1ec8f24b7SThomas Gleixner# SPDX-License-Identifier: GPL-2.0-only 23c4d7559SDave Watson# 33c4d7559SDave Watson# TLS configuration 43c4d7559SDave Watson# 53c4d7559SDave Watsonconfig TLS 63c4d7559SDave Watson tristate "Transport Layer Security support" 754144b48SDavid S. Miller depends on INET 8d807ec65SDave Watson select CRYPTO 9d807ec65SDave Watson select CRYPTO_AES 10d807ec65SDave Watson select CRYPTO_GCM 11c46234ebSDave Watson select STREAM_PARSER 12d829e9c4SDaniel Borkmann select NET_SOCK_MSG 13d807ec65SDave Watson default n 14*a7f7f624SMasahiro Yamada help 153c4d7559SDave Watson Enable kernel support for TLS protocol. This allows symmetric 163c4d7559SDave Watson encryption handling of the TLS protocol to be done in-kernel. 173c4d7559SDave Watson 18d807ec65SDave Watson If unsure, say N. 19e8f69799SIlya Lesokhin 20e8f69799SIlya Lesokhinconfig TLS_DEVICE 21e8f69799SIlya Lesokhin bool "Transport Layer Security HW offload" 22e8f69799SIlya Lesokhin depends on TLS 23e8f69799SIlya Lesokhin select SOCK_VALIDATE_XMIT 24e8f69799SIlya Lesokhin default n 25e8f69799SIlya Lesokhin help 26e8f69799SIlya Lesokhin Enable kernel support for HW offload of the TLS protocol. 27e8f69799SIlya Lesokhin 28e8f69799SIlya Lesokhin If unsure, say N. 2953b4414aSJakub Kicinski 3053b4414aSJakub Kicinskiconfig TLS_TOE 3153b4414aSJakub Kicinski bool "Transport Layer Security TCP stack bypass" 3253b4414aSJakub Kicinski depends on TLS 3353b4414aSJakub Kicinski default n 3453b4414aSJakub Kicinski help 3553b4414aSJakub Kicinski Enable kernel support for legacy HW offload of the TLS protocol, 3653b4414aSJakub Kicinski which is incompatible with the Linux networking stack semantics. 3753b4414aSJakub Kicinski 3853b4414aSJakub Kicinski If unsure, say N. 39