xref: /linux/net/sunrpc/Kconfig (revision 070a542f08acb7e8cf197287f5c44658c715d2d1) 
1# SPDX-License-Identifier: GPL-2.0-only
2config SUNRPC
3	tristate
4	depends on MULTIUSER
5
6config SUNRPC_GSS
7	tristate
8	select OID_REGISTRY
9	depends on MULTIUSER
10
11config SUNRPC_BACKCHANNEL
12	bool
13	depends on SUNRPC
14
15config SUNRPC_SWAP
16	bool
17	depends on SUNRPC
18
19config RPCSEC_GSS_KRB5
20	tristate "Secure RPC: Kerberos V mechanism"
21	depends on SUNRPC && CRYPTO
22	default y
23	select SUNRPC_GSS
24	select CRYPTO_SKCIPHER
25	select CRYPTO_HASH
26	help
27	  Choose Y here to enable Secure RPC using the Kerberos version 5
28	  GSS-API mechanism (RFC 1964).
29
30	  Secure RPC calls with Kerberos require an auxiliary user-space
31	  daemon which may be found in the Linux nfs-utils package
32	  available from http://linux-nfs.org/.  In addition, user-space
33	  Kerberos support should be installed.
34
35	  If unsure, say Y.
36
37config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1
38	bool "Enable Kerberos enctypes based on AES and SHA-1"
39	depends on RPCSEC_GSS_KRB5
40	depends on CRYPTO_CBC && CRYPTO_CTS
41	depends on CRYPTO_HMAC && CRYPTO_SHA1
42	depends on CRYPTO_AES
43	default y
44	help
45	  Choose Y to enable the use of Kerberos 5 encryption types
46	  that utilize Advanced Encryption Standard (AES) ciphers and
47	  SHA-1 digests. These include aes128-cts-hmac-sha1-96 and
48	  aes256-cts-hmac-sha1-96.
49
50config RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA
51	bool "Enable Kerberos encryption types based on Camellia and CMAC"
52	depends on RPCSEC_GSS_KRB5
53	depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA
54	depends on CRYPTO_CMAC
55	default n
56	help
57	  Choose Y to enable the use of Kerberos 5 encryption types
58	  that utilize Camellia ciphers (RFC 3713) and CMAC digests
59	  (NIST Special Publication 800-38B). These include
60	  camellia128-cts-cmac and camellia256-cts-cmac.
61
62config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2
63	bool "Enable Kerberos enctypes based on AES and SHA-2"
64	depends on RPCSEC_GSS_KRB5
65	depends on CRYPTO_CBC && CRYPTO_CTS
66	depends on CRYPTO_HMAC && CRYPTO_SHA256 && CRYPTO_SHA512
67	depends on CRYPTO_AES
68	default n
69	help
70	  Choose Y to enable the use of Kerberos 5 encryption types
71	  that utilize Advanced Encryption Standard (AES) ciphers and
72	  SHA-2 digests. These include aes128-cts-hmac-sha256-128 and
73	  aes256-cts-hmac-sha384-192.
74
75config RPCSEC_GSS_KRB5_KUNIT_TEST
76	tristate "KUnit tests for RPCSEC GSS Kerberos" if !KUNIT_ALL_TESTS
77	depends on RPCSEC_GSS_KRB5 && KUNIT
78	default KUNIT_ALL_TESTS
79	help
80	  This builds the KUnit tests for RPCSEC GSS Kerberos 5.
81
82	  KUnit tests run during boot and output the results to the debug
83	  log in TAP format (https://testanything.org/). Only useful for
84	  kernel devs running KUnit test harness and are not for inclusion
85	  into a production build.
86
87	  For more information on KUnit and unit tests in general, refer
88	  to the KUnit documentation in Documentation/dev-tools/kunit/.
89
90config SUNRPC_DEBUG
91	bool "RPC: Enable dprintk debugging"
92	depends on SUNRPC && SYSCTL
93	select DEBUG_FS
94	help
95	  This option enables a sysctl-based debugging interface
96	  that is be used by the 'rpcdebug' utility to turn on or off
97	  logging of different aspects of the kernel RPC activity.
98
99	  Disabling this option will make your kernel slightly smaller,
100	  but makes troubleshooting NFS issues significantly harder.
101
102	  If unsure, say Y.
103
104config SUNRPC_DEBUG_TRACE
105	bool "RPC: Send dfprintk() output to the trace buffer"
106	depends on SUNRPC_DEBUG && TRACING
107	default n
108	help
109          dprintk() output can be voluminous, which can overwhelm the
110          kernel's logging facility as it must be sent to the console.
111          This option causes dprintk() output to go to the trace buffer
112          instead of the kernel log.
113
114          This will cause warnings about trace_printk() being used to be
115          logged at boot time, so say N unless you are debugging a problem
116          with sunrpc-based clients or services.
117
118config SUNRPC_XPRT_RDMA
119	tristate "RPC-over-RDMA transport"
120	depends on SUNRPC && INFINIBAND && INFINIBAND_ADDR_TRANS
121	default SUNRPC && INFINIBAND
122	select SG_POOL
123	help
124	  This option allows the NFS client and server to use RDMA
125	  transports (InfiniBand, iWARP, or RoCE).
126
127	  To compile this support as a module, choose M. The module
128	  will be called rpcrdma.ko.
129
130	  If unsure, or you know there is no RDMA capability on your
131	  hardware platform, say N.
132