io_uring shine tsarin kiran tsarin kernel na Linux don ayyukan I/O na asynchronous na na'urorin ajiya
Google kwanan nan ya bayyana ta hanyar wani shafin yanar gizon da yake da shi ya yanke shawarar kashe ta tsohuwa akan ChromeOS, Android da sabobin na samarwa, da asynchronous dubawa io_uring, wannan saboda mummunan yanayin tsaro a io_uring.
Kuma wannan shine yayin nazarin sakamakon "Shirin Kyautar Rauni" na kCTF, wanda ke aiki tun daga 2020, an nuna cewa kashi 60% na aikace-aikacen da aka karɓa a ƙarƙashin shirin suna amfani da lahani masu tasowa kuma yanayin ba ya canzawa cikin lokaci, wanda ke da matukar damuwa yayin da ya zama mai rauni.
Gabaɗaya, an biya kusan dala miliyan ɗaya kyauta. ta hanyar amfani mai alaka da io_uring, yayin da jimlar adadin lamunin da aka biya don raunin da ke cikin kwayayen Linux yayin wanzuwar shirin shine dala miliyan 1,8 don fa'idodin 42 da aka tanadar don raunin da ba a daidaita ba tukuna (mafi girman albashi - $ 133 dubu).
Tun da Linux kernel wani muhimmin sashi ne ba kawai ga Google ba, har ma da Intanet, mun fara saka hannun jari sosai a wannan fannin. Mun fadada isar VRP da mafi girman lada a cikin 2021 (zuwa $50), sannan kuma a cikin Fabrairu 000 (zuwa $2022), kuma a ƙarshe a cikin Agusta 91 (zuwa $000). A cikin 2022, mun kuma taƙaita abubuwan da muka koya har zuwa yau a cikin littafin girke-girkenmu kuma mun gabatar da gwajin gwajin mu don mafi yawan dabarun hakar ma'adinai.
Shekaran da ya gabata, don inganta tsaro na kwaya na Linux da aka yi amfani da shi a cikin yanayin da aka yi amfani da shi don neman kyautar, Google ya yi amfani da ƙarin tweaks da faci don toshe hanyoyin amfani na yau da kullun. Misali, an ƙara kariyar cin hanci da rashawa a cikin tsarin Freelist, an haramta yin rubutu ba tare da iyaka ba, kuma an aiwatar da toshe hare-hare masu alaƙa da musayar cache. Amma waɗannan canje-canjen ba su shafi ikon yin amfani da lahani a cikin io_uring ba, wanda ya sa Google ya daina tallafawa io_uring a cikin samfuransa.
Yayin da io_uring yana ba da fa'idodin aiki kuma yana amsawa da sauri ga al'amuran tsaro tare da cikakkun gyare-gyaren tsaro (kamar mayar da 5.15 zuwa ga tsayayyen bishiyar 5.10), sabon sashe ne na kwaya. Don haka, io_uring yana ci gaba da haɓakawa sosai, amma har yanzu munanan lahani yana shafar shi kuma yana ba da ingantaccen amfani. Saboda waɗannan dalilai, a halin yanzu muna ɗaukar shi lafiya ga amintattun abubuwan haɗin gwiwa kawai.
A kan ChromeOS, goyon bayan io_uring ba a kashe lokacin tattara kernel (CONIFG_IO_URING a cikin kernelconfig). Android na ɗan lokaci tana amfani da matatar tushen seccomp-bpf don toshe damar io_uring kuma tana shirin yin amfani da SELinux don zaɓin iyakance damar io_uring zuwa amintattun abubuwan haɗin tsarin a cikin sakin gaba.
Don haka, Google baya ɗaukar ra'ayi mara kyau game da io_uring Interface, Linux kernel ya samar tun daga sigar 5.1, tunda ya ambaci hakan a cikin mahimman abubuwan sa, ya yi fice don goyon bayan sa don jefa ƙuri'a na I/O da ikon yin aiki tare da ko ba tare da buffering ba, amma don haka har yanzu yana da ƙarfi don ci gaba da ɗaukar kasada kuma, sama da duka, ci gaba da saka hannun jari don gyara kwari da raunin da ke tasowa koyaushe.
Tare da io_uring API, masu haɓaka kernel sun yi ƙoƙarin magance gazawar tsohuwar ƙirar aio.
Game da aiki, io_uring yana kusa da SPDK kuma ya fi libaio sosai lokacin da aka kunna zabe. Misali, yin amfani da io_uring a cikin ɗakin karatu na libuv ya haifar da haɓaka aikin 8x, kuma gami da io_uring na tushen asynchronous rubuta buffer a cikin tsarin fayil na XFS ya haifar da raguwar 80x a cikin latency. da haɓakar ninki 2,7 a ƙimar canja wurin bayanai.
Yana da kyau a ambaci cewa ƙari, Google yana la'akari da yiwuwar kashe io_uring ta tsohuwa a cikin GKE AutoPilot (Google Kubernetes Engine).
A ƙarshe, idan kuna sha'awar ƙarin sani game da shi, zaku iya tuntuɓar cikakkun bayanai A cikin mahaɗin mai zuwa.