ProHoster > Blog > internet news > Linux 6.3 kernel release

Linux 6.3 kernel release

After two months of development, Linus Torvalds has released the Linux 6.3 kernel. Among the most notable changes: cleaning up obsolete ARM platforms and graphics drivers, continued integration of Rust language support, hwnoise utility, support for red-black tree structures in BPF, BIG TCP mode for IPv4, built-in Dhrystone benchmark, ability to disable execution in memfd, support for creating HID drivers using BPF, changes have been made to Btrfs to reduce block group fragmentation.

The new version accepted 15637 fixes from 2055 developers; patch size - 76 MB (changes affected 14296 files, 1023183 lines of code added, 883103 lines deleted). For comparison, in the previous version, 16843 fixes were proposed from 2178 developers; patch size - 62 MB. About 39% of all changes introduced in the 6.3 kernel are related to device drivers, about 15% of the changes are related to updating code specific to hardware architectures, 10% are related to the networking stack, 5% to file systems, and 3% to internal kernel subsystems.

Key innovations in kernel 6.3:

  • Memory and system services
    • A significant cleanup of code related to old and unused ARM boards has been carried out, which has reduced the size of the kernel sources by 150 thousand lines. Removed over 40 old ARM platforms.
    • Implemented the ability to create drivers for input devices with the HID (Human Interface Device) interface implemented in the form of BPF programs.
    • Continued porting from the Rust-for-Linux branch of additional functionality related to using Rust as a second language for developing drivers and kernel modules. Rust support is not enabled by default, and does not result in Rust being included as a mandatory kernel build dependency. The functionality offered in previous releases has been extended with support for the Arc types (an implementation of pointers with a reference count), ScopeGuard (cleanup is performed when going out of scope), and ForeignOwnable (provides pointer movement between C and Rust code). Removed module 'borrow' from package 'alloc' (type 'Cow' and trait 'ToOwned'). It is noted that the state of support for Rust in the kernel is already close to starting to accept the first modules written in Rust into the kernel.
    • User-mode Linux (running the kernel as a user process) on x86-64 systems supports code written in Rust. Added support for building User-mode Linux using clang with link-time optimizations enabled (LTO).
    • Added hwnoise utility to track delays caused by hardware behavior. Deviations in the execution time of operations (jitter) are determined when interrupt processing is disabled, exceeding one microsecond in 10 minutes of calculations.
    • A kernel module has been added with a Dhrystone benchmark implementation that can be used to evaluate CPU performance in configurations without user-space components (for example, at the porting stage for new SoCs that implement only kernel loading).
    • Added "cgroup.memory=nobpf" kernel command line option to disable memory consumption accounting for BPF programs, which can be useful for systems with isolated containers.
    • For BPF programs, an implementation of the red-black tree data structure is proposed, which uses kfunc + kptr (bpf_rbtree_add, bpf_rbtree_remove, bpf_rbtree_first) instead of adding a new mapping type.
    • In the mechanism of restartable sequences (rseq, restartable sequences), the possibility of passing parallel execution identifiers (memory-map concurrency ID) identified with the CPU number has been added to processes. Rseq provides a means for quickly atomically executing operations that, if interrupted by another thread, are cleaned up and retried.
    • ARM processors support SME 2 (Scalable Matrix Extension) instructions.
    • For the s390x and RISC-V RV64 architectures, support for the "BPF trampoline" mechanism is implemented, which allows minimizing overhead when transferring calls between the kernel and BPF programs.
    • On systems with processors based on the RISC-V architecture, the use of "ZBB" instructions has been implemented to speed up string operations.
    • For systems based on the LoongArch instruction set architecture (used in the Loongson 3 5000 processors and implementing a new RISC ISA similar to MIPS and RISC-V), support for kernel address space randomization (KASLR), relocation of the kernel in memory (relocation), hardware points stop and kprobe mechanism.
    • The DAMOS (Data Access Monitoring-based Operation Schemes) mechanism, which allows you to free up memory based on the frequency of memory access, supports filters to exclude certain areas of memory from processing in DAMOS.
    • The minimal standard C library Nolibc implements support for the s390 architecture and the Arm Thumb1 instruction set (in addition to support for ARM, AArch64, i386, x86_64, RISC-V and MIPS).
    • Objtool has been optimized to speed up kernel builds and reduce peak memory consumption during builds (when building the kernel in "allyesconfig" mode, there are no problems with forced termination of processes on systems with 32 GB of RAM).
