Linux 5.14 is here, packing boosted security protection
No rest for the wicked
Days after the Linux kernel celebrated its 30th anniversary, Linus Torvalds, its creator and maintainer, put out its latest release with improvements to hardware support and security.
“The celebrations will go on for a few more weeks yet, but you all may just need a breather from them. And when that happens, I have just the thing for you - a new kernel release to test and enjoy,” wrote Torvalds as he put out the new release.
The development cycle of the 5.14 release didn’t face any major hurdles and completed on schedule in just under two months.
- Check our roundup of the best Linux distros
- Here are the best Linux laptops for running Linux
- Also take a look at the best laptops for programming
Reporting on the release, The Register notes that two of the headline features in the release are memfd_secret() system call and core scheduling, both of which are major efforts in the kernel’s attempts to mitigate the Spectre and Meltdown hardware vulnerabilities.
Here's to another 30
The memfd_secret() system call, which has been under development for about two years now, essentially earmarks a region of memory that is private to an application, blocking access even to the kernel itself.
This is reportedly important, since this area can’t be accessed by the Spectre and Meltdown vulnerabilities, making it an ideal silo to hold sensitive information such as cryptographic keys.
Furthermore, the core scheduling enhancement improves Linux’ support for hyperthreading, in order to prevent trusted and less-trusted processes from sharing resources. This avoids risks associated with Spectre-like attacks, specifically cross-hyperthreading attacks.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Elsewhere the latest release also improves the kernel’s hardware support. In addition to complete support for the Raspberry Pi 400, the release adds support for popular systems-on-a-chip (SoC) such as the Rockchip RK3568, the Qualcomm SA8155p, and more.
Even as the community continues to celebrate three decades of the world’s most popular open source project, the kernel developers down in the trenches are already hacking away at the next release.
“Of course, the poor tireless kernel maintainers won't have time for the festivities, because for them, this just means that the merge window will start tomorrow. We have another 30 years to look forward to, after all,” concluded Torvalds.
- Subscribe to Linux Format magazine for more Linux and open source goodness
Via The Register
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.