Changeset View
Changeset View
Standalone View
Standalone View
sys/amd64/conf/GENERIC
| Show First 20 Lines • Show All 63 Lines • ▼ Show 20 Lines | |||||
| options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions | options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions | ||||
| options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. | options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. | ||||
| options KBD_INSTALL_CDEV # install a CDEV entry in /dev | options KBD_INSTALL_CDEV # install a CDEV entry in /dev | ||||
| options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) | options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) | ||||
| options AUDIT # Security event auditing | options AUDIT # Security event auditing | ||||
| options CAPABILITY_MODE # Capsicum capability mode | options CAPABILITY_MODE # Capsicum capability mode | ||||
| options CAPABILITIES # Capsicum capabilities | options CAPABILITIES # Capsicum capabilities | ||||
| options MAC # TrustedBSD MAC Framework | options MAC # TrustedBSD MAC Framework | ||||
| #options PAX_ASLR # Address Space Layout Randomization | |||||
| #options PAX_SYSCTLS # Run-time settings for PAX and Hardening | |||||
| options KDTRACE_FRAME # Ensure frames are compiled in | options KDTRACE_FRAME # Ensure frames are compiled in | ||||
| options KDTRACE_HOOKS # Kernel DTrace hooks | options KDTRACE_HOOKS # Kernel DTrace hooks | ||||
| options DDB_CTF # Kernel ELF linker loads CTF data | options DDB_CTF # Kernel ELF linker loads CTF data | ||||
| options INCLUDE_CONFIG_FILE # Include this file in kernel | options INCLUDE_CONFIG_FILE # Include this file in kernel | ||||
| # Debugging support. Always need this: | # Debugging support. Always need this: | ||||
| options KDB # Enable kernel debugger support. | options KDB # Enable kernel debugger support. | ||||
| options KDB_TRACE # Print a stack trace for a panic. | options KDB_TRACE # Print a stack trace for a panic. | ||||
| ▲ Show 20 Lines • Show All 265 Lines • ▼ Show 20 Lines | |||||
| # Xen HVM Guest Optimizations | # Xen HVM Guest Optimizations | ||||
| # NOTE: XENHVM depends on xenpci. They must be added or removed together. | # NOTE: XENHVM depends on xenpci. They must be added or removed together. | ||||
| options XENHVM # Xen HVM kernel infrastructure | options XENHVM # Xen HVM kernel infrastructure | ||||
| device xenpci # Xen HVM Hypervisor services driver | device xenpci # Xen HVM Hypervisor services driver | ||||
| # VMware support | # VMware support | ||||
| device vmx # VMware VMXNET3 Ethernet | device vmx # VMware VMXNET3 Ethernet | ||||
| # Netmap provides direct access to TX/RX rings on supported NICs | # Netmap provides direct access to TX/RX rings on supported NICs | ||||
emaste: #comments here please (both a header for this section, and PAX_ASLR specifically). | |||||
Not Done Inline ActionsI plan to backport the most recent changes from our master to HardenedBSD's upstream branch, and than Shawn or I will create a new patch. Btw, the most recent version is like this: https://github.com/HardenedBSD/hardenedBSD/blob/hardened/current/master/sys/amd64/conf/HARDENEDBSD#L77 op: I plan to backport the most recent changes from our master to HardenedBSD's upstream branch… | |||||
| device netmap # netmap(4) support | device netmap # netmap(4) support | ||||
#comments here please (both a header for this section, and PAX_ASLR specifically).