Wim Coekaerts

Subscribe to Wim Coekaerts feed
Oracle Blogs
Updated: 3 weeks 3 days ago

Oracle Linux 7 UEK5 preview 4.14.26

Wed, 2018-03-14 10:13

We just updated the UEK5 kernel preview to 4.14.26-1. The latest version is based on upstream stable 4.14.26 and can be found in our UEK5 preview channel.

The preview channel also has a number of other packages in it: an updated dtrace, updated daxctl and ndctl tools for persistent-memory.

Another thing I wanted to point out. We have had the source tree for UEK on oss.oracle.com for a long time in a git repo. We've always made sure that the changes are public, full git history both upstream and our own patches/bugfixes on top so it's very easy for anyone publicly to see what the source is. Not a tarball with just the end result source code, not a web-based only thing that's tedious to see what's up but standard git with all source, all commits. In order to make that a bit easier, we moved this to github.   Nothing different on the code side but this gives a nicer consolidated, cleaner view.


We use the exact same git repo/tree for Oracle Linux for x64 and for ARM64. This source tree also includes dtrace, etc...

Oracle Linux in Oracle Cloud Infrastructure and on-premises.

Sun, 2018-03-11 12:59

Oracle Cloud Infrastructure is a really great platform to run many types of operating systems on many compute instance shapes available with larger amounts of NVMe storage, lots of threads or cores and super fast networking. OCI lets you run pretty much any operating system (Windows, Ubuntu, CentOS, any Linux pretty much runs..and of course Oracle Linux). With the Emulation Mode VMs, you can go way back with old version and someone even showed OS2 running!

One really nice thing about OCI is the fact that Oracle Linux support is included at no additional cost. I wrote about this before. You can file SRs, you get support for OL5 extended support, you can use Oracle Enterprise Manager Cloud Control instances to manage the OS, you can use spacewalk, you can use kubernetes, docker, it's all included. We have local yum repository mirrors inside OCI regions for fast downloads of packages and also making sure you get these without incurring external network traffic. And of course, we do very frequent updates of the Oracle Linux images so that you can always start instance create with the latest and greatest updates. We have scripts to make life easier (such as oci-utils), we create RPMs for the OCI CLI, python SDK, terraform provider etc.. so you don't have to manually download scripts or tools and compile or install them, it's all there.

Another reason is that we all work very closely together to support you. The Oracle Cloud Infrastructure development team and  the Oracle Linux development team work hand in hand to figure out what went wrong, in the rare case something happens. We're one team towards our customers and partners.

Another nice thing with Oracle Linux in OCI is the on-premises angle. When you run Oracle Linux on your serves on-prem, you have access to the exact same code, packages, with a support subscription you have full Oracle support, and even without a support subscription you have access to the errata updates, and all the packages I mentioned here without a need for authorization keys or access codes. It's all right there. If you are an ISV that wants to package an application and embed an OS, OL is perfect (you can distribute it for free, you can decide to get support subscriptions when you need it without being forced to change OSs underneath) you can then take that exact same code and run it in a cloud environment, and in OCI in particular at no additional cost including full support. Create a VM image and distribute the entire image, no contract needed. You can provide that VM image on-premises or in the cloud. You can install it on bare-metal servers, it's not limited to VMs. And of course customers have the flexibility of moving between on-premises and Oracle Cloud without having to worry. Same code, predictable cost. Full support in both places.

Whether you are a developer, a customer with test and development systems, production systems, an ISV that creates solution bundles with an embedded OS... no difference. You don't have to worry about taking an RPM from your developer platform and install it on your production system. 

Want to play with docker images? They're on docker hub, they're on Oracle Container registry, free to use by anyone and everyone. Both in our cloud (and any cloud) and on-premises. Regularly updated images. For the exact some OS you can run in production, in test/dev, for developers, ISVs, anywhere. No distinction. And we have an OCI mirror of our Container registry, again, for fast access and  to ensure you don't create external network usage.

Sure there are other Linux distributions out there. Free ones, great, but if you need help, support, service levels for production, it's not offered. Commercial ones, well, no such flexibility, not even close. And if something goes wrong, you deal with at least 2 companies to figure out what happened.  1 call, 1 SR, on-prem, in cloud. Same code everywhere.

Public Oracle Linux yum server

Source code https://oss.oracle.com/sources/

Vagrant boxes

docker hub

ISO images

full public git repo with mainline and our commits, transparent. (not tar balls to actually try and obfuscate)

public service patch breakout for those that don't want to go through patch files for that other kernel 


Oracle Container Services for use with Kubernetes(1.9.1) 1.1.9

Tue, 2018-03-06 11:23

We just released Oracle Container Services for use with Kubernetes 1.1.9. This is based on Kubernetes 1.9.1.

There are also docker images to get going easily. You can download them from the Oracle Container Registry using standard docker commands. Please remember that we have OCR mirrors that provide fast performance (ocr-phx.oracle.com ocr-ash.oracle.com ocr-fra.oracle.com - I suggest using one of those alternative mirrors... at some point we will do traffic routing but right now it's still manual for this). For users trying out our OCSK8s (let me shorten it to that) in Oracle Cloud Infrastructure, do use the mirrors as they are hosted inside the OCI datacenters.

The individual packages are released in the Oracle Linux 7 add_ons channel  on yum.oracle.com.

Documentation can be found here. This release is also formally supported as part of Oracle Linux support.

Also of note, we are a certified platform/distribution in the Kubernetes Conformance program. See here.

Oracle Linux 7 UEK5 - preview updated from 4.14.20 to 4.14.23 for both x64 and arm64

Sat, 2018-03-03 11:54

latest update of uek5 preview is on https://yum.oracle.com

Oracle Linux 7 Server - Developer preview Unbreakable Enterprise Kernel Release 5

kernel-uek-4.14.23-1.el7uek - The Linux kernel (Update)

# rpm -q --changelog kernel-uek-4.14.23-1.el7uek | more

Remember - go check http://yum.oracle.com/whatsnew.html on a regular basis, good source to see what's been updated or added.





