Nothing about Xnu leads me to believe they are pursuing a bona fide micro-kernel architecture. This doesn’t really indicate anything in that direction either. They’re just doing the typical Apple thing of enforcing a “one proprietary port, one licensed plug” policy.
We had a very serious performance issue resulting in crashes across our fleet of macs that was ultimately traced back to an endpoint security solution that was patching the kernel and doing dumb stuff.
These changes from Apple have forced this vendor to completely rewrite their product the right way.
I saw a rewrite of some functionality from a vendor (rhymes with mcafsee) as well. They decided to start running lsof to find open files. This can be excruciatingly slow and cpu intensive on macOS. It was running it near constantly effectively turning machines into beach ball render farms.
I suppose avoiding kernel panics is an improvement but let’s be real: these enterprise vendors have always made shit software and rarely keep up with OS releases or updates. They’re not about to change any time soon.
Indeed, but they are what causes OS vendor to actually do something about it.
Android now is requiring hardware memory tagging on ARM, Fortify by default, and Treble requires out-of-process for new drivers exactly because of the same kind of issues.
