此内容没有您所选择的语言版本。
Chapter 10. Kernel
/dev/disk/by-path/
now accounts for NPIV paths
Previously, if two or more virtual host bus adapters (HBAs) were created on a single physical HBA, only a single link to the device was created in the
/dev/disk/by-path/
directory instead of one link for each path. As a consequence, creating a virsh
pool with virtual HBAs by using Fibre Channel N_Port ID Virtualization (NPIV) did not work correctly. With this update, symbolic links in /dev/disk/by-path/
are created correctly and are unique. Symbolic links in /dev/disk/by-path/
created by udev
for logical unit numbers (LUNs) connected through a physical Fibre Channel N_Port stay the same. (BZ#1032218)
Removed unintended kernel warning message
A recent change in Red Hat Enterprise Linux 6.8 caused an unintended warning message to be displayed in certain situations where a file size is increased, such as by using
fallocate
operations:
WARNING: at mm/truncate.c:614 pagecache_isize_extended+0x10d/0x120()
This bug has been fixed, and operations which increase file size no longer cause this warning message to be displayed or logged. (BZ#1205014)
librdmacm
no longer outputs warnings and errors if no RDMA hardware is present
Previously, if
librdmacm
was installed on a system with no RDMA hardware present, it could, in some circumstances, output superfluous warning and error messages to the standard error stream (stderr). With this update, librdmacm
no longer outputs warning and error messages to stderr in such cases. (BZ#1231766)
Fixed kernel booting issues with the mlx5
driver
When the
mlx5
driver was enabled on a system with non-fatal PCIe errors, the kernel previously failed to boot, crashing in the mlx5
probe routine shortly after it enabled PCIe error handling. The patch causing this bug has been removed, and kernel now boots successfully when this driver is enabled. (BZ#1324599)
Changing snapshot read-only status no longer causes a kernel crash
Previously, the
dm-snapshot
target had improper handover of the exception store when the target was reloaded. As a consequence, when changing read-only status of the snapshot volume with lvchange -p r
or lvchange -p rw
commands and there was I/O to the origin volume in progress, the kernel crashed with the BUG()
macro. With this update, the origin logical volume is suspended during exception store handover, so that there is no I/O in progress during the handover. As a result, changing snapshot read-only status no longer causes the aforementioned kernel crash. (BZ#1177389)
qla2xxx
updated to version 8.07.00.26.06.8-k
The
qla2xxx
driver has been updated to version 8.07.00.26.06.8-k. This update backports initiator side upstream fixes and minor enhancements through 8.07.00.26. (BZ#1252111)
Memory leak in devpts_kill_sb()
fixed
The
devpts
pseudo-file system allocates IDR resources during use. However, prior to this update, devpts
did not free them when it was unmounted. Consequently, the resources use by the IDR system were leaked which could cause problems with frequent starting and stopping of containers, particularly with a high number of containers used. This update applies an upstream patch which releases these resources at unmount, and the IDR resources used by the devpts
file system are no longer leaked at unmount. (BZ#1283557)
Setting a sysctl
parameter now executes successfully
While executing the
sysctl -w vm.compact_memory=1
command to set a sysctl
parameter, the system previously returned the following error messages:
error: "Success" setting key "vm.compact_memory"
The provided patch fixes this bug, and the aforementioned command now executes successfully. (BZ#1278842)
netconsole
no longer causes kernel crash
Resetting an
ixgbe
or vmxnet3
adapter while sending a message over netconsole
or netpoll
at the same time could previously cause a kernel crash. This update adds mutual exclusion between the core adapter reset path and netpoll transmit path, preventing kernel crashes in this situation. (BZ#1252212)
Loop checks added to VFS to prevent kernel crashes
The NFS client was previously failing to detect a directory loop for some NFS server directory structures. This failure could cause NFS inodes to remain referenced after attempting to unmount the file system, leading to a kernel crash. This update adds loop checks to VFS, which effectively prevents this problem from occurring. (BZ#1254020)
Playing audio from a USB sound card works as expected
Due to incorrect
URB_ISO_ASAP
semantics, playing an audio file using a USB sound card could previously fail for some hardware configurations. This update fixes the bug, and playing audio from a USB sound card now works as expected. (BZ#1255071)
Page fault and subsequent kernel oops in the HID driver fixed
