xref: /freebsd/sys/conf/NOTES (revision 2008043f386721d58158e37e0d7e50df8095942d)

#
# NOTES -- Lines that can be cut/pasted into kernel and hints configs.
#
# Lines that begin with 'device', 'options', 'machine', 'ident', 'maxusers',
# 'makeoptions', 'hints', etc. go into the kernel configuration that you
# run config(8) with.
#
# Lines that begin with 'envvar hint.' should go into your hints file.
# See /boot/device.hints and/or the 'hints' config(8) directive.
#
# Please use ``make LINT'' to create an old-style LINT file if you want to
# do kernel test-builds.
#
# This file contains machine independent kernel configuration notes.  For
# machine dependent notes, look in /sys/<arch>/conf/NOTES.
#

#
# NOTES conventions and style guide:
#
# Large block comments should begin and end with a line containing only a
# comment character.
#
# To describe a particular object, a block comment (if it exists) should
# come first.  Next should come device, options, and hints lines in that
# order.  All device and option lines must be described by a comment that
# doesn't just expand the device or option name.  Use only a concise
# comment on the same line if possible.  Very detailed descriptions of
# devices and subsystems belong in man pages.
#
# A space followed by a tab separates 'options' from an option name.  Two
# spaces followed by a tab separate 'device' from a device name.  Comments
# after an option or device should use one space after the comment character.
# To comment out a negative option that disables code and thus should not be
# enabled for LINT builds, precede 'options' with "#!".
#

#
# This is the ``identification'' of the kernel.  Usually this should
# be the same as the name of your kernel.
#
ident		LINT

#
# The `maxusers' parameter controls the static sizing of a number of
# internal system tables by a formula defined in subr_param.c.
# Omitting this parameter or setting it to 0 will cause the system to
# auto-size based on physical memory.
#
maxusers	10

# To statically compile in device wiring instead of /boot/device.hints
#hints		"LINT.hints"		# Default places to look for devices.

# Use the following to compile in values accessible to the kernel
# through getenv() (or kenv(1) in userland). The format of the file
# is 'variable=value', see kenv(1)
#
#env		"LINT.env"

#
# The `makeoptions' parameter allows variables to be passed to the
# generated Makefile in the build area.
#
# CONF_CFLAGS gives some extra compiler flags that are added to ${CFLAGS}
# after most other flags.  Here we use it to inhibit use of non-optimal
# gcc built-in functions (e.g., memcmp).
#
# DEBUG happens to be magic.
# The following is equivalent to 'config -g KERNELNAME' and creates
# 'kernel.debug' compiled with -g debugging as well as a normal
# 'kernel'.  Use 'make install.debug' to install the debug kernel
# but that isn't normally necessary as the debug symbols are not loaded
# by the kernel and are not useful there anyway.
#
# KERNEL can be overridden so that you can change the default name of your
# kernel.
#
# MODULES_OVERRIDE can be used to limit modules built to a specific list.
#
makeoptions	CONF_CFLAGS=-fno-builtin  #Don't allow use of memcmp, etc.
#makeoptions	DEBUG=-g		#Build kernel with gdb(1) debug symbols
#makeoptions	KERNEL=foo		#Build kernel "foo" and install "/foo"
# Only build ext2fs module plus those parts of the sound system I need.
#makeoptions	MODULES_OVERRIDE="ext2fs sound/sound sound/driver/maestro3"
makeoptions	DESTDIR=/tmp

#
# FreeBSD processes are subject to certain limits to their consumption
# of system resources.  See getrlimit(2) for more details.  Each
# resource limit has two values, a "soft" limit and a "hard" limit.
# The soft limits can be modified during normal system operation, but
# the hard limits are set at boot time.  Their default values are
# in sys/<arch>/include/vmparam.h.  There are two ways to change them:
#
# 1.  Set the values at kernel build time.  The options below are one
#     way to allow that limit to grow to 1GB.  They can be increased
#     further by changing the parameters:
#
# 2.  In /boot/loader.conf, set the tunables kern.maxswzone,
#     kern.maxbcache, kern.maxtsiz, kern.dfldsiz, kern.maxdsiz,
#     kern.dflssiz, kern.maxssiz and kern.sgrowsiz.
#
# The options in /boot/loader.conf override anything in the kernel
# configuration file.  See the function init_param1 in
# sys/kern/subr_param.c for more details.
#

options 	MAXDSIZ=(1024UL*1024*1024)
options 	MAXSSIZ=(128UL*1024*1024)
options 	DFLDSIZ=(1024UL*1024*1024)

#
# BLKDEV_IOSIZE sets the default block size used in user block
# device I/O.  Note that this value will be overridden by the label
# when specifying a block device from a label with a non-0
# partition blocksize.  The default is PAGE_SIZE.
#
options 	BLKDEV_IOSIZE=8192

#
# MAXPHYS and DFLTPHYS
#
# These are the maximal and safe 'raw' I/O block device access sizes.
# Reads and writes will be split into MAXPHYS chunks for known good
# devices and DFLTPHYS for the rest. Some applications have better
# performance with larger raw I/O access sizes. Note that certain VM
# parameters are derived from these values and making them too large
# can make an unbootable kernel.
#
# The defaults are 64K and 128K respectively.
options 	DFLTPHYS=(64*1024)
options 	MAXPHYS=(128*1024)


# This allows you to actually store this configuration file into
# the kernel binary itself. See config(8) for more details.
#
options 	INCLUDE_CONFIG_FILE     # Include this file in kernel

#
# Compile-time defaults for various boot parameters
#
options 	BOOTVERBOSE=1
options 	BOOTHOWTO=RB_MULTIPLE

#
# Compile-time defaults for dmesg boot tagging
#
# Default boot tag; may use 'kern.boot_tag' loader tunable to override.  The
# current boot's tag is also exposed via the 'kern.boot_tag' sysctl.
options 	BOOT_TAG=\"\"
# Maximum boot tag size the kernel's static buffer should accommodate.  Maximum
# size for both BOOT_TAG and the assocated tunable.
options 	BOOT_TAG_SZ=32

options 	GEOM_BDE		# Disk encryption.
options 	GEOM_CACHE		# Disk cache.
options 	GEOM_CONCAT		# Disk concatenation.
options 	GEOM_ELI		# Disk encryption.
options 	GEOM_GATE		# Userland services.
options 	GEOM_JOURNAL		# Journaling.
options 	GEOM_LABEL		# Providers labelization.
options 	GEOM_LINUX_LVM		# Linux LVM2 volumes
options 	GEOM_MAP		# Map based partitioning
options 	GEOM_MIRROR		# Disk mirroring.
options 	GEOM_MULTIPATH		# Disk multipath
options 	GEOM_NOP		# Test class.
options 	GEOM_PART_APM		# Apple partitioning
options 	GEOM_PART_BSD		# BSD disklabel
options 	GEOM_PART_BSD64		# BSD disklabel64
options 	GEOM_PART_EBR		# Extended Boot Records
options 	GEOM_PART_GPT		# GPT partitioning
options 	GEOM_PART_LDM		# Logical Disk Manager
options 	GEOM_PART_MBR		# MBR partitioning
options 	GEOM_RAID		# Soft RAID functionality.
options 	GEOM_RAID3		# RAID3 functionality.
options 	GEOM_SHSEC		# Shared secret.
options 	GEOM_STRIPE		# Disk striping.
options 	GEOM_UZIP		# Read-only compressed disks
options 	GEOM_VINUM		# Vinum logical volume manager
options 	GEOM_VIRSTOR		# Virtual storage.
options 	GEOM_ZERO		# Performance testing helper.

#
# The root device and filesystem type can be compiled in;
# this provides a fallback option if the root device cannot
# be correctly guessed by the bootstrap code, or an override if
# the RB_DFLTROOT flag (-r) is specified when booting the kernel.
#
options 	ROOTDEVNAME=\"ufs:da0s2e\"


#####################################################################
# Scheduler options:
#
# Specifying one of SCHED_4BSD or SCHED_ULE is mandatory.  These options
# select which scheduler is compiled in.
#
# SCHED_4BSD is the historical, proven, BSD scheduler.  It has a global run
# queue and no CPU affinity which makes it suboptimal for SMP.  It has very
# good interactivity and priority selection.
#
# SCHED_ULE provides significant performance advantages over 4BSD on many
# workloads on SMP machines.  It supports cpu-affinity, per-cpu runqueues
# and scheduler locks.  It also has a stronger notion of interactivity
# which leads to better responsiveness even on uniprocessor machines.  This
# is the default scheduler.
#
# SCHED_STATS is a debugging option which keeps some stats in the sysctl
# tree at 'kern.sched.stats' and is useful for debugging scheduling decisions.
#
options 	SCHED_4BSD
options 	SCHED_STATS
#options 	SCHED_ULE

#####################################################################
# SMP OPTIONS:
#
# SMP enables building of a Symmetric MultiProcessor Kernel.

# Mandatory:
options 	SMP			# Symmetric MultiProcessor Kernel

# EARLY_AP_STARTUP releases the Application Processors earlier in the
# kernel startup process (before devices are probed) rather than at the
# end.  This is a temporary option for use during the transition from
# late to early AP startup.
options 	EARLY_AP_STARTUP

# MAXCPU defines the maximum number of CPUs that can boot in the system.
# A default value should be already present, for every architecture.
options 	MAXCPU=32

# NUMA enables use of Non-Uniform Memory Access policies in various kernel
# subsystems.
options 	NUMA

# MAXMEMDOM defines the maximum number of memory domains that can boot in the
# system.  A default value should already be defined by every architecture.
options 	MAXMEMDOM=2

# ADAPTIVE_MUTEXES changes the behavior of blocking mutexes to spin
# if the thread that currently owns the mutex is executing on another
# CPU.  This behavior is enabled by default, so this option can be used
# to disable it.
options 	NO_ADAPTIVE_MUTEXES

# ADAPTIVE_RWLOCKS changes the behavior of reader/writer locks to spin
# if the thread that currently owns the rwlock is executing on another
# CPU.  This behavior is enabled by default, so this option can be used
# to disable it.
options 	NO_ADAPTIVE_RWLOCKS

# ADAPTIVE_SX changes the behavior of sx locks to spin if the thread that
# currently owns the sx lock is executing on another CPU.
# This behavior is enabled by default, so this option can be used to
# disable it.
options 	NO_ADAPTIVE_SX

# MUTEX_NOINLINE forces mutex operations to call functions to perform each
# operation rather than inlining the simple cases.  This can be used to
# shrink the size of the kernel text segment.  Note that this behavior is
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
# and WITNESS options.
options 	MUTEX_NOINLINE

# RWLOCK_NOINLINE forces rwlock operations to call functions to perform each
# operation rather than inlining the simple cases.  This can be used to
# shrink the size of the kernel text segment.  Note that this behavior is
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
# and WITNESS options.
options 	RWLOCK_NOINLINE

# SX_NOINLINE forces sx lock operations to call functions to perform each
# operation rather than inlining the simple cases.  This can be used to
# shrink the size of the kernel text segment.  Note that this behavior is
# already implied by the INVARIANT_SUPPORT, INVARIANTS, KTR, LOCK_PROFILING,
# and WITNESS options.
options 	SX_NOINLINE

# SMP Debugging Options:
#
# CALLOUT_PROFILING enables rudimentary profiling of the callwheel data
#	  structure used as backend in callout(9).
# PREEMPTION allows the threads that are in the kernel to be preempted by
#	  higher priority [interrupt] threads.  It helps with interactivity
#	  and allows interrupt threads to run sooner rather than waiting.
# FULL_PREEMPTION instructs the kernel to preempt non-realtime kernel
#	  threads.  Its sole use is to expose race conditions and other
#	  bugs during development.  Enabling this option will reduce
#	  performance and increase the frequency of kernel panics by
#	  design.  If you aren't sure that you need it then you don't.
#	  Relies on the PREEMPTION option.  DON'T TURN THIS ON.
# SLEEPQUEUE_PROFILING enables rudimentary profiling of the hash table
#	  used to hold active sleep queues as well as sleep wait message
#	  frequency.
# TURNSTILE_PROFILING enables rudimentary profiling of the hash table
#	  used to hold active lock queues.
# UMTX_PROFILING enables rudimentary profiling of the hash table used
#	  to hold active lock queues.
# WITNESS enables the witness code which detects deadlocks and cycles
#         during locking operations.
# WITNESS_KDB causes the witness code to drop into the kernel debugger if
#	  a lock hierarchy violation occurs or if locks are held when going to
#	  sleep.
# WITNESS_SKIPSPIN disables the witness checks on spin mutexes.
options 	PREEMPTION
options 	FULL_PREEMPTION
options 	WITNESS
options 	WITNESS_KDB
options 	WITNESS_SKIPSPIN

# LOCK_PROFILING - Profiling locks.  See LOCK_PROFILING(9) for details.
options 	LOCK_PROFILING
# Set the number of buffers and the hash size.  The hash size MUST be larger
# than the number of buffers.  Hash size should be prime.
options 	MPROF_BUFFERS="1536"
options 	MPROF_HASH_SIZE="1543"

# Profiling for the callout(9) backend.
options 	CALLOUT_PROFILING

# Profiling for internal hash tables.
options 	SLEEPQUEUE_PROFILING
options 	TURNSTILE_PROFILING
options 	UMTX_PROFILING

# Debugging traces for epoch(9) misuse
options 	EPOCH_TRACE

#####################################################################
# COMPATIBILITY OPTIONS

# Old tty interface.
options 	COMPAT_43TTY

# Note that as a general rule, COMPAT_FREEBSD<n> depends on
# COMPAT_FREEBSD<n+1>, COMPAT_FREEBSD<n+2>, etc.

# Enable FreeBSD4 compatibility syscalls
options 	COMPAT_FREEBSD4

# Enable FreeBSD5 compatibility syscalls
options 	COMPAT_FREEBSD5

# Enable FreeBSD6 compatibility syscalls
options 	COMPAT_FREEBSD6

# Enable FreeBSD7 compatibility syscalls
options 	COMPAT_FREEBSD7

# Enable FreeBSD9 compatibility syscalls
options 	COMPAT_FREEBSD9

# Enable FreeBSD10 compatibility syscalls
options 	COMPAT_FREEBSD10

# Enable FreeBSD11 compatibility syscalls
options 	COMPAT_FREEBSD11

# Enable FreeBSD12 compatibility syscalls
options 	COMPAT_FREEBSD12

# Enable FreeBSD13 compatibility syscalls
options 	COMPAT_FREEBSD13

# Enable FreeBSD14 compatibility syscalls
options 	COMPAT_FREEBSD14

# Enable Linux Kernel Programming Interface
options 	COMPAT_LINUXKPI

#
# These three options provide support for System V Interface
# Definition-style interprocess communication, in the form of shared
# memory, semaphores, and message queues, respectively.
#
options 	SYSVSHM
options 	SYSVSEM
options 	SYSVMSG


#####################################################################
# DEBUGGING OPTIONS

#
# Compile with kernel debugger related code.
#
options 	KDB

#
# Print a stack trace of the current thread on the console for a panic.
#
options 	KDB_TRACE

#
# Don't enter the debugger for a panic. Intended for unattended operation
# where you may want to enter the debugger from the console, but still want
# the machine to recover from a panic.
#
options 	KDB_UNATTENDED

#
# Enable the ddb debugger backend.
#
options 	DDB

#
# Print the numerical value of symbols in addition to the symbolic
# representation.
#
options 	DDB_NUMSYM

#
# Enable the remote gdb debugger backend.
#
options 	GDB

#
# Trashes list pointers when they become invalid (i.e., the element is
# removed from a list).  Relatively inexpensive to enable.
#
options 	QUEUE_MACRO_DEBUG_TRASH

#
# Stores information about the last caller to modify the list object
# in the list object.  Requires additional memory overhead.
#
#options 	QUEUE_MACRO_DEBUG_TRACE

#
# SYSCTL_DEBUG enables a 'sysctl' debug tree that can be used to dump the
# contents of the registered sysctl nodes on the console.  It is disabled by
# default because it generates excessively verbose console output that can
# interfere with serial console operation.
#
options 	SYSCTL_DEBUG

#
# Enable textdump by default, this disables kernel core dumps.
#
options 	TEXTDUMP_PREFERRED

#
# Enable extra debug messages while performing textdumps.
#
options 	TEXTDUMP_VERBOSE

#
# NO_SYSCTL_DESCR omits the sysctl node descriptions to save space in the
# resulting kernel.
options 	NO_SYSCTL_DESCR

#
# MALLOC_DEBUG_MAXZONES enables multiple uma zones for malloc(9)
# allocations that are smaller than a page.  The purpose is to isolate
# different malloc types into hash classes, so that any buffer
# overruns or use-after-free will usually only affect memory from
# malloc types in that hash class.  This is purely a debugging tool;
# by varying the hash function and tracking which hash class was
# corrupted, the intersection of the hash classes from each instance
# will point to a single malloc type that is being misused.  At this
# point inspection or memguard(9) can be used to catch the offending
# code.
#
options 	MALLOC_DEBUG_MAXZONES=8

#
# DEBUG_MEMGUARD builds and enables memguard(9), a replacement allocator
# for the kernel used to detect modify-after-free scenarios.  See the
# memguard(9) man page for more information on usage.
#
options 	DEBUG_MEMGUARD

#
# DEBUG_REDZONE enables buffer underflows and buffer overflows detection for
# malloc(9).
#
options 	DEBUG_REDZONE

#
# EARLY_PRINTF enables support for calling a special printf (eprintf)
# very early in the kernel (before cn_init() has been called).  This
# should only be used for debugging purposes early in boot.  Normally,
# it is not defined.  It is commented out here because this feature
# isn't generally available. And the required eputc() isn't defined.
#
#options 	EARLY_PRINTF

#
# KTRACE enables the system-call tracing facility ktrace(2).  To be more
# SMP-friendly, KTRACE uses a worker thread to process most trace events
# asynchronously to the thread generating the event.  This requires a
# pre-allocated store of objects representing trace events.  The
# KTRACE_REQUEST_POOL option specifies the initial size of this store.
# The size of the pool can be adjusted both at boottime and runtime via
# the kern.ktrace_request_pool tunable and sysctl.
#
options 	KTRACE			#kernel tracing
options 	KTRACE_REQUEST_POOL=101

#
# KTR is a kernel tracing facility imported from BSD/OS.  It is
# enabled with the KTR option.  KTR_ENTRIES defines the number of
# entries in the circular trace buffer; it may be an arbitrary number.
# KTR_BOOT_ENTRIES defines the number of entries during the early boot,
# before malloc(9) is functional.
# KTR_COMPILE defines the mask of events to compile into the kernel as
# defined by the KTR_* constants in <sys/ktr.h>.  KTR_MASK defines the
# initial value of the ktr_mask variable which determines at runtime
# what events to trace.  KTR_CPUMASK determines which CPU's log
# events, with bit X corresponding to CPU X.  The layout of the string
# passed as KTR_CPUMASK must match a series of bitmasks each of them
# separated by the "," character (ie:
# KTR_CPUMASK=0xAF,0xFFFFFFFFFFFFFFFF).  KTR_VERBOSE enables
# dumping of KTR events to the console by default.  This functionality
# can be toggled via the debug.ktr_verbose sysctl and defaults to off
# if KTR_VERBOSE is not defined.  See ktr(4) and ktrdump(8) for details.
#
options 	KTR
options 	KTR_BOOT_ENTRIES=1024
options 	KTR_ENTRIES=(128*1024)
options 	KTR_COMPILE=(KTR_ALL)
options 	KTR_MASK=KTR_INTR
options 	KTR_CPUMASK=0x3
options 	KTR_VERBOSE

#
# ALQ(9) is a facility for the asynchronous queuing of records from the kernel
# to a vnode, and is employed by services such as ktr(4) to produce trace
# files based on a kernel event stream.  Records are written asynchronously
# in a worker thread.
#
options 	ALQ
options 	KTR_ALQ

#
# The INVARIANTS option is used in a number of source files to enable
# extra sanity checking of internal structures.  This support is not
# enabled by default because of the extra time it would take to check
# for these conditions, which can only occur as a result of
# programming errors.
#
options 	INVARIANTS

#
# The INVARIANT_SUPPORT option makes us compile in support for
# verifying some of the internal structures.  It is a prerequisite for
# 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be
# called.  The intent is that you can set 'INVARIANTS' for single
# source files (by changing the source file or specifying it on the
# command line) if you have 'INVARIANT_SUPPORT' enabled.  Also, if you
# wish to build a kernel module with 'INVARIANTS', then adding
# 'INVARIANT_SUPPORT' to your kernel will provide all the necessary
# infrastructure without the added overhead.
#
options 	INVARIANT_SUPPORT

#
# The KASSERT_PANIC_OPTIONAL option allows kasserts to fire without
# necessarily inducing a panic.  Panic is the default behavior, but
# runtime options can configure it either entirely off, or off with a
# limit.
#
options 	KASSERT_PANIC_OPTIONAL

#
# The DIAGNOSTIC option is used to enable extra debugging information
# and invariants checking.  The added checks are too expensive or noisy
# for an INVARIANTS kernel and thus are disabled by default.  It is
# expected that a kernel configured with DIAGNOSTIC will also have the
# INVARIANTS option enabled.
#
options 	DIAGNOSTIC

#
# REGRESSION causes optional kernel interfaces necessary only for regression
# testing to be enabled.  These interfaces may constitute security risks
# when enabled, as they permit processes to easily modify aspects of the
# run-time environment to reproduce unlikely or unusual (possibly normally
# impossible) scenarios.
#
options 	REGRESSION

#
# This option lets some drivers co-exist that can't co-exist in a running
# system.  This is used to be able to compile all kernel code in one go for
# quality assurance purposes (like this file, which the option takes it name
# from.)
#
options 	COMPILING_LINT

#
# STACK enables the stack(9) facility, allowing the capture of kernel stack
# for the purpose of procinfo(1), etc.  stack(9) will also be compiled in
# automatically if DDB(4) is compiled into the kernel.
#
options 	STACK

#
# The NUM_CORE_FILES option specifies the limit for the number of core
# files generated by a particular process, when the core file format
# specifier includes the %I pattern. Since we only have 1 character for
# the core count in the format string, meaning the range will be 0-9, the
# maximum value allowed for this option is 10.
# This core file limit can be adjusted at runtime via the debug.ncores
# sysctl.
#
options 	NUM_CORE_FILES=5

#
# The TSLOG option enables timestamped logging of events, especially
# function entries/exits, in order to track the time spent by the kernel.
# In particular, this is useful when investigating the early boot process,
# before it is possible to use more sophisticated tools like DTrace.
# The TSLOGSIZE option controls the size of the (preallocated, fixed
# length) buffer used for storing these events (default: 262144 records).
# The TSLOG_PAGEZERO option enables TSLOG of pmap_zero_page; this must be
# enabled separately since it typically generates too many records to be
# useful.
#
# For security reasons the TSLOG option should not be enabled on systems
# used in production.
#
options 	TSLOG
options 	TSLOGSIZE=262144


#####################################################################
# PERFORMANCE MONITORING OPTIONS

#
# The hwpmc driver that allows the use of in-CPU performance monitoring
# counters for performance monitoring.  The base kernel needs to be configured
# with the 'options' line, while the hwpmc device can be either compiled
# in or loaded as a loadable kernel module.
#
# Additional configuration options may be required on specific architectures,
# please see hwpmc(4).

device		hwpmc			# Driver (also a loadable module)
options 	HWPMC_DEBUG
options 	HWPMC_HOOKS		# Other necessary kernel hooks


#####################################################################
# NETWORKING OPTIONS

#
# Protocol families
#
options 	INET			#Internet communications protocols
options 	INET6			#IPv6 communications protocols
#
# Note if you include INET/INET6 or both options
# You *must* define at least one of the congestion control
# options or the compile will fail. GENERIC defines
# options CC_CUBIC. You may want to specify a default
# if multiple congestion controls are compiled in.
# The string in default is the name of the
# cc module as it would appear in the sysctl for
# setting the default. The code defines CUBIC
# as default, or the sole cc_module compiled in.
#
options 	CC_CDG
options 	CC_CHD
options 	CC_CUBIC
options 	CC_DCTCP
options 	CC_HD
options 	CC_HTCP
options 	CC_NEWRENO
options 	CC_VEGAS
options 	CC_DEFAULT=\"cubic\"
options 	RATELIMIT		# TX rate limiting support

options 	ROUTETABLES=2		# allocated fibs up to 65536. default is 1.
					# but that would be a bad idea as they are large.

options 	TCP_OFFLOAD		# TCP offload support.
options  	TCP_RFC7413		# TCP Fast Open

options  	TCPHPTS

# In order to enable IPSEC you MUST also add device crypto to
# your kernel configuration
options 	IPSEC			#IP security (requires device crypto)

# Option IPSEC_SUPPORT does not enable IPsec, but makes it possible to
# load it as a kernel module. You still MUST add device crypto to your kernel
# configuration.
options 	IPSEC_SUPPORT
#options 	IPSEC_DEBUG		#debug for IP security

# Alternative TCP stacks
options 	TCP_BBR
options 	TCP_RACK

# TLS framing and encryption/decryption of data over TCP sockets.
options 	KERN_TLS		# TLS transmit and receive offload

# Netlink kernel/user<>kernel/user messaging interface
options 	NETLINK

#
# SMB/CIFS requester
# NETSMB enables support for SMB protocol, it requires LIBMCHAIN and LIBICONV
# options.
options 	NETSMB			#SMB/CIFS requester

# mchain library. It can be either loaded as KLD or compiled into kernel
options 	LIBMCHAIN

# libalias library, performing NAT
options 	LIBALIAS

#
# SCTP is a NEW transport protocol defined by
# RFC2960 updated by RFC3309 and RFC3758.. and
# soon to have a new base RFC and many many more
# extensions. This release supports all the extensions
# including many drafts (most about to become RFC's).
# It is the reference implementation of SCTP
# and is quite well tested.
#
# Note YOU MUST have both INET and INET6 defined.
# You don't have to enable V6, but SCTP is
# dual stacked and so far we have not torn apart
# the V6 and V4.. since an association can span
# both a V6 and V4 address at the SAME time :-)
#
# The SCTP_SUPPORT option does not enable SCTP, but provides the necessary
# support for loading SCTP as a loadable kernel module.
#
options 	SCTP
options 	SCTP_SUPPORT

# There are bunches of options:
# this one turns on all sorts of
# nastily printing that you can
# do. It's all controlled by a
# bit mask (settable by socket opt and
# by sysctl). Including will not cause
# logging until you set the bits.. but it
# can be quite verbose.. so without this
# option we don't do any of the tests for
# bits and prints.. which makes the code run
# faster.. if you are not debugging don't use.
options 	SCTP_DEBUG

#
# All that options after that turn on specific types of
# logging. You can monitor CWND growth, flight size
# and all sorts of things. Go look at the code and
# see. I have used this to produce interesting
# charts and graphs as well :->
#
# I have not yet committed the tools to get and print
# the logs, I will do that eventually .. before then
# if you want them send me an email rrs@freebsd.org
# You basically must have ktr(4) enabled for these
# and you then set the sysctl to turn on/off various
# logging bits. Use ktrdump(8) to pull the log and run
# it through a display program.. and graphs and other
# things too.
#
options 	SCTP_LOCK_LOGGING
options 	SCTP_MBUF_LOGGING
options 	SCTP_MBCNT_LOGGING
options 	SCTP_PACKET_LOGGING
options 	SCTP_LTRACE_CHUNKS
options 	SCTP_LTRACE_ERRORS

# altq(9). Enable the base part of the hooks with the ALTQ option.
# Individual disciplines must be built into the base system and can not be
# loaded as modules at this point. ALTQ requires a stable TSC so if yours is
# broken or changes with CPU throttling then you must also have the ALTQ_NOPCC
# option.
options 	ALTQ
options 	ALTQ_CBQ	# Class Based Queueing
options 	ALTQ_RED	# Random Early Detection
options 	ALTQ_RIO	# RED In/Out
options 	ALTQ_CODEL	# CoDel Active Queueing
options 	ALTQ_HFSC	# Hierarchical Packet Scheduler
options 	ALTQ_FAIRQ	# Fair Packet Scheduler
options 	ALTQ_CDNR	# Traffic conditioner
options 	ALTQ_PRIQ	# Priority Queueing
options 	ALTQ_NOPCC	# Required if the TSC is unusable
options 	ALTQ_DEBUG

# netgraph(4). Enable the base netgraph code with the NETGRAPH option.
# Individual node types can be enabled with the corresponding option
# listed below; however, this is not strictly necessary as netgraph
# will automatically load the corresponding KLD module if the node type
# is not already compiled into the kernel. Each type below has a
# corresponding man page, e.g., ng_async(8).
options 	NETGRAPH		# netgraph(4) system
options 	NETGRAPH_DEBUG		# enable extra debugging, this
					# affects netgraph(4) and nodes
# Node types
options 	NETGRAPH_ASYNC
options 	NETGRAPH_BLUETOOTH		# ng_bluetooth(4)
options 	NETGRAPH_BLUETOOTH_HCI		# ng_hci(4)
options 	NETGRAPH_BLUETOOTH_L2CAP	# ng_l2cap(4)
options 	NETGRAPH_BLUETOOTH_SOCKET	# ng_btsocket(4)
options 	NETGRAPH_BLUETOOTH_UBT		# ng_ubt(4)
options 	NETGRAPH_BLUETOOTH_UBTBCMFW	# ubtbcmfw(4)
options 	NETGRAPH_BPF
options 	NETGRAPH_BRIDGE
options 	NETGRAPH_CAR
options 	NETGRAPH_CHECKSUM
options 	NETGRAPH_CISCO
options 	NETGRAPH_DEFLATE
options 	NETGRAPH_DEVICE
options 	NETGRAPH_ECHO
options 	NETGRAPH_EIFACE
options 	NETGRAPH_ETHER
options 	NETGRAPH_FRAME_RELAY
options 	NETGRAPH_GIF
options 	NETGRAPH_GIF_DEMUX
options 	NETGRAPH_HOLE
options 	NETGRAPH_IFACE
options 	NETGRAPH_IP_INPUT
options 	NETGRAPH_IPFW
options 	NETGRAPH_KSOCKET
options 	NETGRAPH_L2TP
options 	NETGRAPH_LMI
options 	NETGRAPH_MPPC_COMPRESSION
options 	NETGRAPH_MPPC_ENCRYPTION
options 	NETGRAPH_NETFLOW
options 	NETGRAPH_NAT
options 	NETGRAPH_ONE2MANY
options 	NETGRAPH_PATCH
options 	NETGRAPH_PIPE
options 	NETGRAPH_PPP
options 	NETGRAPH_PPPOE
options 	NETGRAPH_PPTPGRE
options 	NETGRAPH_PRED1
options 	NETGRAPH_RFC1490
options 	NETGRAPH_SOCKET
options 	NETGRAPH_SPLIT
options 	NETGRAPH_TAG
options 	NETGRAPH_TCPMSS
options 	NETGRAPH_TEE
options 	NETGRAPH_UI
options 	NETGRAPH_VJC
options 	NETGRAPH_VLAN

# Network stack virtualization.
options 	VIMAGE
options 	VNET_DEBUG	# debug for VIMAGE

#
# Network interfaces:
#  The `loop' device is MANDATORY when networking is enabled.
device		loop

#  The `ether' device provides generic code to handle
#  Ethernets; it is MANDATORY when an Ethernet device driver is
#  configured.
device		ether

#  The `vlan' device implements the VLAN tagging of Ethernet frames
#  according to IEEE 802.1Q.
device		vlan

# The `vxlan' device implements the VXLAN encapsulation of Ethernet
# frames in UDP packets according to RFC7348.
device		vxlan

#  The `wlan' device provides generic code to support 802.11
#  drivers, including host AP mode; it is MANDATORY for the wi,
#  and ath drivers and will eventually be required by all 802.11 drivers.
device		wlan
options 	IEEE80211_DEBUG		#enable debugging msgs
options 	IEEE80211_SUPPORT_MESH	#enable 802.11s D3.0 support
options 	IEEE80211_SUPPORT_TDMA	#enable TDMA support

#  The `wlan_wep', `wlan_tkip', and `wlan_ccmp' devices provide
#  support for WEP, TKIP, and AES-CCMP crypto protocols optionally
#  used with 802.11 devices that depend on the `wlan' module.
device		wlan_wep
device		wlan_ccmp
device		wlan_tkip

#  The `wlan_xauth' device provides support for external (i.e. user-mode)
#  authenticators for use with 802.11 drivers that use the `wlan'
#  module and support 802.1x and/or WPA security protocols.
device		wlan_xauth

#  The `wlan_acl' device provides a MAC-based access control mechanism
#  for use with 802.11 drivers operating in ap mode and using the
#  `wlan' module.
#  The 'wlan_amrr' device provides AMRR transmit rate control algorithm
device		wlan_acl
device		wlan_amrr

#  The `bpf' device enables the Berkeley Packet Filter.  Be
#  aware of the legal and administrative consequences of enabling this
#  option.  DHCP requires bpf.
device		bpf

#  The `netmap' device implements memory-mapped access to network
#  devices from userspace, enabling wire-speed packet capture and
#  generation even at 10Gbit/s. Requires support in the device
#  driver. Supported drivers are ixgbe, e1000, re.
device		netmap

#  The `disc' device implements a minimal network interface,
#  which throws away all packets sent and never receives any.  It is
#  included for testing and benchmarking purposes.
device		disc

# The `epair' device implements a virtual back-to-back connected Ethernet
# like interface pair.
device		epair

#  The `edsc' device implements a minimal Ethernet interface,
#  which discards all packets sent and receives none.
device		edsc

#  The `tuntap' device implements (user-)ppp, nos-tun(8) and a pty-like virtual
#  Ethernet interface
device		tuntap

#  The `gif' device implements IPv6 over IP4 tunneling,
#  IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling and
#  IPv6 over IPv6 tunneling.
#  The `gre' device implements GRE (Generic Routing Encapsulation) tunneling,
#  as specified in the RFC 2784 and RFC 2890.
#  The `me' device implements Minimal Encapsulation within IPv4 as
#  specified in the RFC 2004.
#  The XBONEHACK option allows the same pair of addresses to be configured on
#  multiple gif interfaces.
device		gif
device		gre
device		me
options 	XBONEHACK

#  The `stf' device implements 6to4 encapsulation.
device		stf

# The pf packet filter consists of three devices:
#  The `pf' device provides /dev/pf and the firewall code itself.
#  The `pflog' device provides the pflog0 interface which logs packets.
#  The `pfsync' device provides the pfsync0 interface used for
#   synchronization of firewall state tables (over the net).
device		pf
device		pflog
device		pfsync

# Bridge interface.
device		if_bridge

# Common Address Redundancy Protocol. See carp(4) for more details.
device		carp

# IPsec interface.
device		enc

# Link aggregation interface.
device		lagg

# WireGuard interface.
device		wg

#
# Internet family options:
#
# MROUTING enables the kernel multicast packet forwarder, which works
# with mrouted and XORP.
#
# IPFIREWALL enables support for IP firewall construction, in
# conjunction with the `ipfw' program.  IPFIREWALL_VERBOSE sends
# logged packets to the system logger.  IPFIREWALL_VERBOSE_LIMIT
# limits the number of times a matching entry can be logged.
#
# WARNING:  IPFIREWALL defaults to a policy of "deny ip from any to any"
# and if you do not add other rules during startup to allow access,
# YOU WILL LOCK YOURSELF OUT.  It is suggested that you set firewall_type=open
# in /etc/rc.conf when first enabling this feature, then refining the
# firewall rules in /etc/rc.firewall after you've tested that the new kernel
# feature works properly.
#
# IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
# allow everything.  Use with care, if a cracker can crash your
# firewall machine, they can get to your protected machines.  However,
# if you are using it as an as-needed filter for specific problems as
# they arise, then this may be for you.  Changing the default to 'allow'
# means that you won't get stuck if the kernel and /sbin/ipfw binary get
# out of sync.
#
# IPDIVERT enables the divert IP sockets, used by ``ipfw divert''.  It
# depends on IPFIREWALL if compiled into the kernel.
#
# IPFIREWALL_NAT adds support for in kernel nat in ipfw, and it requires
# LIBALIAS.
#
# IPFIREWALL_NAT64 adds support for in kernel NAT64 in ipfw.
#
# IPFIREWALL_NPTV6 adds support for in kernel NPTv6 in ipfw.
#
# IPFIREWALL_PMOD adds support for protocols modification module. Currently
# it supports only TCP MSS modification.
#
# IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
# packets without touching the TTL).  This can be useful to hide firewalls
# from traceroute and similar tools.
#
# PF_DEFAULT_TO_DROP causes the default pf(4) rule to deny everything.
#
# TCPPCAP enables code which keeps the last n packets sent and received
# on a TCP socket.
#
# TCP_BLACKBOX enables enhanced TCP event logging.
#
# TCP_HHOOK enables the hhook(9) framework hooks for the TCP stack.
#
# ROUTE_MPATH provides support for multipath routing.
#
options 	MROUTING		# Multicast routing
options 	IPFIREWALL		#firewall
options 	IPFIREWALL_VERBOSE	#enable logging to syslogd(8)
options 	IPFIREWALL_VERBOSE_LIMIT=100	#limit verbosity
options 	IPFIREWALL_DEFAULT_TO_ACCEPT	#allow everything by default
options 	IPFIREWALL_NAT		#ipfw kernel nat support
options 	IPFIREWALL_NAT64	#ipfw kernel NAT64 support
options 	IPFIREWALL_NPTV6	#ipfw kernel IPv6 NPT support
options 	IPDIVERT		#divert sockets
options 	IPFILTER		#ipfilter support
options 	IPFILTER_LOG		#ipfilter logging
options 	IPFILTER_LOOKUP		#ipfilter pools
options 	IPFILTER_DEFAULT_BLOCK	#block all packets by default
options 	IPSTEALTH		#support for stealth forwarding
options 	PF_DEFAULT_TO_DROP	#drop everything by default
options 	TCPPCAP
options 	TCP_BLACKBOX
options 	TCP_HHOOK
options 	ROUTE_MPATH

# The MBUF_STRESS_TEST option enables options which create
# various random failures / extreme cases related to mbuf
# functions.  See mbuf(9) for a list of available test cases.
# MBUF_PROFILING enables code to profile the mbuf chains
# exiting the system (via participating interfaces) and
# return a logarithmic histogram of monitored parameters
# (e.g. packet size, wasted space, number of mbufs in chain).
options 	MBUF_STRESS_TEST
options 	MBUF_PROFILING

# Statically link in accept filters
options 	ACCEPT_FILTER_DATA
options 	ACCEPT_FILTER_DNS
options 	ACCEPT_FILTER_HTTP

# TCP_SIGNATURE adds support for RFC 2385 (TCP-MD5) digests. These are
# carried in TCP option 19. This option is commonly used to protect
# TCP sessions (e.g. BGP) where IPSEC is not available nor desirable.
# This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
# This requires the use of 'device crypto' and either 'options IPSEC' or
# 'options IPSEC_SUPPORT'.
options 	TCP_SIGNATURE		#include support for RFC 2385

# DUMMYNET enables the "dummynet" bandwidth limiter.  You need IPFIREWALL
# as well.  See dummynet(4) and ipfw(8) for more info.  When you run
# DUMMYNET, HZ/kern.hz should be at least 1000 for adequate response.
options 	DUMMYNET

# The DEBUGNET option enables a basic debug/panic-time networking API.  It
# is used by NETDUMP and NETGDB.
options 	DEBUGNET

# The NETDUMP option enables netdump(4) client support in the kernel.
# This allows a panicking kernel to transmit a kernel dump to a remote host.
options 	NETDUMP

# The NETGDB option enables netgdb(4) support in the kernel.  This allows a
# panicking kernel to be debugged as a GDB remote over the network.
options 	NETGDB

#####################################################################
# FILESYSTEM OPTIONS

#
# Only the root filesystem needs to be statically compiled or preloaded
# as module; everything else will be automatically loaded at mount
# time.  Some people still prefer to statically compile other
# filesystems as well.
#
# NB: The UNION filesystem was known to be buggy in the past.  It is now
# being actively maintained, although there are still some issues being
# resolved.
#

# One of these is mandatory:
options 	FFS			#Fast filesystem
options 	NFSCL			#Network File System client

# The rest are optional:
options 	AUTOFS			#Automounter filesystem
options 	CD9660			#ISO 9660 filesystem
options 	FDESCFS			#File descriptor filesystem
options 	FUSEFS			#FUSEFS support module
options 	MSDOSFS			#MS DOS File System (FAT, FAT32)
options 	NFSLOCKD		#Network Lock Manager
options 	NFSD			#Network Filesystem Server
options 	KGSSAPI			#Kernel GSSAPI implementation

options 	NULLFS			#NULL filesystem
options 	PROCFS			#Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		#Pseudo-filesystem framework
options 	PSEUDOFS_TRACE		#Debugging support for PSEUDOFS
options 	SMBFS			#SMB/CIFS filesystem
options 	TMPFS			#Efficient memory filesystem
options 	UDF			#Universal Disk Format
options 	UNIONFS			#Union filesystem
# The xFS_ROOT options REQUIRE the associated ``options xFS''
options 	NFS_ROOT		#NFS usable as root device

