Page MenuHomeFreeBSD
Files F152662200

D56228.id175231.diff
No OneTemporary
Actions

D56228.id175231.diff
View Options

diff --git a/sbin/ifconfig/Makefile b/sbin/ifconfig/Makefile
--- a/sbin/ifconfig/Makefile
+++ b/sbin/ifconfig/Makefile
@@ -52,10 +52,6 @@
SRCS+= ifbridge.c # bridge support
SRCS+= iflagg.c # lagg support
-.if ${MK_EXPERIMENTAL} != "no"
-CFLAGS+= -DDRAFT_IETF_6MAN_IPV6ONLY_FLAG
-CFLAGS+= -DEXPERIMENTAL
-.endif
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif
diff --git a/sbin/ifconfig/af_inet6.c b/sbin/ifconfig/af_inet6.c
--- a/sbin/ifconfig/af_inet6.c
+++ b/sbin/ifconfig/af_inet6.c
@@ -730,10 +730,6 @@
DEF_CMD("eui64", 0, setip6eui64),
DEF_CMD("stableaddr", ND6_IFF_STABLEADDR, setnd6flags),
DEF_CMD("-stableaddr", -ND6_IFF_STABLEADDR, setnd6flags),
-#ifdef EXPERIMENTAL
- DEF_CMD("ipv6_only", ND6_IFF_IPV6_ONLY_MANUAL,setnd6flags),
- DEF_CMD("-ipv6_only", -ND6_IFF_IPV6_ONLY_MANUAL,setnd6flags),
-#endif
};
static struct afswtch af_inet6 = {
diff --git a/sbin/ifconfig/af_nd6.c b/sbin/ifconfig/af_nd6.c
--- a/sbin/ifconfig/af_nd6.c
+++ b/sbin/ifconfig/af_nd6.c
@@ -62,10 +62,6 @@
[6] = "NO_RADR",
[7] = "NO_PREFER_IFACE",
[8] = "NO_DAD",
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- [9] = "IPV6_ONLY",
- [10] = "IPV6_ONLY_MANUAL",
-#endif
[11] = "STABLEADDR",
[15] = "DEFAULTIF",
};
diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5
--- a/share/man/man5/src.conf.5
+++ b/share/man/man5/src.conf.5
@@ -1,5 +1,5 @@
.\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman.
-.Dd April 2, 2026
+.Dd April 10, 2026
.Dt SRC.CONF 5
.Os
.Sh NAME
@@ -97,1955 +97,10 @@
This list provides a name and short description for variables
that can be used for source builds.
.Bl -tag -width indent
-.It Va WITHOUT_ACCT
-Do not build process accounting tools such as
-.Xr accton 8
-and
-.Xr sa 8 .
-.It Va WITHOUT_ACPI
-Do not build
-.Xr acpiconf 8 ,
-.Xr acpidump 8
-and related programs.
-.It Va WITHOUT_APM
-Do not build
-.Xr apm 8 ,
-.Xr apmd 8
-and related programs.
-.It Va WITH_ASAN
-Build the base system with Address Sanitizer (ASan) to detect
-memory corruption bugs such as buffer overflows or use-after-free.
-Requires that Clang be used as the base system compiler
-and that the runtime support library is available.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITH_LLVM_BINUTILS
-.El
-.It Va WITHOUT_ASSERT_DEBUG
-Compile programs and libraries without the
-.Xr assert 3
-checks.
-.It Va WITHOUT_AT
-Do not build
-.Xr at 1
-and related utilities.
-.It Va WITHOUT_AUDIT
-Do not build audit support into system programs.
-.It Va WITHOUT_AUTHPF
-Do not build
-.Xr authpf 8 .
-.It Va WITHOUT_AUTOFS
-Do not build
-.Xr autofs 4
-related programs, libraries, and kernel modules.
-.It Va WITHOUT_AUTO_OBJ
-Disable automatic creation of objdirs.
-This is enabled by default if the wanted OBJDIR is writable by the current user.
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITH_BEARSSL
-Build the BearSSL library.
-.Pp
-BearSSL is a tiny SSL library suitable for embedded environments.
-For details see
-.Lk https://www.BearSSL.org/
-.Pp
-This library is currently only used to perform
-signature verification and related operations
-for Verified Exec and
-.Xr loader 8 .
-.Pp
-Due to size constraints in the BIOS environment on x86, one may need to set
-.Va LOADERSIZE
-larger than the
-default 500000, although often loader is under the 500k limit even with
-this option.
-Setting
-.Va LOADERSIZE
-larger than 500000 may cause
-.Xr pxeboot 8
-to be too large to work.
-Careful testing of the loader in the target environment when built with a larger
-limit to establish safe limits is critical because different BIOS environments
-reserve differing amounts of the low 640k space, making a precise limit for
-everybody impossible.
-.Pp
-See also
-.Va WITH_LOADER_PXEBOOT
-for other considerations.
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITH_LOADER_EFI_SECUREBOOT
-(unless
-.Va WITHOUT_LOADER_EFI_SECUREBOOT
-is set explicitly)
-.It Va WITH_LOADER_VERIEXEC
-(unless
-.Va WITHOUT_LOADER_VERIEXEC
-is set explicitly)
-.It Va WITH_LOADER_VERIEXEC_VECTX
-(unless
-.Va WITHOUT_LOADER_VERIEXEC_VECTX
-is set explicitly)
-.It Va WITH_VERIEXEC
-(unless
-.Va WITHOUT_VERIEXEC
-is set explicitly)
-.El
-.It Va WITHOUT_BHYVE
-Do not build or install
-.Xr bhyve 8 ,
-associated utilities, and examples.
-.Pp
-This option only affects amd64/amd64 and arm64/aarch64.
-.It Va WITH_BHYVE_SNAPSHOT
-Include support for save and restore (snapshots) in
-.Xr bhyve 8
-and
-.Xr bhyvectl 8 .
-.Pp
-This option only affects amd64/amd64.
-.It Va WITH_BIND_NOW
-Build all binaries with the
-.Dv DF_BIND_NOW
-flag set to indicate that the run-time loader should perform all relocation
-processing at process startup rather than on demand.
-The combination of the
-.Va BIND_NOW
-and
-.Va RELRO
-options provide "full" Relocation Read-Only (RELRO) support.
-With full RELRO the entire GOT is made read-only after performing relocation at
-startup, avoiding GOT overwrite attacks.
-.It Va WITHOUT_BLACKLIST
-This option has been renamed to
-.Va WITHOUT_BLOCKLIST .
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_BLOCKLIST
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_BLACKLIST_SUPPORT
-(unless
-.Va WITH_BLACKLIST_SUPPORT
-is set explicitly)
-.It Va WITHOUT_BLOCKLIST_SUPPORT
-(unless
-.Va WITH_BLOCKLIST_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_BLACKLIST_SUPPORT
-This option has been renamed to
-.Va WITHOUT_BLOCKLIST_SUPPORT .
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_BLOCKLIST_SUPPORT
-.El
-.It Va WITHOUT_BLOCKLIST
-Set this if you do not want to build
-.Xr blocklistd 8
-and
-.Xr blocklistctl 8 .
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_BLACKLIST
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_BLACKLIST_SUPPORT
-(unless
-.Va WITH_BLACKLIST_SUPPORT
-is set explicitly)
-.It Va WITHOUT_BLOCKLIST_SUPPORT
-(unless
-.Va WITH_BLOCKLIST_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_BLOCKLIST_SUPPORT
-Build some programs without
-.Xr libblocklist 3
-support, like
-.Xr fingerd 8
-and
-.Xr sshd 8 .
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_BLACKLIST_SUPPORT
-.El
-.It Va WITHOUT_BLUETOOTH
-Do not build Bluetooth related kernel modules, programs and libraries.
-.It Va WITHOUT_BOOT
-Do not build the boot blocks and loader.
-.It Va WITHOUT_BOOTPARAMD
-Do not build or install
-.Xr bootparamd 8 .
-.It Va WITHOUT_BOOTPD
-Do not build or install
-.Xr bootpd 8 .
-.It Va WITH_BRANCH_PROTECTION
-Build with branch protection enabled.
-On arm64 enable the use of pointer authentication and
-branch target identification instructions on arm64.
-These can be used to help mitigate some exploit techniques.
-.It Va WITHOUT_BSDINSTALL
-Do not build
-.Xr bsdinstall 8 ,
-.Xr sade 8 ,
-and related programs.
-.It Va WITHOUT_BSNMP
-Do not build or install
-.Xr bsnmpd 1
-and related libraries and data files.
-.It Va WITHOUT_BZIP2
-Do not build contributed bzip2 software as a part of the base system.
-.Bf -symbolic
-The option has no effect yet.
-.Ef
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_BZIP2_SUPPORT
-(unless
-.Va WITH_BZIP2_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_BZIP2_SUPPORT
-Build some programs without optional bzip2 support.
-.It Va WITHOUT_CALENDAR
-Do not build
-.Xr calendar 1 .
-.It Va WITHOUT_CAROOT
-Do not add the trusted certificates from the Mozilla NSS bundle to
-base.
-.It Va WITHOUT_CASPER
-This option has no effect.
