Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

Chapter 12. Kernel

The protobuf-c packages are now available for the little-endian variant of IBM Power Systems architecture

This update adds the protobuf-c packages for the little-endian variant of IBM Power Systems architecture. The protobuf-c packages provide C bindings for Google's Protocol Buffer and are a prerequisite for the criu packages on the above mentioned architecture. The criu packages provide the Checkpoint/Restore in User space (CRIU) function, which provides the possibility to checkpoint and restore processes or groups of processes. (BZ#1289666)

The CAN protocol has been enabled in the kernel

The Controller Area Network (CAN) protocol kernel modules have been enabled, providing the device interface for CAN device drivers. CAN is a vehicle bus specification originally intended to connect the various micro-controllers in automobiles and has since extended to other areas. CAN is also used in industrial and machine controls where a high performance interface is required and other interfaces such as RS-485 are not sufficient. The functions exported from the CAN protocol modules are used by CAN device drivers to make the kernel aware of the devices and to allow applications to connect and transfer data. Enablement of CAN in the kernel allows the use of third party CAN drivers and applications to implement CAN based systems. (BZ#1311631)

Persistent memory support added to kexec-tools

The Linux kernel now supports E820_PRAM and E820_PMEM type for the Non-Volatile Dual In-line Memory Module (NVDIMM) memory devices. A patch has been backported from the upstream, which ensures that kexec-tools support these memory devices as well. (BZ#1282554)

libndctl - userspace nvdimm management library

The libndctl userspace library has been added. It is a collection of C interfaces to the ioctl and sysfs entry points provided by the kernel libnvdimm subsystem. The library enables higher level management software for NVDIMM-enabled platforms and also provides a command-line interface for managing NVDIMMs. (BZ#1271425)

New symbols for the kABI whitelist to support the hpvsa and hpdsa drivers

This update adds a set of symbols to the kernel Application Binary Interface (kABI) whitelist, which ensures the support for the hpvsa and hpdsa drivers.
The newly added symbols are:
  • scsi_add_device
  • scsi_adjust_queue_depth
  • scsi_cmd_get_serial
  • scsi_dma_map
  • scsi_dma_unmap
  • scsi_scan_host (BZ#1274471)

crash rebased to version 7.1.5

The crash packages have been upgraded to upstream version 7.1.5, which provides several bug fixes and a number of enhancements over the previous version. Notably, this rebase adds new options such as dis -s, dis -f, sys -i, list -l, new support for Quick Emulator (QEMU) generated Executable and Linkable Format (ELF) vmcores on the 64-bit ARM architectures, and several updates required for support of recent upstream kernels. It is safer and more efficient to rebase the crash packages than to backport selectively the individual patches. (BZ#1292566)

New package: crash-ptdump-command

Crash-ptdump-command is a new rpm package which provides a crash extension module to add ptdump subcommand to the crash utility. The ptdump subcommand retrieves and decodes the log buffer generated by the Intel Processor Trace facility from the vmcore file and outputs to the files. This new package is designed for EM64T and AMD64 architectures. (BZ#1298172)

Ambient capabilities are now supported

Capabilities are per-thread attributes used by the Linux kernel to divide the privileges traditionally associated with superuser privileges into multiple distinct units. This update adds support for ambient capabilities to the kernel. Ambient capabilities are a set of capabilities that are preserved when a program is executed using the execve() system call. Only capabilities which are permitted and inheritable can be ambient. You can use the prctl() call to modify ambient capabilities. See the capabilities(7) man page for more information about kernel capabilities in general, and the prctl(2) man page for information about the prctl call. (BZ#1165316)

cpuid is now available

With this update, the cpuid utility is available in Red Hat Enterprise Linux. This utility dumps detailed information about the CPU(s) gathered from the CPUID instruction, and also determines the exact model of CPU(s). It supports Intel, AMD, and VIA CPUs. (BZ#1307043)

FC-FCoE symbols have been added to KABI white lists

With this update, a list of symbols belonging to the libfc and libfcoe kernel modules has been added to the kernel Application Binary Interface (KABI) white lists. This ensures that the Fibre Channel over Ethernet (FCoE) driver, which depends on libfc and libfcoe, can safely use the newly added symbols. (BZ#1232050)

New package: opal-prd for OpenPower systems

The new opal-prd package contains a daemon that handles hardware-specific recovery processes, and should be run as a background system process after boot. It interacts with OPAL firmware to capture hardware error causes, log events to the management processor, and handles recoverable errors where suitable. (BZ#1224121)

New package: libcxl

The new libcxl package contains the user-space library for applications in user space to access CAPI hardware via kernel cxl functions. It is available on IBM Power Systems and the little-endian variant of IBM Power Systems architecture. (BZ#1305080)

