ProHoster > Ibhulogi > iindaba ze-intanethi > I-Oracle ikhupha i-Unbreakable Enterprise Kernel 6

I-Oracle ikhupha i-Unbreakable Enterprise Kernel 6

Inkampani ye-Oracle thaca ukhululo oluzinzileyo lokuqala Ishishini elingenakuqhekeka Kernel 6 (UEK R6), ulwakhiwo olwandisiweyo lwe-Linux kernel, ebekwe ukuze isetyenziswe kunikezelo lwe-Oracle Linux njengenye indlela kwiphakheji yekernel eqhelekileyo esuka kwiRed Hat Enterprise Linux. I-kernel ifumaneka kuphela kwi-x86_64 kunye ne-ARM64 (aarch64) yoyilo lwezakhiwo. Imithombo ye-Kernel, kubandakanya ukuqhekeka kwiipatches zomntu ngamnye, ipapashiwe kwindawo yoluntu yeOracle Git.

I-Enterprise Kernel 6 engaqhawukiyo isekwe kwi-kernel Linux 5.4 (I-UEK R5 yayisekelwe kwi-kernel 4.14), ehlaziywa ngeempawu ezintsha, ukulungiswa kunye nokulungiswa, kwaye iphinda ivavanywe ukuhambelana nezicelo ezininzi ezisebenza kwi-RHEL, kwaye ilungiselelwe ngokukodwa ukusebenza nge-software ye-industrial kunye ne-Oracle hardware. Ufakelo kunye neepakethe ze-src ezine-UEK R6 kernel zilungiselelwe i-Oracle Linux 7.x ΠΈ 8.x. Inkxaso ye-6.x yesebe iyekisiwe, ukusebenzisa i-UEK R6, kufuneka uhlaziye inkqubo kwi-Oracle Linux 7 (akukho miqobo ekusebenziseni le kernel kwiinguqulelo ezifanayo ze-RHEL, i-CentOS kunye ne-Scientific Linux).

Isitshixo ezintsha Ishishini elingaqhawukiyo iKernel 6:

  • Inkxaso eyandisiweyo yeenkqubo ezisekelwe kwi-architecture ye-ARM ye-64-bit (aarch64).
  • Inkxaso yazo zonke iimpawu zeCgroup v2 iphunyeziwe.
  • Isakhelo sektask siphunyeziwe ukufanisa imisebenzi kwikernel edla izixhobo ezibalulekileyo ze-CPU. Ngokomzekelo, ukusebenzisa i-ktask, ukuhambelana kwemisebenzi ukucacisa uluhlu lwamaphepha ememori okanye inkqubo yoluhlu lwee-inodes lunokulungiswa;
  • Uguqulelo olungqameneyo lwe kswapd lwenziwe lwasebenza ukuqhubekekisa imemori yephepha swaps ngokulinganayo, ukunciphisa inani lotshintshiselwano oluthe ngqo (synchronous). Njengoko inani lamaphepha enkumbulo esimahla liyancipha, kswapd yenza iscan ukuchonga amaphepha angasetyenziswanga anokukhululwa.
  • Inkxaso yokuqinisekisa ukuthembeka komfanekiso we-kernel kunye ne-firmware usebenzisa isignesha yedijithali xa ulayisha i-kernel usebenzisa i-Kexec mechanism (ukulayisha i-kernel kwinkqubo esele ilayishiwe).
  • Ukusebenza kwenkqubo yokulawula imemori ebonakalayo kuye kwaphuculwa, ukusebenza kakuhle kokucoca imemori kunye namaphepha e-cache kuye kwaphuculwa, kunye nokucutshungulwa kokufikelela kumaphepha ememori angabiwanga (iiphene zephepha) ziphuculwe.
  • Inkxaso ye-NVDIMM yandisiwe, le nkumbulo eqhubekayo ngoku ingasetyenziswa njenge-RAM yendabuko.
  • Ukutshintshela kwi-dynamic debugging system DTrace 2.0 yenziwe, leyo iguqulelwe ukusebenzisa i-eBPF kernel subsystem. I-DTrace ngoku isebenza ngaphezulu kwe-eBPF, ngokufanayo nendlela izixhobo zomkhondo zeLinux ezikhoyo ezisebenza ngayo ngaphezulu kwe-eBPF.
  • Uphuculo lwenziwe kwinkqubo yefayile ye-OCFS2 (i-Oracle Cluster File System).
  • Inkxaso ephuculweyo yenkqubo yefayile ye-Btrfs. Yongezwe amandla okusebenzisa i-Btrfs kwizahlulo zeengcambu. Ukhetho longezwe kwisifaki ukukhetha iiBtrfs xa ufomatha izixhobo. Yongezwe ukukwazi ukubeka iifayile zokutshintsha kwizahlulo kunye neeBtrfs. I-Btrfs yongeze inkxaso yoxinzelelo usebenzisa i-algorithm ye-ZStandard.
  • Inkxaso eyongeziweyo yojongano lwe-asynchronous I/O - io_uring, ephawuleka ngenkxaso yayo ye-I/O yokuvota kunye nokukwazi ukusebenza kunye okanye ngaphandle kokuphazamiseka. Ngokwemigaqo yokusebenza, i-io_uring isondele kakhulu kwi-SPDK kwaye iphambili kakhulu kwi-libaio xa isebenza ngokuvota kuvuliwe. Ukusebenzisa i-io_uring kwizicelo zokugqibela ezisebenza kwindawo yomsebenzisi, ilayibrari ye-liburing ilungisiwe, ibonelela ngokubophelela okuphezulu kwi-interface ye-kernel;
  • Inkxaso yemowudi eyongeziweyo I-Adiantum kufihlo lokugcina olukhawulezayo.
  • Inkxaso eyongeziweyo yoxinzelelo usebenzisa i-algorithm umgangatho (zstd).
  • Inkqubo yefayile ye-ext4 isebenzisa izitampu ze-64-bit kwimida ye-superblock.
  • I-XFS ibandakanya izixhobo zokunika ingxelo ngemeko yengqibelelo yesixokelelwano sefayile ngexesha lokusebenza kunye nokufumana ubume bokuphunyezwa kwefsck kwi-fly.
  • Isitaki esingagqibekanga seTCP sitshintshelwe kwi "Ixesha lokuhamba kwangethuba" endaweni ethi "Ngokukhawuleza Ngokunokwenzeka" xa uthumela iipakethi. Inkxaso ye-GRO (Generic Receive Offload) yenziwe ukuba isebenze kwi-UDP. Inkxaso eyongeziweyo yokufumana kunye nokuthumela iipakethi ze-TCP kwimodi ye-zero-copy.
  • Ukuphunyezwa kweprotocol ye-TLS kwinqanaba le-kernel (KTLS) libandakanyekayo, ngoku lingasetyenziselwa kuphela ukuthunyelwa, kodwa kunye nedatha efunyenweyo.
  • Inikwe amandla njengomva wefirewall ngokungagqibekanga
    ii-nftables. Inkxaso ekhethiweyo yongezwa bpfilter.