-.It Va WITH_CCACHE_BUILD
-Use
-.Xr ccache 1
-for the build.
-No configuration is required except to install the
-.Sy devel/ccache
-or
-.Sy devel/sccache
-package.
-When using with
-.Xr distcc 1 ,
-set
-.Sy CCACHE_PREFIX=/usr/local/bin/distcc .
-When using with sccache
-set
-.Sy CCACHE_NAME=sccache
-in
-.Xr src.conf 5 .
-The default cache directory of
-.Pa $HOME/.ccache
-will be used, which can be overridden by setting
-.Sy CCACHE_DIR .
-The
-.Sy CCACHE_COMPILERCHECK
-option defaults to
-.Sy content
-when using the in-tree bootstrap compiler,
-and
-.Sy mtime
-when using an external compiler.
-The
-.Sy CCACHE_CPP2
-option is used for Clang but not GCC.
-.Pp
-Sharing a cache between multiple work directories requires using a layout
-similar to
-.Pa /some/prefix/src
-.Pa /some/prefix/obj
-and an environment such as:
-.Bd -literal -offset indent
-CCACHE_BASEDIR='${SRCTOP:H}' MAKEOBJDIRPREFIX='${SRCTOP:H}/obj'
-.Ed
-.Pp
-See
-.Xr ccache 1
-for more configuration options.
-.It Va WITHOUT_CCD
-Do not build
-.Xr geom_ccd 4
-and related utilities.
-.It Va WITHOUT_CDDL
-Do not build code licensed under Sun's CDDL.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_CTF
-.It
-.Va WITHOUT_DTRACE
-.It
-.Va WITHOUT_LOADER_ZFS
-.It
-.Va WITHOUT_ZFS
-.It
-.Va WITHOUT_ZFS_TESTS
-.El
-.It Va WITHOUT_CLANG
-Do not build the Clang C/C++ compiler during the regular phase of the build.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_CLANG_EXTRAS
-.It
-.Va WITHOUT_CLANG_FORMAT
-.It
-.Va WITHOUT_CLANG_FULL
-.It
-.Va WITHOUT_LLVM_COV
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_LLVM_TARGET_AARCH64
-(unless
-.Va WITH_LLVM_TARGET_AARCH64
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_ALL
-(unless
-.Va WITH_LLVM_TARGET_ALL
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_ARM
-(unless
-.Va WITH_LLVM_TARGET_ARM
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_POWERPC
-(unless
-.Va WITH_LLVM_TARGET_POWERPC
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_RISCV
-(unless
-.Va WITH_LLVM_TARGET_RISCV
-is set explicitly)
-.El
-.It Va WITHOUT_CLANG_BOOTSTRAP
-Do not build the Clang C/C++ compiler during the bootstrap phase of
-the build.
-To be able to build the system, either gcc or clang bootstrap must be
-enabled unless an alternate compiler is provided via XCC.
-.It Va WITH_CLANG_EXTRAS
-Build additional clang and llvm tools, such as bugpoint and
-clang-format.
-.It Va WITH_CLANG_FORMAT
-Build clang-format.
-.It Va WITHOUT_CLANG_FULL
-Avoid building the ARCMigrate, Rewriter and StaticAnalyzer components of
-the Clang C/C++ compiler.
-.It Va WITH_CLEAN
-Clean before building world and/or kernel.
-Note that recording a new epoch in
-.Pa .clean_build_epoch
-in the root of the source tree will also force a clean world build.
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_DEPEND_CLEANUP
-(unless
-.Va WITH_DEPEND_CLEANUP
-is set explicitly)
-.El
-.It Va WITHOUT_CPP
-Do not build
-.Xr cpp 1 .
-.It Va WITHOUT_CROSS_COMPILER
-Do not build any cross compiler in the cross-tools stage of buildworld.
-When compiling a different version of
-.Fx
-than what is installed on the system, provide an alternate
-compiler with XCC to ensure success.
-When compiling with an identical version of
-.Fx
-to the host, this option may be safely used.
-This option may also be safe when the host version of
-.Fx
-is close to the sources being built, but all bets are off if there have
-been any changes to the toolchain between the versions.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_CLANG_BOOTSTRAP
-.It
-.Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
-.It
-.Va WITHOUT_LLD_BOOTSTRAP
-.It
-.Va WITHOUT_LLVM_BINUTILS_BOOTSTRAP
-.El
-.It Va WITHOUT_CRYPT
-Do not build any crypto code.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_DMAGENT
-.It
-.Va WITHOUT_KERBEROS
-.It
-.Va WITHOUT_LDNS
-.It
-.Va WITHOUT_LDNS_UTILS
-.It
-.Va WITHOUT_LOADER_ZFS
-.It
-.Va WITHOUT_MITKRB5
-.It
-.Va WITHOUT_OPENSSH
-.It
-.Va WITHOUT_OPENSSL
-.It
-.Va WITHOUT_OPENSSL_KTLS
-.It
-.Va WITHOUT_PKGBOOTSTRAP
-.It
-.Va WITHOUT_UNBOUND
-.It
-.Va WITHOUT_ZFS
-.It
-.Va WITHOUT_ZFS_TESTS
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_KERBEROS_SUPPORT
-(unless
-.Va WITH_KERBEROS_SUPPORT
-is set explicitly)
-.El
-.It Va WITH_CTF
-Compile with CTF (Compact C Type Format) data.
-CTF data encapsulates a reduced form of debugging information
-similar to DWARF and the venerable stabs and is required for DTrace.
-.It Va WITHOUT_CUSE
-Do not build CUSE-related programs and libraries.
-.It Va WITHOUT_CXGBETOOL
-Do not build
-.Xr cxgbetool 8
-.Pp
-This is a default setting on
-arm/armv7 and riscv/riscv64.
-.It Va WITH_CXGBETOOL
-Build
-.Xr cxgbetool 8
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITHOUT_DEBUG_FILES
-Avoid building or installing standalone debug files for each
-executable binary and shared library.
-.It Va WITHOUT_DEPEND_CLEANUP
-Do not attempt to detect if the object tree needs cleaning in part or in
-whole before building.
-This speeds up incremental builds, especially when experimenting with
-build options, but may cause the build to inexplicably fail or produce
-non-functioning binaries.
-.It Va WITH_DETECT_TZ_CHANGES
-Make the time handling code detect changes to the timezone files.
-.It Va WITH_DIALOG
-Do build
-.Xr dialog 1 ,
-.Xr dialog 3 ,
-.Xr dpv 1 ,
-and
-.Xr dpv 3 .
-.It Va WITHOUT_DICT
-Do not build the Webster dictionary files.
-.It Va WITH_DIRDEPS_BUILD
-This is an alternate build system.
-For details see
-https://www.crufty.net/sjg/docs/freebsd-meta-mode.htm.
-Build commands can be seen from the top-level with:
-.Dl make show-valid-targets
-The build is driven by dirdeps.mk using
-.Va DIRDEPS
-stored in
-Makefile.depend files found in each directory.
-.Pp
-The build can be started from anywhere, and behaves the same.
-The initial instance of
-.Xr make 1
-recursively reads
-.Va DIRDEPS
-from
-.Pa Makefile.depend ,
-computing a graph of tree dependencies from the current origin.
-Setting
-.Va NO_DIRDEPS
-skips checking dirdep dependencies and will only build in the current
-and child directories.
-.Va NO_DIRDEPS_BELOW
-skips building any dirdeps and only build the current directory.
-.Pp
-This also utilizes the
-.Va WITH_META_MODE
-logic for incremental builds.
-.Pp
-The build hides commands executed unless
-.Va NO_SILENT
-is defined.
-.Pp
-Note that there is currently no mass install feature for this.
-This build is designed for producing packages, that can then be installed
-on a target system.
-.Pp
-The implementation in
-.Fx
-is incomplete.
-Completion would require leaf directories for building each kernel
-and package so that their dependencies can be tracked.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITH_INSTALL_AS_USER
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITH_META_ERROR_TARGET
-(unless
-.Va WITHOUT_META_ERROR_TARGET
-is set explicitly)
-.It Va WITH_META_MODE
-(unless
-.Va WITHOUT_META_MODE
-is set explicitly)
-.It Va WITH_STAGING
-(unless
-.Va WITHOUT_STAGING
-is set explicitly)
-.It Va WITH_STAGING_MAN
-(unless
-.Va WITHOUT_STAGING_MAN
-is set explicitly)
-.It Va WITH_STAGING_PROG
-(unless
-.Va WITHOUT_STAGING_PROG
-is set explicitly)
-.It Va WITH_SYSROOT
-(unless
-.Va WITHOUT_SYSROOT
-is set explicitly)
-.El
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITH_DIRDEPS_CACHE
-Cache result of dirdeps.mk which can save significant time
-for subsequent builds.
-Depends on
-.Va WITH_DIRDEPS_BUILD .
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITH_DISK_IMAGE_TOOLS_BOOTSTRAP
-Build
-.Xr etdump 1 ,
-.Xr makefs 8
-and
-.Xr mkimg 1
-as bootstrap tools.
-.It Va WITHOUT_DMAGENT
-Do not build dma Mail Transport Agent.
