1. Release Notes for Unbreakable Enterprise Kernel Release 4 Update 1
  2. New Features and Changes

1 New Features and Changes

The Unbreakable Enterprise Kernel Release 4 (UEK R4) is Oracle's fourth major release of its heavily tested and optimized operating system kernel for Oracle Linux 6 Update 7 or later, and Oracle Linux 7 Update 2 or later, on the x86-64 architecture. It is based on the mainline Linux kernel version 4.1.12. This release also updates drivers and includes bug and security fixes.

The 4.1.12-37.2.1 release is the first update release for UEK R4. It includes security and bug fixes, as well as driver updates.

Oracle actively monitors upstream checkins and applies critical bug and security fixes to UEK R4.

UEK R4 uses the same versioning model as the mainline Linux kernel version. It is possible that some applications might not understand the 4.1 versioning scheme. However, regular Linux applications are usually neither aware of nor affected by Linux kernel version numbers.

Notable Changes

  • bcache-tools package added

    The block layer cache feature, bcache, which was introduced with the release of UEK R4, requires the bcache-tools package to configure this facility. The package is built and included for both Oracle Linux 6 and Oracle Linux 7.

  • crash updated to 7.1.4

    The crash utility that is used to analyze crash dump data or live systems has been updated to version 7.1.4. The package is built and included for both Oracle Linux 6 and Oracle Linux 7.

  • libfuse updated to 2.9.4

    New features in libfuse have been backported from the mainline fuselib (3.0). UEK4 does not use fuse 3.0 because it breaks backward compatibility on the binary level as well as the source level. New features include security context options, new caching logic for network-based fuse file systems, support for asynchronous direct I/O and writeback cache, readdirplus, and more. The update applies to both Oracle Linux 6 and Oracle Linux 7.

  • xfsprogs updated to 3.2.3

    New features in XFS for CRC require version 3.2.3 of the xfsprogs package. The package is updated for both Oracle Linux 6 and Oracle Linux 7.

LXC Improvements

The LXC userspace package has been updated from 1.0.7 to 1.1.5 to support all of the UEK R4 features and ongoing container initiatives. The package is updated for both Oracle Linux 6 and Oracle Linux 7.

A fix is included to resolve an issue where TCP packet corruption could occur when running a veth interface inside a container.

This release also includes security and bug fixes.

Xen Improvements

A large number of bug fixes and security fixes have been backported for this release to include the features available in Xen 4.3.

A fix has been applied to the Xen pciback driver to allow it to take control of devices and to prevent native drivers from loading. This change makes it easier for developers to do PCI passthrough. The driver has also been compiled directly into the kernel and does not require a separate module.

btrfs Improvements

  • btrfs-progs updated to 4.2.2-3

    The new version of btrfs-progs checks the compatibility of features that are supported by the kernel when using the mkfs and btrfs-convert commands. These commands are able to warn users about unsupported features. This update also fixes several bugs that were present in previous releases.

  • Handling of inline extents improved

    Methods handling the truncation of files that have inline and compressed extents have been improved to reduce the amount of metadata space required and to provide a security fix. Also, methods handling the cloning of inline extents have been fixed to prevent file corruption and potential data loss. A patch was also applied to fix cloning operations for compressed extents by checking the source clone offset and length to ensure that it falls within the source file's boundaries. (Bug IDs 22307083, 22598448, 22466327, 22589051)

  • Send operation in cloning code fixed

    A fix for a bug where snapshots would fail to send or receive across different file systems was implemented. The fix was applied to the send operation in the cloning code to handle the case where a snapshot is taken of a received subvolume and that is then used as the parent to try to receive on a different file system, due to differing UUIDs. (Bug ID 22580612)

  • COW Page Size Extents Improved

    A fix was applied to help to reduce unnecessary COW page size extent by only zeroing out the end of the page if the range requested for file allocation exceeds the size of the inode. (Bug ID 22573877)

  • File corruption triggered by faulty cloning operations fixed

    A fix was applied to ensure that clone operations on files that share extents with other files do not cover regions in the source file that may point to different extents. (Bug ID 22579887)

DTrace Improvements

  • Accurately pair signal probes for non-ignored unhandled signals

    DTrace was improved to more accurately pair signal probes for non-ignored unhandled signals, by using the signal number, obtained from the original signal in the target task, in the signal-handled probe. Previously, the signal was translated into a SIGKILL because the signal effectively causes the process to be terminated. This change improves the accuracy of exit reporting.

  • Sleep code performance improvements and fixes

    Code that DTrace used to sleep between operations has been updated to improve performance during these loops and to avoid endless looping.

  • Dynamically allocated text in Oracle VM VirtualBox drivers workaround

    VirtualBox dynamically allocates space for executable text within the kernel. When these text addresses were encountered by stack trace back code, they were dropped or the stack trace was terminated. A patch was applied to DTrace to apply a workaround which allows DTrace to assume that executable pages in vmalloc or module areas as valid text addresses.

  • Missing psinfo for tasks run with PID 0 fixed

    A bug which caused some memory access errors when attempting to access the psinfo for a task running with PID 0 is resolved. (Bug ID 22561297)

  • Multiple probe firings of a Statically Defined Tracing (SDT) probe in a function now supported

    A patch was applied to allow DTrace to handle situations where a single SDT probe occurs more than once in a function, usually as a result of the compiler duplicating code fragments that contain an SDT probe. In these situations multiple probe firings were not previously reported, however the patch resolves this issue.

Driver Updates

The Unbreakable Enterprise Kernel supports a wide range of hardware and devices. In close cooperation with hardware and storage vendors, several device drivers have been updated by Oracle.

