6.2 Merge window, part 1

The most significant changes merged for 6.2 so far include:

Architecture-specific

• The arm64 architecture can now enable or disable software-implemented shadow stacks at boot time; this is done by patching in the relevant instructions where necessary. This change allows a single kernel to work efficiently on systems both with pointer authentication (where shadow stacks don't really add much) and without.
• The Intel "asynchronous exit notification" mechanism is now supported; this allows code in SGX enclaves to detect single-step attacks.
• There is a new set of operations allowing a hypervisor to support requests from Intel TDX guests; this documentation commit has some more information.
• There is a new sysctl knob to control how x86 systems respond to processes executing split locks; see this commit for an overview and this article for the background.

BPF

• BPF programs have increased access to control-group local storage; see this documentation commit for details.
• BPF programs can now define types, allocate objects, and create their own data structures; this merge message gives an overview.
• It is now possible for BPF code to access and store task_struct objects; see this commit for an overview.

Core kernel

• It is now possible to move a process into a new time namespace when it calls exec(). Among other things, this allows a process to execute the vfork()+exec() sequence after unsharing its time namespace, which does not work in current kernels.
• More Rust infrastructure code has been merged; see this article for details.

Filesystems and block I/O

• Squashfs filesystems can now be mounted with the threads= option to control how parallel decompression is done; see this commit for details.
• Squashfs can also now handle ID-mapped mounts.
• The kernel's handling of POSIX access-control lists has been massively reworked. There should be no user-visible changes. This merge commit contains a detailed overview of what was done.
• The fscrypt mechanism can now make use of the SM4 encryption algorithm though, as detailed in this merge message, the fscrypt maintainer recommends against its use.
• The reliability of the much-maligned Btrfs RAID5 and RAID6 implementation has been improved; this merge message describes the changes that were made. There have also been more performance improvements merged for Btrfs.
• The kernel can now be built without NFSv2 support; this is the next step toward removing that support entirely.
• Permissions checks for access to NVMe devices have changed; operations that read or write a given device will now succeed if the writing process has the appropriate access in the permission bits on the device special file. Previously, CAP_SYS_ADMIN was required for such operations.
• The packet CD/DVD driver, deprecated in 2016, has finally been removed.

Hardware support

• Clock: MStar CPUPLL clocks, Ingenic JZ4755 CGU clocks, MediaTek FHCTL hardware controller clocks, Qualcomm SC8280XP and SM6375 display clock controllers, and Qualcomm SM8550 global clock controllers.
• GPIO and pin control: Qualcomm SDM670 pin controllers, Loongson-2 SoC pin controllers, and Intel Moorefield pin controllers.
• Graphics: Open Firmware display controllers, Renesas RZ/G2L MIPI DSI encoders, Jadard JD9365DA-H3 WXGA DSI panels, and NewVision NV3051D DSI panels.
• Hardware monitoring: Ampere Altra SMpro hardware monitors and OneXPlayer EC fan controllers.
• Input: Hynitron cst3xx touchscreens, Cypress TrueTouch Gen5 touchscreens, and Himax hx83112b touchscreens.
• Media: OmniVision OV08X40 and OV4689 sensors, STmicroelectronics VGXY61 sensors, Toshiba TC358746 parallel-CSI2 bridges, Allwinner A31 image signal processors, Microchip image sensor controllers, Renesas RZ/G2L MIPI CSI-2 receivers, and Renesas RZ/G2L camera data receiving units.
• Miscellaneous: ARM CoreSight performance monitoring units, Amlogic DDR bandwidth performance monitors, Loongson-2 SoC global utilities register blocks, Dell WMI-based platform sensors, ChromeOS human-presence sensors, Apple CPU-frequency controllers, ARM SCMI powercap controllers, Richtek RT6190 4-Switch BuckBoost controllers, MediaTek MT6357 power-management ICs, and Sunplus SP7021 MMC controllers.
• Networking: Realtek 8852BE PCI wireless network adapters, Motorcomm yt8521 gigabit Ethernet PHYs, Renesas R-Car S4-8 Ethernet switches, MediaTek MT7996 wireless interfaces, NVIDIA Tegra multi-gigabit Ethernet controllers, Realtek 8821CU, 8822BU, 8822CU and 8723DU USB wireless network adapters, and Broadcom BCM4377/4378/4387 Bluetooth interfaces.
• Sound: Realtek RT1318 codecs.
• SPI: Microchip pci1xxxx PCIe switches, Socionext F_OSPI SPI flash controllers, and Nuvoton WPCM450 flash interface units.
• Also: the kernel has a new framework for the management of compute-acceleration devices. There are no actual devices using that framework in 6.2; that may change for 6.3. Meanwhile, this documentation commit gives an overview of the new subsystem.

Miscellaneous

• The new rv tool can be used to control the operation of the runtime verification subsystem. See this documentation commit for details.
• The HTML version of the kernel documentation is now built with the Sphinx "alabaster" theme by default.

Networking

• The IPv6 stack has gained support for "protective load balancing", described as:

  PLB (Protective Load Balancing) is a host based mechanism for load balancing across switch links. It leverages congestion signals(e.g. ECN) from transport layer to randomly change the path of the connection experiencing congestion.

  This paper has more details.

Security-related

• The RANDOM_TRUST_BOOTLOADER and RANDOM_TRUST_CPU configuration options have been removed; the only way to set those parameters now is with a command-line option. See this commit for more information.
• The Landlock security module can now control file truncation operations. This documentation commit has some more information.

Internal kernel changes

• The read-copy-update (RCU) subsystem has a new "lazy" mode (controlled by the RCU_LAZY configuration option). When this mode is active, the handling of RCU callbacks will be delayed so that those callbacks can be run in larger batches. On lightly loaded systems, the result can be a 5-10% power savings. For callbacks that can't wait, there is a new call_rcu_hurry() function. This commit has the details.
• As described in this article, the char type will now default to unsigned on all architectures.
• The SLOB slab allocator, which was designed for small-memory systems, has been deprecated and will likely be removed in a future release. Any remaining users are encouraged to move to SLUB, as the other allocator (SLAB) will eventually be targeted as well. To help on smaller systems, there is a new SLUB_TINY configuration option that reduces the SLUB allocator's memory requirements.
• Support for message-signaled interrupts (MSIs) has been massively reworked to deal with years of technical debt and upcoming technologies. This merge commit describes the situation in great detail.
• There have been changes to the timer subsystem as well. del_timer() and del_timer_sync() have been renamed to timer_delete() and timer_delete_sync() respectively. There are new functions, timer_shutdown() and timer_shutdown_sync(), which are meant to ease the task of cleaning up timers that might be rearmed during that process; once they are called, any attempts to rearm the timer will be ignored.

If the usual two-week schedule is followed, the 6.2 merge window can be expected to end on December 25. Given the significance of that date and a number of warnings from Torvalds, though, it would not be at all surprising if this merge window ended up being shorter than usual. Whatever happens, LWN will follow up with a summary of the changes that were pulled once 6.2-rc1 has been released.