hi ik wine can translate userspace calls but i wonder if its possible to translate windows kernel level calls to linux ones (eg,kernel level anticheat,etc)
Wine does translate kernel calls. Perhaps youre misunderstanding how that is then exposed?
Wine translates windows calls (including system level/kernel level) but exposes/implements in userspace on linux.
It doesn’t only do windows userspace to linux userspace
Its a design decision from the wine team to not build it as a kernel module and to instead implement as an application in userspace
Have a read here https://werat.dev/blog/how-wine-works-101/
then if it translates kernel calls why cant some kernel level anticheat run
Anticheat isnt solely about kernel calls. Anticheat systems, depending on what one you are referring to, will inspect runtime memory, data loaded into RAM. It will do a number of things to verify memory isn’t being modified (which cheat engines, among other things, need to do).
Simply, Wine and linux load applications differently, anticheat systems see the difference and assume something nefarious is going on.
Its not as simple as just running anticheat in wine.
edit some additional info from a pretty old article
oh i thought its just translating the anti cheat calls,ty for the detailed explination
sadly, no. Anticheat Systems are designed to be paranoid as fuck. So even some readout of the hardware used that WINE handles a tad differently than Windows might trip it.
oh yeah some anticheat can ban you for playing games on your pc
Also, (and this is from security research articles here) most kernel level anticheats seem to focus more on datamining than anticheat (see: anything from tencent)
Its so bad that a lot of corporate environments ban any work being done on machines that also have them installed (source: my employer)
Over time more and more anricheat companies have realised that personal data is gold and they are harvesting more and more of it.
Just read the eula some time. Most of it state in plain english that they send files from your documents, take screenshots and log keys.
And we give them kernel access…
if any anti cheat datamines my data i am prob not playing that game
Well, buddy… I got news for you!
Because it is in user space not kernel space. Also Linux uses a monolithic kernel (no separate space for drivers)
oh
If you wanted to support all possible drivers, you would basically need to rewrite the entire kernel. You could make one specific anticheat work by supporting its specific calls, but this will take a lot of work, and will probably be broken with the first ever update.
In the past there were projects that supported specific types of drivers, such as ndiswrapper, but that had a very limited scope.
Here’s also an answer to a similar question: https://unix.stackexchange.com/questions/544776/installing-proprietary-windows-drivers-on-linux
oh alr ty
WINE loads the executable binary data into the memory, and runs it. The Machine doesn’t care if the code was made for Windows or Linux when it runs it
The funny thing here is that Microsoft did a very good job in WSL v1 doing the exact opposite. Unlike Windows apps that run all broken under Wine, running GUI app on WSL worked just fine.
They really did do a good job. The difference is that they have access to documentation about Linux that wine doesn’t have about Windows.
That’s more or less what a virtual machine does. And I bet cheating programs do as well.
Not really
It is the difference between kernel space and user space