Linux 4.6 Charred Weasel adds USB 3.1 Support
The Linux 4.6 kernel was officially released by Linus Torvalds on May 15, after seven release candidates. The Linux 4.6 kernel follows the Linux 4.5 kernel by 8 weeks and is the third new major milestone Linux kernel released so far in 2016.
Among the big new features in Linux 4.6 is full support for the USB 3.1 protocol, which offers the promise of up to 10 Gbps for USB link speeds. In contrast USB 3 provides 5 Gbps, while USB 2.0 topped out at 480 mbps.
Memory usage in Linux gets a big boost in Linux 4.6 thanks to the Out Of Memory (OOM) killer.
"The OOM killer currently allows to kill only a single task in a good hope that the task will terminate in a reasonable time and frees up its memory," Suse developer Michal Hocko wrote in his kernel commit message. "Such a task (oom victim) will get an access to memory reserves via mark_oom_victim to allow a forward progress should there be a need for additional memory during exit path."
Networking gets a boost in Linux 4.6 with the new Kernel Connection Multiplexor (KCM) technology.
"Kernel Connection Multiplexor (KCM) is a facility that provides a message based interface over TCP for generic application protocols," Linux kernel developer Tom Kerbert wrote in his commit message. "With KCM an application can efficiently send and receive application protocol messages over TCP using datagram sockets."
Networking security is improved in Linux 4.6 by way of support for the 802.1AE MAC-level encryption specification.
"This is an implementation of MACsec/IEEE 802.1AE," Linux kernel developers Sabrina Dubroca wrote. "This driver provides authentication and encryption of traffic in a LAN, typically with GCM-AES-128, and optional replay protection."
Of particular note in Linux 4.6 for security, that has particular relevance for containers, is improved support for cgroup namespaces. Ubuntu developer Serge Hallyn explained that, cgroup namespace provides a mechanism to virtualize the view of the +"/proc/$PID/cgroup" file and cgroup mounts"
"Without cgroup namespace, the "/proc/$PID/cgroup" file shows the complete path of the cgroup of a process. In a container setup where a set of cgroups and namespaces are intended to isolate processes the "/proc/$PID/cgroup" file may leak potential system level information to the isolated processes," Hallyn wrote.
Sean Michael Kerner is a senior editor at LinuxPlanet and InternetNews.com. Follow him on Twitter @TechJournalist