[asveikau]

I was always disappointed with the design of wsl2. The wsl1 design of a syscall layer atop NT had greater architectural purity. They way I heard it, they introduced a virtual machine into the design specifically in order to bypass poor NT filesystem performance. I'm sure it's easier said than done, but it would have been nice if they instead fixed the issues on the NT side, rather than side step them with a VM.

[josh3736]

My (possibly uninformed) understanding at the time was that it was Docker, not solely filesystem performance.

WSL1's file performance is pretty much as good as it gets on Windows, since open(2), read(2), etc are all translated directly in-kernel from Linux to Windows API calls. It's still slower than a real Linux kernel since Windows' filesystem filter drivers add a lot of overhead to every operation, and Windows Defender and its realtime scanning in particular makes it 10x worse. (NTFS itself is fine.)

WSL1's filesystem situation is now "fixed" by Dev Drive, which is just a new partition with most filters disabled and Defender is put in to a different mode where scanning is asynchronous instead of blocking every open(2).

WSL2's mounts of Windows disks still has to deal with all of the above, plus the overhead of serializing every operation over a VM socket, which is largely fixed by what this article describes. So even if you've enabled virtiofs to speed up WSL2's cross-VM transfers, you're still going to hit the same Windows filesystem caveats that apply to WSL1 and native Windows apps.

On the other hand, the WSL2 in-VM ext filesystem (ie, the / mount) will be the fastest to Linux apps since it never touches the Windows side, but accessing those files from Windows sucks since they're buried in a VHD image, accessed over a slow 9p (I think) network-like mount on \\wsl.localhost\distro\

All of that to say filesystem perf may or may not have been a factor in the switch from WSL1's very cool NT persona architecture to WSL2's decidedly more boring VM design, but it was pretty clear that Docker was the real showstopper.

Devs needed to run containers, and WSL1 couldn't (and still can't) do it.

I imagine Microsoft took a look at what it would take to implement container support in the NT kernel to the point that Docker would work, and decided it was simply too much work when they could just slap a VM in and get the entire Linux kernel API surface for free. So thus we got WSL2.

I still use WSL1 for light work like running ssh, since there's basically no overhead at all (5 MB of RAM total to run ssh), compared to needing to run an entire second OS in WSL2. And as long as you don't need any containers, even heavier work runs nicely on WSL1 since there's no VM overhead or network NAT shenanigans.

But if you need containers, you need WSL2.

[fragmede]

> Windows' filesystem filter drivers add a lot of overhead to every operation, and Windows Defender and its realtime scanning in particular makes it 10x worse. (NTFS itself is fine.)

Are there a lot of Microsoft operating systems that feature NTFS without filesystem drivers and Windows Defender?

[josh3736]

It's the filesystem filter drivers that slow things down, not the filesystem drivers (ie NTFS) themselves.

Filter drivers sit a layer above the filesystem driver and allow you to hook file operations to do things like antivirus scanning, transparent encryption and compression, realtime backups, and implement virtual files (à la Dropbox and OneDrive cloud files that are deleted from local storage and JIT downloaded when accessed).

Those are all useful features, but you pay for the extensibility with performance.

To answer your question, obviously no—at least not in a default configuration—but all that stuff can be disabled if you're so inclined, which would leave you with a Microsoft operating system featuring NTFS without the filters and Defender.

But I'm not sure what point you're trying to make. Different operating systems make different trade-offs?

[fragmede]

NTFS itself is actually pretty good, but unless you disable the filter drivers and Windows Defender, overall system performance of NTFS isn't great. Except that you can't really run NTFS without those things. Technically you can, but you're not running without Windows Defender enabled except in very very specific circumstances. So the performance of NTFS itself without those things is a moot point because of that.

[torginus]

Imo it was the right call. Linux filesystems, file attributes are different from Windows, and the two never would've been completely compatible. The two big ones, are the execute bit, and the very fact that windows files represent the data on disk, while Linux ones are just a hardlink to the inode.

It is what it is. My workflow is that I rsync the relevant files from Windows to Linux, do the work, and rsync them back. It's clunky but works well enough.

[asveikau]

> The two big ones, are the execute bit, and the very fact that windows files represent the data on disk, while Linux ones are just a hardlink to the inode.

This contrast is somewhat true of FAT but not NTFS.

Which is to say, in FAT, the direntry defines the first entry in the cluster chain, and the file size. But NTFS is not like this. There is a concept of inodes, which they call file IDs. Hardlinks are also a thing. You can also create a file, then delete its name, but leave the handle to the inode open. You can also open by file id.

[JdeBP]

This really isn't factually based. MFT entries are conceptually equivalent to i-node table entries. And the execute bit is what traversal checking bypass is all about.