    • Support for the assembly of the kernel by the Intel ICC compiler has been discontinued, which has been out of work for a long time and no one has expressed a desire to fix it.
  • Disk Subsystem, I/O and File Systems
    • tmpfs supports mounted filesystem user ID mapping, which is used to map a specific user's files on a mounted foreign partition to another user on the current system.
    • In Btrfs, to reduce the fragmentation of groups of blocks, the extents are divided by size when allocating blocks, i.e. any group of blocks is now limited to small (up to 128KB), medium (up to 8MB), and large extents. The raid56 implementation has been refactored. Redesigned code for checking checksums. Performance optimizations have been made to speed up the send operation by up to 10 times by caching utime for directories and executing commands only when needed. 10x faster fiemap operations by skipping backlink checks for shared data (snapshots). Operations with metadata are accelerated by XNUMX% by optimizing the search for keys in b-tree structures.
    • Improved performance of ext4 FS by allowing multiple processes to simultaneously perform direct I/O operations to pre-allocated blocks using shared inode locks instead of exclusive locks.
    • In f2fs, work has been done to improve the readability of the code. Fixed important issues related to atomic writing and the new extent cache.
    • Designed for read-only partitions, EROFS (Enhanced Read-Only File System) has the ability to bind compressed file decompression operations to the CPU to reduce data access latency.
    • The BFQ I/O scheduler has added support for advanced spinning disk drives, such as those that use multiple separately controlled drives (Multi Actuator).
    • Support for data encryption using the AES-SHA2 algorithm has been added to the implementation of the NFS client and server.
    • The FUSE (Filesystems In User Space) subsystem has added support for the query extension mechanism, which allows you to put additional information in the query. Based on this feature, the addition of group identifiers to the FS request is implemented, which are necessary to take into account access rights when creating objects in the FS (create, mkdir, symlink, mknod).
  • Virtualization and Security
    • The KVM hypervisor for x86 systems adds support for extended Hyper-V hypercalls and provides them with forwarding to a handler running in a user-space host environment. The change made it possible to implement support for nested launch of the Hyper-V hypervisor.
    • KVM makes it easier to restrict guest system access to PMU (Performance Monitor Unit) events related to performance measurement.
    • The memfd mechanism, which allows you to identify a memory area through a file descriptor passed between processes, has been added the ability to create areas in which code execution is prohibited (non-executable memfd) and it is impossible to set execution rights in the future.
    • A new PR_SET_MDWE prctl operation has been added to block attempts to include memory access rights that allow both write and execute at the same time.
    • Protection against attacks of the Specter class has been added and enabled by default, based on the IBRS (Enhanced Indirect Branch Restricted Speculation) automatic mode proposed in AMD Zen 4 processors, which allows you to adaptively enable and disable speculative execution of instructions during interrupt processing, system calls, and context switches. The proposed protection results in lower overhead compared to Retpoline protection.
    • Addresses a vulnerability that could bypass Specter v2 attack protection when using simultaneous multithreading technology (SMT or Hyper-Threading) and caused by disabling the STIBP (Single Thread Indirect Branch Predictors) mechanism when selecting IBRS protection mode.
    • For ARM64-based systems, a new "virtconfig" build target has been added, which, when selected, activates only the minimum set of kernel components required to boot in virtualization systems.
    • Added support for filtering system calls using the seccomp mechanism for the m68k architecture.
    • Added support for AMD Ryzen processors' built-in CRB TPM2 (Command Response Buffer) devices based on Microsoft Pluton technology.
  • Network subsystem
    • A netlink interface has been added to configure the PLCA (Physical Layer Collision Avoidance) sublayer, defined in the IEEE 802.3cg-2019 specification and used in 802.3cg (10Base-T1S) Ethernet networks optimized for connecting IoT devices and industrial systems. The use of PLCA improves performance on shared media Ethernet networks.
    • Support for the "wireless extensions" API for managing WiFi 7 (802.11be) wireless interfaces has been discontinued, since this API does not cover all the necessary settings. When attempting to use the "wireless extensions" API, which continues to be supported as an emulated layer, a warning will now be displayed for most current devices.
    • Detailed documentation on the netlink API has been prepared (for kernel developers and for developers of user-space applications). The ynl-gen-c utility has been implemented to generate C-code based on the YAML specifications of the Netlink protocol.
