2023年10月29日星期天,Linux 6.6发布。 https://kernelnewbies.org/Linux_6.6
1 Prominent features
1.1 新任务调度程序:EEVDF
任务调度器是内核的一部分,当有很多任务可以选择时,任务调度器决定下一个运行哪个任务,其角色对于达到良好的性能和延迟至关重要。以前的算法,名为CFS,已在Linux 2.6.23中合并。在这个版本中,它被一个使用新算法的代码替代,该算法被称为EEVDF(“最早可用虚拟截止日期优先”)。
这种算法设计用来确保那些没有得到应有关注的进程在下一次可以自动被选中,同时,那些得到超额关注的进程会被“惩罚”。而这都是以一个清晰的、算法化的方式来完成的,而CFS是使用启发式和可调节的旋钮来尝试猜测哪些进程需要更多的关注。许多这类可调节选项已被移除。因此,这个新的调度器应该可以提高那些被CFS忽视的任务的延迟,同时让其他任务保持常规的超调度。有关更多的细节,请阅读LWN的文章。
推荐的LWN文章: An EEVDF CPU scheduler for Linux
推荐论文: Earliest Eligible Virtual Deadline First : A Flexible and Accurate Mechanism for Proportional Share Resource
1.2 影子堆栈以防止漏洞利用
防止利用的影子堆栈 经过多年的讨论,Linux内核终于添加了对英特尔影子堆栈硬件特性的支持。影子堆栈通过维护一个不能直接修改的次级(影子)堆栈来工作。在管理堆栈时,处理器将返回地址推送到普通堆栈和特殊权限的影子堆栈。返回时,处理器弹出影子堆栈的副本并将其与普通堆栈的副本进行比较。如果两者不同,处理器会引发控制保护故障,这可以防止试图修改堆栈的攻击。这个实现仅支持64位内核上的影子堆栈,32位的支持只能通过IA32模拟,并且仅适用于用户空间。
这个版本还添加了对Clang的控制流完整性方案的支持,以及在RISC-V架构中在启动时随机放置内核映像的位置。
推荐的LWN文章:用户空间影子堆栈。
1.3 在overlayfs中支持fs-verity
此版本在overlayfs中添加了支持,通过在元复制文件上指定overlay.verity xattr,使用fs-verity来验证lowerdata文件。这主要是由 Composefs 用例推动的,其中将有一个只读 EROFS 层,其中包含到基础数据层的重定向,该基础数据层在所有文件上启用了 fs-verity。但是,如果您想确保较低数据文件随着时间的推移与预期内容匹配,那么它通常也很有用。
有关更多信息,请阅读文档
1.4 tmpfs支持Quotas and xattrs
此版本增加了对tmpfs的用户和组配额(项目配额将在稍后添加)。它还增加了对用户xattrs的支持(安全xattrs和POSIX ACLs已经得到支持)和稳定目录偏移的支持。
1.5 更可配置的未绑定工作队列
工作队列被内核的其他部分用来推迟一些将异步运行的工作。有各种类型,未绑定的工作队列是不绑定到任何特定CPU的工作项,它们通常在每个NUMA节点内部散布,当在一些拥有多个L3缓存的现代CPU(特别是arm64)上创建了很多未绑定的项目时,这并不理想。此版本试图改善这些项目的CPU本地性意识。不幸的是,本地性和利用率之间存在着显著的权衡,当工作队列被大量使用时,需要明确的配置,因此,一些配置旋钮可用于实现所有类型硬件的最佳结果。默认行为是根据最后一级缓存边界进行软亲和。在有多个L3缓存的机器上,这种设计越来越流行,随着芯片组设计的流行,这种设计改善了缓存本地性,同时也没有太大损害工作保守。
推荐的LWN文章:一对工作队列的改进
文档:https://www.kernel.org/doc/html/latest/core-api/workqueue.html#affinity-scopes
1.6 使用io_uring实现更快的异步Direct I/O
当使用io_uring进行异步 Direct I/O操作时,此版本可以显著提高性能,对于低队列深度IO,吞吐量/延迟可以提高高达37%。
1.7 首批XFS在线文件系统检查
为了实现最大的可靠性,XFS希望能够在不卸载文件系统的情况下修复自身。这个版本包含了将在下个版本中允许这个功能的第一批基础设施。
更多细节,请阅读XFS online fsck design document。
2. Core (various)
- (FEATURED) 控制流强制:用户空间的影子堆栈(1.2节) commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- (FEATURED) workqueue:改进无绑定工作队列的执行局部性。无绑定的工作队列会在每个NUMA节点中分散工作项,这在具有多个L3缓存的CPU上并不理想。此版本实现了改进和配置执行局部性的机制。更多详细信息请参见此 recommended LWN article, and the Documentation commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- iouring
- Add support for IORING_ASYNC_CANCEL_OP commit, commit, commit, commit, commit, commit, commit
- Add a sysctl to disable io_uring system-wide commit
- io-wq locking improvements commit, commit, commit
- Add io_uring command support for sockets commit
- Caching and SQ/CQ optimisations commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- Task scheduler:
- (FEATURED) 新的任务调度算法,使用latency-nice的EEVDF(1.1节) paper. commit, commit, commit, commit, commit, commit, commit
- 为x86 Hybrid CPUs启用集群调度(Cluster Scheduling) commit, commit, commit, commit, commit
- 为大型SMT系统优化should_we_balance()函数 commit
- 改善带宽限制 commit, commit
