toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

214
active users

#io_uring

0 posts0 participants0 posts today
Andrés Gómez<p>My <span class="h-card" translate="no"><a href="https://floss.social/@igalia" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>igalia</span></a></span> colleague Luís Henriques has just published a very interesting post about the work he has been doing lately in the Linux <a href="https://hostux.social/tags/kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kernel</span></a> about <a href="https://hostux.social/tags/FUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FUSE</span></a> over <a href="https://hostux.social/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a>.</p><p><a href="https://luis.camandro.org/2025-06-14-fuse-over-io_uring.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">luis.camandro.org/2025-06-14-f</span><span class="invisible">use-over-io_uring.html</span></a></p>
Kunai Project<p>🚀 New Blog Post: Kunai vs io_uring (<a href="https://why.kunai.rocks/blog/kunai-vs-io_uring" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">why.kunai.rocks/blog/kunai-vs-</span><span class="invisible">io_uring</span></a>) 🚀</p><p>💡 Ever wondered how io_uring revolutionizes I/O operations in the Linux kernel? Inspired by Armo's blog post (<a href="https://www.armosec.io/blog/io_uring-rootkit-bypasses-linux-security/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">armosec.io/blog/io_uring-rootk</span><span class="invisible">it-bypasses-linux-security/</span></a>) about a PoC rootkit using io_uring, we explored this feature's security implications and how tools like Kunai can monitor these operations.</p><p>🔍 Key Takeaways:<br>🔹 io_uring boosts I/O performance by reducing system call overhead and enabling asynchronous operations<br>🔹 Security tools struggle to monitor io_uring due to its unique handling of operations<br>🔹 Kunai now provides visibility into io_uring operations, though blocking malicious activities remains challenging<br>🔹 Recent kernel versions have introduced auditing and security controls for io_uring, but these are still limited</p><p>📖 Read more: <a href="https://why.kunai.rocks/blog/kunai-vs-io_uring" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">why.kunai.rocks/blog/kunai-vs-</span><span class="invisible">io_uring</span></a></p><p><a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://infosec.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatDetection</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a></p>
Marcel Waldvogel<p>All you never wanted to know about creating fast socket I/O on <a href="https://waldvogel.family/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>. Unless you are a real geek.</p><p>A small, ultra-high performance publish-subscribe server doing kind of TCP <a href="https://waldvogel.family/tags/multicast" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>multicast</span></a> using <a href="https://waldvogel.family/tags/sendfile" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sendfile</span></a>, <a href="https://waldvogel.family/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a>, <a href="https://waldvogel.family/tags/splice" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>splice</span></a>, (mapped) files, and <a href="https://waldvogel.family/tags/fallocate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fallocate</span></a> for file hole punching.</p><p>Saturating a 10 Gbps link with useful data with just 8 cores.</p><p>A beautiful writeup for anyone into fast Linux networking. Not just for <a href="https://waldvogel.family/tags/ATproto" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ATproto</span></a> </p><p>h/t <span class="h-card" translate="no"><a href="https://smnn.ch/@nohillside" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nohillside</span></a></span> <br><a href="https://waldvogel.family/tags/PubSub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PubSub</span></a> <a href="https://waldvogel.family/tags/Kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernel</span></a> <a href="https://waldvogel.family/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <br><a href="https://www.asayers.com/jetrelay" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">asayers.com/jetrelay</span><span class="invisible"></span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> '<a href="https://mastodon.thenewoil.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a>' security blindspot allows stealthy <a href="https://mastodon.thenewoil.org/tags/rootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rootkit</span></a> attacks</p><p><a href="https://www.bleepingcomputer.com/news/security/linux-io-uring-security-blindspot-allows-stealthy-rootkit-attacks/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/linux-io-uring-security-blindspot-allows-stealthy-rootkit-attacks/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>
