Linux 5.14 set to boost future enterprise application security – TechCrunch

by Joseph K. Clark

Linux is set for a big release this Sunday, August 29, setting the stage for enterprise and cloud applications for months. The 5.14 kernel update will include security and performance improvements. A particular area of interest for enterprise and cloud users is always security, and to that end, Linux 5.14 will help with several new capabilities. Mike McGrath, vice president of Linux Engineering at Red Hat, told TechCrunch that the kernel update includes a feature known as core scheduling, which is intended to help mitigate processor-level vulnerabilities like Spectre and Meltdown, which first surfaced in 2018. One of the ways that Linux users have had to reduce those vulnerabilities is by disabling hyper-threading on CPUs and therefore taking a performance hit. “More specifically, the feature helps to split trusted and untrusted tasks so they don’t share a core, limiting the overall threat surface while keeping cloud-scale performance relatively unchanged,” McGrath explained.

Another area of security innovation in Linux 5.14 is a feature that has been in development for over a year and a half that will help protect system memory better. Attacks against Linux and other operating systems often target memory as a primary attack surface to exploit. With the new kernel, a capability known as memfd_secret () will enable an application running on a Linux system to create a memory range inaccessible to anyone else, including the kernel. This means cryptographic keys, sensitive data, and other secrets can be stored there to limit exposure to other users or system activities,” McGrath said. At the heart of the open-source Linux operating system that powers much of the cloud and enterprise application delivery is what is known as the Linux kernel. The kernel is the component that provides the core functionality for system operations. 


The Linux 5.14 kernel release has gone through seven release candidates over the last two months and benefits from the contributions of 1,650 different developers. Those contributing to Linux kernel development include individual contributors and prominent vendors like Intel, AMD, IBM, Oracle, and Samsung. IBM’s Red Hat business unit is one of the most significant contributors to any Linux kernel release. IBM acquired Red Hat for $34 billion in a deal that closed in 2019.

“As with pretty much every kernel release, we see some very innovative capabilities in 5.14,” McGrath said. While Linux 5.14 will be out soon, adopting it inside enterprise releases often takes time. McGrath noted that Linux 5.14 would first appear in Red Hat’s Fedora community Linux distribution and be part of the future Red Hat Enterprise Linux 9 release. Gerald Pfeifer, CTO for enterprise Linux vendor SUSE, told TechCrunch that his openSUSE Tumbleweed community release would likely include the Linux 5.14 kernel within ‘days’ of the official release. On the enterprise side, he noted that SUSE Linux Enterprise 15 SP4, due next spring, is scheduled to come with Kernel 5.14. 

The new Linux update follows a significant milestone for the open-source operating system. This past Wednesday, it was 30 years ago that creator Linus Torvalds (pictured above) publicly announced the effort. Over that time, Linux has gone from being a hobbyist effort to powering the internet’s infrastructure.

McGrath commented that Linux is already the backbone for the modern cloud, and Red Hat is also excited about how Linux will be the backbone for edge computing – not just within telecommunications but broadly across all industries, from manufacturing and healthcare to entertainment and service providers, in the years to come.

The longevity and continued importance of Linux for the next 30 years is assured in Pfeifer’s view. He noted that Linux and open source have opened up the unprecedented potential for innovation and openness and independence over the decades.

“Will Linux, the kernel, still be the leader in 30 years? I don’t know. Will it be relevant? Absolutely,” he said. “Many approaches we have created and developed will still be pillars of technological progress 30 years from now. Of that, I am certain.”

Related Posts