-.It Va WITHOUT_DOCCOMPRESS
-Do not install compressed system documentation.
-Only the uncompressed version will be installed.
-.It Va WITHOUT_DTRACE
-Do not build DTrace framework kernel modules, libraries, and user commands.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_CTF
-.El
-.It Va WITH_DTRACE_ASAN
-Compile userspace DTrace code (libdtrace, dtrace(1), lockstat(1), plockstat(1))
-with address and undefined behavior sanitizers.
-Requires that Clang be used as the base system compiler
-and that the runtime support library is available.
-.It Va WITH_DTRACE_TESTS
-Build and install the DTrace test suite in
-.Pa /usr/tests/cddl/usr.sbin/dtrace .
-This test suite is considered experimental on architectures other than
-amd64/amd64 and running it may cause system instability.
-.It Va WITHOUT_DYNAMICROOT
-Set this if you do not want to link
-.Pa /bin
-and
-.Pa /sbin
-dynamically.
-.It Va WITHOUT_EE
-Do not build and install
-.Xr edit 1 ,
-.Xr ee 1 ,
-and related programs.
-.It Va WITHOUT_EFI
-Set not to build
-.Xr efivar 3
-and
-.Xr efivar 8 .
-.Pp
-This is a default setting on
-i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITH_EFI
-Build
-.Xr efivar 3
-and
-.Xr efivar 8 .
-.Pp
-This is a default setting on
-amd64/amd64, arm/armv7, arm64/aarch64 and riscv/riscv64.
-.It Va WITHOUT_ELFTOOLCHAIN_BOOTSTRAP
-Do not build ELF Tool Chain tools
-(addr2line, nm, size, strings and strip)
-as part of the bootstrap process.
-.Bf -symbolic
-An alternate bootstrap tool chain must be provided.
-.Ef
-.It Va WITHOUT_EXAMPLES
-Avoid installing examples to
-.Pa /usr/share/examples/ .
-.It Va WITH_EXPERIMENTAL
-Include experimental features in the build.
-.It Va WITHOUT_FDT
-Do not build Flattened Device Tree support as part of the base system.
-This includes the device tree compiler (dtc) and libfdt support library.
-.Pp
-This is a default setting on
-amd64/amd64 and i386/i386.
-.It Va WITH_FDT
-Build Flattened Device Tree support as part of the base system.
-This includes the device tree compiler (dtc) and libfdt support library.
-.Pp
-This is a default setting on
-arm/armv7, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITHOUT_FILE
-Do not build
-.Xr file 1
-and related programs.
-.It Va WITHOUT_FINGER
-Do not build or install
-.Xr finger 1
-and
-.Xr fingerd 8 .
-.It Va WITHOUT_FLOPPY
-Do not build or install programs
-for operating floppy disk driver.
-.It Va WITHOUT_FORMAT_EXTENSIONS
-Do not enable
-.Fl fformat-extensions
-when compiling the kernel.
-Also disables all format checking.
-.It Va WITHOUT_FORTH
-Build bootloaders without Forth support.
-.It Va WITHOUT_FREEBSD_UPDATE
-Do not build
-.Xr freebsd-update 8 .
-.It Va WITHOUT_FTP
-Do not build or install
-.Xr ftp 1 .
-.It Va WITHOUT_GAMES
-Do not build games.
-.It Va WITHOUT_GOOGLETEST
-Neither build nor install
-.Lb libgmock ,
-.Lb libgtest ,
-and dependent tests.
-.It Va WITHOUT_GPIO
-Do not build
-.Xr gpioctl 8
-as part of the base system.
-.It Va WITHOUT_HAST
-Do not build
-.Xr hastd 8
-and related utilities.
-.It Va WITH_HESIOD
-Build Hesiod support.
-.It Va WITHOUT_HTML
-Do not build HTML docs.
-.It Va WITHOUT_HYPERV
-Do not build or install HyperV utilities.
-.Pp
-This is a default setting on
-arm/armv7, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_HYPERV
-Build or install HyperV utilities.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64 and i386/i386.
-.It Va WITHOUT_ICONV
-Do not build iconv as part of libc.
-.It Va WITHOUT_INCLUDES
-Do not install header files.
-This option used to be spelled
-.Va NO_INCS .
-.Bf -symbolic
-The option does not work for build targets.
-.Ef
-.It Va WITHOUT_INET
-Do not build programs and libraries related to IPv4 networking.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_INET_SUPPORT
-.El
-.It Va WITHOUT_INET6
-Do not build
-programs and libraries related to IPv6 networking.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_INET6_SUPPORT
-.El
-.It Va WITHOUT_INET6_SUPPORT
-Build libraries, programs, and kernel modules without IPv6 support.
-.It Va WITHOUT_INETD
-Do not build
-.Xr inetd 8 .
-.It Va WITHOUT_INET_SUPPORT
-Build libraries, programs, and kernel modules without IPv4 support.
-.It Va WITHOUT_INSTALLLIB
-Set this to not install optional libraries.
-For example, when creating a
-.Xr nanobsd 8
-image.
-.Bf -symbolic
-The option does not work for build targets.
-.Ef
-.It Va WITH_INSTALL_AS_USER
-Make install targets succeed for non-root users by installing
-files with owner and group attributes set to that of the user running
-the
-.Xr make 1
-command.
-The user still must set the
-.Va DESTDIR
-variable to point to a directory where the user has write permissions.
-.It Va WITHOUT_IPFILTER
-Do not build IP Filter package.
-.It Va WITH_IPFILTER_IPFS
-Enable building the
-.Xr ipfs 8
-tool to save and restore IPFilter state tables.
-.It Va WITHOUT_IPFW
-Do not build IPFW tools.
-.It Va WITHOUT_IPSEC_SUPPORT
-Do not build the kernel with
-.Xr ipsec 4
-support.
-This option is needed for
-.Xr ipsec 4
-and
-.Xr tcpmd5 4 .
-.It Va WITHOUT_ISCSI
-Do not build
-.Xr iscsid 8
-and related utilities.
-.It Va WITHOUT_JAIL
-Do not build tools for the support of jails; e.g.,
-.Xr jail 8 .
-.It Va WITHOUT_JEMALLOC_LG_VADDR_WIDE
-Disallow programs to use more than 48 address bits on amd64.
-Incompatible with LA57 mode.
-Enabling this option might result in a slight reduction in memory
-consumption for jemalloc metadata, but also requires disabling LA57
-(if hardware supports it).
-.It Va WITHOUT_KDUMP
-Do not build
-.Xr kdump 1
-and
-.Xr truss 1 .
-.It Va WITHOUT_KERBEROS
-Set this to not build Kerberos.
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_KERBEROS_SUPPORT
-(unless
-.Va WITH_KERBEROS_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_KERBEROS_SUPPORT
-Build some programs without Kerberos support, like
-.Xr ssh 1 ,
-.Xr telnet 1 ,
-and
-.Xr sshd 8 .
-.It Va WITH_KERNEL_BIN
-Generate and install kernel.bin from kernel as part of the normal build and
-install processes for the kernel. Available only on arm and arm64.
-
-Usually this will be added to the kernel config file with:
-
-makeoptions WITH_KERNEL_BIN=1
-
-though it can also be used on the command line.
-.It Va WITH_KERNEL_RETPOLINE
-Enable the "retpoline" mitigation for CVE-2017-5715 in the kernel
-build.
-.It Va WITHOUT_KERNEL_SYMBOLS
-Do not install standalone kernel debug symbol files.
-This option has no effect at build time.
-.It Va WITHOUT_KVM
-Do not build the
-.Nm libkvm
-library as a part of the base system.
-.Bf -symbolic
-The option has no effect yet.
-.Ef
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_KVM_SUPPORT
-(unless
-.Va WITH_KVM_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_KVM_SUPPORT
-Build some programs without optional
-.Nm libkvm
-support.
-.It Va WITHOUT_LDNS
-Setting this variable will prevent the LDNS library from being built.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_LDNS_UTILS
-.It
-.Va WITHOUT_UNBOUND
-.El
-.It Va WITHOUT_LDNS_UTILS
-Setting this variable will prevent building the LDNS utilities
-.Xr drill 1
-and
-.Xr host 1 .
-.It Va WITHOUT_LEGACY_CONSOLE
-Do not build programs that support a legacy PC console; e.g.,
-.Xr kbdcontrol 1
-and
-.Xr vidcontrol 1 .
-.It Va WITHOUT_LIB32
-On 64-bit platforms, do not build 32-bit library set and a
-.Nm ld-elf32.so.1
-runtime linker.
-.Pp
-This is a default setting on
-arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_LIB32
-On 64-bit platforms, build the 32-bit library set and a
-.Nm ld-elf32.so.1
-runtime linker.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
-.It Va WITHOUT_LLD
-Do not build LLVM's lld linker.
-.It Va WITHOUT_LLDB
-Do not build the LLDB debugger.
-.Pp
-This is a default setting on
-riscv/riscv64.
-.It Va WITH_LLDB
-Build the LLDB debugger.
-.Pp
-This is a default setting on
-amd64/amd64, arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITHOUT_LLD_BOOTSTRAP
-Do not build the LLD linker during the bootstrap phase of
-the build.