Description of changes since last released kernel (4.14.20-1):

- Xen: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Somasundaram Krishnasamy)  [Orabug: 27602172]
- dtrace: prefetch of arguments from stack breaks NOFAULT protection (Tomas Jedlicka)  [Orabug: 27593504]
- dtrace: remove use of flag SLAB_NOTRACK (Tomas Jedlicka)  [Orabug: 27415846]
- dtrace: update assembly routines to match 4.14.21 kernels (Tomas Jedlicka)  [Orabug: 27591318]
- uek-rpm: Set base_sublevel to 23 (Somasundaram Krishnasamy)  [Orabug: 27601642]
- Linux 4.14.23 (Greg Kroah-Hartman)
- microblaze: fix endian handling (Arnd Bergmann)
- m32r: fix endianness constraints (Geert Uytterhoeven)
- drm/i915/breadcrumbs: Ignore unsubmitted signalers (Chris Wilson)
- drm/amdgpu: add new device to use atpx quirk (Kai-Heng Feng)
- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) (Alex Deucher)
- drm/amdgpu: add atpx quirk handling (v2) (Alex Deucher)
- drm/amdgpu: only check mmBIF_IOV_FUNC_IDENTIFIER on tonga/fiji (Alex Deucher)
- drm/amdgpu: Add dpm quirk for Jet PRO (v2) (Alex Deucher)
- drm/amdgpu: disable MMHUB power gating on raven (Huang Rui)
- drm: Handle unexpected holes in color-eviction (Chris Wilson)
- drm/cirrus: Load lut in crtc_commit (Daniel Vetter)
- usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path (Yoshihiro Shimoda)
- usb: gadget: f_fs: Use config_ep_by_speed() (Jack Pham)
- usb: gadget: f_fs: Process all descriptors during bind (Jack Pham)
- Revert "usb: musb: host: don't start next rx urb if current one failed" (Bin Liu)
- usb: ldusb: add PIDs for new CASSY devices supported by this driver (Karsten Koop)
- usb: dwc3: ep0: Reset TRB counter for ep0 IN (Thinh Nguyen)
- usb: dwc3: gadget: Set maxpacket size for ep0 IN (Thinh Nguyen)
- usb: host: ehci: use correct device pointer for dma ops (Peter Chen)
- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA (Kai-Heng Feng)
- Add delay-init quirk for Corsair K70 RGB keyboards (Jack Stocker)
- arm64: cpufeature: Fix CTR_EL0 field definitions (Will Deacon)
- arm64: Disable unhandled signal log messages by default (Michael Weiser)
- arm64: Remove unimplemented syscall log message (Michael Weiser)
- usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() (AMAN DEEP)
- ohci-hcd: Fix race condition caused by ohci_urb_enqueue() and io_watchdog_func() (Shigeru Yoshida)
- PCI/cxgb4: Extend T3 PCI quirk to T4+ devices (Casey Leedom)
- irqchip/mips-gic: Avoid spuriously handling masked interrupts (Matt Redfearn)
- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() (Shanker Donthineni)
- mm, swap, frontswap: fix THP swap if frontswap enabled (Huang Ying)
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (Arnd Bergmann)
- Kbuild: always define endianess in kconfig.h (Arnd Bergmann)
- iio: adis_lib: Initialize trigger before requesting interrupt (Lars-Peter Clausen)
- iio: buffer: check if a buffer has been set up when poll is called (Stefan Windfeldt-Prytz)
- iio: srf08: fix link error "devm_iio_triggered_buffer_setup" undefined (Andreas Klinger)
- iio: adc: stm32: fix stm32h7_adc_enable error handling (Fabrice Gasnier)
- RDMA/uverbs: Sanitize user entered port numbers prior to access it (Leon Romanovsky)
- RDMA/uverbs: Fix circular locking dependency (Leon Romanovsky)
- RDMA/uverbs: Fix bad unlock balance in ib_uverbs_close_xrcd (Leon Romanovsky)
- RDMA/uverbs: Protect from command mask overflow (Leon Romanovsky)
- RDMA/uverbs: Protect from races between lookup and destroy of uobjects (Leon Romanovsky)
- extcon: int3496: process id-pin first so that we start with the right status (Hans de Goede)
- PKCS#7: fix certificate blacklisting (Eric Biggers)
- PKCS#7: fix certificate chain verification (Eric Biggers)
- X.509: fix NULL dereference when restricting key with unsupported_sig (Eric Biggers)
- X.509: fix BUG_ON() when hash algorithm is unsupported (Eric Biggers)
- i2c: bcm2835: Set up the rising/falling edge delays (Eric Anholt)
- i2c: designware: must wait for enable (Ben Gardner)
- cfg80211: fix cfg80211_beacon_dup (Arnd Bergmann)
- MIPS: Drop spurious __unused in struct compat_flock (James Hogan)
- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info (Tyrel Datwyler)
- xtensa: fix high memory/reserved memory collision (Max Filippov)
- MIPS: boot: Define __ASSEMBLY__ for its.S build (Kees Cook)
- kconfig.h: Include compiler types to avoid missed struct attributes (Kees Cook)
- arm64: mm: don't write garbage into TTBR1_EL1 register (Ard Biesheuvel)
- netfilter: drop outermost socket lock in getsockopt() (Paolo Abeni)
- Linux 4.14.22 (Greg Kroah-Hartman)
- vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems (Michal Hocko)
- mei: me: add cannon point device ids for 4th device (Tomas Winkler)
- mei: me: add cannon point device ids (Alexander Usyskin)
- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode (Kamil Konieczny)
- drm/i915: fix intel_backlight_device_register declaration (Arnd Bergmann)
- crypto: talitos - fix Kernel Oops on hashing an empty file (LEROY Christophe)
- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close (Jia-Ju Bai)
- powerpc/perf/imc: Fix nest-imc cpuhotplug callback failure (Anju T Sudhakar)
- PCI: rcar: Fix use-after-free in probe error path (Geert Uytterhoeven)
- xen: XEN_ACPI_PROCESSOR is Dom0-only (Jan Beulich)
- platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410 (Pali Rohár)
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (Karol Herbst)
- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep (Dave Young)
- usb: dwc3: of-simple: fix missing clk_disable_unprepare (Andreas Platschek)
- usb: dwc3: gadget: Wait longer for controller to end command processing (Vincent Pelletier)
- dmaengine: jz4740: disable/unprepare clk if probe fails (Tobias Jordan)
- drm/vc4: Release fence after signalling (Stefan Schake)
- ASoC: rsnd: ssi: fix race condition in rsnd_ssi_pointer_update (Jiada Wang)
- drm/armada: fix leak of crtc structure (Russell King)
- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies. (Steffen Klassert)
- IB/mlx4: Fix RSS hash fields restrictions (Guy Levi)
- spi: sun4i: disable clocks in the remove function (Takuo Koguchi)
- ASoC: rockchip: disable clock on error (Stefan Potyra)
- staging: ccree: Uninitialized return in ssi_ahash_import() (Dan Carpenter)
- clk: fix a panic error caused by accessing NULL pointer (Cai Li)
- netfilter: xt_bpf: add overflow checks (Jann Horn)
- xfrm: Fix xfrm_input() to verify state is valid when (encap_type < 0) (Aviv Heller)
- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (Gustavo A. R. Silva)
- dmaengine: ioat: Fix error handling path (Christophe JAILLET)
- scsi: bfa: fix type conversion warning (Arnd Bergmann)
- scsi: bfa: fix access to bfad_im_port_s (Johannes Thumshirn)
- scsi: lpfc: Use after free in lpfc_rq_buf_free() (Dan Carpenter)
- gianfar: Disable EEE autoneg by default (Claudiu Manoil)
- 509: fix printing uninitialized stack memory when OID is empty (Eric Biggers)
- net: dsa: mv88e6xxx: Unregister MDIO bus on error path (Andrew Lunn)
- net: dsa: mv88e6xxx: Fix interrupt masking on removal (Andrew Lunn)
- net: ethernet: arc: fix error handling in emac_rockchip_probe (Branislav Radocaj)
- virtio_net: fix return value check in receive_mergeable() (Yunjian Wang)
- brcmfmac: Avoid build error with make W=1 (Andy Shevchenko)
- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree (Nikolay Borisov)
- Btrfs: disable FUA if mounted with nobarrier (Omar Sandoval)
- btrfs: Fix quota reservation leak on preallocated files (Justin Maggard)
- locking/lockdep: Fix possible NULL deref (Peter Zijlstra)
- net: qualcomm: rmnet: Fix leak on transmit failure (Subash Abhinov Kasiviswanathan)
- KVM: VMX: fix page leak in hardware_setup() (Jim Mattson)
- VSOCK: fix outdated sk_state value in hvs_release() (Stefan Hajnoczi)
- net_sched: red: Avoid illegal values (Nogah Frankel)
- net_sched: red: Avoid devision by zero (Nogah Frankel)
- gianfar: fix a flooded alignment reports because of padding issue. (Zumeng Chen)
- nfp: fix port stats for mac representors (Pieter Jansen van Vuuren)
- ARM: dts: Fix elm interrupt compiler warning (Tony Lindgren)
- s390/dasd: prevent prefix I/O error (Stefan Haberland)
- s390/virtio: add BSD license to virtio-ccw (Michael S. Tsirkin)
- PM / runtime: Fix handling of suppliers with disabled runtime PM (Rafael J. Wysocki)
- powerpc/perf: Fix oops when grouping different pmu events (Ravi Bangoria)
- m68k: add missing SOFTIRQENTRY_TEXT linker section (Greg Ungerer)
- ipvlan: Add the skb->mark as flow4's member to lookup route (Gao Feng)
- bnxt_en: Need to unconditionally shut down RoCE in bnxt_shutdown (Ray Jui)
- scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none (Will Deacon)
- iio: fix kernel-doc build errors (Randy Dunlap)
- iio: proximity: sx9500: Assign interrupt from GpioIo() (Andy Shevchenko)
- md/raid1/10: add missed blk plug (Shaohua Li)
- phylink: ensure we take the link down when phylink_stop() is called (Russell King)
- sfp: fix RX_LOS signal handling (Russell King)
- sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (Xin Long)
- md/raid5: correct degraded calculation in raid5_error (bingjingc)
- IB/core: Init subsys if compiled to vmlinuz-core (Dmitry Monakhov)
- RDMA/cma: Make sure that PSN is not over max allowed (Moni Shoua)
- i40iw: Correct ARP index mask (Mustafa Ismail)
- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (Mustafa Ismail)
- i40iw: Allocate a sdbuf per CQP WQE (Chien Tin Tung)
- KVM: arm/arm64: Fix spinlock acquisition in vgic_set_owner (Marc Zyngier)
- meson-gx-socinfo: Fix package id parsing (Arnaud Patard)
- IB/hfi1: Initialize bth1 in 16B rc ack builder (Dennis Dalessandro)
- pinctrl: sunxi: Fix A64 UART mux value (Andre Przywara)
- pinctrl: sunxi: Fix A80 interrupt pin bank (Andre Przywara)
- gpio: davinci: Assign first bank regs for unbanked case (Keerthy)
- gpio: 74x164: Fix crash during .remove() (Geert Uytterhoeven)
- net: mvpp2: allocate zeroed tx descriptors (Yan Markman)
- media: ov13858: Select V4L2_FWNODE (Sakari Ailus)
- media: s5k6aa: describe some function parameters (Mauro Carvalho Chehab)
- trace/xdp: fix compile warning: 'struct bpf_map' declared inside parameter list (Xie XiuQi)
- kvm: arm: don't treat unavailable HYP mode as an error (Ard Biesheuvel)
- pinctrl: denverton: Fix UART2 RTS pin mode (Andy Shevchenko)
- perf test: Fix test 21 for s390x (Thomas Richter)
- perf bench numa: Fixup discontiguous/sparse numa nodes (Satheesh Rajendran)
- perf top: Fix window dimensions change handling (Jiri Olsa)
- perf: Fix header.size for namespace events (Jiri Olsa)
- perf test shell: Fix check open filename arg using 'perf trace' on s390x (Thomas Richter)
- perf annotate: Do not truncate instruction names at 6 chars (Ravi Bangoria)
- perf help: Fix a bug during strstart() conversion (Namhyung Kim)
- perf record: Fix -c/-F options for cpu event aliases (Andi Kleen)
- ARM: dts: am437x-cm-t43: Correct the dmas property of spi0 (Peter Ujfalusi)
- ARM: dts: am4372: Correct the interrupts_properties of McASP (Peter Ujfalusi)
- ARM: dts: logicpd-somlv: Fix wl127x pinmux (Adam Ford)
- ARM: dts: logicpd-som-lv: Fix gpmc addresses for NAND and enet (Adam Ford)
- ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen (Tony Lindgren)
- ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function (Keerthy)
- ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context (Tony Lindgren)
- serdev: fix receive_buf return value when no callback (Johan Hovold)
- usb: build drivers/usb/common/ when USB_SUPPORT is set (Randy Dunlap)
- usbip: keep usbip_device sockfd state in sync with tcp_socket (Shuah Khan)
- staging: iio: ad5933: switch buffer mode to software (Alexandru Ardelean)
- staging: iio: adc: ad7192: fix external frequency setting (Alexandru Ardelean)
- staging: fsl-mc: fix build testing on x86 (Arnd Bergmann)
- binder: replace "%p" with "%pK" (Todd Kjos)
- binder: check for binder_thread allocation failure in binder_poll() (Eric Biggers)
- staging: android: ashmem: Fix a race condition in pin ioctls (Ben Hutchings)
- ANDROID: binder: synchronize_rcu() when using POLLFREE. (Martijn Coenen)
- ANDROID: binder: remove WARN() for redundant txn error (Todd Kjos)
- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock (Paolo Abeni)
- arm64: dts: add #cooling-cells to CPU nodes (Arnd Bergmann)
- ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag (Arnd Bergmann)
- video: fbdev/mmp: add MODULE_LICENSE (Arnd Bergmann)
- ASoC: ux500: add MODULE_LICENSE tag (Arnd Bergmann)
- net_sched: gen_estimator: fix lockdep splat (Eric Dumazet)
- net: avoid skb_warn_bad_offload on IS_ERR (Willem de Bruijn)
- rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (Sowmini Varadhan)
- rds: tcp: correctly sequence cleanup on netns deletion. (Sowmini Varadhan)
- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert (Cong Wang)
- netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1() (Cong Wang)
- netfilter: on sockopt() acquire sock lock only in the required scope (Paolo Abeni)
- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() (Dmitry Vyukov)
- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (Eric Dumazet)
- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (Dmitry Vyukov)
- kcov: detect double association with a single task (Dmitry Vyukov)
- KVM: x86: fix escape of guest dr6 to the host (Wanpeng Li)
- blk_rq_map_user_iov: fix error override (Douglas Gilbert)
- staging: android: ion: Switch from WARN to pr_warn (Laura Abbott)
- staging: android: ion: Add __GFP_NOWARN for system contig heap (Laura Abbott)
- crypto: x86/twofish-3way - Fix %rbp usage (Eric Biggers)
- media: pvrusb2: properly check endpoint types (Andrey Konovalov)
- selinux: skip bounded transition processing if the policy isn't loaded (Paul Moore)
- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (Paul Moore)
- ptr_ring: try vmalloc() when kmalloc() fails (Jason Wang)
- ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (Jason Wang)
