The rest of the 6.7 merge window

By the time that the 6.7 merge window closed on November 12, 15,418 non-merge changesets had been pulled into the mainline kernel. That makes this one of the busiest merge windows ever; if one discounts the lengthy bcachefs development history (some 2,800 commits), though, then the patch volume is roughly in line with other recent kernels. Over 5,000 of those commits were merged after our first-half merge-window summary was written.

Interesting changes pulled into the mainline during the second half of the 6.7 merge window include:

Architecture-specific

• The LoongArch architecture has gained support for virtualization with KVM. There is a bit of information in this documentation commit.
• KVM on RISC-V now supports the Smstateen extension, which is intended to prevent virtual machines from using registers unknown to the hypervisor (as a result of being added by an extension the hypervisor does not support) as covert channels. KVM on RISC-V also now allows the use of the Zicond extension (adding some conditional integer operations) in guests.
• It is now possible for a KVM guest on x86 systems to have up to 4,096 virtual CPUs; the maximum is now set with a kernel configuration option.
• RISC-V has gained support for LLVM-based shadow call stack protection. Clang 17 or later is needed to enable this option.

Core kernel

• Kernel samepage merging (KSM) tries merge anonymous pages that hold the same contents to improve memory utilization. By its nature, it ends up repeatedly scanning the pages that it has failed to merge, wasting CPU time. A new "smart scan" mode tracks the pages that were unsuccessfully scanned and causes future scans to happen at a reduced frequency. Smart scanning is disabled enabled by default; there is a new sysctl knob (/sys/kernel/mm/ksm/smart_scan) that can be used to query or change its state. Some documentation can be found in this commit.
• The new PAGEMAP_SCAN ioctl() command, available with userfaultfd() file descriptors, can be used to detect writes to a range of memory. It is useful for certain gaming anti-cheat techniques and for CRIU. See this article and this documentation commit for more information.

Filesystems and block I/O

• The Ceph filesystem has gained support for ID-mapped mounts.

Hardware support

• GPIO and pin control: Nuvoton NPCM8XX pin controllers, Realtek DHC 1315E, DHC 1319D, and DHC 1619B pin controllers, and Amlogic T7 SoC pin controllers.
• Industrial I/O: Microchip MCP39xx, MCP246x, and MCP356x analog-to-digital converters, Linear Technology LTC2309 analog-to-digital converters, Kionix KX132-1211 accelerometers, and ROHM BM1390 pressure sensors.
• Media: Nuvoton NPCM video capture/encode engines, Digiteq Automotive MGB4 grabber cards, and onsemi MT9M114 sensors.
• Miscellaneous: Renesas R-Car Gen4 PCIe controllers, Xilinx DMA PL PCIe host bridges, Kinetic KTD2026/7 RGB/white LED controllers, Qualcomm SDX75 interconnect providers, Espressif ESP32 UARTs, Espressif ESP32 USB ACM gadget controllers, and SigmaStar SSD202D realtime clocks.
• Sound: Starfive JH7110 PWM-DAC digital-to-analog converters, Richtek RTQ9128 45W digital input amplifiers, Awinic aw87390 and aw88399 amplifiers, and AMD ACP6.3 audio platforms.
• USB: Realtek DWC3 controllers, Intel La Jolla Cove USB adapters, and NXP PTN36502 Type-C redrivers.

Miscellaneous

• See this merge message for the long list of new features and enhancements to the perf tool in 6.7.

Security-related

• The Landlock security module has gained the ability to control network connections. See this commit message and this documentation patch for a bit more information.
• The AppArmor security module can now control access to io_uring and the creation of user namespaces; this feature was merged with no documentation.
• The kernel has gained a new API for virtual-machine attestation. See this changelog for some more information.

Internal kernel changes

• The memory-management's shrinker mechanism has been reworked to eliminate some locking overhead and reduce contention. Shrinkers are now all allocated dynamically, and some common operations have been made lockless.
• After some setbacks, the work to improve the reliability and performance of printk() is back. The biggest change merged for 6.7 is a new per-console locking scheme that allows for high-priority messages (a panic, for example) to take over console output from a lower-priority message.
• The build system will now build perf BPF programs by default if a suitable version of Clang is available.
• The old videobuf layer, long the way of managing frame buffers in the media subsystem, has been removed. Drivers should have moved to videobuf2 years ago.
• The MAINTAINERS file has been updated to reflect the fact that a number of kernel mailing lists have moved off lists.linux-foundation.org and onto lists.linux.dev. The old list addresses work for now but may eventually stop working, so it would be wise to update address books and such to match the new reality.

If this were a normal nine-week development cycle, the final 6.7 release would happen on December 31. Past history suggests, though, that it is unlikely that Linus Torvalds will choose to release the kernel then, when so many developers are away from their keyboards. So a more realistic release date is January 7, 2024. Before then, though, there will surely be a lot of bugs to find and fix, as usual.

Index entries for this article
Kernel	Releases/6.7

---

to post comments