# Soft updates is a technique for improving filesystem speed and
# making abrupt shutdown less risky.
#
options 	SOFTUPDATES

# Extended attributes allow additional data to be associated with files,
# and is used for ACLs, Capabilities, and MAC labels.
# See src/sys/ufs/ufs/README.extattr for more information.
options 	UFS_EXTATTR
options 	UFS_EXTATTR_AUTOSTART

# Access Control List support for UFS filesystems.  The current ACL
# implementation requires extended attribute support, UFS_EXTATTR,
# for the underlying filesystem.
# See src/sys/ufs/ufs/README.acls for more information.
options 	UFS_ACL

# Directory hashing improves the speed of operations on very large
# directories at the expense of some memory.
options 	UFS_DIRHASH

# Gjournal-based UFS journaling support.
options 	UFS_GJOURNAL

# Make space in the kernel for a root filesystem on a md device.
# Define to the number of kilobytes to reserve for the filesystem.
# This is now optional.
# If not defined, the root filesystem passed in as the MFS_IMAGE makeoption
# will be automatically embedded in the kernel during linking. Its exact size
# will be consumed within the kernel.
# If defined, the old way of embedding the filesystem in the kernel will be
# used. That is to say MD_ROOT_SIZE KB will be allocated in the kernel and
# later, the filesystem image passed in as the MFS_IMAGE makeoption will be
# dd'd into the reserved space if it fits.
options 	MD_ROOT_SIZE=10

# Make the md device a potential root device, either with preloaded
# images of type mfs_root or md_root.
options 	MD_ROOT

# Write-protect the md root device so that it may not be mounted writeable.
options 	MD_ROOT_READONLY

# Allow to read MD image from external memory regions
options 	MD_ROOT_MEM

# Disk quotas are supported when this option is enabled.
options 	QUOTA			#enable disk quotas

# If you are running a machine just as a fileserver for PC and MAC
# users, using SAMBA, you may consider setting this option
# and keeping all those users' directories on a filesystem that is
# mounted with the suiddir option. This gives new files the same
# ownership as the directory (similar to group). It's a security hole
# if you let these users run programs, so confine it to file-servers
# (but it'll save you lots of headaches in those cases). Root owned
# directories are exempt and X bits are cleared. The suid bit must be
# set on the directory as well; see chmod(1). PC owners can't see/set
# ownerships so they keep getting their toes trodden on. This saves
# you all the support calls as the filesystem it's used on will act as
# they expect: "It's my dir so it must be my file".
#
options 	SUIDDIR

# NFS options:
options 	NFS_MINATTRTIMO=3	# VREG attrib cache timeout in sec
options 	NFS_MAXATTRTIMO=60
options 	NFS_MINDIRATTRTIMO=30	# VDIR attrib cache timeout in sec
options 	NFS_MAXDIRATTRTIMO=60
options 	NFS_DEBUG		# Enable NFS Debugging

#
# Add support for the EXT2FS filesystem of Linux fame.  Be a bit
# careful with this - the ext2fs code has a tendency to lag behind
# changes and not be exercised very much, so mounting read/write could
# be dangerous (and even mounting read only could result in panics.)
#
options 	EXT2FS

# The system memory devices; /dev/mem, /dev/kmem
device		mem

# The kernel symbol table device; /dev/ksyms
device		ksyms

# Optional character code conversion support with LIBICONV.
# Each option requires their base file system and LIBICONV.
options 	CD9660_ICONV
options 	MSDOSFS_ICONV
options 	UDF_ICONV


#####################################################################
# POSIX P1003.1B

# Real time extensions added in the 1993 POSIX
# _KPOSIX_PRIORITY_SCHEDULING: Build in _POSIX_PRIORITY_SCHEDULING

options 	_KPOSIX_PRIORITY_SCHEDULING
# p1003_1b_semaphores are very experimental,
# user should be ready to assist in debugging if problems arise.
options 	P1003_1B_SEMAPHORES

# POSIX message queue
options 	P1003_1B_MQUEUE

#####################################################################
# SECURITY POLICY PARAMETERS

# Support for BSM audit
options 	AUDIT

# Support for Mandatory Access Control (MAC):
options 	MAC
options 	MAC_BIBA
options 	MAC_BSDEXTENDED
options 	MAC_DDB
options 	MAC_IFOFF
options 	MAC_IPACL
options 	MAC_LOMAC
options 	MAC_MLS
options 	MAC_NONE
options 	MAC_NTPD
options 	MAC_PARTITION
options 	MAC_PORTACL
options 	MAC_PRIORITY
options 	MAC_SEEOTHERUIDS
options 	MAC_STUB
options 	MAC_TEST
options 	MAC_VERIEXEC
options 	MAC_VERIEXEC_SHA1
options 	MAC_VERIEXEC_SHA256
options 	MAC_VERIEXEC_SHA384
options 	MAC_VERIEXEC_SHA512
device		mac_veriexec_parser

# Support for Capsicum
options 	CAPABILITIES	# fine-grained rights on file descriptors
options 	CAPABILITY_MODE	# sandboxes with no global namespace access


#####################################################################
# CLOCK OPTIONS

# The granularity of operation is controlled by the kernel option HZ (default
# frequency of 1000 Hz or a period 1ms between calls). Virtual machine guests
# use a value of 100. Lower values may lower overhead at the expense of accuracy
# of scheduling, though the adaptive tick code reduces that overhead.

options 	HZ=100

# Enable support for the kernel PLL to use an external PPS signal,
# under supervision of [x]ntpd(8)
# More info in ntpd documentation: http://www.eecis.udel.edu/~ntp

options 	PPS_SYNC

# Enable support for generic feed-forward clocks in the kernel.
# The feed-forward clock support is an alternative to the feedback oriented
# ntpd/system clock approach, and is to be used with a feed-forward
# synchronization algorithm such as the RADclock:
# More info here: http://www.synclab.org/radclock

options 	FFCLOCK


#####################################################################
# SCSI DEVICES

# SCSI DEVICE CONFIGURATION

# The SCSI subsystem consists of the `base' SCSI code, a number of
# high-level SCSI device `type' drivers, and the low-level host-adapter
# device drivers.  The host adapters are listed in the ISA and PCI
# device configuration sections below.
#
# It is possible to wire down your SCSI devices so that a given bus,
# target, and LUN always come on line as the same device unit.  In
# earlier versions the unit numbers were assigned in the order that
# the devices were probed on the SCSI bus.  This means that if you
# removed a disk drive, you may have had to rewrite your /etc/fstab
# file, and also that you had to be careful when adding a new disk
# as it may have been probed earlier and moved your device configuration
# around.

# This old behavior is maintained as the default behavior.  The unit
# assignment begins with the first non-wired down unit for a device
# type.  For example, if you wire a disk as "da3" then the first
# non-wired disk will be assigned da4.

# The syntax for wiring down devices is:

envvar		hint.scbus.0.at="ahc0"
envvar		hint.scbus.1.at="ahc1"
envvar		hint.scbus.1.bus="0"
envvar		hint.scbus.3.at="ahc2"
envvar		hint.scbus.3.bus="0"
envvar		hint.scbus.2.at="ahc2"
envvar		hint.scbus.2.bus="1"
envvar		hint.da.0.at="scbus0"
envvar		hint.da.0.target="0"
envvar		hint.da.0.unit="0"
envvar		hint.da.1.at="scbus3"
envvar		hint.da.1.target="1"
envvar		hint.da.2.at="scbus2"
envvar		hint.da.2.target="3"
envvar		hint.sa.1.at="scbus1"
envvar		hint.sa.1.target="6"

# "units" (SCSI logical unit number) that are not specified are
# treated as if specified as LUN 0.

# All SCSI devices allocate as many units as are required.

# The ch driver drives SCSI Media Changer ("jukebox") devices.
#
# The da driver drives SCSI Direct Access ("disk") and Optical Media
# ("WORM") devices.
#
# The sa driver drives SCSI Sequential Access ("tape") devices.
#
# The cd driver drives SCSI Read Only Direct Access ("cd") devices.
#
# The ses driver drives SCSI Environment Services ("ses") and
# SAF-TE ("SCSI Accessible Fault-Tolerant Enclosure") devices.
#
# The pt driver drives SCSI Processor devices.
#
# The sg driver provides a passthrough API that is compatible with the
# Linux SG driver.  It will work in conjunction with the Linuxulator
# to run linux SG apps.  It can also stand on its own and provide
# source level API compatibility for porting apps to FreeBSD.
#
# Target Mode support is provided here but also requires that a SIM
# (SCSI Host Adapter Driver) provide support as well.
#
# The targ driver provides target mode support as a Processor type device.
# It exists to give the minimal context necessary to respond to Inquiry
# commands. There is a sample user application that shows how the rest
# of the command support might be done in /usr/share/examples/scsi_target.
#
# The targbh driver provides target mode support and exists to respond
# to incoming commands that do not otherwise have a logical unit assigned
# to them.
#
# The pass driver provides a passthrough API to access the CAM subsystem.

device		scbus		#base SCSI code
device		ch		#SCSI media changers
device		da		#SCSI direct access devices (aka disks)
device		sa		#SCSI tapes
device		cd		#SCSI CD-ROMs
device		ses		#Enclosure Services (SES and SAF-TE)
device		pt		#SCSI processor
device		targ		#SCSI Target Mode Code
device		targbh		#SCSI Target Mode Blackhole Device
device		pass		#CAM passthrough driver
device		sg		#Linux SCSI passthrough
device		ctl		#CAM Target Layer

# CAM OPTIONS:
# debugging options:
# CAMDEBUG		Compile in all possible debugging.
# CAM_DEBUG_COMPILE	Debug levels to compile in.
# CAM_DEBUG_FLAGS	Debug levels to enable on boot.
# CAM_DEBUG_BUS		Limit debugging to the given bus.
# CAM_DEBUG_TARGET	Limit debugging to the given target.
# CAM_DEBUG_LUN		Limit debugging to the given lun.
# CAM_DEBUG_DELAY	Delay in us after printing each debug line.
# CAM_IO_STATS		Publish additional CAM device statics by sysctl
#
# CAM_MAX_HIGHPOWER: Maximum number of concurrent high power (start unit) cmds
# SCSI_NO_SENSE_STRINGS: When defined disables sense descriptions
# SCSI_NO_OP_STRINGS: When defined disables opcode descriptions
# SCSI_DELAY: The number of MILLISECONDS to freeze the SIM (scsi adapter)
#             queue after a bus reset, and the number of milliseconds to
#             freeze the device queue after a bus device reset.  This
#             can be changed at boot and runtime with the
#             kern.cam.scsi_delay tunable/sysctl.
options 	CAMDEBUG
options 	CAM_DEBUG_COMPILE=-1
options 	CAM_DEBUG_FLAGS=(CAM_DEBUG_INFO|CAM_DEBUG_PROBE|CAM_DEBUG_PERIPH)
options 	CAM_DEBUG_BUS=-1
options 	CAM_DEBUG_TARGET=-1
options 	CAM_DEBUG_LUN=-1
options 	CAM_DEBUG_DELAY=1
options 	CAM_MAX_HIGHPOWER=4
options 	SCSI_NO_SENSE_STRINGS
options 	SCSI_NO_OP_STRINGS
options 	SCSI_DELAY=5000	# Be pessimistic about Joe SCSI device
options 	CAM_IOSCHED_DYNAMIC
options 	CAM_IO_STATS
options 	CAM_TEST_FAILURE

# Options for the CAM CDROM driver:
# CHANGER_MIN_BUSY_SECONDS: Guaranteed minimum time quantum for a changer LUN
# CHANGER_MAX_BUSY_SECONDS: Maximum time quantum per changer LUN, only
#                           enforced if there is I/O waiting for another LUN
# The compiled in defaults for these variables are 2 and 10 seconds,
# respectively.
#
# These can also be changed on the fly with the following sysctl variables:
# kern.cam.cd.changer.min_busy_seconds
# kern.cam.cd.changer.max_busy_seconds
#
options 	CHANGER_MIN_BUSY_SECONDS=2
options 	CHANGER_MAX_BUSY_SECONDS=10

# Options for the CAM sequential access driver:
# SA_IO_TIMEOUT: Timeout for read/write/wfm  operations, in minutes
# SA_SPACE_TIMEOUT: Timeout for space operations, in minutes
# SA_REWIND_TIMEOUT: Timeout for rewind operations, in minutes
# SA_ERASE_TIMEOUT: Timeout for erase operations, in minutes
# SA_1FM_AT_EOD: Default to model which only has a default one filemark at EOT.
options 	SA_IO_TIMEOUT=4
options 	SA_SPACE_TIMEOUT=60
options 	SA_REWIND_TIMEOUT=(2*60)
options 	SA_ERASE_TIMEOUT=(4*60)
options 	SA_1FM_AT_EOD

# Optional timeout for the CAM processor target (pt) device
# This is specified in seconds.  The default is 60 seconds.
options 	SCSI_PT_DEFAULT_TIMEOUT=60

# Optional enable of doing SES passthrough on other devices (e.g., disks)
#
# Normally disabled because a lot of newer SCSI disks report themselves
# as having SES capabilities, but this can then clot up attempts to build
# a topology with the SES device that's on the box these drives are in....
options 	SES_ENABLE_PASSTHROUGH


#####################################################################
# MISCELLANEOUS DEVICES AND OPTIONS

device		pty		#BSD-style compatibility pseudo ttys
device		nmdm		#back-to-back tty devices
device		md		#Memory/malloc disk
device		snp		#Snoop device - to look at pty/vty/etc..
device		ccd		#Concatenated disk driver
device		firmware	#firmware(9) support

# Kernel side iconv library
options 	LIBICONV

# Size of the kernel message buffer.  Should be N * pagesize.
options 	MSGBUF_SIZE=40960


#####################################################################
# HARDWARE BUS CONFIGURATION

#
# PCI bus & PCI options:
#
device		pci
options 	PCI_HP			# PCI-Express native HotPlug
options 	PCI_IOV			# PCI SR-IOV support


#####################################################################
# HARDWARE DEVICE CONFIGURATION

# For ISA the required hints are listed.
# PCI, CardBus, and SD/MMC are self identifying buses, so
# no hints are needed.