- ALSA: bcd2000: Add a sanity check for invalid EPs (Takashi Iwai)
- ALSA: caiaq: Add a sanity check for invalid EPs (Takashi Iwai)
- ALSA: line6: Add a sanity check for invalid EPs (Takashi Iwai)
- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all (Chris Wilson)
- dnotify: Handle errors from fsnotify_add_mark_locked() in fcntl_dirnotify() (Jan Kara)
- blktrace: fix unlocked registration of tracepoints (Jens Axboe)
- sctp: set frag_point in sctp_setsockopt_maxseg correctly (Xin Long)
- xfrm: check id proto in validate_tmpl() (Cong Wang)
- xfrm: Fix stack-out-of-bounds read on socket policy lookup. (Steffen Klassert)
- RDMA/netlink: Fix general protection fault (Leon Romanovsky)
- KVM/x86: Check input paging mode when cs.l is set (Lan Tianyu)
- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed. (Tetsuo Handa)
- xfrm: skip policies marked as dead while rehashing (Florian Westphal)
- xfrm: fix rcu usage in xfrm_get_type_offload (Sabrina Dubroca)
- xfrm: don't call xfrm_policy_cache_flush while holding spinlock (Florian Westphal)
- esp: Fix GRO when the headers not fully in the linear part of the skb. (Steffen Klassert)
- mac80211_hwsim: validate number of different channels (Johannes Berg)
- cfg80211: check dev_set_name() return value (Johannes Berg)
- bpf: mark dst unknown on inconsistent {s, u}bounds adjustments (Daniel Borkmann)
- kcm: Only allow TCP sockets to be attached to a KCM mux (Tom Herbert)
- kcm: Check if sk_user_data already set in kcm_attach (Tom Herbert)
- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (Jason Wang)
- usb: core: Add a helper function to check the validity of EP type in URB (Takashi Iwai)
- Linux 4.14.21 (Greg Kroah-Hartman)
- ovl: hash directory inodes for fsnotify (Amir Goldstein)
- ASoC: acpi: fix machine driver selection based on quirk (Pierre-Louis Bossart)
- mmc: sdhci-of-esdhc: fix the mmc error after sleep on ls1046ardb (yinbo.zhu)
- mmc: sdhci-of-esdhc: fix eMMC couldn't work after kexec (yinbo.zhu)
- mmc: sdhci-of-esdhc: disable SD clock for clock value 0 (yangbo lu)
- media: r820t: fix r820t_write_reg for KASAN (Arnd Bergmann)
- ARM: dts: Delete bogus reference to the charlcd (Linus Walleij)
- arm: dts: mt2701: Add reset-cells (Matthias Brugger)
- arm: dts: mt7623: Update ethsys binding (Matthias Brugger)
- ARM: dts: s5pv210: add interrupt-parent for ohci (Arnd Bergmann)
- arm64: dts: msm8916: Add missing #phy-cells (Bjorn Andersson)
- ARM: pxa/tosa-bt: add MODULE_LICENSE tag (Arnd Bergmann)
- ARM: dts: exynos: fix RTC interrupt for exynos5410 (Arnd Bergmann)
- Bluetooth: BT_HCIUART now depends on SERIAL_DEV_BUS (Arnd Bergmann)
- scsi: core: check for device state in __scsi_remove_target() (Hannes Reinecke)
- x86/mm, mm/hwpoison: Don't unconditionally unmap kernel 1:1 pages (Tony Luck)
- usb: Move USB_UHCI_BIG_ENDIAN_* out of USB_SUPPORT (James Hogan)
- mvpp2: fix multicast address filter (Mikulas Patocka)
- ALSA: seq: Fix racy pool initializations (Takashi Iwai)
- ALSA: usb: add more device quirks for USB DSD devices (Daniel Mack)
- ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 (Lassi Ylikojola)
- ALSA: hda/realtek: PCI quirk for Fujitsu U7x7 (Jan-Marek Glogowski)
- ALSA: hda/realtek - Enable Thinkpad Dock device for ALC298 platform (Kailang Yang)
- ALSA: hda/realtek - Add headset mode support for Dell laptop (Kailang Yang)
- ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (Kirill Marinushkin)
- ALSA: hda - Fix headset mic detection problem for two Dell machines (Hui Wang)
- mtd: nand: vf610: set correct ooblayout (Stefan Agner)
- 9p/trans_virtio: discard zero-length reply (Greg Kurz)
- Btrfs: fix unexpected -EEXIST when creating new inode (Liu Bo)
- Btrfs: fix use-after-free on root->orphan_block_rsv (Liu Bo)
- Btrfs: fix btrfs_evict_inode to handle abnormal inodes correctly (Liu Bo)
- Btrfs: fix extent state leak from tree log (Liu Bo)
- Btrfs: fix crash due to not cleaning up tree log block's dirty bits (Liu Bo)
- Btrfs: fix deadlock in run_delalloc_nocow (Liu Bo)
- dm: correctly handle chained bios in dec_pending() (NeilBrown)
- iscsi-target: make sure to wake up sleeping login worker (Florian Westphal)
- target/iscsi: avoid NULL dereference in CHAP auth error path (David Disseldorp)
- blk-wbt: account flush requests correctly (Jens Axboe)
- xprtrdma: Fix BUG after a device removal (Chuck Lever)
- xprtrdma: Fix calculation of ri_max_send_sges (Chuck Lever)
- drm/qxl: reapply cursor after resetting primary (Ray Strode)
- qxl: alloc & use shadow for dumb buffers (Gerd Hoffmann)
- arm64: proc: Set PTE_NG for table entries to avoid traversing them twice (Will Deacon)
- rtlwifi: rtl8821ae: Fix connection lost problem correctly (Larry Finger)
- mpls, nospec: Sanitize array index in mpls_label_ok() (Dan Williams)
- tracing: Fix parsing of globs with a wildcard at the beginning (Steven Rostedt (VMware))
- seq_file: fix incomplete reset on read from zero offset (Miklos Szeredi)
- xenbus: track caller request id (Joao Martins)
- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (Simon Gaiser)
- rbd: whitelist RBD_FEATURE_OPERATIONS feature bit (Ilya Dryomov)
- console/dummy: leave .con_font_get set to NULL (Nicolas Pitre)
- video: fbdev: atmel_lcdfb: fix display-timings lookup (Johan Hovold)
- PCI: keystone: Fix interrupt-controller-node lookup (Johan Hovold)
- PCI: iproc: Fix NULL pointer dereference for BCMA (Ray Jui)
- PCI: Disable MSI for HiSilicon Hip06/Hip07 only in Root Port mode (Dongdong Liu)
- MIPS: Fix incorrect mem=X@Y handling (Marcin Nowakowski)
- MIPS: Fix typo BIG_ENDIAN to CPU_BIG_ENDIAN (Corentin Labbe)
- mm: Fix memory size alignment in devm_memremap_pages_release() (Jan H. Schönherr)
- mm: hide a #warning for COMPILE_TEST (Arnd Bergmann)
- ext4: correct documentation for grpid mount option (Ernesto A. Fernández)
- ext4: save error to disk in __ext4_grp_locked_error() (Zhouyi Zhou)
- ext4: fix a race in the ext4 shutdown path (Harshad Shirwadkar)
- jbd2: fix sphinx kernel-doc build warnings (Tobin C. Harding)
- Revert "apple-gmux: lock iGP IO to protect from vgaarb changes" (Lukas Wunner)
- mlx5: fix mlx5_get_vector_affinity to start from completion vector 0 (Sagi Grimberg)
- Revert "mmc: meson-gx: include tx phase in the tuning process" (Jerome Brunet)
- mmc: bcm2835: Don't overwrite max frequency unconditionally (Phil Elwell)
- mmc: sdhci: Implement an SDHCI-specific bounce buffer (Linus Walleij)
- mbcache: initialize entry->e_referenced in mb_cache_entry_create() (Alexander Potapenko)
- rtc-opal: Fix handling of firmware error codes, prevent busy loops (Stewart Smith)
- drm/radeon: adjust tested variable (Julia Lawall)
- drm/radeon: Add dpm quirk for Jet PRO (v2) (Alex Deucher)
- arm64: Add missing Falkor part number for branch predictor hardening (Shanker Donthineni)
- drm/ast: Load lut in crtc_commit (Daniel Vetter)
- drm/amd/powerplay: Fix smu_table_entry.handle type (Andrey Grodzovsky)
- drm/qxl: unref cursor bo when finished with it (Ray Strode)
