KernelNewbies:

Linux 3.7 [https://lkml.org/lkml/2012/12/10/688 has been released] on 10 Dec 2012.

Summary: This Linux release includes support for the ARM 64 bit architecture, ARM support to boot into different systems using the same kernel, signed kernel modules, Btrfs support for disabling copy-on-write on a per-file basis using chattr and faster fsync(), a new "perf trace" tool modeled after strace, support for the TCP Fast Open feature in the server side, experimental SMBv2 protocol support, stable NFS 4.1 and parallel NFS support, a new tunneling protocol that allows to transfer Layer 2 ethernet packets over UDP, and support for the Intel "supervisor mode access prevention" security feature. Many small features and new drivers and fixes are also available.

TableOfContents()

1. Prominent features in Linux 3.7

1.1. ARM multi-platform support

A typical linux distro for x86 PC computers can boot and work in hundreds of different PC (different CPU vendor, different GPU models, different motherboards and chipsets, etc) using a single distro install media. This ability to be able to boot in different hardware configurations is taken as a given in the PC world. However, it didn't exist in the Linux ARM world. The ARM ecosystem has historically been driven by the embedded world, where hardware enumeration isn't even possible in many cases, so each ARM kernel image was targetted for a specific embedded hardware target. It couldn't boot in other ARM systems.

In this release, the Linux ARM implementation has added "multi-plataform" support - the ability to build a single ARM kernel image that is able to boot multiple hardware. This will make much easier for distributors to support ARM plataforms.

Recommended LWN article: [http://lwn.net/Articles/496400/ Supporting multi-platform ARM kernels] Code: [http://git.kernel.org/linus/387798b37c8dd0ae24c0ac12ba456dd76865bca3 (commit)]

1.2. ARM 64 bit support

The newest ARM CPU model, ARM v8, adds 64 bit memory adressing capabilities for first time for the ARM world. The new 64 bit CPUs can run 32 bits code, but the 64 bit instruction set is completely new, not just 64 bit extensions to the 32 bit instruction set, so the Linux support has been implemented as a completely new architecture.

Recommended LWN article: [https://lwn.net/Articles/506148/ Supporting 64-bit ARM systems] Code: [http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=tree;f=arch/arm64;hb=HEAD arch/arm64]

1.3. Cryptographically signed kernel modules

This release allows to optionally sign kernel modules. The kernel can optionally disable completely the load of modules that have not been signed with the correct key - even for root users. This feature is useful for security purposes, as an attacker who gains root user access will not be able to install a rootkit using the module loading routines.

Recommended LWN article: [https://lwn.net/Articles/470906/ Loading signed kernel modules] Code: [http://git.kernel.org/linus/106a4ee258d14818467829bf0e12aeae14c16cd7 (commit 1], [http://git.kernel.org/linus/48ba2462ace6072741fd8d0058207d630ce93bf1 2], [http://git.kernel.org/linus/ea0b6dcf71d216dc11733ac19b26df0f5d0fd6c2 3)]

1.4. Btrfs updates

1.5. perf trace, an alternative to strace

The perf profiling infrastructure has added a new tool "perf trace". This tool should look loosely like the venerable 'strace' tool, but instead of using the ptrace() syscall, it uses the Linux tracing infrastructure. Its purpose is to make tracing easier for a wider audience of Linux users.

pert trace will show the events associated with the target, initially syscalls, but other system events like pagefaults, task lifetime events, scheduling events, etc. This tool is still in its early versions, so it is a live mode only tool and a lot of details things need to be improved, but eventually will work with perf.data files like the other perf tools, allowing a detached 'record' from analysis phases.

Code: [http://git.kernel.org/linus/514f1c67c2fdae7b334fdc5adee63a484781241a (commit)]

1.6. TCP Fast Open (Server Side)

Linux already added TCP Fast Open support for clients [http://kernelnewbies.org/Linux_3.6#head-ac78950a7b57d92d5835642926f0e147c680b99c in 3.6]. This release adds the Fast Opensupport for the server side, making the support of TCP Fast Open complete in Linux

"Fast Open" is a optimization to the process of stablishing a TCP connection that allows the elimination of one round time trip from certain kinds of TCP conversations. Fast Open could result in speed improvements of between 4% and 41% in the page load times on popular web sites.

