English | νκ΅μ΄
ONCRIX is Not a Copy, Real Independent uniX
ONCRIX is a new operating system built from the ground up with a microkernel architecture, designed as an independent Unix-like OS with full POSIX compatibility. Written entirely in Rust for memory safety, security, and performance.
Traditional monolithic kernels pack everything β drivers, file systems, networking β into a single privileged address space. A single bug in any component can crash the entire system.
ONCRIX takes a different approach:
- Microkernel design: Only scheduling, IPC, and basic memory management run in kernel space
- Fault isolation: Drivers and services run as user-space processes; a crashed driver doesn't bring down the system
- Capability-based security: Fine-grained access control at the IPC level
- POSIX compatibility: Run existing Unix applications without modification
| Goal | Approach |
|---|---|
| Stability | Rust's ownership model eliminates data races and memory corruption. Graceful error propagation via Result<T, E> throughout the kernel |
| Security | Capability-based access control, privilege separation, minimal trusted computing base (TCB) |
| Extensibility | Modular microkernel β add or replace OS services without rebooting. User-space drivers and file systems |
| Performance | Zero-cost abstractions, lock-free data structures, efficient synchronous/asynchronous IPC, minimal context switches |
Architecture deep-dive β β design philosophy, OS comparison, security model, POSIX strategy
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β User Applications β
β (POSIX-compatible API) β
ββββββββββββββββ¬ββββββββββ¬βββββββββββββ¬ββββββββββββββββββ€
β Syscall β VFS β Drivers β Services β
β(oncrix- β(oncrix- β(oncrix- β β
β syscall) β vfs) β drivers) β β
ββββββββββββββββ΄ββββββββββ΄βββββββββββββ΄ββββββββββββββββββ€
β IPC (oncrix-ipc) β
β Message Passing & Shared Memory β
ββββββββββββββββ¬βββββββββββββββββββββββββ¬ββββββββββββββββ€
β Process β Memory Management β HAL β
β(oncrix- β (oncrix-mm) β (oncrix-hal) β
β process) β β β
ββββββββββββββββ΄βββββββββββββββββββββββββ΄ββββββββββββββββ€
β Microkernel (oncrix-kernel) β
β Scheduler Β· Core IPC Β· Page Tables β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Bootloader (oncrix-bootloader) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Hardware
oncrix/
βββ crates/
β βββ kernel/ # Microkernel core (scheduler, IPC, memory management)
β βββ hal/ # Hardware Abstraction Layer (x86_64, aarch64, riscv64)
β βββ bootloader/ # Boot protocol and early initialization
β βββ drivers/ # User-space device driver framework
β βββ vfs/ # Virtual File System
β βββ process/ # Process and thread management
β βββ ipc/ # Inter-Process Communication primitives
β βββ mm/ # Memory management (virtual memory, page allocator)
β βββ syscall/ # POSIX-compatible system call interface
β βββ lib/ # Shared utilities and error types
βββ docs/ # Documentation and developer wiki
βββ .github/ # CI/CD workflows and issue templates
βββ Cargo.toml # Workspace configuration
βββ CONTRIBUTING.md # Contribution guidelines
βββ CHANGELOG.md # Version history
βββ SECURITY.md # Security policy
βββ CODE_OF_CONDUCT.md # Community standards
βββ LICENSE # Apache License 2.0
βββ README.md
ββββββββββββ
β kernel β
ββββββ¬ββββββ
βββββββ¬βββββββΌβββββββ¬ββββββββββ
v v v v v
ββββββββββββββββββββββββββββββββββββββ
βsyscallββipcββ mm ββproc ββ hal β
ββββ¬βββββββ¬βββββββ¬ββββββββ¬βββββββββββββ
β β β β
v v v v
ββββββββ β βββββββ β
β vfs β β β hal β β
ββββ¬ββββ β βββββββ β
β β β
v v v
βββββββββββββββββββββββββββββββ
β lib β
βββββββββββββββββββββββββββββββ
- Language: Rust 1.85+ (Edition 2024)
- Build System: Cargo workspace
- Target Architectures: x86_64 (primary), aarch64 (planned), riscv64 (planned)
- License: Apache-2.0
- CI/CD: GitHub Actions
- Rust 1.85+ (nightly recommended for
#![no_std]kernel development) - QEMU (for testing the OS in a virtual machine)
cargo build --workspacebash scripts/run-qemu.shExpected output (10-phase boot sequence):
[ONCRIX] Kernel booting...
