Linus Torvalds announced this Sunday the general availability of version 5.6 of the Linux kernel after various published CRs. Linux 5.6 contains many changes and improvements. Like every new version of the main development line, the newest brings more than ten thousand changes, some update new functions, others improve existing ones.
The key features of this version include Arm EOPD support, time namespaces, BPF dispatcher and batch BPF card operations and openat2 system call, implementation of VPN WireGuard etc.
USB 4 compatibility
The USB 4 standard is one of the main features of this version of the Linux Kernel since USB4 support was implemented which is based on the Thunderbolt 3 specification. In theory, speeds can reach 40 Gb / s via the USB-C connector, in addition to support powers up to 100 watts through PD port (Power Delivery). USB4 allows you to connect 4K or 8K displays to USB, as well as connect a series of several USB devices to the chain in the same port.
This connection technology, which was finalized last summer and emerged from Thunderbolt 3, should already appear on systems in a few months. Intel Tiger Lake generation processors, which inherit current Ice Lake series desktop and laptop processors, should be supported.
Bug fixes for the year 2038
Another change that comes in Linux 5.6 is the 2038 bug that affects 32-bit architectures due to an integer overflow problem.
In fact, Unix and Linux store the time value in a 32-bit signed integer format that has the maximum value of 2147483647. Beyond this number, due to an integer overflow, the values will be stored as a negative number This means that for a 32-bit system, the time value cannot exceed 2147483647 seconds after January 1, 1970.
In simpler terms, after 03:14:07 UTC on January 19, 2038, due to an integer overflow, the time will be December 13, 1901 instead of January 19, 2038.
WireGuard support
Linux 5.6 comes with Wireguard VPN technology, she's been talking a lot about herself for a while. This is due, among other things, to a fast connection establishment, good performance and robust, fast and transparent handling connection aborts. In addition, tunnel technology it is very efficient and much easier to configure than older VPN technologies; Wireguard provides security against eavesdropping with the latest encryption algorithms.
WireGuard uses Curve25519 for key exchange, ChaCha20 for encryption, Poly1305 for data authentication, SipHash for hashtable keys, and BLAKE2s for hash. It supports Layer 3 for IPv4 and IPv6 and can encapsulate v4-in-v6 and vice versa. WireGuard has been adopted by some VPN service providers such as Mullvad VPN, AzireVPN, IVPN, and cryptostorm, long before its incorporation into Linux, due to its "excellent" design.
ARM EOPD support
Due to the Meltdown vulnerability which allows an attacker in user space to read data from kernel space using a combination of speculative execution and cache-based child channels. The kernel's defense against Meltdown is the isolation of the kernel page tables, completely removing kernel page tables from user space mapping. It works but has a very significant performance cost and it may interfere with the use of other processor functions.
However, it is widely accepted that address space isolation will be increasingly necessary to protect systems for some time to come.
There is an alternative, which is an initiative based on E0PD, which was added as part of the Arm v8.5 extensions. E0PD ensures access from user space to the middle of the memory card The kernel is always done in constant time, thus avoiding synchronization attacks.
Therefore, the E0PD does not prevent it from running speculatively in memory which the user space should not be able to access, but it blocks the side channel which is normally used to extract the data exposed by badly speculated operations.
Finally if you want to know more about it, you can consult the following link.