Page MenuHomeFreeBSD
Differential D32631 Diff 97377 share/man/man4/sysctl_machdep.4

Changeset View

Standalone View

View Options

share/man/man4/sysctl_machdep.4

  • This file was added.
.\"-
.\" Copyright (c) 2021 Felix Johnson <felix.the.red@gmail.com>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd October 24, 2021
.Dt sysctl_machdep 4
.Os
.Sh NAME
.Nm sysctl_machdep
.Nd sysctl(8) variables in the machdep namespace
.Sh DESCRIPTION
Some
.Xr sysctl 8
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

8 or 3? (Leaning toward 3 myself, since they're accessible to userland in general, not just sysctl(8).

pauamma_gundo.com: 8 or 3? (Leaning toward 3 myself, since they're accessible to userland in general, not just…
variables are available on every architecture, while others
are available on a limited number of architectures.
.Sh SYSCTL VARIABLES
The kernel provides a number of sysctl variables to monitor or manage
the machine-dependent behaviors.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
The kernel provides a number of sysctl variables to monitor or manage
- the machine-dependent behaviors.
+ machine-dependent behavior.
.Bl -tag -width 3

Or perhaps "some machine-dependent behavior". The intent is to make clearer not all of it is user-controllable.

pauamma_gundo.com: Or perhaps "some machine-dependent behavior". The intent is to make clearer not all of it is…
.Bl -tag -width 3
.It Va machdep.acpi_root
Unsigned long, read-only.
The physical address of the Root System Description Pointer
.Pq RDSP
used in the Advanced Configuration and Power Interface
.Pq ACPI .
Supported on arm64, x86, amd64.
.It Va machdep.acpi_timer_freq
Integer, read-only.
Returns the Advanced Configuration and Power Interface (ACPI)
timer frequency, in hertz.
Supported on systems that implement
.Xr acpi 4 .
.It Va machdep.adjkerntz
Integer, read-only.
Returns the local offset from Coordinated Universal Time
.Pq UTC
in seconds.
.It Va machdep.allow_dic
Integer, read-write.
Allow optimizations based on the Data to Instruction Coherence
.Pq DIC
cache bit.
Possible values are 0 for disable or 1 for enable.
The default is 1 for enable.
Supported on arm64 only.
.It Va machdep.allow_idc
Integer, read-write.
Allow optimizations based on the Instruction to Data Coherence
.Pq IDC
cache bit.
Possible values are 0 for disable or 1 for enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
cache bit.
- Possible values are 0 for disable or 1 for enable.
+ Possible values are 0 to disable or 1 to enable.
The default is 1 for enable.
pauamma_gundo.com:
The default is 1 for enable.
Supported on arm64 only.
.It Va machdep.bootinfo
Structure, read-only.
Display the bootinfo structure, including kernel filename and
BIOS harddisk geometry.
Supported on mips only.
.It Va machdep.bootmethod
String, read-only.
The system firmware boot method.
Supported on x86 and amd64.
.It Va machdep.cacheline_size
Integer, read-only.
The size, in bytes, of a cache line.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Integer, read-only.
- The size, in bytes, of a cache line.
+ The size in bytes of a cache line.
The default is 32 bytes for 32-bit powerpc,
pauamma_gundo.com:
The default is 32 bytes for 32-bit powerpc,
and 128 for 64-bit powerpc.
Supported on powerpc only.
.It Va machdep.counter_freq
Unsigned 64-bit integer, read-write.
Get or set the timecounter frequency, in hertz.
Supported on mips only.
.It Va machdep.disable_bp_hardening
Integer, read-write.
Disable branch prediction
.Pq BP
hardening, a technique used to mitigate some aliasing attacks.
Set to 0 to enable BP hardening, or 1 to disable BP hardening.
Note: Not all processors support BP hardening.
Supported on arm and arm64.
.It Va machdep.disable_msix_migration
Integer, read-only, tunable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

"tunable" meaning "can be set in the loader only"? If I'm correct, should it be listed in an architecture-specific section of loader.conf(5) as well/instead? (Also, perhaps clarify "tunable". What do sysctl sections other manual pages say for those?