Previously, when the Human Interface Device (HID) driver ran a report on an unaligned buffer, it could cause a page fault interrupt and a kernel oops when the end of the report was read. This update fixes this bug by padding the end of the report with extra bytes, so the reading of the report never crosses a page boundary. As a result, the page fault and subsequent kernel oops no longer occur. (BZ#1256568)
Fixed a deadlock when syncing a frozen file system
Due to broken
s_umount
lock ordering, a race condition occurred when an unlinked file was closed and the sync
(or syncfs
) utility was run at the same time. As a consequence, a deadlock occurred on a frozen file system between sync
and a process trying to unfreeze the file system. With this update, sync
(or syncfs
) is skipped on frozen file systems, and deadlock no longer occurs in the aforementioned situation. (BZ#1241791)
dracut
dependencies updated to prevent boot failures
The Deterministic Random Bit Generator (DRBG) module must be loaded during boot before cryptographic ciphers can be used. However, older versions of
dracut
did not include DRBG in the initramfs
image which could use cryptographic ciphers for disk encryption. As a consequence, if disk encryption was in use on the root file system, the boot process failed. This update adds the DRBG module into the dependency list of dracut
, ensuring that the module is present in the initramfs
, and systems with encrypted root file systems can now boot successfully. (BZ#1241338)
Packets are now counted correctly
Due to a regression, packets counter detected only the number of normally processed completions (packets), but failed to detect erroneous ones. As these packets were thus never acknowledged, the firmware kept returning interrupt requests (IRQs). A patch has been provided to fix this bug, and all packets are now counted as expected. (BZ#1241287)
Fixed a deadlock when removing directories
When removing a directory while a reference was held to that directory by a reference to a negative child dentry, the directory dentry was previously not killed. In addition, once the negative child dentry was killed, an unlinked and unused dentry was still present in the cache. This could cause a deadlock by forcing dentry eviction while the file system in question was frozen. With this update, all unused dentries are unhashed and evicted immediately after a successful directory removal, which avoids the deadlock, and the system no longer hangs in the aforementioned scenario. (BZ#1241030)
Mapping hugetlb
areas no longer causes data corruption
Inside
hugetlb
, region data structures were protected by a combination of a memory map semaphore and a single hugetlb
instance mutex. However, a page-fault scalability improvement backported to the kernel in a previous release removed the single mutex and introduced a new mutex table, making the locking combination insufficient and leading to possible race windows that could cause corruption and undefined behavior. The problem could be observed for example when software mapping or remapping hugetlb
areas with concurrent threads reading or writing to same areas, which caused page faults. This update fixes the problem by introducing a required spinlock
to the region tracking functions for proper serialization. (BZ#1260755)
multipath request queue no longer causes stalls
Previously, running the multipath request queue caused regressions in cases where paths failed regularly under I/O load. This regression manifested as I/O stalls that exceeded 300 seconds. This update reverts the changes aimed to reduce running the multipath request queue, resulting in I/O completing in a timely manner. (BZ#1240767)
inodes are now freed as intended
Previously, when opening a file by its file handle (
fhandle
) with its dentry
not present in the dcache
('cold dcache'), and then making use of the unlink()
and close()
functions, the inode was not freed upon the close()
system call. As a consequence, the iput()
final was delayed indefinitely. A patch has been provided to fix this bug, and the inode is now freed as expected. (BZ#1236736)
The vmxnet3
driver is now compatible with the vmxnet3
adapter version 2
Due to a bug, the
vmxnet3
driver demonstrated incorrect behavior such as memory leaks or 'screaming interrupts' when in use with vmxnet3
adapter version 2. Several upstream patches have been applied to fix the behavior of the vmxnet3
driver - namely, this update fixes memory leaks in the rx
path, implements a handler for PCI shutdown, and makes vmxnet3
compatible with adapter version 2. (BZ#1236564)
IP fragments are discarded in time
