Comes with support for AMD Secure Encrypted Virtualization

Jan 28, 2018 21:41 GMT  ·  By

As expected, Linus Torvalds announced today the release of the Linux 4.15 kernel series, the first to be fully patched against the Meltdown and Spectre security vulnerabilities.

Linux kernel 4.15 has been in development for the past eight weeks, during which the kernel developers were extremely busy to redesign the kernel against two critical hardware bugs that were publicly disclosed earlier this month and put billions of devices at risk of attacks, dubbed Meltdown and Spectre.

That's right, Linux kernel 4.15 is the first kernel series to be fully patched against the Meltdown and Spectre security vulnerabilities, but only for the x86 and PowerPC (PPC) architectures. If you're using a GNU/Linux distribution with an Intel or AMD processor, chances are it's vulnerable to Meltdown and Spectre.

Of course, the rest of the long-term supported Linux kernel series received patches to mitigate Meltdown and Spectre, but there were so many that we bet users don't even know what to install anymore. But you won't go wrong with the Linux 4.15 kernel, which is coming soon to the stable repositories of your favorite distro.

"It is worth pointing out that it's not like we're "done" with spectre/meltdown. There is more work pending (arm, spectre-v1, misc details), and perhaps equally importantly, to actually get the biggest fix for the indirect branch mitigations, you need not just the kernel updates, you need to have a compiler with support for the "retpoline" indirect branch model," says Linus Torvalds in the mailing list announcement.

Here's what's new in Linux kernel 4.15

Besides the Meltdown and Spectre patches, Linux kernel 4.15 comes with a few interesting things, among which we can mention support for the RISC-V architecture, support for AMD Secure Encrypted Virtualization, as well as support for the User-Mode Instruction Prevention feature on Intel CPUs.

There's also good news for AMD users, as Linux kernel 4.15 greatly improves video support and adds modesetting to the AMDGPU open-source graphics driver for supported AMD Radeon GPUs. Other than that, machines with the SATA Link Power Management feature get better power usage.

Lastly, there's a new cgroupv2-enabled CPU controller for better CPU usage restrictions and a new MAP_SYNC mmap(2) flag, which allows direct writes to the persistent memory managed by various of the supported filesystems. Numerous drivers, filesystems, and architectures were updated as well in this release.

Those eager to install the Linux 4.15 kernel on their Linux-based operating system can download and compile the sources right now from kernel.org or through our web portal, but the rest of the world should wait at least until the first point release (Linux kernel 4.15.1) is out before updating to this series.