Kernel support for the newly added iproute commands

This update adds kernel support to ensure the correct functionality of newly added iproute commands. The provided patch set includes:
  • Extension of the IPsec interface, which allows prefixed policies to be hashed.
  • Inclusion of the hash prefixed policies based on preflen thresholds.
  • Configuration of policy hash table thresholds by netlink. (BZ#1222936)

Backport of the PID cgroup controller

This update adds the new Process Identifier (PID) controller. This controller accounts for the processes per cgroup and allows a cgroup hierarchy to stop any new tasks from being forked or cloned after a certain limit is reached. (BZ#1265339)

mpt2sas and mpt3sas merged

The source codes of mpt2sas and mpt3sas drivers have been merged. Unlike in upstream, Red Hat Enterprise Linux 7 continues to maintain two binary drivers for compatibility reasons. (BZ#1262031)

Allow multiple .ko files to be specified in ksc

Previously, it was not possible to add multiple .ko files in a single run of the ksc utility. Consequently, the drivers that contain multiple kernel modules were not passed to ksc in a single run. With this update, the -k option can be specified multiple times in the same run. Thus single run of ksc can be used to query symbols used by several kernel modules. As a result, one file with symbols used by all modules is generated. (BZ#906659)

dracut update

The dracut initramfs generator has been updated with a number of bug fixes and enhancements over the previous version. Notably:
  • dracut gained a new kernel command-line option rd.emergency=[reboot|poweroff|halt], which specifies what action to execute in case of a critical failure. When using rd.emergency=[reboot|poweroff|halt], the rd.shell=0 option should also be specified.
  • The reboot, poweroff, and halt commands now work in the emergency shell of dracut.
  • dracut now supports multiple bond, bridge, and VLAN configurations on the kernel command line.
  • The device timeout can now be specified on the kernel command line using the rd.device.timeout=<seconds> option.
  • DNS name servers specified on the kernel command line are now used in DHCP.
  • dracut now supports 20-byte MAC addresses.
  • Maximum Transmission Unit (MTU) and MAC addresses are now set correctly for DHCP and IPv6 Stateless Address AutoConfiguration (SLAAC).
  • The ip= kernel command line option now supports MAC addresses in brackets.
  • dracut now supports the NFS over RDMA (NFSoRDMA) module.
  • Support for kdump has been added to Fibre Channel over Ethernet (FCoE) devices. The configuration of FCoE devices is compiled in kdump initramfs. Kernel crash dumps can now be saved to FCoE devices.
  • dracut now supports the --install-optional <file list> option and the install_optional_items+= <file>[ <file> ...] configuration file directive. If you use the new option or directive, the files are installed if they exist, and no error is returned if they do not exist.
  • dracut DHCP now recognizes the rfc3442-classless-static-routes option, which enables using classless network addresses. (BZ#1359144, BZ#1178497, BZ#1324454, BZ#1194604, BZ#1282679, BZ#1282680, BZ#1332412, BZ#1319270, BZ#1271656, BZ#1271656, BZ#1367374, BZ#1169672, BZ#1222529, BZ#1260955)

Support for Wacom Cintiq 27 QHD

The Wacom Cintiq 27 QHD tablets are now supported in Red Hat Enterprise Linux 7. (BZ#1342989)

Full support for Intel® Omni-Path Architecture (OPA) kernel driver

Intel® Omni-Path Architecture (OPA) kernel driver, previously available as a Technology Preview, is now fully supported. Intel® OPA provides Host Fabric Interconnect (HFI) hardware with initialization and setup for high performance data transfers (high bandwidth, high message rate, low latency) between compute and I/O nodes in a clustered environment.
For instructions on how to obtain Intel® Omni-Path Architecture documentation, see https://access.redhat.com/articles/2039623. (BZ#1374826)

Cyclitest --smi option available for non-root users

With this update, it is possible to use the cyclictest program with the --smi option as a non-root user, provided that the user also belongs to the realtime group. On processors that support system management interrupts (SMIs), --smi displays a report on the system's SMIs, which was previously only available for root users. (BZ#1346771)

Support added for the new Smart Array storage adapters

In Red Hat Enterprise Linux 7.2 and older versions, the new Smart Array storage adapters were not officially supported. However, these adapters were detected by the aacraid driver and the system appeared to work correctly. With this update, the new Smart Array storage adapters are properly supported by the new smartpqi driver. Note that when you update, the driver name for these adapters will change. (BZ#1273115)

