Changes and New Feature History
This section includes history of changes and new feature of 3 major releases back. For older releases history, please refer to the relevant firmware versions.
Feature/Change |
Description |
22.40.1000 |
|
Socket Direct Single netdev Mapped to Two PCIe Devices |
Enabled Single Netdev mapping to two PCIe devices (Socket Direct). Now multiple devices (PFs) of the same port can be combined under a single netdev instance. Traffic is passed through different devices belonging to different NUMA sockets, thus saving cross-NUMA traffic and allowing apps running on the same netdev from different NUMAs to still feel a sense of proximity to the device and achieve improved performance. The netdev is destroyed once any of the PFs is removed. A proper configuration would utilize the correct close NUMA when working on a certain app/CPU. Currently, this capability is limited to PFs only, and up to two devices (sockets). To enable the feature, one must configure the same Socket Direct group (non zero) for both PFs through mlxconfig SD_GROUP.
|
ACL |
Added support for egress ACL to the uplink by adding a new bit to the Set Flow Table Entry: allow_fdb_uplink_hairpin. |
Bug Fixes |
See Bug Fixes in this Firmware Version section. |
Feature/Change |
Description |
22.39.2048 |
|
Bug Fixes |
See Bug Fixes in this Firmware Version section. |
Feature/Change |
Description |
22.39.1002 |
|
Expansion ROM |
Added a caching mechanism to improved expansion ROM performance and to avoid any slow boot occurrences when loading the expansion ROM driver. |
Live Migration Support for Image Size above 4GB |
Added support for image size above 4GB when performing a live migration by splitting the image to chunks. |
Crypto Algorithms |
Extended the role-based authentication to cover all crypto algorithms. Now the TLS. IPsec. MACsec. GCM, mem2mem, and NISP work when nv_crypto_conf.crypto_policy = CRYPTO_POLICY_FIPS_LEVEL_2, meaning all cryptographic engines can also work in wrapped mode and not only in plaintext mode. |
Programmable Congestion Control |
Programmable Congestion Control is now the default CC mechanism. ZTR_RTTCC is the default CC algorithm when ECE is enabled and the CC algorithm negotiation succeeds, otherwise PCC DCQCN will be used. |
Reserved mkey |
Added new support for reserved mkey index range. When enabled, a range of mkey indexes is reserved for mkey by name use. |
Bug Fixes |
See Bug Fixes in this Firmware Version section. |
Feature/Change |
Description |
22.38.1900 |
|
QKEY Mitigation in the Kernel |
QKEY creation with the MSB set is available now for non-privileged users as well. To allow non-privileged users to create QKEY with MSB set, the below new module parameter was added to ib_uverbs module:
Note: In this release, this module parameter is disabled by default to ensure backward compatibility and give customers the opportunity to update their applications accordingly. In the upcoming release, it will be enabled by default, and later on deprecated. |
Feature/Change |
Description |
22.38.1002 |
|
INT Packets |
Added support for forwarding INT packets to the user application for monitoring purposes by matching the BTH acknowledge request bit (bth_a). |
IPsec CPS Bulk Allocation |
Improved the IPsec CPS by using bulk allocation. For cases in which log_obj_range == 0, single IPSEC object will be allocated and initialized as before keeping backward compatibility. For better performance, it is recommended to work with IPsec bulk allocation and to initialize IPsec ASO context not via the firmware but via the hardware using ASO WQE. |
QKEY Mitigation in the Kernel |
Non-privileged users are now blocked by default from setting controlled/privileged QKEYs (QKEY with MSB set). |
Bug Fixes |
See Bug Fixes in this Firmware Version section. |