Alexey Dobriyan | bb26b96 | 2008-10-18 20:28:49 -0700 | [diff] [blame] | 1 | config CIFS |
| 2 | tristate "CIFS support (advanced network filesystem, SMBFS successor)" |
| 3 | depends on INET |
| 4 | select NLS |
Shirish Pargaonkar | d2b9152 | 2010-10-21 14:25:08 -0500 | [diff] [blame] | 5 | select CRYPTO |
Jeff Layton | f855f6c | 2011-01-31 08:41:36 -0500 | [diff] [blame] | 6 | select CRYPTO_MD4 |
Shirish Pargaonkar | d2b9152 | 2010-10-21 14:25:08 -0500 | [diff] [blame] | 7 | select CRYPTO_MD5 |
Steve French | 362d312 | 2010-11-14 03:34:30 +0000 | [diff] [blame] | 8 | select CRYPTO_HMAC |
Shirish Pargaonkar | d2b9152 | 2010-10-21 14:25:08 -0500 | [diff] [blame] | 9 | select CRYPTO_ARC4 |
Suresh Jayaraman | 5f0b23e | 2011-06-03 14:19:01 +0530 | [diff] [blame] | 10 | select CRYPTO_ECB |
Steve French | 43988d7 | 2011-04-19 18:23:31 +0000 | [diff] [blame] | 11 | select CRYPTO_DES |
Alexey Dobriyan | bb26b96 | 2008-10-18 20:28:49 -0700 | [diff] [blame] | 12 | help |
| 13 | This is the client VFS module for the Common Internet File System |
| 14 | (CIFS) protocol which is the successor to the Server Message Block |
| 15 | (SMB) protocol, the native file sharing mechanism for most early |
| 16 | PC operating systems. The CIFS protocol is fully supported by |
| 17 | file servers such as Windows 2000 (including Windows 2003, NT 4 |
| 18 | and Windows XP) as well by Samba (which provides excellent CIFS |
| 19 | server support for Linux and many other operating systems). Limited |
| 20 | support for OS/2 and Windows ME and similar servers is provided as |
| 21 | well. |
| 22 | |
| 23 | The cifs module provides an advanced network file system |
| 24 | client for mounting to CIFS compliant servers. It includes |
| 25 | support for DFS (hierarchical name space), secure per-user |
| 26 | session establishment via Kerberos or NTLM or NTLMv2, |
| 27 | safe distributed caching (oplock), optional packet |
| 28 | signing, Unicode and other internationalization improvements. |
| 29 | If you need to mount to Samba or Windows from this machine, say Y. |
| 30 | |
| 31 | config CIFS_STATS |
| 32 | bool "CIFS statistics" |
| 33 | depends on CIFS |
| 34 | help |
| 35 | Enabling this option will cause statistics for each server share |
| 36 | mounted by the cifs client to be displayed in /proc/fs/cifs/Stats |
| 37 | |
| 38 | config CIFS_STATS2 |
| 39 | bool "Extended statistics" |
| 40 | depends on CIFS_STATS |
| 41 | help |
| 42 | Enabling this option will allow more detailed statistics on SMB |
| 43 | request timing to be displayed in /proc/fs/cifs/DebugData and also |
| 44 | allow optional logging of slow responses to dmesg (depending on the |
| 45 | value of /proc/fs/cifs/cifsFYI, see fs/cifs/README for more details). |
| 46 | These additional statistics may have a minor effect on performance |
| 47 | and memory utilization. |
| 48 | |
| 49 | Unless you are a developer or are doing network performance analysis |
| 50 | or tuning, say N. |
| 51 | |
| 52 | config CIFS_WEAK_PW_HASH |
| 53 | bool "Support legacy servers which use weaker LANMAN security" |
| 54 | depends on CIFS |
| 55 | help |
| 56 | Modern CIFS servers including Samba and most Windows versions |
| 57 | (since 1997) support stronger NTLM (and even NTLMv2 and Kerberos) |
| 58 | security mechanisms. These hash the password more securely |
| 59 | than the mechanisms used in the older LANMAN version of the |
| 60 | SMB protocol but LANMAN based authentication is needed to |
