aboutsummaryrefslogtreecommitdiff
path: root/doc/manual
diff options
context:
space:
mode:
authorAlois Wohlschlager <alois1@gmx-topmail.de>2024-07-01 09:18:01 +0200
committerAlois Wohlschlager <alois1@gmx-topmail.de>2024-07-25 18:24:45 +0200
commite7188e211a5a2ac0ba34635a846569560bb5f000 (patch)
tree4d42560d44069fb8a4ecc43d983d0c5956302832 /doc/manual
parent127ee1a101e3f5ebab39ad98cbe58fefcd52eca5 (diff)
libstore/build: block io_uring
Unfortunately, io_uring is totally opaque to seccomp, and while currently there are no dangerous operations implemented, there is no guarantee that it remains this way. This means that io_uring should be blocked entirely to ensure that the sandbox is future-proof. This has not been observed to cause issues in practice. Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
Diffstat (limited to 'doc/manual')
-rw-r--r--doc/manual/rl-next/block-io-uring.md12
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/manual/rl-next/block-io-uring.md b/doc/manual/rl-next/block-io-uring.md
new file mode 100644
index 000000000..6ebba9a20
--- /dev/null
+++ b/doc/manual/rl-next/block-io-uring.md
@@ -0,0 +1,12 @@
+---
+synopsis: "Block io_uring in the Linux sandbox"
+cls: 1611
+credits: alois31
+category: Breaking Changes
+---
+
+The io\_uring API has the unfortunate property that it is not possible to selectively decide which operations should be allowed.
+This, together with the fact that new operations are routinely added, makes it a hazard to the proper function of the sandbox.
+
+Therefore, any access to io\_uring has been made unavailable inside the sandbox.
+As such, attempts to execute any system calls forming part of this API will fail with the error `ENOSYS`, as if io\_uring support had not been configured into the kernel.