Linux 4.1 [https://lkml.org/lkml/2015/6/22/8 has been released] on Sun, 21 Jun 2015
Warning This page will be completed (it will, really) . Meanwhile, you can read about Linux 4.1 in:
LWN merge window [http://lwn.net/Articles/640297/ part 1], [http://lwn.net/Articles/641016/ part 2], [http://lwn.net/Articles/642039/ part 3]
1. Prominent features
2. Drivers and architectures
All the driver and architecture-specific changes can be found in the [http://kernelnewbies.org/Linux_4.1-DriversArch Linux_4.1-DriversArch] page
3. File systems
- F2FS
Add an optional rb-tree based extent cache, an improvement over the original extent info cache. It can be used with the "-o extent_cache" mount option [http://git.kernel.org/linus/1dcc336b02bff3d38f173feac55a2b6c25a5fb54 commit], [http://git.kernel.org/linus/8967215954a50947fbd9c2996232548bf6dd9062 commit]
Enable inline data by default [http://git.kernel.org/linus/75342797988a0f9ebec400a2dde8d4de581c4079 commit]
Support fs shutdown [http://git.kernel.org/linus/1abff93d01eddaab7ccdcf15f8cda4d91cbbcd9a commit]
- HFS+
Don't store special "osx" xattr prefix on-disk [http://git.kernel.org/linus/db579e76f06e78de011b2cb7e028740a82f5558c commit]
4. Block
5. Cryptography
algif: add AEAD support [http://git.kernel.org/linus/400c40cf78da00c16e561a3a253ca272455c42ef commit], [http://git.kernel.org/linus/44cac4fce9b820c37a8792df52a0e4ce33201949 commit]
6. Core (various)
Allow to configure the kernel without multi-user support, under this option UID and GID are zero in any possible case and processes always have all capabilities. This is useful for embedded targets that don't need multiple users and want to save some space [http://git.kernel.org/linus/2813893f8b197a14f1e1ddb04d99bce46817c84a commit]
kbuild: add generic mergeconfig target, %.config [http://git.kernel.org/linus/63a91033d52e64a22e571fe84924c0b7f21c280d commit]
Users can change the maximum number of threads by writing to /proc/sys/kernel/threads-max [http://git.kernel.org/linus/16db3d3f1170fb0efca652c9378ce7c5f5cb4232 commit]
Remove execution domain support, a old feature which allowed to execute files compiled for other operating systems [http://git.kernel.org/linus/973f911f55a0e510dd6db8bbb29cd82ff138d3c0 commit]
7. Memory management
hugetlbfs: Add 'min_size=<value>' moun option. This option takes the same value as the 'size' option. min_size can be specified without specifying size. If both are specified, min_size must be less that or equal to size else the mount will fail. If min_size is specified, then at mount time an attempt is made to reserve min_size pages. If the reservation fails, the mount fails. At umount time, the reserved pages are released [http://git.kernel.org/linus/7ca02d0ae586fe7df59632966a64f3f1a756ef05 commit], [http://git.kernel.org/linus/8c9b97033547834404a58ea88da7226ed5167726 commit]
8. Security
Smack: Allow an unconfined label in bringup mode [http://git.kernel.org/linus/bf4b2fee99799780ea3dbb6d79d1909b3e32be13 commit]
- Audit:
Fix a race that could truncate audit log reports after the comm field ([https://git.kernel.org/linus/5deeb5cece3f9b30c8129786726b9d02c412c8ca commit]).
- SELinux:
The policy storage has been switched from the custom avtab hash table struct to a generic flex_array ([https://git.kernel.org/linus/ba39db6e0519aa8362dbda6523ceb69349a18dc3 commit]). The hash function used is now based on murmurhash3 which has a better distribution ([https://git.kernel.org/linus/33ebc1932a07efd8728975750409741940334489 commit]). The number of buckets in the hash table has been increased ([https://git.kernel.org/linus/cf7b6c0205f11cdb015384244c0b423b00e35c69 commit]). Those three commits should improve the performance of SELinux rules lookup in the in-kernel stored policy.
Some Netlink commands were not mentioned in the struct used by SELinux as this table was probably forgotten when they were introduced in the kernel (commits: [https://git.kernel.org/linus/5bdfbc1f19d047a182d2bab102c22bbf2a1ea244 1], [https://git.kernel.org/linus/387f989a60db00207c39b9fe9ef32c897356aaba 2], [https://git.kernel.org/linus/2b7834d3e1b828429faa5dc41a480919e52d3f31 3], [https://git.kernel.org/linus/5e6deebafb45fb271ae6939d48832e920b8fb74e 4], [https://git.kernel.org/linus/5b5800fad072133e4a9c2efbf735baaac83dec86 5], [https://git.kernel.org/linus/b0b59b0056acd6f157a04cc895f7e24692fb08aa 6], [https://git.kernel.org/linus/8d465bb777179c4bea731b828ec484088cc9fbc1 7], [https://git.kernel.org/linus/bd2cba07381a6dba60bc1c87ed8b37931d244da1 8]). A change has been included to make sure this won't happen without a compile time failure ([https://git.kernel.org/linus/cf890138087a6da2f56a642acb80476370b04332 commit]).
