1ec8f24b7SThomas Gleixner# SPDX-License-Identifier: GPL-2.0-only 2ff0b16a9SEric Parisconfig FANOTIFY 3ff0b16a9SEric Paris bool "Filesystem wide access notification" 4ff0b16a9SEric Paris select FSNOTIFY 553136b39SJan Kara select EXPORTFS 6269ed32aSEric Paris default n 7*a7f7f624SMasahiro Yamada help 802582e9bSMasanari Iida Say Y here to enable fanotify support. fanotify is a file access 9ff0b16a9SEric Paris notification system which differs from inotify in that it sends 106aacceceSMichael Witten an open file descriptor to the userspace listener along with 11ff0b16a9SEric Paris the event. 12ff0b16a9SEric Paris 13ff0b16a9SEric Paris If unsure, say Y. 149e66e423SEric Paris 159e66e423SEric Parisconfig FANOTIFY_ACCESS_PERMISSIONS 169e66e423SEric Paris bool "fanotify permissions checking" 179e66e423SEric Paris depends on FANOTIFY 189e66e423SEric Paris depends on SECURITY 199e66e423SEric Paris default n 20*a7f7f624SMasahiro Yamada help 219e66e423SEric Paris Say Y here is you want fanotify listeners to be able to make permissions 229e66e423SEric Paris decisions concerning filesystem events. This is used by some fanotify 239e66e423SEric Paris listeners which need to scan files before allowing the system access to 249e66e423SEric Paris use those files. This is used by some anti-malware vendors and by some 2583fc61a5SMasanari Iida hierarchical storage management systems. 269e66e423SEric Paris 279e66e423SEric Paris If unsure, say N. 28