- 添加一个新的fchmodat2(2)系统调用。这是fchmodat(2)系统调用的修订版本,添加了缺失的标志参数 commit, commit, commit, commit
- file locks:F_UNLCK用于F_OFD_GETLK的扩展。目前它返回-EINVAL。此版本进行了更改,使得指定F_UNLCK只返回由给定文件描述符拥有的OFD锁的信息 commit
- 处理连接器的错误修复和增强功能 commit, commit, commit, commit, commit, commit
- kexec:内核处理CPU和内存热插拔 commit, commit, commit, commit, commit, commit, commit, commit
- init:添加对 rootwait 超时(rootwait timeout)参数的支持 commit
- memfd:为vm.memfd_noexec进行清理 commit, commit, commit, commit, commit
- cgroup/cpuset:为了更好地控制正在沿cgroup层次结构分发的独占式CPU,添加了一个新的cpuset控制文件cpuset.cpus.exclusive(可读写)和一个cpuset.cpus.exclusive.effective(只读)文件,用于创建cpuset分区。独占的任意一个CPU只能最多分发给一个子cpuset。此版本还引入了一个新的cpuset分区类型,称为远程分区。现在,必须围绕根cgroup以分层的方式集中的现有分区类别现在被称为局部分区。远程分区可以远离根cgroup形成,没有分区根父节点。容器管理工具可以管理cpuset.cpus.exclusive文件,而不影响其他中间件管理的其他cpuset文件。 commit, commit, commit, commit
- SMT:到目前为止,sysfs SMT 控制只允许在 SMT 开启和关闭之间切换。此版本扩展了 sysfs 接口和核心基础设施,以接受数字值,这样一些平台(如 PowerPC)可以在顶部建立部分 SMT 启用的 SMT 运行时控制。 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- maple_tree
- 减少 maple tree的预分配 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 改变替换策略 commit, commit, commit, commit, commit, commit
- 收缩 struct maple_tree commit
- 优化mas_store()的快速路径(fast path) commit, commit, commit, commit
- Rust:升级到Rust1.71.1 commit
- treewide: 删除 CONFIG_EMBEDDED commit
- compiler_types:引入Clang __preserve_most函数属性 commit
- list: 引入 CONFIG_LIST_HARDENED commit
- tools/nolibc
- 增加 pipe(), pipe2() 和测试case commit, commit
- 添加一个新的系统调用助手(syscall helper) commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- scripts/gdb:添加GDB内存助手命令(memory helper commands) commit, commit, commit, commit, commit, commit, commit, commit
- RCU:任务 RCU(Tasks RCU)更新 commit, commit, commit, commit, commit, commit
- kbuild:默认启用-Wenum-conversion commit
- VFS:引入FSCONFIG_CMD_CREATE_EXCL,这将允许用户空间实现类似于mount -t ext4 --exclusive /dev/sda /B的操作,如果请求的文件系统的超级块已经存在,则该操作会失败 commit, commit, commit, commit
- VFS:在符号链接上阻塞模式更改( Block mode changes) commit
3. File systems
F2FS和ext4无更新,其他不关注
4. Memory management
- 为kmalloc()提供随机化的slab缓存,这是一项可选择的强化特性,可以使堆喷射(heap sprayin)更困难。 commit
- gup:统一hugetlb,提高thp速度 commit, commit, commit, commit, commit, commit, commit, commit
- 从struct page中分离ptdesc commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 添加UFFDIO_POISON,用UFFD模拟内存中毒(simulate memory poisoning) commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 将vma操作移出文件映射锁(file mapping lock)的关键区域并移入mm_struct commit
- Folio conversion
- 为6.6版本做更多的文件系统folio转换 commit, commit, commit, commit, commit, commit, commit
- 对zswap进行后续的folio转换 commit, commit, commit, commit
- 将page_io.c中的若干函数转换为使用folio commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- secretmem:在secretmem_fault()中使用folio commit
- ksm:支持跟踪KSM放置的零页面(zero-pages) commit, commit, commit, commit, commit
- damon/sysfs:添加一个文件,用于有效获取DAMOS试图访问区域的总大小 commit, commit, commit, commit
- 改善在HWPOISON大页面上的hugetlbfs读取 commit, commit, commit, commit
- ksm:添加页面扫描度量 commit
