Linux 3.17 has been released on Sun, 5 Oct
Summary: This release adds support for USB device sharing over IP, support for Xbox One controllers, support for Apple's thunderbolt, a new sealing API that restricts operations on shared memory file descriptors that allows easier shared memory programming for developers, support for page fault tracing in perf trace, support for only using signed kernels in kexec, a getrandom() syscall for more secure random number generation, and graphic "render nodes" are no longer experimental. There are also new drivers and many other small improvements.
Contents
-
Prominent features
- USB device sharing over IP
- 'File sealing' eases handling of shared memory
- Graphic "render nodes" feature enabled by default
- Improved power management features enabled for more Radeon GPUs
- Thunderbolt support
- Support for Xbox One controllers
- More secure generation of random numbers with the getrandom() syscall
- Support for page fault tracing in perf trace
- perf timechart adds I/O mode
- Signed kexec kernels
- Drivers and architectures
- Core
- Memory management
- Block layer
- Power management
- File systems
- Networking
- Virtualization
- Tracing/perf
- Security
- Crypto
- Other news sites that track the changes of this release
1. Prominent features
1.1. USB device sharing over IP
USB/IP is a project that provides a general USB device sharing system over IP network. To share USB devices between computers with their full functionality, USB/IP encapsulates "USB I/O messages" into TCP/IP payloads and transmits them between computer. Original USB device drivers and applications can be also used for remote USB devices without any modification of them. A computer can use remote USB devices as if they were directly attached.
This project has been for a while in the "staging" area, and it's now considered stable enough for prime consumption. Userspace tools can be found at tools/usb/usbip
Project: http://usbip.sourceforge.net
1.2. 'File sealing' eases handling of shared memory
When various processes communicate with each other via shared memory, they have to be careful and synchronize, because the shared memory can be modified by others at any time, or shrink and grow the buffer. This makes IPC via shared memory fragile, forces servers to do extra checks, encourages making local copies of shared memory and makes zero-copy operations impossible if the source of shared memory is not trusted.
This release includes the concept of "file sealing". Files from shmfs can be "sealed" through fcntl(2) different flags that restrict determinate behaviours: shrinking the file, growing, writing to it or setting new seals.
Sealing allows sharing shmfs files without any trust-relationship. This is enforced by rejecting seal modifications if you don't own an exclusive reference to the given file. So if a process owns a file-descriptor, it can be sure that no-one besides him can modify the seals on the given file. This allows mapping shared files from untrusted parties without the fear of the file getting truncated or modified by an attacker.
This has some useful uses. For example, a graphic server (e.g. Wayland) may want to reject any file descriptors that don't have the SEAL_SHRINK seal set. That way, any memory-mappings are guaranteed to stay accessible (while at the same time allowing to grow the buffer). Another example would be a general purpose IPC mechanism such as D-Bus. With sealing, zero-copy can be easily done by sharing a file-descriptor that has SEAL_SHRINK | SEAL_GROW | SEAL_WRITE seals set. This way, the source can store sensible data in the file, seal the file and then pass it to the destination. The destination verifies these seals are set and then can parse the message in-line, or even do safe multicasts of the message and allow all receivers parse the same zero-copy file without affecting each other.
Recommended LWN article: Sealed files
Recommended blog article: memfd_create(2)
Code and preliminary API documentation: commit, commit
1.3. Graphic "render nodes" feature enabled by default
"Render nodes" is a feature merged in Linux 3.12. It allows to create different device nodes for the GPU and the display, thus allowing applications to use the GPU for off-screen rendering by talking directly to the DRM device node.
This feature had been considered experimental for a while and could only be enabled with the "drm.rnodes=1" module parameter. In this release, render nodes have been enabled by default.
For more details about render nodes, see this blog
Code: commit
1.4. Improved power management features enabled for more Radeon GPUs
Dynamic power management (dpm) has been re-enabled by default on Cayman and BTC devices.
Also, a new module parameter (radeon.bapm=1) has been added to enable bidirectional application power management (bapm) on APUs where it's disabled by default due to stability issues.
1.5. Thunderbolt support
Thunderbolt is a hardware interface that combines PCI Express and Displayport into one serial signal alongside a DC connection for electric power, transmitted over one cable. Up to six peripherals may be supported by one connector through various topologies. Co-developed by Intel and Apple, it's mostly used in Apple devices.
Code: commit
1.6. Support for Xbox One controllers
This release adds support for Xbox One controllers.
Code: (commit)
1.7. More secure generation of random numbers with the getrandom() syscall
Linux systems usually get their random numbers from /dev/[u]random. This interface, however, is vulnerable to file descriptor exhaustion attacks, where the attacker consumes all available file descriptors, and is inconvenient for containers. The getrandom(2) syscall, analogous to OpenBSD's getentropy(2), solves that problems.
