Io_uring, kTLS and Rust for zero syscall HTTPS server

(blog.habets.se)

495 points guntars | 1 comments | 22 Aug 25 03:51 UTC | HN request time: 0.209s | source

Show context

Seattle3503 ◴[22 Aug 25 05:44 UTC] No.44981374[source]▶

> For example when submitting a write operation, the memory location of those bytes must not be deallocated or overwritten.

> The io-uring crate doesn’t help much with this. The API doesn’t allow the borrow checker to protect you at compile time, and I don’t see it doing any runtime checks either.

I've seen comments like this before[1], and I get the impression that building a a safe async Rust library around io_uring is actually quite difficult. Which is sort of a bummer.

IIRC Alice from the tokio team also suggested there hasn't been much interest in pushing through these difficulties more recently, as the current performance is "good enough".

[1] https://boats.gitlab.io/blog/post/io-uring/

replies(7): >>44981390 #>>44981469 #>>44981966 #>>44982846 #>>44983850 #>>44983930 #>>44989979 #

ozgrakkurt ◴[22 Aug 25 07:53 UTC] No.44981966[source]▶

>>44981374 #

You don’t have to represent everything with borrows. You can just use data structures like Slab to make it cancel safe.

As an example this library I wrote before is cancel safe and doesn’t use lifetimes etc. for it.

https://github.com/steelcake/io2

replies(1): >>44983102 #

1. ozgrakkurt ◴[22 Aug 25 11:14 UTC] No.44983102[source]▶

>>44981966 #

Just realised my code isn’t cancel safe either. It is invalid if the user just drops a read future and the buffer itself while the operation is in the kernel.

It is just a PITA to get it fully right.

Probably need the buffer to come from the async library so user allocates the buffers using the async library like a sibling comment says.

It is just much easier to not use Rust and say futures should run fully always and can’t be just dropped and make some actual progress. So I’m just doing it in zig now

↑