A real-time microkernel with units, capabilities, and message-passing designed from the ground up for:
- Hard real-time guarantees
- Multi-core scalability
- Capability-based security
- Userspace services
- Formal verification potential
# Build
make
# Run in QEMU
make run
# Clean
make clean
AionCore v0.1.0 booting in QEMU - showing HAL initialization, timer calibration, and real-time tick updates
Phase 1: β Foundation complete (HAL, per-CPU, IDT, VGA) Phase 2: β Complete (Timer, PMM, MMU/paging) Phase 3.1: β Preemptive multitasking working! Phase 3.2: β Syscalls complete (INT 0x80) Phase 3.3: β Ring 3 userspace working! Phase 3.4: π¨ Next up (Per-task address spaces)
π See CURRENT_WORK.md for today's status and next steps.
This is not a UNIX clone. Key concepts:
- Units: Isolated execution containers (not "processes")
- Threads: Execute within units
- Channels: Message-passing IPC
- Capabilities: Explicit access rights, no ambient authority
- No POSIX in kernel: POSIX is a userspace personality
The kernel is <10K LOC and provides only core primitives. Everything else (filesystems, drivers, services) runs in userspace.
π docs/ - All documentation
Start here:
- π CURRENT_WORK.md - What we're working on NOW
- π DEVELOPMENT_LOG.md - Development narrative and history
- π docs/DOCS.md - Documentation index
- π― docs/VISION.md - Long-term vision and goals
- πΊοΈ docs/IMPLEMENTATION_ROADMAP.md - Phase-by-phase plan
Design details:
- ποΈ docs/ARCHITECTURE.md - Design principles
- π· docs/UNITS_ARCHITECTURE.md - Units model
- β±οΈ docs/RT_CONSTRAINTS.md - Real-time requirements
- β docs/FORMAL_VERIFICATION.md - Verification strategy
- π docs/MULTI_ARCH.md - Multi-architecture support
Development:
- π docs/KERNEL_C_STYLE.md - C coding standards and rules
- π§ͺ docs/TESTING.md - Unit testing guide
- π docs/ISSUES.md - Known issues and action items
kernel/
βββ CURRENT_WORK.md β Start here for current status
βββ DEVELOPMENT_LOG.md β Development narrative and history
βββ README.md β You are here
βββ Makefile β Build system
βββ grub.cfg β GRUB configuration
βββ .claude.md β Development workflow rules
β
βββ arch/x86/ β x86-specific code
β βββ boot.s β Multiboot entry point
β βββ hal.c β Hardware abstraction layer
β βββ gdt.c β GDT and TSS setup
β βββ idt.c / idt_asm.s β Interrupt handling
β βββ timer.c β PIT + TSC calibration
β βββ mmu.c β x86 paging/MMU
β βββ context.s β Hybrid context switch (kernel/user)
β βββ syscall.s β INT 0x80 syscall entry
β βββ user_test.s β Ring 3 test program
β βββ linker.ld β Memory layout
β
βββ core/ β Architecture-neutral kernel core
β βββ init.c β Kernel entry and initialization
β βββ percpu.c β Per-CPU data structures
β βββ task.c β Task management
β βββ scheduler.c β O(1) priority scheduler
β βββ syscall.c β Syscall dispatcher and implementations
β βββ user.c β Userspace task creation
β βββ console.c β Console multiplexer
β βββ ktest.c β Unit testing framework
β
βββ drivers/ β Device drivers (modular)
β βββ vga/ β VGA text mode driver
β β βββ vga.c β VGA subsystem
β β βββ vga_text.c β Text mode implementation
β β βββ vga_console.c β Console backend
β βββ serial/ β Serial UART driver
β βββ uart.c β 8250/16550 driver
β βββ serial_console.c β Console backend
β
βββ lib/ β Kernel library functions
β βββ string.c β Safe string operations
β
βββ mm/ β Memory management
β βββ pmm.c β Physical memory manager
β
βββ tests/ β Unit tests
β βββ test_main.c β Host test runner
β βββ pmm_test.c β PMM unit tests
β βββ scheduler_test.c β Scheduler unit tests
β βββ kprintf_test.c β kprintf unit tests
β
βββ include/ β Public headers
β βββ kernel/ β Core kernel headers
β β βββ hal.h β HAL interface
β β βββ idt.h β Interrupt handling
β β βββ percpu.h β Per-CPU data
β β βββ task.h β Task management
β β βββ scheduler.h β Scheduler
β β βββ timer.h β Timer subsystem
β β βββ pmm.h β Physical memory
β β βββ mmu.h β Virtual memory
β β βββ console.h β Console multiplexer
β β βββ types.h β Type definitions
β βββ drivers/ β Driver interfaces
β β βββ vga.h β VGA driver
β β βββ serial.h β Serial driver
β βββ lib/ β Library headers
β βββ string.h β String functions
β
βββ docs/ β Documentation
βββ DOCS.md β Documentation index
