kernel: net: add support for kernel tls

Add ktls (Kernel TLS) kmods to enable TLS support
in kernel (allowing TLS offload when the network
card supports it)

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(added disabled symbols)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>

package/kernel/linux/modules/netsupport.mk

@@ -46,6 +46,7 @@ define KernelPackage/bonding
   SUBMENU:=$(NETWORK_SUPPORT_MENU)
   TITLE:=Ethernet bonding driver
   KCONFIG:=CONFIG_BONDING
+  DEPENDS:=PACKAGE_kmod-tls:kmod-tls
   FILES:=$(LINUX_DIR)/drivers/net/bonding/bonding.ko
   AUTOLOAD:=$(call AutoLoad,40,bonding)
   MODPARAMS.bonding:=max_bonds=0
@@ -968,6 +969,25 @@ endef
 
 $(eval $(call KernelPackage,tcp-bbr))
 
+define KernelPackage/tls
+  SUBMENU:=$(NETWORK_SUPPORT_MENU)
+  TITLE:=In-kernel TLS Support with HW Offload
+  DEPENDS:=@(LINUX_5_15||LINUX_6_1)
+  KCONFIG:=CONFIG_TLS \
+	CONFIG_TLS_DEVICE=y
+  FILES:=$(LINUX_DIR)/net/tls/tls.ko
+  AUTOLOAD:=$(call AutoProbe,tls)
+endef
+
+define KernelPackage/tls/description
+ Kernel module for in-kernel TLS protocol support and hw offload
+ (to supported interfaces).
+ This allows symmetric encryption handling of the TLS protocol to
+ be done in-kernel and it's HW offload when available.
+endef
+
+$(eval $(call KernelPackage,tls))
+
 
 define KernelPackage/tcp-hybla
   SUBMENU:=$(NETWORK_SUPPORT_MENU)

target/linux/generic/config-5.15

@@ -6501,6 +6501,8 @@ CONFIG_TINY_RCU=y
 # CONFIG_TI_TSC2046 is not set
 # CONFIG_TLAN is not set
 # CONFIG_TLS is not set
+# CONFIG_TLS_DEVICE is not set
+# CONFIG_TLS_TOE is not set
 # CONFIG_TMD_HERMES is not set
 # CONFIG_TMP006 is not set
 # CONFIG_TMP007 is not set