On 13.08.21 11:54, Leif Lindholm wrote:
On Fri, Aug 13, 2021 at 08:18:14 +0200, François Ozog wrote:
This:
https://linuxfoundation.org/press-release/facebook-google-isovalent-microsof...
Following earlier addition of eBPF in Windows kernel: https://github.com/microsoft/ebpf-for-windows
Makes me think that the crazy idea I talked about a couple of months ago (subject of the mail) may not be that crazy….
Not crazy. I have discussed at least the EBC replacement bit with a few people in the past.
While admittedly the first time it was broached was in jest (I think credit goes to Peter Jones), it's the best option I can see out there today.
There are a few reasons you may want to use eBPF:
1) Security 2) Cross-arch compatibility
I don't think you can get either in UEFI's current module model, because you exchange direct flat memory model objects between entities. So while struct layouts, function call ABI, etc still matter you still don't get any additional security because you need to have full access to all memory at all times.
So let me ask this the other way around: What are you trying to achieve?
Alex