xref: /linux/net/sunrpc/Kconfig (revision 81538c8e42806eed71ce125723877a7c2307370c) 
1ec8f24b7SThomas Gleixner# SPDX-License-Identifier: GPL-2.0-only
29098c24fSAlexey Dobriyanconfig SUNRPC
39098c24fSAlexey Dobriyan	tristate
42813893fSIulia Manda	depends on MULTIUSER
59098c24fSAlexey Dobriyan
69098c24fSAlexey Dobriyanconfig SUNRPC_GSS
79098c24fSAlexey Dobriyan	tristate
8f783288fSChuck Lever	select OID_REGISTRY
92813893fSIulia Manda	depends on MULTIUSER
109098c24fSAlexey Dobriyan
119e00abc3STrond Myklebustconfig SUNRPC_BACKCHANNEL
129e00abc3STrond Myklebust	bool
139e00abc3STrond Myklebust	depends on SUNRPC
149e00abc3STrond Myklebust
15a564b8f0SMel Gormanconfig SUNRPC_SWAP
16a564b8f0SMel Gorman	bool
17a564b8f0SMel Gorman	depends on SUNRPC
18a564b8f0SMel Gorman
199098c24fSAlexey Dobriyanconfig RPCSEC_GSS_KRB5
20e3b2854fSTrond Myklebust	tristate "Secure RPC: Kerberos V mechanism"
21*d8e97cc4SEric Biggers	depends on SUNRPC
22df486a25STrond Myklebust	default y
239098c24fSAlexey Dobriyan	select SUNRPC_GSS
24*d8e97cc4SEric Biggers	select CRYPTO
25dfe9a123SChuck Lever	select CRYPTO_SKCIPHER
26dfe9a123SChuck Lever	select CRYPTO_HASH
279098c24fSAlexey Dobriyan	help
289098c24fSAlexey Dobriyan	  Choose Y here to enable Secure RPC using the Kerberos version 5
299098c24fSAlexey Dobriyan	  GSS-API mechanism (RFC 1964).
309098c24fSAlexey Dobriyan
319098c24fSAlexey Dobriyan	  Secure RPC calls with Kerberos require an auxiliary user-space
329098c24fSAlexey Dobriyan	  daemon which may be found in the Linux nfs-utils package
339098c24fSAlexey Dobriyan	  available from http://linux-nfs.org/.  In addition, user-space
349098c24fSAlexey Dobriyan	  Kerberos support should be installed.
359098c24fSAlexey Dobriyan
36df486a25STrond Myklebust	  If unsure, say Y.
37e27d359eSTrond Myklebust
38dfe9a123SChuck Leverconfig RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1
39dfe9a123SChuck Lever	bool "Enable Kerberos enctypes based on AES and SHA-1"
40dfe9a123SChuck Lever	depends on RPCSEC_GSS_KRB5
41dfe9a123SChuck Lever	depends on CRYPTO_CBC && CRYPTO_CTS
42dfe9a123SChuck Lever	depends on CRYPTO_HMAC && CRYPTO_SHA1
43dfe9a123SChuck Lever	depends on CRYPTO_AES
44dfe9a123SChuck Lever	default y
45dfe9a123SChuck Lever	help
46dfe9a123SChuck Lever	  Choose Y to enable the use of Kerberos 5 encryption types
47dfe9a123SChuck Lever	  that utilize Advanced Encryption Standard (AES) ciphers and
48dfe9a123SChuck Lever	  SHA-1 digests. These include aes128-cts-hmac-sha1-96 and
49dfe9a123SChuck Lever	  aes256-cts-hmac-sha1-96.
50fe9a2705SChuck Lever
513394682fSChuck Leverconfig RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA
523394682fSChuck Lever	bool "Enable Kerberos encryption types based on Camellia and CMAC"
533394682fSChuck Lever	depends on RPCSEC_GSS_KRB5
543394682fSChuck Lever	depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA
553394682fSChuck Lever	depends on CRYPTO_CMAC
563394682fSChuck Lever	default n
573394682fSChuck Lever	help
583394682fSChuck Lever	  Choose Y to enable the use of Kerberos 5 encryption types
593394682fSChuck Lever	  that utilize Camellia ciphers (RFC 3713) and CMAC digests
603394682fSChuck Lever	  (NIST Special Publication 800-38B). These include
613394682fSChuck Lever	  camellia128-cts-cmac and camellia256-cts-cmac.
623394682fSChuck Lever
63a40cf753SChuck Leverconfig RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2
64a40cf753SChuck Lever	bool "Enable Kerberos enctypes based on AES and SHA-2"
65a40cf753SChuck Lever	depends on RPCSEC_GSS_KRB5
66a40cf753SChuck Lever	depends on CRYPTO_CBC && CRYPTO_CTS
67a40cf753SChuck Lever	depends on CRYPTO_HMAC && CRYPTO_SHA256 && CRYPTO_SHA512
68a40cf753SChuck Lever	depends on CRYPTO_AES
69a40cf753SChuck Lever	default n
70a40cf753SChuck Lever	help
71a40cf753SChuck Lever	  Choose Y to enable the use of Kerberos 5 encryption types
72a40cf753SChuck Lever	  that utilize Advanced Encryption Standard (AES) ciphers and
73a40cf753SChuck Lever	  SHA-2 digests. These include aes128-cts-hmac-sha256-128 and
74a40cf753SChuck Lever	  aes256-cts-hmac-sha384-192.
