Article ID: 115414, created on Jan 15, 2013, last review on May 11, 2014

  • Applies to:
  • Virtuozzo containers for Linux 4.7

Synopsis:          New Parallels Virtuozzo Containers 4.7 kernel provides an update with performance and stability fixes.
Product:           Parallels Virtuozzo Containers 4.7
Keywords:          "bugfix" "stability" "security"


This document provides information on the new Virtuozzo Containers 4.7 kernel, version 2.6.32-042stab072.10.


1. About This Release
2. Updates Description
3. Obtaining New Kernel
4. References



The current update for the Virtuozzo Containers 4.7 kernel provides a new
kernel based on the Red Hat Enterprise Linux 6.3 kernel (2.6.32-279.19.1.el6).
The updated kernel includes a number of security and stability fixes.



This update contains fixes for the following issues:

* The filesystem freeze mechanism has been enhanced to avoid possible Node
  deadlocks when backing up Containers. (PSBM-16485)

* A beancounter structure could be released prematurely, possibly causing a
  kernel crash. (OVZ 2446)

* The NFS module could be unloaded on the Hardware Node even if a running
  Container had the NFS feature turned on. This could result in a kernel panic
  on the next NFS volume mount inside the Container. (OVZ 2427)

* The checkpointing mechanism has been enhanced to handle situations where
  a process has opened children-owned files, like "/proc/<pid>/..." (OVZ 2404)

* The checkpointing mechanism has been enhanced to handle NFS silly-renamed
  files in cases where SimFS was used over an NFS volume. (OVZ 2242)

* The installation of swap pages during an iterative online migration has been
  fixed. One symptom of an incorrect installation could be a task
  swap usage underflow:
    # vzctl exec 101 grep VmSwap /proc/1/status
    VmSwap:       18446744073709551612 kB
  Under specific circumstances, this issue could also lead to a kernel panic.

* The checkpointing mechanism has been enhanced with support for the migration
  of active conntrack expectations. (PCLIN-31321)

* The CPULIMIT restriction has been enhanced to use the lowest possible number
  of physical CPUs to provide the CPU power set for a Container. This
  enhancement increases system performance due to a reduced number of context
  switches and CPU cache savings.

  The scheduler tries to use no more than "(X/100 + 1)" physical CPUs if the
  CPU limit of a Container is set to "X". (PSBM-16856)

* A kernel panic on the destination Node could occur during an online Container
  migration if an already dead task got into the checkpointing image.

* Under certain circumstances, a kernel panic could occur in ub_skb_uncharge()
  or ub_skb_set_charge() due to a missing socket beancounter initialization
  on creating a socket buffer. (OVZ 2401)

* A kernel panic could occur if a Container hit its dentry cache size limit
  due a bug in the mainstream Linux kernel. (OVZ 1758)

* hugetlb pages accounting inside a Container has been added; huge pages
  are now included in "kmemsize" and "lockedpages." (PSBM-17327)

  To see the current usage of hugetlb in a Container, check

* A double free error in the names_cachep structure could occur when performing
  an Acronis-based backup on a Node with the audit component turned on.
  Potentially, this double free error could also lead to a kernel panic.



You can download and install this kernel update using the vzup2date utility
included in the Parallels Virtuozzo Containers 4.7 distribution set.



Copyright (c) 1999-2013 Parallels Holdings, Ltd. and its affiliates. All rights

0c05f0c76fec3dd785e9feafce1099a9 2897d76d56d2010f4e3a28f864d69223 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb

Email subscription for changes to this article
Save as PDF