The memory used by the defragmentation engine is accounted for per CPU. However, on systems with numerous CPUs, the per-CPU caches could deviate from reality, thus causing the defragmentation engine to discard old fragments too early. This update adds a fix to minimize this discrepancy, and old IP fragments are now discarded at the correct time. (BZ#1235465)
GFS2 now references correct value
The GFS2 file system previously had a rare timing window that sometimes caused it to reference an uninitialized variable. Consequently, a kernel panic occurred. The code has been changed to reference the correct value during this timing window, and the kernel no longer panics. (BZ#1267995)
Software using IPC SysV semaphores works with kernel correctly
At a process or thread exit, when the Linux kernel undoes any SysV semaphore operations done previously (ones done using
semop
with the SEM_UNDO
flag), there was a possible race condition with another process or thread removing the same semaphore set where the operations occurred, leading to a possible use of in-kernel-freed memory and then to possible unpredictable behaviour. This bug could be noticed with software which uses IPC SysV semaphores, such as IBM DB2
, which could in certain cases have some of its processes or utilities get incorrectly stalled in an IPC semaphore operation or system call after the race condition happened. A patch has been provided to fix this bug, and the kernel now behaves as expected in the aforementioned scenario. (BZ#1233300)
Fixed a race condition in perf buildid-cache
Prior to this update, multiple instances trying to copy the same file triggered a race condition in
perf buildid-cache
that could truncate system libraries and other files. With this update, unique temporary files are used when copying to the buildid
directory to prevent the aforementioned race condition from occurring. (BZ#1229673)
Cache serialization has been added to prevent kernel crashes
Due to a race condition whereby a cache operation could be submitted after a cache object was killed, the kernel occasionally crashed on systems running the
cachefilesd
service. The provided patch prevents the race condition by adding serialization in the code that makes the object unavailable. As a result, all subsequent operations on the object are rejected and the kernel no longer crashes in this scenario. (BZ#1096893)
Reloading or removing edac
modules now works as expected
Previously, reloading or removing
edac
modules on a system using the i7core_edac
module could lead to a number of warning messages to be returned and a subsequent kernel crash. The underlying source code has been patched, and the kernel no longer crashes when operating with edac
modules. (BZ#1227845)
Custom MAC addresses can be specified again for bond interfaces
On a system with a bonded interface, the user could not specify their own custom MAC address for the bond. A patch has been provided to fix this bug, and custom MAC addresses can be specified again in the aforementioned situation. (BZ#1225359)
The st
and sg
drivers now work correctly
Due to the incorrect length for the
FCP_RSP_INFO
field, parts of the field could be copied, and the st
and sg
drivers thus did not work correctly. With this update, the code related to the FCP protocol has been updated, and st
and sg
now work as expected. (BZ#1223105)
Slave interfaces turn into promiscuous mode automatically
If a bonding VLAN interface turned into promiscuous mode while it was inactive, the slave interfaces previously did not turn into promiscuous mode automatically even after the bonding VLAN interface became active again. With this update, flag changes are always propagated to interfaces, and slave interfaces thus enter promiscuous mode as expected. (BZ#1222823)
force_hrtimer_reprogram
parameter added to kernel
Due to a timer expiry issue, the scheduler tick previously stopped for too long when the
ksoftirqd
daemon for hrtimer
was blocked by a running process. This update adds the force_hrtimer_reprogram
kernel parameter. If force_hrtimer_reprogram=1
is used on the kernel command line, the reprogramming of all expired timers is forced, which prevents this bug from occuring. (BZ#1285142)
ipr
memory buffer indexing updated
A bug in the
ipr
driver on 64-bit IBM Power Systems (ppc64) could result in backwards memory buffer indexing and cause a kernel crash when running the Hardware Test Exerciser (HTX) test suite. With this update, ipr
memory buffer indexing uses a bit mask operation instead of modulo, causing low bits to be masked off so that no backwards indexing is possible, and preventing the crash. (BZ#1209543)
cgroup_threadgroup_rwsem
variable added to kernel
Previously, the
attach_task_by_pid()
function in some cases raced with an exiting thread and tried to lock or unlock the already freed group_rwsem
member of the signal_struct