pauamma_gundo.com: "tunable" meaning "can be set in the loader only"? If I'm correct, should it be listed in an…
Some earlier versions of the Xen hypervisor did not properly
handle migration of extended message-signaled interrupts
.Pq MSI-X
between processors.
Possible values are -1 for automatic detection by
.Fx ,
0 to enable migration, and 1 to disable migration.
The default is -1 for automatic detection.
This sysctl has no effect on systems with only one processing core.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
The default is -1 for automatic detection.
- This sysctl has no effect on systems with only one processing core.
+ This sysctl has no effect on systems with only one processor core.
Supported on x86 and amd64.
pauamma_gundo.com:
Supported on x86 and amd64.
.It Va machdep.disable_mtrrs
Integer, read-only, tunable.
Disable memory type range registers
.Pq MTRRs ,
a mechanism to allow or disallow caching to be specified in
system memory for selected physical address ranges.
Possible values are 0 for enable MTRR and 1 for disable MTRR.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
system memory for selected physical address ranges.
- Possible values are 0 for enable MTRR and 1 for disable MTRR.
+ Possible values are 0 to enable MTRR and 1 to disable MTRR.
Supported on x86 and amd64.
pauamma_gundo.com:
Supported on x86 and amd64.
.It Va machdep.disable_rtc_set
Integer, read-write.
Disallow adjusting the realtime clock
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Integer, read-write.
- Disallow adjusting the realtime clock
+ Disable adjusting the realtime clock
.Pq RTC .
pauamma_gundo.com:
.Pq RTC .
Possible values are 0 to enable adjusting the RTC,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Pq RTC .
- Possible values are 0 to enable adjusting the RTC,
+ Possible values are 0 to enable adjusting the RTC
or 1 to disable adjustment.
pauamma_gundo.com:
or 1 to disable adjustment.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Possible values are 0 to enable adjusting the RTC,
- or 1 to disable adjustment.
+ or 1 to disable adjusting it.
Supported on all architectures.
pauamma_gundo.com:
Supported on all architectures.
.It Va machdep.disable_tsc
Integer, read-only, tunable.
Disable the time stamp counter
.Pq TSC ,
a 64-bit register that counts the number of CPU cycles since reset.
Possible values are 0 for enable TSC or 1 to disable TSC.
Supported on x86 and amd64.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Do all x86 generations FreeBSD still support have it? I vaguely remember it came with Pentium, but don't remember when 486 support was/will be dropped.

pauamma_gundo.com: Do all x86 generations FreeBSD still support have it? I vaguely remember it came with Pentium…
.It Va machdep.disable_tsc_calibration
Integer, read-only, tunable.
Disable frequency calibration for the time stamp counter
.Pq TSC .
Possible values are 0 to enable calibration or 1 to disable calibration.
Supported on x86 and amd64.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Same question as above.

pauamma_gundo.com: Same question as above.
.It Va machdep.dump_retry_count
Integer, read-write, tunable.
The number of times a crash dump will try to write out its contents.
The default value is 5.
Supported on amd64 and powerpc.
.It Va machdep.efi_map
Opaque, read-only.
The raw extensible firmware interface
.Pq EFI
memory map.
Supported on x86 and amd64.
.It Va machdep.efi_rt_handle_faults
Integer, read-write, tunable.
Call extensible firmware interface runtime
.Pq EFI RT
methods wrapped by a fault handler.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Should "by" be either "around" or "inside"? Not sure what you mean here.

pauamma_gundo.com: Should "by" be either "around" or "inside"? Not sure what you mean here.
The default value depends on processor architecture.
Possible values are 0 for call runtime methods without a fault handler,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
The default value depends on processor architecture.
- Possible values are 0 for call runtime methods without a fault handler,
+ Possible values are 0 to call runtime methods without a fault handler
or 1 to call with a fault handler.
pauamma_gundo.com:
or 1 to call with a fault handler.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Possible values are 0 for call runtime methods without a fault handler,
- or 1 to call with a fault handler.
+ or 1 to call runtime methods with a fault handler.
Supported on systems that implement

Or perhaps "to call them", but previous sysctls repeat the object.

pauamma_gundo.com: Or perhaps "to call them", but previous sysctls repeat the object.
Supported on systems that implement
.Xr efidev 4 .
.It Va machdep.elan_freq
Unsigned integer, read-write.
Returns the current clock frequency for the Elan CPU, in hertz.
The default is 33.3 MHz.
Supported on x86 only.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Is Elan support (still) controlled by a config(5) option? It seems to be on 12.2, not sure about 13 or -current.

pauamma_gundo.com: Is Elan support (still) controlled by a config(5) option? It seems to be on 12.2, not sure…
.It Va machdep.elan_gpio_config
String, read-write.
Get or set the current general purpose input output
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
String, read-write.
- Get or set the current general purpose input output
+ Get or set the current General Purpose Input-Output
.Pq GPIO
pauamma_gundo.com:
.Pq GPIO
pin configuration for the Elan CPU.
Supported on x86 only.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Same question as above about Elan support.

pauamma_gundo.com: Same question as above about Elan support.
.It Va machdep.enable_panic_key
Integer, read-write.
Enable system panic via a keypress specified in
.Xr keybdmap 5 .
Possible values are 0 disable system panic via keypress,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Xr keybdmap 5 .
- Possible values are 0 disable system panic via keypress,
+ Possible values are 0 to disable system panic via keypress
or 1 to enable system panic.
pauamma_gundo.com:
or 1 to enable system panic.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Either "enable it" or "enable system panic via keypress", I think.

pauamma_gundo.com: Either "enable it" or "enable system panic via keypress", I think.
The default is 0 to disable system panic.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Same as above.

pauamma_gundo.com: Same as above.
Supported on systems that implement
.Xr syscons 4 .
.It Va machdep.fast_copyout
Integer, read-write, tunable.
For
.Xr copyout 9
and
.Xr copyin 9 ,
enable or disable the fast copying mechanism.
Possible values are 0 to disable or 1 to enable.
The default is 1 to enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

s/able/able fastcopying/g maybe? Probably taste.

pauamma_gundo.com: s/able/able fastcopying/g maybe? Probably taste.
Supported on x86 only.
.It Va machdep.first_msi_irq
Unsigned integer, read-only.
The number of the first interrupt request
.Pq IRQ
reserved for message-signaled interrupts
.Pq MSI
and extended message-signaled interrupts
.Pq MSI-X .
Supported on x86 and amd64.
.It Va machdep.flush_rsb_ctxsw
Integer, read-write.
Flush the Return Stack Buffer
.Pq RSB
on context switch.
This is a mitigation for SpectreRSB
.Pq CVE-2018-15572 .
For processors that support Supervisor Mode Execution Protection
.Pq SMEP ,
this is automatically enabled if
.Va hw.ibrs_disable
is set.
Possible values are 0 for disable, 1 for enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
is set.
- Possible values are 0 for disable, 1 for enable.
+ Possible values are 0 to disable SMEP or 1 to enable SMEP.
Note: the tunable value for this is

While I'm at it: "or" or "and"? Since both values are possible, I'm leaning toward "and", but some may understand "and" to mean "both at the same time". (If going for "and", keep it consistent with other boolean-like options.)

pauamma_gundo.com: While I'm at it: "or" or "and"? Since both values are possible, I'm leaning toward "and", but…
Note: the tunable value for this is
.Va machdep.mitigations.cpu_flush_rsb_ctxsw .
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Perhaps out of scope for this review, but check there's a reference in the other direction in loader.conf(5).

pauamma_gundo.com: Perhaps out of scope for this review, but check there's a reference in the other direction in…
Supported on x86 and amd64.
.It Va machdep.guessed_bootdev
Unsigned long, read-only.
Returns the boot device as unsigned long.
The value that is guessed depends on the method used to
load and start the kernel.
Supported on x86 only.
.It Va machdep.hwpstate_pkg_ctrl
Boolean, read-only, tunable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