- SMACK:
Assign smack_known_web as default smk_in label for kernel thread's socket ([https://git.kernel.org/linus/7412301b76bd53ee53b860f611fc3b5b1c2245b5 commit]).
Getting the Smack security context of keys: implements the LSM side part of the system call keyctl with the action code KEYCTL_GET_SECURITY ([https://git.kernel.org/linus/7fc5f36e980a8f4830efdae3858f6e64eee538b7 commit]).
Allow an unconfined label in bringup mode : ([https://git.kernel.org/linus/bf4b2fee99799780ea3dbb6d79d1909b3e32be13 commit]).
- Non-exhaustive list of fixed CVEs:
CVE-2015-4178 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4178 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953 commit]);
CVE-2015-4177 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4177 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cd4a40174b71acd021877341684d8bb1dc8ea4ae commit]);
CVE-2015-4176 ([https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4176 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e0c9c0afd2fc958ffa34b697972721d81df8a56f commit]);
CVE-2015-4001 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4001 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4001 Mitre]), CVE-2015-4002 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4002 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4002 Mitre]), CVE-2015-4003 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4003 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4003 Mitre]), CVE-2015-4004 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4004 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4004 Mitre]) : [https://lkml.org/lkml/2015/5/13/739 Announce on LKML by Jason A. Donenfeld], [http://seclists.org/oss-sec/2015/q2/446 Announce on oss-sec], [https://www.kernel.org/doc/readme/drivers-staging-ozwpan-README OZWPAN driver documentation], commits : [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d114b9fe78c8d6fc6e70808c2092aa307c36dc8e 1], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b1bb5b49373b61bf9d2c73a4d30058ba6f069e4c 2], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04bf464a5dfd9ade0dda918e44366c2c61fce80b 3], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a59029bc218b48eff8b5d4dde5662fd79d3e1a8 4];
CVE-2015-3339 ([https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3339 NVD], [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339 Mitre], [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543 commit]);
? ([https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51dfcb076d1e1ce7006aa272cb7c4514740c7e47 commit]);
Information leak ([http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33cf7c90fe2f97afb1cadaa0cfb782cb9d1b9ee2 commit]).
- New hardware supported:
9. Tracing & perf
10. Virtualization
Add virtio-input driver, which is basically an "evdev-events-over-virtio" driver [http://git.kernel.org/linus/271c865161c57cfabca45b93eaa712b19da365bc commit]
11. Networking
6lowpan: Add generic next header compression layer interface [http://git.kernel.org/linus/92aa7c65d295f3cbb96904afe335f683e55584b8 commit], add udp compression via nhc layer [http://git.kernel.org/linus/cc6ed2684751b0a1074b37c080983b6ce737ed22 commit], add other known rfc6282 compressions [http://git.kernel.org/linus/ff0fcc2987b42857d233e8a72c7476fb1e520110 commit]
Extends the "classic" BPF programmable tc classifier by extending its scope also to native eBPF code, thus allowing userspace to implement own custom, 'safe' C like classifiers that can then be compiled with the LLVM eBPF backend to an eBPF elf file and loaded into the kernel via iproute2's tc, and be JITed in the kernel [http://git.kernel.org/linus/e2e9b6541dd4b31848079da80fe2253daaafb549 commit], [http://git.kernel.org/linus/a8cb5f556b567974d75ea29c15181c445c541b1f commit]
bpf: allow BPF programs access 'protocol' and 'vlan_tci' fields [http://git.kernel.org/linus/c24973957975403521ca76a776c2dfd12fbe9add commit]
bpf: allow extended BPF programs access skb fields [http://git.kernel.org/linus/9bac3d6d548e5cc925570b263f35b70a00a00ffd commit]
bonding: Implement port churn-machine (802.3ad standard 43.4.17) [http://git.kernel.org/linus/14c9551a32eba086c9f20c9d6a8e378481f15333 commit]
bridge: Extend Proxy ARP design to allow optional set of rules that are needed to meet the IEEE 802.11 and Hotspot 2.0 requirements for ProxyARP [http://git.kernel.org/linus/842a9ae08a25671db3d4f689eed68b4d64be15b5 commit]
ipv4: Create probe timer for tcp PMTU as per RFC4821. Default is 10 minutes, it can be changed in sysctl tcp_probe_interval [http://git.kernel.org/linus/05cbc0db03e82128f2e7e353d4194dd24a1627fe commit]
ipv4: Raise tcp PMTU probe mss base size from 512 to 1024 bytes [http://git.kernel.org/linus/dcd8fb8533ceb493146ce030d15f7965b82d0c27 commit]
ipv6: expose RFC4191 route preference via rtnetlink [http://git.kernel.org/linus/c78ba6d64c78634a875d1e316676667cabfea256 commit]
ipv6: generation of stable privacy addresses for link-local and autoconf as specified in RFC7217 [http://git.kernel.org/linus/622c81d57b392cc9be836670eb464a4dfaa9adfe commit]
ipvs: allow rescheduling of new connections when port reuse is detected. Currently, when TCP/SCTP port reusing happens, IPVS will find the old entry and use it for the new one, behaving like a forced persistence. A new sysctl has been introduced, conn_reuse_mode, that allows controlling how to proceed when port reuse is detected [http://git.kernel.org/linus/d752c364571743d696c2a54a449ce77550c35ac5 commit]
- Wireless
Add API to change the indoor regulatory setting [http://git.kernel.org/linus/05050753602626ed4c46271c689929b625f409e7 commit]
add VHT support for IBSS [http://git.kernel.org/linus/ffc1199122d83d60ad99f9c55df32feb650b7bff commit]
- Multiprotocol Label Switching (mlps)
Add a sysctl to control the number of entries in the platform label table [http://git.kernel.org/linus/7720c01f3f590116882e251f13c7e1d5602f8643 commit]
Basic routing support for forwarding the mpls packets [http://git.kernel.org/linus/0189197f441602acdca3f97750d392a895b778fd commit], [http://git.kernel.org/linus/a2519929aba78e8cec7955d2c2a0c1e230d1f6e6 commit], [http://git.kernel.org/linus/966bae3349da22bb6286f6f3874c279177b8633f commit], [http://git.kernel.org/linus/8de147dc8e2adea82b8a1a2a08fcc983330f6770 commit], [http://git.kernel.org/linus/03c0566542f4c7a45ce3193f27cbf5700b506c18 commit]
Per-device enabling of packet input [http://git.kernel.org/linus/37bde79979c3862c79294c62ddcef7efc477e4bf commit]
- Bluetooth
Include a Add/Remove Advertising API [http://git.kernel.org/linus/203fea0178d7e165dbe834d1bdd9d243018fd5bf commit], [http://git.kernel.org/linus/841a6664f213f76a9bc1bfd07a466d3dbe281a88 commit], [http://git.kernel.org/linus/495099962138732c28449d07f3b1988836659851 commit], [http://git.kernel.org/linus/912098a6308e37208b8dcc46c57c66d0778a854b commit], [http://git.kernel.org/linus/4117ed70a55128273f1b6d00c7725e4c8a5c0031 commit], [http://git.kernel.org/linus/24b4f38fc9ebf93af223c67169a946d6baf9db61 commit], [http://git.kernel.org/linus/da929335f27d955172539bf56bed1ac9ff9b8d45 commit], [http://git.kernel.org/linus/4453b006538d02ada8294a195bb2dc2ada498436 commit]
Add local SSP OOB data to OOB ext data mgmt command [http://git.kernel.org/linus/40f66c05c360777e847033ddbe076d88123719d1 commit]
Add simple version of Read Advertising Features command [http://git.kernel.org/linus/d3d5305bfd1cb48c8f44207abb567276a1e09cc7 commit]
Add simple version of Read Local OOB Extended Data command [http://git.kernel.org/linus/4f0f155ceaf7e1b59d210a8afb24d4ea63ce13cc commit]
Add support for AES-CMAC hash for security manager device [http://git.kernel.org/linus/6e2dc6d1133f5f8bfd028ba7d1c3fb0b3fa717e9 commit]
Add support for Local OOB Extended Data Update events [http://git.kernel.org/linus/72000df2c01d6927319ad7e3f43460f6d0227de5 commit]
Add simultaneous dual mode scan [http://git.kernel.org/linus/07d2334ae747772fc4426077340aa3efe499f50b commit]
Add support for extended index management command [http://git.kernel.org/linus/96f1474af040a4ec267efe141cbf264891e67e5a commit], [http://git.kernel.org/linus/ced85549c3a769dfb9d084bb8d6d9ca8075f8728 commit]
Add support for trust verification of management commands [http://git.kernel.org/linus/c927a10487477eeed0441e5c88147700e69e5db9 commit]
Add support for untrusted access to management commands [http://git.kernel.org/linus/c91041dc4efff71f29f1dd4c9a4a5e80b841395c commit]
Introduce trusted flag for management control sockets [http://git.kernel.org/linus/50ebc055fa758c731e6e1ce174608327aab07aec commit]
Open management interface for untrusted users [http://git.kernel.org/linus/1195fbb8d03e5a6d7e7e49a73592caeb113a0f70 commit]
Support the "connectable mode" adv flag [http://git.kernel.org/linus/e7a685d316e7d4b64cd3b2811687b0270d590386 commit], support the "discoverable" adv flag [http://git.kernel.org/linus/b44133ff03be30b55f23036e62f403a3f7784fce commit], support the "limited-discoverable" adv flag [http://git.kernel.org/linus/807ec772bf484a8e93bc9a2a681e49cb8f2c4d69 commit], support the "managed-flags" adv flag [http://git.kernel.org/linus/67e0c0cd8f5afea17689f7688041e9d215df6875 commit], support the "tx-power" adv flag [http://git.kernel.org/linus/5507e358112af307c1c8595a04a0ef172d197f3c commit]
12. List of merges