image image image image image

On This Page

This section includes history of changes and new feature of 3 major releases back. For older releases history, please refer to the relevant firmware versions.



Header ModificationAdded support to the metadata reg_c 8-11 (packet fields) for matching and modifying the header, and Advanced Steering Operation (ASO) actions.
INT PacketsAdded support for forwarding INT packets to the user application for monitoring purposes by matching the BTH acknowledge request bit (bth_a).
Get Electrical Sensor, NC-SI

Implemented NVIDIA NC-SI OEM Commands:

  • Get Electrical Sensor Count (command 0x13, parameter 0x6)
  • Gel Electrical Sensor (command 0x13, parameter 0x7)
  • Get Electrical Sensors (command 0x13, parameter 0x8)
IPsec CPS Bulk Allocation

Improved the IPsec CPS by using bulk allocation.

For cases in which log_obj_range == 0, single IPSEC object will be allocated and initialized as before keeping backward compatibility.

For better performance, it is recommended to work with IPsec bulk allocation and to initialize IPsec ASO context not via the firmware but via the hardware using ASO WQE.

DPA PROCESS ERRORAdded support for a new value for coredump_type field in DPA_PROCESS_COREDUMP, [FIRST_ERROR_THREAD_DUMP (1).].
Device Attestation

Attestation is a mechanism in which a host/platform automatically verifies the authenticity and integrity of the hardware and software state of a device. The mechanism is based on a HW RoT and utilizes SPDM messages that handle the attestation, measurement collection, and trust between device and platform BMC or platform RoT (usually host BMC). This provides the added value of increased security and assurance that the host/platform of device is not being tampered with and has the proper software running on it. 

A CoRIM is comprised of one or more CoMIDs, with each CoMID providing the reference claims about hardware and firmware for a device. The CoRIM and CoMIDs are encoded in CBOR format. Signed CoRIMs use COSE signatures.

For further information, see "NVIDIA Device Attestation and CoRIM-based Reference Measurement Sharing". 

QKEY Mitigation in the KernelNon-privileged users are now blocked by default from setting controlled/privileged QKEYs (QKEY with MSB set).
Bug FixesSee Bug Fixes in this Firmware Version section. 



Mergeable Buffer

Added mergeable buffer support (VIRTIO_NET_F_MRG_RXBUF in virtio spec) for VDPA kernel mode to improve performance in case of large MTU such as 9K. The feature is disabled by default and must be manually enabled while creating or modifying the virtio device.

Note: For best performance, it is NOT recommended to enable the feature if the VDPA MTU is set to the default value (1500).

Monitoring Cloud Guest RoCE Statistics on Cloud ProviderThis new capability enables the VM to track and limit its Vport's activity. This is done using the new q_counters counter which enables aggregation of other Vport's from PF GVMI.
Linux Bridge Offload

Added a flow rule that enables offloading of multicast traffic by broadcasting it to multi-Flow-Table in FDB.

Selective RepeatSelective repeat improves network utilization in case of a lossy fabric. This features is enabled by default.
Dynamic VF MSIX Allocation

Added support for dynamic MSIX modification on a VF NVME device emulation.

If a PF NVME device emulation is created with dynamic_vf_msix_control = 1, then the dynamic_vf_msix_reset can set the PF device emulation's VF MSIX number to 0. The num_msix is used in the modified VF device emulation to modify the MSIX number of the VF device emulation.

InfiniBand Congestion Control (IB CC)Enabled IB CC per Service Level (SL) for RC/UC on the HCA side.
Now different SLs can be configured to be CC on/off according to the bitmask decided by the software.
ATS/ATCOptimizes the ATC configuration dynamically based on the returned pages of the ATS translation requests that have been made.
PCC AlgorithmsEnables a smooth and statically switch between PCC algorithms. In addition, the user can now switch between PCC algorithms while running traffic.
Hardware Steering: Bulk AllocationAdded support for 32 actions in the header modify pattern using bulk allocation.
InfiniBand Congestion Control - RTT Response Service Level

The software can explicitly set the SL of an RTT response packet, instead of it being taken from the RTT request packet's SL.

The RTT response packet SL may be set/queried via the CONGESTION_CONTROL_HCA_NP_PARAMETER MAD.

Bug FixesSee Bug Fixes in this Firmware Version section. 



Bug FixesSee Bug Fixes in this Firmware Version section. 