- drm/ttm: Fix 'buf' pointer update in ttm_bo_vm_access_kmap() (v2) (Tom St Denis)
- drm/ttm: Don't add swapped BOs to swap-LRU list (Felix Kuehling)
- x86/entry/64: Fix CR3 restore in paranoid_exit() (Ingo Molnar)
- x86/cpu: Change type of x86_cache_size variable to unsigned int (Gustavo A. R. Silva)
- x86/spectre: Fix an error message (Dan Carpenter)
- x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Jia Zhang)
- selftests/x86/mpx: Fix incorrect bounds with old _sigfault (Rui Wang)
- x86/mm: Rename flush_tlb_single() and flush_tlb_one() to __flush_tlb_one_[user|kernel]() (Andy Lutomirski)
- kmemcheck: rip it out for real (Michal Hocko)
- kmemcheck: rip it out (Levin, Alexander (Sasha Levin))
- kmemcheck: remove whats left of NOTRACK flags (Levin, Alexander (Sasha Levin))
- kmemcheck: stop using GFP_NOTRACK and SLAB_NOTRACK (Levin, Alexander (Sasha Levin))
- kmemcheck: remove annotations (Levin, Alexander (Sasha Levin))
dependency (Peter Zijlstra)
- nospec: Move array_index_nospec() parameter checking into separate macro (Will Deacon)
- x86/speculation: Fix up array_index_nospec_mask() asm constraint (Dan Williams)
- x86/debug: Use UD2 for WARN() (Peter Zijlstra)
- x86/debug, objtool: Annotate WARN()-related UD2 as reachable (Josh Poimboeuf)
- objtool: Fix segfault in ignore_unreachable_insn() (Josh Poimboeuf)
- selftests/x86: Disable tests requiring 32-bit support on pure 64-bit systems (Dominik Brodowski)
- selftests/x86: Do not rely on "int $0x80" in single_step_syscall.c (Dominik Brodowski)
- selftests/x86: Do not rely on "int $0x80" in test_mremap_vdso.c (Dominik Brodowski)
- selftests/x86/pkeys: Remove unused functions (Ingo Molnar)
- selftests/x86: Clean up and document sscanf() usage (Dominik Brodowski)
- selftests/x86: Fix vDSO selftest segfault for vsyscall=none (Dominik Brodowski)
- x86/entry/64: Remove the unused 'icebp' macro (Borislav Petkov)
- x86/entry/64: Fix paranoid_entry() frame pointer warning (Josh Poimboeuf)
- x86/entry/64: Indent PUSH_AND_CLEAR_REGS and POP_REGS properly (Dominik Brodowski)
- x86/entry/64: Get rid of the ALLOC_PT_GPREGS_ON_STACK and SAVE_AND_CLEAR_REGS macros (Dominik Brodowski)
- x86/entry/64: Use PUSH_AND_CLEAN_REGS in more cases (Dominik Brodowski)
- x86/entry/64: Introduce the PUSH_AND_CLEAN_REGS macro (Dominik Brodowski)
- x86/entry/64: Interleave XOR register clearing with PUSH instructions (Dominik Brodowski)
- x86/entry/64: Merge the POP_C_REGS and POP_EXTRA_REGS macros into a single POP_REGS macro (Dominik Brodowski)
- x86/entry/64: Merge SAVE_C_REGS and SAVE_EXTRA_REGS, remove unused extensions (Dominik Brodowski)
- x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (Dan Williams)
- PM: cpuidle: Fix cpuidle_poll_state_init() prototype (Rafael J. Wysocki)
- PM / runtime: Update links_count also if !CONFIG_SRCU (Lukas Wunner)
- x86/speculation: Clean up various Spectre related details (Ingo Molnar)
- KVM/nVMX: Set the CPU_BASED_USE_MSR_BITMAPS if we have a valid L02 MSR bitmap (KarimAllah Ahmed)
- X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs (KarimAllah Ahmed)
- KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods (David Woodhouse)
- Revert "x86/speculation: Simplify indirect_branch_prediction_barrier()" (David Woodhouse)
- x86/speculation: Correct Speculation Control microcode blacklist again (David Woodhouse)
- x86/speculation: Update Speculation Control microcode blacklist (David Woodhouse)
- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (Nadav Amit)
- powerpc/mm/radix: Split linear mapping on hot-unplug (Balbir Singh)
- crypto: sun4i_ss_prng - convert lock to _bh in sun4i_ss_prng_generate (Artem Savkov)
- crypto: sun4i_ss_prng - fix return value of sun4i_ss_prng_generate (Artem Savkov)
- compiler-gcc.h: __nostackprotector needs gcc-4.4 and up (Geert Uytterhoeven)
- compiler-gcc.h: Introduce __optimize function attribute (Geert Uytterhoeven)
- x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface (Dan Williams)
- x86/entry/64: Clear extra registers beyond syscall arguments, to reduce speculation attack surface (Dan Williams)
- x86: PM: Make APM idle driver initialize polling state (Rafael J. Wysocki)
- x86/xen: init %gs very early to avoid page faults with stack protector (Juergen Gross)
- x86/kexec: Make kexec (mostly) work in 5-level paging mode (Kirill A. Shutemov)
- x86/gpu: add CFL to early quirks (Lucas De Marchi)
- drm/i915/kbl: Change a KBL pci id to GT2 from GT1.5 (Anuj Phogat)
- drm/i915: add GT number to intel_device_info (Lionel Landwerlin)
- arm: spear13xx: Fix spics gpio controller's warning (Viresh Kumar)
- arm: spear13xx: Fix dmas cells (Viresh Kumar)
- arm: spear600: Add missing interrupt-parent of rtc (Viresh Kumar)
- arm: dts: mt7623: fix card detection issue on bananapi-r2 (Sean Wang)
- ARM: dts: nomadik: add interrupt-parent for clcd (Arnd Bergmann)
- ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property (Patrice Chotard)
- ARM: lpc3250: fix uda1380 gpio numbers (Arnd Bergmann)
- arm64: dts: msm8916: Correct ipc references for smsm (Bjorn Andersson)
- s390: fix handling of -1 in set{,fs}[gu]id16 syscalls (Eugene Syromiatnikov)
- dma-buf: fix reservation_object_wait_timeout_rcu once more v2 (Christian König)
- powerpc: Fix DABR match on hash based systems (Benjamin Herrenschmidt)
- powerpc/xive: Use hw CPU ids when configuring the CPU queues (Cédric Le Goater)
- powerpc/mm: Flush radix process translations when setting MMU type (Alexey Kardashevskiy)
- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (Nathan Fontenot)
- powerpc/radix: Remove trace_tlbie call from radix__flush_tlb_all (Mahesh Salgaonkar)
- ocfs2: try a blocking lock before return AOP_TRUNCATED_PAGE (Gang He)
- mwifiex: resolve reset vs. remove()/shutdown() deadlocks (Brian Norris)
- PM / devfreq: Propagate error from devfreq_add_device() (Bjorn Andersson)
- swiotlb: suppress warning when __GFP_NOWARN is set (Christian König)
- cpufreq: powernv: Dont assume distinct pstate values for nominal and pmin (Shilpasri G Bhat)
- RDMA/rxe: Fix rxe_qp_cleanup() (Bart Van Assche)
- RDMA/rxe: Fix a race condition in rxe_requester() (Bart Van Assche)
- RDMA/rxe: Fix a race condition related to the QP error state (Bart Van Assche)
- kselftest: fix OOM in memory compaction test (Arnd Bergmann)
- selftests: seccomp: fix compile error seccomp_bpf (Anders Roxell)
- IB/core: Avoid a potential OOPs for an unused optional parameter (Michael J. Ruhl)
- IB/core: Fix ib_wc structure size to remain in 64 bytes boundary (Bodong Wang)
- IB/core: Fix two kernel warnings triggered by rxe registration (Bart Van Assche)
- IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports (Jack Morgenstein)
- IB/qib: Fix comparison error with qperf compare/swap test (Mike Marciniszyn)
- IB/umad: Fix use of unprotected device pointer (Jack Morgenstein)
- scsi: smartpqi: allow static build ("built-in") (Steffen Weber)
- tracing: Prevent PROFILE_ALL_BRANCHES when FORTIFY_SOURCE=y (Randy Dunlap)