75a40cf753SChuck Lever
76eebd8c2dSChuck Leverconfig RPCSEC_GSS_KRB5_KUNIT_TEST
77eebd8c2dSChuck Lever	tristate "KUnit tests for RPCSEC GSS Kerberos" if !KUNIT_ALL_TESTS
78eebd8c2dSChuck Lever	depends on RPCSEC_GSS_KRB5 && KUNIT
79eebd8c2dSChuck Lever	default KUNIT_ALL_TESTS
80eebd8c2dSChuck Lever	help
81eebd8c2dSChuck Lever	  This builds the KUnit tests for RPCSEC GSS Kerberos 5.
82eebd8c2dSChuck Lever
83eebd8c2dSChuck Lever	  KUnit tests run during boot and output the results to the debug
84eebd8c2dSChuck Lever	  log in TAP format (https://testanything.org/). Only useful for
85eebd8c2dSChuck Lever	  kernel devs running KUnit test harness and are not for inclusion
86eebd8c2dSChuck Lever	  into a production build.
87eebd8c2dSChuck Lever
88eebd8c2dSChuck Lever	  For more information on KUnit and unit tests in general, refer
89eebd8c2dSChuck Lever	  to the KUnit documentation in Documentation/dev-tools/kunit/.
90eebd8c2dSChuck Lever
91e27d359eSTrond Myklebustconfig SUNRPC_DEBUG
92e27d359eSTrond Myklebust	bool "RPC: Enable dprintk debugging"
93e27d359eSTrond Myklebust	depends on SUNRPC && SYSCTL
94b4b9d2ccSJeff Layton	select DEBUG_FS
95e27d359eSTrond Myklebust	help
96e27d359eSTrond Myklebust	  This option enables a sysctl-based debugging interface
97e27d359eSTrond Myklebust	  that is be used by the 'rpcdebug' utility to turn on or off
98e27d359eSTrond Myklebust	  logging of different aspects of the kernel RPC activity.
99e27d359eSTrond Myklebust
100e27d359eSTrond Myklebust	  Disabling this option will make your kernel slightly smaller,
101e27d359eSTrond Myklebust	  but makes troubleshooting NFS issues significantly harder.
102e27d359eSTrond Myklebust
103e27d359eSTrond Myklebust	  If unsure, say Y.
1042e8c12e1SJeff Layton
105ec7d8e68SJeff Laytonconfig SUNRPC_DEBUG_TRACE
106ec7d8e68SJeff Layton	bool "RPC: Send dfprintk() output to the trace buffer"
107ec7d8e68SJeff Layton	depends on SUNRPC_DEBUG && TRACING
108ec7d8e68SJeff Layton	default n
109ec7d8e68SJeff Layton	help
110ec7d8e68SJeff Layton          dprintk() output can be voluminous, which can overwhelm the
111ec7d8e68SJeff Layton          kernel's logging facility as it must be sent to the console.
112ec7d8e68SJeff Layton          This option causes dprintk() output to go to the trace buffer
113ec7d8e68SJeff Layton          instead of the kernel log.
114ec7d8e68SJeff Layton
115ec7d8e68SJeff Layton          This will cause warnings about trace_printk() being used to be
116ec7d8e68SJeff Layton          logged at boot time, so say N unless you are debugging a problem
117ec7d8e68SJeff Layton          with sunrpc-based clients or services.
118ec7d8e68SJeff Layton
119ffe1f0dfSChuck Leverconfig SUNRPC_XPRT_RDMA
120ffe1f0dfSChuck Lever	tristate "RPC-over-RDMA transport"
121533d1daeSArnd Bergmann	depends on SUNRPC && INFINIBAND && INFINIBAND_ADDR_TRANS
1222e8c12e1SJeff Layton	default SUNRPC && INFINIBAND
123f13193f5SChuck Lever	select SG_POOL
1242e8c12e1SJeff Layton	help
125ffe1f0dfSChuck Lever	  This option allows the NFS client and server to use RDMA
126ffe1f0dfSChuck Lever	  transports (InfiniBand, iWARP, or RoCE).
1272e8c12e1SJeff Layton
128ffe1f0dfSChuck Lever	  To compile this support as a module, choose M. The module
129ffe1f0dfSChuck Lever	  will be called rpcrdma.ko.
1302e8c12e1SJeff Layton
131ffe1f0dfSChuck Lever	  If unsure, or you know there is no RDMA capability on your
132ffe1f0dfSChuck Lever	  hardware platform, say N.
133