d0a2c07261
Move MMU enabled-state publication to post-relocation in higher-half (`mark_enabled()`), eliminating the transition window where `is_enabled()` could be true while ELR was still low-VA. Feature-gate MMU fault probe infrastructure (`mmu_fault_probes`) so production exception dispatch is free of probe-only state and logic when disabled. Keep probes enabled by default for current QEMU bring-up. Add compile-time TrapFrame layout assertions (`offset_of!` and size) to lock assembly frame offsets to Rust layout and prevent silent exception-frame regressions. Harden guard-page probe VA derivation to avoid double-offseting when linker symbols are already higher-half mapped. Validation: - cargo fmt --all - cargo clippy --workspace --all-targets --all-features -- -D warnings - cargo test --workspace - cargo build -p kernel --target aarch64-unknown-none --no-default-features - QEMU boot with strict final mapping and MMU probes (remaining expected faults: 0) |
||
|---|---|---|
| .cargo | ||
| docs | ||
| kernel | ||
| lib | ||
| scripts | ||
| .gitignore | ||
| Cargo.lock | ||
| Cargo.toml | ||
| LICENSE | ||
| README.md | ||
| rust-toolchain.toml | ||
ZerOS
A from-scratch, Rust-native operating system for battery-powered laptops.
What is this?
ZerOS is a new operating system. Not a Linux distribution, not a fork, not a POSIX-compliant system with a fresh coat of paint. It is a ground-up rethinking of what a laptop OS could be if you started today with no obligation to the past — no fork(), no ioctl(), no /proc, no systemd, no X11, no ALSA, no ACPI.
ZerOS is designed around a single conviction: a purpose-built OS, free of 30 years of legacy debt, can deliver dramatically longer battery life, faster boot times, and a more reliable user experience than any general-purpose system on the same hardware.
The result is a terminal-first, security-conscious, energy-obsessed microkernel OS written almost entirely in Rust, targeting ARM laptops.
What makes it different?
Every milliamp matters. The kernel scheduler is tickless — zero wakeups at idle. The CPU frequency governor is integrated into the scheduler and reacts in microseconds, not milliseconds. Unused peripherals are clock-gated. The display pipeline shuts down entirely during static content via eDP Panel Self-Refresh. Secondary CPU cores are power-gated by default. The result: 50–100% longer battery life than Linux on the same hardware.
Microkernel, not monolith. The kernel handles memory, scheduling, IPC, and interrupts. Everything else — every driver, the filesystem, the network stack, the SSH server — runs in isolated user-space processes. A crashing eMMC driver restarts in milliseconds without affecting the kernel or your SSH session.
Capability-based security. No root user. No ambient authority. Processes access resources through unforgeable tokens (capabilities) granted explicitly by their parent. Privileged actions go through the please capability-broker command, which grants only scoped capabilities for a single action. A text editor opened to edit one file cannot read any other file, touch the network, or inspect other processes.
Terminal-first. The primary interface is a modern terminal running directly on the framebuffer — true color, Unicode, Nerd Fonts, tabs, split panes, and a built-in shell with structured pipelining. No window manager, no compositor, no display server. Just a fast, beautiful terminal that boots in under two seconds.
No POSIX in the kernel. The native API is small, clean, and capability-based. POSIX compatibility exists as a user-space shim for porting essential tools (git, curl). Native ZerOS programs never touch it.
Current status
Pre-development. Architecture and design are documented. First line of code has not been written. See the documentation below for the full technical picture.
Documentation
All project documentation lives in docs/:
| Document | Purpose |
|---|---|
| OVERVIEW.md | Comprehensive technical reference — architecture, subsystems, design decisions, implementation details. Start here to understand the system. |
| PHILOSOPHY.md | Development philosophy, priorities, design rules, coding standards, naming conventions, commit practices. The north star for every decision. |
| TODO.md | Current task queue. Each TODO = one commit. Removed when completed. |
| ARTIFICIAL_INTELLIGENCE_USE.md | AI usage policy. How and where AI tools are used, and the hard line between AI-assisted and AI-generated work. |
Target hardware
The primary target is the Rockchip RK3566 (quad Cortex-A55, 4GB LPDDR4) on the Radxa CM3 development board, with an eDP display (2560×1600 with Panel Self-Refresh) and ESP32-C6 WiFi 6 coprocessor. Architecture-level testing uses QEMU (virt machine, Cortex-A55).
The long-term goal is a custom laptop running ZerOS that outlasts any comparable Linux device by 50–100% on a single charge.
Building
Current bring-up workflow:
# Boot in QEMU (one command)
cargo run -p kernel --target aarch64-unknown-none
# Verify DTB handoff and parse output (for future CI?)
./scripts/verify-dtb-pointer.sh
License
AGPLv3.
ZerOS is what happens when you ask: "What would a laptop OS look like if we designed it today, for the people who will use it, with no obligation to the past?"