ProHoster > Blog > internet news > Linux 6.1 kernel release

Linux 6.1 kernel release

After two months of development, Linus Torvalds has released the Linux 6.1 kernel. Among the most noticeable changes: support for the development of drivers and modules in the Rust language, modernization of the mechanism for determining the used memory pages, a special memory manager for BPF programs, the KMSAN memory problem diagnostic system, the KCFI (Kernelk Control-Flow Integrity) protection mechanism, the introduction of the Maple structure tree.

The new version received 15115 fixes from 2139 developers, the patch size is 51 MB, which is about 2 times smaller than the size of patches from kernels 6.0 and 5.19. The changes affected 13165 files, 716247 lines of code were added, 304560 lines were deleted. About 45% of all changes introduced in 6.1 are associated with device drivers, approximately 14% of changes are related to updating code specific to hardware architectures, 14% are related to the networking stack, 3% to file systems, and 3% to internal kernel subsystems.

Key innovations in kernel 6.1:

  • Memory and system services
    • Added the ability to use Rust as a second language for developing drivers and kernel modules. The main reason for supporting Rust is to make it easier to write safe and high-quality device drivers by reducing the likelihood of making errors when working with memory. Rust support is disabled by default and does not result in Rust being included as a required kernel build dependency. The kernel has so far adopted a minimal stripped-down version of the patches, which has been reduced from 40 to 13 thousand lines of code and provides only the necessary minimum, sufficient to build a simple kernel module written in the Rust language. In the future, it is planned to gradually increase the existing functionality, transferring other changes from the Rust-for-Linux branch. In parallel, projects are being developed to use the proposed infrastructure to develop drivers for NVMe drives, the 9p network protocol and the Apple M1 GPU in the Rust language.
    • For systems based on AArch64, RISC-V and LoongArch architectures with EFI, the ability to directly load compressed kernel images is implemented. Added handlers for loading, running and unloading kernel images, called directly from EFI zboot. Handlers for installing and removing protocols from the EFI protocol database have also been added. Previously, unpacking was carried out by a separate bootloader, but now it can be done by a handler in the kernel itself - the kernel image is formed as an EFI application.
    • Part of the patches was adopted with the implementation of a multi-level memory management model that allows you to separate memory banks with different performance characteristics. For example, the most heavily used pages may be stored in the fastest memory, while the rarely used pages may be stored in relatively slow memory. The 6.1 kernel adopts a mechanism to determine if heavily used pages are in slow memory to move them to fast memory, and implements the general concept of memory levels and their relative performance.
    • It includes the MGLRU (Multi-Generational LRU) mechanism, which replaces the old LRU (Least Recently Used) implementation based on two queues with a multi-stage structure that better determines which memory pages are actually in use and which can be pushed out to the swap partition.
    • Added support for the "maple tree" data structure proposed by Oracle engineers, which is positioned as a more efficient replacement for the "red-black tree" structure. The Maple tree is a variant of the B-tree that supports range indexing and is designed to make efficient use of the cache of modern processors. Some memory management subsystems have already been transferred to the maple tree, which has a positive effect on their performance. In the future, the maple tree may be used to implement range locking.
    • Added to the BPF subsystem is the ability to create "destructive" BPF programs specifically designed to trigger a crash via the crash_kexec() call. Such BPF programs may be required for debugging purposes to trigger the creation of a crash dump at a certain point in time. Access to destructive operations when loading a BPF program requires specifying the BPF_F_DESTRUCTIVE flag, activating sysctl kernel.destructive_bpf_enabled, and having CAP_SYS_BOOT rights.