Recommended LWN article: [https://lwn.net/Articles/508865/ TCP Fast Open: expediting web services]

Code: [http://git.kernel.org/linus/1046716368979dee857a2b8a91c4a8833f21b9cb (commit 1], [http://git.kernel.org/linus/168a8f58059a22feb9e9a2dcc1b8053dbbbc12ef 2], [http://git.kernel.org/linus/8336886f786fdacbc19b719c1f7ea91eb70706d4 3)]

1.7. Experimental SMBv2 protocol support

/!\ Note /!\ : The changelog of the previous kernel release, 3.6, mentioned SMBv2 support, but it was a mistake. SMBv2 support wasn't actually available in Linux 3.6 , it was merged but [https://plus.google.com/u/0/107616711159256259828/posts/6A15szm5y1b it got turned off] before the final release. It is finally available in this release.

The cifs networking filesystem has added support for the [http://en.wikipedia.org/wiki/Server_Message_Block#SMB2 version 2 of the SMB protocol]. The SMBv2 protocol is the successor to the popular CIFS and SMB network file sharing protocols, and is the native file sharing mechanism for Windows OSs since it was introduced in Windows Vista in 2006. SMBv2 enablement will eventually allow users better performance, security and features, than would not be possible with previous protocols.

Code: [http://git.kernel.org/linus/ba02e89915afcfc9a071a86e5cae32f77c7d353a (commit)]

1.8. NFS v4.1 support no longer experimental

The support for NFS v4.1 ([http://tools.ietf.org/html/rfc5661 RFC 5661]) has been going on for a long time, and in this release it will get rid of the the "experimental" tag for first time.

The main feature of NFS v4.1 is pNFS, aka "parallel NFS". pNFS can take advantage of clustered server deployments allowing to provide scalable parallel access to a given filesystem or individual files distributed among multiple servers. A single filesystem might be stripped across several servers, either at the file or block level.

Code: [http://git.kernel.org/linus/8544a9dc18a1aa787b85425ecc9233b0a9adaff4 (commit)]

1.9. Virtual extensible LAN tunneling protocol

Linux adds vxlan, a tunneling protocol that allows to transfer Layer 2 ethernet packets over UDP. vxlan is often used to tunnel virtual network infrastructure in virtualized environments.

The vxlan protocol itself, which is a [http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02 RFC draft] right now, is a tunnelling protocol that is designed to solve the problem of limited number of available VLAN's (4096). With vxlan the identifier is expanded to 24 bits. The protocol runs over UDP using a single destination port. Unlike most tunnels, a VXLAN is a 1 to N network, not just point to point. A VXLAN device can either dynamically learn the IP address of the other end, in a manner similar to a learning bridge, or the forwarding entries can be configured statically. There is also an implantation of vxlan for Openvswitch.

Recommended articles: [http://linux-network-plumber.blogspot.com.es/2012/09/just-published-linux-kernel.html VXLAN for Linux], [http://it20.info/2012/05/typical-vxlan-use-case/ Typical VXLAN use case]

Code: [http://git.kernel.org/linus/d342894c5d2f8c7df194c793ec4059656e09ca31 (commit)]

1.10. Intel "supervisor mode access prevention" support

Supervisor Mode Access Prevention (SMAP) is a new security feature that will be available in future Intel processors. It forbids kernel access to memory pages used by userspace. This allows to stop some kind of exploits.

Recommended Intel documentation: [http://software.intel.com/sites/default/files/319433-014.pdf IntelĀ® Architecture Instruction Set Extensions Programming Reference]

Recommended LWN article: [https://lwn.net/Articles/517475/ Supervisor mode access prevention]

2. Driver and architecture-specific changes

All the driver and architecture-specific changes can be found in the [http://kernelnewbies.org/Linux_3.7_DriverArch Linux_3.7_DriverArch page]

3. Various core changes

4. Filesystems

5. Block

6. Crypto

7. Security

8. Perf

9. Virtualization

10. Networking

11. Other news sites that track the changes of this release


KernelNewbies: Linux_3.7 (last edited 2012-12-11 13:04:00 by diegocalleja)