Tom qab ob lub hlis ntawm txoj kev loj hlob, Linus Torvalds kernel tso tawm . Ntawm cov kev hloov pauv uas pom tau tshaj plaws: Ext4 kev khiav hauj lwm hom yog rooj plaub-insensitive, cais lub kaw lus hu rau mounting cov ntaub ntawv kaw lus, tsav tsheb rau GPU Mali 4xx / 6xx / 7xx, muaj peev xwm los tswj cov kev hloov pauv hauv sysctl qhov tseem ceeb hauv BPF cov kev pab cuam, ntaus ntawv-mapper module dm-plua plav, tiv thaiv kev tawm tsam MDS, kev txhawb nqa rau Sound Open Firmware rau DSP, kev ua kom zoo ntawm BFQ kev ua tau zoo, nqa PSI (Pressure Stall Information) subsystem rau kev siv tau hauv Android.
Tus tshiab version suav nrog 15100 kho los ntawm 1882 tus tsim tawm,
thaj loj - 62 MB (hloov cuam tshuam 30889 cov ntaub ntawv, 625094 kab ntawm cov lej tau ntxiv, 531864 kab raug tshem tawm). Kwv yees li 45% ntawm tag nrho cov nthuav tawm hauv 5.2
Cov kev hloov pauv muaj feem xyuam rau cov tsav tsheb, kwv yees li 21% ntawm cov kev hloov pauv
Tus cwj pwm ntawm kev hloov kho cov cai tshwj xeeb rau kho vajtse architectures, 12%
cuam ββtshuam rau pawg network, 3% rau cov ntaub ntawv kaw lus thiab 3% rau sab hauv
kernel subsystems. 12.4% ntawm tag nrho cov kev hloov pauv tau npaj los ntawm Intel, 6.3% los ntawm Red Hat, 5.4% los ntawm Google, 4.0% los ntawm AMD, 3.1% los ntawm SUSE, 3% los ntawm IBM, 2.7% los ntawm Huawei, 2.7% los ntawm Linaro, 2.2% los ntawm ARM , 1.6% - Oracle.
:
- Disk subsystem, I / O thiab cov ntaub ntawv systems
- Ntxiv rau Ext4 ua haujlwm yam tsis paub qhov txawv ntawm cov cim hauv cov npe cov ntaub ntawv, uas tsuas yog qhib rau hauv kev sib raug zoo rau ib tus kheej cov npe khoob uas siv tus cwj pwm tshiab "+F" (EXT4_CASEFOLD_FL). Thaum tus cwj pwm no tau teeb tsa rau hauv phau ntawv teev npe, txhua qhov kev ua haujlwm nrog cov ntaub ntawv thiab cov npe subdirectories hauv yuav ua tiav yam tsis xav txog cov xwm txheej ntawm cov cim, suav nrog cov ntaub ntawv yuav raug tsis quav ntsej thaum tshawb nrhiav thiab qhib cov ntaub ntawv (piv txwv li, cov ntaub ntawv Test.txt, test.txt thiab test.TXT hauv cov ntawv teev npe no yuav suav tias yog tib yam). Los ntawm lub neej ntawd, cov ntaub ntawv kaw lus txuas ntxiv ua qhov tseem ceeb, nrog rau kev zam ntawm cov npe nrog "chattr + F" tus cwj pwm;
- Kev ua haujlwm rau kev ua UTF-8 cov cim hauv cov npe cov ntaub ntawv, uas yog siv thaum ua cov hlua sib piv thiab kev ua haujlwm zoo, tau koom ua ke;
- XFS ntxiv cov txheej txheem rau kev saib xyuas kev noj qab haus huv ntawm cov ntaub ntawv thiab ioctl tshiab rau kev nug txog kev noj qab haus huv. Ib qho kev sim ua haujlwm tau siv los kuaj xyuas cov txee superblock online.
- Ntxiv tshiab module ntaus ntawv-mapper "", uas tso cai rau koj simulate cov tsos ntawm cov blocks phem ntawm kev tshaj tawm lossis yuam kev thaum nyeem ntawv los ntawm disk. Lub module tso cai rau koj los ua kom yooj yim debugging thiab kuaj cov ntawv thov thiab ntau lub tshuab cia nyob rau hauv lub ntsej muag ntawm qhov ua tsis tiav;
- Kev ua tau zoo tseem ceeb rau BFQ I/O teem sijhawm. Nyob rau hauv tej yam kev mob ntawm siab I / O load, optimizations ua Txo lub sijhawm ua haujlwm xws li tso cov ntawv thov txog li 80%.
