Chapter 1 New Features and Changes

The Unbreakable Enterprise Kernel Release 5 (UEK R5) is a heavily tested and optimized operating system kernel for Oracle Linux 7 Update 5 and later on the x86-64 and 64-bit Arm (aarch64) architectures. It is based on the mainline Linux kernel version 4.14.35. This release also updates drivers and includes bug and security fixes.

Oracle actively monitors upstream check-ins and applies critical bug and security fixes to UEK R5.

UEK R5 uses the same versioning model as the mainline Linux kernel version. It is possible that some applications might not understand the 4.14 versioning scheme. However, regular Linux applications are usually neither aware of nor affected by Linux kernel version numbers.

1.1 Notable Features and Changes

The following sections describe the major new features of Unbreakable Enterprise Kernel Release 5 Update 1 (UEK R5U1) relative to the initial release of UEK R5.

1.1.1 64-bit Arm (aarch64) architecture

With Unbreakable Enterprise Kernel Release 5 Update 1, Oracle continues to deliver kernel modifications to enable support for 64-bit Arm (aarch64) architecture. These changes are built and tested against existing Arm hardware and provide support for Oracle Linux for Arm. Features described in this document are available for Arm insofar as the hardware is capable of supporting the feature that is described. Limitations and items beyond the scope of current development work for Arm are described in more detail in Section 3.1, “Unusable or Unavailable Features for Arm”.

Where specific changes have been made for Arm architecture, these are usually noted through this document. Particular effort has gone into updating and improving DTrace features to include support for the 64-bit Arm (aarch64) architecture, see Section 1.1.3, “DTrace” for more information.

1.1.2 Core Kernel Functionality

The following notable core kernel features are implemented in UEK R5U1:

  • Cgroup v2 CPU controller backported to support kABI.  The cgroup v2 CPU controller has been backported in this release. This change was made to pre-populate structures that could potentially impact the Kernel Application Binary Interface (kABI). The update includes changes to the code that handles cgroup resource usage statistics and improves performance when handling frequent reads where there are many cgroups that are not active.

  • Improved scheduler scalability for fast path.  This release includes scheduler scalability improvements for fast path. In addition, a new scheduler feature, SIS_CORE, is introduced to improve performance for certain workloads, such as Oracle database OLTP (online transaction processing). To provide additional performance improvement for OLTP, you can optionally disable this feature by setting NO_SIS_CORE in /sys/kernel/debug/sched_features. However, note that disabling the SIS_CORE feature is recommended for OLTP workloads only.

1.1.3 DTrace

The following notable DTrace features and fixes are implemented in UEK R5U1:

  • [aarch64] END and ENDPROC markers added.  DTrace has been enhanced for use on aarch64 platforms by adding or moving END[ENDPROC] markers in relevant assembly files. This change increases the likelihood that DTrace can map kernel instructions to a symbol.

  • [aarch64] DTrace support for SDT probes added.  DTrace has been enhanced to include support for the use of SDT probes on aarch64 platforms.

  • [aarch64] DTrace support for FBT entry probes added.  DTrace has been enhanced to include support for the use of FBT entry probes on aarch64 platforms.

  • [aarch64] DTrace support for FBT return probes added.  DTrace has been enhanced to include support for the use of FBT return probes on aarch64 platforms.

  • [aarch64] ustack() implementation.  DTrace has been enhanced to include the implementation of ustack() on aarch64 platforms.

  • SDT macros updated to accurately support 18 arguments.  The DTrace implementation for defining SDT probes in the kernel source code has been improved to accurately accept up to, and including, 18 arguments. Although all 18 arguments were supported previously, any arguments beyond 8 were truncated. This enhancement applies to both the x86_64 and aarch64 platforms.

  • New -x noresolve option added.  DTrace has been enhanced to include the -x noresolve runtime option, which is used to prevent automatic resolution of user-space symbols and to assist with symbol resolution for very large, statically linked binaries, where symbols take a long time to resolve. The option can also be used to reduce overhead when DTrace resolves addresses to symbol names for large applications that contain many symbols. The -x noresolve option was previously introduced in the Oracle Solaris 11.3 release.

