Barebone kernel options request
Michael Sierchio
kudzu at tenebras.com
Mon Mar 11 05:32:11 UTC 2019
My preference for doing this is as follows:
Boot from GENERIC w/kernel modules present
Record /var/run/dmesg.boot
Add all the devices you wish to support (as probed above) in the kernconf.
Make sure you include the disk and network drivers for your hardware.
Things tend not to work without them.
The custom kernconf goes in /usr/src/sys/{arch}/conf, in my case
/usr/src/sys/amd64/conf
then
# cd /usr/src
# make kernel
# shutdown -r now
Just as an example... this is for my pcengines boxen... my /etc/make.conf
has
KERNCONF=MAMELON_NO_IPV6
NO_MODULES=TRUE
WITHOUT_KERNEL_SYMBOLS=yes
And my kernconf has
cpu HAMMER
ident MAMELON
# /etc/make.conf should have:
# KERNCONF=MAMELON
# NO_MODULES=TRUE
options SCHED_ULE # ULE scheduler
options PREEMPTION # Enable kernel thread preemption
options INET # InterNETworking
################################################################################
# no ipv6 here
#options INET6 # IPv6 communications protocols
################################################################################
options IPSEC # IP (v4/v6) security
options TCP_OFFLOAD # TCP offload
options SCTP # Stream Control Transmission
Protocol
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_DIRHASH # Improve performance on big
directories
options QUOTA # Enable disk quotas for UFS
options MD_ROOT # MD is a potential root device
options PROCFS # Process filesystem (requires
PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options TMPFS
options GEOM_PART_GPT # GUID Partition Tables.
options GEOM_ELI
options GEOM_LABEL # Provides labelization
options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options STACK # stack(9) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time
extensions
options PRINTF_BUFR_SIZE=128 # Prevent printf output being
interspersed.
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options HWPMC_HOOKS # Necessary kernel hooks for
hwpmc(4)
options CAPABILITY_MODE # Capsicum capability mode
options CAPABILITIES # Capsicum capabilities
options INCLUDE_CONFIG_FILE # Include this file in kernel
options RCTL # Resource limits
options RACCT
options COMPAT_LINUX32
options COMPAT_FREEBSD32
# Make an SMP-capable kernel by default
options SMP # Symmetric MultiProcessor Kernel
options DEVICE_NUMA # I/O Device Affinity
options EARLY_AP_STARTUP
device ahci # AHCI-compatible SATA controllers
device uart # Generic UART driver
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_NAT
options LIBALIAS
options DUMMYNET
options ROUTETABLES=16
device cpufreq
device coretemp
device amdtemp
# Bus support.
device acpi
options ACPI_DMAR
device pci
device scbus # SCSI bus (required for ATA/SCSI)
device da # Direct Access (disks)
device pass # Passthrough device (direct
ATA/SCSI access)
device ses # Enclosure Services (SES and
SAF-TE)
device ctl # CAM Target Layer
# crypto support
device crypto
device cryptodev
device igb
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device kbdmux # keyboard multiplexer
# vt is the new video console driver
device vt
device vt_vga
device vt_efifb
# MMC/SD
device mmc # MMC/SD bus
device mmcsd # MMC/SD memory card
device sdhci # Generic PCI SD Host Controller
# USB support
options USB_DEBUG # enable debug msgs
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device ehci # EHCI PCI->USB interface (USB 2.0)
device xhci # XHCI PCI->USB interface (USB 3.0)
device usb # USB Bus (required)
device ukbd # Keyboard
device umass # Disks/Mass storage - Requires
scbus and da
device uhid
# Pseudo devices.
device loop # Network loopback
device random # Entropy device
device padlock_rng # VIA Padlock RNG
device rdrand_rng # Intel Bull Mountain RNG
device ether # Ethernet support
device vlan # 802.1Q VLAN support
device tun # Packet tunnel.
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device firmware # firmware assist module
device bpf # Berkeley packet filter
On Sun, Mar 10, 2019 at 10:06 PM Kevin P. Neal <kpn at neutralgood.org> wrote:
> On Sun, Mar 10, 2019 at 02:09:37PM +0100, samir.otmane at numericable.fr
> wrote:
> > Hello everyone,
> >
> > For my purpose, i would like to get a very barebone FreeBSD kernel ( For
> instance i don't want jaling, i'll want to get rid of unwanted overhead ),
> but i don't know how to do so.
> >
> > IRC chatters told me that it would be very challenging to do so.
> >
> > I found that page ( https://www.freebsd.org/cgi/man.cgi?query=src.conf
> ) but it only disables user-land program building, not kernel-land code.
>
> Three emails to the same list is two email too many. Just one email would
> be sufficient, and if you get no response another single email a reasonable
> period of time later. I don't know if this community has a definition of
> "reasonable period of time", though. The LLVM community's is roughly "a
> week or so".
>
> Anyway. On to business:
>
> What you want is to build a custom kernel. The GENERIC kernel config file
> is, for the 64-bit amd64 host, located at:
> /usr/src/sys/amd64/conf/GENERIC
>
> You didn't say what host, but the other hosts are at guessable locations
> based on that path, and the filename to look for is "GENERIC".
>
> You'll need to copy that file and edit out the stuff you don't want. This
> will probably take some research and trial and error.
>
> Note that this may not be granular enough. I don't know if you can remove
> jailing, for example. But I don't know that jailing actually increases the
> overhead in a measureable way if you aren't using it. So it may not be
> worth your time to bother with it. This goes double if it requires special
> patches to the kernel that you have to maintain forever and incur the
> cost forever. You'll need to do the cost/benefit analysis yourself.
>
> I don't know the current correct method of building custom kernels. It's
> no doubt docuemented, and maybe someone will chime in here.
>
> --
> "A method for inducing cats to exercise consists of directing a beam of
> invisible light produced by a hand-held laser apparatus onto the floor ...
> in the vicinity of the cat, then moving the laser ... in an irregular way
> fascinating to cats,..." -- US patent 5443036, "Method of exercising a cat"
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe at freebsd.org"
>
--
"Well," Brahma said, "even after ten thousand explanations, a fool is no
wiser, but an intelligent person requires only two thousand five hundred."
- The Mahābhārata
More information about the freebsd-questions
mailing list