I’ve previously written about io_uring, possibly one of the more exciting kernel developments in recent memory, aiming to improve the performance of fundamental I/O operations.
But it’s not without major fault. A post from Google’s security describes how in the year leading up to June 2023 60% of reported vulnerabilities were in io_uring, and Google’s paid out $1 million USD for io_uring exploits.
Due to high risk of compromise, Google’s turned it off in their properties:
ChromeOS: Disabled, with exploration into sandboxing it.
Android: Unreachable from apps. Future releases will lean on SELinux to limit io_uring access to select system processes.
Disabled on Google production servers.