-To be able to build the system an alternate linker must be provided via XLD.
-.It Va WITHOUT_LLVM_ASSERTIONS
-Disable debugging assertions in LLVM.
-.It Va WITHOUT_LLVM_BINUTILS
-Install ELF Tool Chain's binary utilities instead of LLVM's.
-This includes
-.Xr addr2line 1 ,
-.Xr ar 1 ,
-.Xr nm 1 ,
-.Xr objcopy 1 ,
-.Xr ranlib 1 ,
-.Xr readelf 1 ,
-.Xr size 1 ,
-and
-.Xr strip 1 .
-Regardless of this setting, LLVM tools are used for
-.Xr c++filt 1
-and
-.Xr objdump 1 .
-.Xr strings 1
-is always provided by ELF Tool Chain.
-.It Va WITHOUT_LLVM_BINUTILS_BOOTSTRAP
-Do not build LLVM binary utilities during the bootstrap phase of
-the build.
-To be able to build the system alternate binary utilities must be provided via
-.Ev XAR ,
-.Ev XNM ,
-.Ev XOBJCOPY ,
-.Ev XSIZE ,
-.Ev XSTRINGS ,
-and
-.Ev XSTRIPBIN .
-
-.It Va WITHOUT_LLVM_COV
-Do not build the
-.Xr llvm-cov 1
-tool.
-.It Va WITH_LLVM_FULL_DEBUGINFO
-Generate full debug information for LLVM libraries and tools, which uses
-more disk space and build resources, but allows for easier debugging.
-.It Va WITH_LLVM_LINK_STATIC_LIBRARIES
-Link LLVM libraries (libllvm, libclang, liblldb) statically into each of
-the binaries that use them.
-
-This means that binaries linked against these libraries, such as clang,
-ld.lld and lldb will be much larger and position dependent, but will
-start more quickly.
-.It Va WITHOUT_LLVM_TARGET_AARCH64
-Do not build LLVM target support for AArch64.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITHOUT_LLVM_TARGET_ALL
-Only build the required LLVM target support.
-This option is preferred to specific target support options.
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_LLVM_TARGET_AARCH64
-(unless
-.Va WITH_LLVM_TARGET_AARCH64
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_ARM
-(unless
-.Va WITH_LLVM_TARGET_ARM
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_POWERPC
-(unless
-.Va WITH_LLVM_TARGET_POWERPC
-is set explicitly)
-.It Va WITHOUT_LLVM_TARGET_RISCV
-(unless
-.Va WITH_LLVM_TARGET_RISCV
-is set explicitly)
-.El
-.It Va WITHOUT_LLVM_TARGET_ARM
-Do not build LLVM target support for ARM.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITH_LLVM_TARGET_BPF
-Build LLVM target support for BPF.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITH_LLVM_TARGET_MIPS
-Build LLVM target support for MIPS.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITHOUT_LLVM_TARGET_POWERPC
-Do not build LLVM target support for PowerPC.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITHOUT_LLVM_TARGET_RISCV
-Do not build LLVM target support for RISC-V.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITHOUT_LLVM_TARGET_X86
-Do not build LLVM target support for X86.
-The
-.Va LLVM_TARGET_ALL
-option should be used rather than this in most cases.
-.It Va WITHOUT_LOADER_BIOS_TEXTONLY
-Include graphics, font and video mode support in the i386 and amd64 BIOS
-boot loader.
-.It Va WITH_LOADER_EFI_SECUREBOOT
-Enable building
-.Xr loader 8
-with support for verification based on certificates obtained from UEFI.
-.It Va WITHOUT_LOADER_GELI
-Disable inclusion of GELI crypto support in the boot chain binaries.
-.Pp
-This is a default setting on
-powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITH_LOADER_GELI
-Build GELI bootloader support.
-.Pp
-This is a default setting on
-amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
-.It Va WITHOUT_LOADER_IA32
-Do not build the 32-bit UEFI loader.
-.Pp
-This is a default setting on
-arm/armv7, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_LOADER_IA32
-Build the 32-bit UEFI loader.
-.Pp
-This is a default setting on
-amd64/amd64.
-.It Va WITHOUT_LOADER_KBOOT
-Do not build kboot, a linuxboot environment loader
-.Pp
-This is a default setting on
-arm/armv7, i386/i386, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_LOADER_KBOOT
-Build kboot, a linuxboot environment loader
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64 and powerpc/powerpc64.
-.It Va WITHOUT_LOADER_LUA
-Do not build LUA bindings for the boot loader.
-.Pp
-This is a default setting on
-powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITH_LOADER_LUA
-Build LUA bindings for the boot loader.
-.Pp
-This is a default setting on
-amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
-.It Va WITHOUT_LOADER_OFW
-Disable building of openfirmware bootloader components.
-.Pp
-This is a default setting on
-amd64/amd64, arm/armv7, arm64/aarch64, i386/i386 and riscv/riscv64.
-.It Va WITH_LOADER_OFW
-Build openfirmware bootloader components.
-.Pp
-This is a default setting on
-powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITHOUT_LOADER_PXEBOOT
-Do not build pxeboot on i386/amd64.
-When the pxeboot is too large, or unneeded, it may be disabled with this option.
-See
-.Va WITH_LOADER_PXEBOOT
-for how to adjust the defaults when you need both a larger
-.Pa /boot/loader
-and
-.Pa /boot/pxeboot
-.Pp
-This option only has an effect on x86.
-.It Va WITHOUT_LOADER_UBOOT
-Disable building of ubldr.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_LOADER_UBOOT
-Build ubldr.
-.Pp
-This is a default setting on
-arm/armv7 and powerpc/powerpc64.
-.It Va WITH_LOADER_VERBOSE
-Build with extra verbose debugging in the loader.
-May explode already nearly too large loader over the limit.
-Use with care.
-.It Va WITH_LOADER_VERIEXEC
-Enable building
-.Xr loader 8
-with support for verification similar to Verified Exec.
-.Pp
-Depends on
-.Va WITH_BEARSSL .
-May require a larger
-.Va LOADERSIZE .
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITH_LOADER_EFI_SECUREBOOT
-(unless
-.Va WITHOUT_LOADER_EFI_SECUREBOOT
-is set explicitly)
-.It Va WITH_LOADER_VERIEXEC_VECTX
-(unless
-.Va WITHOUT_LOADER_VERIEXEC_VECTX
-is set explicitly)
-.El
-.It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST
-Enable building
-.Xr loader 8
-with support to pass a verified manifest to the kernel.
-The kernel has to be built with a module to parse the manifest.
-.Pp
-Depends on
-.Va WITH_LOADER_VERIEXEC .
-.It Va WITH_LOADER_VERIEXEC_VECTX
-Enable building
-.Xr loader 8
-with support for hashing and verifying kernel and modules as a side effect
-of loading.
-.Pp
-Depends on
-.Va WITH_LOADER_VERIEXEC .
-.It Va WITHOUT_LOADER_ZFS
-Do not build ZFS file system boot loader support.
-.It Va WITHOUT_LOCALES
-Do not build localization files; see
-.Xr locale 1 .
-.It Va WITHOUT_LOCATE
-Do not build
-.Xr locate 1
-and related programs.
-.It Va WITHOUT_LPR
-Do not build
-.Xr lpr 1
-and related programs.
-.It Va WITHOUT_LS_COLORS
-Build
-.Xr ls 1
-without support for colors to distinguish file types.
-.It Va WITHOUT_MACHDEP_OPTIMIZATIONS
-Prefer machine-independent non-assembler code in libc and libm.
-.It Va WITHOUT_MAIL
-Do not build any mail support (MUA or MTA).
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_DMAGENT
-.It
-.Va WITHOUT_MAILWRAPPER
-.It
-.Va WITHOUT_SENDMAIL
-.El
-.It Va WITHOUT_MAILWRAPPER
-Do not build the
-.Xr mailwrapper 8
-MTA selector.
-.It Va WITHOUT_MAKE
-Do not install
-.Xr make 1
-and related support files.
-.It Va WITHOUT_MAKE_CHECK_USE_SANDBOX
-Do not execute
-.Dq Li "make check"
-in limited sandbox mode.
-This option should be paired with
-.Va WITH_INSTALL_AS_USER
-if executed as an unprivileged user.
-See
-.Xr tests 7
-for more details.
-.It Va WITH_MALLOC_PRODUCTION
-Disable assertions and statistics gathering in
-.Xr malloc 3 .
-The run-time options
-.Dv opt.abort ,
-.Dv opt.abort_conf ,
-and
-.Dv opt.junk
-also default to false.
-.It Va WITHOUT_MAN
-Do not build manual pages.
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_MAN_UTILS
-(unless
-.Va WITH_MAN_UTILS
-is set explicitly)
-.El
-.It Va WITHOUT_MANCOMPRESS
-Do not install compressed man pages.
-Only the uncompressed versions will be installed.
-.It Va WITH_MANSPLITPKG
-Split man pages into their own packages during make package.
-.It Va WITHOUT_MAN_UTILS
-Do not build utilities for manual pages,
-.Xr apropos 1 ,
-.Xr makewhatis 1 ,
-.Xr man 1 ,
-.Xr whatis 1 ,
-.Xr manctl 8 ,
-and related support files.
