Linux 4.1 [https://lkml.org/lkml/2015/6/22/8 has been released] on Sun, 21 Jun 2015
Warning This page will be completed (it will, really) . Meanwhile, you can read about Linux 4.1 in:
LWN merge window [http://lwn.net/Articles/640297/ part 1], [http://lwn.net/Articles/641016/ part 2], [http://lwn.net/Articles/642039/ part 3]
1. Prominent features
2. Drivers and architectures
All the driver and architecture-specific changes can be found in the [http://kernelnewbies.org/Linux_4.1-DriversArch Linux_4.1-DriversArch] page
3. File systems
- F2FS
Add an optional rb-tree based extent cache, an improvement over the original extent info cache. It can be used with the "-o extent_cache" mount option [http://git.kernel.org/linus/1dcc336b02bff3d38f173feac55a2b6c25a5fb54 commit], [http://git.kernel.org/linus/8967215954a50947fbd9c2996232548bf6dd9062 commit]
Enable inline data by default [http://git.kernel.org/linus/75342797988a0f9ebec400a2dde8d4de581c4079 commit]
Support fs shutdown [http://git.kernel.org/linus/1abff93d01eddaab7ccdcf15f8cda4d91cbbcd9a commit]
4. Block
5. Cryptography
algif: add AEAD support [http://git.kernel.org/linus/400c40cf78da00c16e561a3a253ca272455c42ef commit], [http://git.kernel.org/linus/44cac4fce9b820c37a8792df52a0e4ce33201949 commit]
6. Core (various)
Remove execution domain support, a old feature which allowed to execute files compiled for other operating systems [http://git.kernel.org/linus/973f911f55a0e510dd6db8bbb29cd82ff138d3c0 commit]
7. Memory management
8. Security
Smack: Allow an unconfined label in bringup mode [http://git.kernel.org/linus/bf4b2fee99799780ea3dbb6d79d1909b3e32be13 commit]
- Audit:
Fix a race that could truncate audit log reports after the comm field ([https://git.kernel.org/linus/5deeb5cece3f9b30c8129786726b9d02c412c8ca commit]).
- SELinux:
The policy storage has been switched from the custom avtab hash table struct to a generic flex_array ([https://git.kernel.org/linus/ba39db6e0519aa8362dbda6523ceb69349a18dc3 commit]). The hash function used is now based on murmurhash3 which has a better distribution ([https://git.kernel.org/linus/33ebc1932a07efd8728975750409741940334489 commit]). The number of buckets in the hash table has been increased ([https://git.kernel.org/linus/cf7b6c0205f11cdb015384244c0b423b00e35c69 commit]). Those three commits should improve the performance of SELinux rules lookup in the in-kernel stored policy.
Some Netlink commands were not mentioned in the struct used by SELinux as this table was probably forgotten when they were introduced in the kernel (commits: [https://git.kernel.org/linus/5bdfbc1f19d047a182d2bab102c22bbf2a1ea244 1], [https://git.kernel.org/linus/387f989a60db00207c39b9fe9ef32c897356aaba 2], [https://git.kernel.org/linus/2b7834d3e1b828429faa5dc41a480919e52d3f31 3], [https://git.kernel.org/linus/5e6deebafb45fb271ae6939d48832e920b8fb74e 4], [https://git.kernel.org/linus/5b5800fad072133e4a9c2efbf735baaac83dec86 5], [https://git.kernel.org/linus/b0b59b0056acd6f157a04cc895f7e24692fb08aa 6], [https://git.kernel.org/linus/8d465bb777179c4bea731b828ec484088cc9fbc1 7], [https://git.kernel.org/linus/bd2cba07381a6dba60bc1c87ed8b37931d244da1 8]). A change has been included to make sure this won't happen without a compile time failure ([https://git.kernel.org/linus/cf890138087a6da2f56a642acb80476370b04332 commit]).
- SMACK:
Assign smack_known_web as default smk_in label for kernel thread's socket ([https://git.kernel.org/linus/7412301b76bd53ee53b860f611fc3b5b1c2245b5 commit]).
Getting the Smack security context of keys: implements the LSM side part of the system call keyctl with the action code KEYCTL_GET_SECURITY ([https://git.kernel.org/linus/7fc5f36e980a8f4830efdae3858f6e64eee538b7 commit]).
Allow an unconfined label in bringup mode : ([https://git.kernel.org/linus/bf4b2fee99799780ea3dbb6d79d1909b3e32be13 commit]).
- Non-exhaustive list of fixed CVEs:
CVE-2015-4178 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4178 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 commit]);
CVE-2015-4177 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4177 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae commit]);
CVE-2015-4176 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4176 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f commit]);
CVE-2015-4001 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4001 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4001 Mitre]), CVE-2015-4002 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4002 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4002 Mitre]), CVE-2015-4003 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4003 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4003 Mitre]), CVE-2015-4004 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4004 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4004 Mitre]) : [https://lkml.org/lkml/2015/5/13/739 Announce on LKML by Jason A. Donenfeld], [http://seclists.org/oss-sec/2015/q2/446 Announce on oss-sec], [https://www.kernel.org/doc/readme/drivers-staging-ozwpan-README OZWPAN driver documentation], commits : [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e 1], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c 2], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b 3], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 4];
CVE-2015-3339 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3339 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543 commit]);
? ([https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51dfcb076d1e1ce7006aa272cb7c4514740c7e47 commit]);
Information leak ([http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33cf7c90fe2f97afb1cadaa0cfb782cb9d1b9ee2 commit]).
- New hardware supported:
9. Tracing & perf
10. Virtualization
Add virtio-input driver, which is basically an "evdev-events-over-virtio" driver [http://git.kernel.org/linus/271c865161c57cfabca45b93eaa712b19da365bc commit]
11. Networking
6lowpan: Add generic next header compression layer interface [http://git.kernel.org/linus/92aa7c65d295f3cbb96904afe335f683e55584b8 commit], add udp compression via nhc layer [http://git.kernel.org/linus/cc6ed2684751b0a1074b37c080983b6ce737ed22 commit], add other known rfc6282 compressions [http://git.kernel.org/linus/ff0fcc2987b42857d233e8a72c7476fb1e520110 commit]
Extends the "classic" BPF programmable tc classifier by extending its scope also to native eBPF code, thus allowing userspace to implement own custom, 'safe' C like classifiers that can then be compiled with the LLVM eBPF backend to an eBPF elf file and loaded into the kernel via iproute2's tc, and be JITed in the kernel [http://git.kernel.org/linus/e2e9b6541dd4b31848079da80fe2253daaafb549 commit], [http://git.kernel.org/linus/a8cb5f556b567974d75ea29c15181c445c541b1f commit]
bpf: allow BPF programs access 'protocol' and 'vlan_tci' fields [http://git.kernel.org/linus/c24973957975403521ca76a776c2dfd12fbe9add commit]
bpf: allow extended BPF programs access skb fields [http://git.kernel.org/linus/9bac3d6d548e5cc925570b263f35b70a00a00ffd commit]
bonding: Implement port churn-machine (802.3ad standard 43.4.17) [http://git.kernel.org/linus/14c9551a32eba086c9f20c9d6a8e378481f15333 commit]
bridge: Extend Proxy ARP design to allow optional set of rules that are needed to meet the IEEE 802.11 and Hotspot 2.0 requirements for ProxyARP [http://git.kernel.org/linus/842a9ae08a25671db3d4f689eed68b4d64be15b5 commit]
- Wireless
Add API to change the indoor regulatory setting [http://git.kernel.org/linus/05050753602626ed4c46271c689929b625f409e7 commit]
add VHT support for IBSS [http://git.kernel.org/linus/ffc1199122d83d60ad99f9c55df32feb650b7bff commit]
- Bluetooth
Include a Add/Remove Advertising API [http://git.kernel.org/linus/203fea0178d7e165dbe834d1bdd9d243018fd5bf commit], [http://git.kernel.org/linus/841a6664f213f76a9bc1bfd07a466d3dbe281a88 commit], [http://git.kernel.org/linus/495099962138732c28449d07f3b1988836659851 commit], [http://git.kernel.org/linus/912098a6308e37208b8dcc46c57c66d0778a854b commit], [http://git.kernel.org/linus/4117ed70a55128273f1b6d00c7725e4c8a5c0031 commit], [http://git.kernel.org/linus/24b4f38fc9ebf93af223c67169a946d6baf9db61 commit], [http://git.kernel.org/linus/da929335f27d955172539bf56bed1ac9ff9b8d45 commit], [http://git.kernel.org/linus/4453b006538d02ada8294a195bb2dc2ada498436 commit]
Add local SSP OOB data to OOB ext data mgmt command [http://git.kernel.org/linus/40f66c05c360777e847033ddbe076d88123719d1 commit]
Add simple version of Read Advertising Features command [http://git.kernel.org/linus/d3d5305bfd1cb48c8f44207abb567276a1e09cc7 commit]
Add simple version of Read Local OOB Extended Data command [http://git.kernel.org/linus/4f0f155ceaf7e1b59d210a8afb24d4ea63ce13cc commit]
Add support for AES-CMAC hash for security manager device [http://git.kernel.org/linus/6e2dc6d1133f5f8bfd028ba7d1c3fb0b3fa717e9 commit]
Add support for Local OOB Extended Data Update events [http://git.kernel.org/linus/72000df2c01d6927319ad7e3f43460f6d0227de5 commit]
Add simultaneous dual mode scan [http://git.kernel.org/linus/07d2334ae747772fc4426077340aa3efe499f50b commit]
Add support for extended index management command [http://git.kernel.org/linus/96f1474af040a4ec267efe141cbf264891e67e5a commit], [http://git.kernel.org/linus/ced85549c3a769dfb9d084bb8d6d9ca8075f8728 commit]
Add support for trust verification of management commands [http://git.kernel.org/linus/c927a10487477eeed0441e5c88147700e69e5db9 commit]
Add support for untrusted access to management commands [http://git.kernel.org/linus/c91041dc4efff71f29f1dd4c9a4a5e80b841395c commit]
Introduce trusted flag for management control sockets [http://git.kernel.org/linus/50ebc055fa758c731e6e1ce174608327aab07aec commit]
Open management interface for untrusted users [http://git.kernel.org/linus/1195fbb8d03e5a6d7e7e49a73592caeb113a0f70 commit]
Support the "connectable mode" adv flag [http://git.kernel.org/linus/e7a685d316e7d4b64cd3b2811687b0270d590386 commit], support the "discoverable" adv flag [http://git.kernel.org/linus/b44133ff03be30b55f23036e62f403a3f7784fce commit], support the "limited-discoverable" adv flag [http://git.kernel.org/linus/807ec772bf484a8e93bc9a2a681e49cb8f2c4d69 commit], support the "managed-flags" adv flag [http://git.kernel.org/linus/67e0c0cd8f5afea17689f7688041e9d215df6875 commit], support the "tx-power" adv flag [http://git.kernel.org/linus/5507e358112af307c1c8595a04a0ef172d197f3c commit]
12. List of merges