βββ VISION.md β Long-term vision
βββ IMPLEMENTATION_ROADMAP.md β Development plan
βββ UNITS_ARCHITECTURE.md β Units model details
βββ RT_CONSTRAINTS.md β RT requirements
βββ FORMAL_VERIFICATION.md β Verification strategy
βββ MULTI_ARCH.md β Multi-arch support
βββ ARCHITECTURE.md β Design principles
βββ ISSUES.md β Issue tracking
Foundation & HAL:
- Hardware Abstraction Layer (HAL)
- Per-CPU data structures (cache-line aligned)
- IDT and interrupt handling (256 entries)
- Exception handlers with register dumps
- Safe string library (no strcpy/strcat)
- Lock-free per-CPU tracing
Drivers & Console:
- Modular VGA driver with kprintf
- Serial UART driver (8250/16550, 115200 baud)
- Console multiplexer (VGA + serial dual output)
Timing:
- PIT timer with TSC calibration (1000 Hz, microsecond precision)
Memory Management:
- Physical memory manager (PMM, bitmap-based)
- MMU with x86 paging (identity-mapped kernel)
- O(1) page map/unmap operations
Tasks & Scheduling:
- Task management (create, destroy, yield)
- O(1) scheduler (256 priority levels)
- Context switching (< 200 cycles, full EFLAGS/segment restore)
- Timer-driven preemptive multitasking (1000 Hz)
- Priority-based preemption with round-robin
Testing & Development:
- Unit testing framework (ktest)
- Host-side unit tests for logic validation
- Direct QEMU kernel boot (5x faster iteration)
- Syscall mechanism (INT 0x80 or SYSENTER/SYSEXIT)
- GDT with ring 3 segments
- TSS for kernel stack switching
- First userspace task (ring 3 transition)
- Phase 3: Tasks, threads, scheduler, syscalls
- Phase 4: IPC, capabilities, message passing
- Phase 5: Userspace services
- Phase 6: SMP/multicore
- Phase 7: More userspace servers
- Phase 8: Advanced features (shared memory, IRQ caps)
- Microkernel First - IPC and capabilities early, not late
- Real-Time Throughout - Every path has bounded time
- Userspace by Default - If it can be userspace, it must be
- Per-CPU Everything - Minimize locking, maximize parallelism
- Capability Security - No ambient authority
- Small TCB - <10K LOC for verification
- No POSIX in Kernel - Build as userspace personality
See docs/ARCHITECTURE.md for detailed rationale.
| Operation | Target | Status |
|---|---|---|
| Context switch | <200 cycles | Phase 3 |
| Scheduler pick | <100 cycles | Phase 3 |
| IPC send/recv | <500 cycles | Phase 4 |
| IRQ dispatch | <100 cycles | β Ready |
| Interrupt latency | <10Β΅s | Phase 2 |
See docs/RT_CONSTRAINTS.md for full requirements.
- i686-elf cross-compiler
- GNU Make
- GRUB tools (grub-mkrescue)
- QEMU (for testing)
# Full build
make
# Clean build
make clean && make
# Run in QEMU (direct kernel boot - fast)
make run
# Run in QEMU (GRUB/ISO boot)
make run-iso
# Run in QEMU (terminal only, no GUI)
make run-nographic
# Build and run with unit tests
make test
# Show help
make helpDaily workflow:
- Check CURRENT_WORK.md for current status
- Read DEVELOPMENT_LOG.md to understand context and history
- Follow docs/IMPLEMENTATION_ROADMAP.md for APIs
- Follow docs/KERNEL_C_STYLE.md before/after coding
- Follow docs/RT_CONSTRAINTS.md for performance
- Update docs when completing work
Coding guidelines:
- Small functions (<50 LOC)
- No undefined behavior
- Bounded execution time (O(1) in RT paths)
- Document invariants
- Keep arch code in
arch/ - All hardware access via HAL
- Write unit tests for new subsystems
See docs/KERNEL_C_STYLE.md for complete coding standards.
This is an experimental kernel exploring modern OS design patterns. Key areas:
- Capability-based security
- Message-passing IPC
- Real-time scheduling
- Lock-free per-CPU patterns
- Formal verification techniques
See docs/VISION.md for the full design philosophy.
MIT License - Copyright (c) 2025 sistemica GmbH
See LICENSE for full details.
Influences:
- seL4 - Formally verified microkernel
- Fuchsia - Capability-based Zircon kernel
- QNX - Real-time microkernel
- MINIX - Pioneering microkernel design
Our twist:
- Units instead of processes
- Built for RT from day one
- Designed for formal verification
- No POSIX in kernel
- Per-CPU lock-free patterns
- Message-passing by default
Start exploring: Read CURRENT_WORK.md for what's happening now!