Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

Chapter 7. Compiler and Tools

Support for new instructions in IBM z Systems z13

The new version of GCC brings support for the new hardware instructions of the IBM z Systems z13, along with support for SIMD instructions. The -march=z13 command-line option is needed to enable the new intrinsics. (BZ#1182152)

GCC now generates optimal code for POWER8

On the PowerPC 64 LE architecture, the GCC compiler is now configured with the --with-cpu=power8 and --with-tune=power8 parameters, to make GCC generate optimal code for POWER8 platforms. (BZ#1213268)

Support for Intel Memory Protection Keys (IMPK)

This update to the GCC compiler provides support for IMPK - the compiler can now generate the new PKU instructions. The new instructions can be enabled by using the -mpku command-line option. (BZ#1304449)

gcc-libraries rebased

The gcc-libraries package has been rebased to the latest GCC 5 version to include various bug fixes and enhancements from the upstream version. (BZ#1265252)

GDB now supports IBM z13 features

This update provides a GDB extension for debugging code utilizing IBM z13 features. This includes disassembling extended IBM z13 instructions and supporting SIMD instructions using 128-bit wide vector registers v0-v31. Code optimized for IBM z13 can be now debugged by GDB displaying correct instruction mnemonics, vector registers, and retrieving and passing vector register content during inferior calls. (BZ#1182151)

binutils rebased to version 2.25.1

The highlights of the new rebased binutils package include:
  • The strings program now has a --data command-line option which only prints strings in loadable, initialized data sections. The default behaviour has been changed to match the --all command-line option.
  • The strings program now has a --include-all-whitespace command-line option which treats any non-displaying ASCII character as part of the string. This includes carriage return and new line characters which otherwise would be considered to be line terminators.
  • The objcopy program now has a --dump-section command-line option to extract the contents of named sections and copy them into separate files.
  • The objcopy program now supports wildcard characters in command-line options that take section names.
  • The as assembler now has a --gdwarf-sections command-line option to enable the generation of per-code-section DWARF.debug_line sections. This facilitates the removal of those sections when their corresponding code section is removed by linker garbage collection. (BZ#1341730)

Support for the z13 extensions to IBM z Systems architecture.

This update provides multiple upstream patches combined into a single patch and applied to the Red Hat Enterprise Linux 7 binutils package. The z13 extensions are now supported. (BZ#1364516)

Support for MWAITX

The updated binutils package for the 32-bit AMD and Intel architecture now provides support for the MWAITX instruction. (BZ#1335684)

Support for Zeppelin

The updated binutils package for the 32-bit AMD and Intel architecture now provides support for the Zeppelin extensions. (BZ#1335313)

Support for the Large System Extensions

The updated binutils package now provides support for the Large System Extensions to the AArch64 assembler. In addition, support for the .arch_extension pseudo-operation has also been added. (BZ#1276755)

elfutils rebased to version 0.166

The elfutils packages contain a number of utilities and libraries related to the creation and maintenance of executable code. The package has been upgraded to version 0.166. Highlighted improvements include:
  • strip, unstrip - These utilities can now handle ELF files with merged strtab/shstrtab tables.
  • elfcompress - A new utility to compress or decompress ELF sections.
  • readelf - A new -z,--decompress option.
  • New functions have been added to libelf and libdw to handle compressed ELF sections: elf_compress, elf_compress_gnu, elf32_getchdr, elf64_getchdr, and gelf_getchdr.
  • libdwelf - a new dwelf_scn_gnu_compressed_size() function.
  • New libelf and libdw pkgconfig (package configuration) files.
(BZ#1296313)

