1# SPDX-License-Identifier: GPL-2.0-only 2config SUNRPC 3 tristate 4 depends on MULTIUSER 5 6config SUNRPC_GSS 7 tristate 8 select OID_REGISTRY 9 depends on MULTIUSER 10 11config SUNRPC_BACKCHANNEL 12 bool 13 depends on SUNRPC 14 15config SUNRPC_SWAP 16 bool 17 depends on SUNRPC 18 19config RPCSEC_GSS_KRB5 20 tristate "Secure RPC: Kerberos V mechanism" 21 depends on SUNRPC 22 default y 23 select SUNRPC_GSS 24 select CRYPTO 25 select CRYPTO_SKCIPHER 26 select CRYPTO_HASH 27 help 28 Choose Y here to enable Secure RPC using the Kerberos version 5 29 GSS-API mechanism (RFC 1964). 30 31 Secure RPC calls with Kerberos require an auxiliary user-space 32 daemon which may be found in the Linux nfs-utils package 33 available from http://linux-nfs.org/. In addition, user-space 34 Kerberos support should be installed. 35 36 If unsure, say Y. 37 38config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1 39 bool "Enable Kerberos enctypes based on AES and SHA-1" 40 depends on RPCSEC_GSS_KRB5 41 depends on CRYPTO_CBC && CRYPTO_CTS 42 depends on CRYPTO_HMAC && CRYPTO_SHA1 43 depends on CRYPTO_AES 44 default y 45 help 46 Choose Y to enable the use of Kerberos 5 encryption types 47 that utilize Advanced Encryption Standard (AES) ciphers and 48 SHA-1 digests. These include aes128-cts-hmac-sha1-96 and 49 aes256-cts-hmac-sha1-96. 50 51config RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA 52 bool "Enable Kerberos encryption types based on Camellia and CMAC" 53 depends on RPCSEC_GSS_KRB5 54 depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA 55 depends on CRYPTO_CMAC 56 default n 57 help 58 Choose Y to enable the use of Kerberos 5 encryption types 59 that utilize Camellia ciphers (RFC 3713) and CMAC digests 60 (NIST Special Publication 800-38B). These include 61 camellia128-cts-cmac and camellia256-cts-cmac. 62 63config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2 64 bool "Enable Kerberos enctypes based on AES and SHA-2" 65 depends on RPCSEC_GSS_KRB5 66 depends on CRYPTO_CBC && CRYPTO_CTS 67 depends on CRYPTO_HMAC && CRYPTO_SHA256 && CRYPTO_SHA512 68 depends on CRYPTO_AES 69 default n 70 help 71 Choose Y to enable the use of Kerberos 5 encryption types 72 that utilize Advanced Encryption Standard (AES) ciphers and 73 SHA-2 digests. These include aes128-cts-hmac-sha256-128 and 74 aes256-cts-hmac-sha384-192. 75 76config RPCSEC_GSS_KRB5_KUNIT_TEST 77 tristate "KUnit tests for RPCSEC GSS Kerberos" if !KUNIT_ALL_TESTS 78 depends on RPCSEC_GSS_KRB5 && KUNIT 79 default KUNIT_ALL_TESTS 80 help 81 This builds the KUnit tests for RPCSEC GSS Kerberos 5. 82 83 KUnit tests run during boot and output the results to the debug 84 log in TAP format (https://testanything.org/). Only useful for 85 kernel devs running KUnit test harness and are not for inclusion 86 into a production build. 87 88 For more information on KUnit and unit tests in general, refer 89 to the KUnit documentation in Documentation/dev-tools/kunit/. 90 91config SUNRPC_DEBUG 92 bool "RPC: Enable dprintk debugging" 93 depends on SUNRPC && SYSCTL 94 select DEBUG_FS 95 help 96 This option enables a sysctl-based debugging interface 97 that is be used by the 'rpcdebug' utility to turn on or off 98 logging of different aspects of the kernel RPC activity. 99 100 Disabling this option will make your kernel slightly smaller, 101 but makes troubleshooting NFS issues significantly harder. 102 103 If unsure, say Y. 104 105config SUNRPC_DEBUG_TRACE 106 bool "RPC: Send dfprintk() output to the trace buffer" 107 depends on SUNRPC_DEBUG && TRACING 108 default n 109 help 110 dprintk() output can be voluminous, which can overwhelm the 111 kernel's logging facility as it must be sent to the console. 112 This option causes dprintk() output to go to the trace buffer 113 instead of the kernel log. 114 115 This will cause warnings about trace_printk() being used to be 116 logged at boot time, so say N unless you are debugging a problem 117 with sunrpc-based clients or services. 118 119config SUNRPC_XPRT_RDMA 120 tristate "RPC-over-RDMA transport" 121 depends on SUNRPC && INFINIBAND && INFINIBAND_ADDR_TRANS 122 default SUNRPC && INFINIBAND 123 select SG_POOL 124 help 125 This option allows the NFS client and server to use RDMA 126 transports (InfiniBand, iWARP, or RoCE). 127 128 To compile this support as a module, choose M. The module 129 will be called rpcrdma.ko. 130 131 If unsure, or you know there is no RDMA capability on your 132 hardware platform, say N. 133