All - On Tuesday 1-SEPT we released RHEL 5.4, which marks a significant milestone for the System z platform at Red Hat. By enhancing our Engineering process via additional dedicated System z headcount, and by procedural changes, we have been able to backport significant System z hardware exploitation code from upstream kernels into RHEL5. Historically Red Hat has been known for a slight lag behind other Linux vendors (avg of 3-6 months), which is something that was specifically addressed in this release. Several features now included in RHEL5 have not yet made it into other Linux distributions -- and while that's great for marketing -- it's the first publicly visible reflection of internal changes we've made. A lot of work went into the release, and I'm proud to say that we now fully support NSS. This was, in my view, the number one requested feature.
With RHEL 5.4, the System z highlights are below. Full release notes can be found at: http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html-single/Release_Notes/ - Utilizing Named Saved Segments (NSS), the z/VM hypervisor makes operating system code in shared real memory pages available to z/VM guest virtual machines. With this update, multiple Red Hat Enterprise Linux guest operating systems on the z/VM can boot from the NSS and be run from a single copy of the Linux kernel in memory. (BZ#474646) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474646> - Device driver support has been added in this update for the new IBM System z PCI cryptography accelerators, utilizing the same interfaces as prior versions. (BZ#488496) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=488496> - Red Hat Enterprise Linux 5.4 adds support for processor degradation, which allows processor speed to be reduced in some circumstances (i.e. system overheating). (BZ#474664) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474664> This new feature allows automation software to observe the machine state and act based on defined policies. - Control Program Identification (CPI) descriptive data is used to identify individual systems on the Hardware Management Console (HMC). With this update, CPI data can now be associated with a Red Hat Enterprise Linux instance. (BZ#475820) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475820>. For more information on CPI refer to the Device Drivers, Features, and Commands document <http://www.ibm.com/developerworks/linux/linux390/development_documentation.html> - Fibre Channel Protocol (FCP) performance data can now be measured on Red Hat Enterprise Linux instances on the IBM System z platform. (BZ#475334) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475334> Metrics that are collected and reported on include: * Performance relevant data on stack components such as Linux devices, Small Computer System Interface (SCSI) Logical Unit Numbers (LUNs) and Host Bus Adapter (HBA) storage controller information. * Per stack component: current values of relevant measurements as throughput, utilization and other applicable measurements. * Statistical aggregations (minimum, maximum, averages and histogram) of data associated with I/O requests including size, latency per component and totals. - Support has been added to the kernel to issue EMC Symmetrix Control I/O. This update provides the ability to manage EMC Symmetrix storage arrays with Red Hat Enterprise Linux on the IBM System z platform. (BZ#461288) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461288> - A new feature has been implemented in the kernel to perform an Initial Program Load (IPL) on a Red Hat Enterprise Linux virtual machine immediately following a kernel panic and dump.(BZ#474688) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474688> - Hardware that supports the configuration topology facility passes the system CPU topology information to the scheduler, allowing it to make load balancing decisions. On machines where I/O interrupts are unevenly distributed, CPUs that are grouped together and get more I/O interrupts than others will tend to have a higher average load, creating performance issues in some cases. Previously, CPU topology support was enabled by default. With this update, CPU topology support is disabled by default, and the kernel parameter "topology=on" has been added to allow this feature to be enabled. (BZ#475797) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475797> - New kernel options can now be added using the IPL command without modifying the content of the CMS parmfile, allowing for temporary overwriting of kernel options that are already provided by the parmfile. The entire boot command line can be replaced with the VM parameter string, bypassing any kernel options from the parmfile. Furthermore, customers can create new Linux Named Saved Systems (NSS) on the CP/CMS command line. (BZ#475530) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475530> - The qeth driver has been updated with HiperSockets Layer3 support for IPv6. (BZ#475572) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475572> For further details on this feature, refer to the "qeth device driver for OSA-Express (QDIO) and HiperSockets" chapter in IBM's "Device Drivers, Features, and Commands" book located at: http://www.ibm.com/developerworks/linux/linux390/october2005_documentation.html - Starting with z9 HiperSocket firmware returns the version string in a different format. This change resulted in missing mcl_level information in the qeth status message issued during online setting of the device. The updated qeth driver now correctly reads the new version string format of HiperSockets, allowing for a standardization of output format. (BZ#479881) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479881> - In Red Hat Enterprise Linux 5.4, the |s390utils| package has been rebased to version 1.8.1. For a full list of features that this rebase provides, please refer to the Package Updates section of the Technical Notes <http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html-single/Technical_Notes/>. (BZ#477189) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=477189> - In the kernel, a sysfs interface has been implemented to associate actions to shutdown triggers. For more details on this feature, refer to the "Shutdown actions" chapter in IBM's "Device Drivers, Features, and Commands" book located at: http://www.ibm.com/developerworks/linux/linux390/development_documentation.html - Asymmetric Logical Unit Access (ALUA) support in device-mapper-multipath has been updated, adding explicit ALUA support for Clariion storage. Earlier versions of Red Hat Enterprise Linux 5 added support for implicit ALUA (i.e. the operating system is not aware of which storage device paths have optimized performance and which have non-optimized performance). If the operating system consistently sends I/O on a non-optimized path, then the storage device may transparently make that path optimized, improving performance and causing idle paths to become non-optimized. - Red Hat Enterprise Linux 5.4 introduces /explicit/ ALUA support for Clariion storage (i.e. the operating system exchanges information with the storage device and is able to select the paths that have optimized performance). (BZ#482737) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=482737> - Previously, support for raw devices in the upstream kernel was deprecated. However, this support has been returned to the kernel. Consequently, in Red Hat Enterprise Linux 5.4, support for raw devices has also been returned. Additionally, the initscripts packages have been updated, adding the previously dropped functionality of raw devices.