiers. options COMPAT_10 Enable binary compatibility with NetBSD 1.0. This option allows the use of the file system name of ``ufs'' as an alias for ``ffs''. The name ``ffs'' should be used post 1.0 in /etc/fstab and other files. It also adds old syscalls for the AT&T System V UNIX shared memory interface. This was changed post 1.0 to work on 64-bit architectures. This option also enables ``sgtty'' compatibility, without which programs using the old interface produce an ``inappropriate ioctl'' error, and /dev/io only works when this option is set in the kernel, see io(4) on ports that sup- port it. options COMPAT_11 Enable binary compatibility with NetBSD 1.1. This allows binaries run- ning on the i386 port to gain direct access to the io ports by opening /dev/io read/write. This functionality was replaced by i386_iopl(2) post 1.1. On the Atari port, the location of the disk label was moved after 1.1. When the COMPAT_11 option is set, the kernel will read (pre) 1.1 style disk labels as a last resort. When a disk label is re-written, the old style label will be replaced with a post 1.1 style label. This also enables the EXEC_ELF_NOTELESS option. options COMPAT_12 Enable binary compatibility with NetBSD 1.2. This allows the use of old syscalls for reboot() and swapon(). The syscall numbers were changed post 1.2 to add functionality to the reboot(2) syscall, and the new swapctl(2) interface was introduced. This also enables the EXEC_ELF_NOTELESS option. options COMPAT_13 Enable binary compatibility with NetBSD 1.3. This allows the use of old syscalls for sigaltstack(), and also enables the old swapctl(2) command SWAP_STATS (now called SWAP_OSTATS), which does not include the se_path member of struct swapent. options COMPAT_14 Enable binary compatibility with NetBSD 1.4. This allows some old ioctl(2) on wscons(4) to be performed, and allows the NFSSVC_BIOD mode of the nfssvc(2) system call to be used for compatibility with the depre- cated nfsiod program. options COMPAT_15 Enable binary compatibility with NetBSD 1.5. Since there were no API changes from NetBSD 1.5 and NetBSD 1.6, this option does nothing. options COMPAT_16 Enable binary compatibility with NetBSD 1.6. This allows the use of old signal trampoline code which has been deprecated with the addition of siginfo(2). options COMPAT_20 Enable binary compatibility with NetBSD 2.0. This allows the use of old syscalls for statfs(), fstatfs(), getfsstat() and fhstatfs(), which have been deprecated with the addition of the statvfs(2), fstatvfs(2), getvfsstat(2) and fhstatvfs(2) system calls. options COMPAT_30 Enable binary compatibility with NetBSD 3.0. See compat_30(8) for details about the changes made after the NetBSD 3.0 release. options COMPAT_43 Enables compatibility with 4.3BSD. This adds an old syscall for lseek(2). It also adds the ioctls for TIOCGETP and TIOCSETP. The return values for getpid(2), getgid(2), and getuid(2) syscalls are modified as well, to return the parent's PID and UID as well as the current process's. It also enables the deprecated NTTYDISC terminal line disci- pline. It also provides backwards compatibility with ``old'' SIOC[GS]IF{ADDR,DSTADDR,BRDADDR,NETMASK} interface ioctls, including binary compatibility with code written before the introduction of the sa_len field in sockaddrs. It also enables support for some older pre 4.4BSD socket calls. options COMPAT_BSDPTY This option is currently on by default and enables the pty multiplexer ptm(4) and ptmx(4) to find and use ptys named /dev/ptyXX (master) and /dev/ttyXX (slave). Eventually this option will become optional as ptyfs based pseudo-ttys become the default, see mount_ptyfs(8). options COMPAT_SVR4 On those architectures that support it, this enables binary compatibility with AT&T System V.4 UNIX applications built for the same architecture. This currently includes the i386, m68k, and sparc ports. options COMPAT_LINUX On those architectures that support it, this enables binary compatibility with Linux ELF and a.out(5) applications built for the same architecture. This currently includes the alpha, arm, i386, m68k, mips, powerpc and x86_64 ports. options COMPAT_LINUX32 On those 64 bit architectures that support it, this enables binary com- patibility with 32 bit Linux binaries. For now this is limited to run- ning i386 ELF Linux binaries on amd64. options COMPAT_SUNOS On those architectures that support it, this enables binary compatibility with SunOS 4.1 applications built for the same architecture. This cur- rently includes the sparc, sparc64 and most or all m68k ports. Note that the sparc64 requires the COMPAT_NETBSD32 option for 64-bit kernels, in addition to this option. options COMPAT_ULTRIX On those architectures that support it, this enables binary compatibility with ULTRIX applications built for the same architecture. This currently is limited to the pmax. The functionality of this option is unknown. options COMPAT_DARWIN On those architectures that support it, this enables binary compatibility with Darwin applications built for the same architecture. This feature is highly experimental, it requires COMPAT_MACH and EXEC_MACHO and it is currently limited to i386 and powerpc ports of NetBSD. options COMPAT_FREEBSD On those architectures that support it, this enables binary compatibility with FreeBSD applications built for the same architecture. At the moment this is limited to the i386 port. options COMPAT_IBCS2 On those architectures that support it, this enables binary compatibility with iBCS2 or SVR3 applications built for the same architecture. This is currently limited to the i386 and vax ports. options COMPAT_IRIX On those architectures that support it, this enables binary compatibility with IRIX o32 binaries built for the same architecture. This feature is experimental, and it is currently limited to the sgimips port. options COMPAT_MACH On those architectures that support it, this enables the emulation of Mach kernel traps for binaries built for the same architecture. This feature is highly experimental and it is currently limited to the i386 and powerpc ports of NetBSD. options COMPAT_OSF1 On those architectures that support it, this enables binary compatibility with Digital UNIX (formerly OSF/1) applications built for the same archi- tecture. This is currently limited to the alpha port. options COMPAT_NOMID Enable compatibility with a.out(5) executables that lack a machine ID. This includes NetBSD 0.8's ZMAGIC format, and 386BSD and BSDI's QMAGIC, NMAGIC, and OMAGIC a.out(5) formats. options COMPAT_NETBSD32 On those architectures that support it, this enables binary compatibility with 32-bit applications built for the same architecture. This is cur- rently limited to the amd64 and sparc64 ports, and only applicable for 64-bit kernels. options COMPAT_SVR4_32 On those architectures that support it, this enables binary compatibility with 32-bit SVR4 applications built for the same architecture. This is currently limited to the sparc64 port, and only applicable for 64-bit kernels. options COMPAT_AOUT_M68K On m68k architectures which have switched to ELF, this enables binary compatibility with NetBSD/m68k a.out(5) executables on NetBSD/m68k ELF kernels. This handles alignment incompatibility of m68k ABI between a.out and ELF which causes the structure padding differences. Currently only some system calls which use struct stat are adjusted and some bina- ries which use sysctl(3) to retrieve network details would not work prop- erly. options EXEC_MACHO On those architectures that support it, this adds support for running Mach-O executables. This is currently limited to the i386 and powerpc ports of NetBSD. options EXEC_ELF_NOTELESS Run unidentified ELF binaries as NetBSD binaries. This might be needed for very old NetBSD ELF binaries on some archs. These old binaries didn't contain an appropriate .note.netbsd.ident section, and thus can't be identified by the kernel as NetBSD binaries otherwise. Beware - if this option is on, the kernel would run any unknown ELF binaries as if they were NetBSD binaries. options P1003_1B_SEMAPHORE Includes kernel support for the standard C library (libc) functions that implement semaphores as specified in ISO/IEC 9945-1:1996 (``POSIX.1''). Debugging Options options DDB Compiles in a kernel debugger for diagnosing kernel problems. See ddb(4) for details. NOTE: not available on all architectures. options DDB_FROMCONSOLE=integer If set to non-zero, DDB may be entered by sending a break on a serial console or by a special key sequence on a graphics console. A value of "0" ignores console breaks or key sequences. If not explicitly speci- fied, the default value is "1". Note that this sets the value of the ddb.fromconsole sysctl(3) variable which may be changed at run time -- see sysctl(8) for details. options DDB_HISTORY_SIZE=integer If this is non-zero, enable history editing in the kernel debugger and set the size of the history to this value. options DDB_ONPANIC The default if not specified is ``1'' - just