0x40k<p>Whoa, hold up! 🤯 There's a new Linux rootkit dubbed "Curing" out in the wild, and it's got a nasty trick: leveraging `io_uring` to slip right past traditional security tools. Why? Because most of those tools are laser-focused on system calls... which `io_uring` can bypass.</p><p>So, what's the deal with `io_uring`? Picture an application chatting directly with the kernel, essentially skipping the front desk where system calls usually check-in. "Curing" exploits this direct line for its command-and-control communication, leaving *none* of the usual suspicious system call footprints. Talk about stealth mode! And heads up – Google has actually been warning about the potential risks here for some time.</p><p>Speaking from a pentester's perspective, this is yet another stark reminder: just relying on "basic" security isn't going to cut it. We really need to dive deeper, get our hands dirty with kernel-level analysis and understanding. Let's be clear: running automated scans is *not* the same as a thorough penetration test!</p><p>What about you? Are you utilizing `io_uring` in your environment? What kind of security measures have you put in place around it? Seriously curious – how do you see kernel security evolving from here? Let's discuss! 👇</p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/Rootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rootkit</span></a> <a href="https://infosec.exchange/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/KernelSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KernelSecurity</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a></p>
argv minus one<p>Do any operating systems other than <a href="https://mastodon.sdf.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> (<a href="https://mastodon.sdf.org/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a>, <a href="https://mastodon.sdf.org/tags/macOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>macOS</span></a>, <a href="https://mastodon.sdf.org/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeBSD</span></a>, <a href="https://mastodon.sdf.org/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenBSD</span></a>, etc) have an API for non-blocking file IO?</p><p>I know Linux has that in <a href="https://mastodon.sdf.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a>, which can do almost any IO operation (even fsync) in the background and tell you when it's done, but is that the only OS with such a feature?</p><p><a href="https://mastodon.sdf.org/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>programming</span></a> <a href="https://mastodon.sdf.org/tags/async" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>async</span></a></p>
Thorsten Leemhuis (acct. 1/4)<p>Support for <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> communication between <a href="https://fosstodon.org/tags/kernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kernel</span></a> and [<a href="https://fosstodon.org/tags/fuse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuse</span></a>] userspace using IORING_OP_URING_CMD is the highlight from the main fuse (Filesystem in Userspace) updates merged for <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> 6.14:</p><p><a href="https://git.kernel.org/torvalds/c/92cc9acff7194b1b9db078901f2a83182bb73202" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">git.kernel.org/torvalds/c/92cc</span><span class="invisible">9acff7194b1b9db078901f2a83182bb73202</span></a></p><p>Miklos furthermore writes:</p><p>'"Following features enable gains in performance compared to the regular interface:</p><p>- Allow processing multiple requests with less syscall overhead</p><p>- Combine commit of old and fetch of new fuse request</p><p>- CPU/NUMA affinity of queues"'</p><p><a href="https://fosstodon.org/tags/LinuxKernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinuxKernel</span></a></p>
Nils Goroll 🕊️:varnishcache:<p>using <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> for storage in <a href="https://fosstodon.org/tags/varnishcache" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>varnishcache</span></a> </p><p><a href="https://fosstodon.org/tags/allsystemsgo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>allsystemsgo</span></a> <a href="https://fosstodon.org/tags/ASG2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ASG2024</span></a> </p><p><a href="https://media.ccc.de/v/all-systems-go-2024-305-using-iouring-for-storage" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">media.ccc.de/v/all-systems-go-</span><span class="invisible">2024-305-using-iouring-for-storage</span></a></p><p>From: <span class="h-card" translate="no"><a href="https://botsin.space/@mediacccde" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mediacccde</span></a></span><br><a href="https://botsin.space/@mediacccde/113203506819669014" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">botsin.space/@mediacccde/11320</span><span class="invisible">3506819669014</span></a></p>
Chris Gioran 💔<p>New blog post: </p><p>A simple, async page cache built on top of io_uring</p><p><a href="https://radiki.dev/posts/glowdust-page-cache-1/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">radiki.dev/posts/glowdust-page</span><span class="invisible">-cache-1/</span></a></p><p><a href="https://fosstodon.org/tags/glowdust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>glowdust</span></a> <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> <a href="https://fosstodon.org/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rust</span></a> <a href="https://fosstodon.org/tags/rustlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rustlang</span></a></p>
