All -
On Tuesday 1-SEPT we released RHEL 5.4, which marks a significant
milestone for the System z platform at Red Hat. By enhancing our
Engineering process via additional dedicated System z headcount, and by
procedural changes, we have been able to backport significant System z
hardware exploitation code from upstream kernels into RHEL5.
Historically Red Hat has been known for a slight lag behind other Linux
vendors (avg of 3-6 months), which is something that was specifically
addressed in this release. Several features now included in RHEL5 have
not yet made it into other Linux distributions -- and while that's great
for marketing -- it's the first publicly visible reflection of internal
changes we've made. A lot of work went into the release, and I'm proud
to say that we now fully support NSS. This was, in my view, the number
one requested feature.
With RHEL 5.4, the System z highlights are below. Full release
notes can be found at:
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html-single/Release_Notes/
- Utilizing Named Saved Segments (NSS), the z/VM hypervisor makes
operating system code in shared real memory pages available to z/VM
guest virtual machines. With this update, multiple Red Hat Enterprise
Linux guest operating systems on the z/VM can boot from the NSS and be
run from a single copy of the Linux kernel in memory. (BZ#474646)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474646>
- Device driver support has been added in this update for the new
IBM System z PCI cryptography accelerators, utilizing the same
interfaces as prior versions. (BZ#488496)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=488496>
- Red Hat Enterprise Linux 5.4 adds support for processor
degradation, which allows processor speed to be reduced in some
circumstances (i.e. system overheating). (BZ#474664)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474664> This new
feature allows automation software to observe the machine state and act
based on defined policies.
- Control Program Identification (CPI) descriptive data is used to
identify individual systems on the Hardware Management Console (HMC).
With this update, CPI data can now be associated with a Red Hat
Enterprise Linux instance. (BZ#475820)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475820>. For more
information on CPI refer to the Device Drivers, Features, and Commands
document
<http://www.ibm.com/developerworks/linux/linux390/development_documentation.html>
- Fibre Channel Protocol (FCP) performance data can now be measured
on Red Hat Enterprise Linux instances on the IBM System z platform.
(BZ#475334)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475334> Metrics
that are collected and reported on include:
* Performance relevant data on stack components such as Linux
devices, Small Computer System Interface (SCSI) Logical Unit Numbers
(LUNs) and Host Bus Adapter (HBA) storage controller information.
* Per stack component: current values of relevant measurements
as throughput, utilization and other applicable measurements.
* Statistical aggregations (minimum, maximum, averages and
histogram) of data associated with I/O requests including size, latency
per component and totals.
- Support has been added to the kernel to issue EMC Symmetrix
Control I/O. This update provides the ability to manage EMC Symmetrix
storage arrays with Red Hat Enterprise Linux on the IBM System z
platform. (BZ#461288)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461288>
- A new feature has been implemented in the kernel to perform an
Initial Program Load (IPL) on a Red Hat Enterprise Linux virtual machine
immediately following a kernel panic and dump.(BZ#474688)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474688>
- Hardware that supports the configuration topology facility passes
the system CPU topology information to the scheduler, allowing it to
make load balancing decisions. On machines where I/O interrupts are
unevenly distributed, CPUs that are grouped together and get more I/O
interrupts than others will tend to have a higher average load, creating
performance issues in some cases.
Previously, CPU topology support was enabled by default. With this
update, CPU topology support is disabled by default, and the kernel
parameter "topology=on" has been added to allow this feature to be
enabled. (BZ#475797)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475797>
- New kernel options can now be added using the IPL command without
modifying the content of the CMS parmfile, allowing for temporary
overwriting of kernel options that are already provided by the parmfile.