Oracle Linux 7 update 5 preview available for download

Sat, 2018-03-03 11:38

Oracle Linux 7 update 5 is in the works... and in order to give users a free sneak preview of what's coming we put a preview release out on OTN. We typically haven't done this in the past and just always released new update versions as they become generally available but some users like to try things out early on.

[disclaimer] This is a  preview - do not use production - [/disclaimer] ...

If you run into issues, do let us know, so we can make sure they are addressed before the GA release.

You can download it from OTN here.

MySQL 8.0.5 community edition preview for Oracle Linux 7 for ARM64 (preview)

Fri, 2018-03-02 13:00

We just published a build of MySQL 8.0.5 community server on yum.oracle.com, In the ARM64 "latest" repo.

We released an Oracle Linux 7.4 based preview for ARM64 servers a little while ago. See the announcement here.

A publicly available free download. No auth or access keys.

Once you have OL7.4 preview installed, you can get MySQL 8 going using the usual yum commands.

# yum install mysql-community-server

Oracle Linux 7 UEK5 - preview updated from 4.14.11 to 4.14.20

Wed, 2018-02-28 09:30

Just as FYI -

latest update of uek5 preview is on https://yum.oracle.com

Oracle Linux 7 Server - Developer preview Unbreakable Enterprise Kernel Release 5

kernel-uek-4.14.20-1.el7uek - The Linux kernel (Update)

This update has a bunch of fixes from us (typically see that with changelog entries containing "orabug" and it pulls in gregkh's stable 4.14.20 tree on top of 4.14.11.

# rpm -q --changelog kernel-uek-4.14.20-1.el7uek | more

Remember - go check http://yum.oracle.com/whatsnew.html on a regular basis, good source to see what's been updated or added.

Oracle Linux 7 UEK5 (Linux kernel 4.14) sneak preview

Sat, 2018-02-24 12:36

We just published an initial preview version of our next kernel-uek. This is based on upstream Linux 4.14 (latest stable -14). UEK4 is/was based on a 4.1 upstream Linux kernel.

If you want to try it out, you can just add the yum repo below on your  Oracle Linux 7-based system. If you don't have a quick OL7 environment, remember you can sign up for a free account on Oracle Cloud and quickly create an Oracle Linux 7 instance and do exactly the same.

There will be very regular updates of this preview kernel going forward so you can remain up to date with our development efforts. The source code is there as well and we are going to push the git repos onto github/oracle soon(ish).

