From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: StarBrilliant <coder@poorlab.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Windows Log Output to Event Viewer or Text File
Date: Thu, 14 Oct 2021 13:52:50 -0600 [thread overview]
Message-ID: <CAHmME9qjs=38jss-DEwtOJ0tm3m9mn+4tsC8jdRk7AsUyTUPaQ@mail.gmail.com> (raw)
In-Reply-To: <b1b2fc28-fee0-4801-ac42-fcd8d985e837@www.fastmail.com>
On Thu, Oct 14, 2021 at 12:43 PM StarBrilliant <coder@poorlab.com> wrote:
> In fact, Windows Event Logging has two APIs: ETW and WPP.
> The ETW API is, indeed, slow and clunky.
> However, the WPP API is very high-performance. The trace function in Windows native TCP stack is implemented with WPP.
Yes. I have no interest in using binary WPP traces. The kernel driver
now mimics linux's, having the exact same messaged logs in a simple
printk-like buffer.
> If someone like Frank has the time and ability, they could check this MSDN documentation and try to implement it:
> https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/wpp-software-tracing
Not interested. I won't take patches for that.
> I am not sure if I get Jason's idea: Is current Wireguard driver using a ring buffer of 2,048 messages for logging?
No. Frank is conflating the kernel driver and a simple userspace
service. The userspace service uses a very simple ringlogger format,
with multiple implementations, used for years on different platforms.
The kernel driver doesn't have an on-disk format; it uses a ring
buffer of sorts, but so far that remains irrelevant to this
discussion.
Jason
next prev parent reply other threads:[~2021-10-14 19:53 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-08 20:50 Windows Log Output to Event Viewer or Text File Frank Wayne
2021-10-08 22:01 ` Jason A. Donenfeld
2021-10-12 21:39 ` Frank Wayne
2021-10-12 21:40 ` Jason A. Donenfeld
2021-10-13 13:29 ` Frank Wayne
2021-10-13 18:16 ` Jason A. Donenfeld
2021-10-14 17:41 ` Frank Wayne
2021-10-14 18:40 ` StarBrilliant
2021-10-14 19:40 ` Frank Wayne
2021-10-14 19:52 ` Jason A. Donenfeld [this message]
2021-10-14 20:02 ` Jason A. Donenfeld
2021-10-14 21:45 ` Frank Wayne
2021-10-14 21:56 ` Jason A. Donenfeld
2021-10-15 13:25 ` Frank Wayne
2021-10-26 10:05 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHmME9qjs=38jss-DEwtOJ0tm3m9mn+4tsC8jdRk7AsUyTUPaQ@mail.gmail.com' \
--to=jason@zx2c4.com \
--cc=coder@poorlab.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).