Go to file

Markus Maiwald d0f6d3e7ac Rumpk CI / Build RISC-V 64 (push) Failing after 4s Details Rumpk CI / Security Scan (push) Successful in 3s Details docs: rewrite README with actual build instructions and architecture		2026-02-16 09:15:05 +01:00
.forgejo/workflows	ci: add Forgejo Actions workflow	2026-02-15 20:04:42 +01:00
.zig-cache/h	feat(rumpk): dignified exit & sovereign vfs	2025-12-31 21:54:44 +01:00
apps	chore: add operational notes and test shell source	2026-02-15 20:00:00 +01:00
boot	feat(hal): ARM64 port, VirtIO MMIO, dual-arch HAL (M3.1-M3.3)	2026-02-15 19:58:51 +01:00
core	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
docs	docs(core): add Network Membrane technical documentation	2026-01-06 18:40:30 +01:00
hal	chore: remove build artifacts — initrd.tar, compiled binaries, temp ELFs	2026-02-15 20:04:27 +01:00
io	Rumpk Stability, NipBox Boot, and Repository Cleanup	2026-01-04 21:39:06 +01:00
libs	feat(membrane): dual-arch membrane, freestanding stubs, Libertaria LWF integration	2026-02-15 19:59:20 +01:00
npl	feat(userland): NipBox LITE subject binary, ARM64 init support	2026-02-15 19:59:30 +01:00
rootfs	Phase 34: Orbital Drop - Fix console echo and eliminate 'R' flood regression	2026-01-03 18:07:18 +01:00
src/npl/system	fix(virtio): overcome capability probe hang with paging enabled	2026-01-06 13:39:40 +01:00
vendor	chore: remove build artifacts — initrd.tar, compiled binaries, temp ELFs	2026-02-15 20:04:27 +01:00
.gitignore	chore: add .gitignore	2026-02-15 20:04:48 +01:00
LICENSE	license: Libertaria Sovereign License (LSL) v1.0	2026-02-15 20:15:33 +01:00
README.md	docs: rewrite README with actual build instructions and architecture	2026-02-16 09:15:05 +01:00
build.zig	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
build_full.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
build_lwip.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
build_nim.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
run.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
run_aarch64.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00
zig-cc-wrapper.sh	feat(build): dual-arch build system — build_nim.sh, build_full.sh, run_aarch64.sh	2026-02-15 19:59:26 +01:00

README.md

Rumpk

Sovereign unikernel. Zig (L0 HAL) + Nim (L1 kernel logic). Dual-arch: RISC-V 64 and ARM64.

Status: Experimental — boots on QEMU, 14/14 fibers (riscv64), 9/9 fibers (aarch64) License: Libertaria Sovereign License (LSL) v1.0

Build

Prerequisites

Zig 0.15.x
Nim 2.0.x
QEMU (for boot testing)
bash

Quick Start

# Clone
git clone https://git.sovereign-society.org/nexus/rumpk.git
cd rumpk

# Build kernel (RISC-V 64, default)
bash build_nim.sh riscv64     # Nim -> C -> .o
bash build_lwip.sh            # LwIP static lib
zig build                     # Link final kernel ELF

# Boot test
./run.sh

ARM64

bash build_nim.sh aarch64
bash build_lwip.sh
zig build -Darch=aarch64
./run_aarch64.sh

Full Build (kernel + NipBox userland + initrd)

bash build_full.sh riscv64    # or: bash build_full.sh aarch64
zig build                     # or: zig build -Darch=aarch64

Architecture

rumpk/
├── boot/              L0: Entry points, linker scripts (Zig/ASM)
├── hal/               L0: Hardware Abstraction (Zig)
│   ├── entry_riscv.zig    RISC-V boot, MMU, page tables
│   ├── entry_aarch64.zig  ARM64 boot, MMU, GIC
│   ├── virtio_net.zig     VirtIO network driver
│   ├── virtio_block.zig   VirtIO block driver
│   ├── virtio_mmio.zig    VirtIO MMIO transport (ARM64)
│   ├── virtio_pci.zig     VirtIO PCI transport (RISC-V)
│   ├── mm.zig             Memory management
│   ├── channel.zig        IPC ring buffers
│   └── cspace.zig         Capability space (HAL side)
├── core/              L1: Kernel logic (Nim)
│   ├── kernel.nim         kmain, boot sequence
│   ├── sched.nim          Spectrum scheduler (Photon/Matter/Gravity/Void)
│   ├── fiber.nim          Cooperative fiber management
│   ├── ion.nim            ION memory allocator
│   ├── cspace.nim         Capability enforcement
│   ├── ontology.nim       System Truth Ledger
│   ├── netswitch.nim      Network fiber (DHCP/TCP/ICMP)
│   ├── loader.nim         ELF loader + BKDL manifest
│   └── fs/                VFS + LittleFS bridge
├── libs/
│   ├── membrane/          POSIX adaptation layer
│   │   ├── libc.nim       Freestanding libc for Nim
│   │   ├── net_glue.nim   LwIP <-> kernel bridge
│   │   └── compositor.nim Display compositor
│   └── libertaria/        Libertaria Wire Format integration
├── npl/nipbox/            NipBox userland shell (21 commands)
├── apps/                  Subject binaries, linker scripts
└── vendor/                LwIP, LittleFS, mksh (vendored)

Design Principles

Two-language split: Zig for hardware (deterministic, zero-alloc), Nim for logic (expressive, ARC)
Capability security: CSpace + Pledge + BKDL manifests. No ambient authority.
Spectrum scheduling: 4-tier priority (Photon 2ms, Matter 10ms, Gravity 50ms, Void unlimited)
System Truth Ledger: Every security event recorded. Auditable kernel state.

NexusOS Workspace

Rumpk is the kernel component of NexusOS. The full system consists of:

Repository	Purpose	Build
rumpk	Kernel	`zig build`
nip	Package manager	`nim c nip.nim`
nexus	Build toolkit	`nim c src/nexus.nim`
nipbox	Userland shell	Built into rumpk via `build_full.sh`
nexfs	Flash filesystem	`zig build test`

Clone All Repos

mkdir nexus-workspace && cd nexus-workspace
for repo in rumpk nip nexus nipbox nexfs; do
  git clone https://git.sovereign-society.org/nexus/${repo}.git
done

Contributing

See CONTRIBUTING.md (coming soon).