The Oluś Operating System (OOS)

The OOS is based on the Linux kernel so we bootstrap with full driver support. The entire userland is replaced by the Oluś runtime.

The next step is to replace process separation by formal verification of the loaded programs and guarantees by the runtime. At this point there is only one userland process. The next step is to have this processes run in Ring-0 in kernel space. Increasing parts of the Linux kernel can be migrate to the Oluś userlang (networking stack) or dropped entirely (filesystems).

The next step is to replace file systems the OS with content-addressed stores (CAS).

The next step is to add runtime transparent support for content addressed stores. All objects are presumed stored in a global decentralized CAS. Keeping objects on disk or in RAM is purely a cache for optimization purposed. Obviously performance requires that most objects never make it to lower cache levels, let alone the permanent store. On hibernation, all objects are stored to the global CAS. The OS state can then be recovered on any machine.

On boot a minimal functioning runtime is loaded from non-volatile cache to RAM. The runtime can proceed from there to load cache on demand. The runtime can JIT compile a specific initialization sequence for a machine.

Security

Formal verification allows foreign code to be trusted to stay within privileges. For example a capability-based addressing model can be implemented on regular hardware by verifying that all pointer manipulations are correct, i.e. no capabilities are forged. Current implementations require special hardware support.

https://en.wikipedia.org/wiki/Capability-based_addressing

https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/