xref: /linux/net/sunrpc/Kconfig (revision 81538c8e42806eed71ce125723877a7c2307370c)
1# SPDX-License-Identifier: GPL-2.0-only
2config SUNRPC
3	tristate
4	depends on MULTIUSER
5
6config SUNRPC_GSS
7	tristate
8	select OID_REGISTRY
9	depends on MULTIUSER
10
11config SUNRPC_BACKCHANNEL
12	bool
13	depends on SUNRPC
14
15config SUNRPC_SWAP
16	bool
17	depends on SUNRPC
18
19config RPCSEC_GSS_KRB5
20	tristate "Secure RPC: Kerberos V mechanism"
21	depends on SUNRPC
22	default y
23	select SUNRPC_GSS
24	select CRYPTO
25	select CRYPTO_SKCIPHER
26	select CRYPTO_HASH
27	help
28	  Choose Y here to enable Secure RPC using the Kerberos version 5
29	  GSS-API mechanism (RFC 1964).
30
31	  Secure RPC calls with Kerberos require an auxiliary user-space
32	  daemon which may be found in the Linux nfs-utils package
33	  available from http://linux-nfs.org/.  In addition, user-space
34	  Kerberos support should be installed.
35
36	  If unsure, say Y.
37
38config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1
39	bool "Enable Kerberos enctypes based on AES and SHA-1"
40	depends on RPCSEC_GSS_KRB5
41	depends on CRYPTO_CBC && CRYPTO_CTS
42	depends on CRYPTO_HMAC && CRYPTO_SHA1
43	depends on CRYPTO_AES
44	default y
45	help
46	  Choose Y to enable the use of Kerberos 5 encryption types
47	  that utilize Advanced Encryption Standard (AES) ciphers and
48	  SHA-1 digests. These include aes128-cts-hmac-sha1-96 and
49	  aes256-cts-hmac-sha1-96.
50
51config RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA
52	bool "Enable Kerberos encryption types based on Camellia and CMAC"
53	depends on RPCSEC_GSS_KRB5
54	depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA
55	depends on CRYPTO_CMAC
56	default n
57	help
58	  Choose Y to enable the use of Kerberos 5 encryption types
59	  that utilize Camellia ciphers (RFC 3713) and CMAC digests
60	  (NIST Special Publication 800-38B). These include
61	  camellia128-cts-cmac and camellia256-cts-cmac.
62
63config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2
64	bool "Enable Kerberos enctypes based on AES and SHA-2"
65	depends on RPCSEC_GSS_KRB5
66	depends on CRYPTO_CBC && CRYPTO_CTS
67	depends on CRYPTO_HMAC && CRYPTO_SHA256 && CRYPTO_SHA512
68	depends on CRYPTO_AES
69	default n
70	help
71	  Choose Y to enable the use of Kerberos 5 encryption types
72	  that utilize Advanced Encryption Standard (AES) ciphers and
73	  SHA-2 digests. These include aes128-cts-hmac-sha256-128 and
74	  aes256-cts-hmac-sha384-192.
75
76config RPCSEC_GSS_KRB5_KUNIT_TEST
77	tristate "KUnit tests for RPCSEC GSS Kerberos" if !KUNIT_ALL_TESTS
78	depends on RPCSEC_GSS_KRB5 && KUNIT
79	default KUNIT_ALL_TESTS
80	help
81	  This builds the KUnit tests for RPCSEC GSS Kerberos 5.
82
83	  KUnit tests run during boot and output the results to the debug
84	  log in TAP format (https://testanything.org/). Only useful for
85	  kernel devs running KUnit test harness and are not for inclusion
86	  into a production build.
87
88	  For more information on KUnit and unit tests in general, refer
89	  to the KUnit documentation in Documentation/dev-tools/kunit/.
90
91config SUNRPC_DEBUG
92	bool "RPC: Enable dprintk debugging"
93	depends on SUNRPC && SYSCTL
94	select DEBUG_FS
95	help
96	  This option enables a sysctl-based debugging interface
97	  that is be used by the 'rpcdebug' utility to turn on or off
98	  logging of different aspects of the kernel RPC activity.
99
100	  Disabling this option will make your kernel slightly smaller,
101	  but makes troubleshooting NFS issues significantly harder.
102
103	  If unsure, say Y.
104
105config SUNRPC_DEBUG_TRACE
106	bool "RPC: Send dfprintk() output to the trace buffer"
107	depends on SUNRPC_DEBUG && TRACING
108	default n
109	help
110          dprintk() output can be voluminous, which can overwhelm the
111          kernel's logging facility as it must be sent to the console.
112          This option causes dprintk() output to go to the trace buffer
113          instead of the kernel log.
114
115          This will cause warnings about trace_printk() being used to be
116          logged at boot time, so say N unless you are debugging a problem
117          with sunrpc-based clients or services.
118
119config SUNRPC_XPRT_RDMA
120	tristate "RPC-over-RDMA transport"
121	depends on SUNRPC && INFINIBAND && INFINIBAND_ADDR_TRANS
122	default SUNRPC && INFINIBAND
123	select SG_POOL
124	help
125	  This option allows the NFS client and server to use RDMA
126	  transports (InfiniBand, iWARP, or RoCE).
127
128	  To compile this support as a module, choose M. The module
129	  will be called rpcrdma.ko.
130
131	  If unsure, or you know there is no RDMA capability on your
132	  hardware platform, say N.
133