Recommended update for qclib

Announcement ID:	SUSE-RU-2024:2613-1
Rating:	moderate
References:	bsc#1214466 bsc#1216212 bsc#1216257 bsc#1217923 bsc#1219227 bsc#1222143 bsc#1222282 bsc#1222675 bsc#1223090 bsc#1226609 jsc#PED-3223 jsc#PED-3275 jsc#PED-3284 jsc#PED-3285 jsc#PED-4604 jsc#PED-578 jsc#PED-5783 jsc#PED-585 jsc#PED-626 jsc#PED-6539 jsc#PED-6649 jsc#PED-6785 jsc#PED-7136 jsc#PED-7138
Affected Products:	openSUSE Leap 15.4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4

An update that contains 14 features and has 10 fixes can now be installed.

Description:

This update for qclib fixes the following issues:

• Upgrade qclib to version 2.4.1 for SP4 LTSS (bsc#1214466)
• Applied a patch to change the _PATH_MOUNTED (bsc#1222143)

Upgrade to version 2.4.1 (jsc#PED-3285)

• Handle systems with /sys/kernel/security/lockdown enabled
• Consistency check: Fix accounting of reserved cores and CPUs
• Trace: Fix display of version information

• Doxygen config: Remove unused options

• Applied a patch to work under kernel lockdown (bsc#1216212,bsc#1214466)

Upgrade to version 2.4.0 (jsc#PED-3284, jsc#PED-3285):

• Recognize single frame models and rackable models
• zname: Add support for option --json
• qc_dump: Add trace and JSON dump to .tgz

Upgraded to version 2.3.2 (jsc#PED-585, jsc#PED-626)

• Recognize IBM LinuxONE Emperor 4
• Recognize IBM z16

s390-tools was updated to 2.30.1:

• Added print for 'qc_type_name', amended the layers (bsc#1226609)

• s390-tools-genprotimg-data needs to require filesystem in order to ensure we are not installed before potential UsrMerge migration code was running (boo#1223090).

• Added recommends s390-tools-genprotimg-data

• Updated to enable Secure Execution in the Cloud (bsc#1222675)

• Creates a s390-tools-genprotimg-data-*.noarch.rpm package which includes s390x bootload binaries for x86_64:
  • /lib/s390-tools/stage3.bin
  • /usr/share/s390-tools/genprotimg/stage3a.bin
  • /usr/share/s390-tools/genprotimg/stage3b_reloc.bin
• Excludes the above binaries from the (main) s390-tools-*.s390x.rpm

• Requires: s390-tools-genprotimg-data

• SE-tooling: New IBM host-key subject locality (s390-tools) (bsc#1222282)

• Provide groups as required by RPM 4.19

Upgrade s390-tools to version 2.31 (jsc#PED-3275, jsc#PED-3223):

• General:
• common.mak: Set default C/C++ standard to gnu11/gnu++11
• Add new tools / libraries:
• pvapconfig: Tool to automatically configure APQNs in SE KVM guests
• s390-tools: Provide pre-commit configuration
• Changes of existing tools:
• cpuplugd: Adjust to CPU 0 being no longer hotpluggable
• dbginfo.sh: Check for Dynamic Partition Mode
• dbginfo.sh: Update man page and copyright
• rust/pv: Add user-data signing and verifying
• rust/pvsecret: Add user defined signatures and verifications
• zdev/dracut: Consolidate device configuration
• Bug Fixes:
• dbginfo.sh: Fix relative path on script copy
• libkmipclient: Fix build with libxml2-2.12.0
• pvsecret: Fix panic if empty file is used as host key document

• rust/pv: Fix 'elided_lifetimes_in_associated_constant' warning

• Updated read_values.c (bsc#1219227)

• Amended read_values for '-S' option (bsc#1217923)

Upgrade s390-tools to version 2.30: (jsc#PED-5783, jsc#PED-6785, jsc#PED-7136, jsc#PED-6539, jsc#PED-4604, jsc#PED-6649, jsc#PED-7138 )

• Add new tools / libraries:
• lspai: Tool to display PAI counter sets
• s390-tools: Provide a ShellCheck configuration
• Changes of existing tools / libraries:
• cpumf/pai: Add command line option for realtime scheduling
• dbginfo.sh: enhance ethtool collection for ROCE
• libutil/util_lockfile: add routine to return owning pid of file lock
• lszcrypt: Improve lszcrypt output on SE guests
• rust: Use a single workspace for all rust tools
• zdev: limit the derivation of ZDEV_SITE_ID
• zdump/df_s390: Update 'zgetdump -i' output with zlib info
• zdump/dfi_s390: Support reading compressed s390_ext dumps
• zipl/boot: Integrate zlib compression to single volume DASD dumper
• zipl/boot: compile the bootloaders only if HOST_ARCH is s390x
• zipl: Add --no-compress option to zipl command
• zkey: Also check for deconfigured and check-stopped cards
• Bug Fixes:
• ap_tools/ap-check: handle get-attributes between pre and post event
• libutil: fix util_file_read_*() using wrong format specifiers
• rust/pv: fix Invalid write of size