- Ntxiv ib tug series ntawm system hu rau mounting cov ntaub ntawv systems: , , , , ΠΈ . Cov kev hu xov tooj no tso cai rau koj cais cov txheej txheem sib txawv ntawm mounting (txheej txheem superblock, tau txais cov ntaub ntawv hais txog cov ntaub ntawv kaw lus, mount, txuas mus rau qhov taw tes mount), uas yav tas los tau ua los ntawm kev siv lub npe hu ua general mount() system call. Kev hu xov tooj sib cais muab lub peev xwm los ua qhov nyuaj mount scenarios thiab ua haujlwm sib cais xws li kev teeb tsa lub superblock, ua kom muaj kev xaiv, hloov qhov taw tes mount, thiab txav mus rau qhov chaw sib txawv. Tsis tas li ntawd, kev ua haujlwm sib cais tso cai rau koj kom raug txiav txim siab vim li cas rau qhov tso tawm ntawm cov lej yuam kev thiab teeb tsa ntau qhov chaw rau ntau txheej txheej ntaub ntawv, xws li overlayfs;
- Kev ua haujlwm tshiab IORING_OP_SYNC_FILE_RANGE tau ntxiv rau qhov sib txuas rau asynchronous I/O io_uring, uas ua haujlwm sib npaug rau kev hu xov tooj. , thiab kuj tau siv lub peev xwm los sau npe eventfd nrog io_uring thiab tau txais cov ntawv ceeb toom txog kev ua tiav ntawm kev ua haujlwm;
- Rau CIFS cov ntaub ntawv kaw lus, FIEMAP ioctl tau ntxiv, muab kev ua haujlwm tau zoo, nrog rau kev txhawb nqa rau SEEK_DATA thiab SEEK_HOLE hom;
- Hauv FUSE subsystem API rau kev tswj cov ntaub ntawv caching;
- Btrfs tau ua kom zoo dua qhov kev siv qgroups thiab txhim kho fsync ua kom ceev rau cov ntaub ntawv nrog ntau qhov txuas nyuaj. Cov ntaub ntawv txheeb xyuas kev ncaj ncees tau raug txhim kho, uas tam sim no coj mus rau hauv tus account qhov ua tau puas tsuaj rau cov ntaub ntawv hauv RAM ua ntej yaug cov ntaub ntawv rau disk;
- CEPH ntxiv kev txhawb nqa rau kev xa tawm snapshots ntawm NFS;
- Kev siv ntawm NFSv4 mounting hauv "mos" hom tau raug txhim kho (yog tias muaj kev ua yuam kev tshwm sim hauv kev nkag mus rau lub server hauv "mos", hu rau tam sim rov qab qhov yuam kev, thiab hauv "nyuaj" hom tswj tsis tau muab kom txog thaum FS Lub sijhawm muaj los yog ncua sij hawm rov qab los). Qhov kev tso tawm tshiab no muab kev tuav sijhawm kom raug ntau dua, rov qab poob sai dua, thiab qhov kev xaiv tshiab "softer" mount uas tso cai rau koj hloov qhov yuam kev (ETIMEDOUT) rov qab thaum lub sijhawm tshwm sim;
- Nfsdcld API, tsim los taug qab lub xeev ntawm NFS cov neeg siv khoom, tso cai rau NFS server kom raug taug qab lub xeev ntawm tus neeg siv khoom thaum rov pib dua. Yog li, nfsdcld daemon tam sim no tuaj yeem ua raws li tus neeg tuav nfsdcltrack;
- Rau AFS emulation ntawm byte range locks hauv cov ntaub ntawv ();
- Virtualization thiab Kev Ruaj Ntseg
- Kev ua haujlwm tau ua kom tshem tawm cov chaw hauv cov ntsiav uas tso cai rau kev ua tiav los ntawm cov ntawv sau tau cuam tshuam txog thaj chaw nco, uas tso cai rau thaiv qhov muaj peev xwm uas tuaj yeem siv tau thaum muaj kev tawm tsam;
- Ib qho tshiab kernel hais kom ua kab parameter "mitigations=" tau ntxiv, muab txoj hauv kev yooj yim los tswj kev ua haujlwm ntawm qee cov tswv yim los tiv thaiv qhov tsis zoo cuam tshuam nrog kev ua tiav ntawm cov lus qhia ntawm CPU. Dhau "mitigations = off" disables tag nrho cov uas twb muaj lawm txoj kev, thiab lub neej ntawd hom "mitigations = auto" enables kev tiv thaiv tab sis tsis cuam tshuam rau kev siv ntawm Hyper Threading. Hom "mitigations = auto, nosmt" kuj tseem cuam tshuam Hyper Threading yog tias xav tau los ntawm txoj kev tiv thaiv.
