Linux 4.20 released - what has changed in the new kernel version
We have already talked about the innovations that were made in Linux kernel 4.18 . Today we will talk about what was implemented in 4.20, and we will conduct a brief overview of the subsequent release.
It is very likely that it will be called "5.0".
/ photo by Gregory "Slobirdr" Smith CC BY-SA
')
The latest version of the kernel came out last December. The update is available for download on the official website . This release was a record for the number of added lines of code - their number increased by 354 thousand. More was added only in the Linux version 4.13 (September 2017). Major updates include new drivers, enhanced security, and changes in working with arrays.
In Linux 4.20, they added support for AMD's Picasso and Raven 2 hybrid processors , Qualcomm's Snapdragon 835 chip-based systems, and the Chinese Hygon Dhyana CPU based on AMD Zen architecture. This will expand the number of devices on which it will be possible to run Linux.
Work has also begun on the code for the AMD Zen 2 architecture, but in later versions, serious changes are awaiting it. The changes also affected Intel Icelake chips - the developers added support for a DSI controller and functionality to control processor power modes.
A code was added that is responsible for working with AMD Vega 20, although it will continue to be improved at least until the release of the graphics processor (its release is scheduled for the first quarter of 2019 ).
The changes also affected the VKMS (Virtual Kernel Mode-Setting) driver, which was added in the previous version of the kernel. It simulates the simplest virtual output device and is used to organize the operation of the X server or any other graphics subsystem on machines without a monitor. At the same time, it provides the ability to use existing GPUs. In Linux kernel 4.20, VKMS got support for GEM and the cursor.
Also, the new kernel was able to work with the Apple Magic Trackpad 2 trackpads and Xbox controllers.
Variable-length arrays (VLA) were removed from the kernel, the size of which is determined at the stage of execution, not compiling the code. They slowed down and could affect the security of the operating system. Linus Torvalds has long been asked to get rid of the VLA, and he himself actively criticized the decision to use arrays of variable length. In kernel 4.20, most of them were finally excluded.
The XArray data structure was also implemented, which was attempted to be implemented as early as 4.17. This is an abstract data type that behaves like a large array of pointers. Unlike dynamic arrays , when using XArray, you don’t need to change anything in the memory management block to expand the structure. But for now, only the kernel page cache and memremap are transferred to XArray .
The Speck block cipher was removed from Linux 4.20, since there were suspicions about the presence of backdoors in its implementation. They also implemented the STACKLEAK function (did not get into 4.19), which protects Linux users from several types of vulnerabilities.
In particular, it reduces the amount of information useful to attackers from the kernel stack to user space. Also, STACKLEAK blocks a series of attacks on uninitialized variables and offers tools for tracking the “overflow” of the kernel stack.
Residents of Hacker News say that Linux has always had difficulties with drivers and the amount of hardware supported. Updates 4.20 helped to partially fix this problem by expanding the range of available architectures. However, a number of users are worried about the fact that with the transition to the new OS kernel, it began to work more slowly.
The reason for the "regression" was the additional code to protect against Specter. The STIBP patch is activated by default and causes “brakes” on systems using SMT / Hyper-Threading. In some cases, performance may be reduced by 50%. Linus Torvalds has already raised the issue of starting the function at the request of the user, and not automatically. But so far nothing has been done.
As balsoft noted in comments, the decline in Linux performance due to STIBP was the reason why this code was removed from kernel versions 4.19.4 and 4.14.83 . Therefore, there is reason to believe that in the future, developers will release kernel 4.20 without a patch that counteracts Specter attacks.
/ photo hackNY.org CC BY-SA
If you follow the approach of Torvalds to the numbering of releases on the number of fingers in a person, version 21 should not be . For this reason, with a high degree of probability, 2019 will be the year of birth of Linux kernel 5.0.
Among the improvements of the upcoming version will be the support of new hardware and additional devices. Probably, users will be given the opportunity to connect the gaming keyboard Cougar 700K and work with Chameleon96 - Intel FPGA.
In the next release, the I3C subsystem will appear , which was not added to 4.20. It embodies the advantages of I2C and SPI protocols and is suitable for working with IoT.
The first corporate IaaS blog:
Our IaaS blog in Telegram:
It is very likely that it will be called "5.0".
/ photo by Gregory "Slobirdr" Smith CC BY-SA
')
The latest version of the kernel came out last December. The update is available for download on the official website . This release was a record for the number of added lines of code - their number increased by 354 thousand. More was added only in the Linux version 4.13 (September 2017). Major updates include new drivers, enhanced security, and changes in working with arrays.
