Linux 4.7 Set to Boost Live Patching, Security and Power Management
We're just about at the end of the two week merge cycle for the Linux 4.7 kernel and many of the subsystem maintainers have sent Linus Torvalds their git pull requests.
Jiri Kosina's live patching tree adds some new features to make the technology less architecture specific. There is also the addition of live patching documentation as well. The first live patching code landed back in the Linux 4.0 timeframe and has been incrementally improving ever since.
Rafael Wysocki's sent Torvalds a long list of power management updates to be included in Linux 4.7 including:
Stable-candidate cpuidle fix to make it check the right variable
when deciding whether or not to enable interrupts on the local CPU
so as to avoid enabling iterrupts too early in some cases if the
system has both coupled and per-core idle states (Daniel Lezcano).
- Stable-candidate PM core fix to make it handle failures at the
"late suspend" stage of device suspend consistently for all
devices regardless of whether or not async suspend/resume is
enabled for them (Rafael Wysocki).
- Cleanups in the cpufreq core, the schedutil governor and the
intel_pstate driver (Rafael Wysocki, Pankaj Gupta, Viresh Kumar).
Ingo Molnar sent in a few scheduler fixes and miscellaneous list of x86 fixes including EFI, entry code, pkeys and MPX fixes, TASK_SIZE cleanups and a tsc frequency table fix.
On the security front James Morris sent in his list of security fixes including a new Linux Security Module (LSM)
A new LSM, "LoadPin", from Kees Cook is added, which allows forcing of modules and firmware to be loaded from a specific device (this is from ChromeOS, where the device as a whole is verified cryptographically via dm-verity). This is disabled by default but can be configured to be enabled by default (don't do this if you don't know what you're doing).
As is always the case in any Linux merge window there is always a last minute rush too, so I'd expect to see some other goodness get pulled in before rc1 debuts this Sunday.
Sean Michael Kerner is a senior editor at Linux Planet and InternetNews.com. Follow him on Twitter @TechJournalist