Implementing eBPF for Windows
Implementing eBPF for Windows
Posted Jun 10, 2021 22:45 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)Parent article: Implementing eBPF for Windows
Posted Jun 11, 2021 8:58 UTC (Fri)
by amarao (guest, #87073)
[Link]
MS starts to commit to the Kernel (already)
Users notice nothing, geeks are pleased by mass up-streaming of drivers.
Posted Jun 11, 2021 21:09 UTC (Fri)
by atai (subscriber, #10977)
[Link] (4 responses)
Posted Jun 12, 2021 1:16 UTC (Sat)
by Cyberax (✭ supporter ✭, #52523)
[Link] (3 responses)
NT kernel has a long history, but it's severely hobbled by its design. It allows unparalleled backwards compatibility for drivers (I have a driver for a simple PCI device from 1998 that still compiles just fine) but it also imposes a lot of overhead. As a result filesystem performance on NT is a joke, scheduler is bad, memory management is at most adequate. Heck, MSSQL server for Linux works faster on the same hardware as MSSQL on Windows on most benchmarks.
Even the driver situation is changing. I've recently benchmarked WiFi 6 performance on a couple of devices, and Linux won handily. To people scarred by NDISWrapper this is a bit of a shock.
Microsoft certainly has money to invest into development of the kernel. But it's not always money, it's also people. Literally thousands developers work on improving Linux. Microsoft's core kernel team is a fraction of that.
Moreover, the value-add of Microsoft is not in the kernel itself. It's in the userland software and more and more in cloud services.
Posted Jun 14, 2021 13:37 UTC (Mon)
by nix (subscriber, #2304)
[Link] (2 responses)
Filesystem performance on NT is not impaired by backwards compatibility -- or, rather, backwards compatibility isn't the main problem with it. NTFS was widely known as a dog even in the 90s before the backwards-compatibility burden emerged, and it has not got much better: indeed, MS spent a *lot* trying to replace it, overdesigned the replacement, WinFS, which failed (a shame, it was fascinating) and are still stuck with NTFS as a result.
Backwards compatibility might be a problem as well, but this isn't an example of it :)
Posted Jun 14, 2021 21:18 UTC (Mon)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
The issue is that for any request except the basic read/write ops Windows needs to create an IRP (I/O Request Packet) that is routed and filtered through multiple layers. So for example, you can attach filters that would change the file names. Or transparently encrypt the data and metadata as it's being written. This also makes stuff like ransomware pretty easy to do.
The downside is that this very abstract system is pretty slow.
Posted Jun 15, 2021 19:07 UTC (Tue)
by nix (subscriber, #2304)
[Link]
Implementing eBPF for Windows
MS become a core contributor to Wine.
MS adopts Linux kernel (receiving a good docker/eBPF/nested KVM/etc support)
MS sells Windows X as usual, which become a Linux kernel + Wine + proprietary assets (icons?) for OEMs to be installed on new machines.
Implementing eBPF for Windows
Implementing eBPF for Windows
Implementing eBPF for Windows
Implementing eBPF for Windows
Implementing eBPF for Windows