readme

Author: adrerl

README.md

@@ -1,116 +1,205 @@
-## MorpheusX
+# MorpheusX
 
 [![CI](https://github.com/Poprdi/morpheusx/actions/workflows/ci.yml/badge.svg)](https://github.com/Poprdi/morpheusx/actions/workflows/ci.yml)
 [![UEFI Build](https://github.com/Poprdi/morpheusx/actions/workflows/uefi-build.yml/badge.svg)](https://github.com/Poprdi/morpheusx/actions/workflows/uefi-build.yml)
 [![Security Audit](https://github.com/Poprdi/morpheusx/actions/workflows/audit.yml/badge.svg)](https://github.com/Poprdi/morpheusx/actions/workflows/audit.yml)
-[![Docs Site](https://img.shields.io/badge/docs-GitHub%20Pages-blue)](https://poprdi.github.io/morpheusx/)
+[![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](LICENSE-GPL-3.0)
 
+A bare-metal x86-64 exokernel written entirely in Rust. MorpheusX boots from UEFI firmware, calls `ExitBootServices`, and from that moment forward — no OS underneath, no runtime services, no safety net. Just raw hardware, a buddy allocator, and a scheduler running at 100 Hz.
 
-MorpheusX is a UEFI boot and hardware exokernel-like runtime that loads Linux kernels directly from firmware space, treats distributions as disposable layers, and aims to keep userland state persisten[...]
+This isn't a toy. It boots, runs user processes, switches context, manages its own page tables, speaks to block hardware through AHCI and VirtIO drivers, and stores files in a log-structured crash-safe filesystem of its own design. The syscall interface has 75 entries. The shell accepts commands. The task manager shows you live CPU ticks per process.
+
+It's also early. Come help build it.
 
 ---
 
-### Features
+## What's Inside
 
-- Boots Linux kernels from the EFI system partition with custom GPT and FAT32 handling.
-- Provides a boot-time TUI for selecting images and guiding installs.
-- Includes a bare-metal network stack (operating after ExitBootServices) for downloading ISOs and updates. (Work in progress)
-- **Implements a self-persisting runtime**: The in-memory, relocated PE loader can clone itself, reverse its own relocations, and reconstruct a fully bootable on-disk binary—enabling live regeneratio[...]
-- Contains the **full** iso9660-rs implementation: A pure no_std, Rust ISO9660 and El Torito parser/reader, written for MorpheusX and developed in this repository; enables direct extraction and booting[...]
-- Implements a custom, standalone FAT32 filesystem library: Written from scratch for this project (no_std, Rust), enabling direct parsing, allocation, and manipulation of FAT32 volumes and boot records[...]
+### Hardware Init (`hwinit/`)
 
----
+Eleven initialization phases that transform raw x86-64 hardware into a sane execution environment — all after UEFI has been dismissed:
 
-### Building
+1. Physical memory ownership — parse the UEFI memory map, punch holes around live page tables, hand everything to a binary buddy allocator
+2. CPU state — install our own GDT/TSS, load our IDT, set up IST stacks for double faults
+3. Interrupt routing — remap the 8259 PIC so IRQs don't collide with CPU exceptions
+4. Heap — 4 MB initial slab backed by the buddy allocator, with overflow support
+5. TSC calibration — PIT-based, no UEFI timer services required
+6. DMA region — 2 MB pre-allocated below 4 GB, identity-mapped
+7. PCI discovery — bus/device/function scan, BAR decode, bus mastering enable
+8. Paging — adopt UEFI's page tables, clear CR0.WP so we can modify them, build per-process PML4s from there
+9. Scheduler — 64-slot static process table, round-robin preemptive, no heap in the hot path
+10. Syscall interface — `SYSCALL`/`SYSRET` trampoline written in ASM, dispatches 75 syscalls
+11. Root filesystem — mount HelixFS on the block device and hand `/` to userspace
 
-Prerequisites: Rust 1.75+ with `rustup`, target `x86_64-unknown-uefi`, and a nightly or stable toolchain that supports `no_std` UEFI builds.
+### Memory (`hwinit/src/memory.rs`)
 
-```bash
-rustup target add x86_64-unknown-uefi
-cargo build --release --target x86_64-unknown-uefi
-```
+Binary buddy allocator over the full physical address space. No per-page descriptor array, no bitmap. Free-list nodes live inside the free pages themselves (intrusive list). The entire allocator struct is ~13 KiB in BSS. `MAX_ORDER = 26` means a maximum single contiguous allocation of 256 GiB — bump one constant to reach 1 TiB.
 
-*Or you just use the `/setup-dev.sh` shell utility*
+### Scheduler + Processes (`hwinit/src/process/`)
 
-It offers diverse preconfigured worflows. To see them just use:
+Fixed-size `[Option<Process>; 64]` static array — zero heap allocation in the scheduler path. PID 0 is the kernel/desktop event loop and never sleeps indefinitely. User processes get their own PML4, a 32 KiB kernel stack, a VMA table, a file descriptor table, and a CWD. Context switches happen in assembly (`context_switch.s`) via the PIT timer ISR.
 
-```bash
-./setup-dev.sh -h  
-```
+POSIX-lite signals: SIGINT, SIGKILL, SIGSEGV, SIGTERM, SIGCHLD, SIGSTOP, SIGCONT — delivered before the next process resume.
 
-Or if you want to automatically setup the whole environment, build and run qemu just use:
+### Syscall Interface (`hwinit/src/syscall/`)
 
-```bash
-./setup-dev.sh
-``` 
+75 syscalls covering:
+
+| Category | Calls |
+|---|---|
+| Process | `exit`, `getpid`, `getppid`, `kill`, `wait`, `sleep`, `yield`, `spawn`, `ps`, `sigaction`, `setpriority`, `getpriority` |
+| Memory | `alloc`, `free`, `mmap`, `munmap`, `mprotect`, `shm_grant`, `map_phys`, `virt_to_phys`, `dma_alloc`, `dma_free` |
+| Filesystem | `open`, `close`, `read`, `write`, `seek`, `stat`, `readdir`, `mkdir`, `unlink`, `rename`, `truncate`, `sync`, `snapshot`, `versions` |
+| Network | `nic_info`, `nic_tx`, `nic_rx`, `nic_link`, `nic_mac`, `nic_refill`, `nic_ctrl`, `net`, `dns`, `net_cfg`, `net_poll` |
+| Hardware | `port_in`, `port_out`, `pci_cfg_read`, `pci_cfg_write`, `irq_attach`, `irq_ack`, `cache_flush`, `cpuid`, `rdtsc`, `fb_info`, `fb_map` |
+| Misc | `clock`, `sysinfo`, `getcwd`, `chdir`, `dup`, `poll`, `ioctl`, `mount`, `umount`, `syslog`, `boot_log`, `memmap`, `pe_info`, `persist_*` |
+
+Every syscall validates user-supplied pointers against the canonical address split (`0x0000_8000_0000_0000`) before touching them.
+
+### HelixFS (`helix/`)
+
+A log-structured, append-only, crash-safe filesystem built from scratch:
+
+- **Dual superblock** — two alternating copies, recovery picks the higher committed LSN with a valid CRC
+- **Log append-only** — every write is a versioned LSN record; crash recovery scans forward from the last valid checkpoint and stops at the first bad CRC
+- **Per-inode versioning** — every write to a file creates a new log record, enabling time-travel reads
+- **Checkpoint-guarded B-tree index** — the namespace index exists in RAM between checkpoints and is only flushed to disk as part of a checkpoint log record
+- **CRC32C** on every record; **CRC64** content deduplication fingerprinting on write payloads
+- AHCI and VirtIO block drivers
 