The entire boot command line can be replaced with the VM parameter
string, bypassing any kernel options from the parmfile. Furthermore,
customers can create new Linux Named Saved Systems (NSS) on the CP/CMS
command line. (BZ#475530)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475530>
- The qeth driver has been updated with HiperSockets Layer3 support
for IPv6. (BZ#475572)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475572> For
further details on this feature, refer to the "qeth device driver for
OSA-Express (QDIO) and HiperSockets" chapter in IBM's "Device Drivers,
Features, and Commands" book located at:
http://www.ibm.com/developerworks/linux/linux390/october2005_documentation.html
- Starting with z9 HiperSocket firmware returns the version string
in a different format. This change resulted in missing mcl_level
information in the qeth status message issued during online setting of
the device. The updated qeth driver now correctly reads the new version
string format of HiperSockets, allowing for a standardization of output
format. (BZ#479881)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479881>
- In Red Hat Enterprise Linux 5.4, the |s390utils| package has been
rebased to version 1.8.1. For a full list of features that this rebase
provides, please refer to the Package Updates section of the Technical
Notes
<http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html-single/Technical_Notes/>.
(BZ#477189) <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=477189>
- In the kernel, a sysfs interface has been implemented to
associate actions to shutdown triggers. For more details on this
feature, refer to the "Shutdown actions" chapter in IBM's "Device
Drivers, Features, and Commands" book located at:
http://www.ibm.com/developerworks/linux/linux390/development_documentation.html
- Asymmetric Logical Unit Access (ALUA) support in
device-mapper-multipath has been updated, adding explicit ALUA support
for Clariion storage. Earlier versions of Red Hat Enterprise Linux 5
added support for implicit ALUA (i.e. the operating system is not aware
of which storage device paths have optimized performance and which have
non-optimized performance). If the operating system consistently sends
I/O on a non-optimized path, then the storage device may transparently
make that path optimized, improving performance and causing idle paths
to become non-optimized.
- Red Hat Enterprise Linux 5.4 introduces /explicit/ ALUA support
for Clariion storage (i.e. the operating system exchanges information
with the storage device and is able to select the paths that have
optimized performance). (BZ#482737)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=482737>
- Previously, support for raw devices in the upstream kernel was
deprecated. However, this support has been returned to the kernel.
Consequently, in Red Hat Enterprise Linux 5.4, support for raw devices
has also been returned. Additionally, the initscripts packages have been
updated, adding the previously dropped functionality of raw
devices.(BZ#472891)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472891this%20o>
- Pointer and signed arithmetic overflow wrapping has not
previously been defined in the Linux kernel. This could cause *GCC* (GNU
C Compiler) to assume that wrapping does not occur and attempt to
optimize the arithmetic that the kernel may require for overflow
testing. This update adds the /|-fwrapv|/ variable to *GCC* |CFLAGS| in
order to define wrapping behavior.(Bugzilla #491266
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=491266>)
- An issue of contention between processes vying for the same
memory space in high end systems was recently identified by TPC-C
(Transaction Processing Council) benchmarking. This update includes
|fast-gup| patches which use direct IO and provide a significant (up to
9-10%) performance improvement. This update has been tested thoroughly
and is used in the 5.4 kernel to improve scalability. For further
information, see this article <http://lwn.net/Articles/275185/>.
(Bugzilla #474913
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474913>)
- A new tunable parameter has been added to this kernel, allowing
system administrators to change the maximum number of modified pages
|kupdate| writes to disk per iteration each time it runs. This new
tunable |/proc/sys/vm/max_writeback_pages| defaults to /|1024|/ or 4MB
so that a maximum of 1024 pages get written out by each iteration of
|kupdate|. (Bugzilla #479079
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479079>).
