Linus Torvalds has just announced the official release of the new Linux kernel 6.18.
“So I’ll have to admit that I’d have been happier with slightly less bugfixing noise in this last week of the release, but while there’s a few more fixes than I would hope for, there was nothing that made me feel like this needs more time to cook. So 6.18 is tagged and pushed out.”
Key Features in Linux 6.18
At a high level, Linux kernel 6.18 introduces a new PSP-based encryption option for TCP connections, faster slab allocation and swapping, significant UDP receive-side improvements, a persistent-cache device-mapper target, namespaces that can be managed via file handles, support for Accurate ECN in TCP, and signed BPF programs, on top of many smaller core and driver changes.
One of the headline changes is the introduction of “sheaves” in the SLUB allocator. In simple terms, the kernel now keeps per-CPU caches of small memory objects so most allocations and frees can be handled locally without bouncing synchronization across CPUs. That reduces contention in hot paths and speeds up both allocation and free, improving performance for workloads that rely heavily on RCU.
Swapping performance is another area that is improving. Linux 6.18 brings the first phase of the “swap table” work, which introduces a new abstraction used as the backend for the swap cache. The goal is to make swap lookups and management more efficient, especially under memory pressure.
In light of this, benchmarks reported in the merge notes show throughput and request-per-second gains of 5–20% for representative workloads, along with better behavior under stress for large-page allocations.
On the storage side, a new device-mapper target, dm-pcache, allows persistent memory — for example, CXL-based or DAX-capable devices — to be used as a high-speed cache in front of slower block devices. That gives system designers a kernel-level way to treat persistent memory as a tier between DRAM and SSDs or disks, without needing custom user-space code.
At the same time, the NFS server gains an option to disable its own I/O caching entirely. That may sound counter-intuitive, but for large, heavily loaded servers or very small cloud instances, skipping server-side caching can actually improve scalability and avoid thrashing local memory.
Process and namespace management get a notable usability improvement. The kernel has supported pidfds, file-descriptor handles to processes, since Linux 5.1, and they have proved very useful for robust process management.
Linux kernel 6.18 extends the same idea to namespaces: userspace can now encode and decode namespace identifiers using the existing name_to_handle_at() and open_by_handle_at() APIs. That makes it possible to refer to namespaces consistently throughout the system’s lifetime, compare them reliably, and pass them around without allocating extra resources.
Networking sees several substantial changes as the new release adds initial support for Accurate Explicit Congestion Notification, which extends classic ECN by allowing more detailed feedback about how many congestion markings were seen per RTT.
On the UDP side, the receive path has been reworked to reduce contention and to use NUMA-aware locking and better data-structure layouts; testing cited in the changelog reports roughly 50% better UDP RX performance, with even larger gains under attack-like conditions where a small set of sockets receive very high packet rates.
On top of that, the default socket receive buffer size is also raised to 4 MB, and earlier work on direct internal buffer sharing (dibs) is merged, further improving scalability for high-volume networking.
Security and transport encryption are strengthened with support for PSP-encrypted TCP connections. PSP, a protocol developed at Google, occupies a middle ground between IPsec and TLS: it has some architectural similarities to both but is designed for strong hardware offload, including tunneling modes, making it attractive for data-center deployments where offload engines are common.
The BPF subsystem gains the ability to load cryptographically signed BPF programs. For now, the main change is the plumbing: the kernel can verify program signatures as they are loaded. Plus, the audit subsystem continues moving toward robust multi-LSM support as the Linux kernel 6.18 improves its event handling when multiple Linux Security Modules are enabled simultaneously.
On the virtualization front, this release introduces a virtio SPI driver that lets hypervisors expose SPI devices directly to virtual machines via the standard virtio mechanism. On x86 hosts, SEV-SNP CipherText Hiding becomes available, preventing CPUs that are not authorized to access a guest’s private memory from even seeing the ciphertext in that memory.
On the KVM side, it can now provide shadow stacks and indirect branch tracking on Intel hardware and shadow stacks on AMD, giving guests access to modern control-flow protections.
Filesystems and the block layer see a mix of feature work and cleanup. The new dm-pcache target also fits here, providing persistent caching in front of block devices. Ext4 continues to modernize, with extended reserved ID support and a new ioctl interface to retrieve and modify superblock parameters, while the last remnants of separate ext3 configuration options are removed.
OverlayFS gains case-folding support, and FUSE filesystems can now handle large range copies directly. Separately, a batch of deprecated XFS options is disabled by default, obsolete mount options are dropped, and online fsck is now enabled by default and no longer treated as experimental. Linux kernel 6.18 also removes the Bcachefs filesystem entirely, and some filesystems adopt new lockless bitmap implementations to reduce contention on shared metadata.
Lastly, regarding hardware support, the release brings new or improved drivers for a wide range of GPUs (including more recent Mali variants and additional SoC graphics blocks), display bridges and panels, embedded SoCs, network cards, power controllers and regulators, industrial I/O sensors, storage controllers, USB PHYs and repeaters, audio devices, and input and haptic controllers.
For those eager to compile the Linux kernel 6.18 themselves, it’s now available for download at kernel.org. As usual, users of rolling-release distros will be the first to receive the new kernel, with the update expected to be available in their repos over the following weeks.
