Discover Security Projects News
AppArmor Adds IO_uring Mediation & Some Performance Optimizations
The AppArmor Linux security system has picked up a few improvements and new features with the in-development Linux 6.7 kernel.
Performance optimizations are always welcome, especially in areas like AppArmor overhead. The IO_uring mediation is interesting although Linux 6.7 is limited to sqpoll and override_creds interfaces.
Historically IO_uring has been the source of some security vulnerabilities while since Linux 6.6 it's been made easier to disable IO_uring system-wide. The IO_uring security woes have mostly been with older kernels but in any event for those using AppArmor there is now IO_uring mediation available for those interested. This IO_uring support was added by Canonical engineers.