The 5.8 kernel is out
([Kernel] Aug 2, 2020 22:10 UTC (Sun) (corbet))
- Reference: 0000827820
- News link: https://lwn.net/Articles/827820
- Source link:
Linus has [1]released the 5.8 kernel. " So I considered making an rc8 all the way to the last minute, but decided it's not just worth waiting another week when there aren't any big looming worries around. " Headline features in this release include: [2]branch target identification and shadow call stacks for the arm64 architecture, the [3]BPF iterator mechanism, [4]inline encryption support in the block layer, the [5]CAP_PERFMON and [6]CAP_BPF capabilities, a [7]generalized kernel event-notification subsystem , the [8]KCSAN data-race detector, and more. As always, see [9]the KernelNewbies 5.8 page for more information.
[1] https://lwn.net/Articles/827819/
[2] https://lwn.net/Articles/804982/
[3] https://lwn.net/Articles/818714/
[4] https://lwn.net/Articles/797309/
[5] https://lwn.net/Articles/812719/
[6] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a17b53c4a4b5
[7] https://lwn.net/Articles/760714/
[8] https://lwn.net/Articles/816850/
[9] https://kernelnewbies.org/Linux_5.8
[1] https://lwn.net/Articles/827819/
[2] https://lwn.net/Articles/804982/
[3] https://lwn.net/Articles/818714/
[4] https://lwn.net/Articles/797309/
[5] https://lwn.net/Articles/812719/
[6] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a17b53c4a4b5
[7] https://lwn.net/Articles/760714/
[8] https://lwn.net/Articles/816850/
[9] https://kernelnewbies.org/Linux_5.8
The 5.8 kernel is out
I'd a bit disappointed we went with CAP_PERFMON and CAP_BPF instead of modeling these capabilities as file descriptors, i.e., real "capabilities" in the sense of a capability security architecture. I don't like this CAP_* ambient authority stuff. We already have MAC and DAC for files. Why not just apply them to device nodes?
The 5.8 kernel is out
I'd a bit disappointed we went with CAP_PERFMON and CAP_BPF instead of modeling these capabilities as file descriptors, i.e., real "capabilities" in the sense of a capability security architecture. I don't like this CAP_* ambient authority stuff. We already have MAC and DAC for files. Why not just apply them to device nodes?