How do boolean/true/false here differ from int/0/1 elsewhere? Specifically, are the values represented as strings, or as (unsigned) ints?

pauamma_gundo.com: How do boolean/true/false here differ from int/0/1 elsewhere? Specifically, are the values…
CPU P-states represent performance states in the Advanced
Configuration and Power Interface
.Pq ACPI
specification.
Select between package-level control and per-core control
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
specification.
- Select between package-level control and per-core control
+ Select between package-level control and core-level control
of performance states.
pauamma_gundo.com:
of performance states.
Possible values are
.Dv false for core-level control or
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Why is there no line break after "false" here and one after "true" below (twice)?

pauamma_gundo.com: Why is there no line break after "false" here and one after "true" below (twice)?
.Dv true
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

See question under "Boolean" above.

pauamma_gundo.com: See question under "Boolean" above.
for package-level control.
The default is
.Dv true
for package-level control.
Supported by systems that implement
.Xr hwpstate_intel 4 .
.It Va machdep.hyperthreading_allowed
Integer, read-only, tunable.
For processors that support hyper-threading technology
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Hyphen or no hyphen?

pauamma_gundo.com: Hyphen or no hyphen?
.Pq HTT ,
enable or disable this processor feature.
Hyper-threading enables multiple threads to run on each core.
Possible values are 0 for disable or 1 for enable.
The default is 1 for enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Hyper-threading enables multiple threads to run on each core.
- Possible values are 0 for disable or 1 for enable.
- The default is 1 for enable.
+ Possible values are 0 to disable or 1 to enable.
+ The default is 1 to enable.
Supported on x86 and amd64.
pauamma_gundo.com:
Supported on x86 and amd64.
.It Va machdep.hyperthreading_intr_allowed
Integer, read-only, tunable.
Enable or disable interrupts on hyperthreading logical CPUs.
Possible values are 0 for disable or 1 for enable.
The default is 0 for disable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Enable or disable interrupts on hyperthreading logical CPUs.
- Possible values are 0 for disable or 1 for enable.
- The default is 0 for disable.
+ Possible values are 0 to disable or 1 to enable.
+ The default is 0 to disable.
Supported on x86 and amd64.
pauamma_gundo.com:
Supported on x86 and amd64.
.It Va machdep.i8254_freq
Integer, read-write.
Get or set the current frequency of the i8254 programmable
interrupt timer, in hertz.
Supported on x86 and amd64 systems that implement
.Xr attimer 4 .
.It Va machdep.idle
String, read-write, tunable.
The currently selected idle function.
Possible values can be determined from
.Va machdep.idle_available .
Supported on x86 and amd64.
.It Va machdep.idle_apl31
Integer, read-write, tunable.
Enable or disable the workaround for the Apollo Lake MWAIT bug
.Pq See Intel Errata, Dq APL30: A Store Instruction May Not Wake up MWAIT .
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Where does this markup put the "."? If inside (), also needs one in the line above.

pauamma_gundo.com: Where does this markup put the "."? If inside (), also needs one in the line above.
Set to 0 to disable the workaround and allow the processor to rely on
MONITOR/MWAIT instructions to wake from sleep, or set to 1 to enable the
workaround and wake the sleeping processor using interrupts instead.
Supported on x86 and amd64.
.It Va machdep.idle_available
String, read-only.
Retrieve a comma-separated list of idle functions available for this processor.
Supported on x86 and amd64.
.It Va machdep.idle_mwait
Integer, read-write, tunable.
Enable or disable using the MONITOR/MWAIT processor instructions
when idling for a short period of time.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Define "short"?