#
# Mandatory devices:
#

# These options are valid for other keyboard drivers as well.
options 	KBD_DISABLE_KEYMAP_LOAD	# refuse to load a keymap
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev

# Define keyboard latency (try 200/15 for a snappy interactive console)
options 	KBD_DELAY1=200		# define initial key delay
options 	KBD_DELAY2=15		# define key delay

device		kbdmux			# keyboard multiplexer
options 	KBDMUX_DFLT_KEYMAP	# specify the built-in keymap
makeoptions	KBDMUX_DFLT_KEYMAP=it.iso

options 	FB_DEBUG		# Frame buffer debugging

# Enable experimental features of the syscons terminal emulator (teken).
options 	TEKEN_CONS25		# cons25-style terminal emulation
options 	TEKEN_UTF8		# UTF-8 output handling

# The vt video console driver.
device		vt
options 	VT_ALT_TO_ESC_HACK=1	# Prepend ESC sequence to ALT keys
options 	VT_MAXWINDOWS=16	# Number of virtual consoles
options 	VT_TWOBUTTON_MOUSE	# Use right mouse button to paste

# The following options set the maximum framebuffer size.
options 	VT_FB_MAX_HEIGHT=480
options 	VT_FB_MAX_WIDTH=640

# The following options will let you change the default vt terminal colors.
options 	TERMINAL_NORM_ATTR=(FG_GREEN|BG_BLACK)
options 	TERMINAL_KERN_ATTR=(FG_LIGHTRED|BG_BLACK)

#
# Optional devices:
#

#
# SCSI host adapters:
#
# aacraid: Adaptec by PMC RAID controllers, Series 6/7/8 and upcoming
#          families. Container interface, CAM required.
# ahc: Adaptec 274x/284x/2910/293x/294x/394x/3950x/3960x/398X/4944/
#      19160x/29160x, aic7770/aic78xx
# ahd: Adaptec 29320/39320 Controllers.
# isp: Qlogic ISP 1020, 1040 and 1040B PCI SCSI host adapters,
#      ISP 1240 Dual Ultra SCSI, ISP 1080 and 1280 (Dual) Ultra2,
#      ISP 12160 Ultra3 SCSI,
#      Qlogic ISP 2100 and ISP 2200 1Gb Fibre Channel host adapters.
#      Qlogic ISP 2300 and ISP 2312 2Gb Fibre Channel host adapters.
#      Qlogic ISP 2322 and ISP 6322 2Gb Fibre Channel host adapters.
# ispfw: Firmware module for Qlogic host adapters
# mpr: LSI-Logic MPT/Fusion Gen 3
# mps: LSI-Logic MPT/Fusion Gen 2
# mpt: LSI-Logic MPT/Fusion 53c1020 or 53c1030 Ultra4
#      or FC9x9 Fibre Channel host adapters.
# sym: Symbios/Logic 53C8XX family of PCI-SCSI I/O processors:
#      53C810, 53C810A, 53C815, 53C825,  53C825A, 53C860, 53C875,
#      53C876, 53C885,  53C895, 53C895A, 53C896,  53C897, 53C1510D,
#      53C1010-33, 53C1010-66.

device		aacraid
device		ahc
device		ahd
device		isp
envvar		hint.isp.0.disable="1"
envvar		hint.isp.0.role="3"
envvar		hint.isp.0.prefer_iomap="1"
envvar		hint.isp.0.prefer_memmap="1"
envvar		hint.isp.0.fwload_disable="1"
envvar		hint.isp.0.ignore_nvram="1"
envvar		hint.isp.0.fullduplex="1"
envvar		hint.isp.0.topology="lport"
envvar		hint.isp.0.topology="nport"
envvar		hint.isp.0.topology="lport-only"
envvar		hint.isp.0.topology="nport-only"
# we can't get u_int64_t types, nor can we get strings if it's got
# a leading 0x, hence this silly dodge.
envvar		hint.isp.0.portwnn="w50000000aaaa0000"
envvar		hint.isp.0.nodewnn="w50000000aaaa0001"
device		ispfw
device		mpr			# LSI-Logic MPT-Fusion 3
device		mps			# LSI-Logic MPT-Fusion 2
device		mpt			# LSI-Logic MPT-Fusion
device		sym

# The aic7xxx driver will attempt to use memory mapped I/O for all PCI
# controllers that have it configured only if this option is set. Unfortunately,
# this doesn't work on some motherboards, which prevents it from being the
# default.
options 	AHC_ALLOW_MEMIO

# Dump the contents of the ahc controller configuration PROM.
options 	AHC_DUMP_EEPROM

# Bitmap of units to enable targetmode operations.
options 	AHC_TMODE_ENABLE

# Compile in Aic7xxx Debugging code.
options 	AHC_DEBUG

# Aic7xxx driver debugging options. See sys/dev/aic7xxx/aic7xxx.h
options 	AHC_DEBUG_OPTS

# Print register bitfields in debug output.  Adds ~128k to driver
# See ahc(4).
options 	AHC_REG_PRETTY_PRINT

# Compile in aic79xx debugging code.
options 	AHD_DEBUG

# Aic79xx driver debugging options.  Adds ~215k to driver.  See ahd(4).
options 	AHD_DEBUG_OPTS=0xFFFFFFFF

# Print human-readable register definitions when debugging
options 	AHD_REG_PRETTY_PRINT

# Bitmap of units to enable targetmode operations.
options 	AHD_TMODE_ENABLE

# Options used in dev/iscsi (Software iSCSI stack)
#
options 	ISCSI_INITIATOR_DEBUG=9

# Options used in dev/isp/ (Qlogic SCSI/FC driver).
#
#	ISP_TARGET_MODE		-	enable target mode operation
#
options 	ISP_TARGET_MODE=1
#
#	ISP_DEFAULT_ROLES	-	default role
#		none=0
#		target=1
#		initiator=2
#		both=3			(not supported currently)
#
#	ISP_INTERNAL_TARGET		(trivial internal disk target, for testing)
#
options 	ISP_DEFAULT_ROLES=0

#options 	SYM_SETUP_SCSI_DIFF	#-HVD support for 825a, 875, 885
					# disabled:0 (default), enabled:1
#options 	SYM_SETUP_PCI_PARITY	#-PCI parity checking
					# disabled:0, enabled:1 (default)
#options 	SYM_SETUP_MAX_LUN	#-Number of LUNs supported
					# default:8, range:[1..64]

#
# Compaq "CISS" RAID controllers (SmartRAID 5* series)
# These controllers have a SCSI-like interface, and require the
# CAM infrastructure.
#
device		ciss

#
# Compaq Smart RAID, Mylex DAC960 and AMI MegaRAID controllers.  Only
# one entry is needed; the code will find and configure all supported
# controllers.
#
device		ida		# Compaq Smart RAID
device		mlx		# Mylex DAC960
device		mfi		# LSI MegaRAID SAS
device		mfip		# LSI MegaRAID SAS passthrough, requires CAM
options 	MFI_DEBUG
device		mrsas		# LSI/Avago MegaRAID SAS/SATA, 6Gb/s and 12Gb/s

#
# Serial ATA host controllers:
#
# ahci: Advanced Host Controller Interface (AHCI) compatible
# mvs:  Marvell 88SX50XX/88SX60XX/88SX70XX/SoC controllers
# siis: SiliconImage SiI3124/SiI3132/SiI3531 controllers
#
# These drivers are part of cam(4) subsystem. They supersede less featured
# ata(4) subsystem drivers, supporting same hardware.

device		ahci
device		mvs
device		siis

#
# The 'ATA' driver supports all legacy ATA/ATAPI controllers, including
# PC Card devices. You only need one "device ata" for it to find all
# PCI and PC Card ATA/ATAPI devices on modern machines.
# Alternatively, individual bus and chipset drivers may be chosen by using
# the 'atacore' driver then selecting the drivers on a per vendor basis.
# For example to build a system which only supports a VIA chipset,
# omit 'ata' and include the 'atacore', 'atapci' and 'atavia' drivers.
device		ata

# Modular ATA
#device		atacore		# Core ATA functionality
#device		ataisa		# ISA bus support
#device		atapci		# PCI bus support; only generic chipset support

# PCI ATA chipsets
#device		ataacard	# ACARD
#device		ataacerlabs	# Acer Labs Inc. (ALI)
#device		ataamd		# American Micro Devices (AMD)
#device		ataati		# ATI
#device		atacenatek	# Cenatek
#device		atacypress	# Cypress
#device		atacyrix	# Cyrix
#device		atahighpoint	# HighPoint
#device		ataintel	# Intel
#device		ataite		# Integrated Technology Inc. (ITE)
#device		atajmicron	# JMicron
#device		atamarvell	# Marvell
#device		atamicron	# Micron
#device		atanational	# National
#device		atanetcell	# NetCell
#device		atanvidia	# nVidia
#device		atapromise	# Promise
#device		ataserverworks	# ServerWorks
#device		atasiliconimage	# Silicon Image Inc. (SiI) (formerly CMD)
#device		atasis		# Silicon Integrated Systems Corp.(SiS)
#device		atavia		# VIA Technologies Inc.

#
# For older non-PCI, non-PnPBIOS systems, these are the hints lines to add:
envvar		hint.ata.0.at="isa"
envvar		hint.ata.0.port="0x1f0"
envvar		hint.ata.0.irq="14"
envvar		hint.ata.1.at="isa"
envvar		hint.ata.1.port="0x170"
envvar		hint.ata.1.irq="15"

#
# uart: generic driver for serial interfaces.
#
device		uart

# Options for uart(4)
options 	UART_PPS_ON_CTS		# Do time pulse capturing using CTS
					# instead of DCD.
options 	UART_POLL_FREQ		# Set polling rate, used when hw has
					# no interrupt support (50 Hz default).

# The following hint should only be used for pure ISA devices.  It is not
# needed otherwise.  Use of hints is strongly discouraged.
envvar		hint.uart.0.at="isa"

# The following 3 hints are used when the UART is a system device (i.e., a
# console or debug port), but only on platforms that don't have any other
# means to pass the information to the kernel.  The unit number of the hint
# is only used to bundle the hints together.  There is no relation to the
# unit number of the probed UART.
envvar		hint.uart.0.port="0x3f8"
envvar		hint.uart.0.flags="0x10"
envvar		hint.uart.0.baud="115200"

# `flags' for serial drivers that support consoles, like uart(4):
#	0x10	enable console support for this unit.  Other console flags
#		(if applicable) are ignored unless this is set.  Enabling
#		console support does not make the unit the preferred console.
#		Boot with -h or set boot_serial=YES in the loader.
#		Currently, at most one unit can have console support; the
#		first one (in config file order) with this flag set is
#		preferred.
#	0x80	use this port for serial line gdb support in ddb.  Also known
#		as debug port.
#

# Options for serial drivers that support consoles:
options 	BREAK_TO_DEBUGGER	# A BREAK/DBG on the console goes to
					# ddb, if available.

