Chapter 12. Kernel
The protobuf-c packages are now available for the little-endian variant of IBM Power Systems architecture
This update adds the protobuf-c packages for the little-endian variant of IBM Power Systems architecture. The protobuf-c packages provide C bindings for Google's Protocol Buffer and are a prerequisite for the criu packages on the above mentioned architecture. The criu packages provide the Checkpoint/Restore in User space (CRIU) function, which provides the possibility to checkpoint and restore processes or groups of processes. (BZ#1289666)
The CAN protocol has been enabled in the kernel
The Controller Area Network (CAN) protocol kernel modules have been enabled, providing the device interface for CAN device drivers. CAN is a vehicle bus specification originally intended to connect the various micro-controllers in automobiles and has since extended to other areas. CAN is also used in industrial and machine controls where a high performance interface is required and other interfaces such as RS-485 are not sufficient. The functions exported from the CAN protocol modules are used by CAN device drivers to make the kernel aware of the devices and to allow applications to connect and transfer data. Enablement of CAN in the kernel allows the use of third party CAN drivers and applications to implement CAN based systems. (BZ#1311631)
Persistent memory support added to kexec-tools
The Linux kernel now supports E820_PRAM and E820_PMEM type for the Non-Volatile Dual In-line Memory Module (NVDIMM) memory devices. A patch has been backported from the upstream, which ensures that
kexec-tools
support these memory devices as well. (BZ#1282554)
libndctl
- userspace nvdimm
management library
The
libndctl
userspace library has been added. It is a collection of C interfaces to the ioctl
and sysfs
entry points provided by the kernel libnvdimm
subsystem. The library enables higher level management software for NVDIMM-enabled platforms and also provides a command-line interface for managing NVDIMMs. (BZ#1271425)
New symbols for the kABI whitelist to support the hpvsa and hpdsa drivers
This update adds a set of symbols to the kernel Application Binary Interface (kABI) whitelist, which ensures the support for the hpvsa and hpdsa drivers.
The newly added symbols are:
- scsi_add_device
- scsi_adjust_queue_depth
- scsi_cmd_get_serial
- scsi_dma_map
- scsi_dma_unmap
- scsi_scan_host (BZ#1274471)
crash rebased to version 7.1.5
The crash packages have been upgraded to upstream version 7.1.5, which provides several bug fixes and a number of enhancements over the previous version. Notably, this rebase adds new options such as
dis -s
, dis -f
, sys -i
, list -l
, new support for Quick Emulator (QEMU) generated Executable and Linkable Format (ELF) vmcores on the 64-bit ARM architectures, and several updates required for support of recent upstream kernels. It is safer and more efficient to rebase the crash
packages than to backport selectively the individual patches. (BZ#1292566)
New package: crash-ptdump-command
Crash-ptdump-command is a new rpm package which provides a crash extension module to add ptdump subcommand to the crash utility. The ptdump subcommand retrieves and decodes the log buffer generated by the Intel Processor Trace facility from the vmcore file and outputs to the files. This new package is designed for EM64T and AMD64 architectures. (BZ#1298172)
Ambient capabilities are now supported
Capabilities are per-thread attributes used by the Linux kernel to divide the privileges traditionally associated with superuser privileges into multiple distinct units. This update adds support for ambient capabilities to the kernel. Ambient capabilities are a set of capabilities that are preserved when a program is executed using the
execve()
system call. Only capabilities which are permitted and inheritable can be ambient. You can use the prctl()
call to modify ambient capabilities. See the capabilities(7)
man page for more information about kernel capabilities in general, and the prctl(2)
man page for information about the prctl
call. (BZ#1165316)
cpuid
is now available
With this update, the
cpuid
utility is available in Red Hat Enterprise Linux. This utility dumps detailed information about the CPU(s) gathered from the CPUID instruction, and also determines the exact model of CPU(s). It supports Intel, AMD, and VIA CPUs. (BZ#1307043)
FC-FCoE symbols have been added to KABI white lists
With this update, a list of symbols belonging to the
libfc
and libfcoe
kernel modules has been added to the kernel Application Binary Interface (KABI) white lists. This ensures that the Fibre Channel over Ethernet (FCoE) driver, which depends on libfc
and libfcoe
, can safely use the newly added symbols. (BZ#1232050)
New package: opal-prd for OpenPower systems
The new opal-prd package contains a daemon that handles hardware-specific recovery processes, and should be run as a background system process after boot. It interacts with OPAL firmware to capture hardware error causes, log events to the management processor, and handles recoverable errors where suitable. (BZ#1224121)
New package: libcxl
The new libcxl package contains the user-space library for applications in user space to access CAPI hardware via kernel
cxl
functions. It is available on IBM Power Systems and the little-endian variant of IBM Power Systems architecture. (BZ#1305080)
Kernel support for the newly added iproute
commands
This update adds kernel support to ensure the correct functionality of newly added
iproute
commands. The provided patch set includes:
- Extension of the IPsec interface, which allows prefixed policies to be hashed.