[ONCRIX] Serial console initialized (COM1, 115200 8N1)
[ONCRIX] GDT initialized
[ONCRIX] IDT initialized (5 exception handlers)
[ONCRIX] Kernel heap initialized (16 MiB)
[ONCRIX] Scheduler initialized (idle thread ready)
[ONCRIX] SYSCALL/SYSRET initialized
[ONCRIX] PIC initialized, PIT running at ~100 Hz
[ONCRIX] All early initialization complete.
[ONCRIX] Mounting root filesystem...
[ONCRIX] Root filesystem mounted (ramfs on /)
[ONCRIX] Created /dev /proc /tmp /sbin
[ONCRIX] Initializing IPC channels...
[ONCRIX] IPC channels ready (kernel<->console, kernel<->devmgr, kernel<->netd)
[ONCRIX] Starting service manager...
[ONCRIX] Service manager boot complete
[ONCRIX] Entering halt loop.
cargo fmt --all -- --check && cargo clippy --workspace -- -D warnings && cargo build --workspace- Project structure and workspace setup (10-crate workspace, CI/CD)
- Boot entry via Xen PVH ELF Note (QEMU
-kernel) + Multiboot2 header (GRUB) - 32-bit β 64-bit long-mode transition (boot.S stub at 1 MiB physical)
- Serial console output (UART 16550, COM1 115200 8N1)
- Physical memory manager (bitmap allocator, 128 MiB)
- Virtual memory (4-level page tables, map/unmap, TLB flush)
- Kernel heap allocator (linked-list free-list, 16 MiB)
- GDT/IDT (5 segments + TSS, 256 vectors, 5 exception handlers)
- Linker script (higher-half at 0xFFFFFFFF80000000)
- QEMU integration script (boots all 10 init phases)
- 8259 PIC driver (IRQ remap to vectors 32-47)
- PIT timer (~100 Hz periodic)
- Local APIC timer driver (MMIO, calibration, one-shot/periodic)
- ACPI table parsing (RSDP, XSDT, MADT)
- Round-robin scheduler (256 threads)
- Context switching (callee-saved register save/restore)
- Preemptive scheduling (priority-based time slices)
- Kernel thread pool (32 threads, 8 KiB stacks)
- SYSCALL/SYSRET entry point (MSR setup, assembly stub)
- Ring 0 to Ring 3 transition (iretq)
- Synchronous IPC channels (ring buffer, 16 messages)
- Channel registry (64 channels)
- Process/Thread structs with PID/TID newtypes
- ELF64 binary loader (header validation, PT_LOAD segments)
- User-space process execution (exec, address space setup)
- fork implementation (CoW tracker, reference counting)
- Per-process virtual address space (64 VmRegions)
- User pointer validation (copy_from_user/copy_to_user)
- VFS layer (inode, dentry cache, superblock, mount table)
- ramfs (128 inodes, 4 KiB files, full InodeOps)
- devfs (64 device nodes, char/block registration)
- procfs (version, uptime, meminfo, cpuinfo)
- Pipe (4 KiB ring buffer, 64 pipes)
- Path resolution and VFS open (O_CREAT/O_TRUNC)
- VFS operations (read, write, lseek, stat)
- Device driver framework (Driver trait, registry, 64 devices)
- POSIX syscall numbers (Linux x86_64 ABI)
- Syscall dispatcher + 200+ handler stubs (io_uring, BPF, perf, prctl, landlock, pidfd)
- Signal handling (32 signals, mask, pending)
- File descriptor table (256 fds, dup2)
- stat/fstat/lseek/pipe/dup2 handlers
- SYSCALL/SYSRET fast-path entry (MSR setup)
- Ring 0 β Ring 3 transition (in progress)
- execve syscall end-to-end
- Basic shell
- x86_64 (primary, boots in QEMU)
- aarch64 (HAL boot stub in progress)
- riscv64 (HAL boot stub planned)
-
crates/userspace/tree (init, sh, libc shim) - QEMU integration tests in CI
- Architecture documentation (x86_64 boot flow)
See CONTRIBUTING.md for guidelines.
Licensed under the Apache License, Version 2.0. See LICENSE for details.
Copyright 2026 ONCRIX Contributors
SPDX-License-Identifier: Apache-2.0