- 在VMA lock下处理大部分文件支持的错误 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 使vma锁定更明显 commit, commit, commit, commit, commit, commit
- 为swap和userfaults提供Per-VMA的锁定支持 commit, commit, commit, commit, commit, commit
- 通过RCU释放回收的页表 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- kfence:在运行时分配kfence_metadata commit
- 将MEMFD_CREATE变为可选择的配置选项 commit
- netfs, fscache:当folio从页面缓存中移除时,停止读取优化 commit, commit
- zswap:支持多个zpools commit
- swap:对于THP_SWAP + 清理,停止在尾页面上使用page->private commit, commit, commit, commit
- 移除_folio_dtor和_folio_order commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- dma-contiguous:支持指定节点的numa CMA commit
- dma-contiguous:支持所有体系结构的per-numa CMA commit
- fs/address_space:为i_map和i_mmap_rwsem添加对齐填充,以减轻假共享的影响 commit
- 新的页表范围API commit,commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- ioremap:将体系结构转换为采用GENERIC_IOREMAP的方式 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 扩展DAMOS过滤器以适用于地址范围和DAMON监视目标 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- proc/ksm:将ksm统计信息添加到/proc/pid/smaps commit
5. Block layer
暂不关注
6. BPF
- 为TC bpf_sk_assign添加SO_REUSEPORT支持 commit, commit, commit, commit, commit, commit, commit, commit, commit
- 在其基础上实现基于fd的 tc BPF附加API(TCX)和BPF link支持Implement an fd-based tc BPF attach API (TCX) and BPF link support on top of it commit, commit, commit, commit, commit, commit, commit, commit
- 添加多重 uprobe 链接 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 在uprobes中支持bpf_get_func_ip辅助函数 commit, commit, commit, commit
- 支持kprobe_multi和perf_event链接的 ->fill_link_info commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 支持来自cpu v4的新指令 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 为bpf_map添加percpu统计信息 commit, commit, commit, commit, commit, commit
- libbpf: 添加netfilter链接绑定到辅助函数 commit, commit, commit, commit, commit, commit, commit
- BPF Refcount followups 2:在bpf_{list,rb}_node结构体中添加’owner’字段,由运行时用来判断在共享所有权场景中是否可以进行除操作。commit, commit, commit, commit, commit
- bpftool: 为tcx实现链接显示支持 commit
- bpftool: 为xdp实现链接显示支持 commit
- libbpf: 添加netfilter链接绑定到辅助函数 commit
- libbpf: 支持kfunc重定位的三重下划线形式(riple-underscore flavors) commit
- 移除BPF事件支持 commit, commit, commit, commit
7. Tracing, perf
- tracing:引入eventfs。这是处理tracefs/events目录的inodes和dentries的代码。由于存在数千个事件,同时每个事件都有若干个inodes和dentries,哪怕从未使用过tracing,它们也会占用宝贵的内存。相反,eventfs将以即时方式(类似于procfs所做的)分配inodes和dentries。commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- tracing/filters:添加了一种更容易使用cpumasks进行过滤的方式:# echo ‘cpumask & CPUS{17-42}’ > /sys/kernel/tracing/events/ipi_send_cpumask/filter。 commit, commit, commit, commit, commit, commit, commit, commit, commit
- tracing:改进BTP支持在probe event上 commit, commit, commit, commit, commit, commit, commit, commit, commit
- 添加一个’perf bench’来测试uprobes + BPF的开销 commit, commit, commit, commit, commit
- Perf tool LTO 支持 commit, commit, commit, commit
- 延迟加载 PMU 数据 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 添加对火狐浏览器的gecko配置文件格式的支持(Firefox’s gecko profile format) commit, commit, commit, commit, commit
