Chapter 31. Kernel

kdump can now capture a vmcore with nokaslr set

When using nokaslr and crashkernel=xxM,high options, a bug in the implementation of nokaslr prevented the kdump mechanism from capturing a vmcore file. This fix ensures that if nokaslr is set, the original loading address of the kernel is returned. As a result, kdump can now collect a vmcore when Kernel Address Space Layout Randomization (KASLR) is compiled in the kernel, but disabled with nokaslr, and high memory is specified in the crashkernel parameter. (BZ#1467561)

MPOL_PREFERRED policy now works with Transparent Huge Pages (THP) with optimal performance

Allocating memory on node 1 with the MPOL_PREFERRED policy did not work with Transparent Huge Pages (THP) enabled, but always fell back to the node 0 local node. Consequently, workload performance for multinode systems was significantly impacted. The backported patch ensures MPOL_PREFERRED policy with non-local node is respected, and system performance is back to optimal. (BZ#1476709)

A cgroups deadlock has been fixed

In certain circumstances when using cgroups, a system deadlock occurred due to a race condition. This update adds a work queue that fixes the race condition, which prevents the deadlock from happening. (BZ#1476040)

System no longer becomes unresponsive when DM thin provisioning is used on top of a loop device

Previously, system sometimes became unresponsive when Device Mapper (DM) thin provisioning was used on top of a loop device. With this update, memory allocation now uses correct gfp mask. As a result, the described problem no longer occurs. (BZ#1469247)

KASLR now no longer causes mirroring of kernel memory to non-mirrored regions

Prior to this update, with specified mirrored memory regions and kernel address space layout randomization (KASLR) enabled kernel memory could be located into non-mirrored memory regions. As a consequence, non-mirrored memory regions became unmovable. With this update, Kernel memory location is restricted from mirror regions. As a result, KASLR no longer causes mirroring of kernel memory to non-mirrored regions. (BZ#1446684)

Users now receive message with prompt to remove white space characters in the /etc/kdump.conf

Previously, one or more leading white space characters before a kdump configuration item in the /etc/kdump.conf caused incorrect kdump configuration. With this update, an error message with prompt to remove the leading white space characters return to users, and kdump no longer fails due to the described behavior. (BZ#1476219)

An application with large .bss segment on IBM POWER Systems will no longer cause random segmentation faults

Previously, on IBM POWER Systems architectures, an application with large .bss segment could cause the dynamic linker to terminate unexpectedly. As a consequence, an application launched with the dynamic linker could randomly cause segmentation faults. With this update, the ELF_ET_DYN_BASE value has been increased to 4GB for 64-bit implementations and 4MB for 32-bit implementations on this architecture. As a result, an application with large .bss segment on IBM POWER Systems architectures will not lead to random segmentation faults. (BZ#1432288)

Kernel no longer consumes excessive amounts of resources to calculate load

Previously, the kernel calculated load for every task group, including empty task groups, which consumed an excessive amount of system resources on systems with a large number of processes. This update prevents the kernel from calculating the load of empty task groups, which reduces the system load in the described circumstances. (BZ#1460641)

Cpuset is now able to restore the effective CPU mask after a pair of offline and online events

Prior to this update, the cpuset filesystem, which confines processes to processor and memory node subsets, had one bitmap set enabled for CPUs used in a cpuset. As a consequence, a CPU offline event followed by a CPU online event caused the affected CPU to be removed from all non-root cpusets. With this update, cpuset has two bitmap sets enabled. As a result, cpuset is now able to properly track CPU online or offline events to restore the effective CPU mask as long as the -o cpuset_v2_mode mount flag is used when mounting cpuset cgroup. (BZ#947004)

Access to /proc/[pid]/maps is now significantly faster

Previously, the time to locate a task of a stack Virtual Memory Area (VMA) in the [stack:TID] annotation scaled directly with the number of active tasks in the system. As a consequence, the more tasks were running in the system, the slower it was to correctly annotate the stack VMA, which causes slowed access to the /proc/[pid]/maps files. With this update, the [stack:TID] annotation is no longer used. As a result, access to /proc/[pid]/maps is now significantly faster, particularly when a lot of tasks is running in the system. (BZ#1448534)

fadump no longer fails to restart

Previously, fadump stopped during DLPAR memory remove operation and then started to restart. Under certain circumstances fadump failed to restart. With this update, the described problem no longer occurs. (BZ#1438695)

makedumpfile can now map page table entries correctly

On some virtual machines running on HP hardware, it was impossible to correctly obtain the physical address of the virtual machine's memory, causing the makedumpfile utility to fail with an error similar to:
readmem: Can't convert a virtual address(ffffffffb21158a0) to physical address
The problem happened because file_size was incorrectly calculated, preventing the readpage_elf() function from working properly. This update fixes the calculation of file_size on these systems, ensuring that a vmcore file can be collected, and the makedumpfile --mem-usage command estimates the vmcore size correctly. (BZ#1448861)

Asymmetric groups are used for overlapping scheduling domains

Previously, scheduling group construction on certain Non-Uniform Memory Access (NUMA) systems negatively influenced thread migration. This situation adversely affected the performance when a task could not be migrated to a neighboring NUMA node. With this update, asymmetric groups are used for overlapping scheduling domains to solve the problem. (BZ#1373534)

The KASLR no longer causes kernel to become unresponsive while booting the system

Previously, the kernel sometimes became unresponsive on certain SGI UV systems when the Kernel Address Space Layout Randomization (KASLR) feature was enabled. As a consequence, the systems were unable to boot. With this update, the kernel does not attempt to adapt the size of the direct mapping when KASLR is enabled. As a result, the system now boots normally and the described problem no longer occurs. (BZ#1457046)

Unplugging a Wacom tablet with ExpressKeys no longer causes the operating system to reboot

When some Wacom tablets were unplugged from a running GNOME session on Red Hat Enterprise Linux 7.4, the operating system rebooted within five seconds. This problem was initially observed on Wacom model 27QHD devices. This update ensures that the tablet can be unplugged without causing the operating system to reboot. (BZ#1462363)

Setting memory.kmem.limit_in_bytes no longer causes a problem when removing that memory cgroup later

Previously, setting the cgroup memory.kmem.limit_in_bytes parameter caused a problem when that memory cgroup was later removed. The problem occurred when an attempt was made to merge the memory cgroup kmem cache, which was not handled properly. This update disables kmem cache merging for memory cgroups by backporting the current upstream code, which no longer uses this functionality. (BZ#1442618)

The sha1-avx2 encryption algorithm is now re-enabled

Due to a read-beyond error (when the code attempts to read memory outside of its boundary), the sha1-avx2 encryption algorithm was disabled. With this update, the problem has been resolved, and administrators may now use sha1-avx2. (BZ#1469200)

VXLAN rebased to version 4.14

The VXLAN driver has been upgraded to upstream version 4.14, which provides a number of bug fixes over the previous version. Notable changes include the following:
  • The tunnel source IP address is used in route lookups.
  • VXLAN Generic Protocol Extension (VXLAN-GPE) now uses the correct Internet Assigned Numbers Authority (IANA) for User Datagram Protocol (UDP) port.
  • The VNI 0xffffff value can now be used.
  • A race condition on tunnel removal has been fixed.
  • Static forwarding database (fdb) entries now behave consistently with Linux bridge. (BZ#1467280)