kernel/cap/lib.rs). Contributions are welcome. File issues or propose changes at exec/aegis.Capability-Based Security
Every process carries a 64-slot capability table. Every privileged syscall validates capabilities before execution. Rust-implemented validation core linked into the C kernel via FFI. Two-tier policy model with per-executable capability restriction on exec.
Monolithic Kernel
Single-address-space kernel in C targeting x86_64 long mode. Higher-half mapping at 0xFFFFFFFF80000000. 4-level paging, bitmap PMM, kernel virtual allocator, per-process VMAs with copy-on-write fork.
Full Network Stack
Ethernet, ARP, IP, TCP, UDP, ICMP. BSD socket API with UNIX domain sockets and epoll. Two NIC drivers: virtio-net for QEMU and RTL8169 for real hardware. DHCP client, HTTP server, and curl with BearSSL TLS.
Custom GUI
No X11. No Wayland. Direct framebuffer rendering via Lumen compositor, Glyph widget toolkit (TrueType text, buttons, text fields), Citadel desktop shell (taskbar, dock, window management), and Bastion graphical login manager.
SMP & Preemption
Symmetric multiprocessing via INIT-SIPI-SIPI AP startup. LAPIC timer-driven preemptive round-robin scheduler. Per-CPU data structures. Full context switch including SSE state.
8 Filesystems
ext2 (read-write with block cache), ramfs, procfs, initrd, memfd, pipe, PTY, and console. Unified VFS layer with dentries, inodes, and per-process fd tables. GPT partition support on NVMe.
QEMU Integration Tests
Rust test harness boots the real kernel in QEMU, captures serial output, asserts boot sequences, drives GUI interactions via HMP mouse/keyboard injection, and performs fuzzy visual regression testing on screendumps.
Full Userspace
Vigil init system with service management. Capability-aware secure shell (stsh). 25+ coreutils. Text and graphical installers. musl libc 1.2.5 dynamic linking. Web server, DHCP client, text editor.
Documentation
Overview
- Architecture Overview – High-level system diagram, subsystem map, boot sequence, and documentation index
Kernel Internals
- Boot Process – Multiboot2 entry, 32-to-64-bit transition, higher-half setup, and full initialization sequence
- Memory Management – Physical memory manager (bitmap), virtual memory manager (4-level paging), kernel virtual allocator, user VMAs
- Scheduler – Round-robin preemptive scheduling, SMP, context switch, wait queues
- Processes & ELF – Process model, ELF64 loading, fork/exec, dynamic linking
- Syscall Interface – Complete syscall reference (100+ calls across 15 categories)
- Interrupts & Exceptions – IDT, PIC, LAPIC/IOAPIC, exception handlers, IRQ routing
Security
- Capability Model – Per-process capability tables, Rust validation core, C/Rust FFI boundary
- Security Policy Engine – Policy file format, baseline capabilities, inheritance on fork/exec
Filesystems
- VFS Layer – Virtual filesystem architecture, inode/dentry model, mount points
- ext2 Implementation – On-disk layout, block cache, directory operations, read-write support
- procfs & Special Filesystems – procfs, ramfs, memfd, pipe, PTY
Networking
- Network Stack – Architecture, packet flow, device abstraction
- TCP/IP – TCP state machine, IP routing, ICMP, ARP
- Socket API – BSD socket interface, UNIX sockets, epoll
Drivers
- Driver Overview – NVMe, xHCI, USB HID, virtio-net, RTL8169, framebuffer, PCI enumeration
Graphics
- Lumen Compositor – Display server, window management, framebuffer rendering, mouse input
- Glyph Toolkit – Widget library, TrueType rendering, layout, focus management
- Citadel Desktop – Desktop shell, taskbar, dock, window decorations
Userspace
- Vigil Init System – PID 1 service manager, service files, vigictl
- Shell & Coreutils – Secure shell (stsh), minimal shell, 25+ utilities
- Services – httpd, dhcp, chronos, curl, rune, installers
Development
- Build System – Makefile architecture, cross-compilation, rootfs construction, ISO packaging
- Testing Framework – QEMU-based integration tests, visual regression, installer verification