blob: 0cdc1f7b6b084e975a6d32cfbc0af172fe40222e [file] [log] [blame]
Thomas Gleixnerec8f24b2019-05-19 13:07:45 +01001# SPDX-License-Identifier: GPL-2.0-only
Dave Watson3c4d7552017-06-14 11:37:39 -07002#
3# TLS configuration
4#
5config TLS
6 tristate "Transport Layer Security support"
David S. Miller54144b42017-06-16 11:28:49 -04007 depends on INET
Dave Watsond807ec62017-06-17 08:25:13 -07008 select CRYPTO
9 select CRYPTO_AES
10 select CRYPTO_GCM
Dave Watsonc46234e2018-03-22 10:10:35 -070011 select STREAM_PARSER
Daniel Borkmannd829e9c2018-10-13 02:45:59 +020012 select NET_SOCK_MSG
Dave Watsond807ec62017-06-17 08:25:13 -070013 default n
Masahiro Yamadaa7f7f622020-06-14 01:50:22 +090014 help
Dave Watson3c4d7552017-06-14 11:37:39 -070015 Enable kernel support for TLS protocol. This allows symmetric
16 encryption handling of the TLS protocol to be done in-kernel.
17
Dave Watsond807ec62017-06-17 08:25:13 -070018 If unsure, say N.
Ilya Lesokhine8f69792018-04-30 10:16:16 +030019
20config TLS_DEVICE
21 bool "Transport Layer Security HW offload"
22 depends on TLS
23 select SOCK_VALIDATE_XMIT
Tariq Toukan76f16592021-02-11 13:35:52 +020024 select SOCK_RX_QUEUE_MAPPING
Ilya Lesokhine8f69792018-04-30 10:16:16 +030025 default n
26 help
27 Enable kernel support for HW offload of the TLS protocol.
28
29 If unsure, say N.
Jakub Kicinski53b44142019-10-03 11:18:59 -070030
31config TLS_TOE
32 bool "Transport Layer Security TCP stack bypass"
33 depends on TLS
34 default n
35 help
36 Enable kernel support for legacy HW offload of the TLS protocol,
37 which is incompatible with the Linux networking stack semantics.
38
39 If unsure, say N.