Linux 6.6 has been released
Summary: This release replaces the CFS process scheduler with a new one called EEVDF, which should provide better latency in general; support for x86 shadow stacks to prevent exploits; support for fs-verity in overlayfs; quotas and xattrs support in tmpfs; more configurable unbound workqueues; faster asynchronous Direct I/O using io_uring; and the first pieces of the XFS online fsck. As always, there are many other features, new drivers, improvements and fixes.
New task scheduler: EEVDF
The task scheduler is the part of the kernel that decides which task should be run next when there are many to pick, its role is critical to achieve good performance and latency. The previous algorithm, called CFS, was merged in Linux 2.6.23
This algorithm is designed to ensure that processes that are not getting the attention they should are automatically picked the next time, while processes that got more than they deserved are "punished". This is done in a clean, algorithmic way, where as CFS used heuristics and tunable knobs to attempt to guess which processes needed more attention. Many of these tunables have been removed. For these reasons, this new scheduler should improve the latency of tasks that would be left behind by CFS while leting other tasks be routinely over-scheduled. For more details, read the LWN article
Recommended LWN article: An EEVDF CPU scheduler for Linux
Recommended paper: Earliest Eligible Virtual Deadline First : A Flexible and Accurate Mechanism for Proportional Share Resource Allocation
Shadow stacks to prevent exploits
After many years of discussions, the Linux kernel has finally add support for Intel's shadow stack
and compares it to the normal stack copy. If the two differ, the processor raises a control protection fault, which can prevent exploits that were attempting to modify the stack. This implementation supports shadow stack on
64 bit kernels only, with support for 32 bit only via IA32 emulation, and only for userspace.
This release also adds support for Clang's control-flow integrity scheme and randomization of the place where the kernel image is placed on boot in the RISC-V architecture.
Recommended LWN article: User-space shadow stacks
Support for fs-verity in overlayfs
This release adds support in overlayfs for using fs-verity to validate lowerdata files by specifying an {{{overlay.verity}}} xattr on the metacopy files. This is primarily motivated by the Composefs usecase, where there will be a read-only EROFS layer that contains redirect into a base data layer which has fs-verity enabled on all files. However, it is also useful in general if you want to ensure that the lowerdata files matches the expected content over time.
For more information, read the Documentation
Quotas and xattrs support in tmpfs
This release adds user and group quotas to tmpfs (project quotas will be added later). It also adds support for user xattrs (security xattrs and POSIX ACLs are alreadys supported) and support for stable directory offsets.
More configurable unbound workqueues
Workqueues are used by other parts of the kernel to defer some work that will be run asynchronously. There are various types, unbound workqueues are work items that are not bound to any specific CPU and they were usually spread inside each NUMA node, which isn't great when many unbound items are created on some modern CPUs (especially arm64) with multiple L3 caches. This release attempts to improve the CPU locality awareness of these items. Unfortunately there exists a pronounced trade-off between locality and utilization necessitating explicit configurations when workqueues are heavily used, thus some configuration knobs are available to achieve the best result for all types of hardware. The default behavior is to soft-affine according to last level cache boundaries. On machines which multiple L3 caches, which are becoming more popular along with chiplet designs, this improves cache locality while not harming work conservation too much.
Recommended LWN article: A pair of workqueue improvements
Documentation: Workqueues: Affinity scopes
Faster asynchronous Direct I/O using io_uring
When using io_uring to do asynchronous direct I/O, this release can improve performance significantly, up to a 37% improvement in throughput/latency for low queue depth IO.
First pieces of XFS online fsck
In order to achieve maximum reliability, XFS is aiming to be able to fix itself without unmounting the file system. This release includes the first infrastructure pieces that will allow this feature in next releases.
For more details, read the XFS online fsck design document