In his keynote talk at Collaboration Summit, kernel contributor and LWN Editor Jon Corbet elaborated on the results of the Who Writes Linux report, released today, and gave more insights on where kernel development is headed over the next year, its challenges, and successes. Here are 10 highlights (watch the full video, below):
1. 3.15 was the biggest kernel release ever with 13,722 patches merged. “I imagine we will surpass that again,” Corbet said. “The amount of changes to the kernel is just going up over time.”
2. The number of developers participating is going up over time while the amount of time it takes us to create a kernel is actually dropping over time. It started at 80 days between kernel releases some time ago, and it’s now down to about 63 days. “I don’t know how much shorter we can get,” he said.
3. Developers added seven new system calls to the kernel over the past year, along with new features such as deadline scheduling, control group reworking, multiqueue block layer, and lots of networking improvmenets. That’s in addition to hundreds of new hardware drivers and thousands of bug fixes.
4. Testing is a real challenge for the kernel. Developers are doing better at finding bugs before they affect users or open a security hole. Improved integration testing during the merge window, using the zero day build bot to find problems before they get into the mainline kernel, and new free and proprietary testing tools have improved kernel testing. But there is still room for improvement.
5. Corbet’s own analysis found 115 kernel CVE’s in 2014, or a vulnerability every three days.
6. The kernel has roughly 19 million lines of code, and over 3 million lines haven’t been touched in 10 years. The problem with old, unmaintained code is that it tends to harbor some really old bugs. “We have millions of systems out there running Linux and milions of people relying on security of a system on which the Linux kernel is the base,” Corbet said. “If we’re not going to let those people down, we need to be more serious about security.”
7. The year 2038 problem – the year the t value runs out of bits in the kernel’s existing time format – needs to be fixed sooner rather than later. The core timekeeping code of the kernel was fixed in 2014 – the other layers of the kernel will take more work.
8. The Linux kernel is getting bigger with each version and currently uses 1 MB of memory. That’s too big to support devices built for the Internet of Things. The kernel tinification effort is re-thinking the traditional Linux kernel, for example getting rid of the concept of users and groups in the kernel, but it faces some resistance. “We can’t just count on the dominance of Linux in this area unless we earn it” by addressing the needs of much smaller systems, Corbet said.
9. Live kernel patching is coming to the mainline kernel this year.
10. The kdbus subsystem development – an addition coming in 2015 that will help make distributed computing more secure – has been a model of how kernel development should work.
- Dent Introduces Industry’s First End-to-End Networking Stack Designed for the Modern Distributed Enterprise Edge and Powered by Linux - 2020-12-17
- Open Mainframe Project Welcomes New Project Tessia, HCL Technologies and Red Hat to its Ecosystem - 2020-12-17
- New Open Source Contributor Report from Linux Foundation and Harvard Identifies Motivations and Opportunities for Improving Software Security - 2020-12-08