The io_uring
subsystem is more than an asynchronous I/O interface for Linux; it is,
for all practical purposes, an independent system-call API. It has enabled high-performance applications, but it also brings challenges for code built around classic, Unix-style system calls. For example, the seccomp()
sandboxing mechanism does not work with it, causing applications using seccomp() to disable io_uring outright. Io_uring maintainer Jens
Axboe is seeking to improve that situation with a rapidly evolving patch
series adding a new restrictive mechanism to that subsystem.
https://lwn.net/Articles/1054225/
--- SBBSecho 3.34-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)