All you have to do is add the following to your /etc/yum.repos.d/public-yum-ol7.repo file.

[ol7_developer_UEKR5] name=Oracle Linux $releasever UEK5 Development Packages ($basearch) baseurl=http://yum.oracle.com/repo/OracleLinux/OL7/developer_UEKR5/$basearch/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle gpgcheck=1 enabled=1

and then upgrade your kernel

# yum upgrade kernel-uek

reboot and you are all set.

If you want the latest dtrace along with it, it's in the same repo, you can just do

# yum install dtrace-utils Do a dtrace -l, you can see there are over 5000 probes now!


oci-utils (oracle cloud infrastructure) for Oracle Linux package

Fri, 2018-02-23 10:53

We recently added another little utilities RPM for Oracle Linux 7 to our collection:

oci-utils is an Oracle Linux RPM that contains a set of scripts to make managing an OCI instance easier, from within the instance.

The current version provides tools that help with managing block volumes (attach, remove, automatic discovery), secondary vnic configuration, a script to query the public IP of an instances and a script that lets you query instance metadata key/value pairs without having to parse or read json.

# yum install oci-utils Package content:

/usr/bin/oci-iscsi-config /usr/bin/oci-metadata /usr/bin/oci-network-config /usr/bin/oci-public-ip System service
/etc/systemd/ocid.service /usr/libexec/ocid MAN pages
oci-iscsi-config(1) oci-metadata(1) oci-network-config(1) oci-public-ip(1) ocid(8)
Ideally you start the ocid service, it will monitor for any changes in block devices or vnic's attached or removed. Today, when you add a block device, you have to run a number of iscsiadm commands to actually discover it and attach it to your instance. When ocid is running, it will, on a regular basis, probe to see if these devices have been created through the OCI web console, cli or SDK. It will then automatically disover them for you.

oci-iscsi-config is a simple wrapper around iscsiadm that provides you with a single command to list and attach/detach devices without having to know the iscsiadm command syntax.


# oci-iscsi-config -s For full functionality of this utility the ocid service must be running The administrator can start it using this command: sudo systemctl start ocid.service ocid already running. Currently attached iSCSI devices: Target iqn.2015-02.oracle.boot:uefi Persistent portal: Current portal: State: running Attached device: sda Size: 46.6G Partitions: Device Size Filesystem Mountpoint sda1 544M vfat /boot/efi sda2 8G swap [SWAP] sda3 38G xfs /

<attach a 50G block volume in the OCI webconsole>

# oci-iscsi-config -s Currently attached iSCSI devices: Target iqn.2015-12.com.oracleiaas:31b78e27-0c73-43ff-98b9-0ced1722a08c Persistent portal: Current portal: State: running Attached device: sdb Size: 50G File system type: Unknown Mountpoint: Not mounted Target iqn.2015-02.oracle.boot:uefi Persistent portal: Current portal: State: running Attached device: sda Size: 46.6G Partitions: Device Size Filesystem Mountpoint sda1 544M vfat /boot/efi sda2 8G swap [SWAP] sda3 38G xfs /

You can see /dev/sdb now show up after a few seconds, without having to run any commands.

oci-network-config is similar

oci-network-config is similar # oci-network-config -s CONFIG ADDR SPREFIX SBITS VIRTRT NS IND IFACE VLTAG VLAN STATE MAC VNIC - 24 - 0 ens3 - - UP 02:00:17:01:ed:6b ocid1.vnic.oc1.iad.abuwcljs4ik52qrq7itbb32rwajjqddt7utla64t47fkkq7tebw5gknt5csa <add a secondary interface>
# oci-network-config -s CONFIG ADDR SPREFIX SBITS VIRTRT NS IND IFACE VLTAG VLAN STATE MAC VNIC - 24 - 0 ens3 - - UP 02:00:17:01:ed:6b ocid1.vnic.oc1.iad.abuwcljs4ik52qrq7itbb32rwajjqddt7utla64t47fkkq7tebw5gknt5csa ADD 24 - 1 ens4 - - UP 02:00:17:01:eb:53 ocid1.vnic.oc1.iad.abuwcljsxek2mqaotafcohdmvghzrzx3jiiwq3zo45fh65dvlkpinndfjvma oci-public-ip just contacts an internet facing server to return your public IP of your instance.

# oci-public-ip Public IP address:
oci-medata let's you pretty-print the instance metadata and query for a given key

# oci-metadata -g region Instance details: Region: iad (Ashburn, VA, USA) # oci-metadata -g state Instance details: Instance state: Running

An updated version in the near future will also use the SDK (if installed along with your pem key) to go and create a block device and attach it from within your instance and/or create a secondary vnic and automatically create and attach it.

One roadmap item is the ability to use dynamic groups and principals to allow for an instance with the right privileges to do the block volume create/secondary vnic create without a pem key.

give it a try.

Oracle Container Runtime for Docker 17.12

Thu, 2018-02-22 13:44

Busy news day!

We just updated our docker-engine rpm to version 17.12. As always you can find it in the Oracle Linux 7 preview channel on our yum server.


We are currently cooking/baking "Oracle Container Services for Use with Kubernetes 1.9.1" stay tuned for that one as well.

oh and look for the docker-engine RPM on ARM soon too.

Oracle linux 7 for ARM64 updated to OL7.4

Thu, 2018-02-22 10:56

We just updated the Oracle Linux 7 for ARM64 content.

Oracle Linux 7 for ARM64 (64-bit only) is freely downloadable from OTN: here.

The release is now at the same level as x64 (Oracle Linux 7 update 4)

The ARM64 yum repositories are also updated with the latest content. Keep in mind that we have a devtool set release for ARM as well.

Two important features on the latest ARM ISO:

- first preview of UEK5. (Linux kernel 4.14.14+) as the default kernel

- gcc 7.2 and gcc 7.3 are included on the ISO (and in the yum repo) to have easy and free access to latest gcc for ARM64

Remember that our ARM port is a preview release, it's for test and development only, it's not a GA supported product today however it's on par with x64 in terms of packages and it's completely free to download and use. No need to get a vendor auth code or whatever others out there have.


Software Collections 3.0 for Oracle Linux 6 and Oracle Linux 7, Oracle Linux EPEL, Oracle Cloud ...

Thu, 2018-02-22 10:29

We just recently released a new Software Collections update on our yum server.

SCL 3.0 in the Software Collections yum repo:

On Oracle Linux 7 this adds maven 3.5, nginx 1.12, nodejs8, php7.1 and python 3.6 and the usual updates to other developer packages.

Updates in the Oracle Linux 7 Developer repo:

We released the latest updates of the Oracle Cloud Infrastructure python SDK (1.3.14) and CLI (2.4.16) (using the python SDK). This makes it very, very easy to install the tools needed.

