hi ik wine can translate userspace calls but i wonder if its possible to translate windows kernel level calls to linux ones (eg,kernel level anticheat,etc)
hi ik wine can translate userspace calls but i wonder if its possible to translate windows kernel level calls to linux ones (eg,kernel level anticheat,etc)
Wine does translate kernel calls. Perhaps youre misunderstanding how that is then exposed?
Wine translates windows calls (including system level/kernel level) but exposes/implements in userspace on linux.
It doesn’t only do windows userspace to linux userspace
Its a design decision from the wine team to not build it as a kernel module and to instead implement as an application in userspace
Have a read here https://werat.dev/blog/how-wine-works-101/
then if it translates kernel calls why cant some kernel level anticheat run
Anticheat isnt solely about kernel calls. Anticheat systems, depending on what one you are referring to, will inspect runtime memory, data loaded into RAM. It will do a number of things to verify memory isn’t being modified (which cheat engines, among other things, need to do).
Simply, Wine and linux load applications differently, anticheat systems see the difference and assume something nefarious is going on.
Its not as simple as just running anticheat in wine.
edit some additional info from a pretty old article
https://www.theverge.com/2021/10/5/22709918/valve-steam-deck-supported-games-anti-cheat-proton-eac-battleye-epic
oh i thought its just translating the anti cheat calls,ty for the detailed explination
sadly, no. Anticheat Systems are designed to be paranoid as fuck. So even some readout of the hardware used that WINE handles a tad differently than Windows might trip it.
oh yeah some anticheat can ban you for playing games on your pc
Because it is in user space not kernel space. Also Linux uses a monolithic kernel (no separate space for drivers)
Also, (and this is from security research articles here) most kernel level anticheats seem to focus more on datamining than anticheat (see: anything from tencent)
Its so bad that a lot of corporate environments ban any work being done on machines that also have them installed (source: my employer)
Over time more and more anricheat companies have realised that personal data is gold and they are harvesting more and more of it.
Just read the eula some time. Most of it state in plain english that they send files from your documents, take screenshots and log keys.
And we give them kernel access…
if any anti cheat datamines my data i am prob not playing that game
Well, buddy… I got news for you!