-.It Va WITH_META_ERROR_TARGET
-Enable the META_MODE .ERROR target.
-.Pp
-This target will copy the meta file of a failed target
-to
-.Va ERROR_LOGDIR
-(default is
-.Ql ${SRCTOP:H}/error )
-to help with failure analysis.
-Depends on
-.Va WITH_META_MODE .
-This default when
-.Va WITH_DIRDEPS_BUILD
-is set.
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITH_META_MODE
-Create
-.Xr make 1
-meta files when building, which can provide a reliable incremental build when
-using
-.Xr filemon 4 .
-The meta file is created in OBJDIR as
-.Pa target.meta .
-These meta files track the command that was executed, its output, and the
-current directory.
-The
-.Xr filemon 4
-module is required unless
-.Va NO_FILEMON
-is defined.
-When the module is loaded, any files used by the commands executed are
-tracked as dependencies for the target in its meta file.
-The target is considered out-of-date and rebuilt if any of these
-conditions are true compared to the last build:
-.Bl -bullet -compact
-.It
-The command to execute changes.
-.It
-The current working directory changes.
-.It
-The target's meta file is missing.
-.It
-The target's meta file is missing filemon data when filemon is loaded
-and a previous run did not have it loaded.
-.It
-[requires
-.Xr filemon 4 ]
-Files read, executed or linked to are newer than the target.
-.It
-[requires
-.Xr filemon 4 ]
-Files read, written, executed or linked are missing.
-.El
-The meta files can also be useful for debugging.
-.Pp
-The build hides commands that are executed unless
-.Va NO_SILENT
-is defined.
-Errors cause
-.Xr make 1
-to show some of its environment for further debugging.
-.Pp
-The build operates as it normally would otherwise.
-This option originally invoked a different build system but that was renamed
-to
-.Va WITH_DIRDEPS_BUILD .
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITHOUT_MITKRB5
-Set this to build KTH Heimdal instead of MIT Kerberos 5.
-.It Va WITHOUT_MLX5TOOL
-Do not build
-.Xr mlx5tool 8
-.Pp
-This is a default setting on
-arm/armv7 and riscv/riscv64.
-.It Va WITH_MLX5TOOL
-Build
-.Xr mlx5tool 8
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITHOUT_NETCAT
-Do not build
-.Xr nc 1
-utility.
-.It Va WITHOUT_NETGRAPH
-Do not build applications to support
-.Xr netgraph 4 .
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_BLUETOOTH
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_NETGRAPH_SUPPORT
-(unless
-.Va WITH_NETGRAPH_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_NETGRAPH_SUPPORT
-Build libraries, programs, and kernel modules without netgraph support.
-.It Va WITHOUT_NETLINK
-Do not build
-.Xr genl 1
-utility.
-.It Va WITHOUT_NETLINK_SUPPORT
-Make libraries and programs use rtsock and
-.Xr sysctl 3
-interfaces instead of
-.Xr snl 3 .
-.It Va WITHOUT_NIS
-Do not build
-.Xr NIS 8
-support and related programs.
-If set, you might need to adopt your
-.Xr nsswitch.conf 5
-and remove
-.Sq nis
-entries.
-.It Va WITHOUT_NLS
-Do not build NLS catalogs.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_NLS_CATALOGS
-.El
-.It Va WITHOUT_NLS_CATALOGS
-Do not build NLS catalog support for
-.Xr csh 1 .
-.It Va WITHOUT_NS_CACHING
-Disable name caching in the
-.Pa nsswitch
-subsystem.
-The generic caching daemon,
-.Xr nscd 8 ,
-will not be built either if this option is set.
-.It Va WITHOUT_NTP
-Do not build
-.Xr ntpd 8
-and related programs.
-.It Va WITHOUT_NUAGEINIT
-Do not install the limited cloud init support scripts.
-.It Va WITHOUT_OFED
-Do not build the
-.Dq "OpenFabrics Enterprise Distribution"
-InfiniBand software stack, including kernel modules and userspace libraries.
-.Pp
-This is a default setting on
-arm/armv7.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_OFED_EXTRA
-.El
-.It Va WITH_OFED
-Build the
-.Dq "OpenFabrics Enterprise Distribution"
-InfiniBand software stack, including kernel modules and userspace libraries.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITH_OFED_EXTRA
-Build the non-essential components of the
-.Dq "OpenFabrics Enterprise Distribution"
-Infiniband software stack, mostly examples.
-.It Va WITH_OPENLDAP
-Enable building LDAP support for kerberos using an openldap client from ports.
-.It Va WITHOUT_OPENMP
-Do not build LLVM's OpenMP runtime.
-.Pp
-This is a default setting on
-arm/armv7.
-.It Va WITH_OPENMP
-Build LLVM's OpenMP runtime.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, i386/i386, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITHOUT_OPENSSH
-Do not build OpenSSH.
-.It Va WITHOUT_OPENSSL
-Do not build OpenSSL.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_DMAGENT
-.It
-.Va WITHOUT_KERBEROS
-.It
-.Va WITHOUT_LDNS
-.It
-.Va WITHOUT_LDNS_UTILS
-.It
-.Va WITHOUT_LOADER_ZFS
-.It
-.Va WITHOUT_MITKRB5
-.It
-.Va WITHOUT_OPENSSH
-.It
-.Va WITHOUT_OPENSSL_KTLS
-.It
-.Va WITHOUT_PKGBOOTSTRAP
-.It
-.Va WITHOUT_UNBOUND
-.It
-.Va WITHOUT_ZFS
-.It
-.Va WITHOUT_ZFS_TESTS
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_KERBEROS_SUPPORT
-(unless
-.Va WITH_KERBEROS_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_OPENSSL_KTLS
-Do not include kernel TLS support in OpenSSL.
-.Pp
-This is a default setting on
-arm/armv7, i386/i386 and riscv/riscv64.
-.It Va WITH_OPENSSL_KTLS
-Include kernel TLS support in OpenSSL.
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, powerpc/powerpc64 and powerpc/powerpc64le.
-.It Va WITHOUT_PAM
-Do not build PAM library and modules.
-.Bf -symbolic
-This option is deprecated and does nothing.
-.Ef
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_PAM_SUPPORT
-(unless
-.Va WITH_PAM_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_PAM_SUPPORT
-Build
-.Xr ppp 8
-without PAM support.
-.It Va WITHOUT_PF
-Do not build PF firewall package.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_AUTHPF
-.El
-.It Va WITHOUT_PIE
-Do not build dynamically linked binaries as
-Position-Independent Executable (PIE).
-.Pp
-This is a default setting on
-arm/armv7 and i386/i386.
-.It Va WITH_PIE
-Build dynamically linked binaries as
-Position-Independent Executable (PIE).
-.Pp
-This is a default setting on
-amd64/amd64, arm64/aarch64, powerpc/powerpc64, powerpc/powerpc64le and riscv/riscv64.
-.It Va WITHOUT_PKGBOOTSTRAP
-Do not build
-.Xr pkg 7
-bootstrap tool.
-.It Va WITHOUT_PKGSERVE
-Do not build or install
-.Xr pkg-serve 8 .
-.It Va WITHOUT_PMC
-Do not build
-.Xr pmccontrol 8
-and related programs.
-.It Va WITHOUT_PPP
-Do not build
-.Xr ppp 8
-and related programs.
-.It Va WITHOUT_PTHREADS_ASSERTIONS
-Disable debugging assertions in pthreads library.
-.It Va WITHOUT_QUOTAS
-Do not build
-.Xr quota 1
-and related programs.
-.It Va WITHOUT_RADIUS_SUPPORT
-Do not build radius support into various applications, like
-.Xr pam_radius 8
-and
-.Xr ppp 8 .
-.It Va WITH_RATELIMIT
-Build the system with rate limit support.
-.Pp
-This makes
-.Dv SO_MAX_PACING_RATE
-effective in
-.Xr getsockopt 2 ,
-and
-.Ar txrlimit
-support in
-.Xr ifconfig 8 ,
-by proxy.
-.It Va WITHOUT_RBOOTD
-Do not build or install
-.Xr rbootd 8 .
-.It Va WITHOUT_RELRO
-Do not apply the Relocation Read-Only (RELRO) vulnerability mitigation.
-See also the
-.Va BIND_NOW
-option.
-.It Va WITH_REPRODUCIBLE_BUILD
-Exclude build metadata (such as the build time, user, or host)
-from the kernel, boot loaders, and
-.Xr uname 1
-output, so that builds produce
-bit-for-bit identical output.
-.It Va WITH_REPRODUCIBLE_PATHS
-Modify the paths encoded in binary artifacts to be standard path
-
-Normally, the actual path is encoded in the binary. However, this makes the
-build differ depending on the path it was built from. With this option enabled,
-the paths recorded are /usr/src, regardless of the actual path. With this option
-disabled, the actual paths are recorded.
-.It Va WITHOUT_RESCUE
-Do not build
-.Xr rescue 8 .
-.It Va WITH_RETPOLINE
-Build the base system with the retpoline speculative execution
-vulnerability mitigation for CVE-2017-5715.
