![sean michael kerner beyondcorp sean michael kerner beyondcorp](https://image.itmedia.co.jp/tt/news/2112/17/240_news07.jpg)
While Linux 5.14 will be out soon, it often takes time until it is adopted inside of enterprise releases. “As with pretty much every kernel release, we see some very innovative capabilities in 5.14,” McGrath said. IBM acquired Red Hat for $34 billion in a deal that closed in 2019. One of the largest contributors to any given Linux kernel release is IBM’s Red Hat business unit. Those that contribute to Linux kernel development include individual contributors, as well large vendors like Intel, AMD, IBM, Oracle and Samsung. The Linux 5.14 kernel release has gone through seven release candidates over the last two months and benefits from the contributions of 1,650 different developers. The kernel is the component that provides the core functionality for system operations. “This means cryptographic keys, sensitive data and other secrets can be stored there to limit exposure to other users or system activities,” McGrath said.Īt the heart of the open source Linux operating system that powers much of the cloud and enterprise application delivery is what is known as the Linux kernel. With the new kernel, there is a capability known as memfd_secret () that will enable an application running on a Linux system to create a memory range that is inaccessible to anyone else, including the kernel. Attacks against Linux and other operating systems often target memory as a primary attack surface to exploit. “More specifically, the feature helps to split trusted and untrusted tasks so that they don’t share a core, limiting the overall threat surface while keeping cloud-scale performance relatively unchanged,” McGrath explained.Īnother area of security innovation in Linux 5.14 is a feature that has been in development for over a year-and-a-half that will help to protect system memory in a better way than before. One of the ways that Linux users have had to mitigate those vulnerabilities is by disabling hyper-threading on CPUs and therefore taking a performance hit.
#SEAN MICHAEL KERNER BEYONDCORP UPDATE#
Mike McGrath, vice president, Linux Engineering at Red Hat told TechCrunch that the kernel update includes a feature known as core scheduling, which is intended to help mitigate processor-level vulnerabilities like Spectre and Meltdown, which first surfaced in 2018. The 5.14 kernel update will include security and performance improvements.Ī particular area of interest for both enterprise and cloud users is always security and to that end, Linux 5.14 will help with several new capabilities. Linux is set for a big release this Sunday August 29, setting the stage for enterprise and cloud applications for months to come.