Yes, this OS is written in Rust. However, since it has a well-defined ABI, and all services are defined to use `#[repr(C)]`, and the interface is simple primitive enums, it's designed with C-like language support in mind. The hardest part in C is getting an equivalent to `#[repr(C, align(4096))]` which, last time I checked, only let you do alignments up to 64 or so without resorting to linker tricks.
> This mechanism seems ripe for squatting attacks
There are only a few services with well-known names, and they start up before things like the scheduler are running. Most things go through the nameserver service which supports things like attestation, finite-client limits, and signature checking.
The bootloader uses the MiniELF format because we can make assertations about things like the order of sections and about merging multiple segments, while also stripping non-loadable sections. It would be possible to just bundle all the ELF images for all programs together, but if you're generating the loader image you might as well shrink the image a bit.
The Rust runtime will, at a minimum, set up the stack pointer, zero out the .bss, and fill in the .data section. You're right in that a heap is optional, but Rust will get very cranky if you don't set up the .data or .bss sections.
Messages are either one-way (Send or Scalar), or are two-way (BlockingScalar, Lend, or MutableLend). For two-way messages, the calling process inherits the quantum of the sending process, so the only penalty is the cost of two context switches.
> Interprocess communication by memory remapping instead of copying
This is true for Send, Lend, and MutableLend, but for Scalar or BlockingScalar you get 5xusize values instead, which is used for things like `msleep` or `uptime`.
You would have to stop access to other threads that might have access to the page about to be unmapped, but Rust guarantees that if you have a mutable reference, you're the only one with access to the page.
It’s normal if you use the Nvidia proprietary driver. Every notification leaks one fd, so if you get a lot of notifications it’ll segfault once or twice per day.
One can't be a real infosec influencer unless one blocks every IP range of every hostile nation-state looking to steal valuable research and fill the website with malware
My current record is $19 (including shipping!) for two assembled boards of https://github.com/xobs/soundoff which is a little device that shuts off 5V power to a USB-A port when it detects the PC it's connected to goes to sleep.
You can feed it the output from Kicad, and if you include the ipc netlist it’ll even generate models. Great for doing a check before manufacturing, especially if the viewer matches what you see in Kicad.
Unfortunately I’ve never gotten it to run in wine.
I know Altium doesn’t work, which is very important if you need to provide someone else files in Altium format. If you just want to work on designs there’s always Kicad, which is increasingly very good! But it can’t save in Altium format, and I’m not sure I’d trust it for manufacturing.
The other thing I’m missing is my 3D Gerber viewer called ZofZPCB. I’ve not gotten either it or Altium to even start.
Yes, this OS is written in Rust. However, since it has a well-defined ABI, and all services are defined to use `#[repr(C)]`, and the interface is simple primitive enums, it's designed with C-like language support in mind. The hardest part in C is getting an equivalent to `#[repr(C, align(4096))]` which, last time I checked, only let you do alignments up to 64 or so without resorting to linker tricks.
> This mechanism seems ripe for squatting attacks
There are only a few services with well-known names, and they start up before things like the scheduler are running. Most things go through the nameserver service which supports things like attestation, finite-client limits, and signature checking.
> Just use standard ELF.
Sure, there's a loader available that lets you run standard ELF files: https://github.com/betrusted-io/xous-core/tree/main/apps/app...
The bootloader uses the MiniELF format because we can make assertations about things like the order of sections and about merging multiple segments, while also stripping non-loadable sections. It would be possible to just bundle all the ELF images for all programs together, but if you're generating the loader image you might as well shrink the image a bit.
> What?? No! sbrk() is a terrible interface.
Then you can call `MapMemory(NULL, NULL, [size], RWX)`: https://docs.rs/xous/latest/xous/syscall/fn.map_memory.html