1 New Features and Changes
The Unbreakable Enterprise Kernel Release 4 (UEK R4) is Oracle's fourth major release of its heavily tested and optimized operating system kernel for Oracle Linux 6 Update 7 or later, and Oracle Linux 7 Update 2 or later, on the x86-64 architecture. It is based on the mainline Linux kernel version 4.1.12. This release also updates drivers and includes bug and security fixes.
The 4.1.12-37.2.1 release is the first update release for UEK R4. It includes security and bug fixes, as well as driver updates.
Oracle actively monitors upstream checkins and applies critical bug and security fixes to UEK R4.
UEK R4 uses the same versioning model as the mainline Linux kernel version. It is possible that some applications might not understand the 4.1 versioning scheme. However, regular Linux applications are usually neither aware of nor affected by Linux kernel version numbers.
Notable Changes
-
bcache-tools
package addedThe block layer cache feature,
bcache
, which was introduced with the release of UEK R4, requires thebcache-tools
package to configure this facility. The package is built and included for both Oracle Linux 6 and Oracle Linux 7. -
crash
updated to 7.1.4The
crash
utility that is used to analyze crash dump data or live systems has been updated to version 7.1.4. The package is built and included for both Oracle Linux 6 and Oracle Linux 7. -
libfuse
updated to 2.9.4New features in
libfuse
have been backported from the mainlinefuselib
(3.0). UEK4 does not use fuse 3.0 because it breaks backward compatibility on the binary level as well as the source level. New features include security context options, new caching logic for network-based fuse file systems, support for asynchronous direct I/O and writeback cache, readdirplus, and more. The update applies to both Oracle Linux 6 and Oracle Linux 7. -
xfsprogs
updated to 3.2.3New features in XFS for CRC require version 3.2.3 of the
xfsprogs
package. The package is updated for both Oracle Linux 6 and Oracle Linux 7.
LXC Improvements
The LXC userspace package has been updated from 1.0.7 to 1.1.5 to support all of the UEK R4 features and ongoing container initiatives. The package is updated for both Oracle Linux 6 and Oracle Linux 7.
A fix is included to resolve an issue where TCP packet corruption could occur when running a veth interface inside a container.
This release also includes security and bug fixes.
Xen Improvements
A large number of bug fixes and security fixes have been backported for this release to include the features available in Xen 4.3.
A fix has been applied to the Xen pciback
driver to allow it to take control of devices and to prevent
native drivers from loading. This change makes it easier for
developers to do PCI passthrough. The driver has also been
compiled directly into the kernel and does not require a
separate module.
btrfs Improvements
-
btrfs-progs
updated to 4.2.2-3The new version of
btrfs-progs
checks the compatibility of features that are supported by the kernel when using the mkfs and btrfs-convert commands. These commands are able to warn users about unsupported features. This update also fixes several bugs that were present in previous releases. -
Handling of inline extents improved
Methods handling the truncation of files that have inline and compressed extents have been improved to reduce the amount of metadata space required and to provide a security fix. Also, methods handling the cloning of inline extents have been fixed to prevent file corruption and potential data loss. A patch was also applied to fix cloning operations for compressed extents by checking the source clone offset and length to ensure that it falls within the source file's boundaries. (Bug IDs 22307083, 22598448, 22466327, 22589051)
-
Send operation in cloning code fixed
A fix for a bug where snapshots would fail to send or receive across different file systems was implemented. The fix was applied to the send operation in the cloning code to handle the case where a snapshot is taken of a received subvolume and that is then used as the parent to try to receive on a different file system, due to differing UUIDs. (Bug ID 22580612)
-
COW Page Size Extents Improved
A fix was applied to help to reduce unnecessary COW page size extent by only zeroing out the end of the page if the range requested for file allocation exceeds the size of the inode. (Bug ID 22573877)
-
File corruption triggered by faulty cloning operations fixed
A fix was applied to ensure that clone operations on files that share extents with other files do not cover regions in the source file that may point to different extents. (Bug ID 22579887)
DTrace Improvements
-
Accurately pair signal probes for non-ignored unhandled signals
DTrace was improved to more accurately pair signal probes for non-ignored unhandled signals, by using the signal number, obtained from the original signal in the target task, in the signal-handled probe. Previously, the signal was translated into a
SIGKILL
because the signal effectively causes the process to be terminated. This change improves the accuracy of exit reporting. -
Sleep code performance improvements and fixes
Code that DTrace used to sleep between operations has been updated to improve performance during these loops and to avoid endless looping.
-
Dynamically allocated text in Oracle VM VirtualBox drivers workaround
VirtualBox dynamically allocates space for executable text within the kernel. When these text addresses were encountered by stack trace back code, they were dropped or the stack trace was terminated. A patch was applied to DTrace to apply a workaround which allows DTrace to assume that executable pages in vmalloc or module areas as valid text addresses.
-
Missing psinfo for tasks run with PID 0 fixed
A bug which caused some memory access errors when attempting to access the psinfo for a task running with PID 0 is resolved. (Bug ID 22561297)
-
Multiple probe firings of a Statically Defined Tracing (SDT) probe in a function now supported
A patch was applied to allow DTrace to handle situations where a single SDT probe occurs more than once in a function, usually as a result of the compiler duplicating code fragments that contain an SDT probe. In these situations multiple probe firings were not previously reported, however the patch resolves this issue.
Driver Updates
The Unbreakable Enterprise Kernel supports a wide range of hardware and devices. In close cooperation with hardware and storage vendors, several device drivers have been updated by Oracle.
