Microsoft ya bayyana kwanan nan ta hanyar rubutu aiwatar da tsarin eBPF don Windows wanda ke ba ka damar tafiyar da direbobi ba tare da izini ba waɗanda ke aiki a matakin kernel na tsarin aiki.
eGMP yana samar da mai fassarar bytecode a cikin kernel don ƙirƙirar sararin mai amfani da keɓaɓɓun cibiyoyin sadarwar sararin samaniya, ikon samun dama da tsarin kulawa. eBPF an haɗa shi a cikin kwayar Linux tun daga sigar 3.18 da ba ka damar aiwatar da fakitin hanyar sadarwa masu shigowa / masu fita, jakunkunan turawa, sarrafa bandwidth, kiran sakonnin waya, samun damar shiga, da kuma waƙa.
Ta hanyar tattara JIT, ana fassara bytecode zuwa umarnin inji akan tashi kuma yana gudana tare da aiwatar da lambar da aka tattara. EBPF don Windows tushen buɗewa ne a ƙarƙashin lasisin MIT.
A yau muna farin cikin sanar da sabon aikin buɗe ido daga Microsoft don yin eBPF aiki akan Windows 10 da Windows Server 2016 da kuma daga baya. Aikin ebpf-don-windows yana nufin bawa masu haɓaka damar amfani da sanannun kayan aikin eBPF da hanyoyin musayar aikace-aikacen aikace-aikace (APIs) a saman nau'ikan Windows da ake dasu. Dangane da aikin wasu, wannan aikin yana ɗaukar ayyukan buɗe eBPF da yawa wanda ya kasance kuma yana ƙara "manne" don sanya su aiki akan Windows.
eBPF don Windows za a iya amfani da kayan aikin eBPF na yanzu kuma yana samar da API na asali wanda ake amfani dashi don aikace-aikacen eBPF akan Linux.
Musamman aikin yana ba ku damar tattara lambar da aka rubuta a cikin C zuwa bytecode eBPF ta amfani da daidaitaccen mai haɗa harshe eBPF da gudanar da eBPF direbobi waɗanda aka riga aka gina don Linux a saman kernel na Windows, wanda ke ba da takamaiman matakan daidaitawa kuma yana tallafawa daidaitaccen Libbpf API don dacewa tare da aikace-aikacen da ke hulɗa tare da shirye-shiryen eBPF.
Wannan ya haɗa da layin tsakiya waɗanda ke ba da nau'ikan nau'ikan Linux don XDP (eXpress Data Path) da kuma ɗakunan soket waɗanda ke taƙaita samun dama ga tarin hanyar sadarwar Windows da direbobin cibiyar sadarwa. Shirye-shiryen suna nufin samar da cikakken tallafi na tushen tushe don jigilar Linux eBPF direbobi.
Babban banbanci wajen aiwatar da eBPF don Windows shine amfani da wani mai duba bytecode, wanda ma'aikatan VMware da masu bincike daga jami'o'in Kanada da na Isra'ila suka gabatar da shi.
An fara tantancewar a cikin wani keɓaɓɓen tsari a cikin sararin mai amfani kuma ana amfani dashi kafin aiwatar da shirye-shiryen BPF don gano kurakurai da toshe yuwuwar aikata mugunta.
Don ingantawa, eBPF don Windows yana amfani da hanyar fassarar rikitaccen tsari, menene, Idan aka kwatanta da mai tabbatar da eBPF na Linux, yana nuna ƙimar ƙarya mara kyau, Yana goyan bayan nazarin madauki kuma yana ba da kyakkyawan haɓaka. Hanyar tana la'akari da yawancin ayyukan kwaikwayon da aka samo daga nazarin shirye-shiryen eBPF na yanzu.
eBPF sanannen sanannen fasaha ne mai kawo sauyi wanda ke samar da shirye-shirye, fadadawa, da saurin aiki. an yi amfani da eBPF don amfani da sharuɗɗa kamar ƙin ba da kariya ga sabis da kiyayewa.
Bayan lokaci, tsarin halittu masu mahimmanci, samfuran, da ƙwarewa ya gina kewaye da eBPF. Kodayake an fara aiwatar da tallafi ga eBPF a cikin kernel na Linux, amma an sami babban ci gaba na barin eBPF ana amfani da shi a cikin sauran tsarin aiki da kuma faɗaɗa daemon da sabis na yanayin mai amfani ban da kwaya.
Bayan tabbaci, - bytecode an wuce zuwa mai fassara matakin kernel, ko ana wucewa ta cikin mai tattara JIT, ana biye dashi ta hanyar kunna lambar inji tare da haƙƙoƙin haƙori. Don keɓance direbobin eBPF a matakin kernel, ana amfani da tsarin HVCI (HyperVisor Enhanced Code Integrity), wanda ke amfani da kayan aiki na ƙwarewa don kare matakai a cikin kwaya kuma yana tabbatar da cewa amincin lambar da aka zartar an sanya hannu a lamba.
Limaya daga cikin iyakancewar HVCI shine ikon bincika kawai shirye-shiryen eBPF wanda aka fassara da kuma rashin iya amfani da su tare da JIT (kuna da zaɓi: ƙarin aiki ko kariya).
Finalmente idan kuna sha'awar ƙarin sani game da shi, zaka iya tuntuba mahada mai zuwa.