Recommended LWN article: A system call for random numbers: getrandom()
Code: commit
1.8. Support for page fault tracing in perf trace
This release adds page fault tracing support to 'perf trace'. Using -F/--pf option user can specify whether he wants minor, major or all pagefault events to be traced. Output example:
{{{1756272.905 ( 0.000 ms): curl/5937 majfault [0x7fa7261978b6] => /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0@0x85288 (d.) 1862866.036 ( 0.000 ms): wget/8460 majfault [clear_user+0x3f] => 0x659cb4 (?k)}}}
Currently, perf timechart records only scheduler and CPU events (task switches, running times, CPU power states, etc); this release adds I/O mode which makes it possible to record IO (disk, network) activity. In this mode perf timechart will generate SVG with I/O charts (writes, reads, tx, rx, polls).
Kexec is a Linux feature that allows to boot a Linux kernel from an existing Linux kernel. It is used for faster rebooting or even for automatically booting a new kernel after a crash. However, UEFI "secure boot" systems are not supposed to allow to boot unsigned operating systems. Kexec allows to bypass the UEFI secure boot by kexec'ing into a unsigned kernel. To solve this problem, this release incorporates support for only allowing to kexec kernels that are signed. Recommended LWN article: Reworking kexec for signatures Code: commit, commit, commit, commit, commit, commit, commit
All the driver and architecture-specific changes can be found in the Linux_3.17-DriversArch page
A resizable, Scalable, Concurrent Hash Table commit firmware loader: allow disabling of udev as firmware loader commit Add a option to enable dwarf4 debug info format commit Support the "split debug info" debug info model present in gcc 4.7+ and newer binutils. It avoids having to copy it around multiple times, from the object files to the final executable, lowers the disk space and defaults to compressed debug data commit Support initramfs and initrd bigger than 2 GiB commit, commit sysfs: disallow world-writable files. commit rcu: Remove CONFIG_PROVE_RCU_DELAY commit
dma-buf: add poll support commit dma-buf: A new "fence" mechanism allows to do cross-device synchronization of DMA buffers. Fences are attached to a buffer which is being filled or consumed by hardware, to allow userspace to pass the buffer without waiting to another device. For example, userspace can call page_flip ioctl to display the next frame of graphics after kicking the GPU but while the GPU is still rendering. The display device sharing the buffer with the GPU would attach a callback to get notified when the GPU's rendering-complete IRQ fires, to update the scan-out address of the display, without having to wake up userspace commit, commit Export NR_SHMEM via sysinfo(2) / si_meminfo() interfaces commit
brd: add module option to enable RAM disk visibility in /proc/partitions commit drbd: New net configuration option socket-check-timeout commit
scripts/analyze_suspend.py: update to v3.0, which includes back-2-back suspend testing, device filters to reduce the html size, the inclusion of device_prepare and device_complete callbacks, a USB topography list, and the ability to control USB device autosuspend commit
Adjust statfs() space utilization calculations according to RAID profiles commit Add a new /proc/fs/nfsd/max_connections file commit
ipv6: Implement automatic generation of flow labels for IPv6 packets on transmit commit openvswitch: Enable tunnel GSO for Open vSwitch bridge. commit timestamp: ACK timestamp for bytestreams commit timestamp: SCHED timestamp on entering packet scheduler commit timestamping: TCP timestamping commit Remove deprecated syststamp timestamp commit bridge: netlink dump interface at par with brctl commit
virtio-blk: support multiple virtual queues that can get assigned to host's hardware queues commit virtio-net: rx busy polling support, 1 byte netperf tcp_rr shows 127% improvement commit vfio: EEH support for VFIO PCI device commit hyperv: Add netpoll support commit
perf trace: Add support for pagefault tracing commit, commit, add pagefault statistics commit perf trace: Add possibility to switch off syscall events commit perf bench: Add --repeat option commit perf hists browser: Display columns header text on 'H' press commit, commit perf inject: Add --kallsyms parameter commit perf kvm: Add stat support on s390 commit perf tools: Add --debug optionto set debug variable commit tracing: Add ftrace_graph_notrace boot parameter for specifying notrace filter for function graph tracer at boot time commit
Allow seccomp to set a filter across all threads (Recommended LWN Article) commit, add "seccomp" syscall commit seccomp: implement SECCOMP_FILTER_FLAG_TSYNC commit selinux: Report permissive mode in avc: denied messages. commit
drbg: NIST SP800-90A compliant Deterministic Random Bit Generator commit, commit Parser for a PKCS#7 signed-data message as described in part of RFC 2315 commit pefile: Support for PE file signature verification commit
1.9. perf timechart adds I/O mode
1.10. Signed kexec kernels
2. Drivers and architectures
3. Core
4. Memory management
5. Block layer
6. Power management
7. File systems
8. Networking
9. Virtualization
10. Tracing/perf
11. Security
12. Crypto
13. Other news sites that track the changes of this release