Linux 5.10 was released on Sun, 13 December 2020.

Summary: This new Linux version is a Long Term Support release, and it brings support for a fast commit mode in Ext4 which provides faster fsync(); support for safer sharing of io_uring rings between processes; a new syscall to provide madvise(2) hints for other processes, code patching to allow direct calls to be used instead of indirect calls for improved repotline performance, support for register encryption in AMD's virtualized guests; support for ARM Memory Tagging Extension that prevents a number of security issues; and code patching to allow direct calls to be used instead of indirect calls. As always, there are many other new drivers and improvements.

Note: This changelog is not 100% complete.

1. Prominent features

1.1. Long Term Support

This release is a Long Term Support release, which means that maintainers will provide bugfixes for this kernel revision for a much longer period of time than for other stable kernel releases.

1.2. Ext4 fast commit support, for faster metadata performance

Many applications use fsync(2) to ensure that data is reliably placed on disk. Such operation attempts to synchronize to the disk a few more metadata than expected. In this release, Ext4 will use a novel journaling technique, consisting in optimistically only journal the minimum required information through which a crash recovery operation can recover the metadata modified through an fsync operation. This speeds up fsync() and metadata heavy operations. This feature needs to be enabled at mkfs time.

1.3. Support io_uring restrictions to facilitate secure sharing of rings

Since io_uring was introduced in Linux 5.1, it has seen widespread adoption. As usual, widespread adoption leads to new use cases, such as processes that might want share a ring with less trusted processes. This release adds a few API changes that add some restrictions and make possible for host application to grant access to some of its file descriptors and allow untrusted applications or guests to safely use io_uring.

Recommended LWN article: Operations restrictions for io_uring

1.4. Memory hints for other processes

Processes in Linux can use the madvise() system call to inform the kernel about their behaviour in order to get better performance. However, in some platforms (e.g., Android), the information required to make the hinting decision is not known to the process. Instead, it is known to a centralized userspace daemon(e.g., ActivityManagerService), and that daemon must be able to initiate memory reclaim on its own without any app involvement. To solve the concern, this patch introduces new syscall - process_madvise(2). Basically, it's same with madvise(2) syscall, except that it requires a pidfd of a target process, and for now it supports a more limited set of possible memory hints.

Recommended LWN article: process_madvise(), pidfd capabilities, and the revenge of the PIDs

1.5. AMD support for encryption of register in virtualized guests

Linux supports SEV since Linux 4.15. SEV is an AMD feature that encrypts the memory of virtualized guests, such that hosts can't access it unencrypted. This release enhances it by also encrypting the guest register state, making the registers inaccessible to the hypervisor by en-/decrypting them on world switches. Thus, it adds additional protection to Linux guests against exfiltration, control flow and rollback attacks. With SEV-ES, the guest is in full control of what registers the hypervisor can access.

1.6. Static calls for improved post-Spectre performance

Static calls are a replacement for global function pointers. They use code patching to allow direct calls to be used instead of indirect calls. They give the flexibility of function pointers, but with improved performance. This is especially important for cases where retpolines would otherwise be used, as retpolines can significantly impact performance.

Recommended LWN article: Relief for retpoline pain

1.7. Support ARM Memory Tagging Extension

Memory Tagging Extension (part of the ARMv8.5 Extensions) provides a mechanism to detect the sources of memory related errors which may be vulnerable to exploitation, including bounds violations, use-after-free, use-after-return, use-out-of-scope and use before initialization errors.

Recommended LWN article: The Arm64 memory tagging extension in Linux

2. Core (various)

3. File systems

4. Memory management

5. Tracing, perf and BPF

6. Block layer

7. Virtualization

8. Cryptography

9. Security

10. Networking

11. Drivers

11.1. Some sections still missing

11.2. Audio

11.3. Tablets, touch screens, keyboards, mouses

11.4. TV tuners, webcams, video capturers

11.5. Universal Serial Bus (USB) and Thunderbolt

11.6. Serial Peripheral Interface (SPI)

11.7. Watchdog

11.8. Serial

11.9. CPU Frequency scaling

11.10. Voltage, current regulators, power capping, power supply

11.11. Real Time Clock (RTC)

11.12. Pin Controllers (pinctrl)

11.13. Multi Media Card (MMC)

11.14. Memory Technology Devices (MTD)

11.15. Industrial I/O (iio)

11.16. Multi Function Devices (MFD)

11.17. Pulse-Width Modulation (PWM)

11.18. Inter-Integrated Circuit (I2C + I3C)

11.19. Hardware monitoring (hwmon)

11.20. General Purpose I/O (gpio)

11.21. Leds

11.22. DMA engines

11.23. Hardware Random Number Generator (hwrng)

11.24. Cryptography hardware acceleration

11.25. PCI

11.26. FRU Support Interface (FSI)

11.27. Clock

11.28. PHY ("physical layer" framework)

11.29. EDAC (Error Detection And Correction)

11.30. Various

12. List of Pull Requests

13. Other news sites

KernelNewbies: Linux_5.10 (last edited 2020-12-14 08:50:40 by diegocalleja)