Waiting for many things at once with io_uring

(mazzo.li)

118 points ashvardanian | 2 comments | 14 Nov 24 12:04 UTC | HN request time: 0.412s | source

Show context

refulgentis ◴[18 Nov 24 20:45 UTC] No.42176793[source]▶

It took me many io_uring hello world articles to find out it's not really used in production (ex. Android and ChromeOS both disable it) because it was, and continues to be, a source of an absolutely bonkers outsized # of security issues.

I don't remember much more than that*, but just dropping it here because I learned a ton more from reading about that, than my Nth io_uring article.

* for example, the article mentioning relevant buffers are shared with the system made me want to say "aHA, yes, that's what the security articles said was a core issue!" -- but I can't actually remember with 100% confidence

replies(2): >>42177121 #>>42178527 #

loeg ◴[18 Nov 24 21:14 UTC] No.42177121[source]▶

>>42176793 #

Well, it's not true that it isn't used in production. Google has been burned and at least historically did not use it. But I know some services at Facebook use it in production.

Yes, historically it was a big source of security bugs. I think that has tapered off somewhat as the rate of change slows down.

replies(1): >>42181937 #

1. junon ◴[19 Nov 24 10:31 UTC] No.42181937[source]▶

>>42177121 #

Jens Axboe, io_uring creator, works at Facebook if memory serves, so I'd imagine that's why it's used in prod at Facebook.

replies(1): >>42186304 #

2. loeg ◴[19 Nov 24 17:55 UTC] No.42186304[source]▶

>>42181937 (TP) #

He does, and these things are somewhat related, though it's not like services are compelled to use io_uring on his behalf.

↑