News Archive (1999-2012) | 2013-current at LinuxGizmos | Current Tech News Portal |    About   

Linux 2.6.39 assists firewalls, speeds up Ext4

May 19, 2011 — by Eric Brown — from the LinuxDevices Archive — views

The final Linux 2.6.39 kernel was released with a fairly modest feature set, led by a new IPset technology for simplifying firewall deployment. Other major features include Ext4 performance and scalability improvements, a media controller subsystem for video acquisition, a block plugging overhaul for fast storage I/O, and support for the latest AMD “Cayman” Radeon graphics.

Linus Torvalds (pictured) announced the 2.6.39 release with some doubts as to whether he should have issued another RC release instead. A scheduling conflict — caused by the fact that the Linux creator and overseer is wanted for a keynote at LinuxCon Japan on June 1-3 — forced him to push the new kernel out the door without merging more code. The deciding factor, he writes, is that this kernel release window has been "fairly 'easy'."

Linux 2.6.39 is a modest release compared to the mid-March Linux 2.6.38, which featured an overhaul of the Virtual File System and a performance enhancing "automatic process grouping" patch, among other improvements. That release may have also seen a major power regression leading to higher power consumption, according to Phoronix benchmarks in April.

IPset helps firewalls more quickly block intruders

By the estimation of Thorsten Leemhuis, writing his usual kernel release summary for The H, and Jonathan Corbet, executive editor of, the biggest 2.6.39 change is the implementation of the latest version of the IP set (or IPset) command line networking technology. Long in development, the enhanced IPset code "simplifies the implementation, maintenance, and operation of firewalls," explains Leemhuis.

IPset generates tables of IP addresses or TCP/UDP ports in memory, enabling firewall code to quickly block any suspicious addresses, writes Leemhuis. In addition, the kernel can now block these tables much faster than when using the previous method of checking a comparable set of IPtables rules, says the story.

Block plugging enhanced for fast storage

Another major improvement is an overhaul of the block subsystem for managing file storage. According to Linus Torvalds in an earlier 2.6.39 RC announcement, the new model "makes plugging a per-thread thing and cleaned up the code considerably. It also avoids lots of locking in a very hot path, and should generally be a really good idea."

As the block-plugging overhaul's chief architect Jens Axboe explained in a story last month, the new block device plugging model should improve performance in storage I/O requests. The model allows "a buildup of requests to better utilize the hardware and to allow merging of sequential requests into one single larger request," wrote Axboe. Writing or reading bigger chunks of data at once can improve  scalability and increase bandwidth, especially with the latest, fastest storage media, he added.

Ext4 and KVM improvements, plus video acquisition help

Despite a rough start, Ext4 has now pretty much cemented itself as the king of Linux file systems, and it's improving in every release. By default, Ext4 will now use the "Multiple Page-IO Submissions" option, which should considerably improve performance and scalability on large systems, explains Leemhuis.

Other file-system improvements include Batch Discard enhancements to the still experimental Btrfs file system, and a new Pstore file system designed to diagnose system crashes.

The KVM (kernel-based virtual machine) virtualization technology now handles the asynchronous processing of page faults, writes Leenhuis. Other KVM enhancements, are said to include improved interrupt handling.'s Corbet meanwhile, points to a new media controller subsystem designed to keep up with the latest video acquisition hardware. Modern application processors, such as Texas Instruments' OMAP3430, have added functionality for video acquisition technology — such as multiple video inputs, a white balance processor, a lens shading compensation processor, and a resizer — that the kernel has yet to fully address, explains Corbet.

The media controller subsystem is said to create a new "media_device" type. The device type manages the increasing number of complex components that are found in modern video acquisition hardware, Corbet adds.

Updated AMD Radeon and USB 3.0 drivers

The AMD Radeon drivers now support the Cayman family of graphics chips found in the latest Radeon HD 6790 to 6970 cards, writes Leemhuis. Meanwhile, the Nouveau driver for Nvidia graphics processing units (GPUs) is now said to support Z compression. Among many other driver enhancements the Linux 2.6.39 USB code is now said to support USB 3.0 hubs.

Looking ahead at 2.6.40

The upcoming Linux 2.6.40 is not necessarily a major release just because it departs the 2.6.3x string. However, it will feature at least one key improvement by way of a host of Wi-Fi related changes, reports Leemhuis. These are said to include support for new Marvell and Realtek Wi-Fi chips.

Other projects that are likely to make it into Linux 2.6.40 include a just-in-time JIT compiler incorporated into "netfilter" code — described by Corbet here — expected to accelerate the packet filter. Linux 2.6.40 may also see the first support for the graphics cores of Intel's 22nm Ivy Bridge Core processors.

This article was originally published on and has been donated to the open source community by QuinStreet Inc. Please visit for up-to-date news and articles about Linux and open source.

Comments are closed.