    • Support for the IP_LOCAL_PORT_RANGE option has been added to network sockets to simplify the configuration of outgoing connections through address translators without using SNAT. When using the same IP address on multiple hosts, IP_LOCAL_PORT_RANGE allows each host to use its own range of outgoing network ports, and on the gateway to forward packets based on port numbers.
    • For MPTCP (MultiPath TCP), the ability to process mixed streams that use the IPv4 and IPv6 protocols is implemented. MPTCP is an extension of the TCP protocol for organizing the operation of a TCP connection with the delivery of packets simultaneously along several routes through different network interfaces bound to different IP addresses.
    • For IPv4, the possibility of using the BIG TCP extension is implemented, which allows increasing the maximum TCP packet size up to 4 GB to optimize the operation of high-speed internal networks of data centers. This increase in packet size with a 16-bit header field is achieved by implementing "jumbo" packets that have the IP header size set to 0 and the actual size transmitted in a separate 32-bit field in a separate attached header.
    • A new sysctl parameter default_rps_mask has been added, through which you can set the default RPS (Receive Packet Steering) configuration, which is responsible for distributing the processing of incoming traffic across CPU cores at the interrupt handler level.
    • Discontinued support for queuing disciplines to restrict CBQ (class-based queuing), ATM (ATM virtual circuits), dsmark (differentiated service marker), tcindex (traffic-control index), and RSVP (resource reservation protocol) traffic. These disciplines have been abandoned for a long time and no one was willing to continue their support.
  • Equipment
    • Removed all DRI1 based graphics drivers: i810 (old Intel 8xx integrated graphics cards), mga (Matrox GPU), r128 (ATI Rage 128 GPU including Rage Fury, XPERT 99 and XPERT 128 cards), savage (S3 Savage GPU), sis (Crusty SiS GPU), tdfx (3dfx Voodoo) and via (VIA IGP), which were deprecated in 2016 and have not been supported in Mesa since 2012.
    • Removed obsolete framebuffer (fbdev) drivers omap1, s3c2410, tmiofb and w100fb.
    • A DRM driver has been added for the VPU (Versatile Processing Unit) integrated into the Intel Meteor Lake (14th generation) CPUs, designed to accelerate computer vision and machine learning operations. The driver is implemented using the "accel" subsystem, aimed at providing support for computing accelerators, which can be supplied both in the form of separate ASICs and as IP blocks inside the SoC and GPU.
    • The i915 (Intel) driver expands support for Intel Arc (DG2/Alchemist) discrete graphics cards, introduces preliminary support for Meteor Lake GPUs, and includes support for Intel Xe HP 4tile GPUs.
    • The amdgpu driver adds support for AdaptiveSync technology and the ability to use Secure Display with multiple displays. Updated support for DCN 3.2 (Display Core Next), SR-IOV RAS, VCN RAS, SMU 13.x and DP 2.1.
    • Added support for SM8350, SM8450 SM8550, SDM845 and SC8280XP platforms to the msm driver (GPU Qualcomm Adreno).
    • The Nouveau driver has dropped support for old ioctl calls.
    • Experimental support for NPU VerSilicon (VeriSilicon Neural Network Processor) has been added to the etnaviv driver.
    • The pata_parport driver for IDE drives connected via a parallel port has been implemented. The added driver made it possible to remove the old PARIDE driver from the kernel and upgrade the ATA subsystem. A limitation of the new driver is the inability to simultaneously connect a printer and a disk through a parallel port.
    • Added ath12k driver for wireless cards based on Qualcomm chips with Wi-Fi 7 support. Added support for wireless cards based on RealTek RTL8188EU chips.
    • Added support for 46 boards based on ARM64 architecture, including Samsung Galaxy tab A (2015), Samsung Galaxy S5, BananaPi R3, Debix Model A, EmbedFire LubanCat 1/2, Facebook Greatlakes, Orange Pi R1 Plus, Tesla FSD, and also devices based on SoC Qualcomm MSM8953 (Snapdragon 610), SM8550 (Snapdragon 8 Gen 2), SDM450 and SDM632, Rockchips RK3128 TV box, RV1126 Vision, RK3588, RK3568, RK3566, RK3588 and RK3328, TI K3 (AM642/AM 654/AM68 /AM69).

At the same time, the Latin American Free Software Foundation formed a variant of the completely free kernel 6.3 - Linux-libre 6.3-gnu, cleared of firmware and driver elements containing non-free components or code sections, the scope of which is limited by the manufacturer. In release 6.3, blobs were cleaned up in the new ath12k, aw88395, and peb2466 drivers, as well as in the new devicetree files for AArch64-based qcom devices. Updated blob cleaning code in amdgpu, xhci-rcar, qcom-q6v5-pas, sp8870, av7110 drivers and subsystems, as well as in drivers for DVB-cards with software decoding and in precompiled BPF files. Stopped purge drivers mga, r128, tm6000, cpia2 and r8188eu as they were removed from the kernel. Improved i915 driver blob cleaning.

Source: opennet.ru

Add a comment