1. Release Notes for Oracle Linux 7.7 (aarch64)
  2. New Features and Changes

3 New Features and Changes

The following new features and changes are included in Oracle Linux 7.7 (aarch64).

For details about the new features and changes in the initial release of Oracle Linux 7, see Oracle Linux 7: Release Notes for Oracle Linux 7. Note that support for the 64-bit Arm platform started with the Oracle Linux 7: Release Notes for Oracle Linux 7.6 (aarch64) release. Changes that are described in this document are subsequent to the changes that are described in the release notes for that initial release.

Graphical Installation Program Enhancement

In Oracle Linux 7.7 (aarch64), the graphical installation program has been enhanced to detect whether Simultaneous Multithreading (SMT) is enabled on the system. If the feature is enabled, a message is displayed at the bottom of the Installation Summary screen. SMT enables the execution of multiple threads on a single physical CPU core, which can improve performance. Note that the use of SMT is only possible where the CPU is SMT-capable.

DTrace

DTrace is enabled for 64-bit Arm platforms and ports of the DTrace code are available in UEK R5. Refer to Unbreakable Enterprise Kernel: Release Notes for Unbreakable Enterprise Kernel Release 5 Update 2 (4.14.35-1902) for more information.

The DTrace user-space code in the dtrace-utils package has also all been ported to run on 64-bit Arm platforms to fully enable DTrace for Oracle Linux 7.7 (aarch64)

Developer and Compiler Tools

The following developer tools, features, and enhancements are included in this update:

  • gcc-libraries packages updated to version 8.3.1

    This version of the GNU Compiler Collection (GCC) introduces several bug fixes and enhancements over the previous GCC version.

  • linuxptp packages updated to version 2.0

    This version of the linuxptp compiler tool introduces several bug fixes and improvements over the previous version.

  • Python version 3.6 available

    This update includes python3 packages, which provide the Python 3.6 interpreter and the pip and setuptools tools. Previously, these packages were only available as a part of software collections.

Developer Toolchain

The Oracle Linux 7.7 (aarch64) release includes a toolchain that provides a solid developer toolset to build code for 64-bit Arm platforms and compile modules against the provided kernel. The toolchain includes version 7.3 of the gcc compiler, which is used to build the aarch64 version of UEK R5.

Developer tools are released as a software collection that can be found in the /addons/Oscl directory repository on the provided ISO. You can install the oracle-armtoolset-1 software collection by using the yum command: 

sudo yum install scl-utils oracle-armtoolset-1

After the oracle-armtoolset-1 software collection is installed, enable it by running the following command: 

sudo scl enable oracle-armtoolset-1 bash

The oracle-armtoolset-1 software collection is released as an addition to the Software Collection Library for Oracle Linux and is only available on aarch64 platforms.

Note:

The oracle-armtoolset-1 software collection is required if you need to build kernel modules from source.

Networking

The following networking features, bug fixes, and enhancements are included in this update:

  • NetworkManager includes capability for VLAN filtering on bridge interfaces

    This enhancement enables you to configure virtual LAN (VLAN) filtering on bridge interfaces in the corresponding NetworkManager connection profiles, as well as define VLANs directly on bridge ports.

  • NetworkManager includes capability for configuring policy routing rules

    This enhancement enables you to configure rules as part of a connection profile,which means that NetworkManager now adds the rules when the profile is activated and removes the rules when the profile is deactivated. Previously, you would have had to set up policy routing rules outside of NetworkManager by using the dispatcher script provided in the NetworkManager-dispatcher-routing-rules package.

Security

The following security features, bug fixes, and enhancements are included in this update:

  • Network Security Services (NSS) package updates

    This update introduces several NSS changes, including several bug fixes, security enhancements, and improvements over the previous NSS version.

    Notably, the NSS code and Certificate Authority (CA) list now meets the recommendations that are published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI).

  • SCAP Security Guide enhancement to include Universal Base Image containers and images

    The security policies in the SCAP Security Guide been enhanced to include Universal Base Image (UBI) containers and UBI images, which also includes ubi-minimal images. This enhancement enables the configuration compliance scanning of UBI containers and images by using the atomic scan command. UBI containers and images can now be scanned against any profile that is shipped in the SCAP Security Guide, with only those rules that are relevant to the secure configuration of UBI being evaluated. Any rules that are inapplicable to UBI images and containers are automatically skipped.

  • scap-security-guide packages updated to version 0.1.43

    As of this update, the scap-security-guide packages are updated to version 0.1.43 in this update. This version of the scap-security-guide packages provides several bug fixes and enhancements over the previous version.

  • shadow-utils packages updated to version 4.6

    The shadow-utils packages have been updated to version 4.6 in this update. This version of the shadow-utils packages provides several bug fixes and enhancements over the previous version, including the new newuidmap and newgidmap commands for manipulating name space mapping for UID and GID.

  • tangd_port_t SElinux type added

    Oracle Linux 7.7 (aarch64) includes the tangd_port_t SELinux type. This SELinux type enables the tangd service to run as confined while in SELinux enforcing mode, which simplifies the configuration of a Tang server to enable listening on a user-defined port, while preserving the security level that SELinux provides when in enforcing mode.

Infrastructure Services

The following server and services features, bug fixes, and enhancements are included in this update:

Tuned Updates

As of this update, the tuned packages are updated to version 2.11. This version of Tuned provides several bug fixes and enhancements over the previous version, including the following: added support for the boot loader specification, an updated virtual-host profile, the addition of a range feature for CPU exclusion, and other important improvements.

Chrony Updates

As of this update, the chrony packages are updated to version 3.4. This version of Chrony provides several bug fixes and enhancements over the previous version, including the following: hardware time-standing improvements, extended polling interval ranges, the addition of the burst and filter options to NTP sources, and other important improvements.

Technology Preview

The following information is specific to features in Oracle Linux 7.7 (aarch64) that are not supported, but may be made available under technology preview.

Note:

Features that are currently under technology preview when using UEK R5 are described in Unbreakable Enterprise Kernel: Release Notes for Unbreakable Enterprise Kernel Release 5 Update 2 (4.14.35-1902).

Oracle makes available an Oracle Linux 7.7 (aarch64) disk image for use on Raspberry Pi™ 3 Model B+ hardware as a technology preview for developer use only. Oracle does not provide support for the disk image or the hardware. Developers are encouraged to visit the Oracle Linux for Arm community forum at https://community.oracle.com/community/technology_network_community/server_%26_storage_systems/linux/oracle-linux-for-arm for further assistance.