# Solaris implements a new BREAK which is initiated by a character
# sequence CR ~ ^b which is similar to a familiar pattern used on
# Sun servers by the Remote Console.  There are FreeBSD extensions:
# CR ~ ^p requests force panic and CR ~ ^r requests a clean reboot.
options 	ALT_BREAK_TO_DEBUGGER

# Serial Communications Controller
# Supports the Freescale/NXP QUad Integrated and Zilog Z8530 multi-channel
# communications controllers.
device		scc

# PCI Universal Communications driver
# Supports various multi port PCI I/O cards.
device		puc

#
# Network interfaces:
#
# MII bus support is required for many PCI Ethernet NICs,
# namely those which use MII-compliant transceivers or implement
# transceiver control interfaces that operate like an MII.  Adding
# "device miibus" to the kernel config pulls in support for the generic
# miibus API, the common support for bit-bang'ing the MII and all
# of the PHY drivers, including a generic one for PHYs that aren't
# specifically handled by an individual driver.  Support for specific
# PHYs may be built by adding "device mii", "device mii_bitbang" if
# needed by the NIC driver and then adding the appropriate PHY driver.
device  	mii		# Minimal MII support
device  	mii_bitbang	# Common module for bit-bang'ing the MII
device  	miibus		# MII support w/ bit-bang'ing and all PHYs

device  	acphy		# Altima Communications AC101
device  	amphy		# AMD AM79c873 / Davicom DM910{1,2}
device  	atphy		# Attansic/Atheros F1
device  	axphy		# Asix Semiconductor AX88x9x
device  	bmtphy		# Broadcom BCM5201/BCM5202 and 3Com 3c905C
device		bnxt		# Broadcom NetXtreme-C/NetXtreme-E
device  	brgphy		# Broadcom BCM54xx/57xx 1000baseTX
device  	cgem		# Cadence GEM Gigabit Ethernet
device  	ciphy		# Cicada/Vitesse CS/VSC8xxx
device  	e1000phy	# Marvell 88E1000 1000/100/10-BT
device  	gentbi		# Generic 10-bit 1000BASE-{LX,SX} fiber ifaces
device  	icsphy		# ICS ICS1889-1893
device  	ip1000phy	# IC Plus IP1000A/IP1001
device  	jmphy		# JMicron JMP211/JMP202
device  	lxtphy		# Level One LXT-970
device  	nsgphy		# NatSemi DP8361/DP83865/DP83891
device  	nsphy		# NatSemi DP83840A
device  	nsphyter	# NatSemi DP83843/DP83815
device  	pnaphy		# HomePNA
device  	qsphy		# Quality Semiconductor QS6612
device  	rdcphy		# RDC Semiconductor R6040
device  	rgephy		# RealTek 8169S/8110S/8211B/8211C
device  	rlphy		# RealTek 8139
device  	rlswitch	# RealTek 8305
device  	smcphy		# SMSC LAN91C111
device  	tdkphy		# TDK 89Q2120
device  	truephy		# LSI TruePHY
device		xmphy		# XaQti XMAC II

# ae:   Support for gigabit ethernet adapters based on the Attansic/Atheros
#       L2 PCI-Express FastEthernet controllers.
# age:  Support for gigabit ethernet adapters based on the Attansic/Atheros
#       L1 PCI express gigabit ethernet controllers.
# alc:  Support for Atheros AR8131/AR8132 PCIe ethernet controllers.
# ale:  Support for Atheros AR8121/AR8113/AR8114 PCIe ethernet controllers.
# ath:  Atheros a/b/g WiFi adapters (requires ath_hal and wlan)
# bce:	Broadcom NetXtreme II (BCM5706/BCM5708) PCI/PCIe Gigabit Ethernet
#       adapters.
# bfe:	Broadcom BCM4401 Ethernet adapter.
# bge:	Support for gigabit ethernet adapters based on the Broadcom
#	BCM570x family of controllers, including the 3Com 3c996-T,
#	the Netgear GA302T, the SysKonnect SK-9D21 and SK-9D41, and
#	the embedded gigE NICs on Dell PowerEdge 2550 servers.
# bnxt:	Broadcom NetXtreme-C and NetXtreme-E PCIe 10/25/50G Ethernet adapters.
# bxe:	Broadcom NetXtreme II (BCM5771X/BCM578XX) PCIe 10Gb Ethernet
#       adapters.
# bwi:	Broadcom BCM430* and BCM431* family of wireless adapters.
# bwn:	Broadcom BCM43xx family of wireless adapters.
# cas:	Sun Cassini/Cassini+ and National Semiconductor DP83065 Saturn
# cxgb: Chelsio T3 based 1GbE/10GbE PCIe Ethernet adapters.
# cxgbe:Chelsio T4, T5, and T6-based 1/10/25/40/100GbE PCIe Ethernet
#	adapters.
# cxgbev: Chelsio T4, T5, and T6-based PCIe Virtual Functions.
# dc:   Support for PCI fast ethernet adapters based on the DEC/Intel 21143
#       and various workalikes including:
#       the ADMtek AL981 Comet and AN985 Centaur, the ASIX Electronics
#       AX88140A and AX88141, the Davicom DM9100 and DM9102, the Lite-On
#       82c168 and 82c169 PNIC, the Lite-On/Macronix LC82C115 PNIC II
#       and the Macronix 98713/98713A/98715/98715A/98725 PMAC. This driver
#       replaces the old al, ax, dm, pn and mx drivers.  List of brands:
#       Digital DE500-BA, Kingston KNE100TX, D-Link DFE-570TX, SOHOware SFA110,
#       SVEC PN102-TX, CNet Pro110B, 120A, and 120B, Compex RL100-TX,
#       LinkSys LNE100TX, LNE100TX V2.0, Jaton XpressNet, Alfa Inc GFC2204,
#       KNE110TX.
# em:   Intel Pro/1000 Gigabit Ethernet 82542, 82543, 82544 based adapters.
# fxp:  Intel EtherExpress Pro/100B
#	(hint of prefer_iomap can be done to prefer I/O instead of Mem mapping)
# gem:  Apple GMAC/Sun ERI/Sun GEM
# jme:  JMicron JMC260 Fast Ethernet/JMC250 Gigabit Ethernet based adapters.
# le:   AMD Am7900 LANCE and Am79C9xx PCnet
# lge:	Support for PCI gigabit ethernet adapters based on the Level 1
#	LXT1001 NetCellerator chipset. This includes the D-Link DGE-500SX,
#	SMC TigerCard 1000 (SMC9462SX), and some Addtron cards.
# lio:  Support for Cavium 23XX Ethernet adapters
# malo: Marvell Libertas wireless NICs.
# mwl:  Marvell 88W8363 802.11n wireless NICs.
#	Requires the mwl firmware module
# mwlfw: Marvell 88W8363 firmware
# msk:	Support for gigabit ethernet adapters based on the Marvell/SysKonnect
#	Yukon II Gigabit controllers, including 88E8021, 88E8022, 88E8061,
#	88E8062, 88E8035, 88E8036, 88E8038, 88E8050, 88E8052, 88E8053,
#	88E8055, 88E8056 and D-Link 560T/550SX.
# mlxfw: Mellanox firmware update module.
# mlx5:	Mellanox ConnectX-4 and ConnectX-4 LX IB and Eth shared code module.
# mlx5en:Mellanox ConnectX-4 and ConnectX-4 LX PCIe Ethernet adapters.
# my:	Myson Fast Ethernet (MTD80X, MTD89X)
# nge:	Support for PCI gigabit ethernet adapters based on the National
#	Semiconductor DP83820 and DP83821 chipset. This includes the
#	SMC EZ Card 1000 (SMC9462TX), D-Link DGE-500T, Asante FriendlyNet
#	GigaNIX 1000TA and 1000TPC, the Addtron AEG320T, the Surecom
#	EP-320G-TX and the Netgear GA622T.
# oce:	Emulex 10 Gbit adapters (OneConnect Ethernet)
# ral:	Ralink Technology IEEE 802.11 wireless adapter
# re:   RealTek 8139C+/8169/816xS/811xS/8101E PCI/PCIe Ethernet adapter
# rl:   Support for PCI fast ethernet adapters based on the RealTek 8129/8139
#       chipset.  Note that the RealTek driver defaults to using programmed
#       I/O to do register accesses because memory mapped mode seems to cause
#       severe lockups on SMP hardware.  This driver also supports the
#       Accton EN1207D `Cheetah' adapter, which uses a chip called
#       the MPX 5030/5038, which is either a RealTek in disguise or a
#       RealTek workalike.  Note that the D-Link DFE-530TX+ uses the RealTek
#       chipset and is supported by this driver, not the 'vr' driver.
# rtwn: RealTek wireless adapters.
# rtwnfw: RealTek wireless firmware.
# sge:  Silicon Integrated Systems SiS190/191 Fast/Gigabit Ethernet adapter
# sis:  Support for NICs based on the Silicon Integrated Systems SiS 900,
#       SiS 7016 and NS DP83815 PCI fast ethernet controller chips.
# sk:   Support for the SysKonnect SK-984x series PCI gigabit ethernet NICs.
#       This includes the SK-9841 and SK-9842 single port cards (single mode
#       and multimode fiber) and the SK-9843 and SK-9844 dual port cards
#       (also single mode and multimode).
#       The driver will autodetect the number of ports on the card and
#       attach each one as a separate network interface.
# ste:  Sundance Technologies ST201 PCI fast ethernet controller, includes
#       the D-Link DFE-550TX.
# stge: Support for gigabit ethernet adapters based on the Sundance/Tamarack
#       TC9021 family of controllers, including the Sundance ST2021/ST2023,
#       the Sundance/Tamarack TC9021, the D-Link DL-4000 and ASUS NX1101.
# ti:   Support for PCI gigabit ethernet NICs based on the Alteon Networks
#       Tigon 1 and Tigon 2 chipsets.  This includes the Alteon AceNIC, the
#       3Com 3c985, the Netgear GA620 and various others.  Note that you will
#       probably want to bump up kern.ipc.nmbclusters a lot to use this driver.
# vr:   Support for various fast ethernet adapters based on the VIA
#       Technologies VT3043 `Rhine I' and VT86C100A `Rhine II' chips,
#       including the D-Link DFE520TX and D-Link DFE530TX (see 'rl' for
#       DFE530TX+), the Hawking Technologies PN102TX, and the AOpen/Acer ALN-320.
# vte:  DM&P Vortex86 RDC R6040 Fast Ethernet
# xl:   Support for the 3Com 3c900, 3c905, 3c905B and 3c905C (Fast)
#       Etherlink XL cards and integrated controllers.  This includes the
#       integrated 3c905B-TX chips in certain Dell Optiplex and Dell
#       Precision desktop machines and the integrated 3c905-TX chips
#       in Dell Latitude laptop docking stations.
#       Also supported: 3Com 3c980(C)-TX, 3Com 3cSOHO100-TX, 3Com 3c450-TX

# PCI Ethernet NICs that use the common MII bus controller code.
device		ae		# Attansic/Atheros L2 FastEthernet
device		age		# Attansic/Atheros L1 Gigabit Ethernet
device		alc		# Atheros AR8131/AR8132 Ethernet
device		ale		# Atheros AR8121/AR8113/AR8114 Ethernet
device		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
device		bfe		# Broadcom BCM440x 10/100 Ethernet
device		bge		# Broadcom BCM570xx Gigabit Ethernet
device		cas		# Sun Cassini/Cassini+ and NS DP83065 Saturn
device		dc		# DEC/Intel 21143 and various workalikes
device		et		# Agere ET1310 10/100/Gigabit Ethernet
device		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
envvar		hint.fxp.0.prefer_iomap="0"
device		gem		# Apple GMAC/Sun ERI/Sun GEM
device		jme		# JMicron JMC250 Gigabit/JMC260 Fast Ethernet
device		lge		# Level 1 LXT1001 gigabit Ethernet
device		lio		# Support for Cavium 23XX Ethernet adapters
device		mlxfw		# Mellanox firmware update module
device		mlx5		# Shared code module between IB and Ethernet
device		mlx5en		# Mellanox ConnectX-4 and ConnectX-4 LX
device		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
device		my		# Myson Fast Ethernet (MTD80X, MTD89X)
device		nge		# NatSemi DP83820 gigabit Ethernet
device		re		# RealTek 8139C+/8169/8169S/8110S
device		rl		# RealTek 8129/8139
device		sge		# Silicon Integrated Systems SiS190/191
device		sis		# Silicon Integrated Systems SiS 900/SiS 7016
device		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
device		ste		# Sundance ST201 (D-Link DFE-550TX)
device		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
device		vr		# VIA Rhine, Rhine II
device		vte		# DM&P Vortex86 RDC R6040 Fast Ethernet
device		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')

# PCI/PCI-X/PCIe Ethernet NICs that use iflib infrastructure
device		iflib
device		em		# Intel Pro/1000 Gigabit Ethernet
device		ix		# Intel Pro/10Gbe PCIE Ethernet
device		ixv		# Intel Pro/10Gbe PCIE Ethernet VF

# PCI Ethernet NICs.
device		cxgb		# Chelsio T3 10 Gigabit Ethernet
device		cxgb_t3fw	# Chelsio T3 10 Gigabit Ethernet firmware
device		cxgbe		# Chelsio T4-T6 1/10/25/40/100 Gigabit Ethernet
device		cxgbev		# Chelsio T4-T6 Virtual Functions
device		le		# AMD Am7900 LANCE and Am79C9xx PCnet
device		mxge		# Myricom Myri-10G 10GbE NIC
device		oce		# Emulex 10 GbE (OneConnect Ethernet)
device		ti		# Alteon Networks Tigon I/II gigabit Ethernet

# PCI IEEE 802.11 Wireless NICs
device		ath		# Atheros pci/cardbus NIC's
device		ath_hal		# pci/cardbus chip support
#device		ath_ar5210	# AR5210 chips
#device		ath_ar5211	# AR5211 chips
#device		ath_ar5212	# AR5212 chips
#device		ath_rf2413
#device		ath_rf2417
#device		ath_rf2425
#device		ath_rf5111
#device		ath_rf5112
#device		ath_rf5413
#device		ath_ar5416	# AR5416 chips
# All of the AR5212 parts have a problem when paired with the AR71xx
# CPUS.  These parts have a bug that triggers a fatal bus error on the AR71xx
# only.  Details of the exact nature of the bug are sketchy, but some can be
# found at https://forum.openwrt.org/viewtopic.php?pid=70060 on pages 4, 5 and
# 6.  This option enables this workaround.  There is a performance penalty
# for this work around, but without it things don't work at all.  The DMA
# from the card usually bursts 128 bytes, but on the affected CPUs, only
# 4 are safe.
options    	AH_RXCFG_SDMAMW_4BYTES
#device		ath_ar9160	# AR9160 chips
#device		ath_ar9280	# AR9280 chips
#device		ath_ar9285	# AR9285 chips
device		ath_rate_sample	# SampleRate tx rate control for ath
device		bwi		# Broadcom BCM430* BCM431*
device		bwn		# Broadcom BCM43xx
device		malo		# Marvell Libertas wireless NICs.
device		mwl		# Marvell 88W8363 802.11n wireless NICs.
device		mwlfw
device		ral		# Ralink Technology RT2500 wireless NICs.
device		rtwn		# Realtek wireless NICs
device		rtwnfw

# Use sf_buf(9) interface for jumbo buffers on ti(4) controllers.
#options 	TI_SF_BUF_JUMBO
# Turn on the header splitting option for the ti(4) driver firmware.  This
# only works for Tigon II chips, and has no effect for Tigon I chips.
# This option requires the TI_SF_BUF_JUMBO option above.
#options 	TI_JUMBO_HDRSPLIT

