Ubuntu kernel 5.4: What’s new with Ubuntu 20.04 LTS

Ubuntu 20.04 LTS has just arrived. The latest LTS comes with a new version of the Linux kernel – 5.4 – which brings a lot of exciting new features, faster boot times, enhanced performance and security. Additionally, the Canonical kernel team ran benchmark tests to validate the performance improvements of the new kernel.

Defining which Linux kernel should be included in a long-term support release of Ubuntu is the essence of the work of the kernel team at Canonical. We are proud to say that we are the only Linux distribution to consistently include the latest stable upstream kernel. Canonical also provides bug fixes and kernel security updates every three weeks to ensure fully functional and secure kernel modules and a great user experience.

Feature highlights in Ubuntu kernel v5.4

This release enhances the kernel lockdown mode from previous Ubuntu releases.  Lockdown is a significant Linux security module which strengthens the boundary between the root user and the kernel, restricting root access to various pieces of kernel functionality. Kernel lockdown can be configured at runtime, boot time or build time. 

5.4 also includes virtio-fs – a high-performance, FUSE-based virtio driver for full OS virtualisation. Virtio-fs allows a virtualised guest to share file systems with the host and mount a directory that has been exported on the host. Although this is already possible via solutions such as NFS or virtio-9P, virtio-fs does this with greater performance and application compatibility.

Fs-verity is a new support layer that file systems can use to detect file tampering, similar to dm-verity. The biggest difference between the two is that fs-verity works on files rather than block devices. Fs-verity is currently supported on ext4 and f2fs file systems. In principle, fs-verity detects accidental (non-malicious) file corruption, but in practice it is also used as a tool to support authentication (detection of malicious modifications).

Other important novelties of the 5.4 kernel are dm-clone, which allows users to clone device mapper targets, the support for new Intel/AMD GPUs and the exfat file system. Additionally, a new haltpoll cpuidle driver and a matching governor greatly improve performance, as they allow remote vCPUs to do guest-side polling for a specified amount of time before halting. Finally, blk-iocost, a new I/O cgroup controller, provides more accurate calculations of the cost of I/O.

Ubuntu kernel v5.4 benchmark results 

The benchmark tests focused on boot time and ssh availability. The tests ran on all available Ubuntu kernel flavours on Ubuntu VMs hosted on AWS, Azure and Google clouds. A kernel flavour is a specific configuration of the kernel, optimised to run in a specific environment. For example, the aws kernel flavour is set to work optimally on the AWS cloud.

The cloud environments used also had different flavours, such as AWS’ c5n.xlarge, a compute-optimized infrastructure or Azure’s Standard_D48_v3 and GCP’s g1-micro, which are general purpose machines. For the generic and low latency kernel flavours, the 5.4 kernel was compared to v4.15 and for the aws, azure and gcp flavours it was benchmarked against v5.3 which was featured in Ubuntu 18.04 LTS.

The tests indicate improvements on the kernel boot time by an average of 2 seconds, total boot time by an average of 3 seconds and ssh availability by an average of 6 seconds. This should improve the overall user experience while using Ubuntu 20.04 LTS.

In the following table you can see an extract of the full benchmark per kernel flavour. An approximate delta range shows the time differences from all cloud flavours used in the benchmark. The values represent the kernel boot time, total boot time and ssh availability time in descending order. All values are in seconds.

Want to know more about the Ubuntu kernel? Read about it on our website.