pauamma_gundo.com: Define "short"?
Set to 0 to disable or 1 to enable.
The default is 1 for enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Set to 0 to disable or 1 to enable.
- The default is 1 for enable.
+ The default is 1 to enable.
Supported on x86 and amd64.
pauamma_gundo.com:
Supported on x86 and amd64.
.It Va machdep.led_display
String, write-only.
Set this sysctl value to display a string on the LED display.
The maximum length of the string is four characters for revision 1.x
of the EBT3000, and eight characters for others.
Supported on mips only.
.It Va machdep.manage_fans
Integer, read-write, tunable.
Enable or disable automatic fan management.
Possible values are 0 for disable automatic management,
or 1 for enable automatic management.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Enable or disable automatic fan management.
- Possible values are 0 for disable automatic management,
- or 1 for enable automatic management.
+ Possible values are 0 to disable automatic management,
+ or 1 to enable automatic management.
The default is 1 for automatic management.
pauamma_gundo.com:
The default is 1 for automatic management.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
or 1 for enable automatic management.
- The default is 1 for automatic management.
+ The default is 1 to automatic management.
Supported on powerpc only.
pauamma_gundo.com:
Supported on powerpc only.
.It Va machdep.max_ldt_segment
Integer, read-only, tunable.
The maximum number of local descriptor table
.Pq LDT
segments in the single address space.
The default is 512.
Supported on x86 and amd64.
.It Va machdep.mitigations.ibrs.active
Integer, read-only.
Whether Indirect Branch Restricted Speculation
.Pq IBRS
is active.
Possible values are 0 for not active or 1 for active.
See
.Va machdep.mitigations.ibrs.disable
for more information on IBRS.
Supported on amd64 for processors with the IBRS feature.
.It Va machdep.mitigations.ibrs.disable
Integer, read-write, tunable.
Disable Indirect Branch Restricted Speculation
.Pq IBRS ,
an indirect branch control mechanism that restricts speculation of
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Pq IBRS ,
- an indirect branch control mechanism that restricts speculation of
+ a mechanism that restricts speculation of
indirect branches.

Maybe. Redundancy is good for clarity sometimes.

pauamma_gundo.com: Maybe. Redundancy is good for clarity sometimes.
indirect branches.
IBRS can help mitigate Branch Target Injection
.Pq CVE-2017-5715
and Speculative Store Bypass
.Pq CVE-2018-3639 .
Possible values are 0 to enable IBRS, or 1 to disable IBRS.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Pq CVE-2018-3639 .
- Possible values are 0 to enable IBRS, or 1 to disable IBRS.
+ Possible values are 0 to enable IBRS or 1 to disable IBRS.
The default is 1 to disable IBRS.
pauamma_gundo.com:
The default is 1 to disable IBRS.
Supported on amd64.
.It Va machdep.mitigations.mds.disable
Integer, read-write, tunable.
Configure Microarchiteture Data Sampling
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Integer, read-write, tunable.
- Configure Microarchiteture Data Sampling
+ Configure Microarchitecture Data Sampling
.Pq MDS
pauamma_gundo.com:
.Pq MDS
mitigation.
Possible values are 0 for no mitigation, 1 to use Verify Segment for Writing
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
mitigation.
- Possible values are 0 for no mitigation, 1 to use Verify Segment for Writing
+ Possible values are 0 for no mitigation, 1 to use the Verify Segment for Writing
.Pq VERW
pauamma_gundo.com:
.Pq VERW
instruction for mitigation,
2 for software mitigation,
or 3 for autoconfiguration of MDS mitigation.
Supported on x86 and amd64.
.It Va machdep.mitigations.mds.state
String, read-only.
Microarchitecture Data Sampling
.Pq MDS
is a set of vulnerabilities in Intel x86 and amd64 processors that use
hyper-threading, potentially leading to data leaks across protection
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Hyphen or no hyphen?

