The release of Linux kernel version 6.10 is a fact and comes with various performance, security and hardware compatibility improvements. Chief among these include the arrival of a new memory sealing system call, improved encryption capabilities and expanded support for the Rust programming language, especially for RISC-V architectures.
The new mseal() system call is to prevent changes to certain parts of the virtual address space used by programs or processes while running. This took some doing, as certainly not everyone in the Linux community saw this as a good idea. At first, this feature is primarily to strengthen sandboxing in Google Chrome further and protect users of this browser from malicious content.
In addition, the kernel now supports encrypted interactions with Trusted Platform Modules (TPMs). This improves its protection against external, unwanted spying eyes and packet alteration attacks. The Landlock security module is also upgraded. It can now apply policy rules to ioctl() calls (input/output control system call) to limit misuse.
Performance improvements and new subsystems
Performance improvements continue to be at the forefront of Linux 6.10. Thanks to optimizations for the AVX-512 and VAES instruction sets, AES-XTS encryption gets a speed boost on recent Intel and AMD CPUs. The advent of a memory-allocation profiling subsystem should help developers refine memory usage and identify leaks more efficiently.
Network improvements include better performance for zero-copy send operations with io_uring (I/O interface). Also, there is now the ability to bundle multiple buffers for send/receive operations.
Hardware support and Rust integration
With this new kernel, Linux aims to provide support for upcoming CPUs, GPUs, NPUs and Wi-Fi hardware. The kernel extends support for the Rust programming language to RISC-V architectures, includes Rust 1.78 and adds Rust abstractions for more efficient time management.
The new ‘Panthor’ DRM driver supports newer ARM Mali/Immortalis GPUs. DisplayPort/eDP support is available for the Qualcomm Snapdragon X Elite chipset. This all means Linux increases compatibility with contemporary devices.
Tip: Why the Rust programming language keeps getting more popular
Crypto statistics no longer measurable
Other updates include improved support for Intel Core and AMD Ryzen laptops, Power over Ethernet configuration, and improved Firewire IEEE-1394 support. The kernel also removes the ability to measure cryptographic usage statistics, meaning that it no longer collects statistics related to cryptographic processes.
The reason is that it has almost never been used and is also harmful because of the burden it places on system performance. The full list of improvements can be found here.
Also read: OpenELA automates enterprise Linux source delivery