-.It Va WITHOUT_ROUTED
-Do not build
-.Xr routed 8
-utility.
-.It Va WITH_RPCBIND_WARMSTART_SUPPORT
-Build
-.Xr rpcbind 8
-with warmstart support.
-.It Va WITH_RUN_TESTS
-Run tests as part of the build.
-.It Va WITHOUT_SCTP_SUPPORT
-Disable support in the kernel for the
-.Xr sctp 4
-Stream Control Transmission Protocol
-loadable kernel module.
-.It Va WITHOUT_SENDMAIL
-Do not build
-.Xr sendmail 8
-and related programs.
-.It Va WITHOUT_SERVICESDB
-Do not install
-.Pa /var/db/services.db .
-.It Va WITHOUT_SETUID_LOGIN
-Set this to disable the installation of
-.Xr login 1
-as a set-user-ID root program.
-.It Va WITHOUT_SHAREDOCS
-Do not build the
-.Bx 4.4
-legacy docs.
-.It Va WITH_SORT_THREADS
-Enable threads in
-.Xr sort 1 .
-.It Va WITHOUT_SOUND
-Do not build userland sound utilities such as
-.Xr beep 1
-and
-.Xr mixer 8 .
-.It Va WITHOUT_SOURCELESS
-Do not build kernel modules that include sourceless code (either microcode or native code for host CPU).
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_SOURCELESS_HOST
-.It
-.Va WITHOUT_SOURCELESS_UCODE
-.El
-.It Va WITHOUT_SOURCELESS_HOST
-Do not build kernel modules that include sourceless native code for host CPU.
-.It Va WITHOUT_SOURCELESS_UCODE
-Do not build kernel modules that include sourceless microcode.
-.It Va WITHOUT_SPLIT_KERNEL_DEBUG
-Do not build standalone kernel debug files.
-Debug data (if enabled by the kernel configuration file)
-will be included in the kernel and modules.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_KERNEL_SYMBOLS
-.El
-.It Va WITHOUT_SSP
-Do not build world with stack smashing protection.
-See
-.Xr mitigations 7
-for more information.
-.It Va WITH_STAGING
-Enable staging of files to a stage tree.
-This can be best thought of as auto-install to
-.Va DESTDIR
-with some extra meta data to ensure dependencies can be tracked.
-Depends on
-.Va WITH_DIRDEPS_BUILD .
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITH_STAGING_MAN
-(unless
-.Va WITHOUT_STAGING_MAN
-is set explicitly)
-.It Va WITH_STAGING_PROG
-(unless
-.Va WITHOUT_STAGING_PROG
-is set explicitly)
-.El
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITH_STAGING_MAN
-Enable staging of man pages to stage tree.
-.It Va WITH_STAGING_PROG
-Enable staging of PROGs to stage tree.
-.It Va WITH_STALE_STAGED
-Check staged files are not stale.
-.It Va WITHOUT_STATS
-Neither build nor install
-.Lb libstats
-and dependent binaries.
-.It Va WITHOUT_SYSCONS
-Do not build
-.Xr syscons 4
-support files such as keyboard maps, fonts, and screen output maps.
-.It Va WITH_SYSROOT
-Enable use of sysroot during build.
-Depends on
-.Va WITH_DIRDEPS_BUILD .
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITHOUT_SYSTEM_COMPILER
-Do not opportunistically skip building a cross-compiler during the
-bootstrap phase of the build.
-Normally, if the currently installed compiler matches the planned bootstrap
-compiler type and revision, then it will not be built.
-This does not prevent a compiler from being built for installation though,
-only for building one for the build itself.
-The
-.Va WITHOUT_CLANG
-option controls that.
-.It Va WITHOUT_SYSTEM_LINKER
-Do not opportunistically skip building a cross-linker during the
-bootstrap phase of the build.
-Normally, if the currently installed linker matches the planned bootstrap
-linker type and revision, then it will not be built.
-This does not prevent a linker from being built for installation though,
-only for building one for the build itself.
-The
-.Va WITHOUT_LLD
-option controls that.
-.Pp
-This option is only relevant when
-.Va WITH_LLD_BOOTSTRAP
-is set.
-.It Va WITHOUT_TALK
-Do not build or install
-.Xr talk 1
-and
-.Xr talkd 8 .
-.It Va WITHOUT_TCP_WRAPPERS
-Do not build or install
-.Xr tcpd 8 ,
-and related utilities.
-.It Va WITHOUT_TCSH
-Do not build and install
-.Pa /bin/csh
-(which is
-.Xr tcsh 1 ) .
-.It Va WITHOUT_TELNET
-Do not build
-.Xr telnet 1
-and related programs.
-.It Va WITHOUT_TESTS
-Do not build nor install the
-.Fx
-Test Suite in
-.Pa /usr/tests/ .
-See
-.Xr tests 7
-for more details.
-This also disables the build of all test-related dependencies, including ATF.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_DTRACE_TESTS
-.It
-.Va WITHOUT_ZFS_TESTS
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_GOOGLETEST
-(unless
-.Va WITH_GOOGLETEST
-is set explicitly)
-.It Va WITHOUT_TESTS_SUPPORT
-(unless
-.Va WITH_TESTS_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_TESTS_SUPPORT
-Disable the build of all test-related dependencies, including ATF.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_GOOGLETEST
-.El
-.It Va WITHOUT_TEXTPROC
-Do not build
-programs used for text processing.
-.It Va WITHOUT_TFTP
-Do not build or install
-.Xr tftp 1
-and
-.Xr tftpd 8 .
-.It Va WITHOUT_TOOLCHAIN
-Do not install
-programs used for program development,
-compilers, debuggers etc.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_CLANG
-.It
-.Va WITHOUT_CLANG_EXTRAS
-.It
-.Va WITHOUT_CLANG_FORMAT
-.It
-.Va WITHOUT_CLANG_FULL
-.It
-.Va WITHOUT_LLD
-.It
-.Va WITHOUT_LLDB
-.It
-.Va WITHOUT_LLVM_COV
-.El
-.Pp
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_LLVM_BINUTILS
-(unless
-.Va WITH_LLVM_BINUTILS
-is set explicitly)
-.El
-.It Va WITH_UBSAN
-Build the base system with Undefined Behavior Sanitizer (UBSan) to detect
-various kinds of undefined behavior at runtime.
-Requires that Clang be used as the base system compiler
-and that the runtime support library is available
-.It Va WITHOUT_UNBOUND
-Do not build
-.Xr unbound 8
-and related programs.
-.It Va WITH_UNDEFINED_VERSION
-Link libraries with --undefined-version which permits version maps to
-contain symbols that are not present in the library.
-If this is necessary to build a particular configuration, a bug is
-present and the configuration should be reported.
-.It Va WITHOUT_UNIFIED_OBJDIR
-Use the historical object directory format for
-.Xr build 7
-targets.
-For native-builds and builds done directly in sub-directories the format of
-.Pa ${MAKEOBJDIRPREFIX}/${.CURDIR}
-is used,
-while for cross-builds
-.Pa ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}/${.CURDIR}
-is used.
-.Pp
-This option is transitional and will be removed in a future version of
-.Fx ,
-at which time
-.Va WITH_UNIFIED_OBJDIR
-will be enabled permanently.
-.Pp
-This must be set in the environment, make command line, or
-.Pa /etc/src-env.conf ,
-not
-.Pa /etc/src.conf .
-.It Va WITHOUT_USB
-Do not build USB-related programs and libraries.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_USB_GADGET_EXAMPLES
-.El
-.It Va WITHOUT_USB_GADGET_EXAMPLES
-Do not build USB gadget kernel modules.
-.It Va WITHOUT_UTMPX
-Do not build user accounting tools such as
-.Xr last 1 ,
-.Xr users 1 ,
-.Xr who 1 ,
-.Xr ac 8 ,
-.Xr lastlogin 8
-and
-.Xr utx 8 .
-.It Va WITH_VERIEXEC
-Enable building
-.Xr veriexec 8
-which loads the contents of verified manifests into the kernel
-for use by
-.Xr mac_veriexec 4
-.Pp
-Depends on
-.Va WITH_BEARSSL .
-.It Va WITHOUT_VI
-Do not build and install vi, view, ex and related programs.
-.It Va WITHOUT_VT
-Do not build
-.Xr vt 4
-support files (fonts and keymaps).
-.It Va WITHOUT_WARNS
-Set this to not add warning flags to the compiler invocations.
-Useful as a temporary workaround when code enters the tree
-which triggers warnings in environments that differ from the
-original developer.
-.It Va WITHOUT_WERROR
-Set this to not treat compiler warnings as errors.
-Useful as a temporary workaround when working on fixing compiler warnings.
-When set, warnings are still printed in the build log but do not fail the build.
-.It Va WITHOUT_WIRELESS
-Do not build programs used for 802.11 wireless networks; especially
-.Xr wpa_supplicant 8
-and
-.Xr hostapd 8 .
-When set, these options are also in effect:
-.Pp
-.Bl -inset -compact
-.It Va WITHOUT_WIRELESS_SUPPORT
-(unless
-.Va WITH_WIRELESS_SUPPORT
-is set explicitly)
-.El
-.It Va WITHOUT_WIRELESS_SUPPORT
-Build libraries, programs, and kernel modules without
-802.11 wireless support.
