The Linux kernel is the backbone of Linux operating systems (OS), and is the fundamental interface between a computer's hardware and its processes.
The release of the new version of Linux 6.6, which comes with a large number of changes and improvements and of which stands out a new EEVDF task scheduler, the hidden stack mechanism to protect against exploits, the fs-verity support in OverlayFS, improved “GPL-only” symbol export tracking, and more.
The new version includes 15.291 fixes and approximately 44% of all changes introduced in 6.6 are related to device drivers, 17% to the update of specific code for hardware architectures and the rest is for the network stack, subsystems and so on.
Main news in Linux 6.6
In this new version that is presented of Linux 6.6, a new EEVDF task scheduler which replaces the CFS scheduler. It is noted that EEVDF when choosing the next process to transfer execution to, takes into account processes that have not received enough processor resources or have received an unfair amount of processor time. In the first case, the transfer of control of the process is forced, and in the second, on the contrary, it is postponed. EEVDF expected to reduce delays on tasks CFS has struggled with programming.
Another change that stands out in this new version of the Linux Kernel 6.6 is that the subsystem io_uring has added initial support for network socket-specific commands and operations, since sysctl io_uring_disabled was added to disable io_uring throughout the system, this mentions that sand I gain an increase in performance and the reduction in latency when performing I/O operations after making changes reaches 37%.
In addition to this, it is also noted that Changes have been made to the processing of internal symbols of the "GPL-only" category, with the goal of making it difficult for proprietary modules to use GPL layers to avoid access restrictions to kernel subsystems that only allow GPL-licensed code.
For architecture RISC-V, added support for accessing performance counters from user space and the ability to place a core dump after a crash in an area beyond the 4 GB limit.
Regarding the improvements for file systems, in Linux 6.6 OverlayFS has added support for storing fs-verity hashes in the overlay.verity extended attribute (xattr), which can be used to verify the integrity and authenticity of files in the underlying layers of OverlayFS using cryptographic keys and hashes. Thus, OverlayFS now includes all the changes necessary for the Composefs project to work as a complement to the OverlayFS and EROFS file systems.
In Btrfs, the built-in integrity checking mechanism has been deprecated which is enabled at compile time via the BTRFS_FS_CHECK_INTEGRITY parameter. The specified mechanism was left unsupported, is no longer tested, and creates additional load on the CPU and memory. Additionally, Btrfs has optimized the performance of the new FS (scrub) check code.
En Ext4, added periodic superblock update checks and memory allocation operations were sped up by writing to the end of the file.
Support has been added to ublk for zoned storage devices (which divide groups of blocks or sectors into zones, where sequential addition of data is only allowed with the update of the entire group of blocks).
ReiserFS went from being compatible to being obsolete, In addition, ReiserFS is scheduled to end support in 2025. Reasons for deprecating ReiserFS include the stagnation in the maintenance of this FS, the unresolved 2038 issue, the lack of fault tolerance capabilities, and the desire to reduce labor costs to maintain common changes to file systems related to support of the new API for mounting.
On the other hand, it also highlights the continuous migration of changes from the Rust-for-Linux branch, Well now the transition has been made to the use of Rust 1.71.1 and bindgen 0.65.1 versions and with this it is mentioned that the 'Zeroable' trait has been implemented, procedural macros were added, compatibility with '#[pin_data ]' is guaranteed and the capabilities of the 'types' module have been expanded.
Added support for compiling with Clang compiler with CFI protection mode, which blocks violations of the normal execution order (control flow) as a result of using exploits that change function pointers stored in memory. For the RISC-V architecture, randomization of the kernel location in memory during boot is enabled.
Mention of the US National Security Agency has been removed. of the options associated with enabling the access control system of SELinux application. Since the project has been developed under the wing of the community for 20 years and is supported by independent maintainers, it was decided to switch to using the name "SELinux" instead of "NSA SELinux" in comments and documentation.
Finally, if you are interested in knowing more about it about this new release, you can check the details in the following link