7169dc05d4
PHASE 27: THE GLYPH & THE GHOST (Visual Cortex Polish)
========================================================
- Replaced placeholder block font with full IBM VGA 8x16 bitmap (CP437)
- Implemented CRT scanline renderer for authentic terminal aesthetics
- Set Sovereign Blue background (0xFF401010) with Phosphor Amber text
- Added ANSI escape code stripper for clean graphical output
- Updated QEMU hints to include -device virtio-gpu-device
Files:
- core/rumpk/libs/membrane/term.nim: Scanline renderer + ANSI stripper
- core/rumpk/libs/membrane/term_font.nim: Full VGA bitmap data
- src/nexus/forge.nim: QEMU device flag
- docs/dev/PHASE_26_VISUAL_CORTEX.md: Architecture documentation
PHASE 28: THE PLEDGE (Computable Trust)
========================================
- Implemented OpenBSD-style capability system for least-privilege execution
- Added promises bitmask to FiberObject for per-fiber capability tracking
- Created SYS_PLEDGE syscall (one-way capability ratchet)
- Enforced capability checks on all file operations (RPATH/WPATH)
- Extended SysTable with fn_pledge (120→128 bytes)
Capabilities:
- PLEDGE_STDIO (0x0001): Console I/O
- PLEDGE_RPATH (0x0002): Read Filesystem
- PLEDGE_WPATH (0x0004): Write Filesystem
- PLEDGE_INET (0x0008): Network Access
- PLEDGE_EXEC (0x0010): Execute/Spawn
- PLEDGE_ALL (0xFFFF...): Root (default)
Files:
- core/rumpk/core/fiber.nim: Added promises field
- core/rumpk/core/ion.nim: Capability constants + SysTable extension
- core/rumpk/core/kernel.nim: k_pledge + enforcement checks
- core/rumpk/libs/membrane/ion_client.nim: Userland ABI sync
- core/rumpk/libs/membrane/libc.nim: pledge() wrapper
- docs/dev/PHASE_28_THE_PLEDGE.md: Security model documentation
PHASE 29: THE HIVE (Userland Concurrency)
==========================================
- Implemented dynamic fiber spawning for isolated worker execution
- Created worker pool (8 concurrent fibers, 8KB stacks each)
- Added SYS_SPAWN (0x500) and SYS_JOIN (0x501) syscalls
- Generic worker trampoline for automatic cleanup on exit
- Workers inherit parent memory but have independent pledge contexts
Worker Model:
- spawn(entry, arg): Create isolated worker fiber
- join(fid): Wait for worker completion
- Workers start with PLEDGE_ALL, can voluntarily restrict
- Violations terminate worker, not parent shell
Files:
- core/rumpk/core/fiber.nim: user_entry/user_arg fields
- core/rumpk/core/kernel.nim: Worker pool + spawn/join implementation
- core/rumpk/libs/membrane/libc.nim: spawn()/join() wrappers
- docs/dev/PHASE_29_THE_HIVE.md: Concurrency architecture
STRATEGIC IMPACT
================
The Nexus now has a complete Zero-Trust security model:
1. Visual identity (CRT aesthetics)
2. Capability-based security (pledge)
3. Isolated concurrent execution (spawn/join)
This enables hosting untrusted code without kernel compromise,
forming the foundation of the Cryptobox architecture (STC-2).
Example usage:
proc worker(arg: uint64) {.cdecl.} =
discard pledge(PLEDGE_INET | PLEDGE_STDIO)
http_get("https://example.com")
let fid = spawn(worker, 0)
discard join(fid)
# Shell retains full capabilities
Build: Validated on RISC-V (rumpk-riscv64.elf)
Status: Production-ready
|
||
|---|---|---|
| .. | ||
| arch | ||
| crypto | ||
| README.md | ||
| abi.zig | ||
| channel.zig | ||
| entry_riscv.zig | ||
| fb_wrapper.zig | ||
| framebuffer.zig | ||
| gpu.zig | ||
| hud.zig | ||
| main.zig | ||
| matrix.zig | ||
| stubs.zig | ||
| uart.zig | ||
| ui.zig | ||
| virtio_block.zig | ||
| virtio_net.zig | ||
| virtio_pci.zig | ||
README.md
Rumpk HAL (L0)
Language: Zig + Assembly
Purpose: Hardware Abstraction Layer
Module Index
| File | Purpose |
|---|---|
main.zig |
Entry point (_start), stack setup, calls Nim kmain |
stubs.zig |
Freestanding libc (memcpy, malloc, printf, etc.) |
uart.zig |
PL011 UART driver (QEMU virt) |
abi.zig |
C ABI structs shared with Nim |
Architecture Directory (arch/)
Contains per-architecture implementations:
arch/
├── aarch64/ # ARM64 (VisionFive 2, RPi, AWS Graviton)
│ ├── switch.S # Context switch (96 bytes)
│ └── constants.nim
├── x86_64/ # System V ABI (servers, trading)
│ ├── switch.S # Context switch (56 bytes)
│ └── constants.nim
└── riscv64/ # RISC-V LP64 (satellites, drones)
├── switch.S # Context switch (112 bytes)
└── constants.nim
Freestanding Doctrine
This HAL provides ALL C ABI symbols. No glibc, no musl.
Exported Symbols:
- Memory:
memcpy,memset,memmove,memcmp - Strings:
strlen,strcmp,strcpy - Heap:
malloc,free,realloc,calloc - I/O:
printf,puts,putchar - Exit:
exit,abort - Signals:
signal,raise(no-op stubs)
Build
Compiled via zig build-obj -target <arch>-freestanding-none