valgrind rebased to version 3.11.0

Valgrind is an instrumentation framework that is used for debugging memory, detecting memory leaks, and profiling applications. The package has been upgraded to upstream version 3.11.0. Highlighted improvements include:
  • The JIT's register allocator is now significantly faster, making JIT-intensive activities, for example program startup, approximately 5% faster.
  • Intel AVX2 support is now more complete for 64-bit targets. On AVX2-capable hosts, the simulated CPUID will now indicate AVX2 support.
  • The default value for the --smc-check option has been changed from stack to all-non-file on targets that provide automatic D-I cache coherence. The result is to provide, by default, transparent support for JIT generated and self-modifying code on all targets.
Highlighted new features in the Memcheck utility include:
  • The default value for the --leak-check-heuristics option has been changed from none to all. This helps to reduce the number of possibly lost blocks, in particular for C++ applications.
  • The default value for the --keep-stacktraces option has been changed from malloc-then-free to malloc-and-free. This has a small cost in memory but allows Memcheck to show the 3 stack traces of a dangling reference: where the block was allocated, where it was freed, and where it is accessed after being freed.
  • The default value for the --partial-loads-ok option has been changed from no to yes, to avoid false-positive errors resulting from certain vectorised loops.
  • A new gdb monitor command xb [addr] [len] shows the validity bits of [len] bytes at [addr]. The monitor command xb is easier to use than get_vbits when you need to associate byte data value with their corresponding validity bits.
  • The block_list gdb monitor command has been enhanced: it can print a range of loss records; it now accepts an optional argument, limited [max_blocks], to control the number of printed blocks; if a block has been found using a heuristic, then block_list now shows the heuristic after the block size; the loss records/blocks to print can be limited to the blocks found via specified heuristics.
  • A new --expensive-definedness-checks=yes|no command-line option has been added. This is useful for avoiding occasional invalid uninitialized-value errors in optimized code. Beware of potential runtime degradation, as this can be up to 25%. The slowdown is highly application-specific though. The default value is no.
(BZ#1296318)

Interception of user-defined allocation functions in valgrind

Some applications do not use the glibc allocator. Consequently, it was not always convenient to run such applications under valgrind. With this update, valgrind tries to automatically intercept user-defined memory allocation functions as if the program used the normal glibc allocator, making it possible to use memory tracing utilities such as memcheck on those programs out of the box. (BZ#1271754)

systemtap rebased to version 3.0

The systemtap packages have been updated to upstream version 3.0, which provides a number of bug fixes and enhancements. For example, the translator has been improved to require less memory, produce faster code, support more function callee probing, print improved diagnostics, include language extensions for function overloading and private scoping, and introduce experimental --monitor and --interactive modes. (BZ#1289617)

Support for the 7th-generation Core i3, i5, and i7 Intel processors

This update provides a complete set of performance monitoring events for the 7th-generation Core i3, i5, and i7 Intel processors (Kabylake-U/Y). (BZ#1310950)

Support for the 7th-generation Core i3, i5, and i7 Intel processors

This update provides a complete set of performance monitoring events for the 7th-generation Core i3, i5, and i7 Intel processors (Kabylake-H/S). (BZ#1310951)

libpfm rebased to version 4.7.0

The libpfm package has been upgraded to version 4.7.0. This version provides support for the following 32-bit AMD and Intel architectures:
  • Intel Skylake core PMU
  • Intel Haswell-EP uncore PMUs
  • Intel Broadwell-DE
  • Intel Broadwell (desktop core)
  • Intel Haswell-EP (core)
  • Intel Haswell-EP (core)
  • Intel Ivy Bridge-EP uncore PMUs (all boxes)
  • Intel Silvermont core PMU
  • Intel RAPL events support
  • Intel SNB, IVB, HSW event table updates
  • Major update on Intel event tables
  • AMD Fam15h Northbridge PMU
(BZ#1321051)

gssproxy now supports RELRO and PIE

The GSS-API gssproxy daemon is now built using the security-related RELRO and PIE compile-time flags to harden the daemon. As a result, gssproxy provides a higher security against loader memory area overwrite attempts and memory corruption attacks. (BZ#1092515)

iputils rebased to version 20160308

The iputils packages have been upgraded to upstream version 20160308, which provides a number of bug fixes and enhancements over the previous version. Notably, the ping command is now dual stack aware. It can be used for probing both IPv4 and IPv6 addresses. The old ping6 command is now a symbolic link to the ping command and works the same way as before. (BZ#1273336)

Logging capabilities of the tftp server have been enhanced

As a result of improved logging, the Trivial File Transfer Protocol (TFTP) server can now track successes and failures. For example, a log event is now created when a client successfully finishes downloading a file, or the file not found message is provided in case of a failure. (BZ#1311092)

