xref: /linux/net/tls/Kconfig (revision 2c97b5ae83dca56718774e7b4bf9640f05d11867)
1# SPDX-License-Identifier: GPL-2.0-only
2#
3# TLS configuration
4#
5config TLS
6	tristate "Transport Layer Security support"
7	depends on INET
8	select CRYPTO
9	select CRYPTO_AES
10	select CRYPTO_GCM
11	select STREAM_PARSER
12	select NET_SOCK_MSG
13	default n
14	---help---
15	Enable kernel support for TLS protocol. This allows symmetric
16	encryption handling of the TLS protocol to be done in-kernel.
17
18	If unsure, say N.
19
20config TLS_DEVICE
21	bool "Transport Layer Security HW offload"
22	depends on TLS
23	select SOCK_VALIDATE_XMIT
24	default n
25	help
26	Enable kernel support for HW offload of the TLS protocol.
27
28	If unsure, say N.
29
30config TLS_TOE
31	bool "Transport Layer Security TCP stack bypass"
32	depends on TLS
33	default n
34	help
35	Enable kernel support for legacy HW offload of the TLS protocol,
36	which is incompatible with the Linux networking stack semantics.
37
38	If unsure, say N.
39