In association with heise online


Introduced in 2.6.39, the kernel's ipset support has been improved to provide filter information that grants simpler and more flexible access to the tables that are consulted by the firewall code. For instance, addresses and interface names can now be submitted in pairs with their own names, which is interesting for egress and ingress filtering tasks; furthermore, the kernel can now automatically convert any addresses that have been submitted as an IP range to the correct subnet definitions.

Classified as experimental and disabled by default, the zero-copy TX support for macvtap and vhost-net will improve network performance in virtualised environments, as it eliminates the copying of network packets that are leaving KVM guest systems. In vhost-net, however, the support is classified as experimental and must be enabled via the experimental_zcopytx module option.

In brief

  • Various improvements to the BATMAN-adv (Better Approach To Mobile Ad-Hoc Networking - Advanced) mesh implementation are designed to enhance performance, improve the announcement of clients and optimise the kernel's roaming support.
  • The mac80211_hwsim Wi-Fi 802.11 radio simulator now offers interfaces that allow userspace programs such as wmediumd to handle the sending and receiving of network packets.
  • From Linux 3.1, Broadcom's bnx2x NetXtreme II driver will support the so-called "Warpcore" connection mode on the 578xx chipsets.
  • The networking code is being extended to include a subsystem for Near Field Communication (NFC), a technology that is used by many contactless payment systems (documentation, 1, 2, 3, 4).
  • The network stack now offers a "fan-out" function that distributes captured packets to different sockets via AF_PACKET; this is relevant for userland traffic analysis tools such as Suricata (1, 2, 3).
  • Various further changes to the network subsystem can be found in the next section and in the main git-pull request submitted by the subsystem maintainer, David Miller (1, 2, 3).

Minor gems

Many further minor, but by no means insignificant, changes can be found in the list below, which contains the commit headers referring to the respective change. Like many of the references in the text above, the links point to the relevant commit in the web front end of the Git branch for the "official" kernel sources maintained by Linus Torvalds at The commit comments available at these links and the patches themselves provide extensive further information on the respective changes.

Every link is preceded by various letters and numbers in square brackets. The letter "C" identifies patches that modify Kconfig files, which contain the help texts and configuration options displayed by "make menuconfig", "make xconfig" and similar tools during kernel configuration. "D" is used for patches that modify the documentation available under Documentation/ in the kernel branch. "N" identifies changes which create a new file. The numbers provide a rough idea of the patch size: For instance, "1" is used for changes between 10 and 20 KBytes including comment, "2" for patches between 20 and 30 KBytes; changes without a number are less than 10 KBytes, while patches marked "9" are 90 KBytes or more.




For other articles on Linux 3.1 and links to the rest of the "Coming in 3.1" series, see The H's Kernel Log Linux 3.1 Tracking page. New editions of Kernel Logs are also mentioned on and Twitter by @kernellog2. The Kernel Log author also posts updates about various topics on and Twitter as @kernellogauthor.

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit