At this point it looks like io_uring is really the new syscall interface of choice. Given that most (not all, but a significant proportion) syscalls are for I/O purposes, it makes sense to bake in the concept of async completion.
IMO the big problem is that it's very hard (and AFAIK no way has even be proposed) to restrict from the outside which syscall-alikes are allowed via io_uring. This is trivial with regular syscalls. That's important if you ever co-host applications with different security domains.
At this point it looks like io_uring is really the new syscall interface of choice. Given that most (not all, but a significant proportion) syscalls are for I/O purposes, it makes sense to bake in the concept of async completion.
Is it still slower than epoll?
Has the security situation improved?
I was curious as to what the issue is. Found some discussion here[1] and here[2].
Anything else?
At least with that patch last year you can turn it off, which seems prudent for servers facing the internet.
[1]: https://lwn.net/Articles/943239/
[2]: https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-e...
IMO the big problem is that it's very hard (and AFAIK no way has even be proposed) to restrict from the outside which syscall-alikes are allowed via io_uring. This is trivial with regular syscalls. That's important if you ever co-host applications with different security domains.
I mean, turning it off sort of ruins the point of the exciting new interface.