# These two options allow manipulating the mbuf cluster size and mbuf size,
# respectively.  Be very careful with NIC driver modules when changing
# these from their default values, because that can potentially cause a
# mismatch between the mbuf size assumed by the kernel and the mbuf size
# assumed by a module.  The only driver that currently has the ability to
# detect a mismatch is ti(4).
options 	MCLSHIFT=11	# mbuf cluster shift in bits, 11 == 2KB
options 	MSIZE=256	# mbuf size in bytes

#
# Sound drivers
#
# sound: The generic sound driver.
#

device		sound

#
# snd_*: Device-specific drivers.
#
# The flags of the device tell the device a bit more info about the
# device that normally is obtained through the PnP interface.
#	bit  2..0   secondary DMA channel;
#	bit  4      set if the board uses two dma channels;
#	bit 15..8   board type, overrides autodetection; leave it
#		    zero if don't know what to put in (and you don't,
#		    since this is unsupported at the moment...).
#
# snd_als4000:		Avance Logic ALS4000 PCI.
# snd_atiixp:		ATI IXP 200/300/400 PCI.
# snd_cmi:		CMedia CMI8338/CMI8738 PCI.
# snd_cs4281:		Crystal Semiconductor CS4281 PCI.
# snd_csa:		Crystal Semiconductor CS461x/428x PCI. (except
#			4281)
# snd_emu10k1:		Creative EMU10K1 PCI and EMU10K2 (Audigy) PCI.
# snd_emu10kx:		Creative SoundBlaster Live! and Audigy
# snd_envy24:		VIA Envy24 and compatible, needs snd_spicds.
# snd_envy24ht:		VIA Envy24HT and compatible, needs snd_spicds.
# snd_es137x:		Ensoniq AudioPCI ES137x PCI.
# snd_fm801:		Forte Media FM801 PCI.
# snd_hda:		Intel High Definition Audio (Controller) and
#			compatible.
# snd_hdspe:		RME HDSPe AIO and RayDAT.
# snd_ich:		Intel ICH AC'97 and some more audio controllers
#			embedded in a chipset, for example nVidia
#			nForce controllers.
# snd_maestro3:		ESS Technology Maestro-3/Allegro PCI.
# snd_neomagic:		Neomagic 256 AV/ZX PCI.
# snd_solo:		ESS Solo-1x PCI.
# snd_spicds:		SPI codec driver, needed by Envy24/Envy24HT drivers.
# snd_t4dwave:		Trident 4DWave DX/NX PCI, Sis 7018 PCI and Acer Labs
#			M5451 PCI.
# snd_uaudio:		USB audio.
# snd_via8233:		VIA VT8233x PCI.
# snd_via82c686:	VIA VT82C686A PCI.
# snd_vibes:		S3 Sonicvibes PCI.

device		snd_als4000
device		snd_atiixp
device		snd_cmi
device		snd_cs4281
device		snd_csa
device		snd_emu10k1
device		snd_emu10kx
device		snd_envy24
device		snd_envy24ht
device		snd_es137x
device		snd_fm801
device		snd_hda
device		snd_hdspe
device		snd_ich
device		snd_maestro3
device		snd_neomagic
device		snd_solo
device		snd_spicds
device		snd_t4dwave
device		snd_uaudio
device		snd_via8233
device		snd_via82c686
device		snd_vibes

# For non-PnP sound cards:
envvar		hint.pcm.0.at="isa"
envvar		hint.pcm.0.irq="10"
envvar		hint.pcm.0.drq="1"
envvar		hint.pcm.0.flags="0x0"
envvar		hint.sbc.0.at="isa"
envvar		hint.sbc.0.port="0x220"
envvar		hint.sbc.0.irq="5"
envvar		hint.sbc.0.drq="1"
envvar		hint.sbc.0.flags="0x15"
envvar		hint.gusc.0.at="isa"
envvar		hint.gusc.0.port="0x220"
envvar		hint.gusc.0.irq="5"
envvar		hint.gusc.0.drq="1"
envvar		hint.gusc.0.flags="0x13"

#
# Following options are intended for debugging/testing purposes:
#
# SND_DEBUG                    Enable extra debugging code that includes
#                              sanity checking and possible increase of
#                              verbosity.
#
# SND_DIAGNOSTIC               Similar in a spirit of INVARIANTS/DIAGNOSTIC,
#                              zero tolerance against inconsistencies.
#
# SND_FEEDER_MULTIFORMAT       By default, only 16/32 bit feeders are compiled
#                              in. This options enable most feeder converters
#                              except for 8bit. WARNING: May bloat the kernel.
#
# SND_FEEDER_FULL_MULTIFORMAT  Ditto, but includes 8bit feeders as well.
#
# SND_FEEDER_RATE_HP           (feeder_rate) High precision 64bit arithmetic
#                              as much as possible (the default trying to
#                              avoid it). Possible slowdown.
#
# SND_PCM_64                   (Only applicable for i386/32bit arch)
#                              Process 32bit samples through 64bit
#                              integer/arithmetic. Slight increase of dynamic
#                              range at a cost of possible slowdown.
#
# SND_OLDSTEREO                Only 2 channels are allowed, effectively
#                              disabling multichannel processing.
#
options 	SND_DEBUG
options 	SND_DIAGNOSTIC
options 	SND_FEEDER_MULTIFORMAT
options 	SND_FEEDER_FULL_MULTIFORMAT
options 	SND_FEEDER_RATE_HP
options 	SND_PCM_64
options 	SND_OLDSTEREO

#
# Cardbus
#
# cbb: pci/CardBus bridge implementing YENTA interface
# cardbus: CardBus slots
device		cbb
device		cardbus

#
# MMC/SD
#
# mmc 		MMC/SD bus
# mmcsd		MMC/SD memory card
# sdhci		Generic PCI SD Host Controller
# rtsx		Realtek SD card reader (RTS5209, RTS5227, ...)
device		mmc
device		mmcsd
device		sdhci
device		rtsx

#
# SMB bus
#
# System Management Bus support is provided by the 'smbus' device.
# Access to the SMBus device is via the 'smb' device (/dev/smb*),
# which is a child of the 'smbus' device.
#
# Supported devices:
# smb		standard I/O through /dev/smb*
#
# Supported SMB interfaces:
# iicsmb	I2C to SMB bridge with any iicbus interface
# intpm		Intel PIIX4 (82371AB, 82443MX) Power Management Unit
# alpm		Acer Aladdin-IV/V/Pro2 Power Management Unit
# ichsmb	Intel ICH SMBus controller chips (82801AA, 82801AB, 82801BA)
# viapm		VIA VT82C586B/596B/686A and VT8233 Power Management Unit
# amdpm		AMD 756 Power Management Unit
# amdsmb	AMD 8111 SMBus 2.0 Controller
# nfpm		NVIDIA nForce Power Management Unit
# nfsmb		NVIDIA nForce2/3/4 MCP SMBus 2.0 Controller
# ismt		Intel SMBus 2.0 controller chips (on Atom S1200, C2000)
#
device		smbus		# Bus support, required for smb below.

device		intpm
device		alpm
device		ichsmb
device		viapm
device		amdpm
device		amdsmb
device		nfpm
device		nfsmb
device		ismt

device		smb

# SMBus peripheral devices
#
# jedec_dimm	Asset and temperature reporting for DDR3 and DDR4 DIMMs
#
device		jedec_dimm

# I2C Bus
#
# Philips i2c bus support is provided by the `iicbus' device.
#
# Supported devices:
# ic	i2c network interface
# iic	i2c standard io
# iicsmb i2c to smb bridge. Allow i2c i/o with smb commands.
# iicoc simple polling driver for OpenCores I2C controller
#
# Other:
# iicbb	generic I2C bit-banging code (needed by lpbb)
#
device		iicbus		# Bus support, required for ic/iic/iicsmb below.
device		iicbb		# bitbang driver; implements i2c on a pair of gpio pins

device		ic
device		iic		# userland access to i2c slave devices via ioctl(8)
device		iicsmb		# smb over i2c bridge
device		iicoc		# OpenCores I2C controller support

# I2C bus multiplexer (mux) devices
device		iicmux		# i2c mux core driver
device		iic_gpiomux	# i2c mux hardware controlled via gpio pins
device		ltc430x		# LTC4305 and LTC4306 i2c mux chips

# I2C peripheral devices
#
device		ad7418		# Analog Devices temp and voltage sensor
device		ads111x		# Texas Instruments ADS101x and ADS111x ADCs
device		ds1307		# Dallas DS1307 RTC and compatible
device		ds13rtc		# All Dallas/Maxim ds13xx chips
device		ds1672		# Dallas DS1672 RTC
device		ds3231		# Dallas DS3231 RTC + temperature
device		fan53555	# Fairchild Semi FAN53555/SYR82x Regulator
device		icee		# AT24Cxxx and compatible EEPROMs
device		isl12xx		# Intersil ISL12xx RTC
device		lm75		# LM75 compatible temperature sensor
device		nxprtc		# NXP RTCs: PCA/PFC212x PCA/PCF85xx
device		rtc8583		# Epson RTC-8583
device		s35390a		# Seiko Instruments S-35390A RTC
device		sy8106a		# Silergy Corp. SY8106A buck regulator

# Parallel-Port Bus
#
# Parallel port bus support is provided by the `ppbus' device.
# Multiple devices may be attached to the parallel port, devices
# are automatically probed and attached when found.
#
# Supported devices:
# lpt	Parallel Printer
# plip	Parallel network interface
# ppi	General-purpose I/O ("Geek Port") + IEEE1284 I/O
# pps	Pulse per second Timing Interface
# lpbb	Philips official parallel port I2C bit-banging interface
# pcfclock Parallel port clock driver.
#
# Supported interfaces:
# ppc	ISA-bus parallel port interfaces.
#

options 	PPC_PROBE_CHIPSET # Enable chipset specific detection
				  # (see flags in ppc(4))
options 	DEBUG_1284	# IEEE1284 signaling protocol debug
options 	PERIPH_1284	# Makes your computer act as an IEEE1284
				# compliant peripheral
options 	DONTPROBE_1284	# Avoid boot detection of PnP parallel devices
options 	LPT_DEBUG	# Printer driver debug
options 	PPC_DEBUG	# Parallel chipset level debug
options 	PLIP_DEBUG	# Parallel network IP interface debug
options 	PCFCLOCK_VERBOSE         # Verbose pcfclock driver
options 	PCFCLOCK_MAX_RETRIES=5   # Maximum read tries (default 10)

device		ppc
envvar		hint.ppc.0.at="isa"
envvar		hint.ppc.0.irq="7"
device		ppbus
device		lpt
device		plip
device		ppi
device		pps
device		lpbb
device		pcfclock

# General Purpose I/O pins
device		dwgpio		# Synopsys DesignWare APB GPIO Controller
device  	gpio		# gpio interfaces and bus support
device  	gpiobacklight	# sysctl control of gpio-based backlight
device  	gpioiic		# i2c via gpio bitbang
device  	gpiokeys	# kbd(4) glue for gpio-based key input
device  	gpioled		# led(4) gpio glue
device  	gpiopower	# event handler for gpio-based powerdown
device  	gpiopps		# Pulse per second input from gpio pin
device  	gpioregulator	# extres/regulator glue for gpio pin
device  	gpiospi		# SPI via gpio bitbang
device  	gpioths		# 1-wire temp/humidity sensor on gpio pin

# Pulse width modulation
device  	pwmbus		# pwm interface and bus support
device  	pwmc		# userland control access to pwm outputs

#
# Etherswitch framework and drivers
#
# etherswitch	The etherswitch(4) framework
# miiproxy	Proxy device for miibus(4) functionality
#
# Switch hardware support:
# arswitch	Atheros switches
# ip17x 	IC+ 17x family switches
# rtl8366r	Realtek RTL8366 switches
# ukswitch	Multi-PHY switches
#
device		etherswitch
device		miiproxy
device		arswitch
device		ip17x
device		rtl8366rb
device		ukswitch

# Kernel BOOTP support

options 	BOOTP		# Use BOOTP to obtain IP address/hostname
				# Requires NFSCL and NFS_ROOT
options 	BOOTP_NFSROOT	# NFS mount root filesystem using BOOTP info
options 	BOOTP_NFSV3	# Use NFS v3 to NFS mount root
options 	BOOTP_COMPAT	# Workaround for broken bootp daemons.
options 	BOOTP_WIRED_TO=fxp0 # Use interface fxp0 for BOOTP
options 	BOOTP_BLOCKSIZE=8192 # Override NFS block size

#
# Enable software watchdog routines, even if hardware watchdog is present.
# By default, software watchdog timer is enabled only if no hardware watchdog
# is present.
#
options 	SW_WATCHDOG

#
# Add the software deadlock resolver thread.
#
options 	DEADLKRES

#
# Disable swapping of stack pages.  This option removes all
# code which actually performs swapping, so it's not possible to turn
# it back on at run-time.
#
# This is sometimes usable for systems which don't have any swap space
# (see also sysctl "vm.disable_swapspace_pageouts")
#
#options 	NO_SWAPPING

# Set the number of sf_bufs to allocate. sf_bufs are virtual buffers
# for sendfile(2) that are used to map file VM pages, and normally
# default to a quantity that is roughly 16*MAXUSERS+512. You would
# typically want about 4 of these for each simultaneous file send.
#
options 	NSFBUFS=1024

#
# Enable extra debugging code for locks.  This stores the filename and
# line of whatever acquired the lock in the lock itself, and changes a
# number of function calls to pass around the relevant data.  This is
# not at all useful unless you are debugging lock code.  Note that
# modules should be recompiled as this option modifies KBI.
#
options 	DEBUG_LOCKS