Provide s390-tools on x86_64 to enable Secure Execution in the Cloud (jsc#PED-578, jsc#PED-7136, and jsc#PED-7138)

• Selected tools from the s390-tools package need to be made available on x86_64. This will enable the integration of IBM Z machines running Secure Execution in a cloud environment where users don't necessarily need to have an s390x environment.
• genprotimg - (for building secure images)
• pvsecret -
• pvattest - (for external attestation)

• pvextract-hdr -

• Upgrade 390-tools from version 2.25.0 to version v2.29.0 (Latest)

• General:
  • s390-tools now supports tools written in Rust.
  • Add compdb Makefile target to create 'compile_commands.json' to support LSP
  • backends in IDEs and editors
  • Add new tools / libraries:
• rust/pv: Library for pv tools written in rust
• rust/pvsecret: Tool to manage UV-secrets
• Changes of existing tools:
• dbginfo.sh: Global IFS variable
• genprotimg: Add support for add-secret requests
• genprotimg: Build debuginfo files for bootloader
• hyptop: Add real SMT utilization field
• hyptop: Allow users to set speedup factor
• pvattest: Add yaml-output for verify command
• zipl: Build debuginfo files for bootloader
• Bug Fixes:
• dump2tar: Fix truncated paths
• zdev/dracut: fix kdump build to integrate with site support

Update to v2.28.0:

• Changes of existing tools:
  • chzcrypt: Support for SE AP pass-through support
  • genprotimg: Add support for non-s390x architectures
  • lszcrypt: Support for SE AP pass-through support
  • zdev: Add support for autoquiesce related sysfs attributes
• Bug Fixes:
• ap_tools/ap-check: Handle missing 'matrix' and 'control_domains' attrs
• ap_tools/ap-check: Hold ap config file lock over get attributes
• s390-tools: Fix build for ppc64le
• zdev: Add missing label in the udev-rules
• zdev: Add proper value input for the ZDEV_SITE_ID key
• zdev: Use rename-file to avoid any symlinks created
• zipl/dump: fix ngdump dracut helper script

Update to v2.27.0:

• Changes of existing tools:
  • s390-tools cross-compile and non-s390x support:
  • pkg-config is now mandatory for the build process
  • Add PKG_CONFIG Makefile variable to select pkg-config program;
  • default pkg-config or $(CROSS_COMPILE)pkg-config if
  • CROSS_COMPILE is set
  • Rename Makefile variable ARCH to HOST_ARCH. HOST_ARCH is the architecture that will run the produced (executable) objects
  • Add the Makefile variable BUILD_ARCH. BUILD_ARCH is the architecture of the build system. For each Makefile variable like CC, LINK, CPP, ... there is a suffixed version of it - e.g. CC_FOR_BUILD. This is useful for cross compiling, and this naming convention is very similar to the Meson convention (see https://mesonbuild.com/Reference-tables.html#environment-variables-per-machine).
  • Limit build targets for non-s390x architectures (pvattest)
  • dasdfmt: Fall back to full format if space release fails
  • dbginfo.sh: Add nstat for network and SNMP stats
  • dbginfo.sh: Rework crypto data collection
  • hyptop: Show thread util by default
  • zipl: Add support for list-directed IPL dump from ECKD DASD
• Bug Fixes:
• lszcrypt: Fix argument parsing
• zdev/dracut: Fix out-of-memory (OOM) situations in the kdump crashkernel environment
• ziomon/ziorep_config: Fix for SCSI devices of type disk without block dev
• pvextract-hdr: Fix parsing issues on little-endian systems

Updat to v2.26.0:

• Remove tools / libraries:
• Remove vmconvert and libvmdump in favor of vmdump file support in zdump
• Changes of existing tools:
• ipl_tools: Add support for list-directed IPL from ECKD DASD
• lszcrypt: Display hardware filtering support capability
• vmur: Remove option -c for dump file conversion (See zdump changes)
• zdev: Add zfcp ber_stop parameter handling
• zdump: Add vmdump dfi for vmdump format to elf format
• zkey: Support EP11 host library version
• Bug Fixes:
• zipl: Move dump parmline processing and verification

• zipl/genprotimg: Various build improvements

• Update read_values.c to support the new IBM z Processors

• Updated SUSE's tools and their corresponding man pages (bsc#1216257)
• ctc_configure
• dasd_configure.opensuse
• dasd_configure.8
• dasd_configure.suse
• mkdump.pl.opensuse
• mkdump.pl.suse
• qeth_configure
• qeth_configure.8
• zfcp_disk_configure
• zfcp_disk_configure.8
• zfcp_host_configure.8
• zfcp_host_configure
• Updated cputype script
• Amended cputype to support the new IBM z Processors