enter into DDB. If set to ``2'' the kernel will attempt to print out a stack trace before entering into DDB. If set to ``0'' the kernel will attempt to print out a stack trace and reboot the system. If set to ``-1'' then neither a stack trace is printed or DDB entered - it is as if DDB were not compiled into the kernel. Note that this sets the value of the ddb.onpanic sysctl(3) vari- able which may be changed at run time -- see sysctl(8) for details. options DDB_COMMANDONENTER=string This option specify commands which will be executed on each entry to DDB. This sets the default value of the ddb.commandonenter sysctl(3) variable which may be changed at run time. options DDB_BREAK_CHAR=integer This option overrides using break to enter the kernel debugger on the serial console. The value given is the ASCII value to be used instead. This is currently only supported by the com driver. options DDB_VERBOSE_HELP This option adds more verbose descriptions to the help command. options KGDB Compiles in a remote kernel debugger stub for diagnosing kernel problems using the ``remote target'' feature of gdb. See gdb(1) for details. NOTE: not available on all architectures. options KGDB_DEV Device number (as a dev_t) of kgdb device. options KGDB_DEVADDR Memory address of kgdb device. options KGDB_DEVMODE Permissions of kgdb device. options KGDB_DEVNAME Device name of kgdb device. options KGDB_DEVRATE Baud rate of kgdb device. makeoptions DEBUG="-g" The -g flag causes netbsd.gdb to be built in addition to netbsd. netbsd.gdb is useful for debugging kernel crash dumps with gdb. See gdb(1) for details. This also turns on options DEBUG (which see). options DEBUG Turns on miscellaneous kernel debugging. Since options are turned into preprocessor defines (see above), options DEBUG is equivalent to doing a #define DEBUG throughout the kernel. Much of the kernel has #ifdef DEBUG conditionalized debugging code. Note that many parts of the kernel (typ- ically device drivers) include their own #ifdef XXX_DEBUG conditionals instead. This option also turns on certain other options, which may decrease system performance. options DIAGNOSTIC Adds code to the kernel that does internal consistency checks. This code will cause the kernel to panic if corruption of internal data structures is detected. These checks can decrease performance up to 15%. options KSTACK_CHECK_MAGIC Check kernel stack usage and panic if stack overflow is detected. This check is performance sensitive because it scans stack on each context switch. options KTRACE Add hooks for the system call tracing facility, which allows users to watch the system call invocation behavior of processes. See ktrace(1) for details. options MSGBUFSIZE=integer This option sets the size of the kernel message buffer. This buffer holds the kernel output of printf() when not (yet) read by syslogd(8). This is particularly useful when the system has crashed and you wish to lookup the kernel output from just before the crash. Also, since the autoconfig output becomes more and more verbose, it sometimes happens that the message buffer overflows before syslogd(8) was able to read it. Note that not all systems are capable of obtaining a variable sized mes- sage buffer. There are also some systems on which memory contents are not preserved across reboots. options MALLOCLOG Enables an event log for malloc(9). Useful for tracking down ``Data modified on freelist'' and ``multiple free'' problems. options MALLOCLOGSIZE=integer Defines the number of entries in the malloc log. Default is 100000 entries. options UVMHIST Enables the UVM history logs, which create in-memory traces of various UVM activities. These logs can be displayed by calling uvmhist_dump() or uvm_hist() with appropriate arguments from DDB. See the kernel source file sys/uvm/uvm_stat.c for details. options UVMHIST_PRINT Prints the UVM history logs on the system console as entries are added. Note that the output is extremely voluminous, so this option is really only useful for debugging the very earliest parts of kernel initializa- tion. File Systems file-system FFS Includes code implementing the Berkeley Fast File System (FFS). Most machines need this if they are not running diskless. file-system EXT2FS Includes code implementing the Second Extended File System (EXT2FS), revision 0 and revision 1 with the filetype and sparse_super options. This is the most commonly used file system on the Linux operating system, and is provided here for compatibility. Some of the specific features of EXT2FS like the "behavior on errors" are not implemented. This file sys- tem can't be used with UID or GID greater than 65535. See mount_ext2fs(8) for details. file-system LFS [EXPERIMENTAL] Include the Log-structured File System (LFS). See mount_lfs(8) and newfs_lfs(8) for details. file-system MFS Include the Memory File System (MFS). This file system stores files in swappable memory, and produces notable performance improvements when it is used as the file store for /tmp and similar file systems. See mount_mfs(8) for details. file-system NFS Include the client side of the Network File System (NFS) remote file sharing protocol. Although the bulk of the code implementing NFS is ker- nel based, several user level daemons are needed for it to work. See mount_nfs(8) for details. file-system CD9660 Includes code for the ISO 9660 + Rock Ridge file system, which is the standard file system on many CD-ROM discs. Useful primarily if you have a CD-ROM drive. See mount_cd9660(8) for details. file-system MSDOSFS Includes the MS-DOS FAT file system, which is reportedly still used by unfortunate people who have not heard about NetBSD. Also implements the Windows 95 extensions to the same, which permit the use of longer, mixed case file names. See mount_msdos(8) and fsck_msdos(8) for details. file-system NTFS [EXPERIMENTAL] Includes code for the Microsoft Windows NT file system. See mount_ntfs(8) for details. file-system FDESC Includes code for a file system, conventionally mounted on /dev/fd, which permits access to the per-process file descriptor space via special files in the file system. See mount_fdesc(8) for details. Note that this facility is redundant, and thus unneeded on most NetBSD systems, since the fd(4) pseudo-device driver already provides identical functionality. On most NetBSD systems, instances of fd(4) are mknoded under /dev/fd/ and on /dev/stdin, /dev/stdout, and /dev/stderr. file-system KERNFS Includes code which permits the mounting of a special file system (nor- mally mounted on /kern) in which files representing various kernel vari- ables and parameters may be found. See mount_kernfs(8) for details. file-system NULLFS Includes code for a loopback file system. This permits portions of the file hierarchy to be re-mounted in other places. The code really exists to provide an example of a stackable file system layer. See mount_null(8) for details. file-system OVERLAY Includes code for a file system filter. This permits the overlay file system to intercept all access to an underlying file system. This file system is intended to serve as an example of a stacking file system which has a need to interpose itself between an underlying file system and all other access. See mount_overlay(8) for details. file-system PORTAL [EXPERIMENTAL] Includes the portal file system. This permits interesting tricks like opening TCP sockets by opening files in the file system. The portal file system is conventionally mounted on /p and is partially implemented by a special daemon. See mount_portal(8) for details. file-system PROCFS Includes code for a special file system (conventionally mounted on /proc) in which the process space becomes visible in the file system. Among other things, the memory spaces of processes running on the system are visible as files, and signals may be sent to processes by writing to ctl files in the procfs namespace. See mount_procfs(8) for details. file-system UDF [EXPERIMENTAL] Includes code for the UDF file system commonly found on CD and DVD media but also more and more on USB sticks. Useful primarily if you have a CD or a DVD drive, be it a read-only or a rewritable device. Currently only supports read-access. See mount_udf(8) for details. file-system UMAPFS Includes a loopback file system in which user and group IDs may be remapped -- this can be useful when mounting alien file systems with dif- ferent UIDs and GIDs than the local system. See mount_umap(8) for details. file-system UNION [EXPERIMENTAL] Includes code for the union file system, which permits directories to be mounted on top of each other in such a way that both file systems remain visible -- this permits tricks like allowing writing (and the deleting of files) on a read-only file system like a CD-ROM by mounting a local writable file system on top of the read-only file sys- tem. See mount_union(8) for details. file-system CODA [EXPERIMENTAL] Includes code for the Coda file system. Coda is a dis- tributed file system like NFS and AFS. It is freely