The Linux kernel now supports trusted virtual function (VF) concept

The upstream code has been backported into the Linux kernel to provide support for trusted virtual function (VF) concept. As a result, the trusted VFs are now permitted to enable multicast promiscuous mode which allows them to have more than 30 IPv6 addresses assigned. The trusted VFs are also permitted to overwrite media access control (MAC) addresses. (BZ#1302101)

Seccomp mode 2 is now supported on IBM Power Systems

This update adds support for seccomp mode 2 on IBM Power Systems. Seccomp mode 2 involves the parsing of Berkeley Packet Filter (BPF) configuration files to define system call filtering. This mode provides notable security enhancements, which are essential for the adoption of containers in Linux on IBM Power Systems. (BZ#1186835)

Memory Bandwidth Monitoring has been added

This update adds Memory Bandwidth Monitoring (MBM) into the Linux kernel. MBM is a CPU feature included in the family of platform quality of service (QoS) feature that is used to track memory bandwidth usage for a specific task, or group of tasks, associated with an Resource Monitoring ID (RMID). (BZ#1084618)

brcmfmac now supports Broadcom wireless cards

The brcmfmac kernel driver has been updated to support Broadcom BCM4350 and BCM43602 wireless cards. (BZ#1298446)

The autojoin option has been added to the ip addr command to allow multicast group join or leave

Previously, there was no method to indicate Internet Group Management Protocol (IGMP) membership to Ethernet switches that do multicast pruning. Consequently, those switches did not replicate packets to the host's port. With this update, the ip addr command has been extended with the autojoin option, which enables a host to join or leave a multicast group. (BZ#1267398)

Open vSwitch now supports NAT

This update adds Network Address Translation (NAT) support to the Open vSwitch kernel module. (BZ#1297465)

The page tables are now initialized in parallel

Previously, the page tables were initiallized serially on Non-Uniform Memory Access (NUMA) systems, based on Intel EM64T, Intel 64, and AMD64 architectures. Consequently, large servers could perform slowly at boot time. With this update, a set of patches has been backported to ensure that memory initialization is mostly done in parallel by node-local CPUs as a part of node activation. As a result, systems with the memory of 16TB to 32TB now boot about two times faster compared to the previous version. (BZ#727269)

The Linux kernel now supports Intel MPX

This update adds the support of Intel Memory Protection Extensions (MPX) into the Linux kernel. Intel MPX is a set of extensions to the Intel 64 architectures. Intel MPX together with a compiler, runtime library and operating system support increase the robustness and security of software by checking pointer references whose compile-time normal intentions can be maliciously exploited due to buffer overflows. (BZ#1138650)

ftrace now prints command names as expected

When the trylock() function did not successfully acquire a lock, saving a command name in the ftrace kernel tracer failed. As a consequence, ftrace did not properly print command names in the /sys/kernel/debug/tracing file. With this update, recording of the command names has been fixed, and ftrace now prints command names as expected. Users are also now able to set the number of stored commands by setting the saved_cmdlines_size kernel configuration parameter. (BZ#1117093)

The shared memory that was swapped out is now visible in /proc/<pid>/smaps

Prior to this update, swapped-out shared memory appeared neither in the /proc/<pid>/status file, nor in the /proc/<pid>/smaps file. This update adds per-process accounting of swapped-out shared memory, including sysV shm, shared anonymous mapping and mapping to a tmpfs file. Swapped-out shared memory now appears in /proc/<pid>/smaps. However, swapped-out shared memory is not reflected in /proc/<pid>/status, and swapped-out shmem pages therefore remain invisible in certain tools such as procps. (BZ#838926)

Kernel UEFI support update

The Unified Extensible Firmware Interface (UEFI) support in the kernel has been updated with a set of selected patches from the upstream kernel. This set provides a number of bug fixes and enhancements over the previous version. (BZ#1310154)

Mouse controller now works on guests with Secure Boot

Red Hat Enterprise Linux now supports a mouse controller on guest virtual machines that have the Secure Boot feature enabled. This ensures mouse functionality on Red Hat Enterprise Linux guests running on hypervisors that enable secure boot by default. (BZ#1331578)

The RealTek RTS520 card reader is now supported

This update adds support for the RealTek RTS520 card reader. (BZ#1280133)

Tunnel devices now support lockless xmit

Previously, tunnel devices, which used the pfifo_fast queue discipline by default, required the serialization lock for the tx path. With this update, per-CPU variables are used for statistic accounting, and a serialization lock on the tx path is not required. As a result, the user space is now allowed to configure a noqueue queue discipline with no lock required on the xmit path, which significantly improves tunnel device xmit performance. (BZ#1328874)

