Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 31 Oct 2020 02:47:39 +0000 (UTC)
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-projects@freebsd.org
Subject:   svn commit: r367191 - projects/nfs-over-tls/rc.d
Message-ID:  <202010310247.09V2ldjW028663@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: rmacklem
Date: Sat Oct 31 02:47:39 2020
New Revision: 367191
URL: https://svnweb.freebsd.org/changeset/base/367191

Log:
  Add a new rc.d script that enables the kernel tls and make the other
  scripts depend on it.

Added:
  projects/nfs-over-tls/rc.d/ktls
Modified:
  projects/nfs-over-tls/rc.d/tlsclntd
  projects/nfs-over-tls/rc.d/tlsservd

Added: projects/nfs-over-tls/rc.d/ktls
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ projects/nfs-over-tls/rc.d/ktls	Sat Oct 31 02:47:39 2020	(r367191)
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ktls
+# REQUIRE: NETWORKING
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name="ktls"
+desc="Enable Kernel TLS"
+rcvar="ktls_enable"
+start_cmd="${name}_start"
+stop_cmd=":"
+
+ktls_start()
+{
+
+	sysctl -q kern.ipc.tls.enable=1 > /dev/null
+	err=$?
+	if [ "${err}" -ne 0 ]; then
+		warn "kernel must be built with options KERN_TLS for ktls"
+		return "${err}"
+	fi
+	sysctl kern.ipc.mb_use_ext_pgs=1 > /dev/null
+
+	#
+	# Load ktls_ocf and optionally aesni
+	#
+	load_kld ktls_ocf
+	if checkyesno ktls_aesni_enable; then
+		load_kld aesni
+	fi
+}
+
+load_rc_config $name
+run_rc_command "$1"

Modified: projects/nfs-over-tls/rc.d/tlsclntd
==============================================================================
--- projects/nfs-over-tls/rc.d/tlsclntd	Sat Oct 31 01:12:35 2020	(r367190)
+++ projects/nfs-over-tls/rc.d/tlsclntd	Sat Oct 31 02:47:39 2020	(r367191)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: tlsclntd
-# REQUIRE: NETWORKING
+# REQUIRE: NETWORKING root mountcritlocal ktls
 # KEYWORD: nojail shutdown
 
 . /etc/rc.subr

Modified: projects/nfs-over-tls/rc.d/tlsservd
==============================================================================
--- projects/nfs-over-tls/rc.d/tlsservd	Sat Oct 31 01:12:35 2020	(r367190)
+++ projects/nfs-over-tls/rc.d/tlsservd	Sat Oct 31 02:47:39 2020	(r367191)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: tlsservd
-# REQUIRE: NETWORKING
+# REQUIRE: NETWORKING root mountcritlocal ktls
 # KEYWORD: nojail shutdown
 
 . /etc/rc.subr

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202010310247.09V2ldjW028663>