available, like NFS, but it functions much like AFS in being a ``stateful'' file system. Both Coda and AFS cache files on your local machine to improve performance. Then Coda goes a step further than AFS by letting you access the cached files when there is no available network, viz. disconnected laptops and network outages. In Coda, both the client and server are outside the kernel which makes them easier to experiment with. Coda is available for several UNIX and non-UNIX platforms. See http://www.coda.cs.cmu.edu for more details. NOTE: You also need to enable the pseudo-device, vcoda, for the Coda file system to work. file-system SMBFS [EXPERIMENTAL] Includes code for the SMB/CIFS file system. See mount_smbfs(8) for details. NOTE: You also need to enable the pseudo- device, nsmb, for the SMB file system to work. file-system PTYFS [EXPERIMENTAL] Includes code for a special file system (normally mounted on /dev/pts) in which pseudo-terminal slave devices become visible in the file system. See mount_ptyfs(8) for details. file-system TMPFS Includes code for the efficient memory file system, normally used over /tmp. See mount_tmpfs(8) for details. file-system PUFFS [EXPERIMENTAL] Includes kernel support for the pass-to-userspace frame- work file system. It can be used to implement file system functionality in userspace. See puffs(3) and puffs(4) for more details. This option is required for sshfs: mount_psshfs(8). File System Options options MAGICLINKS Enables the expansion of special strings (beginning with ``@'') when traversing symbolic links. See symlink(7) for a list of supported strings. Note that this option only controls the enabling of this fea- ture by the kernel at boot-up. This feature can still be manipulated with the sysctl(8) command regardless of the setting of this option. options NFSSERVER Include the server side of the NFS (Network File System) remote file sharing protocol. Although the bulk of the code implementing NFS is ker- nel based, several user level daemons are needed for it to work. See mountd(8) and nfsd(8) for details. options QUOTA Enables kernel support for file system quotas. See quotaon(8), edquota(8), and quota(1) for details. Note that quotas only work on ``ffs'' file systems, although rpc.rquotad(8) permits them to be accessed over NFS. options FFS_EI Enable ``Endian-Independent'' FFS support. This allows a system to mount an FFS file system created for another architecture, at a small perfor- mance cost for all FFS file systems. See also newfs(8), fsck_ffs(8), dumpfs(8) for file system byte order status and manipulation. options FFS_NO_SNAPSHOT Disable the ``file system snapshot'' support in FFS file systems. Maybe useful for install media kernels, small memory systems and embedded sys- tems which don't require the snapshot support. options WAPBL Enable ``Write Ahead Physical Block Logging file system journaling''. This provides rapid file system consistency checking after a system out- age. It also provides better general use performance over regular FFS. See also wapbl(4). options NVNODE=integer This option sets the size of the cache used by the name-to-inode transla- tion routines, (a.k.a. the namei() cache, though called by many other names in the kernel source). By default, this cache has NPROC (set as 20 + 16 * MAXUSERS) * (80 + NPROC / 8) entries. A reasonable way to derive a value of NVNODE, should you notice a large number of namei cache misses with a tool such as systat(1), is to examine your system's current com- puted value with sysctl(8), (which calls this parameter "kern.maxvnodes") and to increase this value until either the namei cache hit rate improves or it is determined that your system does not benefit substantially from an increase in the size of the namei cache. options NAMECACHE_ENTER_REVERSE Causes the namei cache to always enter a reverse mapping (vnode -> name) as well as a normal one. Normally, this is already done for directory vnodes, to speed up the getcwd operation. This option will cause longer hash chains in the reverse cache, and thus slow down getcwd somewhat. However, it does make vnode -> path translations possible in some cases. For now, only useful if strict /proc/#/maps emulation for Linux binaries is required. options EXT2FS_SYSTEM_FLAGS This option changes the behavior of the APPEND and IMMUTABLE flags for a file on an EXT2FS file system. Without this option, the superuser or owner of the file can set and clear them. With this option, only the superuser can set them, and they can't be cleared if the securelevel is greater than 0. See also chflags(1) and secmodel_securelevel(9). options NFS_BOOT_BOOTP Enable use of the BOOTP protocol (RFCs 951 and 1048) to get configuration information if NFS is used to mount the root file system. See diskless(8) for details. options NFS_BOOT_DHCP Same as ``NFS_BOOT_BOOTP'', but use the DHCP extensions to the BOOTP pro- tocol (RFC 1541). options NFS_BOOT_BOOTP_REQFILE Specifies the string sent in the bp_file field of the BOOTP / DHCP request packet. options NFS_BOOT_BOOTPARAM Enable use of the BOOTPARAM protocol, consisting of RARP and BOOTPARAM RPC, to get configuration information if NFS is used to mount the root file system. See diskless(8) for details. options NFS_BOOT_RWSIZE=value Set the initial NFS read and write sizes for diskless-boot requests. The normal default is 8Kbytes. This option provides a way to lower the value (e.g., to 1024 bytes) as a workaround for buggy network interface cards or boot PROMs. Once booted, the read and write request sizes can be increased by remounting the file system. See mount_nfs(8) for details. options NFS_V2_ONLY Reduce the size of the NFS client code by omitting code that's only required for NFSv3 and NQNFS support, leaving only that code required to use NFSv2 servers. options SOFTDEP Enable kernel support for soft-dependencies in FFS file systems. Softdep improves write performance by aggregating and properly ordering disk metadata writes, achieving near-asynchronous write performance while maintaining the file system consistency of synchronous writes. Soft- dependencies are enabled on a per-mount basis. See mount(8) for details. options UFS_DIRHASH Increase lookup performance by maintaining in-core hash tables for large directories. Buffer queue strategy options The following options enable alternative buffer queue strategies. options BUFQ_READPRIO Enable experimental buffer queue strategy for disk I/O. In the default strategy, outstanding disk requests are ordered by sector number and sent to the disk, regardless of whether the operation is a read or write; this option gives priority to issuing read requests over write requests. Although requests may therefore be issued out of sector-order, causing more seeks and thus lower overall throughput, interactive system respon- siveness under heavy disk I/O load may be improved, as processes blocking on disk reads are serviced sooner (file writes typically don't cause applications to block). The performance effect varies greatly depending on the hardware, drive firmware, file system configuration, workload, and desired performance trade-off. Systems using drive write-cache (most modern IDE disks, by default) are unlikely to benefit and may well suf- fer; such disks acknowledge writes very quickly, and optimize them inter- nally according to physical layout. Giving these disks as many requests to work with as possible (the standard strategy) will typically produce the best results, especially if the drive has a large cache; the drive will silently complete writes from cache as it seeks for reads. Disks that support a large number of concurrent tagged requests (SCSI disks and many hardware RAID controllers) expose this internal scheduling with tagged responses, and don't block for reads; such disks may not see a noticeable difference with either strategy. However, if IDE disks are run with write-cache disabled for safety, writes are not acknowledged until actually completed, and only one request can be outstanding; a large number of small writes in one locality can keep the disk busy, starving reads elsewhere on the disk. Such systems are likely to see the most benefit from this option. Finally, the performance interaction of this option with ffs soft dependencies can be subtle, as that mechanism can drastically alter the workload for file system metadata writes. options BUFQ_PRIOCSCAN Enable another buffer queue strategy for disk I/O, per-priority cyclical scan. options NEW_BUFQ_STRATEGY Synonym of BUFQ_READPRIO. Miscellaneous Options options LKM Enable loadable kernel modules. See lkm(4) for details. NOTE: not available on all architectures. options MEMORY_DISK_DYNAMIC This option makes the md(4) RAM disk size dynamically sized. It is incompatible with mdsetimage(8). options MEMORY_DISK_HOOKS This option allows for some machine dependent functions to be called when the md(4) RAM disk driver is configured. This can result in automati- cally loading a RAM disk from floppy on open (among other things). options MEMORY_DISK_IS_ROOT Forces the md(4) RAM disk to be the root device. This can only be over- ridden when the kernel is booted in the 'ask-for-root' mode. options MEMORY_DISK_ROOT_SIZE=integer Allocates the given number of 512 byte blocks as memory for the md(4) RAM disk, to be populated with mdsetimage(8). options MEMORY_DISK_SERVER=0 Do not include the interface to a userland memory disk server process. Per default, this option is set to 1, including the support code. Useful for install media kernels. options MODULAR Enables the new framework for kernel modules, which will eventually replace LKMs. This adds an in-kernel linker and loader, and requires userland support to be useful. See the MKMODULAR variable in mk.conf(5) for more details. options VND_COMPRESSION Enables the vnd(4) driver to also handle compressed images. See vndcompress(1), vnd(4) and vnconfig(8) for more information. options TFTPROOT Download the root memory disk through TFTP at root mount time. This enables the use of a root RAM disk without requiring it to be embedded in the kernel using mdsetimage(8). The RAM disk name is obtained using DHCP's filename parameter. This option requires MEMORY_DISK_HOOKS, MEMORY_DISK_DYNAMIC, and MEMORY_DISK_IS_ROOT. It is incompatible with MEMORY_DISK_ROOT_SIZE. options MALLOC_NOINLINE Time critical fixed size memory allocation is performed with MALLOC() and FREE(). Normally these expand to inline code, but with MALLOC_NOINLINE these call the normal malloc() and free() functions. Useful for install media kernels, small memory systems and embedded systems. options HZ=integer On ports that support it, set the system clock frequency (see hz(9)) to the supplied value. Handle with care. options NTP Turns on in-kernel precision timekeeping support used by software imple- menting NTP (Network Time Protocol, RFC 1305). The NTP option adds an in-kernel Phase-Locked Loop (PLL) for normal NTP operation, and a Fre- quency-Locked Loop (FLL) for intermittently-connected operation. ntpd(8) will employ a user-level PLL when kernel support is unavailable, but the in-kernel version has lower latency and more precision, and so typically keeps much better time. The interface to the kernel NTP support is pro- vided by the ntp_adjtime(2) and ntp_gettime(2) system calls, which are intended for use by ntpd(8) and are enabled by the option. On systems with sub-microsecond resolution timers, or where (HZ / 100000) is not an integer, the NTP option also enables extended-precision arithmetic to keep track of fractional clock ticks at NTP time-format precision. options PPS_SYNC This option enables a kernel serial line discipline for receiving time phase signals from an external reference clock such as a radio clock. (The NTP option (which see) must be on if the PPS_SYNC option is used.) Some reference clocks generate a Pulse Per Second (PPS) signal in phase with their time source. The PPS line discipline receives this signal on either the data leads or the DCD control lead of a serial port. NTP uses the PPS signal to discipline the local clock oscillator to a high degree of precision (typically less than 50 microseconds in time and 0.1 ppm in accuracy). PPS can also generate a serial output pulse when the system receives a PPS interrupt. This can be used to measure the system inter- rupt latency and thus calibrate NTP to account for it. Using PPS usually requires a gadget box to convert from TTL to RS-232 signal levels. The gadget box and PPS are described in more detail in the HTML documentation for ntpd(8) in /usr/share/doc/html/ntp. options SETUIDSCRIPTS Allows scripts with the setuid bit set to execute as the effective user rather than the real user, just like binary executables. NOTE: Using this option will also enable options FDSCRIPTS options FDSCRIPTS Allows execution of scripts with the execute bit set, but not the read bit, by opening the file and passing the file descriptor to the shell, rather than the filename. NOTE: Execute only (non-readable) scripts will have argv[0] set to /dev/fd/*. What this option allows as far as security is concerned, is the ability to safely ensure that the correct script is run by the inter- preter, as it is passed as an already open file. options PUCCN Enables treating serial ports found on PCI boards puc(4) as potential console devices. The method for choosing such a console device is port dependent. options RTC_OFFSET=integer The kernel (and typically the hardware battery backed-up clock on those machines that have one) keeps time in UTC (Universal Coordinated Time, once known as GMT, or Greenwich Mean Time) and not in the time of the local time zone. The RTC_OFFSET option is used on some ports (such as the i386) to tell the kernel that the hardware clock is offset from UTC by the specified number of minutes. This is typically used when a machine boots several operating systems and one of them wants the hard- ware clock to run in the local time zone and not in UTC, e.g. RTC_OFFSET=300 means the hardware clock is set to US Eastern Time (300 minutes behind UTC), and not UTC. (Note: RTC_OFFSET is used to initial- ize a kernel variable named rtc_offset which is the source actually used to determine the clock offset, and which may be accessed via the kern.rtc_offset sysctl variable. See sysctl(8) and sysctl(3) for details. Since the kernel clock is initialized from the hardware clock very early in the boot process, it is not possible to meaningfully change rtc_offset in system initialization scripts. Changing this value cur- rently may only be done at kernel compile time or by patching the kernel and rebooting). NOTE: Unfortunately, in many cases where the hardware clock is kept in local time, it is adjusted for Daylight Savings Time; this means that attempting to use RTC_OFFSET to let NetBSD coexist with such an operating system, like Windows, would necessitate changing RTC_OFFSET twice a year. As such, this solution is imperfect. options KMEMSTATS The kernel memory allocator, malloc(9), will keep statistics on its per- formance if this option is enabled. Unfortunately, this option therefore essentially disables the MALLOC() and FREE() forms of the memory alloca- tor, which are used to enhance the performance of certain critical sec- tions of code in the kernel. This option therefore can lead to a signif- icant decrease in the performance of certain code in the kernel if enabled. Examples of such code include the namei() routine, the ccd(4) driver, and much of the networking code. options MAXUPRC=integer Sets the soft RLIMIT_NPROC resource limit, which specifies the maximum number of simultaneous processes a user is permitted to run, for process 0; this value is inherited by its child processes. It defaults to CHILD_MAX, which is currently defined to be 160. Setting MAXUPRC to a value less than CHILD_MAX is not permitted, as this would result in a violation of the semantics of ISO/IEC 9945-1:1990 (``POSIX.1''). options NOFILE=integer Sets the soft RLIMIT_NOFILE resource limit, which specifies the maximum number of open file descriptors for each process; this value is inherited by its child processes. It defaults to OPEN_MAX, which is currently defined to be 64. options MAXFILES=integer Sets the default value of the kern.maxfiles sysctl variable, which indi- cates the maximum number of files that may be open in the system. options DEFCORENAME=string Sets the default value of the kern.defcorename sysctl variable, otherwise it is set to %n.core. See sysctl(8) and sysctl(3) for details. options RASOPS_CLIPPING Enables clipping within the rasops raster-console output system. NOTE: only available on architectures that use rasops for console output. options RASOPS_SMALL Removes optimized character writing code from the rasops raster-console output system. NOTE: only available on architectures that use rasops for console output. options INCLUDE_CONFIG_FILE Embeds the kernel config file used to define the kernel in the kernel binary itself. The embedded data also includes any files directly included by the config file itself, e.g. GENERIC.local or std.