Link Protocol

IB/Ethernet (IB NDR / 200GbE) supported ConnectX-7 adapter cards now raise at their default link protocol. For the list of these cards, please refer to the "Supported Devices" section of this Release Notes, see the cards that have (default mode) in their description. 

For a non-default protocol, please refer to the Hardware User Manual.

NVconfigEnabled provisioning of the OEM public key that is used for OEM NVconfig file signature verification.
Bug FixesSee Bug Fixes in this Firmware Version section. 



PCC AlgorithmEnables the users to collect more information from NP to RP for PCC algorithm. To achieve this, the NP ingress bytes information was added to the RTT response packet sent from the NP side.
HPCC: Support per-IP and per-QP methods

Enables the user to configure the PCC algorithm shaper coalescing mode using nvconfig to select CC algorithm shaper coalescing for IB and ROCE. 

SPDM AttestationEnabled GET_MEASUREMENTS to be called before CHALLENGE is called in SPDM Attestation flow according to the SPDM protocol.
Bug FixesSee Bug Fixes in this Firmware Version section. 



UDPAdded support for copy modify header steering action to/from the UDP field.
Range based Lookup

Added support for range based lookup. This new capability is available using the following new PRM command:

GENERATE WQE which receives GTA WQE, the command supports "match on range" and num_hash_definer=[1,2] and num_match_ste=[1,2].

For further information, refer to section "RTC Object Format" in the PRM.

RoCE based VM MigrationAdded support for RoCE based VM migration.
Resource Dump

Added the following resource dump segments:

  • SEG_HW_STE_FULL that includes dump to STE and all its dependencies
  • SEG_FW_STE_FULL that include dump to FW_STE and to HW_STE_FULL in range
Striding WQE - Headroom and Tail-roomAs the software requires additional space before and after a packet is scattered for its processing for stridden RQ, the hardware will allocate the required room while scattering packets to spare a copy. 
Connections per Second (CPS)Improved security offload's Connections per Second (CPS) rate using the general object DEK (PSP TLS etc).
VF Migration FlowAdded support for pre-copy commands in VF migration flow in order to reduce the migration downtime.
VF Migration FlowOptimized performance to support full VF migration flow.
VirtIO vDPA Performance VirtualizationIncreased the VirtIO hardware offload message rate to 20/20 MPPS for 256 virtual devices by optimizing the datapath application code.
PTP: Accuracy SchedulingAdded support for all PTP/accuracy scheduling.
RoCE: Adaptive TimerEnabled ADP timer to allow the user to configure RC or DC qp_timeout values lower than 16.
QoS Priority Trust Default State

QoS priority trust default state can now be changed using the new nvconfig below:


The values that can be used to set the default state are:

Bug FixesSee Bug Fixes section.


Bug FixesSee Bug Fixes section. 


MACsec Full OffloadEnabled MACsec full offload for NIC tables (aware mode). UnTil now full offload was available only for FDB tables.
LLDP Properties Implementation on RDEAdded LLDPEnable, LLDPTransmit and LLDPReceive properties to the RDE Port schema implementation.
Programmable CC, PPCC, MAD, IBCCAdded support for PPCC register with bulk operations, MAD for algorithm configuration and tunable parameters.
Programmable Congestion Control (PCC)Optimized both of the DPA's infrastructure and algorithm to be Programmable CC based.
Programmable CountersAdded support for programmable counters for PCC via PPCC register and MAD.
Bug FixesSee Bug Fixes section. 


Firmware Based Attestation Flow

Attestation is a cryptographic reporting of the security configuration of a device, used by a platform to establish trust in the device. The device’s security configuration includes (but is not limited to) its identity, the code it is running and the states of security related mechanisms and assets.

This new capability enables BMC to attest the device over SPDM protocol. The feature works for secure NICs with production certificates installed. SPDM protocol is defined in DMTF DSP0274 v1.1.0.

Currently the following SPDM commands are supported:


Since CHALLENGE and GET_MEASUREMENTS are not functional yet, when they are called, the NIC will respond with RESPONSE_NOT_READY.


Added support for 100G & 200G optical cables (InfiniBand & Ethernet). 

Please note this support comes with a limitation when connecting ConnectX-7 to a ConnectX-6 Dx or an NVIDIA Spectrum-3 as described in Known Issues 3070409. 

Bug FixesSee Bug Fixes section.