53b4414a70
TLS "record layer offload" requires TOE, and bypasses most of the normal networking stack. It is also significantly less maintained. Allow users to compile it out to avoid issues. Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: John Hurley <john.hurley@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
39 lines
855 B
Plaintext
39 lines
855 B
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
# TLS configuration
|
|
#
|
|
config TLS
|
|
tristate "Transport Layer Security support"
|
|
depends on INET
|
|
select CRYPTO
|
|
select CRYPTO_AES
|
|
select CRYPTO_GCM
|
|
select STREAM_PARSER
|
|
select NET_SOCK_MSG
|
|
default n
|
|
---help---
|
|
Enable kernel support for TLS protocol. This allows symmetric
|
|
encryption handling of the TLS protocol to be done in-kernel.
|
|
|
|
If unsure, say N.
|
|
|
|
config TLS_DEVICE
|
|
bool "Transport Layer Security HW offload"
|
|
depends on TLS
|
|
select SOCK_VALIDATE_XMIT
|
|
default n
|
|
help
|
|
Enable kernel support for HW offload of the TLS protocol.
|
|
|
|
If unsure, say N.
|
|
|
|
config TLS_TOE
|
|
bool "Transport Layer Security TCP stack bypass"
|
|
depends on TLS
|
|
default n
|
|
help
|
|
Enable kernel support for legacy HW offload of the TLS protocol,
|
|
which is incompatible with the Linux networking stack semantics.
|
|
|
|
If unsure, say N.
|