Skip to main content

Linux 5.14 is here, packing boosted security protection

Linux
(Image credit: Image Credit: Pixabay)

Days after the Linux kernel celebrated its 30th anniversary, Linus Torvalds, its creator and maintainer, put out its latest release with improvements to hardware support and security.

“The celebrations will go on for a few more weeks yet, but you all may just need a breather from them. And when that happens, I have just the thing for you - a new kernel release to test and enjoy,” wrote Torvalds as he put out the new release. 

The development cycle of the 5.14 release didn’t face any major hurdles and completed on schedule in just under two months. 

Reporting on the release, The Register notes that two of the headline features in the release are memfd_secret() system call and core scheduling, both of which are major efforts in the kernel’s attempts to mitigate the Spectre and Meltdown hardware vulnerabilities.

Here's to another 30

The memfd_secret() system call, which has been under development for about two years now, essentially earmarks a region of memory that is private to an application, blocking access even to the kernel itself. 

This is reportedly important, since this area can’t be accessed by the Spectre and Meltdown vulnerabilities, making it an ideal silo to hold sensitive information such as cryptographic keys.

Furthermore, the core scheduling enhancement improves Linux’ support for hyperthreading, in order to prevent trusted and less-trusted processes from sharing resources. This avoids risks associated with Spectre-like attacks, specifically cross-hyperthreading attacks.

Elsewhere the latest release also improves the kernel’s hardware support. In addition to complete support for the Raspberry Pi 400, the release adds support for popular systems-on-a-chip (SoC) such as the Rockchip RK3568, the Qualcomm SA8155p, and more.

Even as the community continues to celebrate three decades of the world’s most popular open source project, the kernel developers down in the trenches are already hacking away at the next release.

“Of course, the poor tireless kernel maintainers won't have time for the festivities, because for them, this just means that the merge window will start tomorrow. We have another 30 years to look forward to, after all,” concluded Torvalds.

Via The Register

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.