    • For BPF programs, it is possible to iterate over cgroup elements, as well as iterate over resources (files, vma, processes, etc.) of a specific thread or task. Implemented a new map type for creating user ring buffers.
    • Added a special call for memory allocation in BPF programs (memory allocator), which provides safer memory allocation in the BPF context than the standard kmalloc().
    • The first part of the changes has been integrated, providing the ability to create drivers for input devices with the HID (Human Interface Device) interface, implemented in the form of BPF programs.
    • Code has been completely removed from the kernel to support the a.out executable file format, which was deprecated in the 5.1 release, and since versions 5.18 and 5.19 has been disabled for major architectures. The a.out format has long been retired on Linux systems, and a.out file generation is not supported by modern tools in default Linux configurations. The loader for a.out files can be implemented entirely in user space.
    • For systems based on the LoongArch instruction set architecture used in the Loongson 3 5000 processors and implementing a new RISC ISA similar to MIPS and RISC-V, support for performance measurement events (perf event), kexec, kdump and BPF JIT compilation is implemented.
    • The io_uring asynchronous I/O interface offers a new mode, IORING_SETUP_DEFER_TASKRUN, which allows ring buffer-related work to be temporarily deferred until an application request is made, which can be used to batch work and avoid latency issues due to preemption. applications at the wrong time.
    • Processes in user space are given the opportunity to initiate the conversion of a range of ordinary memory pages into a set of large memory pages (Transparent Huge-Pages).
    • Implementation of the device /dev/userfaultfd has been added, which allows organizing access to the functionality of the userfaultfd() system call using access rights in the file system. The userfaultfd functionality allows you to create handlers for accessing unallocated memory pages (page faults) in user space.
    • The requirements for the version of the GNU Make utility have been increased - at least version 3.82 is now required to build the kernel.
  • Disk Subsystem, I/O and File Systems
    • Significant performance optimizations have been made to the Btrfs file system; among other things, the performance of the FIEMAP ioctl call has been increased by orders of magnitude. Added support for asynchronous buffered writes for applications using io_uring. Added support for files protected with fs-verity to the β€œsend” operation.
    • The ext4 file system adds performance optimizations related to journaling and read-only operation.
    • The EROFS (Enhanced Read-Only File System) file system, designed for use on partitions accessible in read-only mode, implements the ability to share data duplicated in different file systems.
    • Added the ability to display information about whether direct I/O can be applied to a file has been added to the statx() system call.
    • Support for creating temporary files with the O_TMPFILE flag has been added to the FUSE (Filesystems in User Space) subsystem.
  • Virtualization and Security
    • The implementation of the CFI (Control Flow Integrity) protection mechanism has been replaced, adding checks before each indirect function call to identify some forms of undefined behavior that can potentially lead to a violation of the normal execution order (control flow) as a result of using exploits that change the function pointers stored in memory . The standard implementation of CFI from the LLVM project has been replaced with a variant also based on the use of Clang, but specially adapted to protect low-level subsystems and operating system kernels. In LLVM, a new implementation will be proposed in the Clang 16 release and will be enabled with the "-fsanitize=kcfi" option. The key difference of the new implementation is that it is not tied to link-time optimizations (LTO) and does not result in replacing function pointers with links in the jump table.
    • For LSM modules (Linux Security Module), the ability to create handlers that intercept operations for creating namespaces is provided.
    • Provided tools for verifying PKCS#7 digital signatures in BPF programs.
    • /dev/random returned the ability to open in non-blocking mode (O_NONBLOCK), which was inadvertently removed in the 5.6 kernel.
    • Added a warning on x86 systems when kernel subsystems map memory pages that are both executable and writable. In the future, the possibility of completely prohibiting such memory mapping is considered.
