1 # SPDX-License-Identifier: GPL-2.0-only
2 config SUNRPC
3 	tristate
4 	depends on MULTIUSER
5 
6 config SUNRPC_GSS
7 	tristate
8 	select OID_REGISTRY
9 	depends on MULTIUSER
10 
11 config SUNRPC_BACKCHANNEL
12 	bool
13 	depends on SUNRPC
14 
15 config SUNRPC_SWAP
16 	bool
17 	depends on SUNRPC
18 
19 config RPCSEC_GSS_KRB5
20 	tristate "Secure RPC: Kerberos V mechanism"
21 	depends on SUNRPC && CRYPTO
22 	default y
23 	select SUNRPC_GSS
24 	select CRYPTO_SKCIPHER
25 	select CRYPTO_HASH
26 	help
27 	  Choose Y here to enable Secure RPC using the Kerberos version 5
28 	  GSS-API mechanism (RFC 1964).
29 
30 	  Secure RPC calls with Kerberos require an auxiliary user-space
31 	  daemon which may be found in the Linux nfs-utils package
32 	  available from http://linux-nfs.org/.  In addition, user-space
33 	  Kerberos support should be installed.
34 
35 	  If unsure, say Y.
36 
37 config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA1
38 	bool "Enable Kerberos enctypes based on AES and SHA-1"
39 	depends on RPCSEC_GSS_KRB5
40 	depends on CRYPTO_CBC && CRYPTO_CTS
41 	depends on CRYPTO_HMAC && CRYPTO_SHA1
42 	depends on CRYPTO_AES
43 	default y
44 	help
45 	  Choose Y to enable the use of Kerberos 5 encryption types
46 	  that utilize Advanced Encryption Standard (AES) ciphers and
47 	  SHA-1 digests. These include aes128-cts-hmac-sha1-96 and
48 	  aes256-cts-hmac-sha1-96.
49 
50 config RPCSEC_GSS_KRB5_ENCTYPES_CAMELLIA
51 	bool "Enable Kerberos encryption types based on Camellia and CMAC"
52 	depends on RPCSEC_GSS_KRB5
53 	depends on CRYPTO_CBC && CRYPTO_CTS && CRYPTO_CAMELLIA
54 	depends on CRYPTO_CMAC
55 	default n
56 	help
57 	  Choose Y to enable the use of Kerberos 5 encryption types
58 	  that utilize Camellia ciphers (RFC 3713) and CMAC digests
59 	  (NIST Special Publication 800-38B). These include
60 	  camellia128-cts-cmac and camellia256-cts-cmac.
61 
62 config RPCSEC_GSS_KRB5_ENCTYPES_AES_SHA2
63 	bool "Enable Kerberos enctypes based on AES and SHA-2"
64 	depends on RPCSEC_GSS_KRB5
65 	depends on CRYPTO_CBC && CRYPTO_CTS
66 	depends on CRYPTO_HMAC && CRYPTO_SHA256 && CRYPTO_SHA512
67 	depends on CRYPTO_AES
68 	default n
69 	help
70 	  Choose Y to enable the use of Kerberos 5 encryption types
71 	  that utilize Advanced Encryption Standard (AES) ciphers and
72 	  SHA-2 digests. These include aes128-cts-hmac-sha256-128 and
73 	  aes256-cts-hmac-sha384-192.
74 
75 config RPCSEC_GSS_KRB5_KUNIT_TEST
76 	tristate "KUnit tests for RPCSEC GSS Kerberos" if !KUNIT_ALL_TESTS
77 	depends on RPCSEC_GSS_KRB5 && KUNIT
78 	default KUNIT_ALL_TESTS
79 	help
80 	  This builds the KUnit tests for RPCSEC GSS Kerberos 5.
81 
82 	  KUnit tests run during boot and output the results to the debug
83 	  log in TAP format (https://testanything.org/). Only useful for
84 	  kernel devs running KUnit test harness and are not for inclusion
85 	  into a production build.
86 
87 	  For more information on KUnit and unit tests in general, refer
88 	  to the KUnit documentation in Documentation/dev-tools/kunit/.
89 
90 config SUNRPC_DEBUG
91 	bool "RPC: Enable dprintk debugging"
92 	depends on SUNRPC && SYSCTL
93 	select DEBUG_FS
94 	help
95 	  This option enables a sysctl-based debugging interface
96 	  that is be used by the 'rpcdebug' utility to turn on or off
97 	  logging of different aspects of the kernel RPC activity.
98 
99 	  Disabling this option will make your kernel slightly smaller,
100 	  but makes troubleshooting NFS issues significantly harder.
101 
102 	  If unsure, say Y.
103 
104 config SUNRPC_XPRT_RDMA
105 	tristate "RPC-over-RDMA transport"
106 	depends on SUNRPC && INFINIBAND && INFINIBAND_ADDR_TRANS
107 	default SUNRPC && INFINIBAND
108 	select SG_POOL
109 	help
110 	  This option allows the NFS client and server to use RDMA
111 	  transports (InfiniBand, iWARP, or RoCE).
112 
113 	  To compile this support as a module, choose M. The module
114 	  will be called rpcrdma.ko.
115 
116 	  If unsure, or you know there is no RDMA capability on your
117 	  hardware platform, say N.
118