pauamma_gundo.com: Hyphen or no hyphen?
boundaries.
.Fx
uses processor-specific strategies to mitigate these vulnerabilities.
This sysctl returns the current MDS mitigation state.
Supported on x86 and amd64.
.It Va machdep.mitigations.rngds.enable
Integer, read-write, tunable.
Enable or disable the RDSEED instruction for hardware-generated random numbers.
On some processors, a vulnerability known as special register buffer
data sampling
.Pq SRBDS
may potentially allow malicious code to infer the data values returned
from this instruction.
For more information on this vulnerability, see CVE-2020-0543.
Possible values are 0 to disable SRBDS mitigation and enable the
optimized version of RDSEED, or 1 to enable mitigation.
Supported on x86 and amd64.
.It Va machdep.mitigations.rngds.state
String, read-only.
Returns the current microcontroller RDSEED mitigation control.
Supported on x86 and amd64.
.It Va machdep.mitigations.ssb.active
Integer, read-only.
Whether Speculative Store Bypass Disable
.Pq SSBD
is active.
Possible values are 1 for SSBD is active, or 0 for SSBD is not active.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Either s/for /if /g or use "being" and "not being" instead of "is (not)".

pauamma_gundo.com: Either s/for /if /g or use "being" and "not being" instead of "is (not)".
SSBD is a mitigation for CVE-2018-3639.
Supported on amd64 for processors with SSBD feature.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
SSBD is a mitigation for CVE-2018-3639.
- Supported on amd64 for processors with SSBD feature.
+ Supported on amd64 for processors with the SSBD feature.
.It Va machdep.mitigations.ssb.disable
pauamma_gundo.com:
.It Va machdep.mitigations.ssb.disable
Integer, read-write, tunable.
Whether Speculative Store Bypass Disable
.Pq SSBD
is enabled.
Possible values are 0 for disable, 1 for enable,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
is enabled.
- Possible values are 0 for disable, 1 for enable,
+ Possible values are 0 to disable, 1 to enable,
or 2 for automatic configuration.

Or maybe "for (en|dis)abling" for consistency with "for" on ,next line.

pauamma_gundo.com: Or maybe "for (en|dis)abling" for consistency with "for" on ,next line.
or 2 for automatic configuration.
Supported on amd64 for processors with SSBD feature.
.It Va machdep.mitigations.taa.enable
Integer, read-write, tunable.
Transactional Asynchronous Abort
.Pq TAA
is a member of the Microarchitecture Data Sampling
.Pq MDS
family of vulnerabilities.
To learn more about this vulnerability, see CVE-2019-11135.
Possible values are 0 for no mitigation enabled,
1 for disable transactional synchronization extensions
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Possible values are 0 for no mitigation enabled,
- 1 for disable transactional synchronization extensions
+ 1 to disable transactional synchronization extensions
.Pq TSX

Or "for disabling"

pauamma_gundo.com: Or "for disabling"
.Pq TSX
using the TSX Model Specific Register,
2 for use Verify Segment for Writing
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

See above.

