RealTime IT News

Pirate Linux Kernel 2.6.18 Hits

"Ahoy! She's good to go, hoist anchor! Here's some real booty for all you land-lubbers. There's not too many changes, with t'bulk of the patch bein' defconfig updates, but the shortlog at the aft of this here email describes the details if you care, you scurvy dogs." -- Linus "but you can call me Cap'n."

This might not be a typical way to announce the release of a new Linux kernel. But perhaps in the spirit of Talk Like a Pirate Day, Linus Torvalds did just that in a mailing-list posting announcing the release of the 2.6.18 kernel.

The 2.6.18 kernel includes a long list of functional updates and improvements. Perhaps the largest volume of work surrounds improvements to how Linux handles serial ATA (SATA).

SATA is rapidly emerging as a low cost complement in enterprise storage systems in cases where the robustness of Fibre channel is not required.

SELinux also gets some improvements in the new kernel. SELinux was first developed by the NSA as a way to improve security in Linux by introducing mandatory access controls.

New per-packet networking controls called secmark are now in the kernel.

"The main reason for replacing the original controls is that they provided only a rudimentary form of static packet filtering, without utilizing any of the existing infrastructure offered by Netfilter/iptables," kernel developer James Morris wrote in a blog posting when he first proposed the patches.

"They also had a limited set of packet selectors."

Morris explained that the general idea with secmark is now to separate labeling and enforcement.

"Specifically: use iptables to select and label packets, then use SELinux to enforce security policy using these packet labels," Morris wrote.

"This utilizes the expressiveness of iptables rulesets, as well as the flexibility of any its [sic] many matches and targets, and powerful components such as connection tracking."

Beyond just adding new things, 2.6.18 also removes items from the kernel. Devfs, which is a device file system for drivers in Linux, has been removed in favor of udev.

Kernel developer Greg Kroah-Hartman wrote in his blog that the removal of devfs had been on his own to-do list for some time.

"Way back in 2002, Pat Mochel and I floated the idea of a unified driver model at the kernel summit," Kroah- Hartman wrote.

"My goal for it was to be able to solve the persistent device-naming problem that Linux had at the time, which would allow us to remove devfs from the kernel tree.

"A few years ago, udev solved the issue of persistent device naming, but devfs lingered on in the kernel tree, despite my many efforts to remove it."