SMB 1.0 also deemed better out than in, as TLS makes it into the kernel
Linus Torvalds has released Linux 4.13 to a waiting world and in so doing detailed a tricky work week in which he endured “seven hours of pure agony due to a kidney stone”.
“I’m all good, but it sure _felt_ a lot longer than seven hours, ” he wrote on the Linux Kernel Mailing List, “and I don’t even want to imagine what it is for people that have had the experience drag out for longer. Ugh.”
Far happier news is that this release of the Linux Kernel emerged after the seven release candidates to which Torvalds aspires.
The Linux Lord singles out two changes as notable, the first being “changing the default cifs behavior: instead of defaulting to SMB 1.0 (which you really should not use: just google for “stop using SMB1” or similar) , the default cifs mount now defaults to a rather more modern SMB 3.0.” If you follow Torvalds’ instructions the first search result is Microsoft imploring users to bin SMB 1.0 on grounds that it is old, has rubbish security and “its naivete is staggering when viewed though modern eyes.” And so was the naivete of the hordes who left it in place and let the WannaCry and Petya malware exploit it.
The second is changes to the mmu notification layer, which see the OS explain its use of memory so that VMs can understand what resources they can get their hands on. Torvalds writes that during the 4.13 development process developers fixed a “a nasty and not very well documented” feature of Linux’s mmu notifiers, and did so “by getting rid of the problematic notifier and actually removing almost two hundred lines in the process.”
“I love seeing those kinds of fixes. Better, smaller, code.”
Among the other additions in this release are early support for Intel’s forthcoming Cannonlake and Coffeelake architectures and improvements to Thunderbolt support. Kernel-based TLS is another addition.
Torvalds’ announcement post to which we’ve linked above offers the shortlog of changes to this release. He says the full “4.13 log is much too big to post and nobody sane would read it” Prove him wrong if you dare, here in the Linux git tree. ®
Sponsored: Stopping the hackers is all In the maths