$MACHINE. The embedded config file can be extracted from the resulting kernel with config(1) -x, or by the following command: strings netbsd | sed -n 's/^_CFG_//p' | unvis options INCLUDE_JUST_CONFIG Similar to the above option, but includes just the actual config file, not any included files. options PIPE_SOCKETPAIR Use slower, but smaller socketpair(2)-based pipe implementation instead of default faster, but bigger one. Primarily useful for installation kernels. options USERCONF Compiles in the in-kernel device configuration manager. See userconf(4) for details. options PERFCTRS Compiles in kernel support for CPU performance-monitoring counters. See pmc(1) for details. NOTE: not available on all architectures. options SYSCALL_STATS Count the number of times each system call number is called. The values can be read through the sysctl interface and displayed using systat(1). NOTE: not yet available on all architectures. options SYSCALL_TIMES Count the time spent (using cpu_counter32()) in each system call. NOTE: Using this option will also enable options SYSCALL_STATS. options SYSCALL_TIMES_HASCOUNTER Force use of cpu_counter32() even if cpu_hascounter() reports false. Useful for systems where the cycle counter doesn't run at a constant rate (e.g. Soekris boxes). options XSERVER Compiles in kernel support for X11 on architectures that still use (or can use) the legacy pccons console drivers rather than wscons(4). These include bebox, i386, shark. options XSERVER_DDB A supplement to XSERVER that adds support for entering ddb(4) while in X11. options FILEASSOC Support for fileassoc(9). options FILEASSOC_NHOOKS=integer Number of storage slots per file for fileassoc(9). Default is 4. options I2C_SCAN Scan each i2c bus to determine which addresses respond. WARNING! Using this option can access some devices in such a manner as to leave them in an unstable or unuseable state, and can prevent those devices from being properly matched and/or attached. It can also lock up the entire i2c bus and even prevent a machine from completing the boot process. Don't use this option unless you know what you're doing and can accept all sorts of unforseen consequences. Networking Options options GATEWAY Enables IPFORWARDING (which see) and (on most ports) increases the size of NMBCLUSTERS (which see). In general, GATEWAY is used to indicate that a system should act as a router, and IPFORWARDING is not invoked directly. (Note that GATEWAY has no impact on protocols other than IP, such as CLNP or XNS). GATEWAY option also compiles IPv4 and IPv6 fast forwarding code into the kernel. options ICMPPRINTFS The ICMPPRINTFS option will enable debugging information to be printed about the icmp(4) protocol. options IPFORWARDING=value If value is 1 this enables IP routing behavior. If value is 0 (the default), it disables it. The GATEWAY option sets this to 1 automati- cally. With this option enabled, the machine will forward IP datagrams destined for other machines between its interfaces. Note that even with- out this option, the kernel will still forward some packets (such as source routed packets) -- removing GATEWAY and IPFORWARDING is insuffi- cient to stop all routing through a bastion host on a firewall -- source routing is controlled independently. To turn off source routing, use options IPFORWSRCRT=0 (which see). Note that IP forwarding may be turned on and off independently of the setting of the IPFORWARDING option through the use of the net.inet.ip.forwarding sysctl variable. If net.inet.ip.forwarding is 1, IP forwarding is on. See sysctl(8) and sysctl(3) for details. options IPFORWSRCRT=value If value is set to zero, source routing of IP datagrams is turned off. If value is set to one (the default) or the option is absent, source routed IP datagrams are forwarded by the machine. Note that source rout- ing of IP packets may be turned on and off independently of the setting of the IPFORWSRCRT option through the use of the net.inet.ip.forwsrcrt sysctl variable. If net.inet.ip.forwsrcrt is 1, forwarding of source routed IP datagrams is on. See sysctl(8) and sysctl(3) for details. options IFA_STATS Tells the kernel to maintain per-address statistics on bytes sent and received over (currently) Internet and AppleTalk addresses. The option is not recommended as it degrades system stability. options IFQ_MAXLEN=value Increases the allowed size of the network interface packet queues. The default queue size is 50 packets, and you do not normally need to increase it. options IPSELSRC Includes support for source-address selection policies. See in_getifa(9). options MROUTING Includes support for IP multicast routers. You certainly want INET with this. Multicast routing is controlled by the mrouted(8) daemon. See also option PIM. options PIM Includes support for Protocol Independent Multicast (PIM) routing. You need MROUTING and INET with this. Software using this can be found e.g. in pkgsrc/net/xorp. options INET Includes support for the TCP/IP protocol stack. You almost certainly want this. See inet(4) for details. options INET6 Includes support for the IPv6 protocol stack. See inet6(4) for details. Unlike INET, INET6 enables multicast routing code as well. This option requires INET at this moment, but it should not. options ND6_DEBUG The option sets the default value of net.inet6.icmp6.nd6_debug to 1, for debugging IPv6 neighbor discovery protocol handling. See sysctl(3) for details. options IPSEC Includes support for the IPsec protocol. See ipsec(4) for details. options IPSEC_DEBUG Enables debugging code in IPsec stack. See ipsec(4) for details. options IPSEC_ESP Includes support for IPsec ESP protocol. See ipsec(4) for details. options IPSEC_NAT_T Includes support for IPsec Network Address Translator traversal (NAT-T), as described in RFCs 3947 and 3948. This feature might be patent-encum- bered in some countries. options ALTQ Enabled ALTQ (Alternate Queueing). For simple rate-limiting, use tbrconfig(8) to set up the interface transmission rate. To use queueing disciplines, their appropriate kernel options should also be defined (documented below). Queueing disciplines are managed by altqd(8). See altq(9) for details. options ALTQ_HFSC Include support for ALTQ-implemented HFSC (Hierarchical Fair Service Curve) module. HFSC supports both link-sharing and guaranteed real-time services. HFSC employs a service curve based QoS model, and its unique feature is an ability to decouple delay and bandwidth allocation. Requires ALTQ_RED to use the RED queueing discipline on HFSC classes, or ALTQ_RIO to use the RIO queueing discipline on HFSC classes. This option assumes ALTQ. options ALTQ_PRIQ Include support for ALTQ-implemented PRIQ (Priority Queueing). PRIQ implements a simple priority-based queueing discipline. A higher prior- ity class is always served first. Requires ALTQ_RED to use the RED queueing discipline on HFSC classes, or ALTQ_RIO to use the RIO queueing discipline on HFSC classes. This option assumes ALTQ. options ALTQ_WFQ Include support for ALTQ-implemented WFQ (Weighted Fair Queueing). WFQ implements a weighted-round robin scheduler for a set of queues. A weight can be assigned to each queue to give a different proportion of the link capacity. A hash function is used to map a flow to one of a set of queues. This option assumes ALTQ. options ALTQ_FIFOQ Include support for ALTQ-implemented FIFO queueing. FIFOQ is a simple drop-tail FIFO (First In, First Out) queueing discipline. This option assumes ALTQ. options ALTQ_RIO Include support for ALTQ-implemented RIO (RED with In/Out). The original RIO has 2 sets of RED parameters; one for in-profile packets and the other for out-of-profile packets. At the ingress of the network, profile meters tag packets as IN or OUT based on contracted profiles for cus- tomers. Inside the network, IN packets receive preferential treatment by the RIO dropper. ALTQ/RIO has 3 drop precedence levels defined for the Assured Forwarding PHB of DiffServ (RFC 2597). This option assumes ALTQ. options ALTQ_BLUE Include support for ALTQ-implemented Blue buffer management. Blue is another active buffer management mechanism. This option assumes ALTQ. options ALTQ_FLOWVALVE Include support for ALTQ-implemented Flowvalve. Flowvalve is a simple implementation of a RED penalty box that identifies and punishes misbe- having flows. This option requires ALTQ_RED and assumes ALTQ. options ALTQ_CDNR Include support for ALTQ-implemented CDNR (diffserv traffic conditioner) packet marking/manipulation. Traffic conditioners are components to meter, mark, or drop incoming packets according to some rules. As opposed to queueing disciplines, traffic conditioners handle incoming packets at an input interface. This option assumes ALTQ. options ALTQ_NOPCC Disables use of processor cycle counter to measure time in ALTQ. This option should be defined for a non-Pentium i386 CPU which does not have TSC, SMP (per-CPU counters are not in sync), or power management which affects processor cycle counter. This option assumes ALTQ. options ALTQ_IPSEC Include support for IPsec in IPv4 ALTQ. This option assumes ALTQ. options ALTQ_JOBS Include support for ALTQ-implemented JoBS (Joint Buffer Management and Scheduling). This option assumes ALTQ. options ALTQ_AFMAP Include support for an undocumented ALTQ feature that is used to map an IP flow to an ATM VC (Virtual Circuit). This option assumes ALTQ. options ALTQ_LOCALQ Include support for ALTQ-implemented local queues. Its practical use is undefined. Assumes ALTQ. options SUBNETSARELOCAL Sets default value for net.inet.ip.subnetsarelocal variable, which con- trols whether non-directly-connected subnets of connected networks are considered "local" for purposes of choosing the MSS for a TCP connection. This is mostly present for historic reasons and completely irrelevant if you enable Path MTU discovery. options HOSTZEROBROADCAST Sets default value for net.inet.ip.hostzerobroadcast variable, which con- trols whether the zeroth host address of each connected subnet is also considered a broadcast address. Default value is "1", for compatibility with old systems; if this is set to zero on all hosts on a subnet, you should be able to fit an extra host per subnet on the ".0" address. options MCLSHIFT=value This option is the base-2 logarithm of the size of mbuf clusters. The BSD networking stack keeps network packets in a linked list, or chain, of kernel buffer objects called mbufs. The system provides larger mbuf clusters as an optimization for large packets, instead of using long chains for large packets. The mbuf cluster size, or MCLBYTES, must be a power of two, and is computed as two raised to the power MCLSHIFT. On systems with Ethernet network adapters, MCLSHIFT is often set to 11, giv- ing 2048-byte mbuf clusters, large enough to hold a 1500-byte Ethernet frame in a single cluster. Systems with network interfaces supporting larger frame sizes like ATM, FDDI, or HIPPI may perform better with MCLSHIFT set to 12 or 13, giving mbuf cluster sizes of 4096 and 8192 bytes, respectively. options NS Include support for the Xerox XNS protocol stack. See ns(4) for details. options ISO,TPIP Include support for the ubiquitous OSI protocol stack. See iso(4) for details. This option assumes INET. options EON Include support for tunneling OSI protocols over IP. Known to be broken, or at least very fragile, and undocumented. options NETATALK Include support for the AppleTalk protocol stack. The kernel provides provision for the Datagram Delivery Protocol (DDP), providing SOCK_DGRAM support and AppleTalk routing. This stack is used by the NETATALK pack- age, which adds support for AppleTalk server services via user libraries and applications. options BLUETOOTH Include support for the Bluetooth protocol stack. See bluetooth(4) for details. options IPNOPRIVPORTS Normally, only root can bind a socket descriptor to a so-called ``privileged'' TCP port, that is, a port number in the range 0-1023. This option eliminates those checks from the kernel. This can be useful if there is a desire to allow daemons without privileges to bind those ports, e.g., on firewalls. The security tradeoffs in doing this are sub- tle. This option should only be used by experts. options TCP_COMPAT_42 TCP bug compatibility with 4.2BSD. In 4.2BSD, TCP sequence numbers were 32-bit signed values. Modern implementations of TCP use unsigned values. This option clamps the initial sequence number to start in the range 2^31 rather than the full unsigned range of 2^32. Also, under 4.2BSD, keepalive packets must contain at least one byte or else the remote end would not respond. options TCP_DEBUG Record the last TCP_NDEBUG TCP packets with SO_DEBUG set, and decode to the console if tcpconsdebug is set. options TCP_NDEBUG Number of packets to record for TCP_DEBUG. Defaults to 100. options TCP_SENDSPACE=value options TCP_RECVSPACE=value These options set the max TCP window size to other sizes than the default. The TCP window sizes can be altered via sysctl(8) as well. options TCP_INIT_WIN=value This option sets the initial TCP window size for non-local connections, which is used when the transmission starts. The default size is 1, but if the machine should act more aggressively, the initial size can be set to some other value. The initial TCP window size can be set via sysctl(8) as well. options PFIL_HOOKS This option turns on the packet filter interface hooks. See pfil(9) for details. This option assumes INET. options IPFILTER_LOG This option, in conjunction with pseudo-device ipfilter, enables logging of IP packets using ip-filter. options IPFILTER_DEFAULT_BLOCK This option sets the default policy of ip-filter. If it is set, ip-fil- ter will block packets by default. options BRIDGE_IPF This option causes bridge devices to use the IP and/or IPv6 filtering hooks, forming a link-layer filter that uses protocol-layer rules. This option assumes the presence of pseudo-device ipfilter. options MBUFTRACE This option can help track down mbuf leaks. When enabled, mbufs are tagged with the devices and protocols using them, which slightly decreases network performance. This additional information can be viewed with netstat(1): netstat -mssv Not all devices or protocols support this option. Sysctl Related Options options SYSCTL_DISALLOW_CREATE Disallows the creation or deletion of nodes from the sysctl tree, as well as the assigning of descriptions to nodes that lack them, by any process. These operations are still available to kernel sub-systems, including loadable kernel modules. options SYSCTL_DISALLOW_KWRITE Prevents processes from adding nodes to the sysctl tree that make exist- ing kernel memory areas writable. Sections of kernel memory can still be read and new nodes that own their own data may still be writable. options SYSCTL_DEBUG_SETUP Causes the SYSCTL_SETUP routines to print a brief message when they are invoked. This is merely meant as an aid in determining the order in which sections of the tree are created. options SYSCTL_DEBUG_CREATE Prints a message each time sysctl_create(), the function that adds nodes to the tree, is called. options SYSCTL_INCLUDE_DESCR Causes the kernel to include short, human readable descriptions for nodes in the sysctl tree. The descriptions can be retrieved programmatically (see sysctl(3)), or by the sysctl binary itself (see sysctl(8)). The descriptions are meant to give an indication of the purpose and/or effects of a given node's value, not replace the documentation for the given subsystem as a whole. System V IPC Options options SYSVMSG Includes support for AT&T System V UNIX style message queues. See msgctl(2), msgget(2), msgrcv(2), msgsnd(2). options SYSVSEM Includes support for AT&T System V UNIX style semaphores. See semctl(2), semget(2), semop(2). options SEMMNI=value Sets the number of AT&T System V UNIX style semaphore identifiers. The GENERIC config file for your port will have the default. options SEMMNS=value Sets the number of AT&T System V UNIX style semaphores in the system. The GENERIC config file for your port will have the default. options SEMUME=value Sets the maximum number of undo entries per process for AT&T System V UNIX style semaphores. The GENERIC config file for your port will have the default. options SEMMNU=value Sets the number of undo structures in the system for AT&T System V UNIX style semaphores. The GENERIC config file for your port will have the default. options SYSVSHM Includes support for AT&T System V UNIX style shared memory. See shmat(2), shmctl(2), shmdt(2), shmget(2). options SHMMAXPGS=value Sets the maximum number of AT&T System V UNIX style shared memory pages that are available through the shmget(2) system call. Default value is 1024 on most ports. See /usr/include/machine/vmparam.h for the default. VM Related Options options NMBCLUSTERS=value The number of mbuf clusters the kernel supports. Mbuf clusters are MCLBYTES in size (usually 2k). This is used to compute the size of the kernel VM map mb_map, which maps mbuf clusters. Default on most ports is 1024 (2048 with ``options GATEWAY'' ). See /usr/include/machine/param.h for exact default information. Increase this value if you get ``mclpool limit reached'' messages. options NKMEMPAGES=value options NKMEMPAGES_MIN=value options NKMEMPAGES_MAX=value Size of kernel VM map kmem_map, in PAGE_SIZE-sized chunks (the VM page size; this value may be read from the sysctl(8) variable hw.pagesize ). This VM map is used to map the kernel malloc arena. The kernel attempts to auto-size this map based on the amount of physical memory in the sys- tem. Platform-specific code may place bounds on this computed size, which may be viewed with the sysctl(8) variable vm.nkmempages. See /usr/include/machine/param.h for the default upper and lower bounds. The related options `NKMEMPAGES_MIN' and `NKMEMPAGES_MAX' allow the bounds to be overridden in the kernel configuration file. These options are pro- vided in the event the computed value is insufficient resulting in an ``out of space in kmem_map'' panic. options SB_MAX=value Sets the max size in bytes that a socket buffer is allowed to occupy. The default is 256k, but sometimes it needs to be increased, for example when using large TCP windows. This option can be changed via sysctl(8) as well. options SOMAXKVA=value Sets the maximum size of kernel virtual memory that the socket buffers are allowed to use. The default is 16MB, but in situations where for example large TCP windows are used this value must also be increased. This option can be changed via sysctl(8) as well. options BUFCACHE=value Size of the buffer cache as a percentage of total available RAM. Ignored if BUFPAGES is also specified. options NBUF=value Sets the number of buffer headers available, i.e., the number of open files that may have a buffer cache entry. Each buffer header requires MAXBSIZE (machine dependent, but usually 65536) bytes. The default value is machine dependent, but is usually equal to the value of BUFPAGES. If an architecture dependent VM_MAX_KERNEL_BUF constant is defined then NBUF may be reduced at run time so that the storage allocated for buffer head- ers doesn't exceed that limit. options BUFPAGES=value These options set the number of pages available for the buffer cache. Their default value is a machine dependent value, often calculated as between 5% and 10% of total available RAM. options MAXTSIZ=bytes Sets the maximum size limit of a process' text segment. See /usr/include/machine/vmparam.h for the port-specific default. options DFLDSIZ=bytes Sets the default size limit of a process' data segment, the value that will be returned as the soft limit for RLIMIT_DATA (as returned by getrlimit(2)). See /usr/include/machine/vmparam.h for the port-specific default. options MAXDSIZ=bytes Sets the maximum size limit of a process' data segment, the value that will be returned as the hard limit for RLIMIT_DATA (as returned by getrlimit(2)). See /usr/include/machine/vmparam.h for the port-specific default. options DFLSSIZ=bytes Sets the default size limit of a process' stack segment, the value that will be returned as the soft limit for RLIMIT_STACK (as returned by getrlimit(2)). See /usr/include/machine/vmparam.h for the port-specific default. options MAXSSIZ=bytes Sets the maximum size limit of a process' stack segment, the value that will be returned as the hard limit for RLIMIT_STACK (as returned by getrlimit(2)). See /usr/include/machine/vmparam.h for the port-specific default. options DUMP_ON_PANIC=integer Defaults to one. If set to zero, the kernel will not dump to the dump device when it panics, though dumps can still be forced via ddb(4) with the ``sync'' command. Note that this sets the value of the kern.dump_on_panic sysctl(3) variable which may be changed at run time -- see sysctl(8) for details. options USE_TOPDOWN_VM User space memory allocations (as made by mmap(2)) will be arranged in a ``top down'' fashion instead of the traditional ``upwards from MAXDSIZ + vm_daddr'' method. This includes the placement of ld.so(1). Arranging memory in this manner allows either (or both of) the heap or mmap(2) allocated space to grow larger than traditionally possible. This option is not available on all ports, but is instead expected to be offered on a port-by-port basis, after which some ports will commit to using it by default. See the files /usr/include/uvm/uvm_param.h for some implementa- tion details, and /usr/include/machine/vmparam.h for port specific details including availability. options VMSWAP Enable paging device/file support. This option is on by default. options PDPOLICY_CLOCKPRO Use CLOCK-Pro, an alternative page replace policy. Security Options options INSECURE Hardwires the kernel security level at -1. This means that the system always runs in secure level -1 mode, even when running multiuser. See the manual page for init(8) for details on the implications of this. The kernel secure level may manipulated by the superuser by altering the kern.securelevel sysctl(3) variable (the secure level may only be lowered by a call from process ID 1, i.e., init(8)). See also secmodel_securelevel(9), sysctl(8) and sysctl(3). options VERIFIED_EXEC_FP_MD5 Enables support for MD5 hashes in Veriexec. options VERIFIED_EXEC_FP_SHA1 Enables support for SHA1 hashes in Veriexec. options VERIFIED_EXEC_FP_RMD160 Enables support for RMD160 hashes in Veriexec. options VERIFIED_EXEC_FP_SHA256 Enables support for SHA256 hashes in Veriexec. options VERIFIED_EXEC_FP_SHA384 Enables support for SHA384 hashes in Veriexec. options VERIFIED_EXEC_FP_SHA512 Enables support for SHA512 hashes in Veriexec. options PAX_MPROTECT=value Enables PaX MPROTECT, mprotect(2) restrictions from the PaX project. The value is the default value for the global knob, see sysctl(3). If 0, PaX MPROTECT will be enabled only if explicitly set on programs using paxctl(8). If 1, PaX MPROTECT will be enabled for all programs. Pro- grams can be exempted using paxctl(8). See security(8) for more details. options PAX_SEGVGUARD=value Enables PaX Segvguard. The value is the default value for the global knob, see sysctl(3). If 0, PaX Segvguard will be enabled only if explicitly set on programs using paxctl(8). If 1, PaX Segvguard will be enabled to all programs, and exemption can be done using paxctl(8). See security(8) for more details. options PAX_ASLR=value Enables PaX ASLR. The value is the default value for the global knob, see sysctl(3). If 0, PaX ASLR will be enabled only if explicitly set on programs using paxctl(8). If 1, PaX ASLR will be enabled to all programs, and exemption can be done using paxctl(8). See security(8) for more details. amiga-specific Options options BB060STUPIDROM When the bootloader (which passes AmigaOS ROM information) claims we have a 68060 CPU without FPU, go look into the Processor Configuration Regis- ter (PCR) to find out. You need this with Amiga ROMs up to (at least) V40.xxx (OS3.1), when you boot via the bootblocks and don't have a DraCo. options IOBZCLOCK=frequency The IOBlix boards come with two different serial master clocks: older ones use 24 MHz, newer ones use 22.1184 MHz. The driver normally assumes the latter. If your board uses 24 MHz, you can recompile your kernel with options IOBZCLOCK=24000000 or patch the kernel variable iobzclock to the same value. options LIMITMEM=value If there, limit the part of the first memory bank used by NetBSD to value megabytes. Default is unlimited. options NKPTADD=addvalue options NKPTADDSHIFT=shiftvalue The CPU specific MMU table for the kernel is pre-allocated at kernel startup time. Part of it is scaled with maxproc, to have enough room to hold the user program MMU tables; the second part is a fixed amount for the kernel itself. The third part accounts for the size of the file buffer cache. Its size is either NKPTADD pages (if defined) or memory size in bytes divided by two to the power of NKPTADDSHIFT. The default is undefined NKPTADD and NKPTADDSHIFT=24, allowing for 16 buffers per megabyte of main memory (while a GENERIC kernel allocates about half of that). When you get "can't get KPT page" panics, you should increase NKPTADD (if defined), or decrease NKPTADDSHIFT by one. options P5PPC68KBOARD Add special support for Phase5 mixed 68k+PPC boards. Currently, this only affects rebooting from NetBSD and is only needed on 68040+PPC, not on 68060+PPC; without this, affected machines will hang after NetBSD has shut down and will only restart after a keyboard reset or a power cycle. arm32-specific Options options FRENCH_KBD Include translation for French keyboards when using pccons on a Shark. options FINNISH_KBD Include translation for Finnish keyboards when using pccons on a Shark. options GERMAN_KBD Include translation for German keyboards when using pccons on a Shark. options NORWEGIAN_KBD Include translation for French keyboards when using pccons on a Shark. amd64-specific Options options ENHANCED_SPEEDSTEP Include support for the Enhanced SpeedStep Technology present in newer CPUs. options EST_FREQ_USERWRITE Allow any user to change the frequency of an Enhanced SpeedStep Technology capable CPU. options INTEL_ONDEMAND_CLOCKMOD This enables the On Demand Clock Modulation by software on Intel CPUs supporting the Thermal Monitor feature (TM). You can select the duty cycle with sysctl(8) in the node machdep.clockmod if supported. options POWERNOW_K8 Include support for AMD Athlon 64 PowerNow! and Cool`n'Quiet Technology, used to change the cpu voltage and frequency on the fly. atari-specific Options options DISKLABEL_AHDI Include support for AHDI (native Atari) disklabels. options DISKLABEL_NBDA Include support for NetBSD/atari labels. If you don't set this option, it will be set automatically. NetBSD/atari will not work without it. options FALCON_SCSI Include support for the 5380-SCSI configuration as found on the Falcon. options RELOC_KERNEL If set, the kernel will relocate itself to TT-RAM, if possible. This will give you a slightly faster system. Beware that on some TT030 sys- tems, the system will frequently dump with MMU-faults with this option enabled. options SERCONSOLE Allow the modem1-port to act as the system-console. A carrier should be active on modem1 during system boot to active the console functionality. options TT_SCSI Include support for the 5380-SCSI configuration as found on the TT030 and Hades. i386-specific Options options COMPAT_30_PTHREAD Enable binary compatibility with NetBSD 3.0 libpthread. NetBSD 3.0 libpthread uses hardcoded values for GDT entries on i386. The order of GDT entries in kernel changed, this option restores the order to what it was in NetBSD 3.0. libpthread from NetBSD 4.0 and later was fixed to not use hardcoded values and will work with or without this option. options ENHANCED_SPEEDSTEP Include support for the Enhanced SpeedStep Technology present in newer CPUs. options EST_FREQ_USERWRITE Allow any user to change the frequency of an Enhanced SpeedStep