August 13, 2018

Linux Kernel 4.18 Keeps Things Solid and Secure

iceberg-linux.jpg

linux
Linus Torvalds published the 4.18 kernel on August 12th; the kernel continues to shed old code while keeping an eye on security.

Linus Torvalds published the 4.18 kernel on Sunday, one week later than expected. This has a been a rocky release... and it’s all Android's fault (more or less).

You see, Android systems lack tmpfs, the temporary file systems you usually see hanging off your /tmp directory. In regular Linux systems, a tmpfs is stored in memory and holds data that applications may need to retrieve at short notice or share with other programs. Instead, Android allocates a chunk of memory (called ashmem) that does the same thing. However, a change introduced to ashmem in 4.18-rc7 made the open source version of Android crash. Unfortunately, all this came to light the week before the final release of 4.18 was due. Nine patches later and the problem was still not totally resolved, so Linus decided to roll back the whole thing and wait another week for the things to calm down.

In other news, the kernel is becoming slimmer and more toned. 4.18 is actually 100 thousand lines lighter over its predecessor, 4.17. It is worth remembering that 4.17 had already shed over half a million lines of code and was the lightest in the 4.x series. As more obsolete code gets ditched, the kernel should take up less memory, run more efficiently and be less vulnerable to attacks that takes advantage of crufty old code.

Forward-thinking developers have also been working on a new __kernel_timespec structure. This will help avoid the 2038 problem hitting 32-bit systems. If you haven't heard of this, it is similar to the year 2000 bug in that, at 03:14:07 UTC on 19 January 2038, unpatched machines will think we are back in the 1900s. Airplanes will fall from the sky, power stations will explode, and in a surprise snap referendum that nobody called for, the UK will rejoin the EU. Nonetheless, work continues apace.

Other things to look forward to in kernel 4.18:

  • The 32-bit ARM architecture has gained fixes for Spectre variants 1 and 2, thus protecting a wider variety of devices from being attacked.
  • The Steam Controller HID driver was merged into the kernel. This allows using Valve's Steam Controller as a HID input device without needing to rely upon Steam or the user-space SC-Controller.
  • Finally, something that Linus himself is looking forward to is seeing WireGuard included in the kernel. "Can I just state my love for it and hope it gets merged soon?" gushed Linus, while talking to David Miller, main maintainer of the networking subsystem. WireGuard is a VPN, similar to OpenVPN or IPSec, but much more efficient, according to Linus. In his words, WireGuard is "a work of art," but, unfortunately, it has not made it into the main trunk of this time around. It does remain available as a module, notwithstanding.

You can find out more about kernel 4.18 by reading the release notes themselves, visiting Phoronix or checking the Kernel Newbies report when it becomes available.

Learn more about Linux through the free "Introduction to Linux" course from The Linux Foundation and edX.

Click Here!