Security

Better in-kernel crypto support
Support for hardware crypto devices
Kernel keyring management

New crypto features
Multi-level security for SELinux
Signed kernel modules, binaries
"Trusted computing" hardware support
Class-based resource management

Certification efforts
A required item for some customers