- Kev them nyiaj yug rau hluav taws xob digital kos npe raws li GOST R 34.10-2012 (RFC 7091, ISO / IEC 14888-3), Vitaly Chikunov los ntawm Basalt SPO. Ntxiv kev txhawb nqa rau AES128-CCM rau kev siv TLS haiv neeg. Ntxiv kev txhawb nqa rau AEAD algorithms rau crypto_simd module;
- Hauv Kconfig cais "kernel hardening" ntu nrog cov kev xaiv los txhim kho cov kev tiv thaiv kernel. Tam sim no, ntu tshiab tsuas muaj cov chaw rau kev ua kom GCC xyuas-txhim kho plugins;
- Lub kernel code yog yuav luag los ntawm cov ntaub ntawv tsis tawg hauv kev hloov pauv (tsis muaj rov qab los yog tawg tom qab txhua qhov xwm txheej thaiv). Nws tseem yuav txhim kho 32 ntawm 2311 qhov xwm txheej ntawm kev siv qhov hloov pauv, tom qab ntawd nws yuav tuaj yeem siv hom "-Wimplicit-fallthrough" thaum tsim lub kernel;
- Rau PowerPC architecture, kev txhawb nqa rau cov cuab yeej kho vajtse rau kev txwv tsis pub cov ntsiav nkag mus rau cov ntaub ntawv hauv qhov chaw siv tau raug siv;
- Ntxiv thaiv cov cai MDS (Microarchitectural Data Sampling) chav kawm hauv Intel processors. Koj tuaj yeem tshawb xyuas seb lub kaw lus puas muaj qhov tsis zoo los ntawm SysFS hloov pauv "/sys/devices/system/cpu/vulnerabilities/mds". ob hom kev tiv thaiv: tag nrho, uas yuav tsum tau hloov kho microcode, thiab bypass, uas tsis tau lees paub tag nrho kev tshem tawm ntawm CPU buffers thaum tswj tau pauv mus rau cov neeg siv qhov chaw lossis cov qhua. Txhawm rau tswj kev tiv thaiv hom, "mds =" parameter tau ntxiv rau hauv cov ntsiav, uas tuaj yeem siv qhov tseem ceeb "full", "full, nosmt" (+ lov tes taw Hyper-Threads) thiab "tawm";
- Ntawm x86-64 systems, "poob guard-nplooj" tiv thaiv tau ntxiv rau IRQ, debugging mechanisms thiab tshwj xeeb handlers, qhov tseem ceeb ntawm uas yog hloov pauv ntawm cov nplooj ntawv nco ntawm ciam teb nrog pawg, nkag mus uas ua rau lub cim xeeb ntawm cov nplooj ntawv. kev zam (page-fault);
- Ntxiv sysctl teeb tsa vm.unprivileged_userfaultfd, uas tswj lub peev xwm ntawm cov txheej txheem tsis tsim nyog siv userfaultfd() system hu;
- Network subsystem
- IPv6 qhov rooj txhawb nqa rau IPv4 txoj hauv kev. Piv txwv li, tam sim no koj tuaj yeem teev cov kev cai routing xws li "ip ro ntxiv 172.16.1.0/24 ntawm inet6 2001: db8:: 1 dev eth0";
- Rau ICMPv6, ioctl hu icmp_echo_ignore_anycast thiab icmp_echo_ignore_multicast yog siv los tsis quav ntsej ICMP ECHO rau anycast thiab
multicast chaw nyob. muaj peev xwm txwv qhov kev siv ntawm ICMPv6 pob ntawv ua tiav; - Rau BATMAN (Txoj Kev Zoo Tshaj Plaws Rau Mobile Adhoc Networking) mesh raws tu qauv, uas tso cai rau kev tsim cov kev sib koom ua ke uas txhua qhov txuas txuas nrog cov neeg nyob sib ze, txhawb kev tshaj tawm los ntawm multicast rau unicast, nrog rau kev muaj peev xwm tswj tau ntawm sysfs;
- Hauv ethtool tus tshiab Fast Link Down parameter, uas tso cai rau koj txo lub sij hawm nws yuav siv sij hawm kom tau txais cov ntaub ntawv hais txog ib tug link down tshwm sim rau 1000BaseT (nyob rau hauv ib txwm tej yam kev mob ncua yog mus txog 750ms);