pauamma_gundo.com: See above.
.Pq VERW
instruction for mitigation,
or 3 to automatically select the mitigation.
Supported on x86 and amd64.
.It Va machdep.mitigations.taa.state
String, read-only.
The current TAA mitigation being used.
Supported in x86 and amd64.
.It Va machdep.moea_pte_overflow
Integer, read-only.
Returns the number of page table entry
.Pq PTE
overflow events in the operating environment architecture
.Pq OEA .
Supported on powerpc only.
.It Va machdep.moea_pte_replacements
Integer, read-only.
Returns the number of page table entry
.Pq PTE
replacement events in the operating environment architecture
.Pq OEA .
Supported on powerpc only.
.It Va machdep.moea_pte_spills
Integer, read-only.
Returns the number of page table entry
.Pq PTE
spill events in the operating environment architecture
.Pq OEA .
Supported on powerpc only.
.It Va machdep.moea_pte_valid
Integer, read-only.
Returns the number of page table entry
.Pq PTE
valid events in the operating environment architecture
.Pq OEA .
Supported on powerpc only.
.It Va machdep.moea_pvo_enter_calls
Integer, read-only.
Returns the number of page virtual object
.Pq PVO
enter calls.
Supported on powerpc only.
.It Va machdep.moea_pvo_entries
Integer, read-only.
Returns the current number of page virtual object
.Pq PVO
entries.
Supported on powerpc only.
.It Va machdep.moea_pvo_remove_calls
Integer, read-only.
Returns the number of page virtual object
.Pq PVO
remove calls.
Supported on powerpc only.
.It Va machdep.mwait_cpustop_broken
Boolean, read-only, tunable.
Indicate whether a processor can reliably wake from an optimized state
using the MONITOR/MWAIT instructions, or whether the processor must be
woken from sleep using interrupts.
Possible values are
.Dv true
if the CPU cannot wake without interrupts, or
.Dv false
if the CPU can wake without interrupts.
The default value is selected during CPU initialization, but can be
set as a tunable through
.Xr loader.conf 5 .
Supported on x86 and amd64.
.It Va machdep.nirq
Integer, readonly, tunable.
The number of interrupt request
.Pq IRQ
lines available.
.It Va machdep.nkpt
Integer, read-only.
The number of kernel page tables allocated during system start.
Supported on amd64 and powerpc.
.It Va machdep.nmi_flush_l1d_sw
Integer, read-write, tunable.
Enable or disable flushing the level 1 memory cache when returning
from a non-maskable interrupt
.Pq NMI .
This is a mitigation for the level 1 terminal fault vulnerability
described in CVE-2018-3620 and CVE-2018-3646.
Possible values are 0 for only enable flush on return from NMI if
required by vmm.ko or > 1 for always flush on return from NMI.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
described in CVE-2018-3620 and CVE-2018-3646.
- Possible values are 0 for only enable flush on return from NMI if
- required by vmm.ko or > 1 for always flush on return from NMI.
+ Possible values are 0 to only enable flush on return from NMI if
+ required by vmm.ko or > 1 to always flush on return from NMI.
The default is 0, only enable flush on return from NMI if required.
pauamma_gundo.com:
The default is 0, only enable flush on return from NMI if required.
Supported on amd64.
.It Va machdep.nmi_is_broadcast
Integer, read-write, tunable.
Configure whether the chipset non-maskable interrupt
.Pq NMI
is broadcast to all processors or to a single processor.
This variable only has an effect if the system has more than one
processing core.
Possible values are 0 to disable broadcast mode,
or 1 to enable broadcast mode.
The default is 1 to enable broadcast mode.
Supported on x86 and amd64.
.It Va machdep.num_msi_irq
Unsigned integer, read-only, tunable.
The number of interrupt requests
.Pq IRQs
reserved for message-signaled interrupts
.Pq MSI
and extended message-signaled interrupts
.Pq MSI-X .
Supported on x86 and amd64.
.It Va machdep.panic_on_nmi
Integer, read-write, tunable.
Configure when to panic on a non-maskable interrupt
.Pq NMI .
Possible values are 1 for panic on hardware failure,
2 for panic on unknown non-maskable interrupts,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Pq NMI .
- Possible values are 1 for panic on hardware failure,
- 2 for panic on unknown non-maskable interrupts,
+ Possible values are 1 to panic on hardware failure,
+ 2 to panic on unknown non-maskable interrupts,
or 255 to panic on all non-maskable interrupts.
pauamma_gundo.com:
or 255 to panic on all non-maskable interrupts.
The default is 255 to panic on all non-maskable interrupts.
Supported on x86 and amd64.
.It Va machdep.piix_freq
Integer, read-write.
The frequency, in hertz, of the PCI IDE ISA Xcelerator
.Pq PIIX .
Supported on x86 only.
.It Va machdep.prot_fault_translation
Integer, read-write, tunable.
The control signal to deliver on a kernel protection fault.
Possible values are 0 for autodetect,
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
The control signal to deliver on a kernel protection fault.
- Possible values are 0 for autodetect,
+ Possible values are 0 to autodetect,
1 for compatibility mode, or

Or "for autodetection".

pauamma_gundo.com: Or "for autodetection".
1 for compatibility mode, or
2 for
.Dv SIGSEGV .
.It Va machdep.rtc_save_period
Integer, read-write, tunable.
Get or set the number of seconds between saving the system
time to the realtime clock
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Integer, read-write, tunable.
- Get or set the number of seconds between saving the system
+ The number of seconds between saving the system
time to the realtime clock
.Pq RTC .

