Linux 4.11 Improves Security and Performance

Monday May 1st 2017 by Sean Michael Kerner
Share:

The second major Linux kernel release of 2017 is now out.

Linux creator Linus Torvalds officially released the Linux 4.11 kernel on April 30, providing new features that will help improve the performance and storage capabilities of Linux operating systems.

The 4.11 kernel is the second major Linux kernel release of 2017, following the February 19th Linux 4.10 kernel release.

"Shortlog appended for people who want to peruse the details, but it's a mix all over, with about half being drivers (networking dominates, but some sound fixlets too), with the rest being some arch updates, generic networking, and filesystem (nfs[d])fixes," Torvalds wrote in a mailing list message announcing the new kernel.

New Server Features and Capabilities in Linux 4.11

Among the capabilities introduced in Linux 4.11 are improvements to scaling and swapping Solid State Drive (SSDs) for storage. In a kernel commit message, Intel developer Ying Huang wrote that the coming generation of SSD devices have latencies that are down to sub 100 usec, which is within an order of magnitude of DRAM memory. Fast SSDs have many different benefits for Linux.

"For example, cloud providers who overcommit their memory, as VMs don't use all the memory provisioned," Huang wrote. "Having a fast swap will allow them to be more aggressive in memory overcommit and fit more VMs to a platform."

With the new Linux 4.11 kernel patch for SSD swapping, Huang stated that the median page fault latency was reduced by 375 percent from 15 usec to 4 usec for DRAM-based block devices.

Linux 4.11 also introduces support for the Shared Memory Communications-RDMA(SMC-R) protocol, which was first publicly defined by IBM in 2015.

"This protocol provides Remote Direct Memory Access (RDMA) communications to TCP endpoints in a manner that is transparent to socket applications," the IETF draft for SMC-R states. "It maintains many of the traditional TCP/IP qualities of service such as filtering that enterprise users demand, as well as TCP socket semantics such as urgent data."

On the security front, Linux 4.11 improves the AppArmor Linux security module, thanks to multiple code commits from Canonical Ubuntu developer John Johansen. Among the AppArmor improvements is support for policy namespaces.

"Having per-policy ns interface files helps with containers restoring policy," Johansen wrote in his commit message.

Sean Michael Kerner is a senior editor at ServerWatch and InternetNews.com. Follow him on Twitter @TechJournalist.

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved