IMicrosoft ityhilwe Kutshanje ngeposi ukuphunyezwa kwenkqubo esezantsi ye-eBPF yeWindows ekuvumela ukuba usebenze ngokungakhathali abaqhubi abaleka kwinqanaba le-kernel yenkqubo yokusebenza.
I-eBPF inikeza itoliki yekhowudi eyakhelwe-ngaphakathi kwikernel ukwenza abaqhubi benethiwekhi abanesithuba somsebenzisi, ulawulo lofikelelo, kunye nokujonga inkqubo. I-eBPF ifakiwe kwi-kernel ye-Linux ukusukela kwinguqulelo engu-3.18 kunye ikuvumela ukuba uqhubekise iipakethi zenethiwekhi ezingenayo / eziphumayo, iipakethi zangaphambili, ulawulo lomda wendlela, ukuthintela iifowuni zenkqubo, ukulawula ukufikelela, kunye nokulandelela.
Ngokudityaniswa kweJIT, ikhowudi ye-byte iguqulelwa kwimiyalelo yomatshini kubhabho kwaye ibaleka ngokusebenza kwekhowudi ehlanganisiweyo. I-EBPF yeWindows yindawo evulekileyo phantsi kwelayisensi ye-MIT.
Namhlanje sonwabile ukwazisa ngeprojekthi entsha evulekileyo evela kuMicrosoft yokwenza i-eBPF isebenze kuyo Windows 10 kunye neWindows Server 2016 nasemva koko. Iprojekthi ye-ebpf-windows ijolise ekwenzeni abaphuhlisi ukuba basebenzise izixhobo eziqhelekileyo ze-eBPF kunye nokusetyenziswa kweenkqubo zenkqubo (ii-API) ngaphezulu kweenguqulelo ezikhoyo zeWindows. Ngokusekwe emsebenzini wabanye, le projekthi ithatha iiprojekthi ezininzi ezivulekileyo ezikhoyo ze-eBPF kwaye yongeza "iglu" yokwenza ukuba ziqhubeke kwiWindows.
i-eBPF yeeWindows inokusetyenziswa ngezixhobo ezikhoyo ze-eBPF kwaye ibonelela nge-generic API esetyenziselwa usetyenziso lwe-eBPF kwiLinux.
Ngokukodwa Iprojekthi ikuvumela ukuba uqokelele ikhowudi ebhalwe ngo-C kwi-bytecode I-eBPF isebenzisa ikhomputha esemgangathweni ye-Clang esekwe kwi-eBPF kwaye usebenzise abaqhubi be-eBPF esele bakhelwe i-Linux ngaphezulu kwe-kernel yeWindows, ebonelela ngolungelelwaniso olukhethekileyo lokuxhasa kwaye ixhasa i-Libbpf API esemgangathweni yokuhambelana nezicelo ezinxibelelana neenkqubo ze-eBPF.
Oku kubandakanya izendlalelo eziphakathi ezibonelela nge-Linux-njengezibophelelo ze-XDP (eXpress Data Path) kunye nezibophelelo zesocket ezishwankathela ukufikelela kwisitaki senethiwekhi yeWindows kunye nabaqhubi benethiwekhi. Izicwangciso zijolise ekunikezeleni ngenkxaso yenqanaba elipheleleyo lomqhubi wabaqhubi be-Linux eBPF.
Umahluko ophambili ekuphumezeni i-eBPF yeWindows kukusebenzisa enye i-bytecode checker, eyacetyiswa kuqala ngabasebenzi beVMware kunye nabaphandi abavela kwiiyunivesithi zaseCanada nase-Israeli.
Umqinisekisi uqaliswe kwinkqubo eyahlukileyo yodwa kwindawo yomsebenzisi kwaye isetyenziswa ngaphambi kokuphunyezwa kweenkqubo zeBPF ukubona iimpazamo kunye nokuthintela imisebenzi enobungozi.
Ukuqinisekisa, I-eBPF yeeWindows isebenzisa indlela engaqondakaliyo yohlalutyo, Intoni, Xa kuthelekiswa ne-eBPF Checker yeLinux, ibonisa inqanaba elisezantsi lobuxoki, Ixhasa uhlalutyo lomtya kwaye inikezela ngokusasazeka okuhle. Indlela le ithathela ingqalelo uninzi lweepateni zentsebenzo eziqhelekileyo ezifunyenwe kuhlalutyo lweenkqubo ezikhoyo ze-eBPF.
I-eBPF yitekhnoloji eyaziwayo kodwa eguqukayo ebonelela ngenkqubo, ukwandiswa kunye nokuqina. I-eBPF isetyenziselwe ukusebenzisa iimeko ezinje ngokukhanyelwa ukukhuselwa kwenkonzo kunye nokuqwalaselwa.
Ixesha elingaphezulu, indawo ecosystem ebalulekileyo yezixhobo, iimveliso kunye nobuchule sele bakhelwe kwi-eBPF. Nangona inkxaso ye-eBPF yaqaliswa okokuqala kwi-kernel ye-Linux, kuye kwakho umdla okhulayo wokuvumela i-eBPF ukuba isetyenziswe kwezinye iinkqubo zokusebenza kunye nokwandisa iidemem kunye neenkonzo zemowudi yomsebenzisi ukongeza kwi-kernel.
Emva koqinisekiso, i-bytecode idluliselwe kwitoliki yenqanaba lekernel, okanye idlula kumhlanganisi we-JIT, olandelwa kukusebenzisa ikhowudi yomatshini onesiphumo kunye namalungelo e-kernel. Ukwahlula abaqhubi be-eBPF kwinqanaba le-kernel, kusetyenziswa indlela ye-HVCI (HyperVisor Enhanced Code Integrity), esebenzisa izixhobo zokubona ukukhusela iinkqubo kwi-kernel kunye nokuqinisekisa ukuba ukuthembeka kwekhowudi eyenziweyo kusayiniwe ngokwamanani.
Umda omnye we-HVCI kukukwazi ukujonga kuphela iinkqubo ze-eBPF ezichaziweyo kunye nokungakwazi ukuzisebenzisa ngokudibeneyo neJIT (unokukhetha: ukusebenza okongeziweyo okanye ukhuseleko).
Gqibela ukuba unomdla wokwazi okungakumbi ngayo, ungabonisana eli khonkco lilandelayo.