Linux kernel 6.10 has been officially released.
The latest version of the Linux kernel adds an array of improvements, including a new memory sealing system call, a speed boost for AES-XTS encryption on Intel and AMD CPUs, and expanding Rust language support within the kernel to RISC-V.
Plus, like in all kernel releases, there’s a glut of groundwork to offer “initial support” for upcoming CPUs, GPUs, NPUs, Wi-Fi, and other hardware (that most of us don’t use yet, but require Linux support to be in place for when devices that use them filter out).
Announcing the Linux 6.10 release in an email sent to the Linux Kernel Mailing List (LKML), Linus Torvalds recapped “the final week was perhaps not quote as quiet as the preceding ones, which I don’t love – but it also wasn’t noisy enough to warrant an extra rc.”
Ending to say “the shortlog below [his email] is – as always – just the last week, not some kind of ‘what happened this release‘”.
Don’t worry Linus, I’m about to provide that 😉.
For an overview of what’s new in this release, scroll on!
Linux 6.10 Features & Changes
Linux 6.10 adds (after much gnashing) the mseal() system call to prevent changes being made to portions of the virtual address space. For now, this will mainly benefit Google Chrome, which plans to use it to harden its sandboxing.
Linux 6.10 offers encrypted interactions with trusted platform modules (TPM) to improve security
Work is underway by kernel contributors to allow other apps to benefit, though.
A similarly initially-controversial change merged is a new memory-allocation profiling subsystem. This helps developers fine-tune memory usage and more readily identify memory leaks. An explainer from LWN summarises it well.
Elsewhere, Linux 6.10 offers encrypted interactions with trusted platform modules (TPM) in order to “make the kernel’s use of the TPM reasonably robust in the face of external snooping and packet alteration attacks”.
The documentation for this feature explains: “for every in-kernel operation we use null primary salted HMAC to protect the integrity [and] we use parameter encryption to protect key sealing and parameter decryption to protect key unsealing and random number generation.”
Sticking with security, the Linux kernel’s Landlock security module can now apply policies to ioctl() calls (Input/Output Control), restricting potential misuse and improving overall system security.
On the networking side there’s significant performance improvements to zero-copy send operations using io_uring, and the newly-added ability to “bundle” multiple buffers for send and receive operations also offers an uptick in performance.
Improved Hardware Support in Linux 6.10
I’m choosing to skip the usual “…and another basic feature to support a next-next-gen GPU/CPU model has been added” since, rather like saying “another brick is in place to help complete the wall” — for hardware not currently on the market, that’s not that interesting.
For me, new and improved support in the Linux kernel for hardware people own and use, are considering purchasing, or is due to be released in the next few months is more interesting to hear about — as you’d expect: Linux kernel 6.10 includes plenty on this front.
ASUS ROG 2024 series and the Lenovo ThinkPad 13X now have working sound via the Cirrus cs35l41 driver; the Microsoft Surface driver adds fan profile switching and, on the Pro, thermal sensor reporting; while the ThinkPad ACPI driver picks up TrackPoint double-tap support.
Owners of the ARM-powered Acer Aspire 1 (a114-61) from 2021 will be pleased to hear that Linux 6.10 offers near-complete support for the laptop. A new custom EC driver delivers reliable battery charging/reporting, USB Type-C video out, and lid-closed detection.
Lots of newer laptops come with an Intel IPU and MIPI camera sensor in order to provide better low-light performance, high resolution, and faster frame rates in webcams. Alas, the Linux kernel has, thanks to a lack of Intel effort, not had a robust IPU6 driver.
Proper Intel IPU6 camera drivers are included, fixing webcam issues
Well, Linux kernel 6.10 now includes a proper Intel IPU6 driver. It’s reported to work like a champ with 6th-gen Intel IPUs used by scores of Tiger Lake and newer laptops.
Linux’s hardware monitoring (HWMON) subsystem can glean data from more devices, including NZXT Kraken 2023/Elite CPU coolers, AquaComputers Octo flow sensor thingies, and Dell Precision 7540 and G5 5505 laptops.