-.It Va WITHOUT_WPA_SUPPLICANT_EAPOL
-Build
-.Xr wpa_supplicant 8
-without support for the IEEE 802.1X protocol and without
-support for EAP-PEAP, EAP-TLS, EAP-LEAP, and EAP-TTLS
-protocols (usable only via 802.1X).
-.It Va WITH_ZEROREGS
-Build the basesystem with code to zero caller-used register contents
-on function return.
-This prevents leaking temporary values for side channel attacks.
-Additionally this reduces the number of usable ROP gadgets for attackers.
-.It Va WITHOUT_ZFS
-Do not build the ZFS file system kernel module, libraries such as
-.Xr libbe 3 ,
-and user commands such as
-.Xr zpool 8
-or
-.Xr zfs 8 .
-Also disable ZFS support in utilities and libraries which implement
-ZFS-specific functionality.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_ZFS_TESTS
-.El
-.It Va WITHOUT_ZFS_TESTS
-Do not build and install the legacy ZFS test suite.
-.It Va WITHOUT_ZONEINFO
-Do not build the timezone database.
-When set, it enforces these options:
-.Pp
-.Bl -item -compact
-.It
-.Va WITHOUT_ZONEINFO_LEAPSECONDS_SUPPORT
-.El
-.It Va WITH_ZONEINFO_LEAPSECONDS_SUPPORT
-Build leapsecond information in to the timezone database.
-This option violates
-.St -p1003.1
-and all other applicable standards, and is known to cause unexpected
-issues with date/time handling in many applications and programming
-languages.
.El
.Pp
The following options accept a single value from a list of valid values.
.Bl -tag -width indent
-.It Va INIT_ALL
-Control default initialization of stack variables in C and C++ code.
-Options other than
-.Li none
-require the Clang compiler or GCC 12.0 or later.
-The default value is
-.Li none .
-Valid values are:
-.Bl -tag -width indent
-.It Li none
-Do not initialize stack variables (standard C/C++ behavior).
-.It Li pattern
-Build the base system or kernel with stack variables initialized to
-.Pq compiler defined
-debugging patterns on function entry.
-.It Li zero
-Build the base system or kernel with stack variables initialized
-to zero on function entry.
-This value is converted to
-.Li none
-for amd64 kernel builds due to incompatibility with ifunc memset.
-.El
-.It Va LIBC_MALLOC
-Specify the
-.Xr malloc 3
-implementation used by libc.
-The default value is
-.Li jemalloc .
-Valid values are:
-.Bl -tag -width indent
-.It Li jemalloc
-.El
-.Pp
-Other implementations are expected in the future in both
-.Fx
-and downstream consumers.
.El
.Sh FILES
.Bl -tag -compact -width Pa
diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk
--- a/share/mk/src.opts.mk
+++ b/share/mk/src.opts.mk
@@ -207,7 +207,6 @@
DISK_IMAGE_TOOLS_BOOTSTRAP \
DTRACE_ASAN \
DTRACE_TESTS \
- EXPERIMENTAL \
HESIOD \
IPFILTER_IPFS \
LOADER_VERBOSE \
diff --git a/sys/conf/options b/sys/conf/options
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -104,7 +104,6 @@
COMPILING_LINT opt_global.h
CY_PCI_FASTINTR
DEADLKRES opt_watchdog.h
-EXPERIMENTAL opt_global.h
DIRECTIO
FFCLOCK
FULL_PREEMPTION opt_sched.h
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -475,27 +475,6 @@
return (0);
}
-#ifdef EXPERIMENTAL
-#if defined(INET6) && defined(INET)
- /* draft-ietf-6man-ipv6only-flag */
- /* Catch ETHERTYPE_IP, and ETHERTYPE_[REV]ARP if we are v6-only. */
- if ((ifp->if_inet6->nd_flags & ND6_IFF_IPV6_ONLY_MASK) != 0) {
- struct ether_header *eh;
-
- eh = mtod(m, struct ether_header *);
- switch (ntohs(eh->ether_type)) {
- case ETHERTYPE_IP:
- case ETHERTYPE_ARP:
- case ETHERTYPE_REVARP:
- m_freem(m);
- return (EAFNOSUPPORT);
- /* NOTREACHED */
- break;
- };
- }
-#endif
-#endif
-
/*
* Queue message on interface, update output statistics if successful,
* and start output if interface not yet active.
@@ -541,24 +520,6 @@
etype = ntohs(eh->ether_type);
random_harvest_queue_ether(m, sizeof(*m));
-#ifdef EXPERIMENTAL
-#if defined(INET6) && defined(INET)
- /* draft-ietf-6man-ipv6only-flag */
- /* Catch ETHERTYPE_IP, and ETHERTYPE_[REV]ARP if we are v6-only. */
- if ((ifp->if_inet6->nd_flags & ND6_IFF_IPV6_ONLY_MASK) != 0) {
- switch (etype) {
- case ETHERTYPE_IP:
- case ETHERTYPE_ARP:
- case ETHERTYPE_REVARP:
- m_freem(m);
- return;
- /* NOTREACHED */
- break;
- };
- }
-#endif
-#endif
-
CURVNET_SET_QUIET(ifp->if_vnet);
if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
diff --git a/sys/netinet/icmp6.h b/sys/netinet/icmp6.h
--- a/sys/netinet/icmp6.h
+++ b/sys/netinet/icmp6.h
@@ -243,10 +243,6 @@
#define ND_RA_FLAG_RTPREF_LOW 0x18 /* 00011000 */
#define ND_RA_FLAG_RTPREF_RSV 0x10 /* 00010000 */
-#ifdef EXPERIMENTAL
-#define ND_RA_FLAG_IPV6_ONLY 0x02 /* draft-ietf-6man-ipv6only-flag */
-#endif
-
#define nd_ra_router_lifetime nd_ra_hdr.icmp6_data16[1]
struct nd_neighbor_solicit { /* neighbor solicitation */
diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h
--- a/sys/netinet6/nd6.h
+++ b/sys/netinet6/nd6.h
@@ -74,12 +74,6 @@
#define ND6_IFF_NO_PREFER_IFACE 0x80 /* XXX: not related to ND. */
#define ND6_IFF_NO_DAD 0x100
#define ND6_IFF_STABLEADDR 0x800
-#ifdef EXPERIMENTAL
-/* XXX: not related to ND. */
-#define ND6_IFF_IPV6_ONLY 0x200 /* draft-ietf-6man-ipv6only-flag */
-#define ND6_IFF_IPV6_ONLY_MANUAL 0x400
-#define ND6_IFF_IPV6_ONLY_MASK (ND6_IFF_IPV6_ONLY|ND6_IFF_IPV6_ONLY_MANUAL)
-#endif
struct in6_nbrinfo {
char ifname[IFNAMSIZ]; /* if name, e.g. "en0" */
diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c
--- a/sys/netinet6/nd6_rtr.c
+++ b/sys/netinet6/nd6_rtr.c
@@ -104,16 +104,6 @@
VNET_DEFINE(int, ip6_temp_regen_advance) = TEMPADDR_REGEN_ADVANCE;
-#ifdef EXPERIMENTAL
-VNET_DEFINE_STATIC(int, nd6_ignore_ipv6_only_ra) = 1;
-#define V_nd6_ignore_ipv6_only_ra VNET(nd6_ignore_ipv6_only_ra)
-SYSCTL_INT(_net_inet6_icmp6, OID_AUTO,
- nd6_ignore_ipv6_only_ra, CTLFLAG_VNET | CTLFLAG_RW,
- &VNET_NAME(nd6_ignore_ipv6_only_ra), 0,
- "Ignore the 'IPv6-Only flag' in RA messages in compliance with "
- "draft-ietf-6man-ipv6only-flag");
-#endif
-
/* RTPREF_MEDIUM has to be 0! */
#define RTPREF_HIGH 1
#define RTPREF_MEDIUM 0
@@ -248,97 +238,6 @@
m_freem(m);
}
-#ifdef EXPERIMENTAL
-/*
- * An initial update routine for draft-ietf-6man-ipv6only-flag.
- * We need to iterate over all default routers for the given
- * interface to see whether they are all advertising the "S"
- * (IPv6-Only) flag. If they do set, otherwise unset, the
- * interface flag we later use to filter on.
- *
- * XXXGL: The use of IF_ADDR_WLOCK (previously it was IF_AFDATA_LOCK) in this
- * function is quite strange.