  • Inkxaso eyongeziweyo ye-XDP (i-eXpress Data Path) engaphantsi kwenkqubo, evumela ukuqhuba iinkqubo ze-BPF kwi-Linux kwinqanaba lomqhubi wothungelwano ngokukwazi ukufikelela ngokuthe ngqo kwi-buffer yepakethe ye-DMA nakwinqanaba phambi kokuba isithinteli se-skbuff sabiwe sisitaki sothungelwano.
  • Iphuculwe kwaye yenziwe xa usebenzisa i-UEFI Secure Boot mode Ukutshixa, enqanda ufikelelo lomsebenzisi wengcambu kwi kernel kwaye ibhloke UEFI Khusela umendo wokuQalisa ukugqitha. Umzekelo, kwindlela yokutshixa, ukufikelela kwi/dev/mem, /dev/kmem, /dev/port, /proc/kcore, debugfs, kprobes debugging mode, mmiotrace, tracefs, BPF, PCMCIA CIS (uLwakhiwo loLwazi lweKhadi), ezinye ujongano lunqunyelwe i-ACPI kunye neerejista ze-MSR ze-CPU, iifowuni kwi-kexec_file kunye ne-kexec_load zivaliwe, indlela yokulala ayivumelekanga, ukusetyenziswa kwe-DMA yezixhobo ze-PCI kulinganiselwe, ukungeniswa kwekhowudi ye-ACPI esuka kwi-EFI variables akuvumelekanga, ukukhwabanisa nge-I / O izibuko azikho. kuvunyelwe, kuquka ukutshintsha inani lophazamiseko kunye ne I/O izibuko lezibuko lothotho.
  • Inkxaso eyongeziweyo ye-IBRS eyandisiweyo (iNgcaciso eThintelweyo yeSebe eLongeziweyo), ekuvumela ukuba ulungelelanise kwaye ukhubaze uzalisekiso oluqikelelwayo lwemiyalelo ngexesha lolungiso lophazamiseko, umnxeba wenkqubo, kunye nokutshintsha umxholo. Ngenkxaso ye-IBRS ephuculweyo, le ndlela isetyenziselwa ukukhusela ukuhlaselwa kweSpecter V2 endaweni yeRetpoline, njengoko ivumela ukusebenza okuphezulu.
  • Ukhuseleko oluphuculweyo kubalawuli behlabathi ababhalayo. Kuloo balawuli, akuvumelekanga ukwenza iifayile zeFIFO kunye neefayile ezizezabasebenzisi ezingahambelaniyo nomnini wesilawuli kunye neflegi encangathi.
  • Ngokungagqibekanga kwiinkqubo ze-ARM, idilesi ye-kernel yendawo randomisation kwiinkqubo (KASLR) yenziwe. Uqinisekiso lwesalathiso luvulelwe i-Aarch64.
  • Inkxaso eyongeziweyo ye "NVMe phezu kweFabrics TCP".
  • Umqhubi wongeziweyo we-virtio-pmem ukubonelela ukufikelela kwidilesi yendawo yokugcina izixhobo ezifana ne-NVDIMM.

umthombo: opennet.ru

Yongeza izimvo