- Inclusion of the hash prefixed policies based on preflen thresholds.
- Configuration of policy hash table thresholds by netlink. (BZ#1222936)
Backport of the PID
cgroup controller
This update adds the new Process Identifier (PID) controller. This controller accounts for the processes per cgroup and allows a cgroup hierarchy to stop any new tasks from being forked or cloned after a certain limit is reached. (BZ#1265339)
mpt2sas and mpt3sas merged
The source codes of
mpt2sas
and mpt3sas
drivers have been merged. Unlike in upstream, Red Hat Enterprise Linux 7 continues to maintain two binary drivers for compatibility reasons. (BZ#1262031)
Allow multiple .ko files to be specified in ksc
Previously, it was not possible to add multiple .ko files in a single run of the ksc utility. Consequently, the drivers that contain multiple kernel modules were not passed to ksc in a single run. With this update, the -k option can be specified multiple times in the same run. Thus single run of ksc can be used to query symbols used by several kernel modules. As a result, one file with symbols used by all modules is generated. (BZ#906659)
dracut
update
The
dracut
initramfs generator has been updated with a number of bug fixes and enhancements over the previous version. Notably:
dracut
gained a new kernel command-line optionrd.emergency=[reboot|poweroff|halt]
, which specifies what action to execute in case of a critical failure. When usingrd.emergency=[reboot|poweroff|halt]
, therd.shell=0
option should also be specified.- The
reboot
,poweroff
, andhalt
commands now work in the emergency shell ofdracut
. dracut
now supports multiple bond, bridge, and VLAN configurations on the kernel command line.- The device timeout can now be specified on the kernel command line using the
rd.device.timeout=<seconds>
option. - DNS name servers specified on the kernel command line are now used in DHCP.
dracut
now supports 20-byte MAC addresses.- Maximum Transmission Unit (MTU) and MAC addresses are now set correctly for DHCP and IPv6 Stateless Address AutoConfiguration (SLAAC).
- The
ip=
kernel command line option now supports MAC addresses in brackets. dracut
now supports the NFS over RDMA (NFSoRDMA) module.- Support for
kdump
has been added to Fibre Channel over Ethernet (FCoE) devices. The configuration of FCoE devices is compiled inkdump initramfs
. Kernel crash dumps can now be saved to FCoE devices. dracut
now supports the--install-optional <file list>
option and theinstall_optional_items+= <file>[ <file> ...]
configuration file directive. If you use the new option or directive, the files are installed if they exist, and no error is returned if they do not exist.
Support for Wacom Cintiq 27 QHD
The Wacom Cintiq 27 QHD tablets are now supported in Red Hat Enterprise Linux 7. (BZ#1342989)
Full support for Intel® Omni-Path Architecture (OPA) kernel driver
Intel® Omni-Path Architecture (OPA) kernel driver, previously available as a Technology Preview, is now fully supported. Intel® OPA provides Host Fabric Interconnect (HFI) hardware with initialization and setup for high performance data transfers (high bandwidth, high message rate, low latency) between compute and I/O nodes in a clustered environment.