| 61 | establish sessions with some old SMB servers. |
| 62 | |
| 63 | Enabling this option allows the cifs module to mount to older |
| 64 | LANMAN based servers such as OS/2 and Windows 95, but such |
| 65 | mounts may be less secure than mounts using NTLM or more recent |
| 66 | security mechanisms if you are on a public network. Unless you |
| 67 | have a need to access old SMB servers (and are on a private |
| 68 | network) you probably want to say N. Even if this support |
| 69 | is enabled in the kernel build, LANMAN authentication will not be |
| 70 | used automatically. At runtime LANMAN mounts are disabled but |
| 71 | can be set to required (or optional) either in |
| 72 | /proc/fs/cifs (see fs/cifs/README for more detail) or via an |
| 73 | option on the mount command. This support is disabled by |
| 74 | default in order to reduce the possibility of a downgrade |
| 75 | attack. |
| 76 | |
| 77 | If unsure, say N. |
| 78 | |
| 79 | config CIFS_UPCALL |
Wang Lei | 1a4240f | 2010-08-04 15:16:33 +0100 | [diff] [blame] | 80 | bool "Kerberos/SPNEGO advanced session setup" |
| 81 | depends on CIFS && KEYS |
| 82 | select DNS_RESOLVER |
| 83 | help |
| 84 | Enables an upcall mechanism for CIFS which accesses userspace helper |
| 85 | utilities to provide SPNEGO packaged (RFC 4178) Kerberos tickets |
| 86 | which are needed to mount to certain secure servers (for which more |
| 87 | secure Kerberos authentication is required). If unsure, say N. |
Alexey Dobriyan | bb26b96 | 2008-10-18 20:28:49 -0700 | [diff] [blame] | 88 | |
| 89 | config CIFS_XATTR |
| 90 | bool "CIFS extended attributes" |
| 91 | depends on CIFS |
| 92 | help |
| 93 | Extended attributes are name:value pairs associated with inodes by |
| 94 | the kernel or by users (see the attr(5) manual page, or visit |
| 95 | <http://acl.bestbits.at/> for details). CIFS maps the name of |
| 96 | extended attributes beginning with the user namespace prefix |
| 97 | to SMB/CIFS EAs. EAs are stored on Windows servers without the |
| 98 | user namespace prefix, but their names are seen by Linux cifs clients |
| 99 | prefaced by the user namespace prefix. The system namespace |
| 100 | (used by some filesystems to store ACLs) is not supported at |
| 101 | this time. |
| 102 | |
| 103 | If unsure, say N. |
| 104 | |
| 105 | config CIFS_POSIX |
| 106 | bool "CIFS POSIX Extensions" |
| 107 | depends on CIFS_XATTR |
| 108 | help |
| 109 | Enabling this option will cause the cifs client to attempt to |
| 110 | negotiate a newer dialect with servers, such as Samba 3.0.5 |
| 111 | or later, that optionally can handle more POSIX like (rather |
| 112 | than Windows like) file behavior. It also enables |
| 113 | support for POSIX ACLs (getfacl and setfacl) to servers |
| 114 | (such as Samba 3.10 and later) which can negotiate |
| 115 | CIFS POSIX ACL support. If unsure, say N. |
| 116 | |
| 117 | config CIFS_DEBUG2 |
| 118 | bool "Enable additional CIFS debugging routines" |
| 119 | depends on CIFS |
| 120 | help |
| 121 | Enabling this option adds a few more debugging routines |
| 122 | to the cifs code which slightly increases the size of |
| 123 | the cifs module and can cause additional logging of debug |
| 124 | messages in some error paths, slowing performance. This |
| 125 | option can be turned off unless you are debugging |
| 126 | cifs problems. If unsure, say N. |
| 127 | |
