Article · Wikipedia archive · Last revised May 30, 2026

Io uring

io_uring is a Linux kernel system call interface for storage device asynchronous I/O operations. It addresses performance issues with similar interfaces provided by functions like read /write or aio_read /aio_write for operations on data accessed by file descriptors.

Last revised
May 30, 2026
Read time
≈ 3 min
Length
670 w
Citations
22
Source
Wikipedia ↗

io_uringa is a Linux kernel system call interface for storage device asynchronous I/O operations. It addresses performance issues with similar interfaces provided by functions like read()/write() or aio_read()/aio_write() for operations on data accessed by file descriptors.23: 2 

Interface

It works by creating two circular buffers, called "queue rings", to track the submission and completion of I/O requests, respectively. For storage devices, these are called the submission queue (SQ) and completion queue (CQ).4 Keeping these buffers shared between the kernel and application helps to boost the I/O performance by eliminating the need to issue extra and expensive system calls to copy these buffers between the two.245 According to the io_uring design paper, the SQ buffer is writable only by consumer applications, and the CQ buffer is writable only by the kernel.2: 3 

eBPF can be combined with io_uring.6

History

The Linux kernel has supported asynchronous I/O since version 2.5, but it was seen as difficult to use and inefficient.7 This older API only supported certain niche use cases,8 notably it only enables asynchronous operation when using the O_DIRECT flag and while accessing already allocated files. This prevents utilizing the page cache, while also exposing the application to complex O_DIRECT semantics. Linux AIO also does not support sockets, so it cannot be used to multiplex network and disk I/O.9

The io_uring kernel interface was adopted in Linux kernel version 5.1 (2019) to resolve the deficiencies of Linux AIO.2510 The liburing library provides an API to interact with the kernel interface easily from userspace.2: 12 

Security

In June 2023, Google's security team reported that 60% of the exploits submitted to their bug bounty program in 2022 were exploits of io_uring vulnerabilities. As a result, io_uring was disabled for apps in Android, and disabled entirely in ChromeOS as well as Google servers.11 Docker also consequently disabled io_uring from their default seccomp profile.12

Notes

Notes

  1. Input/output user ring1
References

References

  1. Axboe, Jens. "@axboe@fosstodon.org".
  2. "Linux Kernel Getting io_uring To Deliver Fast & Efficient I/O". Phoronix. 2019-02-14. Retrieved 2021-03-14.
  3. Axboe, Jens (October 15, 2019). "Efficient IO with io_uring" (PDF). Archived from the original on October 10, 2025. Retrieved November 9, 2025.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  4. "Getting Hands-on with io_uring using Go". developers.mattermost.com. Retrieved 2021-11-20.
  5. Corbet, Jonathan (24 January 2020). "The rapid growth of io_uring [LWN.net]". lwn.net. Retrieved 2021-11-20.
  6. Corbet, Jonathan (4 March 2021). "BPF meets io_uring [LWN.net]". LWN.net. Retrieved 2023-04-17.
  7. Corbet, Jonathan (15 January 2019). "Ringing in a new asynchronous I/O API". LWN.net. Retrieved 2021-03-14.
  8. "What's new with io_uring" (PDF). Archived from the original on 2022-06-01. Retrieved 2022-06-01.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  9. "Linux Asynchronous I/O". 2014-04-21. Archived from the original on 2015-04-06. Retrieved 2023-06-16. Blocking during io_submit on ext4, on buffered operations, network access, pipes, etc. Some operations are not well-represented by the AIO interface. With completely unsupported operations like buffered reads, operations on a socket or pipes, the entire operation will be performed during the io_submit syscall, with the completion available immediately for access with io_getevents. AIO access to a file on a filesystem like ext4 is partially supported: if a metadata read is required to look up the data block (ie if the metadata is not already in memory), then the io_submit call will block on the metadata read. Certain types of file-enlarging writes are completely unsupported and block for the entire duration of the operation.
  10. "Faster IO through io_uring". Kernel Recipes 2019. Archived from the original on 2025-04-24. Retrieved 2025-04-24.
  11. Koczka, Tamás. "Learnings from kCTF VRP's 42 Linux kernel exploits submissions". Google Online Security Blog. Google. Archived from the original on 2024-09-22. Retrieved 14 June 2023. 60% of the submissions exploited the io_uring component of the Linux kernel
  12. "Update RuntimeDefault seccomp profile to disallow io_uring related syscalls by vinayakankugoyal · Pull Request #9320 · containerd/containerd". GitHub. 2023-11-02. Archived from the original on 2024-01-06. Retrieved 2024-10-20.
External links