  • New -x ctfpath option added.  DTrace has been enhanced to include a new -x ctfpath option, which enables the use of user-provided Compressed Type Format (CTF) archive data. The ctfpath option allows you to explicitly specify which CTF archives to use for the running kernel, thus enabling the archive to be shared and shipped to non-standard locations.

1.1.4 File Systems

The following sections detail the most notable features that have been implemented for file systems in UEK R5U1:

1.1.4.1 Btrfs

The following Btrfs bug fixes and features have been implemented in this update:

  • A fix for an issue where an incremental send operation can result in a missed truncate operation if an inode has an increased size in the send snapshot and a prealloc extent is greater in size.

  • Patches have been applied to resolve an issue that caused a read failure if there was data corruption on two disks in the same horizontal stripe in a RAID6 configuration using Btrfs.

  • A patch was applied to resolve an issue where the data raid profile was lost if a device was removed from the raid configuration using Btrfs.

  • A patch was applied to resolve an issue that caused the file system to report a lost parent directory where it was hard linked to a synced target followed by a power outage.

  • A patch was applied to resolve an issue that prevented mounting the file system with an EEXIST error when two hard links have been renamed followed by a power outage.

  • A patch was applied to resolve an issue that caused the file system to report an ENOSPC error when a file is repeatedly created and deleted while keeping all file descriptors open. The issue was the result of code that kept space reserved for orphan inode items until evicted.

  • A patch was applied to resolve an issue that caused an ENOENT send error if the file has all hard links deleted while there is an open file descriptor and the subvolume or snapshot is set to RO mode. This issue resulted from a send operation where the inodes have a link count of zero, which is not possible due to orphan cleanup during snapshot creation.

  • A patch was applied to resolve an issue that caused incorrect logging where no-holes mode is enabled and a file is synced after punching a hole in it. This resulted in an inconsistent file system in the event of a power outage.

  • Several security related fixes have been applied to resolve recognized vulnerabilities such as CVE-2018-14611 and CVE-2018-14610.

1.1.4.2 ext4

The following ext4 bug fixes and features have been implemented in this update:

  • Code updated to introduce support for direct access (DAX) page operations on Non-Volatile Dual Inline Memory Modules (NVDIMMs) using the ext4 file system.

  • A bug was fixed to resolve an issue that could cause a corrupted file system if a direct write extended beyond the i_disksize but is less than the i_size.

1.1.4.3 OCFS2

A patch was applied to the OCFS2 distributed lock manager code in this update, to resolve a locking issue that could cause list corruptions and result in kernel panic.

1.1.4.4 NFS

Several patches and updates have been applied for bug fixes in NFS. Notably, a fix was applied for an issue that caused failure to mount NFSv4 volumes during boot unless the vers=4.0 option was specified as a mount parameter in /etc/fstab. The issue related to deadlock in the NFS client initialization while processing the client list during NFSv4 server trunking detection and was fixed using an upstream patch.

1.1.4.5 XFS

The following XFS features have been implemented:

  • Code updated to introduce support for direct access (DAX) page operations on Non-Volatile Dual Inline Memory Modules (NVDIMMs) using XFS.

  • A patch was applied to fix the failure to convert an xattr using the short format to the long format during an ATTR_REPLACE operation. This bug could cause a file system error and shut down.

1.1.5 Memory Management

The following notable memory management features are implemented in UEK R5U1:

  • Updates to hugetlbfs to resolve several race condition issues.  Several updates were applied to the hugetlbfs code to resolve race issues. These include a fix for an issue that resulted when a hugetlbfs file was truncated while another task was still performing a page fault process. This issue could cause a reserve map entry to be created before the cached page is deleted, resulting in the reserved page leaking indefinitely. The code was updated to prevent faults to a file while it is being truncated.

1.1.6 RDMA

Remote Direct Memory Access (RDMA) is a feature that allows direct memory access between two systems that are connected by a network. RDMA facilitates high-throughput and low-latency networking in clusters.

Unbreakable Enterprise Kernel Release 5 Update 1 includes RDMA features that are provided in the upstream kernel, with the addition of Ksplice and DTrace functionality and Oracle's own RDMA features, which includes support for RDS and Shared-PD.

