Closed
Bug 1276019
Opened 9 years ago
Closed 3 years ago
Detect and warn when Windows Defender is slowing down operations
Categories
(Firefox Build System :: General, defect)
Firefox Build System
General
Tracking
(firefox103 fixed)
RESOLVED
FIXED
103 Branch
| Tracking | Status | |
|---|---|---|
| firefox103 | --- | fixed |
People
(Reporter: gps, Assigned: ahochheiden)
References
Details
Attachments
(2 files)
As I discovered in bug 1272851, Windows Defender is making xpcshell test execution ~2x slower on Windows.
Any process that creates or writes thousands of files will be significantly slowed down by Windows Defender (Windows Defender uses a kernel filesystem filter driver to scan files before they are written).
For performance reasons, we want Windows Defender disabled on at least the object directory (and preferably the source directory, although that's a bit riskier). We should figure out a way to detect Windows Defender activity and alert the user.
A quick and dirty way to check for Windows Defender is to measure the CPU usage of the MsMpEng.exe process before and after operations. If CPU time was too high, alert. We do this for Finder processes on OS X.
I'm pretty sure we can't modify Windows Defender settings unless we run as admin privileges. You can't even query the list of filesystem filter drivers without admin privileges. I'm not even sure Windows Defender has an API that would allow us to programmatically add an exclusion.
Keep in mind Windows Defender is enabled by default on Windows 10. So a default Windows 10 environment will mean slower builds and test times :/
|
||
Comment 1•9 years ago
|
||
Did aimed for Core :: Build Config?
|
|
||
Updated•9 years ago
|
Product: Calendar → Core
|
||
Comment 2•9 years ago
|
||
Is the CPU-usage detection in comment 0 "good enough"?
If not, there are standard, harmless "test" viri: see https://en.wikipedia.org/wiki/EICAR_test_file. Perhaps a check/test to see if one can be written & read quickly? [IE, to see if some kind of AV warning is being triggered, and if so dump out our own performance warning?]
One obvious risk is that you'd have to be careful with how the test vector is stored, because you don't want it be a giant pain for people passing around source code. Or risking a site hosting said code being flagged as a malware site. Encrypted file + separate key?
|
Reporter | |
Comment 3•8 years ago
|
||
The powershell command `Add-MpPreference -ExclusionPath` can be used to add an exclusion path to Windows Defender.
|
||
Updated•7 years ago
|
Product: Core → Firefox Build System
|
Assignee | |
Comment 4•3 years ago
|
||
Also updated the windows_build docs to reflect the change.
|
||
Updated•3 years ago
|
Assignee: nobody → ahochheiden
Status: NEW → ASSIGNED
Pushed by ahochheiden@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/99b0e3dc143e
Add Microsoft Defender Antivirus exclusions automatically during source bootstrap r=glob
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox103:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 103 Branch
|
|
Assignee | |
Comment 7•3 years ago
|
||
Pushed by sledru@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/cc4b0713735a
Additional doc changes to include a definition for UAC and replaced a static url link with a :ref: link r=sylvestre DONTBUILD
|
||
Comment 9•3 years ago
|
||
| bugherder | ||
You need to log in
before you can comment on or make changes to this bug.
Description
•