Steve French | 10e70af | 2009-02-22 01:33:07 +0000 | [diff] [blame] | 128 | config CIFS_DFS_UPCALL |
| 129 | bool "DFS feature support" |
| 130 | depends on CIFS && KEYS |
Wang Lei | 1a4240f | 2010-08-04 15:16:33 +0100 | [diff] [blame] | 131 | select DNS_RESOLVER |
Steve French | 10e70af | 2009-02-22 01:33:07 +0000 | [diff] [blame] | 132 | help |
| 133 | Distributed File System (DFS) support is used to access shares |
| 134 | transparently in an enterprise name space, even if the share |
| 135 | moves to a different server. This feature also enables |
| 136 | an upcall mechanism for CIFS which contacts userspace helper |
| 137 | utilities to provide server name resolution (host names to |
| 138 | IP addresses) which is needed for implicit mounts of DFS junction |
| 139 | points. If unsure, say N. |
| 140 | |
Suresh Jayaraman | 3feb41c | 2010-07-05 18:11:33 +0530 | [diff] [blame] | 141 | config CIFS_FSCACHE |
Steve French | 2a73ca8 | 2012-01-31 12:51:24 -0600 | [diff] [blame] | 142 | bool "Provide CIFS client caching support" |
Suresh Jayaraman | 3feb41c | 2010-07-05 18:11:33 +0530 | [diff] [blame] | 143 | depends on CIFS=m && FSCACHE || CIFS=y && FSCACHE=y |
| 144 | help |
| 145 | Makes CIFS FS-Cache capable. Say Y here if you want your CIFS data |
| 146 | to be cached locally on disk through the general filesystem cache |
| 147 | manager. If unsure, say N. |
| 148 | |
Shirish Pargaonkar | fbeba8b | 2010-11-27 11:37:54 -0600 | [diff] [blame] | 149 | config CIFS_ACL |
Steve French | 2a73ca8 | 2012-01-31 12:51:24 -0600 | [diff] [blame] | 150 | bool "Provide CIFS ACL support" |
Steve French | c560018 | 2012-01-18 17:19:11 -0600 | [diff] [blame] | 151 | depends on CIFS_XATTR && KEYS |
Shirish Pargaonkar | fbeba8b | 2010-11-27 11:37:54 -0600 | [diff] [blame] | 152 | help |
| 153 | Allows to fetch CIFS/NTFS ACL from the server. The DACL blob |
| 154 | is handed over to the application/caller. |
| 155 | |
Shirish Pargaonkar | 2572087 | 2011-02-25 10:48:55 -0600 | [diff] [blame] | 156 | config CIFS_NFSD_EXPORT |
| 157 | bool "Allow nfsd to export CIFS file system (EXPERIMENTAL)" |
Jeff Layton | 9b8e072a | 2011-06-21 07:18:26 -0400 | [diff] [blame] | 158 | depends on CIFS && EXPERIMENTAL && BROKEN |
Alexey Dobriyan | bb26b96 | 2008-10-18 20:28:49 -0700 | [diff] [blame] | 159 | help |
Shirish Pargaonkar | 2572087 | 2011-02-25 10:48:55 -0600 | [diff] [blame] | 160 | Allows NFS server to export a CIFS mounted share (nfsd over cifs) |
Steve French | 675f36f | 2011-02-24 17:58:00 +0000 | [diff] [blame] | 161 | |
| 162 | config CIFS_SMB2 |
| 163 | bool "SMB2 network file system support (EXPERIMENTAL)" |
| 164 | depends on EXPERIMENTAL && INET && BROKEN |
| 165 | select NLS |
| 166 | select KEYS |
| 167 | select FSCACHE |
| 168 | select DNS_RESOLVER |
| 169 | |
| 170 | help |
| 171 | This enables experimental support for the SMB2 (Server Message Block |
| 172 | version 2) protocol. The SMB2 protocol is the successor to the |
| 173 | popular CIFS and SMB network file sharing protocols. SMB2 is the |
| 174 | native file sharing mechanism for recent versions of Windows |
| 175 | operating systems (since Vista). SMB2 enablement will eventually |
| 176 | allow users better performance, security and features, than would be |
| 177 | possible with cifs. Note that smb2 mount options also are simpler |
| 178 | (compared to cifs) due to protocol improvements. |
| 179 | |
| 180 | Unless you are a developer or tester, say N. |