Less than two months in development, the Linux 5.14 kernel brings cool new features to the table, such as the merge of the core scheduling functionality to better protect our Linux computers against some Spectre vulnerabilities, the burstable CFS bandwidth controller, or the new mechanism for better controlling resource limits within user namespaces.
Also new is an I/O priority controller for control groups designed for managing the priority of block-I/O requests generated by the members of each group, a new rate limiter for the split-lock detection feature on the x86 architecture for sleeping processes that create a split lock, as well as a new PCI-over-virtio driver for supporting PCI drivers in user-mode.
Linux kernel 5.14 also comes with good news for ARM 64-bit (AArch64) users as the KVM (Kernel-based Virtual Machine) virtualization module now supports the ARM64 memory tagging extension in guests and it’s now possible to configure the ARM64 pointer authentication independently for kernel and user space.
Other interesting features include a new mechanism for creating custom configuration of multipath hash policy for both IPv4 and IPv6 traffic, support for SOCK_SEQPACKET sockets in the virtio I/O virtualization framework, support for booting Zstd compressed kernels on the s390 architecture, as well as a new system call named memfd_secret() that can create a private region of memory that not even the kernel can access it.
Another important change in Linux kernel 5.14 is the fact that the libata subsystem is now being used for controlling IDE devices rather than the old IDE block drivers, which have been completely removed.
Among the improvements, there’s a much-enhanced AMDGPU graphics driver for AMD GPUs, a better SO_REUSEPORT socket mechanism for allowing more control to apps over how to handle failovers, support for the F2FS file system to compress mmap() mapped files, and an improved EXT4 file system that can now force all pending transactions out of the journal to prevent information leaks.
Last but not least, Linux 5.14 sees the initial merge of the infrastructure for BPF program loaders, KFENCE support and support for transparent huge pages in the RISC-V architecture, the merge of the control-group kill button patch set for quick killing of all members of a control group, and numerous new and updated drivers for top-notch hardware support.
You can download Linux kernel 5.14 right now from the kernel.org website if you fancy compiling it yourself, but I highly recommend that you wait until it lands safely in the stable software repositories of your favorite GNU/Linux distribution before updating, or sticking with one of the several long-term supported kernel branches.
Last updated 5 months ago