Oracle provides support for RDMA on InfiniBand on the following Oracle-branded HCAs:

  • Sun InfiniBand Dual Port 4x QDR Host Channel Adapters M2

  • Oracle Dual Port QDR InfiniBand Adapter M3

Notable changes to RDMA implementation in UEK R5U1 include:

  • resilient_rdmaip module fixes and improvements.  The Active-Active bonding code used by the resilient_rdmaip module, was updated to handle an issue that could cause a system panic if IPv6 addressing was disabled on the interface. Other improvements to logging and also to the module description information were also applied. A fix was also applied to include a check to prevent failover across ports within the failover group zero, which contains ports not intended for failover.

1.1.7 Security

The following notable security features are implemented in Unbreakable Enterprise Kernel Release 5 Update 1:

  • Secure boot update.  UEFI Secure Boot certificates used to sign the kernel and grub2 bootloader and which are verified using shim, have been updated to avoid expiration. This update can affect continued UEFI Secure boot functionality if the boot components involved are not all using the same valid Extended Validation (EV) certificate. For more information, see Oracle® Linux: UEFI Secure Boot Update Notice.

1.1.8 Storage

The following notable storage features are implemented in Unbreakable Enterprise Kernel Release 5 Update 1:

  • libnvdimm subsystem updated for PMEM and DAX.  The libnvdimm kernel subsystem, which is responsible for the detection, configuration, and management of Non-Volatile Dual Inline Memory Modules (NVDIMMs) is updated in UEK R5U1 to take advantage a large number of upstream patches, bug fixes and backports. Notably, these include fixes to /proc/smaps to reflect the actual PMEM page size and some work to improve Address Range Scrub (ARS). Also included as a notable improvement, is a fix that includes a new hand-shake mechanism that causes the fs thread to wait until DMA completion before waking up to update the fs metadata.

  • NVMe updates.  General modifications to NVMe code are included in this update. Build configuration options were synchronized to ensure equivalence and compatibility in aarch64 environments. A patch was also applied to resolve an issue with NVMe hotplug/unplug functionality when used with a KVM guest.

1.1.9 Virtualization

The following notable virtualization features are implemented in Unbreakable Enterprise Kernel Release 5 Update 1:

  • Backported bug fixes and features for KVM, Xen and Hyper-V.  Many bug fixes and virtualization features in the upstream 4.17, 4.18 and 4.19 kernels are backported into UEK R5U1. These patches offer better stability and resolve bugs and performance issues in KVM, Xen and Hyper-V. Fixes also include specific updates to better accommodate and support KVM on 64-bit Arm platforms.

  • Added the net_failover driver module.  The addition of the net_failover driver module in this update release helps to enable virtio_net to act as a standby for a passthru device. This is important in cloud environments where implementing an accelerated data path to virtio-net enabled virtual machines should be possible with minimal guest user space modification. In particular, the net_failover module provides an automated failover mechanism for paravirtual drivers to manage network devices in a generic failover infrastructure.

  • KVM Guest startup issue fixed for system where Transparent Huge Pages (THP) are enabled.  An issue that caused a large-memory KVM guest to hang on startup or restart when using Transparent Huge Pages (THP), has been resolved in this update. The issue resulted from a memory mapping heuristic that broke when a local node ran out of memory.

    To prevent this issue from occurring, where a kernel does not have a fix applied, run the following command on the host system before you attempt to start the guest:

    # echo defer > /sys/kernel/mm/transparent_hugepage/defrag

    A fix for this issue is included in this update release and systems using this kernel version, or later, do not require the workaround.

1.2 Driver Updates

The Unbreakable Enterprise Kernel Release 5 supports a large number of hardware and devices. In close cooperation with hardware and storage vendors, Oracle has updated several device drivers from the versions in mainline Linux 4.14.35.

A complete list of the driver modules included in UEK R5U1 along with version information is provided in the appendix at Appendix A, Driver Modules in Unbreakable Enterprise Kernel Release 5 Update 1 (x86_64).