New option for arpwatch: -p

This update introduces option -p for the arpwatch command of the arpwatch network monitoring tool. This option disables promiscuous mode. (BZ#1291722)

The chrt utility now has new options

This update introduces new command-line options for the chrt utility: --deadline, --sched-runtime, --sched-period, and --sched-deadline. These options take advantage of the kernel SCHED_DEADLINE scheduler and provide full control of deadline scheduling policy for scripts and when using the command line. (BZ#1298384)

New command-line utility: lsipc

This update introduces the lsipc utility that lists information about inter-process communication (IPC) facilities. In comparison with the old ipcs command, lsipc provides more details, is easier to use in scripts, and is more user-friendly. This results into better control of the output on IPC information for scripts and when using the command line. (BZ#1153770)

Searching using libmount and findmnt is now more reliable

Overlay filesystem's st_dev does not provide possibility for reliable searching to the libmount library and the findmnt utility. With this update, libmount and findmnt search in mount tables by other means than with st_dev in some cases, achieving better reliability. (BZ#587393)

New --family option for the alternatives utility

This update introduces the new --family option for the alternatives utility. The software packager can use this option to group similar alternative packages from the same group into families. Families inside groups ensure that if the currently used alternative is removed, and it belonged to a family, then the current alternative will change to package with the highest priority within the same family, and not outside the family.
For example, a system has four packages installed in the same alternatives group: a1, a2, a3, b (listed in increasing priority). Packages a1, a2, and a3 belong to the same family. a1 is the currently used alternative. If a1 is removed, then the currently used alternative will change to a3. It will not be b, because b is outside the family of a1, and it will not be a2, because a2 has lower priority than a3.
This option is useful when just setting priorities for each alternative is not enough. For example, all openjdk packages can be put into the same family to ensure that if one of them is uninstalled, the alternative will switch to another openjdk package, and not to the java-1.7.0-oracle package (if another openjdk package is installed). (BZ#1291340)

sos rebased to version 3.3

The sos package has been updated to upstream version 3.3, which provides a number of enhancements, new features, and bug fixes, including:
  • Support for OpenShift Enterprise 3.x
  • Improved and expanded OpenStack plug-ins
  • Enhanced support for Open vSwitch
  • Enhanced Kubernetes data collection
  • Improved support for systemd journal collection
  • Enhanced display manager and 3D acceleration data capture
  • Improved support for Linux clusters, including Pacemaker
  • Expanded CPU and NUMA topology collection
  • Expanded mainframe (IBM z Systems) coverage
  • Collection of multipath topology (BZ#1293044)

ethtool rebased to version 4.5

The ethtool utility enables querying and changing settings such as speed, port, auto-negotiation, PCI locations, and checksum offload on many network devices, especially Ethernet devices. The package has been upgraded to upstream version 4.5. Notable improvements include:
  • SFP serial number and date are now included in EEPROM dump (option -m)
  • Added missing Advertised speeds, some combinations of 10GbE and 56GbE
  • Added register dump support for VMware vmxnet3 (option -d)
  • Added support for setting the default Rx flow indirection table (option -X)
(BZ#1318316)

pcp rebased to version 3.11.3

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. The package has been upgraded to version 3.11.3. Highlighted improvements include:
  • pcp-ipcs - new command to show inter-process communication
  • pcp-atopsar - new PMAPI sar command based on http://atoptool.nl
  • pcp-vmstat - wrapper for pmstat modified to more closely resemble vmstat
  • libpcp - new fetchgroup API
  • pmdamic - new PMDA for Intel MIC card metrics
  • pmdaslurm - new PMDA exporting HPC scheduler metrics
  • pmdapipe - command output event capture PMDA
  • pmdaxfs - support for per-device XFS metrics
  • pmdavmware - updated to work with current VMWare Perl API
  • pmdaperfevent - variety of improvements surrounding derived metrics; added reference clock cycles for NHM and WSM
  • pmdaoracle - Oracle database metrics available and updated
  • pmdads389 - added normalized dn cache metrics
  • pmdalinux - added metrics for per numa node memory bandwidth, shared memory segments, IPC, MD driver stats, transparent-huge-page zero page alloc counters, NVME devices, IPv6 metrics
  • pmdaelasticsearch - restrict to local node metrics by default and adjust to elasticsearch API change
  • pmdaxfs - support for per-device XFS metrics
  • pmrep - powerful and versatile metric-reporting utility
  • pmlogconf - support for automatic recording of Oracle database, nginx, elasticsearch, memcache, and application metrics supplied by mmv
  • zbxpcp - Zabbix Agent loadable module for PCP metrics supporting Zabbix v2 and v3 simultaneously
  • pmcd - support for starting PMDAs via pmdaroot, allowing restart on PMDA failure without restarting pmcd itself
  • sar2pcp - support for additional mem.util metrics and sysstat-11.0.1 commands
  • pmmgr - added general monitor-program launching option
  • pcp-atop - updated with latest atop features (especially NFS-related)
  • libpcp - allowed the name of a server certificate to be customized; added support for permanent, global derived metrics, and multi-archive contexts
  • pmdaproc - cgroup blkio throttle throughput and IOPS metrics
  • pcp-iostat - added the -R flag for device-name matching using regular expressions and the -G flag for sum, avg, min, or max statistics
  • pmieconf - new rule to automate restarting of unresponsive PMDAs
(BZ#1284307)

OpenJDK 8 now supports ECC

With this update, support for Elliptic Curve Cryptography (ECC) and associated ciphers for TLS connections has been added to OpenJDK 8. In most cases, ECC is preferable to older cryptographic solutions for establishing secure network connections. (BZ#1245810)

pycurl now provides options to require TLSv1.1 or 1.2

With this update, pycurl has been enhanced to support options that make it possible to require the use of the 1.1 or 1.2 versions of the TLS protocol, which improves the security of communication. (BZ#1260407)

Perl Net:SSLeay now supports elliptic curve parameters

Support for elliptic-curve parameters has been added to the Perl Net:SSLeay module, which contains bindings to the OpenSSL library. Namely, the EC_KEY_new_by_curve_name(), EC_KEY_free*(), SSL_CTX_set_tmp_ecdh(), and OBJ_txt2nid() subroutines have been ported from upstream. This is required for the support of the Elliptic Curve Diffie–Hellman Exchange (ECDHE) key exchange in the IO::Socket::SSL Perl module. (BZ#1316379)

Perl IO::Socket::SSL now supports ECDHE

Support for Elliptic Curve Diffie–Hellman Exchange (ECDHE) has been added to the IO::Socket::SSL Perl module. The new SSL_ecdh_curve option can be used for specifying a suitable curve by the Object Identifier (OID) or Name Identifier (NID). As a result, it is now possible to override the default elliptic curve parameters when implementing a TLS client using IO::Socket:SSL. (BZ#1316377)

tcsh now uses system allocation functions

The tcsh command language interpreter now uses allocation functions from the glibc library instead of built-in allocation functions. This eliminates earlier problems with the malloc() library call. (BZ#1315713)

Python performance enhancement

The CPython interpreter now uses computed goto statements at the main switch statement, which executes Python bytecode. This enhancement allows the interpreter to avoid a bounds check that is required by the C99 standard for the switch statement, and allows the CPU to perform more efficient branch prediction, which reduces pipeline flushes. As a result of this enhancement, Python code is interpreted significantly faster than before. (BZ#1289277)

telnet now accepts -i to use an IP address when calling login

When a computer on a network has multiple IP addresses, it was previously possible to use one address to connect to the telnet server, but the other addresses were saved in the /var/run/utmp file. To prevent the telnet utility from performing a DNS lookup and ensure that telnet uses a particular IP address when calling the login utility, you can now use the -i option. Note that -i works in the same way as the -N option on Debian systems. (BZ#1323094)

sg3_utils rebased to version 1.37-7

The sg3_utils packages provide command-line utilities for devices that use the Small Computer System Interface (SCSI) command sets. With this update, the sg_inq and sg_vpd utilities allow decoding of more feature information on storage devices. Additionally, the presentation of date and software version information is now displayed correctly. The sg_rdac utility has been fixed as well and now supports 10-byte Command Descriptor Block (CDB) mode, which allows management of up to 256 logical unit numbers (LUN). (BZ#1170719)