- tshwm sim khi Foo-Over-UDP tunnels rau ib qho chaw nyob, network interface lossis lub qhov (socket) (yav dhau los khi tau ua tiav los ntawm lub npog ntsej muag nkaus xwb);
- Hauv cov kab ke wireless muaj peev xwm ua tau raws li cov neeg siv khoom
OWE (Opportunistic Wireless Encryption) hauv qhov chaw neeg siv; - Hauv Netfilter, kev txhawb nqa rau tsev neeg inet chaw nyob tau ntxiv rau nat chains (piv txwv li, tam sim no koj tuaj yeem siv ib txoj cai txhais lus los ua ipv4 thiab ipv6, yam tsis tau cais cov cai rau ipv4 thiab ipv6);
- Hauv netlink nruj rau kev soj ntsuam nruj ntawm qhov tseeb ntawm tag nrho cov lus thiab cov cwj pwm, nyob rau hauv uas qhov kev cia siab loj ntawm cov cwj pwm tsis pub tshaj thiab ntxiv cov ntaub ntawv ntxiv thaum kawg ntawm cov lus raug txwv;
- Kev pabcuam nco thiab system
- Tus chij CLONE_PIDFD tau ntxiv rau clone() system hu, thaum teev tseg, cov ntaub ntawv piav qhia "pidfd" txheeb xyuas nrog cov txheej txheem tsim tus menyuam raug xa rov qab mus rau cov txheej txheem niam txiv. Cov ntaub ntawv piav qhia no, piv txwv li, tuaj yeem siv los xa cov teeb liab yam tsis muaj kev ntshai ntawm kev khiav mus rau hauv ib qho kev sib tw (tam sim ntawd tom qab xa cov teeb liab, lub hom phiaj PID tuaj yeem raug tso tawm vim qhov txheej txheem txiav tawm thiab nyob ntawm lwm tus txheej txheem);
- Rau qhov thib ob version ntawm cgroups, lub freezer maub los ua haujlwm tau ntxiv, uas koj tuaj yeem tso tseg tsis ua haujlwm hauv cgroup thiab tso tseg qee qhov kev pabcuam (CPU, I / O, thiab muaj peev xwm txawm tias nco) ua lwm yam haujlwm. Kev tswj hwm yog ua tiav los ntawm cgroup.freeze thiab cgroup.events tswj cov ntaub ntawv hauv cgroup ntoo. Nkag mus 1 hauv cgroup.freeze freezes cov txheej txheem hauv cgroup tam sim no thiab tag nrho cov pab pawg me nyuam. Txij li thaum khov yuav siv sij hawm me ntsis, ib qho ntxiv cgroup.events cov ntaub ntawv tau muab los ntawm qhov koj tuaj yeem paub txog kev ua tiav ntawm kev ua haujlwm;
- kev xa tawm ntawm cov cim cim xeeb txuas rau txhua qhov ntawm sysfs, uas tso cai rau koj los txiav txim siab los ntawm cov neeg siv qhov chaw qhov xwm txheej ntawm kev ua cov tsev txhab nyiaj nco hauv cov tshuab nrog ntau lub cim xeeb;
- PSI (Pressure Stall Information) subsystem tau txhim kho, uas tso cai rau koj txheeb xyuas cov ntaub ntawv hais txog lub sijhawm tos kom tau txais ntau yam kev pabcuam (CPU, nco, I / O) rau qee yam haujlwm lossis cov txheej txheem hauv pawg. Siv PSI, cov neeg siv chaw ua haujlwm tuaj yeem kwv yees qhov tseeb ntawm cov txheej txheem thauj khoom thiab cov qauv qeeb piv rau Load Nruab Nrab. Tus tshiab version muab kev txhawb nqa rau kev teeb tsa rhiab heev qhov pib thiab lub peev xwm los siv qhov kev xaiv tsa () hu kom tau txais kev ceeb toom