(BZ#472891) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472891this%20o> - Pointer and signed arithmetic overflow wrapping has not previously been defined in the Linux kernel. This could cause *GCC* (GNU C Compiler) to assume that wrapping does not occur and attempt to optimize the arithmetic that the kernel may require for overflow testing. This update adds the /|-fwrapv|/ variable to *GCC* |CFLAGS| in order to define wrapping behavior.(Bugzilla #491266 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=491266>) - An issue of contention between processes vying for the same memory space in high end systems was recently identified by TPC-C (Transaction Processing Council) benchmarking. This update includes |fast-gup| patches which use direct IO and provide a significant (up to 9-10%) performance improvement. This update has been tested thoroughly and is used in the 5.4 kernel to improve scalability. For further information, see this article <http://lwn.net/Articles/275185/>. (Bugzilla #474913 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474913>) - A new tunable parameter has been added to this kernel, allowing system administrators to change the maximum number of modified pages |kupdate| writes to disk per iteration each time it runs. This new tunable |/proc/sys/vm/max_writeback_pages| defaults to /|1024|/ or 4MB so that a maximum of 1024 pages get written out by each iteration of |kupdate|. (Bugzilla #479079 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479079>). - A new option (/|CONFIG_TASK_IO_ACCOUNTING=y|/) has been added to kernel to assist in monitoring IO statistics per process. This assists with troubleshooting in a production environment. (Bugzilla #461636 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461636>) - In previous kernels, back-up processes were deteriorating DB2 server responsiveness. This was caused by |/proc/sys/vm/dirty_ratio| preventing processes writing to pagecache memory when more than half of the unmapped pagecache memory was dirty (even if /|dirty_ratio|/ was set to 100%). A change made in this kernel update overrides this limiting behavior. Now, when the /|dirty_ratio|/ is set to 100%, the system will no longer limit writing to pagecache memory. (Bugzilla #295291 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=295291>) - The /|rd_blocksize|/ option found in the previous kernel's ramdisk driver was causing data corruption when using large ramdisks under a reasonable system load. This update removes the unnecessary option and resolves the data corruption issues. (Bugzilla #480663 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=480663>) - The function |getrusage| is used to examine the resource usage of a process. It is useful in diagnosing problems and gathering data on resource usage. In instances where a process interrogated by |getrusage| was spawning child process threads, however, the results would be in incorrect as |getrusage| would examine only the parent process and not interrogate its children. This update implements |rusadge_thread| to allow for accurate resource usage results in these instances. (Bugzilla #451063 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=451063>) - The header |/usr/include/linux/futex.h| would previously interfere with compiling C source code files, resulting in an error. This update includes a patch which corrects problematic kernel only definitions and resolves the compiling error. (Bugzilla #475790 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475790>) - In previous kernels the kernel version was not identified in panic or oops output messages. This update adds the kernel version details to oops and panic output. (Bugzilla #484403 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=484403>) - During release 2.6.18, the kernel was configured to provide kernel-headers for the package glibc. That process caused various files to be improperly marked for inclusion. The |serial_reg.h| file was incorrectly marked and not included in the |kernel_headers| rpm. This, in turn, caused problems with building other rpms. This update adds the |serial_reg.h| file and corrects the problem. (Bugzilla #463538 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=463538>) - In some circumstances |upcrund|, the process manager in the *HP Unified Parallel C* (UPC) product, returned an ESRCH result and failed when calling |setpgid()| for a child process forked by a sub-thread. This update includes a patch to fix for this problem. (Bugzilla #472433 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472433>) - Functionality has been added to |sysrq-t| to display backtrace information about running processes. This will assist in debugging hung systems. (Bugzilla #456588 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=456588>) - In Red Hat Enterprise Linux 5.4, debugging the kernel has been improved with added features for generating core dumps. Core dumps (memory snapshots) are useful for debugging system and kernel crashes. With this update, it is now possible to perform a core dump on systems that utilize hugepages.(BZ#470411) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=470411> Additionally, kernel panic messages can now be extracted from a core dump file (vmcore) using the |makedumpfile| command. (BZ#485308) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=485308> * This update increases the maximum length of the kernel key field from the arbitrary 32 character length set in previous kernels to 255 characters. (Bugzilla #475145 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475145>) * This kernel update addresses the security concern arising from non-root users being able to create device nodes on filesystems exported using NFSD (Network File System daemon). This update returns the |CAP_MKNOD| and |CAP_LINUX_IMMUTABLE|) capabilities to the user with the FSUID of 0 in the file system mask. (Bugzilla #497272 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497272> and Bugzilla #499076 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=499076>) - In keeping with Federal Information Processing Standardization 140 (FIPS140) certification requirements, this update includes: * Self-testing for; |ansi_cprng| (Bugzilla #497891 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497891>), |ctr(aes)| mode (Bugzilla #497888 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497888>), Hmac-sha512 (Bugzilla #499463 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=499463>), |rfc4309(ccm(aes))|. (Bugzilla #472386 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472386>), * Code to produce a signature file that GRUB performs a checksum against during the boot process. (Bugzilla #444632 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=444632>) * Code to change the DSA key from 512 bit to 1024 bit for module signing. (Bugzilla #413241 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=413241>) -- Shawn D. Wells Global System z Platform Manager Cell: (+1) 443-534-0130 (GMT -5) Linux on System z LinkedIn Group: http://www.linkedin.com/groups?gid=2064074 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390