New configuration options for SSL/TLS certificate verification for the HTTP clients in the Python standard library

New per-application and per-process configuration options for SSL/TLS certificate verification have been added for the HTTP clients in the Python standard library. The options are described in the 493 Python Enhancement Proposal (https://www.python.org/dev/peps/pep-0493/). The default global setting continues to be to not verify certificates. For details, see https://access.redhat.com/articles/2039753. (BZ#1315758)

glibc now supports the BIG5-HKSCS-2008 character set

Previously, glibc supported an earlier version of the Hong Kong Supplementary Character Set, BIG5-HKSCS-2004. The BIG5-HKSCS character set map has been updated to the HKSCS-2008 revision of the standard. This allows Red Hat Enterprise Linux customers to write applications processing text that is encoded with this version of the standard. (BZ#1211823)

memtest86+ rebased to version 5.01

The memtest86+ package has been upgraded to upstream version 5.01, which provides a number of bug fixes and enhancements over the previous version. Notable changes include the following:
  • Support for up to 2 TB of RAM on AMD64 and Intel 64 CPUs
  • Support for new Intel and AMD CPUs, for example Intel Haswell
  • Experimental SMT support up to 32 cores
For detailed changes, see http://www.memtest.org/#change (BZ#1280352)

mcelog rebased to version 136

The mcelog packages have been upgraded to upstream version 136, which provides a number of bug fixes and enhancements over the previous version. Notably, support for various 5th and 6th generation Intel Core processors (Broadwell-DE/SoC, Broadwell-EP, Broadwell-EX, and Skylake Client) has been included. (BZ#1336431)

xz rebased to version 5.2.2

The xz packages have been upgraded to upstream version 5.2.2, which provides several optimization fixes, fixes for race conditions, translations, portability fixes, and also a new stabilized API previously available only for testing. Additionally, this update introduces a new experimental feature controlled by the --flush-timeout option (by default off). When compressing, if more than timeout milliseconds (a positive integer) have passed since the previous flush and reading more input would be blocked, all the pending input data is flushed from the encoder and made available in the output stream. This can be useful if the xz utility is used for compressing data that is streamed over a network. (BZ#1160193)

tapestat has been added to sysstat

The sysstat packages now provide the tapestat utility, which can be used to monitor performance of tape drives. (BZ#1332662)

sysstat now supports a larger number of processors

The sysstat packages now support the maximum number of processors supported by the Linux kernel, which is 8192 at the time of Red Hat Enterprise Linux 7.3 release. Previously, sysstat could not handle more than 2048 processors. (BZ#1258990)

ruby rebased to version 2.0.0.648

The ruby packages have been upgraded to upstream version 2.0.0.648, which provides a number of bug and security fixes. This is the last upstream stable release of Ruby 2.0.0 as it has been deprecated in upstream. More recent versions of Ruby are available in Red Hat Software Collections. (BZ#1197720)

Enhancements to abrt reporting workflow

The problem-reporting workflow in abrt has been enhanced to improve the overall crash-reporting experience and customer-case creation. The enhancements include:
  • The Provide additional information screen now allows you to select whether the problem happens repeatedly, and also contains an additional input field for providing steps to reproduce the problem.
  • A new reporting workflow Submit anonymous report, which should be used when the reported problem is not critical and no Red Hat support team assistance is required.
  • New tests have been added to the internal logic to ensure that users only open cases for critical problems and software released by Red Hat. (BZ#1258482)

abrt can now exclude specific programs from generating a core dump

Previously, ignoring crashes of blacklisted programs in abrt did not prevent it from creating their core dumps, which were written to disk and then deleted. This approach allowed abrt to notify system administrators of a crash while not using disk space to store unneeded crash dumps. However, creating these dumps only to delete them later was unnecessarily wasting system resources. This update introduces a new configuration option IgnoredPaths in the /etc/abrt/plugins/CCpp.conf configuration file, which allows you to specify a comma-separated list of file system path patterns, for which core dump will not be generated at all. (BZ#1277848)

