1ec8f24b7SThomas Gleixner# SPDX-License-Identifier: GPL-2.0-only 23c4d7559SDave Watson# 33c4d7559SDave Watson# TLS configuration 43c4d7559SDave Watson# 53c4d7559SDave Watsonconfig TLS 63c4d7559SDave Watson tristate "Transport Layer Security support" 754144b48SDavid S. Miller depends on INET 8d807ec65SDave Watson select CRYPTO 9d807ec65SDave Watson select CRYPTO_AES 10d807ec65SDave Watson select CRYPTO_GCM 11c46234ebSDave Watson select STREAM_PARSER 12d829e9c4SDaniel Borkmann select NET_SOCK_MSG 13d807ec65SDave Watson default n 143c4d7559SDave Watson ---help--- 153c4d7559SDave Watson Enable kernel support for TLS protocol. This allows symmetric 163c4d7559SDave Watson encryption handling of the TLS protocol to be done in-kernel. 173c4d7559SDave Watson 18d807ec65SDave Watson If unsure, say N. 19e8f69799SIlya Lesokhin 20e8f69799SIlya Lesokhinconfig TLS_DEVICE 21e8f69799SIlya Lesokhin bool "Transport Layer Security HW offload" 22e8f69799SIlya Lesokhin depends on TLS 23e8f69799SIlya Lesokhin select SOCK_VALIDATE_XMIT 24e8f69799SIlya Lesokhin default n 25e8f69799SIlya Lesokhin help 26e8f69799SIlya Lesokhin Enable kernel support for HW offload of the TLS protocol. 27e8f69799SIlya Lesokhin 28e8f69799SIlya Lesokhin If unsure, say N. 29*53b4414aSJakub Kicinski 30*53b4414aSJakub Kicinskiconfig TLS_TOE 31*53b4414aSJakub Kicinski bool "Transport Layer Security TCP stack bypass" 32*53b4414aSJakub Kicinski depends on TLS 33*53b4414aSJakub Kicinski default n 34*53b4414aSJakub Kicinski help 35*53b4414aSJakub Kicinski Enable kernel support for legacy HW offload of the TLS protocol, 36*53b4414aSJakub Kicinski which is incompatible with the Linux networking stack semantics. 37*53b4414aSJakub Kicinski 38*53b4414aSJakub Kicinski If unsure, say N. 39