New drivers and new hardware
In Linux 4.20, they added support for AMD's Picasso and Raven 2 hybrid processors , Qualcomm's Snapdragon 835 chip-based systems, and the Chinese Hygon Dhyana CPU based on AMD Zen architecture. This will expand the number of devices on which it will be possible to run Linux.
Work has also begun on the code for the AMD Zen 2 architecture, but in later versions, serious changes are awaiting it. The changes also affected Intel Icelake chips - the developers added support for a DSI controller and functionality to control processor power modes.
A code was added that is responsible for working with AMD Vega 20, although it will continue to be improved at least until the release of the graphics processor (its release is scheduled for the first quarter of 2019 ).
The changes also affected the VKMS (Virtual Kernel Mode-Setting) driver, which was added in the previous version of the kernel. It simulates the simplest virtual output device and is used to organize the operation of the X server or any other graphics subsystem on machines without a monitor. At the same time, it provides the ability to use existing GPUs. In Linux kernel 4.20, VKMS got support for GEM and the cursor.
Also, the new kernel was able to work with the Apple Magic Trackpad 2 trackpads and Xbox controllers.
Changes in working with arrays
Variable-length arrays (VLA) were removed from the kernel, the size of which is determined at the stage of execution, not compiling the code. They slowed down and could affect the security of the operating system. Linus Torvalds has long been asked to get rid of the VLA, and he himself actively criticized the decision to use arrays of variable length. In kernel 4.20, most of them were finally excluded.
The XArray data structure was also implemented, which was attempted to be implemented as early as 4.17. This is an abstract data type that behaves like a large array of pointers. Unlike dynamic arrays , when using XArray, you don’t need to change anything in the memory management block to expand the structure. But for now, only the kernel page cache and memremap are transferred to XArray .
Security updates
The Speck block cipher was removed from Linux 4.20, since there were suspicions about the presence of backdoors in its implementation. They also implemented the STACKLEAK function (did not get into 4.19), which protects Linux users from several types of vulnerabilities.
In particular, it reduces the amount of information useful to attackers from the kernel stack to user space. Also, STACKLEAK blocks a series of attacks on uninitialized variables and offers tools for tracking the “overflow” of the kernel stack.
Back in Linux 4.20, we added the STIBP (Single Thread Indirect Branch Predictors) patch, which protects against Specter attacks. They are aimed at the hardware vulnerability of modern processors associated with the implementation of speculative computing .
What the community thinks about Linux kernel 4.20
Residents of Hacker News say that Linux has always had difficulties with drivers and the amount of hardware supported. Updates 4.20 helped to partially fix this problem by expanding the range of available architectures. However, a number of users are worried about the fact that with the transition to the new OS kernel, it began to work more slowly.
The reason for the "regression" was the additional code to protect against Specter. The STIBP patch is activated by default and causes “brakes” on systems using SMT / Hyper-Threading. In some cases, performance may be reduced by 50%. Linus Torvalds has already raised the issue of starting the function at the request of the user, and not automatically. But so far nothing has been done.
As balsoft noted in comments, the decline in Linux performance due to STIBP was the reason why this code was removed from kernel versions 4.19.4 and 4.14.83 . Therefore, there is reason to believe that in the future, developers will release kernel 4.20 without a patch that counteracts Specter attacks.
/ photo hackNY.org CC BY-SA
What "will teach" 5.0
If you follow the approach of Torvalds to the numbering of releases on the number of fingers in a person, version 21 should not be . For this reason, with a high degree of probability, 2019 will be the year of birth of Linux kernel 5.0.
Among the improvements of the upcoming version will be the support of new hardware and additional devices. Probably, users will be given the opportunity to connect the gaming keyboard Cougar 700K and work with Chameleon96 - Intel FPGA.
Work will continue on the Y2038 issue and other security issues, as well as new drivers for graphics, hybrid and CPUs. The long-awaited WireGuard VPN tunnel will also come to the core.
In the next release, the I3C subsystem will appear , which was not added to 4.20. It embodies the advantages of I2C and SPI protocols and is suitable for working with IoT.
The first corporate IaaS blog:
- Equipment manufacturers and IaaS: the race for the cloud trend
- Serverless computing in the cloud - a trend of modernity or necessity?
Our IaaS blog in Telegram:
Source: https://habr.com/ru/post/435214/
All Articles