WHATSNEW: Add Using x86_64 Accelerated AES Crypto Instructions section.

Describes --accel-aes configure time option.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13008

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c754f48575a5034242594762d62261a48025cebc)

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8ba321fa06a25856348a88ec33be638f22f65386..9ee804cca97f743aa5efdf112876ce85d3e932e9 100644 (file)
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -309,6 +309,25 @@ CTDB changes
   uses. The data in replicated databases is valid for the lifetime of
   CTDB and cleared on first attach.
 
+Using x86_64 Accelerated AES Crypto Instructions
+------------------------------------------------
+
+Samba on x86_64 can now be configured to use the Intel accelerated AES
+instruction set, which has the potential to make SMB3 signing and
+encryption much faster on client and server. To enable this, configure
+Samba using the new option --accel-aes=intelaesni.
+
+This is a temporary solution that is being included to allow users
+to enjoy the benefits of Intel accelerated AES on the x86_64 platform,
+but the longer-term solution will be to move Samba to a fully supported
+external crypto library.
+
+The third_party/aesni-intel code will be removed from Samba as soon as
+external crypto library performance reaches parity.
+
+The default is to build without setting --accel-aes, which uses the
+existing Samba software AES implementation.
+
 Parameter changes
 -----------------
 
@@ -324,7 +343,6 @@ the previous behaviour.  Two new values have been provided,
 and 'disabled', totally disabling NTLM authentication and password
 changes.
 
-
 smb.conf changes
 ================