Technology capable CPU. options INTEL_ONDEMAND_CLOCKMOD This enables the On Demand Clock Modulation by software on Intel CPUs supporting the Thermal Monitor feature (TM). You can select the duty cycle with sysctl(8) in the node machdep.clockmod if supported. options POWERNOW_K7 Include support for the AMD PowerNow! Technology present in AMD Athlon Mobile processors. options VIA_PADLOCK Include support for the AES encryption instructions of the VIA PadLock Security engine, which is attached as a provider to the opencrypto frame- work. options CPURESET_DELAY=value Specifies the time (in millisecond) to wait before doing a hardware reset in the last phase of a reboot. This gives the user a chance to see error messages from the shutdown operations (like NFS unmounts, buffer cache flush, etc ...). Setting this to 0 will disable the delay. Default is 2 seconds. options VM86 Include support for virtual 8086 mode, used by DOS emulators and X servers to run BIOS code, e.g., for some VESA routines. options USER_LDT Include i386-specific system calls for modifying the local descriptor ta- ble, used by Windows emulators. options REALBASEMEM=integer Overrides the base memory size passed in from the boot block. (Value given in kilobytes.) Use this option only if the boot block reports the size incorrectly. (Note that some BIOSes put the extended BIOS data area at the top of base memory, and therefore report a smaller base memory size to prevent programs overwriting it. This is correct behavior, and you should not use the REALBASEMEM option to access this memory). options REALEXTMEM=integer Overrides the extended memory size passed in from the boot block. (Value given in kilobytes. Extended memory does not include the first megabyte.) Use this option only if the boot block reports the size incorrectly. options FRENCH_KBD,FINNISH_KBD,GERMAN_KBD,NORWEGIAN_KBD Select a non-US keyboard layout for the pccons console driver. options CYRIX_CACHE_WORKS Relevant only to the Cyrix 486DLC CPU. This option is used to turn on the cache in hold-flush mode. It is not turned on by default because it is known to have problems in certain motherboard implementations. options CYRIX_CACHE_REALLY_WORKS Relevant only to the Cyrix 486DLC CPU. This option is used to turn on the cache in write-back mode. It is not turned on by default because it is known to have problems in certain motherboard implementations. In order for this option to take effect, option CYRIX_CACHE_WORKS must also be specified. options PCIBIOS Enable support for initializing the PCI bus using information from the BIOS. See pcibios(4) for details. options KSTACK_CHECK_DR0 Detect kernel stack overflow using DR0 register. This option uses DR0 register exclusively so you can't use DR0 register for other purpose (e.g., hardware breakpoint) if you turn this on. options MTRR Include support for accessing MTRR registers from user-space. See i386_get_mtrr(2). options BEEP_ONHALT Make the system speaker emit several beeps when it is completely safe to power down the computer after a halt(8) command. Requires sysbeep(4) support. options BEEP_ONHALT_COUNT=times Number of times to beep the speaker when options BEEP_ONHALT is enabled. Defaults to 3. options BEEP_ONHALT_PITCH=hz The tone frequency used when options BEEP_ONHALT option, in hertz. Defaults to 1500. options BEEP_ONHALT_PERIOD=msecs The duration of each beep when options BEEP_ONHALT is enabled, in mil- liseconds. Defaults to 250. options MULTIBOOT Makes the kernel Multiboot-compliant, allowing it to be booted through a Multiboot-compliant boot manager such as GRUB. See multiboot(8) for more information. isa-specific Options Options specific to isa(4) busses. options PCIC_ISA_ALLOC_IOBASE=address, PCIC_ISA_ALLOC_IOSIZE=size Control the section of IO bus space used for PCMCIA bus space mapping. Ideally the probed defaults are satisfactory, however in practice that is not always the case. See pcmcia(4) for details. options PCIC_ISA_INTR_ALLOC_MASK=mask Controls the allowable interrupts that may be used for PCMCIA devices. This mask is a logical-or of power-of-2s of allowable interrupts: IRQ Val IRQ Val IRQ Val IRQ Val 0 0x0001 4 0x0010 8 0x0100 12 0x1000 1 0x0002 5 0x0020 9 0x0200 13 0x2000 2 0x0004 6 0x0040 10 0x0400 14 0x4000 3 0x0008 7 0x0080 11 0x0800 15 0x8000 options PCKBC_CNATTACH_SELFTEST Perform a self test of the keyboard controller before attaching it as a console. This might be necessary on machines where we boot on cold iron, and pckbc refuses to talk until we request a self test. Currently only the netwinder port uses it. options PCKBD_CNATTACH_MAY_FAIL If this option is set the PS/2 keyboard will not be used as the console if it cannot be found during boot. This allows other keyboards, like USB, to be the console keyboard. options PCKBD_LAYOUT=layout Sets the default keyboard layout, see pckbd(4). m68k-specific Options options FPU_EMULATE Include support for MC68881/MC68882 emulator. options FPSP Include support for 68040 floating point. options M68020,M68030,M68040,M68060 Include support for a specific CPU, at least one (the one you are using) should be specified. options M060SP Include software support for 68060. This provides emulation of unimple- mented integer instructions as well as emulation of unimplemented float- ing point instructions and data types and software support for floating point traps. powerpc-specific Options (OEA Only) options PMAP_MEMLIMIT=value Limit the amount of memory seen by the kernel to value bytes. options PTEGCOUNT=value Specify the size of the page table as value PTE groups. Normally, one PTEG is allocated per physical page frame. sparc-specific Options options AUDIO_DEBUG Enable simple event debugging of the logging of the audio(4) device. options BLINK Enable blinking of LED. Blink rate is full cycle every N seconds for N < then current load average. See getloadavg(3). options COUNT_SW_LEFTOVERS Count how many times the sw SCSI device has left 3, 2, 1 and 0 in the sw_3_leftover, sw_2_leftover, sw_1_leftover, and sw_0_leftover variables accessible from ddb(4). See sw(4). options DEBUG_ALIGN Adds debugging messages calls when user-requested alignment fault han- dling happens. options DEBUG_EMUL Adds debugging messages calls for emulated floating point and alignment fixing operations. options DEBUG_SVR4 Prints registers messages calls for emulated SVR4 getcontext and setcon- text operations. See options COMPAT_SVR4. options EXTREME_DEBUG Adds debugging functions callable from ddb(4). The debug_pagetables, test_region and print_fe_map functions print information about page tables for the SUN4M platforms only. options EXTREME_EXTREME_DEBUG Adds extra info to options EXTREME_DEBUG. options FPU_CONTEXT Make options COMPAT_SVR4 getcontext and setcontext include floating point registers. options MAGMA_DEBUG Adds debugging messages to the magma(4) device. options RASTERCONS_FULLSCREEN Use the entire screen for the console. options RASTERCONS_SMALLFONT Use the Fixed font on the console, instead of the normal font. options SUN4 Support sun4 class machines. options SUN4C Support sun4c class machines. options SUN4M Support sun4m class machines. options SUN4_MMU3L Enable support for sun4 3-level MMU machines. options V9 Enable SPARC V9 assembler in ddb(4). sparc64-specific Options options AUDIO_DEBUG Enable simple event debugging of the logging of the audio(4) device. options BLINK Enable blinking of LED. Blink rate is full cycle every N seconds for N < then current load average. See getloadavg(3). x68k-specific Options options EXTENDED_MEMORY Include support for extended memory, e.g., TS-6BE16 and 060turbo on- board. options JUPITER Include support for Jupiter-X MPU accelerator options ZSCONSOLE,ZSCN_SPEED=value Use the built-in serial port as the system-console. Speed is specified in bps, defaults to 9600. options ITE_KERNEL_ATTR=value Set the kernel message attribute for ITE. Value, an integer, is a logi- cal or of the following values: 1 color inversed 2 underlined 4 bolded
SEE ALSO
config(1), gdb(1), ktrace(1), pmc(1), quota(1), vndcompress(1), gettimeofday(2), i386_get_mtrr(2), i386_iopl(2), msgctl(2), msgget(2), msgrcv(2), msgsnd(2), ntp_adjtime(2), ntp_gettime(2), semctl(2), semget(2), semop(2), shmat(2), shmctl(2), shmdt(2), shmget(2), sysctl(3), apm(4), ddb(4), inet(4), iso(4), lkm(4), md(4), ns(4), pcibios(4), pcmcia(4), ppp(4), userconf(4), vnd(4), wscons(4), config(5), edquota(8), init(8), mdsetimage(8), mount_cd9660(8), mount_fdesc(8), mount_kernfs(8), mount_lfs(8), mount_mfs(8), mount_msdos(8), mount_nfs(8), mount_ntfs(8), mount_null(8), mount_portal(8), mount_procfs(8), mount_udf(8), mount_umap(8), mount_union(8), mrouted(8), newfs_lfs(8), ntpd(8), quotaon(8), rpc.rquotad(8), sysctl(8), in_getifa(9)
HISTORY
The options man page first appeared in NetBSD 1.3.
BUGS
The EON option should be a pseudo-device, and is also very fragile. NetBSD 5.2.3 May 15, 2013 NetBSD 5.2.3

Powered by man-cgi (2024-08-26). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.