- A new option (/|CONFIG_TASK_IO_ACCOUNTING=y|/) has been added to
kernel to assist in monitoring IO statistics per process. This assists
with troubleshooting in a production environment. (Bugzilla #461636
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461636>)
- In previous kernels, back-up processes were deteriorating DB2
server responsiveness. This was caused by |/proc/sys/vm/dirty_ratio|
preventing processes writing to pagecache memory when more than half of
the unmapped pagecache memory was dirty (even if /|dirty_ratio|/ was set
to 100%). A change made in this kernel update overrides this limiting
behavior. Now, when the /|dirty_ratio|/ is set to 100%, the system will
no longer limit writing to pagecache memory. (Bugzilla #295291
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=295291>)
- The /|rd_blocksize|/ option found in the previous kernel's
ramdisk driver was causing data corruption when using large ramdisks
under a reasonable system load. This update removes the unnecessary
option and resolves the data corruption issues. (Bugzilla #480663
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=480663>)
- The function |getrusage| is used to examine the resource usage of
a process. It is useful in diagnosing problems and gathering data on
resource usage. In instances where a process interrogated by |getrusage|
was spawning child process threads, however, the results would be in
incorrect as |getrusage| would examine only the parent process and not
interrogate its children. This update implements |rusadge_thread| to
allow for accurate resource usage results in these instances. (Bugzilla
#451063 <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=451063>)
- The header |/usr/include/linux/futex.h| would previously
interfere with compiling C source code files, resulting in an error.
This update includes a patch which corrects problematic kernel only
definitions and resolves the compiling error. (Bugzilla #475790
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475790>)
- In previous kernels the kernel version was not identified in
panic or oops output messages. This update adds the kernel version
details to oops and panic output. (Bugzilla #484403
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=484403>)
- During release 2.6.18, the kernel was configured to provide
kernel-headers for the package glibc. That process caused various files
to be improperly marked for inclusion. The |serial_reg.h| file was
incorrectly marked and not included in the |kernel_headers| rpm. This,
in turn, caused problems with building other rpms. This update adds the
|serial_reg.h| file and corrects the problem. (Bugzilla #463538
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=463538>)
- In some circumstances |upcrund|, the process manager in the *HP
Unified Parallel C* (UPC) product, returned an ESRCH result and failed
when calling |setpgid()| for a child process forked by a sub-thread.
This update includes a patch to fix for this problem. (Bugzilla #472433
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472433>)
- Functionality has been added to |sysrq-t| to display backtrace
information about running processes. This will assist in debugging hung
systems. (Bugzilla #456588
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=456588>)
- In Red Hat Enterprise Linux 5.4, debugging the kernel has been
improved with added features for generating core dumps. Core dumps
(memory snapshots) are useful for debugging system and kernel crashes.
With this update, it is now possible to perform a core dump on systems
that utilize hugepages.(BZ#470411)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=470411>
Additionally, kernel panic messages can now be extracted from a core
dump file (vmcore) using the |makedumpfile| command. (BZ#485308)
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=485308>
* This update increases the maximum length of the kernel
key field from the arbitrary 32 character length set in previous kernels
to 255 characters. (Bugzilla #475145
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475145>)
* This kernel update addresses the security concern arising
from non-root users being able to create device nodes on filesystems
exported using NFSD (Network File System daemon). This update returns
the |CAP_MKNOD| and |CAP_LINUX_IMMUTABLE|) capabilities to the user with
the FSUID of 0 in the file system mask. (Bugzilla #497272
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497272> and
Bugzilla #499076
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=499076>)
- In keeping with Federal Information Processing Standardization
140 (FIPS140) certification requirements, this update includes:
* Self-testing for; |ansi_cprng| (Bugzilla #497891
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497891>),
|ctr(aes)| mode (Bugzilla #497888
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=497888>),
Hmac-sha512 (Bugzilla #499463
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=499463>),
|rfc4309(ccm(aes))|. (Bugzilla #472386
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=472386>),
* Code to produce a signature file that GRUB performs a
checksum against during the boot process. (Bugzilla #444632
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=444632>)
* Code to change the DSA key from 512 bit to 1024 bit for
module signing. (Bugzilla #413241
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=413241>)
--
Shawn D. Wells
Global System z Platform Manager
Cell: (+1) 443-534-0130 (GMT -5)
Linux on System z LinkedIn Group:
http://www.linkedin.com/groups?gid=2064074
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
