| ktls.4 (d1e0552937e18bef661fb9ace710bcaa1b5d5a80) | ktls.4 (3413f26245d28722c7ad3cb3fb81561b40bb4bcb) |
|---|---|
| 1.\" Copyright (c) 2020, Chelsio Inc 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions are met: 6.\" 7.\" 1. Redistributions of source code must retain the above copyright notice, 8.\" this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28.\" POSSIBILITY OF SUCH DAMAGE. 29.\" 30.\" * Other names and brands may be claimed as the property of others. 31.\" 32.\" $FreeBSD$ 33.\" | 1.\" Copyright (c) 2020, Chelsio Inc 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions are met: 6.\" 7.\" 1. Redistributions of source code must retain the above copyright notice, 8.\" this list of conditions and the following disclaimer. --- 17 unchanged lines hidden (view full) --- 26.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28.\" POSSIBILITY OF SUCH DAMAGE. 29.\" 30.\" * Other names and brands may be claimed as the property of others. 31.\" 32.\" $FreeBSD$ 33.\" |
| 34.Dd November 25, 2020 | 34.Dd December 1, 2020 |
| 35.Dt KTLS 4 36.Os 37.Sh NAME 38.Nm ktls 39.Nd kernel Transport Layer Security 40.Sh SYNOPSIS 41.Cd options KERN_TLS 42.Sh DESCRIPTION --- 30 unchanged lines hidden (view full) --- 73The available modes are: 74.Bl -tag -width "Dv TCP_TLS_MODE_IFNET" 75.It Dv TCP_TLS_MODE_NONE 76.Nm 77is not enabled. 78.It Dv TCP_TLS_MODE_SW 79TLS records are encrypted or decrypted in the kernel in the socket 80layer. | 35.Dt KTLS 4 36.Os 37.Sh NAME 38.Nm ktls 39.Nd kernel Transport Layer Security 40.Sh SYNOPSIS 41.Cd options KERN_TLS 42.Sh DESCRIPTION --- 30 unchanged lines hidden (view full) --- 73The available modes are: 74.Bl -tag -width "Dv TCP_TLS_MODE_IFNET" 75.It Dv TCP_TLS_MODE_NONE 76.Nm 77is not enabled. 78.It Dv TCP_TLS_MODE_SW 79TLS records are encrypted or decrypted in the kernel in the socket 80layer. |
| 81Typically the encryption or decryption is performred in software, | 81Typically the encryption or decryption is performed in software, |
| 82but it may also be performed by co-processors via 83.Xr crypto 9 . 84.It Dv TCP_TLS_MODE_IFNET 85TLS records are encrypted or decrypted by the network interface card (NIC). 86In this mode, the network stack does not work with encrypted data. | 82but it may also be performed by co-processors via 83.Xr crypto 9 . 84.It Dv TCP_TLS_MODE_IFNET 85TLS records are encrypted or decrypted by the network interface card (NIC). 86In this mode, the network stack does not work with encrypted data. |
| 87Instead, the NIC is encrypts TLS records as they are being transmitted, | 87Instead, the NIC encrypts TLS records as they are being transmitted, |
| 88or decrypts received TLS records before providing them to the host. 89.Pp 90Network interfaces which support this feature will advertise the 91.Dv TXTLS4 92(for IPv4) 93and/or 94.Dv TXTLS6 95(for IPv6) --- 169 unchanged lines hidden --- | 88or decrypts received TLS records before providing them to the host. 89.Pp 90Network interfaces which support this feature will advertise the 91.Dv TXTLS4 92(for IPv4) 93and/or 94.Dv TXTLS6 95(for IPv6) --- 169 unchanged lines hidden --- |