For instructions on how to obtain Intel® Omni-Path Architecture documentation, see https://access.redhat.com/articles/2039623. (BZ#1374826)
Cyclitest --smi
option available for non-root users
With this update, it is possible to use the cyclictest program with the
--smi
option as a non-root user, provided that the user also belongs to the realtime
group. On processors that support system management interrupts (SMIs), --smi
displays a report on the system's SMIs, which was previously only available for root users. (BZ#1346771)
Support added for the new Smart Array storage adapters
In Red Hat Enterprise Linux 7.2 and older versions, the new Smart Array storage adapters were not officially supported. However, these adapters were detected by the
aacraid
driver and the system appeared to work correctly. With this update, the new Smart Array storage adapters are properly supported by the new smartpqi
driver. Note that when you update, the driver name for these adapters will change. (BZ#1273115)
The Linux kernel now supports trusted virtual function (VF) concept
The upstream code has been backported into the Linux kernel to provide support for trusted virtual function (VF) concept. As a result, the trusted VFs are now permitted to enable multicast promiscuous mode which allows them to have more than 30 IPv6 addresses assigned. The trusted VFs are also permitted to overwrite media access control (MAC) addresses. (BZ#1302101)
Seccomp mode 2 is now supported on IBM Power Systems
This update adds support for seccomp mode 2 on IBM Power Systems. Seccomp mode 2 involves the parsing of Berkeley Packet Filter (BPF) configuration files to define system call filtering. This mode provides notable security enhancements, which are essential for the adoption of containers in Linux on IBM Power Systems. (BZ#1186835)
Memory Bandwidth Monitoring has been added
This update adds Memory Bandwidth Monitoring (MBM) into the Linux kernel. MBM is a CPU feature included in the family of platform quality of service (QoS) feature that is used to track memory bandwidth usage for a specific task, or group of tasks, associated with an Resource Monitoring ID (RMID). (BZ#1084618)
brcmfmac
now supports Broadcom wireless cards
The
brcmfmac
kernel driver has been updated to support Broadcom BCM4350 and BCM43602 wireless cards. (BZ#1298446)
The autojoin
option has been added to the ip addr
command to allow multicast group join or leave
Previously, there was no method to indicate Internet Group Management Protocol (IGMP) membership to Ethernet switches that do multicast pruning. Consequently, those switches did not replicate packets to the host's port. With this update, the
ip addr
command has been extended with the autojoin
option, which enables a host to join or leave a multicast group. (BZ#1267398)
Open vSwitch now supports NAT
This update adds Network Address Translation (NAT) support to the Open vSwitch kernel module. (BZ#1297465)
The page tables are now initialized in parallel
Previously, the page tables were initiallized serially on Non-Uniform Memory Access (NUMA) systems, based on Intel EM64T, Intel 64, and AMD64 architectures. Consequently, large servers could perform slowly at boot time. With this update, a set of patches has been backported to ensure that memory initialization is mostly done in parallel by node-local CPUs as a part of node activation. As a result, systems with the memory of 16TB to 32TB now boot about two times faster compared to the previous version. (BZ#727269)
The Linux kernel now supports Intel MPX
This update adds the support of Intel Memory Protection Extensions (MPX) into the Linux kernel. Intel MPX is a set of extensions to the Intel 64 architectures. Intel MPX together with a compiler, runtime library and operating system support increase the robustness and security of software by checking pointer references whose compile-time normal intentions can be maliciously exploited due to buffer overflows. (BZ#1138650)
ftrace
now prints command names as expected
When the trylock() function did not successfully acquire a lock, saving a command name in the
ftrace
kernel tracer failed. As a consequence, ftrace
did not properly print command names in the /sys/kernel/debug/tracing
file. With this update, recording of the command names has been fixed, and ftrace
now prints command names as expected. Users are also now able to set the number of stored commands by setting the saved_cmdlines_size
kernel configuration parameter. (BZ#1117093)
The shared memory that was swapped out is now visible in /proc/<pid>/smaps
Prior to this update, swapped-out shared memory appeared neither in the /proc/<pid>/status file, nor in the /proc/<pid>/smaps file. This update adds per-process accounting of swapped-out shared memory, including
sysV shm
, shared anonymous mapping and mapping to a tmpfs
file. Swapped-out shared memory now appears in /proc/<pid>/smaps
. However, swapped-out shared memory is not reflected in /proc/<pid>/status
, and swapped-out shmem
pages therefore remain invisible in certain tools such as procps
. (BZ#838926)
Kernel UEFI support update
The Unified Extensible Firmware Interface (UEFI) support in the kernel has been updated with a set of selected patches from the upstream kernel. This set provides a number of bug fixes and enhancements over the previous version. (BZ#1310154)
Mouse controller now works on guests with Secure Boot
Red Hat Enterprise Linux now supports a mouse controller on guest virtual machines that have the Secure Boot feature enabled. This ensures mouse functionality on Red Hat Enterprise Linux guests running on hypervisors that enable secure boot by default. (BZ#1331578)
The RealTek RTS520 card reader is now supported
This update adds support for the RealTek RTS520 card reader. (BZ#1280133)
Tunnel devices now support lockless xmit
Previously, tunnel devices, which used the
pfifo_fast
queue discipline by default, required the serialization lock for the tx
path. With this update, per-CPU variables are used for statistic accounting, and a serialization lock on the tx
path is not required. As a result, the user space is now allowed to configure a noqueue
queue discipline with no lock required on the xmit
path, which significantly improves tunnel device xmit
performance. (BZ#1328874)
Update of Chelsio drivers
Chelsio NIC, iWARP, vNIC and iSCSI drivers have been updated to their most recent versions, which add several bug fixes and enhancements over the previous versions.