User and group whitelisting added to abrt

Previously, abrt allowed all users to generate and collect core dumps, which could potentially enable any user to maliciously generate a large number of core dumps and waste system resources. This update adds a whitelisting functionality to abrt, and you can now only allow specific users or groups to generate core dumps. Use the new AllowedUsers = user1, user2, ... and AllowedGroups = group1, group2, ... options in the /etc/abrt/plugins/CCpp.conf configuration file to restrict core dump generation and collection to these users or groups, or leave these options empty to configure abrt to process core dumps for all users and groups. (BZ#1277849)

Format of emails sent by ABRT is now configurable

You can now configure the format of emails sent by ABRT using the new -F FORMAT_FILE command-line option of the reporter-mailx utility. This option allows you to define your own format. Without the -F option, reporter-mailx uses the default format, which sorts all important elements by importance. For more information about the format of formatting files, see the reporter-mailx(1) man page. (BZ#1281312)

The Oracle ACFS is now included among known file systems

Previously, the Oracle ASM Cluster file system (ACFS) was not listed among known file systems for the stat and tail utilities. As a consequence, the tail utility printed an error message stating that the file system was not recognized. ACFS has been added to the list of known file systems, and the error message no longer appears in the described situation.
In addition, other file systems recognized by upstream have been added to the list of known file systems as well, namely bpf_fs, btrfs_test, configfs, hfs+, hfsx, ibrix, logfs, m1fs, nsfs, overlayfs, prl_fs, and tracefs. (BZ#1280357)

Support for Octave 3.8 used by swig

Previously, the Octave code generated by swig 2.0.10 did not work with Octave 3.8, because it contained deprecated bits such as variables and macros. This update ensures that swig produces code which works with Octave of versions 3.0.5, 3.2.4, 3.4.3, 3.6.4, and 3.8.0. (BZ#1136487)

The sos cluster plug-in has been divided into type-specific plug-ins

The cluster plug-in in the sos package has been divided into several plug-ins (cman, dlm, gfs2, and pacemaker). The new plug-in organization reflects that there are two different types of cluster (cman and pacemaker) and prevents certain commands from needing to be run multiple times. (BZ#1187258)

libvpd rebased to version 2.2.5

The libvpd packages have been updated to upstream version 2.2.5, which provides a number of bug fixes and enhancements over the previous version. Notably, it also implements several security fixes, including the buffer overflow and memory allocation validation. (BZ#1182031)

Man pages for pchrt and ptaskset added to python-schedutils

This update adds man pages for the pchrt and ptaskset utilities, which are provided by the python-schedutils package. (BZ#948381)

The socket timeout value for SSL connections of the subscription-manager client is now configurable

Previously, the socket timeout value for SSL connections to an entitlement server was hard-coded. With this update, users can configure a custom SSL timeout value in the /etc/rhsm/rhsm.conf file. Setting a larger SSL timeout helps ensure that expensive operations involving many subscriptions have enough time to complete. (BZ#1346417)

redhat-uep.pem CA certificate moved to a python-rhsm-certificates package

The /etc/rhsm/ca/redhat-uep.pem certificate authority (CA) certificate was previously included in the python-rhsm package. This update moves this certificate into a simplified python-rhsm-certificates package that provides only the certificate. As a result, container images can now be built only with python-rhsm-certificates without all the package dependencies required by python-rhsm, specifically the python package. (BZ#1104332)

gfs2-utils rebased to version 3.1.9

The gfs2-utils package has been updated to upstream version 3.1.9, which provides a number of enhancements, new features, and bug fixes, including the following:
  • fsck.gfs2 now uses less memory
  • Improvements and fixes to the extended attributes and resource group checking of fsck.gfs2
  • mkfs.gfs2 reports progress so that the user can tell it is still active during a long mkfs operation
  • The -t option of mkfs.gfs2 now accepts a longer cluster name and file system name
  • A udev helper script is now installed to suspend the device on withdraw, which prevents hangs
  • Support for the de_rahead and de_cookie dirent fields has been added
  • gfs2_edit savemeta performance improvements
  • The glocktop utility has been added to help analyze locking-related performance problems
  • The mkfs.gfs2(8) man page has been reworked
  • The rgrplbv and loccookie mount options have been added to the gfs2(5) man page
  • Fixes for out-of-tree builds and testing (BZ#1271674)

system-switch-java rebased to version 1.7

The system-switch-java package, which provides an easy-to-use tool to select the default Java toolset for the system, has been updated to version 1.7. The new version has been rewritten to support modern JDK packages. The main enhancements include support for multiple Java installations, addition of -debug packages, and support for JDK 9. (BZ#1283904)