1.2.1 Notable Driver Features

The following new features are noted in the drivers shipped with UEK R5U1 as opposed to the original release of UEK R5:

  • Broadcom/Emulex BCM573xx NIC driver updated to version 1.9.2.  The Broadcom/Emulex BCM573xx NIC driver, bnxt_en, has been updated to version 1.9.2 in this kernel update release. This update includes many upstream patches and bug fixes. Notable changes to the driver include: added Phy retry logic needed to enable hotplug functionality; DCBNL DSCP application protocol support; hwmon sysfs support; improvements to firmware notification about state changes; support for ethtool get dump; and a new VF resource allocation strategy mode.

  • Microsemi Smart Family Controller driver updated to version 1.1.4-130.  The Microsemi Smart Family Controller driver, smartpqi, has been updated to version 1.1.4-130 in this kernel update release. This update includes many upstream patches and bug fixes. Notable changes include a fix for a critical ARM issue when reading PQI index registers and improvements to the handling of sync requests.

  • Broadcom/Emulex LightPulse Fibre Channel SCSI driver updated to 12.0.0.7.  The Broadcom/Emulex LightPulse Fibre Channel SCSI driver, lpfc has been updated to version 12.0.0.7. Many upstream patches were applied for bug fixes and enhancements. Notable changes include the removal of the lpfc_enable_pdbe module parameter; reduced locking when updating statistics; and added support to retrieve firmware logs. This release also includes improvements to the framework to enable NVMe on Fibre Channel. Note that FC-NVMe in lpfc is available as a technical preview.

  • QLogic Fibre Channel HBA driver updated to 10.00.00.07-k1.  The QLogic Fibre Channel HBA driver, qla2xxx has been updated to version 10.00.00.07-k1. Changes include many bug fixes for stability and performance. Notably, a fix was applied to enable local buffer boundary checking to resolve an issue that sometimes caused I/O to fail with a DMA error when the Data Integrity Feature (DIF) was enabled. A fix was also applied to resolve a null pointer dereference crash caused by an unexpected interrupt for a device that had not been set up by the driver. Improvements were also made to the code to provide better compatibility for builds on Arm platforms. This release also includes a number of vendor supplied and upstream patches to enable NVMe on Fibre Channel. Note that FC-NVMe in qla2xxx is available as a technical preview.

  • Intel PRO/1000 network driver updated.  The Intel PRO/1000 network driver, e1000e, is updated to fix interrupt handling for virtual devices that can fail to function properly inside VMWare virtual machines. The fix resolved a link check race condition following an ICR read.

  • Intel 10 Gigabit PCI Express network driver updated.  The Intel 10 Gigabit PCI Express network driver, ixgbe, and the virtual function driver, ixgbevf are patched to add IPsec offload support.

  • Avago MegaRAID SAS driver updated.  The Avago MegaRAID SAS driver, megaraid_sas, driver was patched to resolve an issue where the driver did not use CPU affinity correctly when hotplugging or unplugging CPUs. The issue could cause a system hang.

1.3 Compatibility

Oracle Linux maintains full user space compatibility with Red Hat Enterprise Linux, which is independent of the kernel version running underneath the operating system. Existing applications in user space will continue to run unmodified on the Unbreakable Enterprise Kernel Release 5 and no re-certifications are needed for RHEL certified applications.

To minimize impact on interoperability during releases, the Oracle Linux team works closely with third-party vendors whose hardware and software have dependencies on kernel modules. The kernel ABI for UEK R5 will remain unchanged in all subsequent updates to the initial release. In this release, there are changes to the kernel ABI relative to UEK R4 that require recompilation of third-party kernel modules on the system. Before installing UEK R5, verify its support status with your application vendor.

1.4 Certification of UEK R5 for Oracle products

Note that certification of different Oracle products on UEK R5 may not be immediately available at the time of a UEK R5 release. You should always check to ensure that the product you are using is certified for use on UEK R5 before upgrading or installing the kernel. Check certification at https://support.oracle.com/epmos/faces/CertifyHome.

Oracle Automatic Storage Management Cluster File System (Oracle ACFS) certification for different kernel versions is described in Document ID 1369107.1 available at https://support.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1369107.1.

Oracle Automatic Storage Management Filter Driver (Oracle ASMFD) certification for different kernel versions is described in Document ID 2034681.1 available at https://support.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=2034681.1.