tias qhov teeb tsa tau teeb tsa tau tshwm sim rau qee lub sijhawm. Cov yam ntxwv no tso cai rau Android los saib xyuas lub cim xeeb tsis txaus nyob rau theem pib, txheeb xyuas qhov chaw ntawm cov teeb meem thiab tshem tawm cov ntawv thov tsis tseem ceeb yam tsis muaj teeb meem uas pom tau rau tus neeg siv. Thaum kev ntsuam xyuas kev ntxhov siab, PSI-raws li kev siv lub cim xeeb saib xyuas cov cuab yeej tau pom 10 npaug tsawg dua qhov tsis zoo piv rau vmpressure txheeb cais;
- Cov cai rau kev tshuaj xyuas BPF cov kev pab cuam tau ua kom zoo, uas tso cai rau kev kuaj xyuas txog li 20 npaug sai dua rau cov kev pab cuam loj. Kev ua kom zoo ua rau nws muaj peev xwm nce qhov kev txwv ntawm qhov loj ntawm BPF cov kev pab cuam los ntawm 4096 mus rau ib lab cov lus qhia;
- Rau BPF cov kev pab cuam muaj peev xwm nkag mus rau cov ntaub ntawv thoob ntiaj teb, uas tso cai rau koj los txhais cov kev hloov pauv thoob ntiaj teb thiab qhov tsis tu ncua hauv cov haujlwm;
- Ntxiv , uas tso cai rau koj los tswj cov kev hloov pauv hauv sysctl tsis tau los ntawm BPF cov kev pab cuam;
- Rau MIPS32 architecture, JIT compiler rau eBPF lub tshuab virtual tau ua tiav;
- Rau 32-ntsis PowerPC architecture, kev txhawb nqa rau KASan (Kernel address sanitizer) cov cuab yeej debugging tau ntxiv, uas pab txheeb xyuas qhov tsis raug thaum ua haujlwm nrog kev nco;
- Ntawm x86-64 systems, txwv tsis pub muab lub xeev pov tseg thaum lub sij hawm lub pob tawg (crash-pob) hauv cov chaw nco saum 896MB tau raug tshem tawm;
- Rau s390 architecture, kev txhawb nqa rau kernel chaw nyob qhov chaw randomization (KASLR) thiab muaj peev xwm txheeb xyuas cov kos npe digital thaum thauj cov ntsiav ntawm kexec_file_load() raug siv;
- Rau PA-RISC architecture, ntxiv kev txhawb nqa rau cov ntsiav debugger (KGDB), dhia cov cim thiab kprobes;
- Khoom siv
- Tus tsav tsheb suav nrog rau Mali 400/450 GPU, siv ntau cov chips qub raws li ARM architecture. Rau cov tshiab Mali GPUs, tus tsav tsheb Panfrost tau ntxiv, txhawb cov chips raws li Midgard (Mali-T6xx, Mali-T7xx, Mali-T8xx) thiab Bifrost (Mali G3x, G5x, G7x) microarchitectures;
- Ntxiv kev txhawb nqa rau cov khoom siv suab siv qhib firmware (). Txawm hais tias muaj cov tsav tsheb qhib, firmware code rau lub suab chips tseem raug kaw thiab tau muab rau hauv daim ntawv binary. Lub Sound Open Firmware project yog tsim los ntawm Intel los tsim qhib firmware rau DSP chips ntsig txog kev ua suab (Google tom qab kuj tau koom nrog kev txhim kho). Tam sim no, qhov project twb tau npaj qhov kev tshawb pom ntawm firmware rau suab chips ntawm Intel Baytrail, CherryTrail, Broadwell, ApolloLake, GeminiLake, CannonLake thiab IceLake platforms;
- Intel DRM tsav tsheb (i915) ntxiv kev txhawb nqa rau chips
Elkhartlake (Tshooj 11). Ntxiv PCI IDs rau Comet Lake (Gen9) chips. Kev them nyiaj yug rau Icelake chips tau ruaj khov, uas ntxiv cov PCI ntaus cim tau ntxiv.