"between saving the system time to the realtime clock" and what? If it's the minimum time between successive saves, it should be made clearer.

pauamma_gundo.com: "between saving the system time to the realtime clock" and what? If it's the minimum time…
.Pq RTC .
.It Va machdep.smap
Opaque, read-only.
Some CPU implementations support supervisor access mode prevention
.Pq SMAP .
This is a feature that allows optional user-space memory mappings
so that access to those mappings from supervisor mode will cause
a trap.
This makes it harder to trick the kernel into using instructions
or data from user space programs.
This sysctl displays the raw BIOS SMAP data.
Supported on x86 and amd64 for processors with this feature.
.It Va machdep.spectre_v2_safe
Integer, read-only.
Returns whether the system is safe from Spectre Version 2 attacks.
Supported on arm and arm64 only.
.It Va machdep.stop_mwait
Boolean, read-write, tunable.
Use the MONITOR/MWAIT instructions to stop the CPU,
if the processor supports it.
Possible values are
.Dv false
for do not use MONITOR/MWAIT, and
.Dv true
for use MONITOR/MWAIT instructions to stop the CPU.
The default is
.Dv false ,
do not use MONITOR/MWAIT.
Supported on x86 and amd64.
.It Va machdep.syscall_ret_flush_l1d
Integer, read-write, tunable.
Configure flushing the level 1 data cache when a system call
returns with an error.
Possible values are 0 for disable, 1 for enable,
2 for use hardware only, or 3 for use software only.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
returns with an error.
- Possible values are 0 for disable, 1 for enable,
- 2 for use hardware only, or 3 for use software only.
+ Possible values are 0 to disable, 1 to enable,
+ 2 to use hardware only, or 3 to use software only.
Supported on amd64 only.
pauamma_gundo.com:
Supported on amd64 only.
.It Va machdep.tsc_freq
Unsigned 64-bit integer, read-write.
The time stamp counter
.Pq TSC
frequency, in hertz.
Supported on x86 and amd64.
.It Va machdep.uprintf_signal
Integer, read-write, tunable.
When trapping a signal, enable or disable printing debugging
information to the controlling tty.
Possible values are 0 for disable printing or 1 to enable printing.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
information to the controlling tty.
- Possible values are 0 for disable printing or 1 to enable printing.
+ Possible values are 0 to disable printing or 1 to enable printing.
The default is 0, disable printing.
pauamma_gundo.com:
The default is 0, disable printing.
Supported on amd64.
.It Va machdep.vga_aspect_scale
Integer, read-write.
Get or set the video graphics array
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
Integer, read-write.
- Get or set the video graphics array
+ The video graphics array
.Pq VGA
pauamma_gundo.com:
.Pq VGA
aspect scale ratio.
The value scales the video output by a factor, determined by
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
aspect scale ratio.
- The value scales the video output by a factor, determined by
+ The value scales the video output by
this value divided by 100.
pauamma_gundo.com:
this value divided by 100.
A value of 100 would mean a scale ratio of 1.
Supported on systems that implement
.Xr syscons 4 .
.It Va machdep.wall_cmos_clock
Integer.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions

Is this read-write or read-only?

pauamma_gundo.com: Is this read-write or read-only?
Enable application of
.Va machdep.adjkerntz .
Possible values are 0 for disable or non-zero for enable.
pauamma_gundo.comUnsubmitted
Not Done
Inline Actions
.Va machdep.adjkerntz .
- Possible values are 0 for disable or non-zero for enable.
+ Possible values are 0 to disable or non-zero to enable.
.El
.Sh SEE ALSO
pauamma_gundo.com:
.El
.Sh SEE ALSO
.Xr sysctl 3 ,
.Xr cpufreq 4 ,
.Xr efidev 4 ,
.Xr sysctl 8 ,
.Xr copyout 9
.Sh HISTORY
The sysctl variables mentioned here have been added over the history of
.Fx .
.Sh AUTHORS
The
.Nm
manual was written by
.An Felix Johnson .