list. As a consequence, a kernel crash could occur. This update adds the cgroup_threadgroup_rwsem
variable, which fixes this bug and prevents the kernel crash from occurring in this scenario. (BZ#1198732)
Adding keys into a revoked keyring no longer causes a memory leak
Attempting to use the
request_key()
function to add a key into a revoked keyring was previously causing a resource leak in the kernel error path. Keys which were allocated and then failed became stuck in kernel memory and were impossible for the garbage collector to remove. With this update, the reference count on failed keys will now correctly reach 0 in this situation, allowing the garbage collector to remove them so that failed keys will no longer stay in memory indefinitely. (BZ#1188442)
Kernel panic caused by repeated fork() no longer occurs
Previously, an unusual forking pattern could cause the
anon_vma_chain
and anon_vma slab
memory to grow infinitely even though the number of processes involved stayed low. As a consequence, a kernel panic occurred. The provided patch adds a heuristic which reuses existing anon_vma
instead of forking a new one and adds the anon_vma->degree
counter which makes sure the count of anon_vma
members is not bigger than twice the count of virtual memory areas. As a result, the kernel panic no longer occurs in this situation. (BZ#1151823)
Fixed job scheduling now ensures balanced CPU load
Due to prematurely decremented
calc_load_task
, the calculated load average was off by up to the number of CPUs in the machine. As a consequence, job scheduling worked improperly causing a drop in the system performance. This update keeps the delta of the CPU going into NO_HZ
idle separately, and folds the pending idle delta into the global active count while correctly aging the averages for the idle-duration when leaving NO_HZ
mode. Now, job scheduling works correctly, ensuring balanced CPU load. (BZ#1167755)
Only single processe can free specific memory page
A race condition was found in hash table invalidation code between inode invalidation and inode clearing code in the GFS2 file system. In some circumstances, two processes could attempt to free the same memory, resulting in a kernel panic. This update adds a
spin_lock
to the hash table invalidation code allowing only a single process to attempt to free a specific memory page, which prevents the race condition from occurring. (BZ#1250663)
macvtap transfers VLAN packets over be2net successfully
Previously, VLAN stacked on the
macvlan
or macvtap
device did not work for devices that implement and use VLAN filters. As a consequence, macvtap
passthrough mode failed to transfer VLAN packets over the be2net
driver. This update implements VLAN ndo
calls to the macvlan
driver to pass appropriate VLAN tag IDs to lower devices. As a result, macvtap
transfers VLAN packets over be2net
successfully. (BZ#1213846)
primary_reselect=failure now works properly
A bug caused the
primary_reselect=failure
bond parameter to work incorrectly. The primary interface was always taking over even if others did not fail. With this update, the parameter works as expected, and the primary bond interface only takes over if the current non-primary active interface fails. (BZ#1290672)
Log messages from logshifter are now processed correctly
Under significant load, some applications such as logshifter could generate bursts of log messages too large for the system logger to spool. Due to a race condition, log messages from that application could then be lost even after the log volume dropped to manageable levels. This update fixes the kernel mechanism used to notify the transmitter end of the socket used by the system logger that more space is available on the receiver side, removing a race condition which previously caused the sender to stop transmitting new messages and allowing all log messages to be processed correctly. (BZ#1284900)
KVM virtual guests now connect via a bridged interface successfully
Previously, a bridge interface could exist on top of a bonded interface which was above a physical interface with the large receive offload (LRO) flag still on. Bridge interfaces are incompatible with LRO enabled on any underlying devices, which caused network communications on the bridge, such as that from a Virtual Machine (VM) to fail to function properly. This update makes sure devices underneath a bridge all get LRO disabled, and a VM now connects via a bridged interface successfully. (BZ#1258446)
SwapFree size is now correct
A previous change in the get_swap_page() locking removed the use of the
swap_lock
spinlock. This could cause nr_swap_pages
corruption and invalid SwapFree
information in the /proc/meminfo
file, where the size of SwapFree
could exceed the size of SwapTotal