- Perf tool:为测试运行添加一个放置内核配置片段的地方 commit
8. Virtualization
- hv/hv_kvp_daemon:Support for keyfile based connection profile commit
- Add VHOST_BACKEND_F_ENABLE_AFTER_DRIVER_OK flag to vdpa backend commit, commit, commit, commit
- virtio_ring: support add premapped buf commit
- xen: privcmd: Add support for irqfd commit
- vfio
- Add IO page table replacement support commit, commit, commit, commit, commit, commit, commit
- Add vfio_device cdev for iommufd support. This extracts the vfio device fd from the container and group model, and is intended to be the native uAPI for use with IOMMUFD commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- pds-vfio-pci driver commit, commit, commit, commit, commit, commit, commit, commit
- Enhance vfio PCI hot reset for vfio cdev device commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
9. Cryptography
- 添加数字签名强制性密钥环限制 commit, commit, commit
- Security
- seccomp:为seccomp_unotify添加同步模式 commit, commit, commit, commit
- ima:当启用UEFI安全引导时,要求签名的IMA策略 commit
- evm:对新的 inodes 每个 LSM xattrs 执行多个 HMAC 操作 commit, commit, commit, commit
- 启用在PowerVM客户机上加载本地和第三方密钥 commit, commit, commit, commit, commit, commit
- selinux:将调试功能移到调试配置中 commit
- selinux:撤销对SECINITSID_INIT的支持 commit
- 添加备用nexthop ID支持commit, commit, commit, commit
- virtio_net:添加每队列中断合并支持 commit, commit, commit
11. Networking
暂不关注
12. Architectures
12.1 ARM
- Device Tree Sources: New SoCs //设备树支持新soc
- TI AM62P5, a variant of the existing Sitara AM62x family commit, commit, commit
- Intel Agilex5, an FPGFA platform that includes an Cortex-A76/A55 SoC commit, commit, commit, commit
- Qualcomm ipq5018 is used in wireless access points commit, commit, commit, commit, commit
- Qualcomm SM4450 (Snapdragon 4 Gen 2) is a new low-end mobile phone platform commit, commit, commit, commit, commit
- 忽略/DTS //dts支持
- rockchip: Add NanoPC T6 commit
- exynos: Add Samsung Galaxy Tab 3 8.0 boards commit
- Facebook Yosemite 4 platform commit, commit
- stm32: lxa-tac: add Linux Automation GmbH TAC commit, commit, commit, commit, commit, commit, commit, commit
- sunxi: Orange Pi Zero 3 DT support commit, commit, commit
- TQMa93xxLA support commit, commit, commit
- Add support for Radxa ROCK 4SE commit, commit
- Add Support for the FriendlyElec NanoPC T6 commit
- dts: qcom: ipq5332: Add common RDP dtsi file commit
- AN400 based Amlogic T7 SoC commit
- sunxi: Orange Pi Zero 3 DT support commit, commit, commit
- qcom: msm8939-samsung-a7: Add initial dts commit, commit
- Add Amlogic A311D2 and Khadas Vim4 Board Support commit, commit, commit, commit
- imx8mp-venice-gw74xx: update to revB PCB commit
- Add initial support for SM7125 and Xiaomi SM7125 platform commit, commit
- 忽略/Add new features and amendments for Nvidia systems commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 忽略/Power: C3: add power domain driver commit, commit, commit, commit
