Article ID: 122229, created on Jul 2, 2014, last review on Oct 3, 2014

  • Applies to:
  • Virtuozzo containers for Linux 4.7
Synopsis:          A Parallels Virtuozzo Containers for Linux 4.7
                   kernel update introducing security, stability, and
                   usability fixes.
Product:           Parallels Virtuozzo Containers for Linux 4.7
Keywords:          'bugfix' 'security' 'stability' 'usability'

1. What's Included in This Update

This update includes a new Parallels Virtuozzo Containers for Linux 4.7 kernel (2.6.32-042stab092.1) based on the Red Hat Enterprise Linux 6.5 kernel (2.6.32-431.20.3.el6). The new kernel introduces security, stability, and usability fixes.

2. Bug Fixes

  • Online migration of an active packet socket could fail with the message "CPT ERR: page without mapping". Checkpointing code has been enhanced to support online migration of packet sockets. (#PSBM-24091)

  • Online Container migration could fail if files from /proc/$PID/ were still open after the process with PID $PID had stopped. (#PSBM-25452)

  • HP Performance Agent could fail due to the absence of the /proc/sysvipc/msg file. The SYSVIPC procfs interface has been provided, so the /proc/sysvipc/{msg,sem,shm} files are now available. (#PSBM-26563)

  • Certain netfilter kernel modules (nf_nat, nf_conntrack_ipv4, nf_conntrack_ipv6) could not be loaded automatically if requested from inside Containers. (#PSBM-26669)

  • The top utility run inside a Container could show confusing equal values of used CPU power for every CPU available inside that Container; even though the total CPU power used inside the Container was shown correctly. (#PSBM-26714)

  • The iproute2 utility could show netlink warnings in the log. For example, "[2532930.556624] netlink: 20 bytes leftover after parsing attributes". (#PSBM-26757)

  • A kernel panic could occur due to a race between bridge device deletion and packet forwarding. (#PSBM-26931)

  • A Hardware Node with hundreds of gigabytes of RAM could suffer from high memory and CPU latencies (as displayed by vzstat or pstat) if the vzstat.ko kernel module was loaded. (#PSBM-26984)

  • A Container could fail to start if its configuration file contained an empty IPTABLES parameter and the iptable_raw kernel module was loaded on the Hardware Node. (#PSBM-27181)

  • Under certain circumstances, a kernel panic could occur in dquot_initialize() under heavy disk I/O load and with quotas enabled. (#PSBM-27506)

  • Under certain circumstances, a soft CPU lockup could occur in case of high memory pressure inside a Container and OOM killer activity. (#PSBM-27508)

  • Online migration of a Container with nested bindmounts could fail with an error during restore. In particular, this issue affected Containers running cPanel as well as Fedora 17 and newer. (#PSBM-27525)

  • Checkpointing mechanism could not handle silly-renamed files if SimFS was used over NFS. (#OVZ-2242)

  • An attempt to run a KVM VM could fail due to insufficient permissions while accessing a device. (#OVZ-2915)

  • Under certain circumstances, PID allocation code deficiency could lead to a Hardware Node crash. (#OVZ-2983)

3. Obtaining the Update

You can download and install the update using the vzup2date utility included in the Parallels Virtuozzo Containers for Linux 4.7 distribution set.

4. References

Copyright (c) 1999-2014 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

0c05f0c76fec3dd785e9feafce1099a9 2897d76d56d2010f4e3a28f864d69223 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb

Email subscription for changes to this article
Save as PDF