-The bootable binary is produced at `target/x86_64-unknown-uefi/release/morpheus-bootloader.efi`.
+The VFS layer exposes open/close/read/write/seek/stat/readdir/mkdir/unlink/rename/sync to both the kernel and userspace through the syscall table.
+
+### Network (`network/`)
+
+A bare-metal network stack that runs entirely after `ExitBootServices`:
+
+- **VirtIO NIC** and **Intel e1000e** drivers — full brutal reset on init (no UEFI state assumptions), TX/RX ring management, MAC, link status, promisc mode, VLAN, checksum offload controls
+- **VirtIO block** driver for disk I/O during download
+- **DHCP → DNS → TCP → HTTP** state machine pipeline for downloading ISOs and images at boot
+- NIC operations are bridged to the kernel via a function-pointer table (`NicOps`) so `hwinit` stays driver-agnostic
+
+### Display + TUI (`display/`, `bootloader/src/tui/`)
+
+- Framebuffer backend (RGBX / BGRX), 8×16 bitmap font, pixel ops in hand-written x86-64 assembly
+- `TextConsole` with scrolling — all boot log output mirrors live to the screen from phase 1 onward
+- Desktop event loop with a window manager, a command shell, and built-in apps:
+  - **Storage Manager** — browse and manage HelixFS volumes
+  - **Task Manager** — live process table, CPU ticks, memory pages, priorities
+  - **Rain** screensaver because why not
+
+### Crash Handling
+
+Every CPU exception (vectors 0–21) produces a rich `CrashInfo` struct — all 15 general-purpose registers, CR2/CR3, the faulting process name and PID, user/kernel mode flag, a best-effort RBP frame chain backtrace (up to 16 frames), and a human-readable one-line explanation of what went wrong ("Attempted to write to unmapped memory at 0x..."). This drives a full-screen BSoD rendered directly to the framebuffer with no allocation.
+
+### SDK (`libmorpheus/`)
+
+A `no_std` userspace syscall wrapper library. Covers process management, filesystem I/O, memory mapping, networking, hardware access, persistence, and timing — enough to write real MorpheusX applications without touching raw `syscall` instructions.
+
+### `iso9660` (standalone crate)
+
+A pure `no_std` Rust ISO 9660 and El Torito parser, developed in this repository and published separately. Used by MorpheusX to extract and boot from disc images.
 
 ---
 
-### Running in QEMU
+## Building
+
+```bash
+./setup-dev.sh -f          # One-time environment setup (installs toolchain, QEMU, OVMF)
+./setup-dev.sh -h          # Show all available workflows
+./setup-dev.sh run         # Build and boot in QEMU
+```
 
-Use the provided scripts (requires QEMU and OVMF):
+Or manually:
 
 ```bash
-./setup-dev.sh run
+rustup target add x86_64-unknown-uefi
+cargo build --release --target x86_64-unknown-uefi -p morpheus-bootloader
 ```
 
-See additional helper scripts in `testing/` for preparing initrds and disk images.
+The EFI binary lands at `target/x86_64-unknown-uefi/release/morpheus-bootloader.efi`.
+
+Requirements: Rust 1.75+, `x86_64-unknown-uefi` target, QEMU + OVMF for testing.
 
 ---
 
-### CI/CD Pipeline
+## Running
 
-The project uses GitHub Actions for continuous integration:
+```bash
+./setup-dev.sh run
+```
 
-| Workflow | Purpose |
-|----------|---------|
-| **CI** | Lint (rustfmt, clippy), build, and test on host |
-| **UEFI Build** | 2-pass build for relocation embedding |
-| **UEFI E2E** | Boot test in QEMU with OVMF |
-| **Security Audit** | Weekly cargo-audit and cargo-deny |
-| **Release** | Automated releases on version tags |
+Boot messages appear on both serial (stdout in QEMU) and the framebuffer simultaneously. A 1920×1080 desktop loads when hardware init completes. Type `help` in the shell; `open storage` launches the Storage Manager.
 