hom asynchronous hloov ntawm ob lub buffers hauv video nco (async flip) thaum ua haujlwm sau ntawv ntawm mmio, uas ua rau muaj kev ua tau zoo ntawm qee qhov kev siv 3D (piv txwv li, kev ua haujlwm hauv 3DMark Ice Storm test nce 300-400%). Ntxiv kev txhawb nqa technology (High-bandwidth Digital Content Protection) rau encrypting video signals kis ntawm HDMI; - Tus tsav tsheb amdgpu rau Vega20 GPU kev txhawb nqa rau RAS (Reliability, Availability, Serviceability) thiab kev sim kev txhawb nqa rau SMU 11 subsystem, uas hloov Powerplay thev naus laus zis. Rau GPU Vega 12 kev txhawb nqa rau BACO hom (Bus Active, Chip Off). Ntxiv kev txhawb nqa thawj zaug rau XGMI, lub tsheb npav ceev (PCIe 4.0) rau GPU kev sib tshuam. Ntxiv cov cim uas ploj lawm rau daim npav raws li Polaris10 GPU rau tus tsav tsheb amdkfd;
- Tus tsav tsheb Nouveau tau ntxiv kev txhawb nqa rau cov laug cam raws li NVIDIA Turing 117 chipset (TU117, siv hauv GeForce GTX 1650). IN
kconfig ua teeb tsa kom lov tes taw cov haujlwm uas tsis siv lawm uas tsis siv nyob rau hauv tam sim no tso tawm ntawm libdrm; - Kev them nyiaj yug rau " ncua sij hawm" cov khoom synchronization tau ntxiv rau DRM API thiab tus tsav tsheb amdgpu, tso cai rau koj ua yam tsis muaj kev thaiv classic.
- Tus neeg tsav tsheb vboxvideo rau VirtualBox virtual GPU tau raug txav los ntawm ceg txheem ntseeg mus rau lub ntsiab qauv;
- Ntxiv aspeed tsav tsheb rau GFX SoC ASPEED nti;
- Ntxiv kev txhawb nqa rau ARM SoC thiab Intel Agilex (SoCFPGA), NXP i.MX8MM, Allwinner (RerVision H3-DVK (H3), Oceanic 5205 5inMFD, , Beelink GS2 (H6), Orange Pi 3 (H6)), Rockchip (Orange Pi ) boards RK3399, Nanopi NEO4, Veyron-Mighty Chromebook), Amlogic: SEI Robotics SEI510,
ST Micro (stm32mp157a, stm32mp157c), NXP (
Eckelmann ci4x10 (i.MX6DL),i.MX8MM EVK (i.MX8MM),
ZII i.MX7 RPU2 (i.MX7),
ZII SPB4 (VF610),
Zii Ultra (i.MX8M),
TQ TQMa7S (i.MX7Solo),
TQ TQMa7D (i.MX7Dual),
Kobo Aura (i.MX50),
Menlosystems M53 (i.MX53), NVIDIA Jetson Nano (Tegra T210).
Tib lub sijhawm, Latin American Free Software Foundation
kev xaiv - , tshem tawm cov firmware thiab cov ntsiab lus tsav tsheb uas muaj cov khoom tsis pub dawb lossis cov lej code, qhov kev txwv uas txwv los ntawm cov chaw tsim khoom. Kev tso tawm tshiab suav nrog kev xa cov ntaub ntawv
Suab Qhib Firmware. Kev thauj khoom ntawm blobs hauv cov neeg tsav tsheb raug kaw
mt7615, rtw88, rtw8822b, rtw8822c, btmtksdio, iqs5xx, ishtp and ucsi_ccg. Lub blob tu code hauv ixp4xx, imx-sdma, amdgpu, nouveau thiab goya tsav tsheb thiab subsystems, nrog rau hauv cov ntaub ntawv microcode, tau hloov kho. Nres ntxuav blobs hauv r8822be tsav tsheb vim nws tshem tawm.
Tau qhov twg los: opennet.ru