To power-down this section, a sizeable set of Intel and AMD P-State CPU frequency scaling updates feature in Linux 6.10. The Intel driver improved handling of disabled ‘turbo’ boost functionality, while the AMD driver improves performance for Zen 2/Threadripper.
On the ARM side, the MediaTek CPUfreq driver adds support for the MT7988A (Filogic 880) SoC, as used in the popular Banana Pi BPI-R4 OpenWRT router board.
Gaming Improvements in Linux 6.10
Gaming wise, the well-regarded $60 Machenike G5 Pro wireless controller — which, among other features, has hall effect joysticks. Having switched to a controller with them, I’d never go back to something without — is now supported by the mainline kernel.
Linux 6.10 also intros support for the IMU motion sensors on the Steam Deck (accelerometer and gyroscope), and expands HID coverage for the ASUS ROG Ally and ASUS ROG Z13 (including the former’s QAM button, and the light-bar on the latter).
And amidst an array of ARM-powered devices to gain support in the mainline Linux kernel is GameForce Chi, a cheap n’ cheerful landscape handheld for retro-game emulation.
While the community around the GameForce Chi isn’t as large as that of similar devices from the likes of Anbernic, the pocketable is powered by the same Rockchip RK3326 chip, and its retro-styled case comes in a variety of bold colours.
Other changes in Linux 6.10
A couple of months ago Canonical announced Ubuntu support for the RISC-V Milk-V Mars single-board computer. Linux 6.10 mainlines support for the Milk-V Mars, which will make that effort a lot more viable (especially with the Ubuntu 24.10 kernel likely to be v6.10 or newer).
Others RISC-V improvements abound in Linux 6.10, including support for the Rust language, boot image compression in BZ2, LZ4, LZMA, LZO, and Zstandard (instead of only Gzip); and newer AMD GPUs thanks to kernel-mode FPU support in RISC-V.
Aside from the things mentioned above, Linux 6.10 also includes:
- New ‘Panthor’ DRM driver for newer ARM Mali/Immortalis GPUs
- DisplayPort/eDP support for Qualcomm Snapdragon X Elite
- CPUFreq pressure feedback added to kernel scheduler
- Support for Zone Write Plugging (ZWP)
- Support for configuring Power over Ethernet (PoE)
- EROFS filesystem gains Zstandard compression support
- FUSE subsystem adds integrity protection with fs-verity
- Assorted bcachefs improvements
- Improved Firewire IEEE-1394 support
- Rust language updated to v1.78.0
- Rust abstractions for time handling now included
- Crypto usage statistics feature removed from the kernel
Obviously there’s a lot more packed into this kernel release than highlights I’ve pulled out. The folks at LWN recap the first half of the 6.10 merge window, and the second half. Together, those posts give a rich overview of almost everything new in Linux 6.10.
Getting Linux Kernel 6.10
Chances are you want to install Linux kernel 6.10. If you’re adept at compiling code, you can download the latest kernel source.
Ubuntu users wanting the latest Linux kernel will need to do their homework
Don’t want to compile your own kernel? Don’t blame you; wait for your Linux distribution to package this update for you. When will that be? It varies from distro to distro.
Ubuntu LTS users do get new Linux kernel updates, but these kernels are back-ports from newer Ubuntu releases. So for 24.04, there won’t be a new HWE kernel until Ubuntu 24.10 is released.
On the flip, users of the Ubuntu-based Pop!_OS do get the latest Linux kernel (barring snafus and hiccups) as a software update a few weeks after they’re publicly released. This is because System76 package them – they don’t come from Canonical/Ubuntu.
As other Linux blogs often mention, Ubuntu users can use mainline kernel builds packaged by Canonical. These aren’t intended for regular users: they’re not signed, may fail to boot, don’t receive security updates, and can lack Ubuntu-specific patches/fixes.
But lots of impatient folks do run these, many without issue. If there’s a feature or fix in Linux 6.10 you can’t wait for, those pre-packaged DEBs are an option — use ’em at your own risk.