- 忽略/soc: hisilicon: Support HCCS driver on Kunpeng SoC commit, commit, commit
- 忽略/Add MSM8226 OCMEM support plus some extra OCMEM driver fixes commit, commit, commit, commit, commit, commit
- 为RPM处理器/子系统添加专用的设备树节点 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 忽略/oxnas support removal commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 在页面回收/迁移期间支持批量/延迟的tlb射击(tlb shootdown ) commit, commit, commit, commit
- KVM:arm64:NV陷阱转发基础设施 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- BPF部分介绍过/Support BPF cpu v4 instructions for arm64 commit, commit, commit, commit, commit, commit, commit
- sme:首次支持可扩展矩阵扩展 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 忽略(阿里倚天710 PMU相关)Add JSON metrics for Yitian710 DDR commit, commit, commit
- 忽略/phy-rockchip-inno-usb2: add RK3588 support commit, commit, commit, commit, commit, commit, commit
- 忽略/Add support for Qualcomm’s legacy IOMMU v2 commit, commit, commit, commit, commit, commit
- 忽略/MT8188 IOMMU SUPPORT commit, commit, commit, commit, commit, commit, commit
- Introduce SCMI v3.2 PERF Indexing support commit, commit
- 忽略/phy-rockchip-inno-usb2: add RK3588 support commit, commit, commit, commit, commit, commit, commit
- KVM:nv:为HFGxTR/HDFGxTR添加切换支持 commit
- perf //不关注
- vendor events arm64: Update N2 and V2 metrics and events using Arm telemetry repo commit, commit, commit, commit, commit, commit
- vendor events arm64: Add AmpereOne metrics commit
- scripts python: Support syscall name parsing on arm64 commit
- jevents: Add support for Yitian 710 DDR PMU (arm64) aliasing commit
- Arm CMN updates commit, commit, commit
12.2 x86
暂不关注
12.3 DMA engines
暂不关注
12.4 LoongArch
暂不关注
12.5 RISC-V
- (FEATURED) 引入 KASLR(kernel address space layout randomization) commit, commit, commit, commit, commit, commit
- (FEATURED) KCFI(Kernel Control Flow Integrity) 支持 commit, commit, commit, commit, commit, commit, commit
- 为RV64添加支持cpu v4 指令 commit, commit, commit, commit, commit, commit, commit
- KVM RISC-V ONE_REG ISA扩展的改进 commit, commit, commit, commit, commit
- KVM:为主机SATP模式提供UAPI commit
- 增加 KVM_GET_REG_LIST API commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 修复ptrace和导出VLENB commit, commit, commit, commit
- 将bpf trampoline适配到优化的riscv ftrace框架上 commit
- 允许用户空间直接访问perf计数器 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 使用riscv,isa-extensions和riscv,isa-base支持Probe DT扩展 commit, commit, commit, commit, commit, commit, commit, commit, commit, commit, commit
- 使用静态密钥支持PREEMPT_DYNAMIC commit
- 在无内存管理单元(nommu)模式下支持ELF格式的二进制程序 commit, commit, commit
- 在riscv上明确支持在4G以上分配crashkernel commit, commit, commit
- 为AX45MP添加非一致性(non-coherent)DMA支持 commit, commit, commit, commit, commit, commit, commit
- 添加BeagleV Ahead 板支持 commit, commit
- kprobes: 模拟一些指令 commit, commit, commit, commit
12.6 PowerPC
暂不关注
12.7 PA-RISC
暂不关注
12.8 S390
暂不关注
13. Drivers
暂不关注
1426
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
