Linux Kernel 6.7 Officially Released, This Is What’s New

This release introduces initial Intel Lunar Lake support, initial network support for Landlock, as well as many new and updated drivers.
Linux Kernel 6.7

Linus Torvalds announced today the release and general availability of Linux kernel 6.7, the latest stable version of the Linux kernel that introduces several new features and improvements.

Highlights of Linux kernel 6.7 include the bcachefs file system implementation, a copy-on-write (COW) file system for Linux-based operating systems designed to compete with the modern features offered by the Btrfs and ZFS file systems while having the speed and performance of the EXT4 and XFS file systems.

Linux kernel 6.7 also introduces support for NVIDIA’s GSP firmware in the Nouveau open-source graphics driver, which will be used only on hardware where GSP (GPU System Processor) isn’t supported while being optional on hardware where it’s already supported.

New features for the Btrfs file system are included as well, such as raid-stripe-tree, a new tree for logical file extent mapping where the physical mapping may not match on multiple devices, simple quota accounting (squota), and temporary filesystem fsid (temp_fsid).

Moreover, the Btrfs file system received performance improvements to reduce file deletion time by 12 percent for files with many extents by reducing reservations for checksum deletions and to reduce runtime of critical functions by 5 percent by making extent state merges more efficient during insertions.

For fans of the EXT4 file system, Linux kernel 6.7 improves the multi-block allocator and optimizes the handling of released data blocks in its commit machinery to avoid potential lock contention on s_md_lock spinlock, and improves the backup superblock to update better after online resizes or when updating the label or UUID.

There are a bunch of networking enhancements in Linux kernel 6.7, such as support for GRO decapsulation for IPsec ESP in UDP, support for usec resolution of TCP timestamps that are enabled selectively by a route attribute, support for TCP Authentication Option (RFC 5925, TCP-AO) as a more modern replacement for the MD5 option, support for sending fragmented skbs over vsock sockets, and MCTP over I3C support.

There’s also support for netlink GET for MDB (multicast forwarding) to allow user space to request a single MDB entry instead of dumping the entire table, increased single TCP flow performance on a 200Gbit NIC by 20% by deferring regular TCP ACK while processing socket backlog, as well as support for rcvlowat and notsent_lowat on MPTCP sockets to help apps limit the number of wakeups.

The networking additions continue with support for local per-cpu kptr to allow allocating and storing per-cpu objects in maps, support for multiple PTP timestamp event queue readers with different filters, support for selective FDB flushing in the VXLAN tunnel driver, as well as support for allowing limiting learned FDB entries in bridges to prevent OOM attacks.

Furthermore, the Fair Queuing (FQ) packet scheduler received built-in 3-band priority and WRR scheduling, bypass support, and better inactive flow reporting. BPF v4 CPU instruction support has been added for ARM32 and s390x platforms, along with the ability to pin the BPF timer to the current CPU and extended cgroup BPF sockaddr hooks for UNIX sockets.

Linux kernel 6.7 also adds initial network support for Landlock (TCP bind and connect access control), support for HDA patches, Thunderbolt/USB4 fixes to support new hardware types and devices, and enables all media drivers to use VB2 kAPI instead of the old V4L2 core videobuf kAPI, which was removed.

In addition, it ports autofs to the new mount API, updates CephFS logging, adds support for non-contiguous capacity bitmasks for Intel’s CAT implementation, adds ioctls support to the exFAT file system to get and set file attributes that are used in fatattr util and a new zero_size_dir mount option to allocate a cluster when creating a directory.

On the other hand, the F2FS file system received bigger page size support by changing the internal block size aligned to the page size and improved zoned block device support regarding the power-off recovery. Rust support has been updated to Rust 1.73.0 in Linux kernel 6.7 and IBT is now enabled by default if it’s also enabled in C.

