A group of developers from China has created the Asterinas nucleus, developed in Rust and designed for use in various operating systems. The core is designed to simplify integration with existing system components by providing an ABI (Application Binary Interface) that is compatible with the Linux kernel. The project code is distributed under the Mozilla Public License (source).
The development of the project began in the fall of 2022, with the goal of achieving a level suitable for widespread use in virtual machines with X86-64 architecture by the end of the year. Next year, the focus will shift to implementing support for other CPU architectures and hardware. The primary application areas include systems that require a higher level of security, such as protected virtual machines using technologies like ARM CCA, AMD SEV, and Intel TDX, as well as container hosts.
To enhance security and reduce memory-related errors, which are a common source of vulnerabilities, Asterinas is built using Rust and employs limited use of UNSAFE blocks. The nucleus is constructed using the framekernel architecture, combining microkernel capabilities with monolithic kernel efficiency.
In Asterinas, components are divided into OS Framework and OS Services, with the latter prohibited from using UNSAFE blocks. Low-level operations that require UNSAFE blocks are delegated to OS Framework and can only be accessed through high-level APIs. System calls, file systems, and drivers are implemented at the OS Services level without UNSAFE blocks.
Developers are encouraged to use tools like the Operating System Development Kit (osdk), which includes Cargo-SSDK for creating, assembling, testing, and launching operating system components. Additionally, the Operating System Standard Library (Ostdd) provides standard Rust libraries for use in operating system components.