23.07-0.5.1.2

RDMA Features

23.07-0.5.0.0

ASAP2 Features

Header Rewrite and CT Support [BlueField-2] Added support for offloading CT rules with header rewrite of L3.

CT UDP Unidirectional Traffic Offload [All HCAs] Added support for offloading long-running unidirectional UDP connection with Conntrack.

CT Rules with NAT and Mirror Offload [BlueField-2] Added support for offloading CT rules with NAT and mirror.

Core Features

Embedded CPU Virtual Functions [Bluefield-2] Added the ability to create virtual functions within the ARM.

Full Chip Reset on BlueField-2 [BlueField-2] Full chip reset in DPU mode is now supported on BlueField-2 when using mlxfwreset with the "--sync 1" option. During this flow, the ARM is rebooted and the firmware is reloaded.

Firmware Page Limit via VHCA_ICM_CTRL [ConnectX-5 and above] Added the ability to expose page limit via the VHCA_ICM_CTRL FW register. The expected behavior is similar to the previous page limit, except for the firmware size limitation. The new max limit is 2^32-1, which represents 'no limit'.

PRE_COPY State Support in the mlx5-vfio Driver [ConnectX-6 Dx and above] Added support for PRE_COPY migration. The optional PRE_COPY state opens the saving data transfer FD before reaching STOP_COPY, and thereby helps reducing the downtime of the VM.

Lightweight Local SFs [ConnectX-5 and above] Added a feature that decreases the amount of time needed to probe and configure SFs (s ub-functions) by reducing the time of Devlink reload of the SF.

QEMU Live Migration Support [ConnectX-6 Dx and above] Added support for QEMU VM migration with an assigned VF from one source host to another destination host. This is achieved as part of the general QEMU migration flow, which involves suspending the VF on the source host, transferring all its data to the destination host, and resuming the VF on the destination. Note: This migration feature includes basic functionality only, and does not yet support advanced features such as dirty page tracking or pre-copy.

4 Ports VF LAG Support [ConnectX-7] Added support for VF LAG over 4 ports HCAs. Note: Only LAGs with all HCA ports are supported. Meaning, with a 4-port HCA, only 4 port LAG is supported. A 2-port or a 3-port LAG is not supported.

Installation

FIPS Compliance [All HCAs] Starting from v23.07, OFED is FIPS (Federal Information Processing Standard) compliant for the RH8.8, RH9.2 and SLES15.5 operating systems. The following limitations should be considered: OFED Installation with FIPS support requires a manual firmware upgrade.

OFED Installation with add-kernel-support will result in the removal of the FIPS support.

NetDev Features

Enhanced CQE Compression [ConnectX-5 and above] Added support for the enhanced version of the RX CQE compression hardware feature. By compressing the RX CQEs, the PCI bandwidth utilization is improved and the load on it is reduced. The enhanced version of this device feature has improved latency and CPU utilization.

256 Bit Keys with kTLS Offload Support [BlueField-2] Added support for kTLS offload with a 256 bit key size.

Improving Affinity Hints according to Numa Distances [All HCAs] Updated the binary NUMA preference for the system to consider actual distances. Following the update, remote NUMA nodes with shorter distances are preferred over further ones, rather than relying solely on local/remote distinctions.

Flow Steering Decoupling [All HCAs] Added the ability to decouple flow steering into a separate module, making it loosely coupled and thus easier to read, maintain and debug.

RDMA Features

IPv6 Address Support [All HCAs] Reduced the storage IO latency that occurred when establishing a large number of RDMACM (RDMA Connection Manager) connections by setting the RDMACM RoCE static rate to 0.

Reducing Storage IO Latency for a Large Number of RDMACM Connections [All HCAs] Reduced the storage IO latency that occurred while establishing a large number of RDMACM (RDMA Connection Manager) connections by setting the RDMACM RoCE static rate to 0.

QKEY Mitigation in the Kernel [All HCAs] Non-privileged users are now blocked from setting controlled/privileged QKEYs (QKEY with MSB set). To allow non-privileged users to create a QKEY with an MSB set, a new module parameter was added to the ib_uverbs module: module parameter: enforce_qkey_check

Description: Force a QKEY MSB check for non-privileged users on UD QP creation

Default is 0 (disabled) In this release, this module parameter is introduced in disabled state in order to ensure backward compatibility and allow the required applications updates. In the upcoming release, this feature will be enabled by default, and later on deprecated.

Security

Fast Update Encryption Key Support [ConnectX-6 Dx and above] Enhanced the performance of DEK operations by introducing a DEK pool that serves the same key purpose and utilizes bulk allocation, destruction and invalidation provided by the firmware. Users can now retrieve a DEK object from the pool, and update it with a key using the modify_DEK command.

Software Steering

Matching over BTH Acknowledge Bit Support [Connect-6 DX, Connect-7 and BlueField-2] Added support for matching over BTH acknowledge bit using the mlx5dv_dr API.