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro for Rancher 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2024-2613=1
• SUSE Linux Enterprise Micro 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2024-2613=1
• SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2613=1
• openSUSE Leap 15.4
  zypper in -t patch SUSE-2024-2613=1
• SUSE Linux Enterprise Micro for Rancher 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2024-2613=1
• SUSE Linux Enterprise Micro 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2024-2613=1

Package List:

• SUSE Linux Enterprise Micro for Rancher 5.4 (s390x)
  • libkmipclient1-2.31.0-150400.7.27.1
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro 5.4 (s390x)
  • libkmipclient1-2.31.0-150400.7.27.1
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro 5.4 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x)
  • libkmipclient1-2.31.0-150400.7.27.1
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
  • libqc2-debuginfo-2.4.1-150400.3.3.1
  • osasnmpd-debuginfo-2.31.0-150400.7.27.1
  • libqc2-2.4.1-150400.3.3.1
  • qclib-devel-static-2.4.1-150400.3.3.1
  • qclib-debugsource-2.4.1-150400.3.3.1
  • osasnmpd-2.31.0-150400.7.27.1
  • s390-tools-chreipl-fcp-mpath-2.31.0-150400.7.27.1
  • s390-tools-hmcdrvfs-debuginfo-2.31.0-150400.7.27.1
  • qclib-2.4.1-150400.3.3.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • qclib-debuginfo-2.4.1-150400.3.3.1
  • qclib-devel-2.4.1-150400.3.3.1
  • s390-tools-zdsfs-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-zdsfs-2.31.0-150400.7.27.1
  • libekmfweb1-devel-2.31.0-150400.7.27.1
  • s390-tools-hmcdrvfs-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1
• openSUSE Leap 15.4 (s390x x86_64)
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
• openSUSE Leap 15.4 (s390x)
  • s390-tools-zdsfs-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-zdsfs-2.31.0-150400.7.27.1
  • qclib-2.4.1-150400.3.3.1
  • qclib-devel-static-2.4.1-150400.3.3.1
  • libekmfweb1-devel-2.31.0-150400.7.27.1
  • qclib-debugsource-2.4.1-150400.3.3.1
  • libkmipclient1-2.31.0-150400.7.27.1
  • osasnmpd-2.31.0-150400.7.27.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-devel-2.31.0-150400.7.27.1
  • osasnmpd-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-hmcdrvfs-2.31.0-150400.7.27.1
  • s390-tools-chreipl-fcp-mpath-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • s390-tools-hmcdrvfs-debuginfo-2.31.0-150400.7.27.1
  • libqc2-debuginfo-2.4.1-150400.3.3.1
  • libqc2-2.4.1-150400.3.3.1
  • qclib-debuginfo-2.4.1-150400.3.3.1
  • qclib-devel-2.4.1-150400.3.3.1
• openSUSE Leap 15.4 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (s390x)
  • libkmipclient1-2.31.0-150400.7.27.1
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro 5.3 (s390x)
  • libkmipclient1-2.31.0-150400.7.27.1
  • s390-tools-debuginfo-2.31.0-150400.7.27.1
  • libekmfweb1-debuginfo-2.31.0-150400.7.27.1
  • libkmipclient1-debuginfo-2.31.0-150400.7.27.1
  • s390-tools-2.31.0-150400.7.27.1
  • libekmfweb1-2.31.0-150400.7.27.1
  • s390-tools-debugsource-2.31.0-150400.7.27.1
• SUSE Linux Enterprise Micro 5.3 (noarch)
  • s390-tools-genprotimg-data-2.31.0-150400.7.27.1

References:

• https://bugzilla.suse.com/show_bug.cgi?id=1214466
• https://bugzilla.suse.com/show_bug.cgi?id=1216212
• https://bugzilla.suse.com/show_bug.cgi?id=1216257
• https://bugzilla.suse.com/show_bug.cgi?id=1217923
• https://bugzilla.suse.com/show_bug.cgi?id=1219227
• https://bugzilla.suse.com/show_bug.cgi?id=1222143
• https://bugzilla.suse.com/show_bug.cgi?id=1222282
• https://bugzilla.suse.com/show_bug.cgi?id=1222675
• https://bugzilla.suse.com/show_bug.cgi?id=1223090
• https://bugzilla.suse.com/show_bug.cgi?id=1226609
• https://jira.suse.com/browse/PED-3223
• https://jira.suse.com/browse/PED-3275
• https://jira.suse.com/browse/PED-3284
• https://jira.suse.com/browse/PED-3285
• https://jira.suse.com/browse/PED-4604
• https://jira.suse.com/browse/PED-578
• https://jira.suse.com/browse/PED-5783
• https://jira.suse.com/browse/PED-585
• https://jira.suse.com/browse/PED-626
• https://jira.suse.com/browse/PED-6539
• https://jira.suse.com/browse/PED-6649
• https://jira.suse.com/browse/PED-6785
• https://jira.suse.com/browse/PED-7136
• https://jira.suse.com/browse/PED-7138