Chris Gioran 💔<p>No one: ....</p><p>Absolutely no one: ....</p><p>Me: As it turns out, you can use <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> to build a custom async runtime for a page cache.</p><p>Should you do it? Maybe.</p><p>Is it fun to build? Yeah, kind of, if you're into state machines and IO.</p><p>How about I clean it up and push it to the repo, write up a post about it and you tell me what you think?</p><p><a href="https://fosstodon.org/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rust</span></a> <a href="https://fosstodon.org/tags/rustlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rustlang</span></a></p>
Chris Gioran 💔<p>Linux 6.11 To Introduce Block Atomic Writes - Including NVMe &amp; SCSI Support</p><p><a href="https://www.phoronix.com/news/Linux-6.11-Block-Atomic-Writes" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">phoronix.com/news/Linux-6.11-B</span><span class="invisible">lock-Atomic-Writes</span></a></p><p>Application blocks will:</p><p>1. never be torn or fractured when written. </p><p>2. For a power fail, all or none of the data to be written.</p><p>3. A racing atomic write and read will mean that the read sees all the old data or all the new data, but never a mix of old and new. </p><p>I'm curious to see how I can make it work with my LSM store.</p><p><a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> <a href="https://fosstodon.org/tags/database" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>database</span></a></p>
Chris Gioran 💔<p>As the sole developer of <a href="https://fosstodon.org/tags/Glowdust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Glowdust</span></a>, I need to choose if I'll support platforms without <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> support or drop uring support altogether.</p><p>The small experiment with CSV import showed me that I can't maintain two I/O stacks.</p><p>Plus, I started Glowdust in part because I wanted to play around with uring.</p><p>Hmm. Let's be honest - no one but me cares about Glowdust. And I only run <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>.</p><p>And that's how, in the space of a single toot, I decided to do only io_uring.</p><p>Thank you for following along.</p>
Nils Goroll 🕊️:varnishcache:<p>HAPPY 18TH BIRTHDAY <a href="https://fosstodon.org/tags/VarnishCache" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VarnishCache</span></a> ! To celebrate this memorable occasion, we have just tagged Version 1.0.0-rc1 of <a href="https://gitlab.com/uplex/varnish/slash" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/uplex/varnish/slash</span><span class="invisible"></span></a>, which contains fellow, our advanced, <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> based, high performance, eventually persistent, always consistent <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> storage engine.<br>Read the full announcement: <a href="https://varnish-cache.org/lists/pipermail/varnish-announce/2024-February/000762.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">varnish-cache.org/lists/piperm</span><span class="invisible">ail/varnish-announce/2024-February/000762.html</span></a><br>And the changelog: <a href="https://gitlab.com/uplex/varnish/slash/-/blob/master/CHANGES.rst?ref_type=heads" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gitlab.com/uplex/varnish/slash</span><span class="invisible">/-/blob/master/CHANGES.rst?ref_type=heads</span></a></p>
Chris Gioran 💔<p>I added an opcode to <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> in the <a href="https://fosstodon.org/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> kernel</p><p>Then I exposed it to the userspace uring library from <a href="https://fosstodon.org/tags/tokio" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tokio</span></a> </p><p>And finally I wrote an application with it.</p><p>It's easier than it sounds. But I still learned a lot. Here, I wrote it up:</p><p><a href="https://radiki.dev/posts/add-zero-opcode-to-io-uring/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">radiki.dev/posts/add-zero-opco</span><span class="invisible">de-to-io-uring/</span></a></p><p>If you find this useful let me know, and I'll write more.</p><p><a href="https://fosstodon.org/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rust</span></a> <a href="https://fosstodon.org/tags/rustlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rustlang</span></a></p>
Nils Goroll 🕊️:varnishcache:<p>This month, SLASH/fellow <a href="https://gitlab.com/uplex/varnish/slash" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/uplex/varnish/slash</span><span class="invisible"></span></a>, our advanced, <a href="https://fosstodon.org/tags/io_uring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>io_uring</span></a> based, high performance, eventually persistent, always consistent <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> storage engine for <a href="https://fosstodon.org/tags/varnishcache" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>varnishcache</span></a> has received bug fixes and relevant performance improvements:<br>- reduced memory footprint<br>- improve cache lookup performance<br>- made memory allocation priorities more fine grained<br>- reduced overhead for concurrent access to disk objects<br>- improved disk space allocation</p><p>Please try it out, all feedback is welcome!</p>