6 Linux Kernel Changes IT Pros Need To Know
The 4.7 Linux kernel includes enhancements to security, automated testing prior to release, and an average 7.8 additions per hour over 10 weeks of development. Here is a look at what IT pros need to know about the OS that powers everything from mobile devices to servers and supercomputers.
9 Tech Giants Embracing The Open Source Revolution
9 Tech Giants Embracing The Open Source Revolution (Click image for larger view and slideshow.)
Linux is everywhere -- from Android smartphones and tablets to corporate servers and supercomputers. Most, if not all, IT professionals touch Linux, which turned 25 this month, in one way or another. And the reach of the open source OS is expanding.
According to a statement from the Linux Foundation, 13,500 developers from more than 1,300 companies have contributed to the Linux kernel since 2005. Even better, according to the statement, a growing number of developers are being paid for their work because Linux kernel development has proven to be an increasingly valuable skill sought by employers, "ensuring experienced kernel developers do not stay unpaid for long."
In fact, the foundation's 2016 Open Source Jobs Report finds 87% of hiring managers say it's difficult to find open source talent, and 79% have even increased incentives to hold onto their current open source professionals. The report, conducted in partnership with job-search site Dice, surveyed 400 hiring managers who said they have hired at least one open source professional in the last year or have plans to hire open source professionals in 2016. The report also includes survey responses from 4,500 open source professionals.
For IT professionals, it makes sense to stay up to date on the operating system for day-to-day work as well as for future career development. According to a Linux kernel report, Linux Kernel Development: How Fast It Is Going, Who Is Doing It, What They Are Doing And Who Is Sponsoring The Work, published earlier this month, more than 3 million lines of code have been added to the Linux kernel in the last 15 months.
Here are six things IT pros need to know about the modern Linux kernel and how it's keeping Linux applications stable and protected:
The Kernel Gets 7.8 Patches An Hour
There were nine releases of the Linux kernel between Feb. 8, 2015 and July 24, 2016. During this period, the changes to the kernel, as executed by the Linux Kernel Development process, averaged 7.8 patches per hour over the nine- to 10-week period required for each release. That means Linux, for its current stability and usefulness, remains a system undergoing constant change.
It is the largest software project of its kind to sustain this rate of change over the course of 25 years. It keeps adapting to the times in which it finds itself, adding features, shoring up security, and connecting to new devices. One of the new features is the ability to patch the kernel while the system is running.
Stability In The Face Of Constant Change
There's an art to maintaining the stability of the kernel in the face of such massive and constant change, and the Linux Kernel Process has perfected it. Despite best efforts, a kernel release will have additional bugs disclosed in it and will need updates before the next release is ready. Thus, through a nine- or 10-week period following the release of a new kernel, an update is added at the rate of one per week. The process stops when the next release is made public and the update process shifts its attention to that release.
[See how IBM tried to make an affordable mainframe. Read IBM's LinuxOne Mainframe: What's Old Is New Again.]
The updates, when they occur, are done in such a fashion that both the mainline kernel -- the one being worked on by the Linux community -- and the releases of the kernel are fixed at the same time. The SUSE, Ubuntu, CentOS, Red Hat, and other distributions are drawn from either the mainline kernel or one of its releases, and these kernels are kept in synch through the simultaneous nature of the update process.
Which Releases Get Extended Updates?
Every 12 to 20 months or so, a release is chosen to stay plugged into the update process for a period longer than nine to 10 weeks. Knowing which release is so chosen will give an IT manager an opportunity to adopt a version of Linux that will be updated over a period of two years. The 3.14 release was one such kernel, released on March 30, 2014. The next was 4.4, released on Jan. 10, 2016. The kernel is currently on release 4.7. The next two-year update release will be 4.9.
The Significance Of The Move To 4.0
On April 12, 2015, the kernel moved from 3.19 to 4.0. What was the significant change leading to the renumbering of the kernel? How will you know when another such change is in the offing? The answer is, there was little significance to the move to the 4.0 version over and above any other release.
Linus Torvalds, still the head of the kernel development process, said a long time ago that he wished to avoid another 2.6.39 type of release nomenclature, because the number can't be assimilated at a quick glance and might lead to errors. As 3.19 rolled around, he tested the water on the acceptance at the time of a move to 4.0 and received positive feedback. Besides, he said in a Feb. 12, 2015, blog post, he was "once more close to running out of fingers and toes." The designation 4.0 "was not indicative of anything in particular, beyond the fact that the minor numbers were getting large," said the 2016 Linux Kernel report.
A Renewed Emphasis On Security
Security has come back into focus as a priority. Intel has built memory protection extensions into its latest x86 chips and they're now supported by the kernel. With them, the hardware blocks the execution of outside code in certain memory spaces. Among other things, it prevents many buffer overflow attacks from being able to succeed. The ARM chip has a "privileged execute-never" mechanism, which performs a similar function in that architecture.
"There is also renewed interest in hardening the kernel to prevent attackers from taking over the system even when an exploitable vulnerability is present," the 2016 Linux Kernel report noted. The foundation's Core Infrastructure Initiative, intended to support vulnerable parts of the internet and widely used open source code, is funding work such as the grsecurity project, which includes making the kernel more secure. The project includes enhanced auditing of kernel functions, more process control, and more scrutiny of remote, untrusted connections.
Testing, Testing, And More Testing
Managers of the kernel development process have instituted more automated testing of the code before it gets released. For example, from its initial build and boot, an automated system scrutinized the potential release and, over the 10 weeks of 4.7 development, found 400 bugs, all of which were fixed prior to final release. "There is a developing self-test framework in the kernel that is continually growing in range and capability," said the 2016 Linux Kernel report.
About the Author
You May Also Like