Linux 5.14 is set to bolster security for future enterprise apps – TechCrunch

Linux is set for a big release this Sunday, August 29, paving the way for enterprise and cloud applications for months to come. The 5.14 kernel update will include security and performance improvements.

An area of ​​particular concern for businesses and cloud users is always security and to that end Linux 5.14 will help with several new features. Mike McGrath, vice president, Linux Engineering at Red Hat, told TechCrunch that the kernel update includes a feature known as baseline scheduling, which is intended to help mitigate CPU-level vulnerabilities like Specter and Meltdown, which first surfaced in 2018. What Linux users have had to mitigate these vulnerabilities for is by disabling hyper-threading on processors and thus reducing performance.

“Specifically, the feature allows trusted and untrusted tasks to be split so they don’t share a core, limiting the overall threat surface while keeping cloud-scale performance relatively unchanged,” McGrath explained.

Another area of ​​security innovation in Linux 5.14 is a feature that’s been in development for over a year and a half that will help protect system memory better than before. Attacks against Linux and other operating systems often target memory as the primary attack surface to exploit. Along with the new kernel, there is a feature known as memfd_secret() that will allow an application running on a Linux system to create a memory range inaccessible to anyone, including the kernel.

“This means that cryptographic keys, sensitive data and other secrets can be stored there to limit exposure to other users or system activity,” McGrath said.

At the heart of the open-source Linux operating system that powers much of the cloud and enterprise application delivery is what is known as the Linux kernel. The kernel is the component that provides basic functionality for system operations.

Linux kernel version 5.14 has gone through seven release candidates in the past two months and has contributions from 1,650 different developers. Those who contribute to Linux kernel development include individual contributors, as well as major vendors like Intel, AMD, IBM, Oracle, and Samsung. IBM’s Red Hat business unit is one of the largest contributors to any given version of the Linux kernel. IBM acquired Red Hat for $34 billion in a deal struck in 2019.

“As with almost all kernel releases, we see some very innovative features in 5.14,” McGrath said.

Although Linux 5.14 is coming soon, it often takes time for it to be adopted in enterprise versions. McGrath said that Linux 5.14 will first appear in Red Hat’s Fedora Community Linux distribution and will be part of the future release of Red Hat Enterprise Linux 9. Gerald Pfeifer, CTO of enterprise Linux vendor SUSE, said told TechCrunch that his company’s openSUSE Tumbleweed community build will likely include the Linux 5.14 kernel within “days” of the official release. On the enterprise side, he noted that SUSE Linux Enterprise 15 SP4, due next spring, is expected to ship with kernel 5.14.

The new Linux update follows a milestone for the open-source operating system, as 30 years ago last Wednesday, creator Linus Torvalds (pictured above) publicly announced the effort for the first time. During this time, Linux has evolved from a hobbyist effort to powering the infrastructure of the Internet.

McGrath commented that Linux is already the backbone of the modern cloud and Red Hat is also excited about how Linux will be the backbone of edge computing – not just in telecommunications, but broadly across all industries, from manufacturing and healthcare to entertainment and service providers, in the years to come.

The longevity and continued importance of Linux for the next 30 years is assured according to Pfeifer. He noted that over the decades, Linux and open source have opened up unprecedented potential for innovation, associated with openness and independence.

“Will Linux, the kernel, still be the leader in 30 years? I do not know. Will it be relevant? Absolutely,” he said. “Many of the approaches we have created and developed will still be pillars of technological progress 30 years from now. Of that I am sure.