Manufacturer Driver Version Description

Broadcom

be2iscsi

10.6.0.2

Broadcom/Avago OneConnect Open-iSCSI Driver

Broadcom

be2net

11.0.0.0

Broadcom/Emulex OneConnect NIC Driver

Broadcom

lpfc

11.0.0.13

Broadcom/Emulex LightPulse Fibre Channel SCSI driver

Broadcom

megaraid_sas

Upstream patches

Broadcom/Avago SAS based MegaRAID driver

PMC-Sierra

hpsa

3.4.10-0

PMC-Sierra Driver for HP Smart Array Controller

Intel Corporation

i40e

1.4.25-k

Intel(R) Ethernet Connection XL710 Network Driver

Intel Corporation

i40evf

1.4.15-k

Intel(R) XL710 X710 Virtual Function Network Driver

Microsoft Corporation

hv_vmbus hv_netvsc hv_storvsc hv_utils hv_baloon hyperv_fb

Upstream patches

Microsoft Hyper-V Drivers

QLogic

qla2xxx

8.07.00.33.40.0-k

QLogic Fibre Channel HBA Driver

VMware, Inc.

vmw_vsock_vmci_transport

1.0.2.0-k

VMCI transport for Virtual Sockets

VMware, Inc.

vmxnet3

1.4.2.0-k

VMware vmxnet3 virtual NIC driver

Additional Notes For Driver Updates

The following notes are included at the request of a vendor for the listed driver:

  • lpfc: Locked optics support is enabled for LPE32000 HBAs and all variant HBAs of this architecture. With this capability, these HBAs will detect and enable both Avago or Emulex certified SFP and QSFP optics.

    For driver rev 11.0.0.13 and higher unqualified optics will be disabled, the link will not come up, an error message is written to the log file and the lpfc driver will display this message: 

    3176 Port Name [wwpn] Unqualified optics - Replace with Avago optics for Warranty and Technical support

Technology Preview

The following features included in the Unbreakable Enterprise Kernel Release 4 are still under development, but are made available for testing and evaluation purposes.

  • Ceph File System and Object Gateway Federation

    Ceph presents a uniform view of object and block storage from a cluster of multiple physical and logical commodity-hardware storage devices. Ceph can provide fault tolerance and enhance I/O performance by replicating and striping data across the storage devices in a Storage Cluster. Ceph's monitoring and self-repair features minimize administration overhead. You can configure a Storage Cluster on non-identical hardware from different manufacturers.

    The Ceph File System (CephFS) and Object Gateway Federation features of Ceph are in technology preview.

  • DCTCP (Data Center TCP)

    DCTCP enhances congestion control by making use of the Explicit Congestion Notification (ECN) feature of state-of-the-art network switches. DCTCP reduces buffer occupancy and improves throughput by allowing a system to react more intelligently to congestion than is possible using TCP.

  • DRBD (Distributed Replicated Block Device)

    A shared-nothing, synchronously replicated block device (RAID1 over network), designed to serve as a building block for high availability (HA) clusters. It requires a cluster manager (for example, pacemaker) for automatic failover.

  • Kernel module signing facility

    Applies cryptographic signature checking to modules on module load, checking the signature against a ring of public keys compiled into the kernel. GPG is used to do the cryptographic work and determines the format of the signature and key data.

  • NFS over RDMA interoperation with ZFS and Oracle Solaris

    NFS over RDMA does not yet fully interoperate with ZFS and Oracle Solaris. NFS over RDMA for NFS versions 3 and 4 is supported for Oracle Linux systems using the Oracle InfiniBand stack and is more efficient than using NFS with TCP over IPoIB. Currently, only the Mellanox ConnectX-2 and ConnectX-3 Host Channel Adapters (HCAs) pass the full Connectathon NFS test suite and are supported.

  • NFS server-side copy offload

    NFS server-side copy offload is an NFS v4.2 feature that reduces the overhead on network and client resources by offloading copy operations to one or more NFS servers rather than involving the client in copying file data over the network.

  • Server-side parallel NFS

    Server-side parallel NFS (pNFS) improves the scalability and performance of an NFS server by making file metadata and data available on separate paths.

Compatibility

Oracle Linux maintains user-space compatibility with Red Hat Enterprise Linux, which is independent of the kernel version running underneath the operating system. Existing applications in user space will continue to run unmodified on the Unbreakable Enterprise Kernel Release 4 and no re-certifications are needed for RHEL certified applications.

To minimize impact on interoperability during releases, the Oracle Linux team works closely with third-party vendors whose hardware and software have dependencies on kernel modules. The kernel ABI for UEK R4 will remain unchanged in all subsequent updates to the initial release. In this release, there are changes to the kernel ABI relative to UEK R3 that require recompilation of third-party kernel modules on the system. Before installing UEK R4, verify its support status with your application vendor.

Header Packages for Development

As of UEK-3.8-QU2, the kernel-uek-headers package is no longer built and distributed. There are three kernel packages that may be useful for development purposes. The kernel-headers package forms part of the API for user space programs. The kernel-devel package is used for standard RHCK development and module compilation. The kernel-uek-devel package is used for UEK development and module compilation. Neither the kernel-uek-headers, nor the kernel-headers packages, are needed for kernel development.

The kernel-headers packages provide the C header files that specify the interface between user-space binaries or libraries and UEK or RHCK. These header files define the structures and constants that you need to build most standard programs or to rebuild the glibc package.

The kernel-devel and kernel-uek-devel packages provide the kernel headers and makefiles that you need to build modules against UEK and RHCK.

To install the packages required to build modules against UEK and the C header files for both UEK and RHCK: 

# yum install kernel-uek-devel-`uname -r` kernel-headers