-#### Local CI Scripts
+---
 
-```bash
-# Build UEFI bootloader (2-pass with reloc embedding)
-./scripts/ci-build-uefi.sh
+## Testing
 
-# Run E2E boot test
+```bash
+# Build and E2E boot test in QEMU
 ./scripts/qemu-e2e.sh target/x86_64-unknown-uefi/release/morpheus-bootloader.efi
 
-# Generate test fixtures (ISO, FAT images)
+# Generate test fixtures (disk images, ISOs)
 ./scripts/gen-fixtures.sh fixtures/
+
+# Run syscall E2E tests
+cargo test -p morpheus-syscall-e2e
 ```
 
+Additional helper scripts for disk image and initrd preparation are in `testing/`.
+
 ---
 
-### Project Status
+## CI
 
-This is experimental, not production-hardened, and the network and persistence layers are still under construction. Expect sharp edges and incomplete flows.
+| Workflow | What it does |
+|---|---|
+| **CI** | `rustfmt`, `clippy`, build, host tests |
+| **UEFI Build** | 2-pass build (first pass extracts relocations, second embeds them) |
+| **UEFI E2E** | Full boot test in QEMU + OVMF, serial output verified |
+| **Security Audit** | Weekly `cargo-audit` and `cargo-deny` |
+| **Release** | Automated EFI binary release on version tags |
 
 ---
 
-### Additional Documentation
+## Project Status
 
-Can be found in `/docs`.
+The core is solid. The boot sequence, memory manager, scheduler, paging, HelixFS, the syscall interface, and the display stack all work. A real shell runs. User processes spawn, context-switch, and exit cleanly. The network drivers initialize real hardware.
+
+What's missing or incomplete: APIC support (8259 PIC only for now), `SYS_SIGACTION` handler storage in the process struct, arbitrary-size `truncate`, SMEP/SMAP enforcement, ASLR, and SMP (explicitly out of scope for the current design). The network stack's URL parsing is a placeholder. The ESP persistence backend is not implemented.
+
+This is a new thing. The foundation is unusually clean for a project at this stage. There is real work to do and real ground to cover — which makes it a good time to get involved.
 
 ---
 
-### Contributing
+## Documentation
 
-See [CONTRIBUTING.md](CONTRIBUTING.md) for how to set up the toolchain, run builds/tests, and send focused PRs.
+- `docs/SDK.md` — application development guide
+- `docs/md/` — architecture deep-dives, ABI reference, hardware init inventory
+- `hwinit/ARCHITECTURE.md` — hardware init module map
+- `iso9660/ARCHITECTURE.md` — ISO 9660 parser design
 
 ---
 
-### Support
+## Contributing
 
-For technical assistance, please contact our [24/7 support team](https://www.nsa.gov).
+See [CONTRIBUTING.md](CONTRIBUTING.md) for toolchain setup, build workflows, and PR conventions. The codebase is extensively commented — every module has an architecture doc block explaining invariants and what it does not do.
+
+Good starting points: SMEP/SMAP enforcement in `hwinit/src/cpu/`, signal handler storage in `hwinit/src/process/mod.rs`, wiring `vfs_versions()` through to `SYS_VERSIONS`, or picking up any module marked with a `// TODO` comment.
+
+---
+
+## License
+
+GPL-3.0-or-later. See [LICENSE-GPL-3.0](LICENSE-GPL-3.0).
+
+The `iso9660` subcrate is dual-licensed MIT / Apache-2.0 for standalone use.
 
 ---
 
+## Support
+
+For technical assistance, please contact our [24/7 support team](https://www.nsa.gov).
+
 ### License
 
 Licensed under either of [Apache License, Version 2.0](LICENSE-APACHE) or [MIT license](LICENSE-MIT) at your option.

testing/run-persistence-test.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
+# DEPRICATED!!
 # Test Morpheus persistence - boot ONLY from the 10GB disk
 # This verifies the bootloader was actually installed to the ESP