Changeset View
Changeset View
Standalone View
Standalone View
share/man/man4/ktls.4
Show All 25 Lines | |||||
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | .\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | ||||
.\" POSSIBILITY OF SUCH DAMAGE. | .\" POSSIBILITY OF SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" * Other names and brands may be claimed as the property of others. | .\" * Other names and brands may be claimed as the property of others. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd May 20, 2021 | .Dd May 26, 2021 | ||||
.Dt KTLS 4 | .Dt KTLS 4 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm ktls | .Nm ktls | ||||
.Nd kernel Transport Layer Security | .Nd kernel Transport Layer Security | ||||
.Sh SYNOPSIS | .Sh SYNOPSIS | ||||
.Cd options KERN_TLS | .Cd options KERN_TLS | ||||
.Sh DESCRIPTION | .Sh DESCRIPTION | ||||
▲ Show 20 Lines • Show All 151 Lines • ▼ Show 20 Lines | |||||
A tree of nodes containing statistics for TLS sessions using | A tree of nodes containing statistics for TLS sessions using | ||||
.Dv TCP_TLS_MODE_IFNET . | .Dv TCP_TLS_MODE_IFNET . | ||||
.It Va kern.ipc.tls.toe | .It Va kern.ipc.tls.toe | ||||
A tree of nodes containing statistics for TLS sessions using | A tree of nodes containing statistics for TLS sessions using | ||||
.Dv TCP_TLS_MODE_TOE . | .Dv TCP_TLS_MODE_TOE . | ||||
.It Va kern.ipc.tls.stats | .It Va kern.ipc.tls.stats | ||||
A tree of nodes containing various kernel TLS statistics. | A tree of nodes containing various kernel TLS statistics. | ||||
.El | .El | ||||
.Pp | |||||
The | |||||
.Va kern.ipc.mb_use_ext_pgs | |||||
sysctl controls whether the kernel may use unmapped mbufs. | |||||
They are required for TLS transmit. | |||||
.Ss Backends | .Ss Backends | ||||
The base system includes a software backend for the | The base system includes a software backend for the | ||||
.Dv TCP_TLS_MODE_SW | .Dv TCP_TLS_MODE_SW | ||||
mode which uses | mode which uses | ||||
.Xr crypto 9 | .Xr crypto 9 | ||||
to encrypt and decrypt TLS records. | to encrypt and decrypt TLS records. | ||||
This backend can be enabled by loading the | This backend can be enabled by loading the | ||||
.Pa ktls_ocf.ko | .Pa ktls_ocf.ko | ||||
▲ Show 20 Lines • Show All 52 Lines • Show Last 20 Lines |