MinimalOS NextGen
A capability-based microkernel operating system written from scratch in Rust for x86_64.
What is MinimalOS NextGen? #
MinimalOS NextGen is an educational operating system that prioritizes security and minimalism. The kernel provides exactly six services — everything else runs in userspace:
| Service | Description |
|---|---|
| Address space isolation | Each process gets its own page tables |
| Capability enforcement | Unforgeable tokens control access to resources |
| IPC message delivery | Opaque bytes + capability transfers between processes |
| CPU time multiplexing | Tickless scheduler with per-core run queues |
| Interrupt routing | IRQs delivered to capability holders |
| Memory grant transfers | Zero-copy page sharing via capabilities |
Drivers, filesystems, networking, and GUI all run as unprivileged userspace processes communicating through IPC — the kernel never implements policy.
Target Hardware #
The primary target is the HP 15-ay028tu laptop:
- CPU: Intel Pentium N3710 — 4-core Airmont (Braswell), 1.6–2.56 GHz
- RAM: 8 GB DDR3L-1600
- GPU: Intel HD 405 (Gen8)
- Storage: SATA HDD / replaceable with SSD
- Boot: UEFI via Limine v8.6.0 bootloader
The OS also runs in QEMU with OVMF UEFI firmware for development and CI.
Design Philosophy #
- Policy-free kernel — The kernel enforces mechanisms, never policy. Scheduling policy, filesystem layout, network protocols — all live in userspace.
- Capability-based security — Every resource access requires an unforgeable capability token. No ambient authority, no root user.
- Rust all the way — The entire kernel and userspace are written in Rust, leveraging the type system and ownership model for memory safety.
- Minimal trusted computing base — Only ~22 syscalls. The smaller the kernel, the less surface area for bugs.
Current Status #
📝 Note
MinimalOS NextGen is under active development. Sprints 1–9.5 are complete; Sprint 10 (Wasm Hypervisor) is in progress.
| Sprint | Focus | Status |
|---|---|---|
| Sprint 1 | Boot & Serial Output | ✅ Complete |
| Sprint 2 | Memory Management | ✅ Complete |
| Sprint 3 | Interrupts & Exceptions | ✅ Complete |
| Sprint 4 | Processes & Scheduler | ✅ Complete |
| Sprint 5 | Capabilities & IPC | ✅ Complete |
| Sprint 6 | Syscall Interface & Userspace | ✅ Complete |
| Sprint 7–9 | Init, Delegation & The God Process | ✅ Complete |
| Sprint 9.5 | Reaper & Resource Teardown | ✅ Complete |
| Sprint 10 | Wasm Hypervisor (Ring 3 Allocator) | 🔄 In Progress |
See the full Roadmap for details.
Quick Start #
# Clone and build
git clone https://github.com/nadeeshafdo/MinimalOS.git
cd MinimalOS
make
# Create bootable ISO and run in QEMU
make runSee Getting Started for prerequisites and detailed instructions.