Solved AMD64 Virtualbox Guest Kernel Config?

Up until now all of my kernel configs have had an include GENERIC line at the top. It occurred to me that someone might have a kernel configuration that cuts out everything irrelevant for a Virtualbox guest. Is such a thing floating around? If not, would I be better off inheriting from MINIMAL?
 
This is what I use:
Code:
cpu             HAMMER
ident           VBOX

options         SCHED_ULE               # ULE scheduler
options         PREEMPTION              # Enable kernel thread preemption
options         INET                    # InterNETworking
options         INET6                   # IPv6 communications protocols
options         IPSEC                   # IP (v4/v6) security
options         TCP_OFFLOAD             # TCP offload
options         SCTP                    # Stream Control Transmission Protocol
options         FFS                     # Berkeley Fast Filesystem
options         SOFTUPDATES             # Enable FFS soft updates support
options         UFS_ACL                 # Support for access control lists
options         UFS_DIRHASH             # Improve performance on big directories
options         UFS_GJOURNAL            # Enable gjournal-based UFS journaling
options         QUOTA                   # Enable disk quotas for UFS
options         NFSCL                   # Network Filesystem Client
options         NFSD                    # Network Filesystem Server
options         NFSLOCKD                # Network Lock Manager
options         NFS_ROOT                # NFS usable as /, requires NFSCL
options         CD9660                  # ISO 9660 Filesystem
options         PROCFS                  # Process filesystem (requires PSEUDOFS)
options         PSEUDOFS                # Pseudo-filesystem framework
options         GEOM_PART_GPT           # GUID Partition Tables.
options         GEOM_LABEL              # Provides labelization
options         COMPAT_FREEBSD32        # Compatible with i386 binaries
options         SYSVSHM                 # SYSV-style shared memory
options         SYSVMSG                 # SYSV-style message queues
options         SYSVSEM                 # SYSV-style semaphores
options         _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options         PRINTF_BUFR_SIZE=128    # Prevent printf output being interspersed.
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev
options         HWPMC_HOOKS             # Necessary kernel hooks for hwpmc(4)
options         AUDIT                   # Security event auditing
options         CAPABILITY_MODE         # Capsicum capability mode
options         CAPABILITIES            # Capsicum capabilities
options         MAC                     # TrustedBSD MAC Framework
options         INCLUDE_CONFIG_FILE     # Include this file in kernel
options         RACCT                   # Resource accounting framework
options         RACCT_DEFAULT_TO_DISABLED # Set kern.racct.enable=0 by default
options         RCTL                    # Resource limits

# Make an SMP-capable kernel by default
options         SMP                     # Symmetric MultiProcessor Kernel

# CPU frequency control
device          cpufreq

# Bus support.
device          acpi
options         ACPI_DMAR
device          pci
options         PCI_IOV                 # PCI SR-IOV support

# ATA controllers
device          ahci                    # AHCI-compatible SATA controllers
device          ata                     # Legacy ATA/SATA controllers
options         ATA_STATIC_ID           # Static device numbering

# ATA/SCSI peripherals
device          scbus                   # SCSI bus (required for ATA/SCSI)
device          da                      # Direct Access (disks)
device          cd                      # CD
device          pass                    # Passthrough device (direct ATA/SCSI access)
device          ses                     # Enclosure Services (SES and SAF-TE)
#device         ctl                     # CAM Target Layer

# atkbdc0 controls both the keyboard and the PS/2 mouse
device          atkbdc                  # AT keyboard controller
device          atkbd                   # AT keyboard
device          psm                     # PS/2 mouse

device          kbdmux                  # keyboard multiplexer

device          vga                     # VGA video card driver
options         VESA                    # Add support for VESA BIOS Extensions (VBE)

device          splash                  # Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device          sc
options         SC_PIXEL_MODE           # add support for the raster text mode
# vt is the new video console driver
device          vt
device          vt_vga
device          vt_efifb

device          agp                     # support several AGP chipsets

# PCI Ethernet NICs.
device          em                      # Intel PRO/1000 Gigabit Ethernet Family

# Pseudo devices.
device          loop                    # Network loopback
device          random                  # Entropy device
device          rdrand_rng              # Intel Bull Mountain RNG
device          ether                   # Ethernet support
device          vlan                    # 802.1Q VLAN support

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device          bpf                     # Berkeley packet filter

# USB support
device          uhci                    # UHCI PCI->USB interface
device          ohci                    # OHCI PCI->USB interface
device          ehci                    # EHCI PCI->USB interface (USB 2.0)
device          xhci                    # XHCI PCI->USB interface (USB 3.0)
device          usb                     # USB Bus (required)
device          ukbd                    # Keyboard
device          umass                   # Disks/Mass storage - Requires scbus and da
# VirtIO support
device          virtio                  # Generic VirtIO bus (required)
device          virtio_pci              # VirtIO PCI device
device          vtnet                   # VirtIO Ethernet device
device          virtio_blk              # VirtIO Block device
device          virtio_scsi             # VirtIO SCSI device
device          virtio_balloon          # VirtIO Memory Balloon device

# Netmap provides direct access to TX/RX rings on supported NICs
device          netmap                  # netmap(4) support

# The crypto framework is required by IPSEC
device          crypto                  # Required by IPSEC
Note that I use the paravirtualized adapters (vtnet(4)). But it also has em(4), which is the default network adapter when you create a new VM. You could probably remove sc(4) or vt(4), depending on your use. I left both in so I could switch.
 
Does something like this look correct for a Virtualbox kernel config template that inherits from yours? Do all of the virtio(4) drivers necessarily always want to be compiled in, or are there cases where leaving some them out makes sense?
Code:
include VIRTUALBOX
ident MY_KERNEL

# Disable Optional Virtualbox Devices
#nodevice        sc                      # disable syscons
#nooptions       SC_PIXEL_MODE           # disable with syscons (raster text mode support)
#nodevice        vt                      # disable vt
#nodevice        vt_vga                  # disable with vt
#nodevice        vt_efifb                # disable with vt
#nodevice        em                      # disable VM default network driver
#nodevice        vtnet                   # disable paravirtualized network driver
 
Those are all commented out, but why disable all the devices that could actually be used by a VM? Better to leave those enabled and disable all the RAID controllers and other hardware that will never be available in a VM.
 
Those are all commented out, but why disable all the devices that could actually be used by a VM?
The settings listed are assumed to be useful by default so they are commented out. Anything that is not actually needed for a specific use can be disabled. If there is anything that should realistically never be disabled on a VM I want to remove the line from the template.

Better to leave those enabled and disable all the RAID controllers and other hardware that will never be available in a VM.
This template includes the kernel config SirDice kindly provided. If his configuration can be stripped down further, I would love to hear where.

Aside from overriding the identity, the template does nothing but provide a blank slate to add (or subtract) options. If a physical machine has the same use case the VM, the same config file can be used by changing the first line to include GENERIC instead of include VIRTUALBOX.

This is sort of like an object oriented inheritance approach to kernel configuration.
 
Back
Top