git: efa9c21bca98 - main - KTLS: Enable KERN_TLS in GENERIC on amd64

Andrew Gallatin gallatin at FreeBSD.org
Mon Jan 18 18:31:02 UTC 2021 

The branch main has been updated by gallatin:

URL: https://cgit.FreeBSD.org/src/commit/?id=efa9c21bca9873af9c9660f5aeffda9d5ae1dfb7

commit efa9c21bca9873af9c9660f5aeffda9d5ae1dfb7
Author:     Andrew Gallatin <gallatin at FreeBSD.org>
AuthorDate: 2021-01-14 17:44:06 +0000
Commit:     Andrew Gallatin <gallatin at FreeBSD.org>
CommitDate: 2021-01-18 18:29:10 +0000

    KTLS: Enable KERN_TLS in GENERIC on amd64
    
    Based on discussions on freebsd-arch@, enable KERN_TLS in
    GENERIC on amd64, but leave it disabled via the
    sysctl kern.ipc.tls.enable.  Users wishing to enable
    ktls must set kern.ipc.tls.enable=1
    
    While here, fix wording in NOTES to mention that KERN_TLS
    also does receive now.
    
    Sponsored by:   Netflix
    
    Reviewed by:    allanjude
    Differential Revision:  https://reviews.freebsd.org/D28163
---
 sys/amd64/conf/GENERIC | 1 +
 sys/conf/NOTES         | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/amd64/conf/GENERIC b/sys/amd64/conf/GENERIC
index c9ab23bb91b5..9f55a935f8a5 100644
--- a/sys/amd64/conf/GENERIC
+++ b/sys/amd64/conf/GENERIC
@@ -37,6 +37,7 @@ options 	TCP_BLACKBOX		# Enhanced TCP event logging
 options 	TCP_HHOOK		# hhook(9) framework for TCP
 options		TCP_RFC7413		# TCP Fast Open
 options 	SCTP_SUPPORT		# Allow kldload of SCTP
+options		KERN_TLS		# TLS transmit & receive offload
 options 	FFS			# Berkeley Fast Filesystem
 options 	SOFTUPDATES		# Enable FFS soft updates support
 options 	UFS_ACL			# Support for access control lists
diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index 1a8059a2e5c0..b4202bb65618 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -666,8 +666,8 @@ options		IPSEC_SUPPORT
 #options 	IPSEC_DEBUG		#debug for IP security
 
 
-# TLS framing and encryption of data transmitted over TCP sockets.
-options		KERN_TLS		# TLS transmit offload
+# TLS framing and encryption/decryption of data over TCP sockets.
+options		KERN_TLS		# TLS transmit and receive offload
 
 #
 # SMB/CIFS requester

More information about the dev-commits-src-all mailing list