The most notable changes: A lockdown module that restricts the root user's access to kernel files and interfaces. Details. The virtiofs filesystem for forwarding specific host directories to guest systems. The interaction goes according to the "client-server" scheme through FUSE. Details. fs-verity file integrity control mechanism. Similar to dm-verity, but works at the Ext4 and F2FS file system level, not block devices. Details. The dm-clone module for copying read-only block devices, while data can be written to the copy directly during the cloning process. Details. Support for AMD Navi 12/14 GPUs and APUs from the Arcturus and Renoir families. Work has also begun on support for future Intel Tiger Lake graphics. The MADV_COLD and MADV_PAGEOUT flags for the madvise() system call. They allow you to determine what data in memory is not critical for the process to work or will not be needed for a long time so that this data can be forced out to swap and free up memory. The EROFS file system has been moved from the Staging section - a very light and fast read-only file system, beneficial for storing firmware and livecd. Details. The exFAT file system driver developed by Samsung has been added to the Staging section. Haltpoll mechanism to improve the performance of guest systems. It allows guests to receive additional CPU time before the CPU is returned to the hypervisor. Details. blk-iocost controller for distributing I/O between cgroups. The new controller focuses on the cost of the future IO operation. Details. Namespaces for kernel module symbols. Details. Work continues on integrating real-time patches into the kernel. The io_uring mechanism has been improved. Speed ββup work with large directories on XFS. Dozens of other changes. Source: linux.org.ru
