vasilito 5caab85788 quirks: CPU bug mitigation infrastructure + 14-entry data file (R14)
Phase R14 (2026-06-07) — CPU bug mitigation. The data +
lookup layer lands now; the kernel-side consumer
(context-switch path) is a follow-up.

Changes:

  1. CpuBugFlags (mod.rs:286) with 27 bits, mapping the
     22+ X86_BUG_* macros from Linux 7.1
     arch/x86/include/asm/cpufeatures.h. Bit positions
     match Linux 0-26.

  2. CpuId struct (mod.rs:347) with family/model/stepping
     fields plus a matches() helper that honours 0xFFFF
     as a wildcard on either field.

  3. CpuBugQuirkEntry (mod.rs:362) — vendor (0x8086
     Intel, 0x1022 AMD, 0xFFFF any) + family + model +
     flags. matches() combines vendor + CPUID match.

  4. lookup_cpu_bug_flags() (mod.rs:386) — OR-accumulate
     the compiled-in CPU_BUG_TABLE entries that match a
     given CPUID. Returns empty set if nothing matches.

  5. cpu_bug_table.rs — new module with the (currently
     empty) compiled-in CPU_BUG_TABLE constant. Runtime
     TOML is the data surface (90-cpu-bugs.toml).

  6. CPU_BUG_FLAG_NAMES + parse_cpu_bug_toml +
     load_cpu_bug_flags (toml_loader.rs) — new
     [[cpu_bug_quirk]] TOML table type with vendor +
     family + model + flags. Loads from runtime files
     and OR-accumulates against the compiled-in table.

  7. 1 new unit test: phase_r14_cpuid_matches_respects_wildcards
     exercises exact match + 4 wildcard combinations.
     125/125 tests pass.

  8. quirks.d/90-cpu-bugs.toml (136 lines) — 14 vendor/
     family/flag combinations sourced from Linux 7.1
     arch/x86/kernel/cpu/bugs.c. Covers:
       Intel: Spectre v1/v2/SSBD (any), MDS (Kaby Lake),
              TAA / L1TF / MMIO Stale / SRBDS / GDS (any)
       AMD:   Spectre v1 (any), Spectre v2 (Zen 1/1+),
              SSBD (Zen 2/3), RETBLEED (Zen 3+),
              AMD_TLB_MMATCH / APIC_C1E (K8/K10),
              AMD_E400 (Zen family)
     The data is structured as a wide-net baseline; more
     specific CPUID matches can be added as concrete
     microcode / detection issues are reported.

cargo test: 125/125 (was 124, +1 for the new test).
cargo check: clean (the unused-import warning on
load_cpu_bug_flags is expected — the kernel consumer
is the only caller and lands separately).

The kernel-side mitigation engine will:
  1. Read CPUID at boot (vendor + family + model).
  2. Call lookup_cpu_bug_flags() + load_cpu_bug_flags().
  3. Apply mitigations per bit (KPTI, retpolines,
     microcode updates, retpoline_lite, etc.) on the
     next context switch.
2026-06-07 21:46:46 +03:00

Red Bear OS

Red Bear OS

A microkernel operating system written in Rust, derived from Redox OS

MIT x86_64 Status


What is Red Bear OS?

Red Bear OS is a general-purpose, Unix-like operating system with a microkernel architecture, written in Rust. It is a full fork of Redox OS, frozen at release 0.1.0, with added hardware support, filesystem drivers, and a KDE Plasma desktop path.

Goals:

  • AMD & Intel parity — first-class support for both platforms on bare metal
  • KDE Plasma desktop — Wayland-based desktop environment via the KWin compositor
  • Hardware GPU acceleration — AMD GPU (amdgpu) and Intel GPU drivers via redox-drm
  • Modern subsystems — USB, WiFi, Bluetooth, ext4, GRUB, D-Bus
  • Offline-first builds — reproducible from archived, BLAKE3-verified sources

Quick Start

Prerequisites

Linux x86_64 host with Rust nightly, QEMU, nasm, and standard build tools.
See the Redox Build Guide for full setup.

Build & Run

# Clone
git clone https://gitea.redbearos.org/vasilito/RedBear-OS.git
cd RedBear-OS

# Build and run the desktop target in QEMU
./scripts/run.sh --build

# Build a live ISO for bare metal
./scripts/build-iso.sh redbear-full

# Build the text-only recovery target
./scripts/run.sh --build --config redbear-mini

Repository Hosting

The canonical Red Bear OS Git server is Gitea at https://gitea.redbearos.org/vasilito/RedBear-OS.git. GitHub is not a Red Bear OS source of truth and must not be used for pushes, issues, releases, or project coordination.

Public Scripts

Script Purpose
scripts/run.sh Build and run in QEMU (-b to build, -c <config> for target)
scripts/build-iso.sh Build a live ISO for bare-metal boot
scripts/build-all-isos.sh Build all live ISO targets
scripts/network-boot.sh PXE network boot helper
scripts/dual-boot.sh Dual-boot installation helper

Config Targets

Target Type Description
redbear-full Desktop Wayland + KDE + GPU drivers + D-Bus services
redbear-mini Console Text-only recovery / install target
redbear-grub Console Text-only with GRUB boot manager

Current Status

Red Bear OS boots to a login prompt in QEMU with working wired networking, D-Bus system bus, hardware detection daemons, and filesystem support (RedoxFS, ext4, FAT).

Area Status
Boot (ACPI/x2APIC/SMP) Bare-metal proven
Userspace drivers (PCI, storage, net) Working in QEMU
D-Bus system bus + services Working (login1, PolicyKit, UDisks, UPower)
ext4 / FAT filesystems Compiles, installer-wired
POSIX gaps (relibc) 🚧 Bounded Wayland-facing support
DRM/KMS display drivers 🚧 AMD + Intel compile; HW validation pending
Wayland compositor 🚧 Bounded proof; Qt6/KF6 clients crash at init
KDE Plasma desktop 🔄 In progress (Qt6/KF6 compile; KWin/QML blocked)
WiFi / Bluetooth 📋 Planned (architected, implementation pending)

How It Works

Red Bear OS uses a userspace driver model — all drivers run as unprivileged daemons:

Kernel (microkernel)
  └── schemes: memory, irq, event, pipe, debug
        └── Driver daemons (userspace)
              ├── pcid        → PCI enumeration
              ├── e1000d      → Intel ethernet
              ├── xhcid       → USB controller
              └── vesad       → Display framebuffer

The kernel provides minimal services (memory, interrupts, IPC). Everything else — filesystems, networking, graphics, input — runs in userspace.

Documentation

Contributing

Red Bear OS uses a full fork model. Upstream Redox sources are frozen and archived. All custom work lives in local/:

local/
├── sources/     # Red Bear source forks (git repos, directly editable)
├── recipes/     # Custom packages (drivers, GPU, system)
├── docs/        # Integration and planning docs
└── scripts/     # Build, test, and release tooling

We welcome contributions made with or without AI assistance — we care about quality, not how the code was produced.

License

MIT — same as upstream Redox OS.

S
Description
RedBear Operating System, based on RedoxOS. Licenced under MIT license.
https://redbearos.org
Readme MIT 20 GiB
Languages
C 43.9%
C++ 23.5%
Makefile 7.3%
Python 3.7%
JavaScript 3.4%
Other 17.1%