We updated the terraform OCI provider to 2.0.7.

Tons of updates in the Oracle Linux 7 EPEL repo. Too many to list here though. We now have over 10000 RPMs in the EPEL repo.

As a reminder:

You can keep up to date with new RPMs we add on a daily basis by looking at our yum what's new page. (sneak preview: we're going to also add an announce mail list for those that prefer email over webpages).

Keep in mind that we have added many new yum repositories of late, so if you have an existing install, consider updating your yum repo file or at least go look at the https://yum.oracle.com pages to see which repos are new. 

latest ol7 yum repo file

OL7 yum page





Using Let's Encrypt with Oracle Linux in Oracle Cloud Infrastructure

Tue, 2018-02-13 10:13

I stole Sergio's headline here and I am just going to link to his blog :)...

Sergio wrote up a how-to on using a let's encrypt cert and installing it on OL using nginx in an Oracle Cloud instance created and deployed with Terraform.

That 's a lot of words right there but it should demonstrate a few things:

  • All the extra packages we have been publishing of late in the Oracle Linux EPEL (Extra Packages for Enterprise Linux) mirror. (yes they're the same packages but they're built on Oracle Linux, the packages are signed by us and they're on the same yum repo so you don't have to install separate files to get to it.) This includes certbot etc.. that you need for this.
  • The convenience of having terraform, terraform-provider-oci RPMs to easily get going without downloading anything elsewhere.
  • Integration of Oracle Linux yum servers inside Oracle Cloud Infrastructure for fast and easy access with no external network traffic charges.

So you can find his blog here.

Oracle Linux kernel blogs

Mon, 2018-02-12 10:50

Don't forget to check the Linux kernel team's blog. We're having a regular cadence now to write up things that are hopefully interesting. Projects the developers are working on or have worked on etc...


public-yum.oracle.com / yum.oracle.com now support https

Sun, 2018-02-11 13:06

Might have taken us a while but you can now use https in your .repo files to connect to our yum repositories.

We will transition the repo files we ship over time but we don't want to break people that have customizations.

So in the meantime, if you have repo files in /etc/yum.repos.d that point to http://yum.oracle.com or http://public-yum.oracle.com you can just do a search/replace.

Something like:

sed 's/http:\/\/public-yum.oracle.com/https:\/\/public-yum.oracle.com/g; s/http:\/\/yum.oracle.com/https:\/\/yum.oracle.com/g' public-yum-ol7.repo > public-yum-ol7.repo.new

and then replace the repo file.

Using a BareMetal GPU shape in Oracle Cloud Infrastructure with Oracle Linux 7 and TensorFlow

Wed, 2018-02-07 13:32

A lot of developers are using TensorFlow for Machine Learning these days. In Oracle Cloud Infrastructure we provide some great GPU options. One of them is the BM.GPU2.2 shape which is an X7-based GPU system (contains 2 P100 Nvidia GPUs).

When you create an OCI instance using this shape with Oracle Linux 7, it comes pre-installed with the kernel modules to enable the GPUs. Ready to use.

Getting TensorFlow installed is very easy:

Install some prerequisite RPMs, some come from the EPEL yum repo which we provide as part of Oracle Linux and is enabled by default in your yum.repos file.

# sudo yum -y install python-pip python-devel atlas atlas-devel gcc-gfortran openssl-devel libffi-devel

# sudo pip install --upgrade virtualenv

# virtualenv --system-site-packages ~/venvs/tensorflow

# source ~/venvs/tensorflow/bin/activate

Now you can install TensorFlow using pip. use tensorflow-gpu if you want the GPU enabled version otherwise just use tensorflow.

(tensorflow) # pip install --upgrade tensorflow-gpu


(tensorflow) # pip install --upgrade tensorflow

To use tensorflow-gpu you have to install the Nvidia CUDA packages. This version of tensorflow depends on version 9.0

(tensorflow) # sudo yum -y install cuda-9-0

Run a TF example:

(tensorflow) #  pip install pandas

(tensorflow) # sudo yum -y install git

(tensorflow) # mkdir git

(tensorflow) # cd git

(tensorflow) # git clone https://github.com/tensorflow/models

(tensorflow) # cd models/samples/core/get_started/

(tensorflow) # python premade_estimator.py

and that's it. Super easy without any manual downloads.

this is a test

Oracle Solaris 11.4 Beta publicly available on Oracle Technology Network (OTN)

Tue, 2018-01-30 13:49

Oracle Solaris 11.4 Beta is downloadable from OTN as of right now.  This is a very exciting milestone. Go and download it and play with it!


For more information see:




RPMs for VirtualBox guest addition drivers for Oracle Linux now available

Sun, 2017-12-24 11:12

This has been a long time coming... but finally... for those that don't regularly check our 'What's new' page on yum.oracle.com...

We started building the kernel modules and guest additions for VirtualBox guests for Oracle Linux 6 and 7 (UEK4):


  • Packages Released on Fri Dec 22 2017 
    • VirtualBox-5.2-5.2.4_119785_el7-1 - Oracle VM VirtualBox (Update
    • vboxguest-tools-5.2.4-1.el7 - VirtualBox guest utilities (New
    • kmod-vboxguest-uek4-5.2.4-1.el7 - vboxguest kernel modules (New
    • VirtualBox-5.2-5.2.4_119785_el6-1 - Oracle VM VirtualBox (Update
    • vboxguest-tools-5.2.4-1.el6 - VirtualBox guest utilities (New
    • kmod-vboxguest-uek4-5.2.4-1.el6 - vboxguest kernel modules (New)

The main reason for doing this is to make it easy to have a guest with the additions installed. No need to install gcc and kernel-devel etc... it makes the image smaller or even if you remove gcc etc afterwards you have to compact the filesystem again and so on. Anyway... I hope people like this. I think it's pretty cool and I will use it a lot when building VirtualBox guest images.

On a side note, my previous blog post about yum in OCI... someone asked if we plan to do https as well as http. Yes, we plan to do that it's being worked on.

Oracle Linux yum repository mirrors inside Oracle Cloud Infrastructure

Fri, 2017-12-22 11:16

I mentioned in a previous post that this was coming... well it's here now! :)

We have local mirrors of yum.oracle.com inside the OCI regions:




Unlike our Oracle Container Registry mirrors, these yum repos are only available from inside the OCI regions. So if you have instances in a given region, you can point your yum.repo to your local server and you get (1) very fast yum installs and (2) no counting against your network bandwidth since it doesn't leave the datacenters. Oracle Linux 6 and 7 are mirrored, we are also adding Oracle Linux 5.

"Oracle Container Runtime for Docker" (17. ...

Thu, 2017-12-21 15:33

Basically - added 17.09.1 and 1.8.4-2.0.1 to http://yum.oracle.com/repo/OracleLinux/OL7/preview/x86_64/index.html