The first half of the 5.14 merge window

As of this writing, just under 5,000 non-merge changesets have been pulled into the mainline repository for the 5.14 development cycle. That is less than half of the patches that have been queued up in linux-next, so it is fair to say that this merge window is getting off to a bit of a slow start. Nonetheless, a fair number of significant changes have been merged.

Some of the more interesting changes pulled so far include:

Architecture-specific

• Arm64 pointer authentication can now be configured independently for kernel and user space.
• The x86 split-lock detection was designed to kill processes that perform atomic operations that cross cache lines — operations that can severely affect performance. The 5.14 kernel adds a new command-line parameter (split_lock_detect=ratelimit:N) that can set a rate limit, expressed in lock operations per second. If that limit is exceeded (in the system as a whole), any process creating a split lock will be forced into a 20ms sleep rather than being killed.

Core kernel

• There is a new futex operation, FUTEX_LOCK_PI2, which uses the monotonic clock for timeouts rather than the realtime clock.
• The core scheduling functionality, which provides control over which processes can share a core, has been merged. Core scheduling can be used as a defense against some Spectre vulnerabilities, but there are other use cases for it as well.
• The burstable CFS bandwidth controller is now in the mainline; this feature allows bursty workloads to briefly exceed their CPU-time restrictions in some conditions.
• The initial infrastructure for BPF program loaders has been merged; this work will eventually allow the kernel to require BPF programs presented for loading to be signed by a trusted key.

Filesystems and block I/O

• There is a new I/O priority controller for control groups that can manage the priority of block-I/O requests (including writeback) generated by members of each group. This commit contains a bit of documentation on this feature. The mq-deadline I/O scheduler has been updated to support these priorities.

Hardware support

• Hardware monitoring: MPS MP2888 pulse-width modulators, Sensiron SHT4x humidity and temperature sensors, Flex PIM4328 power interface modules, and Delta DPS920AB power supplies.
• Media: Sony IMX208 sensors and Atmel extended image sensor controllers.
• Miscellaneous: Stormlink SL3516 crypto offloaders, PolarFire SoC (MPFS) mailbox controllers, Lenovo WMI-based systems management controllers, and Intel SkyLake ACPI INT3472 camera power controllers.
• Networking: Intel M.2 WWAN IPC-over-shared-memory controllers, Ingenic Ethernet controllers, Loongson PCI DWMACs, Sparx5 network switches, and Mellanox BlueField gigabit Ethernet interfaces.
• Regulator: Richtek RT6160 BuckBoost and RT6245 voltage regulators, MediaTek MT6359 power-management ICs, Silergy SY7636A voltage regulators, and Maxim 8893 voltage regulators.
• Removals: at long last, the old IDE block drivers have been removed; the libata subsystem is able to control any IDE devices that are still able to spin.

Networking

• There is an elaborate new mechanism allowing for custom configuration of hash policies for multipath IP traffic; see this merge commit for details.
• The networking layer almost gained support for NVMe/TCP offload adapters; see this commit for some details. Unfortunately, that support was not kept for long; it was reverted after a request from the NVMe developers who were surprised by the whole thing and did not feel that the code was ready for merging.
• The virtio virtual transport has gained support for SOCK_SEQPACKET sockets (which are described briefly in the socket() man page).
• The SO_REUSEPORT socket mechanism has been improved to give applications more control over how failover happens and to avoid spurious connection failures.

Security-related

• User-space handlers for seccomp() have a new operation that can create a file descriptor for the sandboxed task and return that file descriptor as a result of the system call being handled — all as a single atomic operation. This is a partial solution to the signal-related problems covered here in April.
• There is a new mechanism providing better control over resource limits within user namespaces.

Virtualization and containers

• KVM now supports the Arm64 memory tagging extension in guests.

Internal kernel changes

• The DISCONTIGMEM memory model, described in this article, has been removed since no architectures use it.

The 5.14 merge window can be expected to stay open through July 11, though the possibility of an early closing always exists. LWN will, naturally, post another article once the merge window closes describing the additional changes merged; watch this space.

Index entries for this article
Kernel	Releases/5.14

---

to post comments