For ARM64 support, Linux kernel 6.7 introduces new HWCAP definitions and support for the Ampere SoC PMUs, while the ARM platform received support for a data processing unit from AMD/Pensando and support for a new RISC-V based high-end device from Sophgo.

The LoongArch architecture is now supported on KVM (Kernel-based Virtual Machine) and there’s also support for PREEMPT_DYNAMIC with static keys and support for BPF CPU v4 instructions in the LoongArch architecture. Talking about KVM, ARM platforms now feature guest support for memory operation instruction and there’s support for the Smstateen and Zicond extensions, as well as senvcfg virtualizing.

For the RISC-V architecture, Linux kernel 6.7 adds support for in userspace, support for CBOs on ACPI-based systems, support for software shadow call stacks, support for handling misaligned accesses in S-mode, support for many new relocations in the module loader, and improvements for the T-Head cache flushing ops. On top of that, there’s a virtualized SBI debug console (DBCN) for RISC-V on KVM.

As expected, Linux kernel 6.7 comes with numerous new and updated drivers for better hardware support. It brings more USB Type-C additions of new drivers, XHCI expanded tracing support, USB “La Jolla Cove Adapter (LJCA)” support, a DMI quirk for HP Omen machines, support for new USB dwc3 platforms, and firmware detection improvement for Lenovo cptkbd.

Moreover, hardware support in Linux 6.7 has been enhanced with support for reading aux MAC address during passthrough on Lenovo Thinkpad devices, improved suspend/resume for ThinkPad Compact keyboards, an EC GPE detection quirk for the HP 250 G7 Notebook PC, as well as ACPI IRQ override for TongFang GMxXGxx/TUXEDO Stellaris/Polaris Gen5 laptops.

Last but not least, Linux kernel 6.7 brings a new EDAC driver for Xilinx’s Versal integrated memory controller, a new device tree binding for the Monolithic Power (MPS) MP3309C step-up converter, “vendor” backlight quirks for 3 Lenovo x86 Android tablets, support for idmapped mounts in CephFS, as well as an updated NFSv4.1 implementation to handle NFS4ERR_DELAY errors during session trunking.

The 6.7 kernel also allows Linux to natively handle CXL link protocol errors signaled via PCIe AER for current generation CXL platforms, adds SVA support for AMD IOMMU, adds Amlogic C3 and S4 SoCs support for Watchdog, adds initial Intel Lunar Lake support, and promotes Intel Meteor Lake support to stable.

For AMD users, Linux kernel 6.7 adds support for some more upcoming hardware platforms, including GC 11.5, DCN 3.5, VPE 6.1, NBIO 7.11, and DML2, support for AMD platforms with es83xx chips, as well as AMD ACP 6.3 and 7.0.

Security-wise, Linux 6.7 updates crypto support with a new virtual-address based lskcipher interface, improved AES/XTS performance of 6-way unrolling for PPC, FIPS 202 SHA-3 support in PKCS1Pad, and fast path for single-page messages in the Adiantum disk encryption and decryption algorithm.

Moreover, AppArmor in Linux 6.7 received initial support for mediating io_uring and userns creation, a new restriction that tightens the use of change_profile, and a couple of optimizations to reduce performance bottlenecks that have been found when retrieving the current task’s secid and allocating work buffers.

Linux kernel 6.7 is available for download right now from the website or Linus Torvalds’ git tree for those who fancy compiling their kernels from sources. Everyone else will have to wait for the new kernel version to arrive in the stable software repositories of their favorite GNU/Linux distributions.

Linux kernel 6.7 will be a short-lived branch supported for only a couple of months. It will be succeeded by Linux kernel 6.8, whose merge window has now been officially opened by Linus Torvalds. Linux kernel 6.8 is expected to be released in mid-March 2024.

“And this obviously means that tomorrow the merge window for 6.8 opens. I already have two dozen+ early pull requests pending – thank you,” said Linus Torvalds. “But please do kick the tires of this before the fun of the next development series starts. Ok?”
Buy Me a Coffee at