Built from First Principles

No runtime. No garbage collector. No framework overhead. Every line of Flashstor is written in C11 for maximum control over memory, I/O, and system resources.

Technology Foundation

Four pillars of engineering excellence

C11 (ISO/IEC 9899:2011)
Modern C standard with _Atomic types, static_assert, anonymous structs. POSIX-compliant with -Wall -Wextra -Wpedantic enforced. Compiled with -fstack-protector-strong, -D_FORTIFY_SOURCE=3, and full RELRO.
Intel ISA-L & ISA-L Crypto
SIMD-accelerated erasure coding (Reed-Solomon over GF(2^8)) with AVX2/AVX-512 and hardware-accelerated AES-256-GCM encryption via AESNI. Up to 65x faster encoding than pure C.
epoll / kqueue Event Loop
Platform-native event-driven I/O: epoll on Linux, kqueue on BSD/macOS, event ports on SunOS. Configurable worker thread pool (default: cpu_count × 2) with dedicated I/O pool for shard operations.
HTTP/2 via nghttp2
Full HTTP/2 support over TLS (h2 via ALPN) and cleartext (h2c prior-knowledge). HTTP/1.1 keep-alive with configurable max requests per connection (default: 1,000).

Request Lifecycle

Every S3 request follows a deterministic four-phase pipeline

1

Accept & Parse

Event loop accepts connection via epoll/kqueue. HTTP headers parsed into pre-allocated arena buffers. Anti-slowloris timeout enforced on header receipt. Request routed to handler via operation dispatch table.

2

Authenticate & Authorize

SigV4 signature verified with timing-safe CRYPTO_memcmp. IAM policy evaluated against request context with per-thread epoch cache (near 100% hit rate on keep-alive connections). STS tokens validated.

3

Execute & Respond

Operation dispatched to handler. Data sharded via CRC32 routing, erasure encoded with ISA-L SIMD, and written to disks in parallel via I/O thread pool. Response assembled with writev() zero-copy sending.

4

Cleanup & Recycle

Arena allocator bulk-frees all per-request memory in a single operation — zero individual free() calls. Connection returned to event loop for keep-alive reuse. Async audit log entry queued to lock-free SPSC ring buffer.

Memory

Arena Allocation: Zero Fragmentation by Design

Every connection gets a dedicated arena allocator with 64 KiB reusable blocks. All per-request allocations happen within the arena. When the request completes, the entire arena is reset in O(1) — no per-object free() calls, no fragmentation, no GC.

  • 64 KiB arena blocks — reused across requests, never returned to OS
  • ~75 KiB baseline per connection (arena + I/O buffers)
  • Bulk deallocation on request completion — single pointer reset
  • Debug mode: per-allocation tracking with leak detection
// Arena allocator — simplified
arena_t *a = arena_create(65536);
// Fast bump allocation
void *buf = arena_alloc(a, size);
void *hdr = arena_alloc(a, hdr_sz);
// Request complete — free everything
arena_reset(a); // O(1), no free()

Distributed Cluster Architecture

Erasure sets distributed across nodes with quorum-based consensus

Gateway Node

Accepts S3 API requests, performs SigV4 authentication, routes operations to the correct erasure set via CRC32-based deterministic hashing.

Storage Node

Manages local disks with xl_storage vtable implementation. Handles erasure coding, bitrot verification, and shard-level I/O with parallel disk operations.

Peer Node

Remote storage accessible via rest_storage vtable over HTTP. Participates in distributed locking, metadata quorum, and cross-node replication.

Communication Channels

Port 9000
S3 API
Client-facing S3 REST API with HTTP/1.1 and HTTP/2 support.
Port 9001
Admin API
Management API with HMAC-SHA256 bearer token authentication for cluster operations.
Port Internal
Peer RPC
Inter-node REST communication for distributed locking, metadata sync, and data replication.
Security

Privilege Separation Model

Flashstor follows the principle of least privilege with a four-phase security lifecycle that minimizes the attack surface at runtime.

Phase 1

Initialize as Root

  • • Bind privileged port (e.g., 443 for HTTPS)
  • • Load TLS certificates from --certs-dir
  • • Initialize ISA-L SIMD dispatch tables
Phase 2

Drop Privileges

  • • Switch to FLASHSTORE_RUN_USER / FLASHSTORE_RUN_GROUP
  • • Set PR_SET_NO_NEW_PRIVS on Linux (prevents re-escalation)
  • • Use capabilities model on SunOS/illumos
Phase 3

Runtime Hardening

  • • Full RELRO — no writable GOT entries after startup
  • • -fstack-protector-strong with stack canary protection
  • • Control-Flow Integrity (-fcf-protection on x86_64)
  • • -D_FORTIFY_SOURCE=3 for buffer overflow detection
Phase 4

Audit & Monitor

  • • Async JSON audit logs via lock-free SPSC ring buffer
  • • Per-request trace IDs with operation timing
  • • Prometheus metrics for security-relevant events

Technical Questions? Let's Talk Architecture.

Our engineering team is available for deep technical discussions about memory management, I/O models, security hardening, and distributed systems design.

Request Demo View Performance