Kernel Changes

• Fixed SKB memory leaks.

• Made SKB memory optimizations.

• Added patches for newer ixgbe and e1000e drivers.

• Fixed a bug in the igb driver.

• Added the ENA driver.

• Packet-per-Second (pps) optimization when GRO is disabled.

• Modified the kernel configuration file for performance issues.

• Added support for zeco (zero-copy) packets for Check Point USFW (Firewall in usermode).

• Enabled cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. in Bridge mode Security Gateway or Virtual System that works as a Layer 2 bridge device for easy deployment in an existing topology. to work in the High Availability mode.

• Fixed a vulnerability in SCTP protocol (CVE).

• Fixed kernel vulnerabilities in the TCP SACK PANIC (CVE).

• Changed the kernel image size.

• Added support for Docker.

• Removed the open-coded 'skb_cow_head()' function.

• Added the Bypass driver for Bypass card support.

• Applied errata for the ixgbe driver.

• Added support to new line of Check Point appliances.

• Moved the errata 'TSC_DEADLINE' information from console to dmesg.

• Modified the 'set_irq_affinty()' function in the i40e driver for better support of Check PointMulti-Queue.

• Removed the KABYLAKE CPU warning (because it is supported).

• Changed the accounting CONFIG_IRQ_TIME_ACCOUNTING.

• Disabled a complication of the floppy disk driver.

• Upgraded the i40e driver to v2.10.19.82.

• Made a DDP modification for i40e dirver.

• Fixed kernel vulnerabilities (CVE) in the 'usb_sg_cancel()' function.

• Fixed a bug in the i40e driver for RSS and ring size based on the latest driver code.

• Fixed a bug in the bonding driver to resolve LACP instability.

• Added support for traffic drop counters for bond subordinate interfaces.

• Fixed CVE-2020-25705 (bypassing of source port UDP randomization).