Optional branch predictor optimization for certain Intel micro-architectures

The branch predictor in the 2nd generation Xeon Phi and 3rd generation Atom micro-architectures only supports 32-bit offsets between branch and branch targets. If a branch and its target were further apart than 4 GiB, performance was very poor.
With this update, glibc maps the main program and shared objects into the first 31 bits of the address space if the LD_PREFER_MAP_32BIT_EXEC environment variable is set, improving performance on the described architectures. Note that this improvement reduces address space layout randomization (ASLR) and is therefore not enabled by default. (BZ#1292018)

Optimized memory routines for Intel hardware using AVX 512

This update provides optimized memory copying routines to the core C library (glibc) for Intel hardware using AVX 512. These optimized routines are automatically selected when applications use the C library memcpy(), memmove(), or memset() function on AVX 512-enabled hardware.
The AVX 512-enabled memory copying routine provides the best possible performance on the latest Intel hardware that supports this feature, particularly on the second-generation Xeon Phi systems. (BZ#1298526)

Better-performance memset() routine

This update provides a key optimization to the core C library memset() routine for Intel Xeon v5 server hardware. The existing memset() routine for AMD64 and Intel 64 architectures made extensive use of non-temporal stores, a hardware feature which does not provide uniform performance across hardware variants. The new memset() provides better performance across hardware variants, including Intel Xeon v5 hardware. (BZ#1335286)

Support for the --instLangs option in glibc

The glibc-common packages provide a large locale archive containing data for all locales supported by glibc. Typical installations only need a subset of these locales, and installing all of them is wasteful. With this update, it is possible to create system installations and container images which only include required locales, greatly reducing image size. (BZ#1296297)

Optimizations in glibc for IBM POWER8

With this update, all libraries provided by glibc have been compiled for optimal execution on POWER8 hardware. Optimized memory and string manipulation routines for 64-bit IBM POWER7 and POWER8 hardware have been added to the core C library (glibc). These optimized routines are automatically selected when applications use C library routines like strncat() or strncmp(). These POWER7 and POWER8-enabled routines provide the best possible performance on the latest IBM hardware. (BZ#1213267, BZ#1183088, BZ#1240351)

Optimizations in glibc for IBM z Systems z13

The core C library (glibc) has been enhanced to provide optimized support for IBM z Systems z13 hardware. Core string and memory manipulation routines such as strncpy() or memcpy() have all been optimized. The z13-enabled routines provide the best possible performance on the latest IBM hardware. (BZ#1268008)

Origin plug-in added to the sos package

The origin plug-in has been added to the sos package. The plug-in collects information about OpenShift Origin and related products, such as Atomic Platform or OpenShift Enterprise 3 and higher. This allows users to gather information about OpenShift Origin deployments. (BZ#1246423)

gssproxy now supports krb5 1.14

The gssproxy packages, which provide a daemon to manage access to GSSAPI credentials, as well as a GSSAPI interposer plug-in, have been updated to upstream version 0.4.1-10. gssproxy now supports the krb5 packages in version 1.14. (BZ#1292487)

A possibility to configure optional SSH key files for the ABRT reporter-upload tool has been added

This update adds the possibility to configure an SSH key in the reporter-upload utility of Automatic Bug Reporting Tool (ABRT). To specify the key file, choose one of the following ways:
  • Using the SSHPublicKey and SSHPrivateKey options in the /etc/libreport/plugins/upload.conf configuration file
  • Using the -b and -r command-line options for the public and private key, respectively
  • Setting the Upload_SSHPublicKey and Upload_SSHPrivateKey environment variables, respectively.
If none of these options or variables are specified, reporter-upload uses the default SSH key from the user's ~/.ssh/ directory. (BZ#1289513)