. This update uses an atomic variable for nr_swap_pages
, and the size of SwapFree
in /proc/meminfo
is now correct. (BZ#1252362)
SCSI error handling no longer causes deadlocks
Previously, when a SCSI command timed out on a removable media device, the error handling code always attempted to re-lock the door of the device. This could cause a deadlock because the request to issue a command to re-lock the door could not be allocated if all requests were in use. With this update, SCSI error handling only attempts to re-lock if the device was reset as part of the error handling procedure, and the deadlock no longer occurs. (BZ#995234)
LRO flags now propagate correctly
Large Receive Offload (LRO) flag disabling was not being propagated downwards from above devices in the VLAN and bond hierarchy, breaking the flow of traffic. This bug has been fixed and LRO flags now propagate correctly. (BZ#1259008)
multicast group assignments fixed
The kernel was incorrectly assigning multicast groups for the
nl80211
protocol, causing problems with nl80211
wireless drivers, for example, preventing hostapd
from starting and initializing wireless devices in Access Point mode. This update fixes multicast group assignments for nl80211
and allows wireless devices to be managed correctly. (BZ#1259870)
Sending a UDP datagram over IPv6 works as expected
Due to a race condition, an
ipv6_txoptions
corruption previously appeared when sending a UDP datagram over the IPv6 protocol. An upstream patch has been applied to prevent data corruption that led to the kernel panic. (BZ#1312740)
nvme hard-lockup panic no longer occurs
When the the
nvme
driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to the nvme
hard-lockup panic. This update fixes the underlying source code, and nvme
now works as expected. (BZ#1227342)
BUG_ON() in fs_clear_inode() no longer occurs
Previously, the BUG_ON() signal appeared in the fs_clear_inode() function where the nfs_have_writebacks() function reported a positive value for nfs_inode->npages. As a consequence, a kernel panic occurred. The provided patch performs a serialization by holding the inode i_lock over the check of PagePrivate and locking the request, which fixes this bug. (BZ#1135601)
UID and GID are assigned correct values
Due to a regression, the UID and GID environment variables were not assigned correct values during autofs mount requests. This update provides a patch that fixes the UID and GID assignment so that UID and GID now take on the value of the user that has triggered the mount. (BZ#1248820)
Using LUKS and IPSEC simultaneously no longer leads to data corruption
When using IPSEC and a LUKS-encrypted volume simultaneously, data corruption on a LUKS volume could occur. The provided patch fixes this bug, and data corruption no longer occurs when using LUKS and IPSEC simultaneously. (BZ#1259023)
VLAN_GROUP_ARRAY_LEN has been revived
In a previous update, the VLAN_GROUP_ARRAY_LEN kernel macro was renamed to VLAN_N_VID. Due to this rename, when compiling a kernel module requiring VLAN_GROUP_ARRAY_LEN, for example the vmxnet3 external driver, the compilation failed. With this update, the old macro has been revived so that the third party modules succeed to compile. (BZ#1242145)
Corrupted ELF header has been fixed
Previously, the corrupted ELF header of the
/proc/vmcore
ELF file caused that the ELF file could not be read correctly. As a consequence, the kdump
service terminated unexpectedly, resulting in a kernel panic. The provided patch fixes the ELF header, and kdump
now succeeds as expected. (BZ#1236437)
Quota warning deadlocks on tty mutex have been fixed
Previously, the quota code could call into the tty layer to print a warning, which could cause a lock inversion between tty->atomic_write_lock and dqptr_sem. The provided patch prevents the quota utility code from calling the tty layer with dqptr_sem semaphore held, and processes no longer end up in a deadlock. (BZ#1232387)
anon_vma degree is always decremented when the VMA list is empty
In the
anon_vma
data structure, the degree counts the number of child anon_vma
members and of virtual memory areas that point to this anon_vma
. In the unlink_anon_vma() function, when its list is empty, anon_vma
is going to be freed whether the external reference count is zero or not, so the parent's degree should be decremented. However, failure to decrement the degree triggered a BUG_ON() signal in unlink_anon_vma(). The provided patch fixes this bug, and the degree is now decremented as expected. (BZ#1309898)
Repeated sysrq events proceed as expected
Previously, repeated
sysrq
events in an NMI context could cause a deadlock, leading to a system crash. The provided patchset adds minimal support for the seq_buf
buffer and a per_cpu printk() function, which prevents the aforementioned deadlock from occurring. (BZ#1104266)
Unix domain datagram socket no longer experiences deadlock
Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another sk check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. (BZ#1309241)
Exiting process decrements a counter as expected
Previously, when Kernel Shared Memory (KSM) or page migration were in use, an exiting process could fail to decrement a counter related to anonymous virtual memory areas. As a consequence, the counter unbalance triggered a kernel panic. The provided patch fixes this bug, and the kernel panic no longer occurs in the aforementioned scenario. (BZ#1126228)
VGA output speed in UEFI boot mode improved
Previously, the VGA console was very slow in UEFI boot mode, which resulted in a large difference in boot time for servers with many CPUs or I/O devices. As a consequence, printing large amount of debug output during the boot phase was extremely slow, making it difficult to analyze issues that occur during boot time. In addition, the VGA output slowdown continued during OS runtime, which could lead to a system hang. The provided fix improves the VGA output speed in UEFI boot mode, preventing the aforementioned problems. (BZ#1290686)
ndo_set_multicast_list field is again present in network drivers
When creating a VLAN interface on top of a
netxen_nic
physical interface after changing its MAC address, ping
over VLAN to a remote VLAN previously failed. The provided patch adds back the use of the ndo_set_multicast_list
field in network drivers, and the ping now succeeds as expected. (BZ#1213207)
fio no longer corrupts XFS
After adjusting the extent size with the
xfs_fio
utility and running the fio
tool with the configuration file provided, the XFS file system previously became corrupted. The provided patch extends the size hints, and fio
no longer corrupts XFS. (BZ#1211110)
NFS mount now reports correctly
When configuring the firewall on the NFS server to reject all the packets of 2049 and mounting the share on the NFS client, the following error was returned:
connection timed out
The provided fix corrects the error message, which now reads:
connection refused
(BZ#1206555)
Automatic signing is now enabled
When setting a security type with the
sec=
mount option and no signing had been specified with the trailing i
, automatic signing was not previously enabled. For example, in DFS mounts where the DFS node requires signing but the client had disabled it using sec=
, the user could not mount the DFS node if the node required signing to be enabled. The provided fix sets MAY_SIGN
flags for all security types, thus fixing this bug. (BZ#1197875)
Writing a large file using direct I/O now proceeds successfully
Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in a reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. (BZ#1302777)
Fix for shrinker return value prevents system hang
The
shrink_dcache_memory
shrinker is prone to overflow, reporting the following line in the log:
negative objects to delete
As a consequence, the system previously hung. The provided patch tests for this overflow sign extension from any shrinker return value, and refuses to set the
max_pass
variable larger than the INT_MAX
preprocessor macro. As a result, the aforementioned hang no longer occurs. (BZ#1159675)
perf has been updated
To support a greater range of hardware and incorporate numerous bug fixes,
perf
has been updated. Notable enhancements include:
- Added support for additional model numbers of 5th Generation Intel Core i7 processors.
- Added support for Intel Xeon v5 mobile and desktop processors.
- Enabled support for the uncore subsystem for Intel Xeon v3 and v4 processors.
- Enabled support for the uncore subsystem for Intel Xeon Processor D-1500. (BZ#1189317)
Configuring settings for multiple WWPNs is now easier
This enhancement update adds support for
tag
and untag
commands in targetcli. Instead of configuring LUN mapping using the numeric WWPN, for example 20:00:00:1b:21:59:12:36
, it is now possible to give one or more WWPNs a descriptive name with the tag
command, and then use the tag to configure LUN mappings. See help tag
and help untag
commands within the acls
configuration node for more information. (BZ#882092)
Systems with iscsi_firmware
are able to boot
A previous regression in dracut caused systems with iSCSI offloading or iSCSI Boot Firmware Table (iBFT) to stop booting in some cases. Consequently, freshly installed Red Hat Enterprise Linux 6.8 systems with
iscsi_firmware
on the kernel command line could be unable to boot. This update fixes the bug, and systems in the described scenario are able to boot as expected. (BZ#1322209)