The rest of the 4.16 merge window

At the close of the 4.16 merge window, 11,746 non-merge changesets had been merged; that is 5,000 since last week's summary. This merge window is thus a busy one, though not out of line with its predecessors — 4.14 had 11,500 changesets during its merge window, while 4.15 had 12,599. Quite a bit of that work is of the boring internal variety; over 600 of those changesets were device-tree updates, for example. But there was still a fair amount of interesting work merged in the second half of the 4.16 merge window; read on for the highlights.

Architecture-specific

• The PowerPC architecture now has support for memory-protection keys.

Core kernel

• The expedited option has been added to the membarrier() system call. The API has changed somewhat since it was last discussed, though. At that time, there was a concern about not perturbing processes that did not need to participate in any given barrier operation, and some complex schemes for figuring out which processes to include. The merged patches, though, create an opt-in mechanism for processes that want to participate in "global" barrier operations. Opting in is a matter of calling membarrier() with the concise and easy-to-type MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED command. An expedited barrier can be sent to all registered processes with MEMBARRIER_CMD_GLOBAL_EXPEDITED.

Filesystems and block I/O

• Overlay filesystems using overlayfs can now be exported via NFS. Enabling this functionality changes some overlayfs behavior and can create a filesystem that is not backward compatible; see the documentation in this commit and this commit for details.
• The XFS reverse-mapping feature is no longer marked as being experimental.
• The AFS filesystem has "dynamic root" support; see this commit for more information.

Miscellaneous

• The new console_msg_format command-line option can be used to adjust the formatting of printk() output. In particular, setting it to syslog will cause a syslog-like format to be generated.
• Virtualization with KVM now supports AMD's secure encrypted virtualization (SEV) feature.

Security-related

• The usercopy whitelisting patch set has been merged. This mechanism further reduces the ranges of memory that can be copied to or from user space; now specific fields of a slab-allocated structure can be whitelisted. After some discussion, the current configuration will only issue a warning (rather than oopsing the system) if non-whitelisted memory is copied; the intent is to find and fix any problems without actually breaking the kernel when those problems occur. When the developers are confident that all of the issues have been found, that behavior may change in a more unforgiving direction.

  Anybody wanting stricter behavior now can disable the HARDENED_USERCOPY_FALLBACK configuration option or set the slab_common.usercopy_fallback command-line option to zero.

• Initial mitigations for Spectre variant 1 (bounds-check bypass) have been merged; see this article for details. The core of this support is a new array_index_nospec() macro that prevents speculation that might cause a bounds check to be circumvented.
• The arm64 architecture has gained another set of Meltdown/Spectre mitigations. The array_index_nospec() operator is supported natively, and it has been applied in a few places in the kernel. Branch-predictor hardening has been improved as well.
• S390 has also gained an implementation of array_index_nospec(), support for some new instructions to control branch prediction, and a variant on the retpoline concept called an "expoline".

Hardware support

• Clock: Hisilicon Hi3660 stub clocks, Spreadtrum SC9860 clocks, Qualcomm MSM8916 APCS clock controllers, AmLogic A113D clock controllers, and Freescale MXC realtime clocks.
• Pin control Meson AXG pin-control units, STMicroelectronics STM32MP157 and STM32F769 pin controllers, MediaTek MT7622 pin control units, Microsemi Ocelot pin control units, and Qualcomm MSM8998 pin controllers.
• Media: NXP TDA18250 silicon tuners, NVIDIA Tegra video decoder engines, Intel IPU3 CIO2 CSI-2 receivers, and OmniVision OV7740 sensors.
• Miscellaneous: Ilitek ILI9225 and ILI9322 display panels, OpenCAPI coherent accelerators, Cadence PCIe host controllers, Realtek RTD119x/RTD129x watchdog timers, and Spreadtrum watchdog timers.
• The old-style LIRC infrared controller drivers, having languished in staging for the requisite number of cycles, have now been removed from the kernel.

Internal kernel changes

• The way that printk() handles large amounts of message traffic has been changed. It will now spread the work over multiple CPUs, reducing the possibility of locking up a CPU with constant message traffic.
• The i2c-gpio fault injector can be used to create "unusual states" on the I2C bus to test the other side's error handling; see Documentation/i2c/gpio-fault-injection for details.

Barring a Meltdown-style security issue or some other problem of that magnitude, the final 4.16 release can be expected in early April. As always, though, there is a lot of testing and fixing to be done between now and then.

Index entries for this article
Kernel	Releases/4.16

---

to post comments