Manualshelf

User`s guide

ManualsBrandsQlogic ManualsAdapter3100 Series
11121314151617181920
Security
9
The perf trace command can be used to record a workload according to a specified script, and
to display a detailed trace of a workload that was previously recorded. This command provides an
alternative interface to strace. (3.7)
1.1.12 Security
The secure computing mode feature (seccomp) is a simple sandbox mechanism that, in strict mode,
allows a thread to transition to a state where it cannot make any system calls except from a very
restricted set (_exit(), read(), sigreturn(), and write()) and it can only use file descriptors that
were already open. In filter mode, a thread can specify an arbitrary filter of permitted systems calls that
would be forbidden in strict mode. Access to this feature is by using the prctl() system call. For more
information, see the prctl(2) manual page. (3.5)
Supervisor mode access prevention (SMAP) is a new security feature that will be supported by future
Intel processors. SMAP forbids kernel access to user-space memory pages, which should help eliminate
some forms of exploit. If the SMAP bit has been set in CR4, an attempt is made to access user-space
memory from privileged mode causes a page-fault exception. For more information, refer to the Intel®
Architecture Instruction Set Extensions Programming Reference. (3.7)
1.1.13 Storage
The LSI MPT3SAS driver has been added to support LSI MPT Fusion based SAS3 (SAS 12.0 Gb/s)
controllers.
The OpenFabrics Enterprise Distribution (OFED) 2.0 stack has been integrated, which supports the
following InfiniBand (IB) hardware on systems with an x86-64 architecture:
Mellanox ConnectX-2 InfiniBand Host Channel Adapters
Mellanox ConnectX-3 InfiniBand Host Channel Adapters are supported for Oracle X4-2, X4-2L, and
Netra X3-2 servers
Sun InfiniBand QDR Host Channel Adapter PCIe #375-3696
OFED 2.0 supports the following protocols:
SCSI RDMA Protocol (SRP) enables access to remote SCSI devices via remote direct memory
access (RDMA)
iSCSI Extensions for remote direct memory access (iSER) provide access to iSCSI storage devices
Reliable Datagram Sockets (RDS) is a high-performance, low-latency, reliable connectionless protocol
for datagram delivery
Sockets Direct Protocol (SDP) supports stream sockets for RDMA network fabrics
Ethernet over InfiniBand (EoIB)
Internet Protocol over InfiniBand (IPoIB)
Ethernet tunneling over IPoIB (eIPoIB)
and the following RDS features:
Async Send (AS)
Quality of Service (QoS)