#####################################################################
# HID support
device		hid		# Generic HID support
options 	HID_DEBUG	# enable debug msgs
device		hidbus		# HID bus
device		hidmap		# HID to evdev mapping
device		hidraw		# Raw access driver
options 	HIDRAW_MAKE_UHID_ALIAS	# install /dev/uhid alias
device		hconf		# Multitouch configuration TLC
device		hcons		# Consumer controls
device		hgame		# Generic game controllers
device		hkbd		# HID keyboard
device		hms		# HID mouse
device		hmt		# HID multitouch (MS-compatible)
device		hpen		# Generic pen driver
device		hsctrl		# System controls
device		ps4dshock	# Sony PS4 DualShock 4 gamepad driver
device		xb360gp		# XBox 360 gamepad driver

#####################################################################
# USB support
# UHCI controller
device		uhci
# OHCI controller
device		ohci
# EHCI controller
device		ehci
# XHCI controller
device		xhci
# SL811 Controller
#device		slhci
# General USB code (mandatory for USB)
device		usb
#
# USB Double Bulk Pipe devices
device		udbp
# USB temperature meter
device		ugold
# USB LED
device		uled
# Human Interface Device (anything with buttons and dials)
device		uhid
# USB keyboard
device		ukbd
# USB printer
device		ulpt
# USB mass storage driver (Requires scbus and da)
device		umass
# USB mass storage driver for device-side mode
device		usfs
# USB support for Belkin F5U109 and Magic Control Technology serial adapters
device		umct
# USB modem support
device		umodem
# USB mouse
device		ums
# USB touchpad(s)
device		atp
device		wsp
# eGalax USB touch screen
device		uep
# Diamond Rio 500 MP3 player
device		urio
# HID-over-USB driver
device		usbhid

#
# USB serial support
device		ucom
# USB support for 3G modem cards by Option, Novatel, Huawei and Sierra
device		u3g
# USB support for Technologies ARK3116 based serial adapters
device		uark
# USB support for Belkin F5U103 and compatible serial adapters
device		ubsa
# USB support for serial adapters based on the FT8U100AX and FT8U232AM
device		uftdi
# USB support for some Windows CE based serial communication.
device		uipaq
# USB support for Prolific PL-2303 serial adapters
device		uplcom
# USB support for Silicon Laboratories CP2101/CP2102 based USB serial adapters
device		uslcom
# USB Visor and Palm devices
device		uvisor
# USB serial support for DDI pocket's PHS
device		uvscom
#
# USB ethernet support
device		uether
# ADMtek USB ethernet. Supports the LinkSys USB100TX,
# the Billionton USB100, the Melco LU-ATX, the D-Link DSB-650TX
# and the SMC 2202USB. Also works with the ADMtek AN986 Pegasus
# eval board.
device		aue

# ASIX Electronics AX88172 USB 2.0 ethernet driver. Used in the
# LinkSys USB200M and various other adapters.
device		axe
# ASIX Electronics AX88178A/AX88179 USB 2.0/3.0 gigabit ethernet driver.
device		axge

#
# Devices which communicate using Ethernet over USB, particularly
# Communication Device Class (CDC) Ethernet specification. Supports
# Sharp Zaurus PDAs, some DOCSIS cable modems and so on.
device		cdce
#
# CATC USB-EL1201A USB ethernet. Supports the CATC Netmate
# and Netmate II, and the Belkin F5U111.
device		cue
#
# Kawasaki LSI ethernet. Supports the LinkSys USB10T,
# Entrega USB-NET-E45, Peracom Ethernet Adapter, the
# 3Com 3c19250, the ADS Technologies USB-10BT, the ATen UC10T,
# the Netgear EA101, the D-Link DSB-650, the SMC 2102USB
# and 2104USB, and the Corega USB-T.
device		kue
#
# RealTek RTL8150 USB to fast ethernet. Supports the Melco LUA-KTX
# and the GREEN HOUSE GH-USB100B.
device		rue
#
# Davicom DM9601E USB to fast ethernet. Supports the Corega FEther USB-TXC.
device		udav
#
# RealTek RTL8152/RTL8153 USB Ethernet driver
device		ure
#
# Moschip MCS7730/MCS7840 USB to fast ethernet. Supports the Sitecom LN030.
device		mos
#
# HSxPA devices from Option N.V
device		uhso

# Realtek RTL8188SU/RTL8191SU/RTL8192SU wireless driver
device		rsu
#
# Ralink Technology RT2501USB/RT2601USB wireless driver
device		rum
# Ralink Technology RT2700U/RT2800U/RT3000U wireless driver
device		run
#
# Atheros AR5523 wireless driver
device		uath
#
# Conexant/Intersil PrismGT wireless driver
device		upgt
#
# Ralink Technology RT2500USB wireless driver
device		ural
#
# RNDIS USB ethernet driver
device		urndis
# Realtek RTL8187B/L wireless driver
device		urtw
#
# ZyDas ZD1211/ZD1211B wireless driver
device		zyd
#
# Sierra USB wireless driver
device		usie

#
# debugging options for the USB subsystem
#
options 	USB_DEBUG
options 	U3G_DEBUG

# options for ukbd:
options 	UKBD_DFLT_KEYMAP	# specify the built-in keymap
makeoptions	UKBD_DFLT_KEYMAP=jp.106

# options for uplcom:
options 	UPLCOM_INTR_INTERVAL=100	# interrupt pipe interval
						# in milliseconds

# options for uvscom:
options 	UVSCOM_DEFAULT_OPKTSIZE=8	# default output packet size
options 	UVSCOM_INTR_INTERVAL=100	# interrupt pipe interval
						# in milliseconds

#####################################################################
# FireWire support

device		firewire	# FireWire bus code
device		sbp		# SCSI over Firewire (Requires scbus and da)
device		sbp_targ	# SBP-2 Target mode  (Requires scbus and targ)
device		fwe		# Ethernet over FireWire (non-standard!)
device		fwip		# IP over FireWire (RFC2734 and RFC3146)

#####################################################################
# dcons support (Dumb Console Device)

device		dcons			# dumb console driver
device		dcons_crom		# FireWire attachment
options 	DCONS_BUF_SIZE=16384	# buffer size
options 	DCONS_POLL_HZ=100	# polling rate
options 	DCONS_FORCE_CONSOLE=0	# force to be the primary console
options 	DCONS_FORCE_GDB=1	# force to be the gdb device

#####################################################################
# crypto subsystem
#
# This is a port of the OpenBSD crypto framework.  Include this when
# configuring IPSEC and when you have a h/w crypto device to accelerate
# user applications that link to OpenSSL.
#
# Drivers are ports from OpenBSD with some simple enhancements that have
# been fed back to OpenBSD.

device		crypto		# core crypto support

# Only install the cryptodev device if you are running tests, or know
# specifically why you need it.  In most cases, it is not needed and
# will make things slower.
device		cryptodev	# /dev/crypto for access to h/w

device		rndtest		# FIPS 140-2 entropy tester

device		ccr		# Chelsio T6

device		hifn		# Hifn 7951, 7781, etc.
options 	HIFN_DEBUG	# enable debugging support: hw.hifn.debug
options 	HIFN_RNDTEST	# enable rndtest support

#####################################################################


#
# Embedded system options:
#
# An embedded system might want to run something other than init.
options 	INIT_PATH=/sbin/init:/rescue/init

# Debug options
options 	BUS_DEBUG	# enable newbus debugging
options 	DEBUG_VFS_LOCKS	# enable VFS lock debugging
options 	SOCKBUF_DEBUG	# enable sockbuf last record/mb tail checking
options 	IFMEDIA_DEBUG	# enable debugging in net/if_media.c

#
# Verbose SYSINIT
#
# Make the SYSINIT process performed by mi_startup() verbose.  This is very
# useful when porting to a new architecture.  If DDB is also enabled, this
# will print function names instead of addresses.  If defined with a value
# of zero, the verbose code is compiled-in but disabled by default, and can
# be enabled with the debug.verbose_sysinit=1 tunable.
options 	VERBOSE_SYSINIT

#####################################################################
# SYSV IPC KERNEL PARAMETERS
#
# Maximum number of System V semaphores that can be used on the system at
# one time.
options 	SEMMNI=11

# Total number of semaphores system wide
options 	SEMMNS=61

# Total number of undo structures in system
options 	SEMMNU=31

# Maximum number of System V semaphores that can be used by a single process
# at one time.
options 	SEMMSL=61

# Maximum number of operations that can be outstanding on a single System V
# semaphore at one time.
options 	SEMOPM=101

# Maximum number of undo operations that can be outstanding on a single
# System V semaphore at one time.
options 	SEMUME=11

# Maximum number of shared memory pages system wide.
options 	SHMALL=1025

# Maximum size, in bytes, of a single System V shared memory region.
options 	SHMMAX=(SHMMAXPGS*PAGE_SIZE+1)
options 	SHMMAXPGS=1025

# Minimum size, in bytes, of a single System V shared memory region.
options 	SHMMIN=2

# Maximum number of shared memory regions that can be used on the system
# at one time.
options 	SHMMNI=33

# Maximum number of System V shared memory regions that can be attached to
# a single process at one time.
options 	SHMSEG=9

# Set the amount of time (in seconds) the system will wait before
# rebooting automatically when a kernel panic occurs.  If set to (-1),
# the system will wait indefinitely until a key is pressed on the
# console.
options 	PANIC_REBOOT_WAIT_TIME=16

# Attempt to bypass the buffer cache and put data directly into the
# userland buffer for read operation when O_DIRECT flag is set on the
# file.  Both offset and length of the read operation must be
# multiples of the physical media sector size.
#
options 	DIRECTIO

# Specify a lower limit for the number of swap I/O buffers.  They are
# (among other things) used when bypassing the buffer cache due to
# DIRECTIO kernel option enabled and O_DIRECT flag set on file.
#
options 	NSWBUF_MIN=120

#####################################################################

# More undocumented options for linting.
# Note that documenting these is not considered an affront.

options 	CAM_DEBUG_DELAY

options 	DEBUG

# Kernel filelock debugging.
options 	LOCKF_DEBUG

# System V compatible message queues
# Please note that the values provided here are used to test kernel
# building.  The defaults in the sources provide almost the same numbers.
# MSGSSZ must be a power of 2 between 8 and 1024.
options 	MSGMNB=2049	# Max number of chars in queue
options 	MSGMNI=41	# Max number of message queue identifiers
options 	MSGSEG=2049	# Max number of message segments
options 	MSGSSZ=16	# Size of a message segment
options 	MSGTQL=41	# Max number of messages in system

options 	NBUF=512	# Number of buffer headers

options 	SC_DEBUG_LEVEL=5	# Syscons debug level
options 	SC_RENDER_DEBUG	# syscons rendering debugging

options 	VFS_BIO_DEBUG	# VFS buffer I/O debugging

options 	KSTACK_MAX_PAGES=32 # Maximum pages to give the kernel stack
options 	KSTACK_USAGE_PROF

# Adaptec Array Controller driver options
options 	AAC_DEBUG	# Debugging levels:
				# 0 - quiet, only emit warnings
				# 1 - noisy, emit major function
				#     points and things done
				# 2 - extremely noisy, emit trace
				#     items in loops, etc.

# Resource Accounting
options 	RACCT

# Resource Limits
options 	RCTL

# Yet more undocumented options for linting.
options 	MAXFILES=999

# Random number generator
# Alternative algorithm.
#options 	RANDOM_FENESTRASX
# Allow the CSPRNG algorithm to be loaded as a module.
#options 	RANDOM_LOADABLE
# Select this to allow high-rate but potentially expensive
# harvesting of Slab-Allocator entropy. In very high-rate
# situations the value of doing this is dubious at best.
options 	RANDOM_ENABLE_UMA	# slab allocator

# Select this to allow high-rate but potentially expensive
# harvesting of of the m_next pointer in the mbuf. Note that
# the m_next pointer is NULL except when receiving > 4K
# jumbo frames or sustained bursts by way of LRO. Thus in
# the common case it is stirring zero in to the entropy
# pool. In cases where it is not NULL it is pointing to one
# of a small (in the thousands to 10s of thousands) number
# of 256 byte aligned mbufs. Hence it is, even in the best
# case, a poor source of entropy. And in the absence of actual
# runtime analysis of entropy collection may mislead the user in
# to believe that substantially more entropy is being collected
# than in fact is - leading to a different class of security
# risk. In high packet rate situations ethernet entropy
# collection is also very expensive, possibly leading to as
# much as a 50% drop in packets received.
# This option is present to maintain backwards compatibility
# if desired, however it cannot be recommended for use in any
# environment.
options 	RANDOM_ENABLE_ETHER	# ether_input

# Module to enable execution of application via emulators like QEMU
options         IMGACT_BINMISC

# zlib I/O stream support
# This enables support for compressed core dumps.
options 	GZIO

# zstd support
# This enables support for Zstd compressed core dumps, GEOM_UZIP images,
# and is required by zfs if statically linked.
options 	ZSTDIO

# BHND(4) drivers
options 	BHND_LOGLEVEL	# Logging threshold level

# evdev interface
device		evdev		# input event device support
options 	EVDEV_SUPPORT	# evdev support in legacy drivers
options 	EVDEV_DEBUG	# enable event debug msgs
device		uinput		# install /dev/uinput cdev
options 	UINPUT_DEBUG	# enable uinput debug msgs

# Encrypted kernel crash dumps.
options 	EKCD

# Serial Peripheral Interface (SPI) support.
device		spibus		# Bus support.
device		at45d		# DataFlash driver
device		cqspi		#
device		mx25l		# SPIFlash driver
device		n25q		#
device		spigen		# Generic access to SPI devices from userland.
# Enable legacy /dev/spigenN name aliases for /dev/spigenX.Y devices.
options 	SPIGEN_LEGACY_CDEVNAME # legacy device names for spigen

# Compression supports.
device		zlib		# gzip/zlib compression/decompression library
device		xz		# xz_embedded LZMA de-compression library

# Kernel support for stats(3).
options 	STATS