Home
Vesper is a capability-based single-address-space exokernel.
It tries to remain small and secure. To achieve this, kernel functionality is extremely limited - it provides only address space isolation and IPC via capabilities, after bootup kernel does not allocate any memory itself.
The kernel only provides the IPC calls necessary for safe transfer of control between protection domains.
The rest of the OS functionality is based on protocols implemented by various servers. Protocol interfaces can be selectively interposed on to allow servers to implement custom memory allocation, scheduling and security policies.
In this matter kernel implements the well-known "mechanism not policy" architecture, leaving specific policy decisions to servers.
Default "kserver" server provides basic root services for applications, including the dynamic loader/linker. (@sa OMOS).
Kernel provides support for threads of execution to cross protection domains borders in a controllable way. (@sa glue code)
A minimal virtual memory management primitive supported by kernel too (Untyped.Retype).
