Version 5.14 of the Linux kernel shipped over the weekend, featuring new protections against the Spectre and Meltdown attacks that threatened Intel CPU security.
A secret feature enables developers to create memory areas available only to the application that owns them, blocking even the kernel from monitoring them. This is useful to hold sensitive data, such as encryption keys.
Another secure feature is core scheduling. This makes it safer to use hyperthreading, which allows multiple programs to share a single core. Turning off hyperthreading helped prevent the 2019 side-channel attacks but carried a performance hit, which is significant for cloud service providers running thousands of servers.
Core scheduling allows admins to separate sensitive processes in hyperthreading schedules, making it less likely that one process will snoop on another.
The kernel also features improved journaling on EXT4 file systems, offering more protection against information leaks.
Security features aside, the new kernel comes with a range of extra hardware support and enhancements. These include support for Intel's Alder Lake P graphics, and Qualcomm's Adreno 660 GPU. It also features enhancements to the open source AMD GPU drivers, including the ability to hot swap them.
Linux 5.14 also includes support for hardware-based microphones and webcam kill switches on Dell laptops. Over the last few years, Dell has been a staunch Linux supporter, shipping developer versions of its laptops with preinstalled Linux and driver support.
Five questions to ask before you upgrade to a modern SIEM
Do you need a better defense strategy?
The kernel also drops support for legacy integrated device electronics (IDE) storage interfaces, helping to offset the ongoing growth of the code base.
Linus creator, Linus Torvalds, announced the new kernel along with acknowledging the operating system's 30th birthday. "The celebrations will go on for a few more weeks yet, but you all may just need a breather from them," he said.
"And when that happens, I have just the thing for you - a new kernel release to test and enjoy. Because 5.14 is out there, just waiting for you to kick the tires and remind yourself what all the festivities are about."
Those who want early access to the latest kernel can download the source code and compile it themselves. Otherwise, Linux distributions will begin adopting 5.14 over time.
Distributions either come as time-based releases, with period increments that roll up collections of features including the kernel, or rolling releases that update more frequently with new features. Examples of the former include Ubuntu, while Arch is a rolling release distribution.
