The first new technology that I would like to outline is called Upstart. I thought it was fitting to outline this feature first because it is integral within the boot process. Without the improvements in Upstart, Ubuntu would not be able to boot as fast as it currently does. Upstart has been used, incrementally, in Ubuntu since version 6.10 but with Ubuntu 9.10 it has made the transition complete. Without going into too much detail, Upstart was designed to replace the aging System-V init system that is commonly found on Linux distributions.
The idea behind Upstart is that modern systems are more dynamic and event-driven, as opposed to static and pre-defined, and the boot process should make use of that. With the previous system, System-V, each service that is started at boot-time was defined an ordered number in which to start. This has worked well enough for many years, but it can cause problems for maintainers as they have to make sure that the boot order of services is globally compatible. For example, networking needs to be enabled before network services are enabled. If these (as a simple example) get out of order, services will not be available as expected after the machine has booted. Upstart takes the simple idea that certain services rely on other services and redefines them into event-driven tasks.
It is very exciting news that Ubuntu has finally completed the transition to Upstart after so many releases. This is a big step toward improving bootup performance on Ubuntu 9.10.
You can read much more about Upstart at http://upstart.ubuntu.com.
Ubuntu has also made another big change to the boot process with XSplash. XSplash is replacing the previous USplash, which was known to cause issues. I have noticed that XSplash seems faster, as well as addressing the compatibility issues caused by its predecessor. I think you’ll also enjoy the new bootup graphic. This is another step towards Ubuntus goal of a ten-second boot process by Ubuntu 10.04, which is due out in April of 2010.
While both Upstart and XSplash contribute to improved boot performance all other changes should be transparent to the end-user. All other boot related services should perform as expected, with no migration or customization on the user’s part.
Linux Kernel: 2.6.31
Ubuntu 9.10 “Karmic Koala” has also upgraded the Linux Kernel to version 2.6.31. This version ships with Kernel Mode Settings enabled for Intel graphics cards as well as some impressive security features. Kernel mode-setting (KMS) shifts responsibility for selecting and setting up the graphics mode from the X window system to the Linux Kernel itself. When X is started, it then detects and uses the mode without any further mode changes. This promises to make booting faster, improves graphical performance and reduces screen flickering.
In regards to security features, Ubuntu 9.10 enables non-exec memory in this latest version of the Linux Kernel. What does this mean? Most modern CPUs protect against executing non-executable memory regions such as heap or stacks, but require that the Linux Kernel use “PAE” addressing. This is known either as Non-eXecute (NX) or eXecute-Disable (XD). This is the default for 64bit and generic-pae kernels and this protection reduces the areas an attacker can use to perform arbitrary code execution. The protection is now partially emulated on 32-bit kernels without PAE starting in Ubuntu 9.10.
In addition, Ubuntu 9.10 has also made it possible to disable the loading of any additional kernel modules once the system is running. This adds yet another layer of protections against attackers loading kernel rootkits. This feature can be enabled by setting the value of /proc/sys/kernel/modules_disabled to 1.
With these security and performance additions in the 2.6.31 version of the Linux Kernel, Ubuntu promises to become a better contender on both the Desktop and the Server environments!
The previous version of Ubuntu, version 9.04, offered the ext4 filesystem as an option, but not as a default. After six-months of testing and stabilization I am also happy to announce that ext4 will be enabled by default in Ubuntu 9.10.
I have been very happy with the ext4 filesystem. I have seen impressive speed improvements over ext3, and now use ext4 on each of my systems that supports it. Again, another impressive step toward a faster and more performance-driven Ubuntu experience.
The AppArmor system in Ubuntu 9.10 features an improved parser engine that uses cache files. This greatly improves the time taken to initialize AppArmor at boot time. AppArmor also now supports ‘pux’ which, when specified, means a process can transition to an existing profile if one exists or simply run unconfined if not.
If you’re not familiar with AppArmor, it is a Mandatory Access Control application originally designed at Novell. It is now primarily community-driven, but has been the default in Ubuntu for a few releases. It continues to mature, and security profiles are pre-defined and applicable for many common applications. To find out more about AppArmor you can read the Ubuntu community documentation on using it at: https://help.ubuntu.com/community/AppArmor