Update of Chelsio drivers

Chelsio NIC, iWARP, vNIC and iSCSI drivers have been updated to their most recent versions, which add several bug fixes and enhancements over the previous versions.
The most notable enhancements include:
  • ethtool support to get adapter statistics
  • ethtool support to dump channel statistics
  • ethtool to dump loopback port statistics
  • debugfs entry to dump CIM MA logic analyzer logs
  • debugfs entry to dump CIM PIF logic analyzer contents
  • debugfs entry to dump channel rate
  • debugfs entry to enable backdoor access
  • debugfs support to dump meminfo
  • MPS tracing support
  • hardware time stamp support for RX
  • device IDs for T6 adapters (BZ#1275829)

Support for 25G, 50G and 100G speed modes for Chelsio drivers

With this update, a set of patches has been backported into the Linux kernel that add definitions for 25G, 50G and 100G speed modes for Chelsio drivers. This patch set also adds the link mode mask API to the cxgb4 and cxgb4vf drivers. (BZ#1365689)

mlx5 now supports NFSoRDMA

With this update, the mlx5 driver supports export of Network File System over Remote Direct Memory Access (NFSoRDMA). As a result, customers can now mount NFS shares over RDMA and perform the following actions from the client computer:
  • list files on the NFS share using the ls command
  • use the touch command on new files
This feature allows some jobs to run from a shared storage, which is useful when you have large, InfiniBand-connected grids running that keep growing in size. (BZ#1262728)

I2C has been enabled on 6th Generation Intel Core Processors

Starting from this update, the I2C devices that are controlled by a kernel driver are supported on 6th Generation Intel Core Processors. (BZ#1331018)

mlx4 and mlx5 now support RoCE

This update adds the support of Remote Direct Memory Access Over Converged Ethernet (RoCE) network protocol timespanning to the mlx4 and mlx5 drivers. RoCE is a mechanism to provide efficient server-to-server data transfer through Remote Direct Memory Access (RDMA) with very low latencies on lossless Ethernet networks. RoCE encapsulates InfiniBand (IB) transport in one of two Ethernet packets: - RoCEv1 - dedicated ether type (0x8915) - RoCEv2 - User Datagram Protocol (UDP) and dedicated UDP port (4791).
Both RoCE versions are now supported for mlx4 and mlx5. Starting from this update, mlx4 supports RoCE Virtual function Link Aggregation protocol, which provides failover and link aggregation capabilities to mlx4 device physical ports. Only IB port that represents the two physical ports is exposed to the application layer. (BZ#1275423, BZ#1275187, BZ#1275209) (BZ#1275423)

Support of cross-channel synchronization

Starting from this update, the Linux kernel supports cross-channel synchronization on AMD64 and Intel 64, IBM Power Systems and 64-bit ARM architectures. Devices now have capability to synchronize or serialize execution of I/O operations on different work queues without any intervention from the host software. (BZ#1275711)

Support for SGI UV4 has been added into the Linux kernel

Starting from this update, the Linux kernel supports the SGI UV4 platform. (BZ#1276458)

Updated support of TPM 2.0.

Support of Trusted Platform Module (TPM) of the version 2.0 has been updated in the Linux kernel. (BZ#1273499)

Support of 12 TB of RAM

With this update, the kernel is certified to support 12 TB of RAM. This new feature covers the advance in memory technology and it provides the potential to meet technological requirements of future servers that will be released in the life time of Red Hat Enterprise Linux 7. This feature is available for AMD64 and Intel 64 architectures. (BZ#797488)

Full support for 10GbE RoCE Express feature for RDMA

With Red Hat Enterprise Linux 7.3, the 10GbE RDMA over Converged Ethernet (RoCE) Express feature becomes fully supported. This makes it possible to use Ethernet and Remote Direct Memory Access (RDMA), as well as the Direct Access Programming Library (DAPL) and OpenFabrics Enterprise Distribution (OFED) APIs, on IBM z Systems.
Before using this feature on an IBM z13 system, ensure that the minimum required service is applied: z/VM APAR UM34525 and HW ycode N98778.057 (bundle 14). (BZ#1289933)

zEDC compression fully supported on IBM z Systems

Red Hat Enterprise Linux 7.3 and later provide full support for the Generic Workqueue (GenWQE) engine device driver. The initial task of the driver is to perform zlib-style compression and decompression of the RFC1950, RFC1951 and RFC1952 formats, but it can be adjusted to accelerate a variety of other tasks. (BZ#1289929)

LPAR Watchdog for IBM z Systems

The enhanced watchdog driver for IBM z Systems has become fully supported. This driver supports Linux logical partitions (LPAR), as well as Linux guests in the z/VM hypervisor, and provides automatic reboot and automatic dump capabilities if a Linux system becomes unresponsive. (BZ#1278794)