Changes and New Features
Security Hardening Enhancements: This release contains important reliability improvements and security hardening enhancements. NVIDIA recommends upgrading your devices firmware to this release to improve the devices’ firmware security and reliability.
SR-IOV - Virtual Functions (VF) per Port - The maximum Virtual Functions (VF) per port is 127. For further information, see RoCE Limitations.
It is recommended to enable the “above 4G decoding” BIOS setting for features that require large amount of PCIe resources.
Such features are: SR-IOV with numerous VFs, PCIe Emulated Switch, and Large BAR Requests.
Single PF per NUMA
Added support for BMC with a single PF per NUMA in Socket-Direct adapter cards.
Note: SIngle PF per NUMA should not be enabled on Multi-host.
OpenSNAPI Communication Channel
The communication channel is used to enable communication between processes on different vHCAs regardless of their network connectivity state.
Exposed an additional steering register in the hardware (reg_c_6).
Added a new NvConfig parameter LOG_MAX_QUEUE to set the maximum number of work queue resources (QP, RQ, SQ...) that can be created per function.
The default value is 2^17.
Congestion Control Key
Added a Congestion Control Key to all Congestion Control MADs to authenticate that they are originated from a trusted source.
Added an SMP firewall to block the option of sending SMPs (MADS sent on QP0 from the Subnet Manager) from unauthorized hosts to prevent fake SMPs from being recognized as the SM.
Vendor Specific MADs: Class 0x9
Vendor Specific MADs Class 0x9 is no longer supported by the firmware. If case the firmware detects such MAD, the firmware will return a "NOT SUPPORTED" error to the user.
Match Definer Object
Added support for a new steering match definer format (format 33).
The teardown of hotplugged emulated device (a.k.a unplug flow) is in the reverse order of the plug flow. However, certain legacy host software stack does not support surprise removal of the PCIe PF devices.
To support such host software stack, emulation manager software will perform a graceful teardown.
AES-XTS Encryption / Decryption
Enabled disk encryption services using the aes_xts protocol to allow inline data encryption and decryption towards a remote or a local disk/NVDIM.
Blocked the VF's ability to use both padding and signature in order to prevent the NIC from hanging.
Asserts' Severity Level
Added 3 new assert filters (Health buffer, NVlog, FW trace). The assert will be exposed now if its severity level is equal to or above the new filter.
The filters are configurable by the ini file. The "Health buffer" filter is also configurable by new access register.
Added support for clock frequency synchronization based on Synchronous Ethernet protocol.
Note: This capability is not supported with link speeds of 50G and higher, and cannot run in parallel with diagnostic counters.
Socket-Direct Adapter Cards
Added support for:
Rate Limit per VM instead of VM-TC
Enabled Rate Limit per VM instead of VM-TC. This capability is implemented by adding support to a new Scheduling element type: rate limit elements that will connect to the rate_limit and will share its rate limit.
Cross GVMI Memory Key
Cross GVMI memory key is used to allow cross GVMI memory access using indirect memory registration which crosses vHCA context.
Steering LAG Mode (Hash LAG)
[Beta] The new LAG mode (PORT_SELECT_FT LAG (hash LAG)) distributes the packets to ports according to the hash on the packet headers, instead of distributing the packets according to the QP (queue affinity – legacy LAG) to avoid cases where the slow/fast path packets are transmitted from different ports.
Identifying the right port is done by using destination type UPLINK with destination_eswitch_owner_vhca_id_valid set and destination_eswitch_owner_vhca_id indicating the PF associated with the port.
The below are the Queue Affinity and Steering LAG (hash) limitations:
Note: Due to changes in this feature, transmission timestamp in CQE is temporarily unsupported with multi eSwitch.
QSHR Access Register
Added support for QSHR access register to enable Set and Query rate limit per-host per-port.
New Software Steering ICM Resource for VXLAN Encapsulation
The firmware now exposes a new Software Steering ICM resource for VXLAN encap expand in order for the SW Steering to manage this resource directly.
Asymmetrical VFs per PF
Added support for asymmetrical VFs per PF.
To enable it:
mlxlink Support to read/write Access Registers by LID
Added 2 new MAD access registers to enable mlxlink to read/write access registers by LID (to the whole subnet).
Virtio-net Full Emulation
Enabled the option to dynamically modify the MSIX and the number of virtio VF device queues.
Note: This modification must be done before loading the driver on the device.
This new capability includes the following limitations:
See Bug Fixes in this Firmware Version section.