Support for cryptographic acceleration using the Multi-Buffer Crypto for IPsec Library (IPsec-MB, IIMB)
The kernel module for the Intel® Multi-Buffer Crypto for IPsec Library (a.k.a. IPsec-MB or IIMB) has been added in the FreeBSD source for Plus, and GUI/backend code has been added to enable it. Documentation is ready and staged for 23.05 as well.
IPsec-MB is not limited to accelerating IPsec, despite the name. It leverages CPU SIMD instructions to accelerate anything using kernel crypto functions for AES-GCM-128, AES-GCM-256, AES-CBC-128, AES-CBC-256, SHA1, SHA2, and ChaCha20/Poly1305. This includes IPsec, WireGuard, OpenVPN DCO and more.
This issue is for tracking purposes and to make a release notes entry, more details are on NG 10281.