This Sunday, August 29, Linux will get a major release, paving the way for enterprise and cloud applications for months to come. Security and performance improvements will be included in the 5.14 kernel upgrade.
Security is always a concern for both enterprise and cloud customers, and Linux 5.14 will aid in this regard with several new features. The kernel update includes a feature known as core scheduling, which is intended to help mitigate processor-level vulnerabilities like Spectre and Meltdown, which first surfaced in 2018. Mike McGrath, vice president, Linux Engineering at Red Hat, told TechCrunch that the kernel update includes a feature known as core scheduling, which is intended to help mitigate processor-level vulnerabilities like Spectre and Meltdown, which first surfaced in 2018.
Linux users have been forced to remedy those vulnerabilities by deactivating hyper-threading on CPUs, resulting in a performance cost.
“More specifically, the functionality aids in the separation of trusted and untrusted tasks so that they do not share a core, reducing the overall danger surface while maintaining cloud-scale performance,” McGrath explained.
Another area of security innovation in Linux 5.14 is a feature that has been in development for more than a year and a half and will improve system memory protection. Memory is frequently targeted as the main attack surface in attacks against Linux and other operating systems. With the new kernel, an application running on a Linux system can create a memory range that is unavailable to anybody else, including the kernel, using the memfd secret () capability.
According to McGrath, this means cryptographic keys, sensitive data, and other secrets can be held there to limit exposure to other users or system activity. The Linux kernel is at the heart of the open-source Linux operating system that underpins most cloud and enterprise application delivery. The kernel is the component that delivers the system’s basic functioning.
Over the last two months, the Linux 5.14 kernel has gone through seven release candidates and benefited from the contributions of 1,650 distinct engineers.
Individual contributors, as well as significant vendors such as Intel, AMD, IBM, Oracle, and Samsung all, contribute to the Linux kernel development. IBM’s Red Hat business unit is one of the most important contributors to any given Linux kernel release. In a deal that was finalized in 2019, IBM paid $34 billion for Red Hat.
“We see some highly interesting capabilities in 5.14, as we do with pretty much every kernel release,” McGrath said.