Hey Insiders! DTrace can now run riot in Windows 10, if you really want it to

www.theregister.co.uk | 3/11/2019 | Staff
joyyjoyy (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2018/09/11/shutterstock_flyswatter.jpg

Windows 10 has been tweaked to let devs enjoy the delights of DTrace while chasing down pesky bugs.

Microsoft's Hari Pulapaka took to Twitter to share the news, though he swiftly followed it up with a blog post explaining that when he said "Windows 10", he actually meant "Insider Builds from 18342" onwards.

Move - Microsoft - Beast

The move is the latest to demonstrate that Microsoft is far from the anti-open-source beast of old.

The next release of Windows 10 also has a change aimed specifically at getting the thing up and running on Linux Kernel-based Virtual Machines (KVM).

Things - Work - Windows - Team - Kernel

To make things work, the Windows team added a new kernel extension driver, Traceext.sys, to expose the functionality required by DTrace. Pulapaka explained: "The Windows kernel provides callouts during stackwalk or memory accesses which are then implemented by the trace extension."

At this point, security fans will be stroking their chins thoughtfully. Allowing DTrace to run riot in the kernel stomps on some of Windows' built-in security. As DTrace can effectively make changes in functions being analysed, Microsoft's PatchGuard must be disabled, which Pulapaka confirmed on Twitter.


PatchGuard, formerly known...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!