- */
-static void
-defrtr_ipv6_only_ifp(struct ifnet *ifp)
-{
- struct nd_defrouter *dr;
- bool ipv6_only, ipv6_only_old;
-#ifdef INET
- struct epoch_tracker et;
- struct ifaddr *ifa;
- bool has_ipv4_addr;
-#endif
-
- if (V_nd6_ignore_ipv6_only_ra != 0)
- return;
-
- ipv6_only = true;
- ND6_RLOCK();
- TAILQ_FOREACH(dr, &V_nd6_defrouter, dr_entry)
- if (dr->ifp == ifp &&
- (dr->raflags & ND_RA_FLAG_IPV6_ONLY) == 0)
- ipv6_only = false;
- ND6_RUNLOCK();
-
- IF_ADDR_WLOCK(ifp);
- ipv6_only_old = ifp->if_inet6->nd_flags & ND6_IFF_IPV6_ONLY;
- IF_ADDR_WUNLOCK(ifp);
-
- /* If nothing changed, we have an early exit. */
- if (ipv6_only == ipv6_only_old)
- return;
-
-#ifdef INET
- /*
- * Should we want to set the IPV6-ONLY flag, check if the
- * interface has a non-0/0 and non-link-local IPv4 address
- * configured on it. If it has we will assume working
- * IPv4 operations and will clear the interface flag.
- */
- has_ipv4_addr = false;
- if (ipv6_only) {
- NET_EPOCH_ENTER(et);
- CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
- if (ifa->ifa_addr->sa_family != AF_INET)
- continue;
- if (in_canforward(
- satosin(ifa->ifa_addr)->sin_addr)) {
- has_ipv4_addr = true;
- break;
- }
- }
- NET_EPOCH_EXIT(et);
- }
- if (ipv6_only && has_ipv4_addr) {
- log(LOG_NOTICE, "%s rcvd RA w/ IPv6-Only flag set but has IPv4 "
- "configured, ignoring IPv6-Only flag.\n", ifp->if_xname);
- ipv6_only = false;
- }
-#endif
-
- IF_ADDR_WLOCK(ifp);
- if (ipv6_only)
- ifp->if_inet6->nd_flags |= ND6_IFF_IPV6_ONLY;
- else
- ifp->if_inet6->nd_flags &= ~ND6_IFF_IPV6_ONLY;
- IF_ADDR_WUNLOCK(ifp);
-
-#ifdef notyet
- /* Send notification of flag change. */
-#endif
-}
-
-static void
-defrtr_ipv6_only_ipf_down(struct ifnet *ifp)
-{
-
- IF_ADDR_WLOCK(ifp);
- ifp->if_inet6->nd_flags &= ~ND6_IFF_IPV6_ONLY;
- IF_ADDR_WUNLOCK(ifp);
-}
-#endif /* EXPERIMENTAL */
-
void
nd6_ifnet_link_event(void *arg __unused, struct ifnet *ifp, int linkstate)
{
@@ -349,10 +248,6 @@
* unreachable but a different interface might still have connectivity.
*/
-#ifdef EXPERIMENTAL
- if (linkstate == LINK_STATE_DOWN)
- defrtr_ipv6_only_ipf_down(ifp);
-#endif
}
static void
@@ -599,9 +494,6 @@
}
}
dr = defrtrlist_update(&dr0);
-#ifdef EXPERIMENTAL
- defrtr_ipv6_only_ifp(ifp);
-#endif
/* Prefix Information */
if (ndopts.nd_opts_pi != NULL) {
/*
@@ -779,10 +671,6 @@
if (dr->ifp->if_inet6->nd_flags & ND6_IFF_ACCEPT_RTADV)
rt6_flush(&dr->rtaddr, dr->ifp);
-#ifdef EXPERIMENTAL
- defrtr_ipv6_only_ifp(dr->ifp);
-#endif
-
if (dr->installed) {
deldr = dr;
defrouter_delreq(dr);
diff --git a/tools/build/options/WITH_EXPERIMENTAL b/tools/build/options/WITH_EXPERIMENTAL
deleted file mode 100644
--- a/tools/build/options/WITH_EXPERIMENTAL
+++ /dev/null
@@ -1 +0,0 @@
-Include experimental features in the build.
diff --git a/usr.sbin/ndp/Makefile b/usr.sbin/ndp/Makefile
--- a/usr.sbin/ndp/Makefile
+++ b/usr.sbin/ndp/Makefile
@@ -23,11 +23,6 @@
CFLAGS+= -I. -I${.CURDIR}
CFLAGS+= -D_U_=""
-.if ${MK_EXPERIMENTAL} != "no"
-CFLAGS+= -DEXPERIMENTAL
-CFLAGS+= -DDRAFT_IETF_6MAN_IPV6ONLY_FLAG
-.endif
-
.if ${MK_NETLINK_SUPPORT} != "no"
SRCS+= ndp_netlink.c
.else
diff --git a/usr.sbin/ndp/ndp.c b/usr.sbin/ndp/ndp.c
--- a/usr.sbin/ndp/ndp.c
+++ b/usr.sbin/ndp/ndp.c
@@ -1225,12 +1225,7 @@
*pflags++ = 'O';
xo_emit("{el:%s}", "other");
}
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- if (p->flags & ND_RA_FLAG_IPV6_ONLY) {
- *pflags++ = 'S';
- xo_emit("{el:%s}", "ipv6only");
- }
-#endif
+
xo_close_list("flags_pretty");
xo_emit(", flags={:flags/%s}", rflags);
diff --git a/usr.sbin/rtadvd/Makefile b/usr.sbin/rtadvd/Makefile
--- a/usr.sbin/rtadvd/Makefile
+++ b/usr.sbin/rtadvd/Makefile
@@ -20,11 +20,6 @@
SRCS= rtadvd.c rrenum.c advcap.c if.c config.c timer.c timer_subr.c \
control.c control_server.c
-.if ${MK_EXPERIMENTAL} != "no"
-CFLAGS+= -DEXPERIMENTAL
-CFLAGS+= -DDRAFT_IETF_6MAN_IPV6ONLY_FLAG
-.endif
-
LIBADD= util
WARNS?= 1
diff --git a/usr.sbin/rtadvd/config.c b/usr.sbin/rtadvd/config.c
--- a/usr.sbin/rtadvd/config.c
+++ b/usr.sbin/rtadvd/config.c
@@ -442,10 +442,6 @@
}
val |= ND_RA_FLAG_RTPREF_LOW;
}
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- if (strchr(flagstr, 'S'))
- val |= ND_RA_FLAG_IPV6_ONLY;
-#endif
} else
MAYHAVE(val, "raflags", 0);
@@ -461,9 +457,6 @@
__func__, rai->rai_rtpref, ifi->ifi_ifname);
goto getconfig_free_rai;
}
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- rai->rai_ipv6onlyflg = val & ND_RA_FLAG_IPV6_ONLY;
-#endif
MAYHAVE(val, "rltime", rai->rai_maxinterval * 3);
if ((uint16_t)val && ((uint16_t)val < rai->rai_maxinterval ||
@@ -1485,10 +1478,6 @@
rai->rai_managedflg ? ND_RA_FLAG_MANAGED : 0;
ra->nd_ra_flags_reserved |=
rai->rai_otherflg ? ND_RA_FLAG_OTHER : 0;
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- ra->nd_ra_flags_reserved |=
- rai->rai_ipv6onlyflg ? ND_RA_FLAG_IPV6_ONLY : 0;
-#endif
ra->nd_ra_router_lifetime = htons(rai->rai_lifetime);
ra->nd_ra_reachable = htonl(rai->rai_reachabletime);
ra->nd_ra_retransmit = htonl(rai->rai_retranstimer);
diff --git a/usr.sbin/rtadvd/rtadvd.h b/usr.sbin/rtadvd/rtadvd.h
--- a/usr.sbin/rtadvd/rtadvd.h
+++ b/usr.sbin/rtadvd/rtadvd.h
@@ -204,9 +204,6 @@
uint16_t rai_mininterval; /* MinRtrAdvInterval */
int rai_managedflg; /* AdvManagedFlag */
int rai_otherflg; /* AdvOtherConfigFlag */
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- int rai_ipv6onlyflg; /* AdvIPv6OnlyFlag */
-#endif
int rai_rtpref; /* router preference */
uint32_t rai_linkmtu; /* AdvLinkMTU */
diff --git a/usr.sbin/rtadvd/rtadvd.c b/usr.sbin/rtadvd/rtadvd.c
--- a/usr.sbin/rtadvd/rtadvd.c
+++ b/usr.sbin/rtadvd/rtadvd.c
@@ -1148,19 +1148,6 @@
sizeof(ntopbuf)), on_off[rai->rai_otherflg]);
inconsistent++;
}
-#ifdef DRAFT_IETF_6MAN_IPV6ONLY_FLAG
- /* S "IPv6-Only" (Six, Silence-IPv4) flag */
- if ((nra->nd_ra_flags_reserved & ND_RA_FLAG_IPV6_ONLY) !=
- rai->rai_ipv6onlyflg) {
- syslog(LOG_NOTICE,
- "S flag inconsistent on %s:"
- " %s from %s, %s from us",
- ifi->ifi_ifname, on_off[!rai->rai_ipv6onlyflg],
- inet_ntop(AF_INET6, &from->sin6_addr, ntopbuf,
- sizeof(ntopbuf)), on_off[rai->rai_ipv6onlyflg]);
- inconsistent++;
- }
-#endif
/* Reachable Time */
reachabletime = ntohl(nra->nd_ra_reachable);
if (reachabletime && rai->rai_reachabletime &&

File Metadata

Mime Type
text/plain
Expires
Fri, Apr 17, 8:59 AM (17 h, 33 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31650654
Default Alt Text
D56228.id175231.diff (61 KB)

Event Timeline