The most notable enhancements include:
ethtool
support to get adapter statisticsethtool
support to dump channel statisticsethtool
to dump loopback port statisticsdebugfs
entry to dump CIM MA logic analyzer logsdebugfs
entry to dump CIM PIF logic analyzer contentsdebugfs
entry to dump channel ratedebugfs
entry to enable backdoor accessdebugfs
support to dump meminfo- MPS tracing support
- hardware time stamp support for RX
- device IDs for T6 adapters (BZ#1275829)
Support for 25G, 50G and 100G speed modes for Chelsio drivers
With this update, a set of patches has been backported into the Linux kernel that add definitions for 25G, 50G and 100G speed modes for Chelsio drivers. This patch set also adds the link mode mask API to the
cxgb4
and cxgb4vf
drivers. (BZ#1365689)
mlx5
now supports NFSoRDMA
With this update, the
mlx5
driver supports export of Network File System over Remote Direct Memory Access (NFSoRDMA). As a result, customers can now mount NFS shares over RDMA and perform the following actions from the client computer:
- list files on the NFS share using the
ls
command - use the
touch
command on new files
This feature allows some jobs to run from a shared storage, which is useful when you have large, InfiniBand-connected grids running that keep growing in size. (BZ#1262728)
I2C has been enabled on 6th Generation Intel Core Processors
Starting from this update, the I2C devices that are controlled by a kernel driver are supported on 6th Generation Intel Core Processors. (BZ#1331018)
mlx4
and mlx5
now support RoCE
This update adds the support of Remote Direct Memory Access Over Converged Ethernet (RoCE) network protocol timespanning to the
mlx4
and mlx5
drivers. RoCE is a mechanism to provide efficient server-to-server data transfer through Remote Direct Memory Access (RDMA) with very low latencies on lossless Ethernet networks. RoCE encapsulates InfiniBand (IB) transport in one of two Ethernet packets: - RoCEv1 - dedicated ether type (0x8915) - RoCEv2 - User Datagram Protocol (UDP) and dedicated UDP port (4791).
Both RoCE versions are now supported for
mlx4
and mlx5
. Starting from this update, mlx4
supports RoCE Virtual function Link Aggregation protocol, which provides failover and link aggregation capabilities to mlx4
device physical ports. Only IB port that represents the two physical ports is exposed to the application layer. (BZ#1275423, BZ#1275187, BZ#1275209) (BZ#1275423)
Support of cross-channel synchronization
Starting from this update, the Linux kernel supports cross-channel synchronization on AMD64 and Intel 64, IBM Power Systems and 64-bit ARM architectures. Devices now have capability to synchronize or serialize execution of I/O operations on different work queues without any intervention from the host software. (BZ#1275711)
Support for SGI UV4 has been added into the Linux kernel
Starting from this update, the Linux kernel supports the SGI UV4 platform. (BZ#1276458)
Updated support of TPM 2.0.
Support of Trusted Platform Module (TPM) of the version 2.0 has been updated in the Linux kernel. (BZ#1273499)
Support of 12 TB of RAM
With this update, the kernel is certified to support 12 TB of RAM. This new feature covers the advance in memory technology and it provides the potential to meet technological requirements of future servers that will be released in the life time of Red Hat Enterprise Linux 7. This feature is available for AMD64 and Intel 64 architectures. (BZ#797488)
Full support for 10GbE RoCE Express feature for RDMA
With Red Hat Enterprise Linux 7.3, the 10GbE RDMA over Converged Ethernet (RoCE) Express feature becomes fully supported. This makes it possible to use Ethernet and Remote Direct Memory Access (RDMA), as well as the Direct Access Programming Library (DAPL) and OpenFabrics Enterprise Distribution (OFED) APIs, on IBM z Systems.
Before using this feature on an IBM z13 system, ensure that the minimum required service is applied: z/VM APAR UM34525 and HW ycode N98778.057 (bundle 14). (BZ#1289933)
zEDC compression fully supported on IBM z Systems
Red Hat Enterprise Linux 7.3 and later provide full support for the Generic Workqueue (GenWQE) engine device driver. The initial task of the driver is to perform zlib-style compression and decompression of the RFC1950, RFC1951 and RFC1952 formats, but it can be adjusted to accelerate a variety of other tasks. (BZ#1289929)
LPAR Watchdog for IBM z Systems
The enhanced watchdog driver for IBM z Systems has become fully supported. This driver supports Linux logical partitions (LPAR), as well as Linux guests in the z/VM hypervisor, and provides automatic reboot and automatic dump capabilities if a Linux system becomes unresponsive. (BZ#1278794)