Re: FreeBSD 14 Port of OpenSSL 3 with QAT Engine

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Moin Rahman <bofh_at_freebsd.org>
Date: Mon, 09 Oct 2023 06:41:32 UTC

> On Oct 8, 2023, at 11:22 PM, Jeffrey Altman <jaltman@auristor.com> wrote:
> 
> Moin and Bernard,
> 
> Thank you for confirming that there is no QAT engine support in the current FreeBSD distributions.
Yes my previous company moved away from it as there were no support for the hardware in 13 onwards.

> QAT is interesting because it not longer requires dedicated hardware.  QAT has been included for many years in a subset of Intel Atom processors such as the C3338R which are often used in network routers or low end storage appliances. QAT is also included in all of the Xeon D series as well as the current series of i5, i7, and i9 desktop processors.
> 
> I have QAT available in the latest and last generation Intel NUC and in a Netgate pfsense router.
> 
> I have a FreeBSD 14 beta VMware VM I can use for testing.  Given my existing obligations I would be a poor choice to maintain a port.  However, I am happy to test and/or give remote access to a VM to use for dev/testing.
I think you should consider ktls and try to look for some Chelsio T6 or NVIDIA/Mellanox Conectx6/Bluefield NICs which has this sort of offloading capabilities and they are way off better than the CPU one. And FreeBSD also has support for these from 13.1 onwards.

Kind regards,
Moin

> Thanks.
> 
> Jeffrey
> 
>> On Oct 8, 2023, at 4:44 PM, Moin Rahman <bofh@freebsd.org> wrote:
>> 
>> 
>> 
>>> On Oct 8, 2023, at 10:24 PM, Bernard Spil <brnrd@freebsd.org> wrote:
>>> 
>>>> On 2023-10-08 12:43, Jeffrey E Altman wrote:
>>>> Hello Bernard,
>>>> Thank you for your support of OpenSSL on FreeBSD.  I hope that you do
>>>> not mind me writing to you directly.
>>>> I see that you support various builds of OpenSSL including one with
>>>> support for QUIC.
>>>> I am searching for a version that supports the Intel QuickAssist
>>>> Technology (QAT) engine.
>>>> https://github.com/intel/QAT_Engine/
>>>> FreeBSD 14 includes the QAT driver but I cannot find
>>>> /usr/lib/engines-3/qatengine.so
>>>> I am curious as to whether or not you have attempted to build the QAT
>>>> Engine for FreeBSD 14.
>>>> Thank you.
>>>> Jeffrey Altman
>>> 
>>> Hi Jeffrey,
>>> 
>>> I didn't know about the existence of this engine. Should be a separate port that just adds the engine shlib. Not necessarily by myself. You can always submit a port via bugzilla, notify freebsd-ports@FreeBSD.org for reviewers.
>>> 
>>> I have no hardware around that I know of where I can test this proper.
>>> 
>>> Cheers, Bernard.
>>> 
>> 
>> Hi Jeffrey,
>> 
>> I might have an older version which used to work but I have to find it.
>> 
>> If you are able to check it then I will try to look for it. I no longer work for the company which used to use this and no longer have the hardware access.
>> 
>> Kind regards,
>> Moin
>