    • Added a KMSAN (Kernel Memory Sanitizer) debugging mechanism to detect uninitialized memory usage in the kernel, as well as uninitialized memory leaks between user space and devices.
    • Improvements have been made to the cryptographically secure CRNG pseudo-random number generator used in the getrandom call. The changes were prepared by Jason A. Donenfeld, author of VPN WireGuard, and are aimed at improving the security of retrieving pseudo-random integers.
  • Network subsystem
    • The TCP stack provides the ability (disabled by default) to use socket hash tables separately for each namespace, which improves performance on systems with a large number of namespaces.
    • Removed code to support the legacy DECnet protocol. User space API stubs are left in place to allow applications that use DECnet to be compiled, but these applications will not be able to connect to the network.
    • The netlink protocol is documented.
  • Equipment
    • Support for DSC (Display Stream Compression) forwarding has been added to the amdgpu driver for lossless data compression when exchanging information with screens that support very high resolution. Work continued to support the AMD RDNA3 (RX 7000) and CDNA (Instinct) platforms. Added support for DCN 3.2, SMU 13.x, NBIO 7.7, GC 11.x, PSP 13.x, SDMA 6.x and GMC 11.x IP components. The amdkfd driver (for discrete AMD GPUs such as Polaris) has implemented support for GFX 11.0.3.
    • Meteor Lake GPU enabled in i915 (Intel) driver. Meteor Lake and newer GPUs support DP 2.0 (DisplayPort). Added identifiers for video cards based on the Alder Lake S microarchitecture.
    • Added support for audio subsystems implemented in Apple Silicon, Intel SkyLake and Intel KabyLake processors. The CS35L41 HDA audio driver supports sleep mode. Added ASoC (ALSA System on Chip) support for Apple Silicon embedded audio chips, AMD Rembrant DSPs, AMD Pink Sardine ACP 6.2, Everest ES8326, Intel Sky Lake and Kaby Lake, Mediatek MT8186, NXP i.MX8ULP DSPs, Qualcomm SC8280XP, SM8250, SM8450 and Texas Instruments SRC4392
    • Added support for LCD panels Samsung LTL101AL01, B120XAN01.0, R140NWF5 RH, Densitron DMT028VGHMCMI-1A TFT, AUO B133UAN02.1, IVO M133NW4J-R3, Innolux N120ACA-EA1, AUO B116XAK01.6, BOE NT116WHM -N21, INX N116BCA-EA2 , INX N116BCN-EA1, Multi-Inno Technology MI0800FT-9.
    • Added support for AHCI SATA controllers used in the Baikal-T1 SoC.
    • Added support for Bluetooth chips MediaTek MT7921, Intel Magnetor (CNVi, Integrated Connectivity), Realtek RTL8852C, RTW8852AE and RTL8761BUV (Edimax BT-8500).
    • The ath11k driver for Qualcomm wireless modules has added support for spectral scanning in the 160 MHz band, implemented multi-threaded NAPI, and improved support for Wi-Fi chips Qualcomm WCN6750.
    • Added drivers for PinePhone Keyboard, InterTouch Touchpads (ThinkPad P1 G3), X-Box Adaptive Controller, PhoenixRC Flight Controller, VRC-2 Car Controller, DualSense Edge Controller, IBM Operation Panels, XBOX One Elite, Tablets XP-PEN Deco Pro S and Intuos Pro Small (PTH-460).
    • Added driver for Aspeed HACE (Hash and Crypto Engine) cryptographic accelerators.
    • Added support for Intel Meteor Lake integrated Thunderbolt/USB4 controllers.
    • Added support for Sony Xperia 1 IV, Samsung Galaxy E5, E7 and Grand Max, Pine64 Pinephone Pro smartphones.
    • Added support for ARM SoCs and boards: AMD DaytonaX, Mediatek MT8186, Rockchips RK3399 and RK3566, TI AM62A, NXP i.MX8DXL, Renesas R-Car H3Ne-1.7G, Qualcomm IPQ8064-v2.0, IPQ8062, IPQ8065, Kontron SL/BL i.MX8MM OSM-S, MT8195 (Acer Tomato), Radxa ROCK 4C+, NanoPi R4S Enterprise Edition, JetHome JetHub D1p. Updated drivers for Samsung, Mediatek, Renesas, Tegra, Qualcomm, Broadcom and NXP SoCs.

At the same time, the Latin American Free Software Foundation formed a variant of the completely free kernel 6.1 - Linux-libre 6.1-gnu, cleared of firmware and driver elements containing non-free components or code sections, the scope of which is limited by the manufacturer. The new release cleans up the new rtw8852b driver and DTS files for various Qualcomm and MediaTek SoCs with processors based on the AArch64 architecture. Updated blob cleanup code in amdgpu, i915, brcmfmac, r8188eu, rtw8852c, Intel ACPI drivers and subsystems. Cleaning of obsolete tm6000 TV cards, cpia2 v4l, sp8870, av7110 drivers has been corrected.

Source: opennet.ru

Add a comment