Manufacturer | Driver | Version | Description |
---|---|---|---|
Broadcom |
|
10.6.0.2 |
Broadcom/Avago OneConnect Open-iSCSI Driver |
Broadcom |
|
11.0.0.0 |
Broadcom/Emulex OneConnect NIC Driver |
Broadcom |
|
11.0.0.13 |
Broadcom/Emulex LightPulse Fibre Channel SCSI driver |
Broadcom |
|
Upstream patches |
Broadcom/Avago SAS based MegaRAID driver |
PMC-Sierra |
|
3.4.10-0 |
PMC-Sierra Driver for HP Smart Array Controller |
Intel Corporation |
|
1.4.25-k |
Intel(R) Ethernet Connection XL710 Network Driver |
Intel Corporation |
|
1.4.15-k |
Intel(R) XL710 X710 Virtual Function Network Driver |
Microsoft Corporation |
|
Upstream patches |
Microsoft Hyper-V Drivers |
QLogic |
|
8.07.00.33.40.0-k |
QLogic Fibre Channel HBA Driver |
VMware, Inc. |
|
1.0.2.0-k |
VMCI transport for Virtual Sockets |
VMware, Inc. |
|
1.4.2.0-k |
VMware vmxnet3 virtual NIC driver |
Additional Notes For Driver Updates
The following notes are included at the request of a vendor for the listed driver:
-
lpfc
: Locked optics support is enabled for LPE32000 HBAs and all variant HBAs of this architecture. With this capability, these HBAs will detect and enable both Avago or Emulex certified SFP and QSFP optics.For driver rev 11.0.0.13 and higher unqualified optics will be disabled, the link will not come up, an error message is written to the log file and the lpfc driver will display this message:
3176 Port Name [wwpn] Unqualified optics - Replace with Avago optics for Warranty and Technical support
Technology Preview
The following features included in the Unbreakable Enterprise Kernel Release 4 are still under development, but are made available for testing and evaluation purposes.
-
Ceph File System and Object Gateway Federation
Ceph presents a uniform view of object and block storage from a cluster of multiple physical and logical commodity-hardware storage devices. Ceph can provide fault tolerance and enhance I/O performance by replicating and striping data across the storage devices in a Storage Cluster. Ceph's monitoring and self-repair features minimize administration overhead. You can configure a Storage Cluster on non-identical hardware from different manufacturers.
The Ceph File System (CephFS) and Object Gateway Federation features of Ceph are in technology preview.
-
DCTCP (Data Center TCP)
DCTCP enhances congestion control by making use of the Explicit Congestion Notification (ECN) feature of state-of-the-art network switches. DCTCP reduces buffer occupancy and improves throughput by allowing a system to react more intelligently to congestion than is possible using TCP.
-
DRBD (Distributed Replicated Block Device)
A shared-nothing, synchronously replicated block device (RAID1 over network), designed to serve as a building block for high availability (HA) clusters. It requires a cluster manager (for example, pacemaker) for automatic failover.
-
Kernel module signing facility
Applies cryptographic signature checking to modules on module load, checking the signature against a ring of public keys compiled into the kernel. GPG is used to do the cryptographic work and determines the format of the signature and key data.
-
NFS over RDMA interoperation with ZFS and Oracle Solaris
NFS over RDMA does not yet fully interoperate with ZFS and Oracle Solaris. NFS over RDMA for NFS versions 3 and 4 is supported for Oracle Linux systems using the Oracle InfiniBand stack and is more efficient than using NFS with TCP over IPoIB. Currently, only the Mellanox ConnectX-2 and ConnectX-3 Host Channel Adapters (HCAs) pass the full Connectathon NFS test suite and are supported.
-
NFS server-side copy offload
NFS server-side copy offload is an NFS v4.2 feature that reduces the overhead on network and client resources by offloading copy operations to one or more NFS servers rather than involving the client in copying file data over the network.
-
Server-side parallel NFS
Server-side parallel NFS (pNFS) improves the scalability and performance of an NFS server by making file metadata and data available on separate paths.
Compatibility
Oracle Linux maintains user-space compatibility with Red Hat Enterprise Linux, which is independent of the kernel version running underneath the operating system. Existing applications in user space will continue to run unmodified on the Unbreakable Enterprise Kernel Release 4 and no re-certifications are needed for RHEL certified applications.
To minimize impact on interoperability during releases, the Oracle Linux team works closely with third-party vendors whose hardware and software have dependencies on kernel modules. The kernel ABI for UEK R4 will remain unchanged in all subsequent updates to the initial release. In this release, there are changes to the kernel ABI relative to UEK R3 that require recompilation of third-party kernel modules on the system. Before installing UEK R4, verify its support status with your application vendor.
Header Packages for Development
As of UEK-3.8-QU2, the kernel-uek-headers
package is no longer built and distributed. There are three
kernel packages that may be useful for development purposes. The
kernel-headers
package forms part of the API
for user space programs. The kernel-devel
package is used for standard RHCK development and module
compilation. The kernel-uek-devel
package is
used for UEK development and module compilation. Neither the
kernel-uek-headers
, nor the
kernel-headers
packages, are needed for
kernel development.
The kernel-headers
packages provide the C
header files that specify the interface between user-space
binaries or libraries and UEK or RHCK. These header files define
the structures and constants that you need to build most
standard programs or to rebuild the glibc
package.
The kernel-devel
and
kernel-uek-devel
packages provide the kernel
headers and makefiles that you need to build modules against UEK
and RHCK.
To install the packages required to build modules against UEK and the C header files for both UEK and RHCK:
# yum install kernel-uek-devel-`uname -r` kernel-headers