Getting started with ktls
tech-lists
tech-lists at zyxst.net
Sun Mar 14 14:56:57 UTC 2021
On Thu, Mar 11, 2021 at 03:42:55PM +0000, Rick Macklem wrote:
>I'm going to cheat and top post (the discussion looks
>pretty convoluted).
>
>- The kernel must be built with "options KERN_TLS"
>- OpenSSL must be built with KTLS enabled
>- These two sysctls need to be set to 1
> kern.ipc.tls.enable
> kern.ipc.mb_use_ext_pgs
Hello,
I'd like to try ktls but have found the following:
On AMD64 (stable/13) this option is present in the GENERIC kernel
of world built about a month ago: stable/13-n244496-618dee60231
and openssl version is 1.1.1i-freebsd
On ARM64 (stable/13) it's *not* present in a world built earlier
today from stable/13-n244876-0b45290603b. Here, the openssl version
is 1.1.1j-freebsd
On another ARM64 (main/14) it *is* present in main-n245445-07564e17620
built with sources from the 11th March. openssl is 1.1.1j-freebsd here
as well.
I'd like to have it (ktls) available on the ARM64
stable/13-n244876-0b45290603b. Is it just a matter of adding the option,
and then the sysctls become available? Is it "better" with openssl[-devel]
in ports or openssl in base?
thanks,
--
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20210314/e46e6719/attachment.sig>
More information about the freebsd-current
mailing list